Hotel Blafell takes protection of your personal information seriously and respects your privacy.
- Here is a summary of how Hotel Blafell approaches your privacy rights, collection, usage and processing of your personal information:
- Hotel Blafell will provide you with details about the information we are gathering and what we will do with it.
- Hotel Blafell will put in place measures and use methods to keep your information secure and protected.
- Hotel Blafell will make sure your data protection rights are respected and to give you more control over your own information.
- Hotel Blafell will also use the information to help us understand you better and so that we can give you relevant offers.
- Hotel Blafell will not send you marketing material if you tell us you don’t want to receive it. However, we will continue to send you important updates and information on a service or product which you have purchased, in order to keep you informed of your booking or services.
We will provide you with some specific examples of the processing of your personal information. If you have further inquiries, please contact us via e-mail by writing to firstname.lastname@example.org
Details about the data controller of your personal information
Data Protection Officer
Whenever you book to stay at an Hotel Blafell , but some parts of your stay or journey are to be provided by other service providers, then those service providers are separate “data controllers” under European Union data protection law. In that case, Hotel Blafell and any other service providers will be joint controllers of your personal information.
Any additional service providers, e.g. a travel agent or car rental company, which provide a part of your services will also be separate “data controllers”. Their privacy policies will be accessible from them directly.
Please be aware that, depending on the services that you have requested, other agreements will form your contractual relationship with Hotel Blafell.
If you have requested additional services or booked a package including such services, then the providers of such services will be identified in the booking or ordering process. The providers of such services will also separately be “data controllers”.
When does this policy apply?
Where we reference that others are data controllers in the sections ’Controller of Personal Information’ and ’Who do we share your personal information with?’ you should consult their privacy policies for further information.
For further information on the applicability of privacy policies, such as when there are additional “data controllers” as described in the section “Details about the data controller of your personal information” or when we share your personal information, as described in the section “In which cases and with whom do we share your personal information?” we advise that you refer to their privacy policies for additional details.
Additional Terms and Conditions or policies may apply if you request additional services from us, e.g. if you enter a competition linked to Hotel Blafell and other third parties.
What is personal information?
Whenever information provides details which identify your person or could be used for the same purpose, it is considered to be personal information. An example might be your name, your contact details or your purchase history. Details on how you use our websites and mobile applications may also be personal information.
In which cases do we process and from whom might we receive your personal information?
Whenever you use our services, website, mobile applications, make contact with us via e-mail or our service agents, we collect your personal information. The same applies when the services are provided by third parties or agents acting on behalf of Hotel Blafell. Please be aware that if you do not wish to provide us with personal information which is necessary for the performance of a contract or which we are legally required to process, we may not be able to provide you with part or all of the services requested.
Furthermore, we may receive your personal information from third parties, such as:
- When a company that is contracted by Hotel Blafell provides services to you.
- When a company or third party that is involved in your stay with us provides you with services, such as a travel agents or airlines which you have used to book your stay with us.
- When a company is involved in our loyalty schemes, competitions or other customer programmes, such as another hotel, airlines, travel providers or rental car companies.
To see which types of personal information Hotel Blafell processes about you, please see the section “What types of personal information do we process?”
What types of personal information do we process?
To provide you with our services, or the services of other data controllers which deliver part of the services that you have requested, we will need to process your personal information. Further processing may take place to provide you with relevant marketing materials and enhance your experience with Hotel Blafell.
Hotel Blafell processes the following types of personal information:
- Information that you provide which is used to manage and complete a booking or provide you with services which you have requested.
- Your name, address, email, contact details, date of birth, gender, your account details and payment information.
- If you book for someone else, we may collect your billing information but may communicate with the guest directly about their stay.
- We will know if you booked your stay on our website or used another sales channel such as a travel agent or our service center.
- Information which is collected during your stay with us.
- We may collect information such as your interactions with staff.
- Information about your requests or preferences.
- Details of your booking.
- Details of any specific preferences such as meals, required additional assistance or services and other relevant information.
- Information about services that you have previously used.
- Information on your previous stays with us, issues, service changes such as upgrades and customer feedback.
- Information about online interactions and registrations.
- We will retain your information to ensure we interact with you appropriately if you have registered with us through our loyalty schemes or customer programs.
