kr

Privacy Policy

Privacy policy for THE THIEF

1. Privacy policy

We at THE THIEF handle your personal information in different contexts, such as when you book our services, stay overnight at our hotels, use services we provide and also in some other contexts. In our privacy statement, you will find more information about our processing of personal data. Below you will also find contact information if you have questions or require access.

We process your personal information in accordance with the current local personal information act, hereinafter GDPR.

2. Processor for your personal information

Our company THE THIEF Hotel AS org. nr. 895716782, Postboks 200 Økern, 0510 Oslo tel. +47 24 00 40 00, e-post stay@thethief.com is responsible for processing personal information in our booking, billing and hotel management systems. We are also the processor for our marketing and mailing of emails to our customers and contacts.

3. Processing of personal information related to booking and stay

In connection with any bookings made by you or by others on your behalf, we process the personal information we need to fulfil the agreement on booking and purchasing services. This is information you have provided us with directly or that you have given us through a travel agency or agent. We process information about things such as your identity, your contact information, and your payment information. In some cases, we will save your passport number. In addition, we handle other information you may have given us and which is relevant to your stay with us. This may be information about allergies or about special requests for your stay. We register all purchases and orders you make with us such as spa, restaurant, room service etc, to be able to provide such services and to pay for them.

We process this information as long as it is necessary for fulfilling the booking agreement with you, and as long as applicable laws or regulations require us to do so.

We log in using key cards in our hotel. We do this to counteract and solve crime, and for security, including fire safety. We save the logs for 21 days.

4. Processing of personal data for marketing purposes

If you sign up for our newsletter, we will save and use your email address to send you news and offers.

We will also use your email address or phone number to send you news and offers within existing customer relationship rules. Our basis is the marketing legislation.

We will contact you via social media with your consent or within existing customer relationships. In order to use social media as a communication channel, we need to give out your email address or social networking number. Our basis for this is consent or legitimate interests.

You can withdraw any consent you have given us at any time. You can also reserve the right to consent to receiving marketing in existing customer relationships. To do this, send an email to stay@thethief.com.

5. Processing of personal data for development, troubleshooting and security

We will process data that includes personal information for troubleshooting and correcting errors, improving our services and technology we use, and analysing usage and user behaviour. Furthermore, we will process personal information to verify your identity, including verifying your identity in connection with your use of our digital services.

We anonymise data and create statistics as far as possible, but will also need to process personal data for development, troubleshooting, statistical and security purposes.

6. Processing of personal information in other cases

If you contact our customer service or otherwise address us with requests, we will process personal information you provide as far as is necessary to be able to answer and log your inquiry. The basis for this is legitimate interests or fulfilling agreements with you or answering your inquiries.

In addition to the treatment described in our privacy statement or based on your consent, we may or may not process personal data when the applicable law, including the Personal Information Act and the GDPR, valid government order or court requires us or allows us to do so.

7. Disclosure of personal data and statutory treatment.

We will not disclose your personal information to third parties unless you have consented to this, or unless applicable law, including the Personal Data Act and GDPR, valid government orders or courts allow us or require us to do so.

For the record, we wish to state that our use of data processors to process inf