Destination Bjäre Holding AB, organization number 559118-3073, is the entity with the overall personal responsibility for the processing of personal data that takes place within the domain of operations of the corporate group known as GRAM Hotel. Each hotel and/or restaurant within the corporate group GRAM Hotels (consisting of Hotel Skansen in Båstad, Torekov Hotel, Hotel Riviera Strand and Hamnplats 3) is responsible for the processing and collection of personal data for purposes within the framework of the hotel/restaurant operations. This processing and collection is undertaken in concert with Destination Bjäre Holding AB.
Regarding the processing of Personal Data of individuals that utilize the services of the Restaurant & Hotel Skansen in Båstad AB (organization number 556599-3515), the personal data responsibility is divided accordingly between Destination Bjäre Holding AB and Restaurant & Hotel Skansen in Båstad AB.
All references made below to terms such as “GRAM Hotels”, “we”, “our” or “us” shall be understood as a reference to the company or companies within the corporate group who are responsible for the personal data for the relevant data processing.
GRAM Hotels uses Personal Data for various purposes, including: the administration and processing of reservations/bookings; the adaptation, provision, and development of our services (referred to as “services”) in order to optimize the user experience; making communication with users more personal.
How do we collect personal data about you?
GRAM Hotels collects and processes your Personal Data only to the extent permitted by applicable data protection legislation. Personal Data may be collected when booking our Services, submitting information via our website, or when you stay with us. Your Personal Data is collected either directly from you or from a company, organization, or person who administers or provides our Services to you indirectly. Furthermore, we collect Personal Data through cookies, tags, tracking pixels, and via Club Grams member service. From time to time we may receive Personal Data about you from other companies within the Gram Hotels corporate group and its various partners.
It is important for GRAM Hotels to always keep your Personal Data up-to-date and accurate. For this reason we may sometimes import Personal Data about you from external sources such as public records.
What type of Personal Data do we collect?
Why do we process your Personal Data?
GRAM Hotels collects Personal Data for various purposes. Which Personal Information is collected and how it is collected depends on which Services you use.
GRAM Hotels uses Personal Data in service of the following activities:
- to administer, provide, develop and maintain our Services, including for purposes that are designed to increase your benefit and experience when using our Services;
- to process bookings and orders as part of our Services;
- to contact you through various means, including via SMS, mobile applications, or email. Avenues of contact may be used to notify you of your reservation status or to
- provide you with information that may be useful before, during, or after your stay;
- to diagnose errors, optimize our technology, or to contact you in the event of issues with bookings or the fulfillment of our Services;
- to analyze and improve the quality and user experience of our services;
- to personalize communication to you regarding our Services (e.g. by creating a profile for you and sending offers that fit your profile as a user of our Services);
Under what legal grounds do we process your Personal Data?
GRAM Hotels processes Personal Data on the basis of various legislation including:
- Personal Data that is collected in order to administer and process a booking that you have made on your own behalf. Such processing also ensures that you can use the relevant Services in accordance with this booking. The processing for this Personal Data must be undertaken before a contract with you is completed (a contract to provide our Services). The legal basis for this processing is to fulfill our agreements with you once the booking is confirmed.
- Your Personal Data may also be processed to administer and process a booking made by someone else on your behalf. Such processing ensures the use of relevant Services and this Personal Data is collected for the legitimate interest of our organization to adequately fulfill the agreements made with the Company, organization or person who made the booking at issue. If you make a booking on someone else’s behalf, we will process your Personal Data for our legitimate interest in fulfilling the agreement with the company, organization or person to whom the booking relates.
- Regarding the processing of your Personal Data to diagnose errors, optimize our technology, analyze statistics and user behavior, and individualize communication with you, the legal basis for such processing is our legitimate interest to provide our customers with the best possible service, as well as to optimize our communication and our Services.
- The processing of your Personal Data to send offers, information, and marketing regarding our Services is based on our legitimate interest in marketing, promoting, and informing people about our business and our services.