- We will retain your information if you have entered a competition, registered for a promotion or interacted with us via social media such as Facebook, Instagram or Twitter.
- Information about how you use and interact with our websites, service agents and mobile applications.
- To help us to personalize your information and improve our website we collect information about your searches and the content you have viewed and interacted with on our website using cookies and similar technologies, such as the website you come from, internet banner advertisements and links which appear on our marketing partners’ websites.
- We will use previous web usage data stored within the cookie to personalize and understand you as a customer. This could include if you have entered any booking information on our website.
- We would be able understand from your data usage that you have visited our website and searched for a hotel room, but did not complete your booking. We may use this information to contact you to offer more information about the booking and destinations which you have shown interest in.
- Information about your location from your device if you have been browsing on our website or using our mobile application. (This is your IP address. An IP address (i.e. Internet Protocol address) is a numeric code that can act as a unique identifier for your computer or other device – this can be turned off from your device).
- Identifying the country from which you are accessing the relevant website or application which will enable us to provide more relevant content and use an appropriate language.
When and why do we collect ‘sensitive personal data’?
In some cases, Hotel Blafell may process your personal information which is considered to be sensitive. Specific categories of personal information, such as on religion, health or ethnicity require additional safeguards under European Union and Icelandic data protection law. These categories are referred to as “sensitive personal data”. Hotel Blafell will only process these categories of data in specific circumstances.
Following are examples where we may process “sensitive personal data”:
- If you have requested specific medical assistance, such as wheelchair assistance or oxygen.
- Some requested services, such as certain types of meals, may provide suggestions of your religion, health or other preferences. These types of information may or may not be considered “sensitive personal data”.
- If you have chosen to provide such information to us or it has been passed onto us by a third party such as the travel agent through which you made your booking.
For which purposes do we process your personal information?
The main purposes for which we process your personal information are:
- To provide you with the services you have requested.
- We will need to use information such as your name, address, contact details, date of birth, gender, your account details and payment information so that we can process bookings, fulfil your preferences, process payments, provide information to relevant authorities and so that Hotel Blafell agents know who is booked to stay with us.
- To send you updates about your booking or other services.
- We may send you information when and if there have been disruptions or alterations to the services you have requested.
- To help maintain safety and to meet certain legal and regulatory requirements which apply to Hotel Blafell.
- We operate CCTV in some areas in hotels to provide increased safety to our customers, staff and assets.
- Hotel Blafell maintains data which may be used to deny services to certain individuals due to previous incidents, e.g. jeopardizing of safety, harassment of other guests or staff.
- To provide services tailored to your requirements or preferences and to treat you in a more personal way.
- If you have stayed with us before, we may personalize the experience you have while checking in to our hotel. For example, a member of our staff may welcome you back to our hotell.
- We may update and share non-personal information with our media agencies, in order to serve tailored and relevant advertising from our partners and third parties on our websites, applications and electronic communications.
- To carry out analysis and market research.
- We will analyze the way in which our sales channels, products and services are being used by customers so that we can understand how to improve the service we offer and encourage customers to use the full range of our products and services.
- To market and keep you informed of Hotel Blafell products and services.
- We may send you information about our products and services, as well as the products and services of our Travel Agency, by email or text message.
- We may tailor the content of our websites, applications, emails and other communications to ensure they are as relevant to you as possible – including previous bookings including offers and/or services relating to that or a similar destination.
- Understand your preferences when staying with us and provide information about offers, such as upgrades.
- If you’ve searched for hotels or destinations but not booked, we may remind you about our services via social media, e.g. Facebook, Instagram or Twitter based on the destinations you searched for previously.
- We may combine/match anonymized customer relationship marketing data with a third party (e.g. Google, Facebook) so both companies can understand behavioral activities such as knowing other sites visited.
- To send you status updates and service communications.
- Even if you have opted-out of receiving marketing material from us, we may still send you communications about the services you have booked to use, such as your booking confirmation. These communications will help you get the most from the services we provide and may also contain options and other details about the services you will be using.
- We may also send you communications about the services you have previously used, for example, where you experienced some form of issue or problem and we wish to contact you about it proactively in order to resolve it successfully.
