SAFE HANDLING OF YOUR PERSONAL DATA
At Elisefarm, we safeguard a high level of protection for the privacy of our guests. Therefore, we want to inform you about how we handle your personal data after May 25, 2018. Due to GDPR, we have changed the way we handle the personal data of our guests. In connection with, for example, booking, inquiries and purchases of gift cards, etc., we describe how we save and analyze your personal information. We do something to make our communication as relevant and interesting as possible to you.
You have the opportunity at any time to know what information we have stored about you as a guest, why we have them and how long we save them. Of course, you can also at any time request to have your information removed from all our records. Here we have gathered all information about how we at Elisefarm work to comply with the new rules on personal data processing, GDPR.
What is GDPR?
From May 25, 2018, the new Data Protection Regulation (GDPR) will replace the existing “Personal Data Act” (PUL).
What are the benefits of GDPR?
GDPR has been developed to protect you as a customer and your rights regarding the handling and dissemination of your personal data. The idea is that you, as our guest, should feel secure that your registered information is not used improperly. The current Swedish PUL is really the basis for GDPR and most of the PUL is found in GDPR.
What is a personal information?
A personal data is such data that somehow identifies you as a person. That is, name, address, telephone, mail, etc. Non-personal information about bookings, sales and activities is not included as this is counted as business secrets and in many cases is subject to accounting rules and accountability.
Who is responsible for personal data?
At Elisefarm, Ingrid Linné has overall personal data responsibility and determines the purposes for handling, collecting and using the personal data you provide to us. For questions about personal data, email: firstname.lastname@example.org.
How do we store your personal information?
Our booking system Spectra Systems AB handles relatively large amounts of personal data. Since we have many regular guests who often come back to us, we have chosen to keep the information in our booking system for 2 years after the last departure before we remove them. If you wish to have them deleted earlier, please contact us at email@example.com and we will fix it immediately. It is important to distinguish between ordinary and sensitive personal data. Sensitive tasks are e.g. ethnic origin, political views, religious or philosophical beliefs, union membership, and personal data related to health or sexual preferences.
Elisefarm does not need to obtain the consent of you as a guest if you book accommodation or restaurant, or Spa visit when a customer agreement is entered into when a booking is made. We will never collect and collect data on sensitive information, however, there are free fields in the booking engine and guest surveys that can still enter our database. This information will only be available to us if you as a guest choose to fill in this information in our other fields or guest surveys, otherwise we will not store anything. Therefore, we urge all users of our booking system (both Online, bookings by mail / telephone and via our manual booking forms on the website) not to include sensitive nature notes in our systems. You as a guest are always entitled to receive a copy of all information stored about you, including those stored in free text fields in the customer register.
What is a registry extract?
If you have booked a stay, a restaurant visit or the like, you have the right to see the information stored about you in our booking system Spectra Systems AB. This refers to information that can be used to identify you as a person. Non-personal information about bookings, sales and activities is not included as this is counted as business secrets.
Can you delete me from your systems?
Yes, you always have the right to have all of your personal data stored, which can be used to identify you personally deleted. This refers to information that can be used to identify you as a person. Non-personal information about bookings, sales and activities is not included as this is regarded as business secrets and in many cases is subject to accounting rules and accountability.
Elisefarm has already introduced or will introduce the necessary features for administrators in our booking system to handle all GDPR requests and requests from our customers. Through our various systems, we provide information on how GDPR is applied and what information is stored, how long it is stored and how suspected incidents and abuses should be reported. Personal data in the field, free text, and that can identify you as a guest is disclosed. The request is made to firstname.lastname@example.org.
Elisefarm also has the right, within one (1) year after you, as a customer, have visited one of our hotels, restaurants, spa or other market to us to a reasonable extent without your consent, this with the legal basis of balance of interests.
If you have questions about how we handle GDPR, you are welcome to contact the person responsible at email: email@example.com. We have a policy that we will respond to you within 72 hours!