- Personal Data regarding allergies or disabilities will only be processed to the extent that we have obtained explicit consent from you. Our starting point for such information is that it should be securely anonymized as much as possible, to the extent that it does not compromise the individual’s safety. Furthermore, this information will be deleted immediately after your visit has ended and our need for such information has also ended.
Dispatch of information
When you make a booking or reservation with us, we may use your Personal Data to send out materials such as booking confirmations, important information about your upcoming visit, and offers related to the stay. Such information will be sent to the email address you provided when booking.
Once your stay has concluded, a survey will be sent out asking a few questions about your visit to help us improve our services. We may also send emails thanking you for your visit.
Before and during your stay, we may also send out information to the email address and/or mobile number that has been entered in connection with the booking (via email correspondence and/or SMS). Such messages may contain information regarding available SPA times, important information for the stay, or reminders of reservations at our restaurant, etc.
Receipt of Personal Data by email
Storage and transfer of personal data
After your visit, GRAM Hotels retains certain Personal Data about you in order to send you offers and information. You are entitled at any time and without charge to request that GRAM Hotels cease processing your Personal Data for marketing purposes.
GRAM Hotels may also disclose Personal Data to the police or other legal authority if GRAM Hotels is obliged to disclose such information by law or by legal decision. GRAM Hotels may in some cases also need to submit information to other parties within the framework of a judicial case or a company acquisition process such as audits or the like.
GRAM Hotels generally does not process or transfer Personal Data to countries outside the EU/EEA; however, if we employ a subcontractor in a country outside the EU/EEA, or if it is necessary for us to be able to carry out our contractual obligations towards you, Personal Data may be transferred outside the EU/EEA even if, according to the EU Commission, the country in question does not have adequate protection for Personal Data. GRAM Hotels will in such cases take the necessary measures to ensure a high level of protection for your Personal Data and will operate in compliance with all applicable EU/EEA rules.
Security and the protection of Personal Data
We continuously train our staff on data protection issues. If you have direct questions about how we work with the General Data Protection Regulation (GDPR), please contact us at email@example.com and include the phrase “Personal Data” as the subject line.
You can read more about the General Data Protection Regulation: https://www.datainspektionen.se/dataskyddsreformen/
External web pages and applications
At your request or by independent discovery, GRAM Hotels will correct or delete any incorrect or incomplete information. You also have the right to receive, without charge, a summary that shows what Personal Data about you is being processed.
Under special circumstances (as laid out under applicable data protection laws) you are entitled to request that GRAM Hotels limit the use of your Personal Data or to delete your Personal Data. Under certain conditions you also have the right to data portability, in accordance with applicable data protection legislation. This includes the right to extract and transfer your Personal Data in a structured, generally-used, and machine-readable format that can be utilized by another data controller.
If GRAM Hotels processes Personal Data based on your consent, you have the right to revoke your consent at any time through a written notice to GRAM Hotels. Withdrawals of this nature apply only to continued and potential future processing of your data; they do not apply retroactively. However, please be advised that revoking your consent does not affect processing undertaken with a legal basis other than consent (e.g. the provision of the Services you have ordered).
As stated above, you are entitled at any time and without charge to request that GRAM Hotels cease its processing of your Personal Data for marketing purposes. You may invoke this right by contacting us at firstname.lastname@example.org — please indicate the heading “Personal Data” as the subject line. In addition, you can also unsubscribe from our offers and other information that we send via email by clicking on the deregistration link located in the footer of all market mailings.
If you are dissatisfied with how we process of your Personal Data, please feel free to contact us and we will do our best to accommodate your concerns. Your privacy is very important to us and we always strive to treat your Personal Data with the utmost care and to protect it with safety and security. If you feel that we are lacking in this goal, you have the right to file a complaint regarding the way we process your Personal Data to the Swedish Data Protection Authority (Datainspektionen).
If you wish to exercise your rights as stated above or you have any questions, comments or complaints regarding the ways GRAM Hotels processes your Personal Data or with our compliance to applicable data protection legislation, you can contact us at email@example.com — please write “Personal Data” in the subject line. Alternatively, you can get in touch with us at the following address:
Att: Personal Data
269 21 Båstad