- To improve our websites, products and services.
- We may monitor the way that you and other customers use our website so that we can identify ways to improve the website experience and enhance the security of our website.
- For purposes related to legal claims or disagreements.
- We may use your personal information to uphold our legal rights as a business or the rights of our employees, e.g. in cases related to illegal activities, fraud or harassment.
- For management and administrative purposes.
- We may use and retain your personal information, including your purchase history, for administrative purposes, which may include for example, accounting and billing, auditing, credit or other payment card verification, anti-fraud screening (including the use of credit reference agency searches and payment card validation checks) and systems testing, maintenance and development.
- We may process your personal information when performing searches related to requests for copy or deletion of personal information.
When will we send you marketing?
When you provide your information directly to us you may be asked if you don’t want to receive our marketing material. Hotel Blafell sometimes promotes the products and services of third parties like travel options in the area.
Hotel Blafell may ask you to consent to receive marketing material from other third parties.
Whatever your choice on receiving marketing material from us or by which methods they are delivered, we will respect it.
What options do you have when receiving marketing material from us?
You can change your mind at any time on whether you would like to be sent marketing material or not. To stop receiving marketing material from us, you can use the following methods:
- You can write to us at email@example.com
- Furthermore, each marketing communication sent to you via e-mail will provide you with the option to unsubscribe from receiving any further marketing materials from us.
- Alternatively, you can call our reception at +354 470 0000 and ask to be unsubscribed from marketing materials in the future.
Even if you choose not to receive marketing material, we will still communicate with you in relation to services or products you have purchased. For example, we will still send you messages with your booking confirmation or to inform you of any changes or disruptions to the services.
Please be aware that if you indicate that you would not like to receive marketing material from us, we will retain your personal information in order to fulfil your wishes not to receive such material.
What is our legal basis for processing your personal information?
Your personal information will only be processed by Hotel Blafell where there is a legal basis for the processing. The legal basis may differ based on the purpose of the processing of your personal information. In almost all cases, the legal basis will be as follows:
Because the processing of your information is necessary for the performance of a contract or in order to take steps at your request prior to entering into a contract, e.g. so that we can fulfil your requests, process your booking or provide you with the services that you have requested.
- Because Hotel Blafell has a legitimate interest as a hotel service provider to process your personal information to operate and improve our business activities.
- Because Hotel Blafell needs to process your personal information to comply with legal or regulatory requirements.
- Because Hotel Blafell may need to process your personal information to protect the vital interests of you or another person.
- Because you have given your consent to Hotel Blafell for processing your information for a specific purpose.
You can see more information on the processing with regard to each legal basis below.
In cases where the processing of your data is subject to other laws, then the legal basis for processing may be different than stated above. In such circumstances, the processing may be based on your consent in all cases.
Processing based on a contractual necessity
In order for us to provide you with services, such as fulfil your request to stay with us, it is necessary for us to process some of your personal information. We will need to process information such as your name, contact details and payment information so that you can check in to our hotel or other services in case of a package booking.
Processing based on legitimate interests
We have a legitimate interest to use your personal information in order to provide, improve and market our services.
- We may send you marketing materials in order to promote services and inform you of products.
- We may carry out analysis and use data to provide you with a more personalized experience.
- When we need to conduct legal claims.
Processing to comply with legal obligations
As a business, Hotel Blafell needs to comply with legal and regulatory requirements and may need to process your personal information in order to comply with these requirements.
- Hotel Blafell is required by Statistics Iceland to provide information on the nationalities of our guests. We may process your personal information to compile aggregate statistics to fulfil this requirement.
To protect the vital interest of you or another person
In rare cases, there may be an urgent need that we process your personal information to protect your vital interests or the interests of another person.
- If there is a medical emergency, we may need to process your personal information so that necessary medical assistance may be provided.
Processing based on consent
In some cases, we may process your personal information when you have provided your consent for us to do so.
Whenever we process personal information based on your consent, you may withdraw your consent at any time. To do so, please contact Hotel Blafell by write to us at:
Hótel Bláfell ehf.
Please be aware that if you withdraw your consent, we may not be able to provide you with some or all of the services that you have requested from us. Additionally, it may not be possible to cancel your booking or for us to provide you with a refund of payments you have made to us.
For how long do we retain personal information?
Your personal information will be kept as long as it is needed for the purpose it is being processed. For example, we will need to retain information related to your stay for as long as it is needed to fulfil your booking and after that so that we can respond to claims, disputes or questions about the booking. Your information may also be retained so that we can provide you with improved and personalized services, as well as so that you may enjoy any loyalty benefits which you have accrued.
Hotel Blafell actively reviews personal information so that it is not retained longer than there is a legal basis for it being processed. In some cases, it may be anonymized and in other cases, deleted.
In which cases and with whom do we share your personal information?
Your personal information may also be shared with the following third parties:
- Other service providers which participate in providing the services you have requested. For example, if you book a day tour as part of your journey which you have booked through Hotel Blafell, your personal information will need to be shared with any service providers needed to provide you with these services. These additional service providers will be identified in the booking process.
- Payment and credit card companies, credit reference agencies and companies involved in anti-fraud screening in order to process and receive payments from you and to protect ourselves against possible fraud.
- In cases where we are legally required to share your information with government and law enforcement agencies.
- Third party providers which we use to process data in order to provide you with products, services and marketing material. For example, third party providers which are involved in the storage of data, ground handling agents on airports or marketing services.
- Third parties involved in the conduct of legal claims, such as law firms or courts.
- Third parties, such as security companies, the police and regulatory authorities, when we may need to safeguard our property and assets, provide safety to our customers, staff and assets or have our rights enforced.
How does Hotel Blafell safeguard personal information that is transferred to third countries?
According to European Union and Icelandic data protection laws, certain requirements need to be fulfilled when your personal information is transferred to a country outside the European Economic Area. The purpose of these requirements is to make sure your personal information is adequately protected, even when being transferred outside the European Economic Area.
When Hotel Blafell transfers your personal information to a third country, one of the following will apply:
- The transfer is made to a country deemed to provide adequate protection of personal information according to a decision
by the European Commission.When data is transferred to the US, transfers may be based on the EU-US Privacy Shield.
- The recipient of the personal information has approved binding corporate rules which provide an adequate level of protection for your personal information.
- Hotel Blafell and the recipient of your personal information have made contracts regarding the transfer of data using
standard contractual clauses which the European Commission has decided provide an adequate level of protection for your personal information.
- The recipient of the personal information has approved Codes of Conduct which satisfy the requirements of European Union and Icelandic data protection law.
- The recipient of the personal information has obtained certification issued by an accredited certification body according to European Union and Icelandic data protection laws.
What can you do to keep your personal information secure?
Hotel Blafell makes every effort to protect your personal information. We encourage you to take steps to secure your personal information. Here are some measures that you can take to keep your information safe:
Be careful when online and avoid internet fraud
Dishonest individuals may try to gather your personal information by trying to deceive you online. This illegal activity is called “phishing”. Phishing is often performed by sending you an e-mail which has been designed to make you think that it has been sent a legitimate business. However, such e-mails may often form part of a scam to trick you into disclosing details, such as your personal information, login credentials or bank information. Phishing e-mails will often contain links to fraudulent websites which imitate the look and feel of legitimate websites.
How can I make a request for a copy of my personal information and how do I lodge a complaint?
Under European Union and Icelandic privacy law, you may request a copy of your personal information if it is processed by Hotel Blafell. You do not need to pay a fee for this request, unless it is manifestly unfounded or excessive. Hotel Blafell will make every effort to respond to your request within 30 days of it being received.
Your request must be in writing and must contain the following information:
- Your name and postal address.
- Details of your request.
- Any details which may help us locate the information which is the subject of your request, for example:
- Booking reference or the dates which you stayed with us.
- Your e-mail address, telephone number or other contact details.
Additionally, we require you to provide:
- A copy of a government issued ID, such as your passport or driving license. This is necessary so that we can verify who is making the request.
- Your signature and the date of the request.
- If you are applying on behalf of another person then signed authority from the individual is required.
Please send your request to:
Hótel Bláfell efh.
You also have a right to lodge a complaint with The Icelandic Data Protection Authority in. A complaint can be made by writing to:
The Icelandic Data Protection Authority