GDPR Data Protection Policy

 

1 INTRODUCTION AND OBJECTIVE

The objective of this policy is to secure that Memory Hotel processes personal data according to The General Data Protection Regulation (GDPR). The policy is valid for all processing of personal data, structured as well as unstructured data.
 
Memory Hotel protects your privacy. This privacy policy explains how Memory Hotel collects and uses your personal data. It also describes your rights in relation to us and how you can assert your rights.
 

2 APPLICATION AND REVISION 

The Board is responsible for the processing of personal data following this policy.
 
The policy shall be determined by the Board at least once a year and updated if necessary.
 
The Hotel Manager is responsible for the annual update of the policy as a result of new and changed rules.
 
This policy applies to the board members of the company, CEO, employees and contractors related to our business.

3 ORGANISATION AND RESPONSIBILITY

The CEO has overall responsibility for the content of this policy and that it is implemented and enforced by the business. The CEO may delegate responsibility and implementation to the appropriate person in the company. The CEO has delegated implementation of this policy to the Hotel Manager of Memory Hotel.
 
All employees are responsible for acting in accordance with this policy.

4 GDPR EXPRESSIONS

 

Expression Explanation
Personal Data Personal data is any kind of information that can be directly or indirectly attributed to a physical person who is in life.
Data subject The person to whom personal data refers, that is, the natural person who can be identified directly or indirectly through the personal data in a register.
Processing of personal data An action or combination of personal data actions - regardless of whether they are performed automated or not - such as collection, registration, organization and structuring.

 

5 PROCESSING OF PERSONAL DATA

Each personal data processing should be done according to the following principles:
• Lawfulness
• Purpose limitation
• Data minimisation
• Accuracy
• Storage limitation
• Integrity and confidentiality
 
Our data processing is documented on a regular basis in a Record of Processing Activities. 
 
Follow-up and evaluation of our processing of personal data shall be done at least annually.
 
Any incident relating to personal data we process shall be reported to the Hotel Manager without delay, who, without delay, and not later than 72 hours, must report the incident to The Swedish Data Protection Authority and take necessary action as a result of the incident.
 
Our requirements for personal data processing under GDPR should always be ensured in procurement and development of IT solutions and services, and shall be part of any agreement.
 

A. Guests

When using your Memory Hotel services, you agree to our Data Processing Policy.
 
Why Do We Process Personal Data?
Memory Hotel processes personal data to fulfil the agreement we have with you, which is established at the time of booking. The personal data is needed to manage your accommodation at the hotel, handle payment and meet the requirements of the authorities. We always handle personal data with care to secure the integrity of our guests.
 
What Personal Data Do We Process?
You may directly or indirectly provide us with personal data in different ways. For example, when you make a reservation with us and when you arrive at the hotel for check-in. Examples of personal data are; name, date of birth, billing address, email address, phone number and payment information.
 
What Is The Objective of Our Data Processing?
All our data processing has a purpose. The personal data has the purpose of providing as well as performing services at Memory Hotel, in order to fulfil the agreement we have with our guests and to comply with Swedish legislation.
Do We Share Personal Data?
In some cases, we transfer personal data to third parties with whom we have cooperations. These include hotel systems, booking agencies, IT suppliers and auditors. In our choice of third parties, we take legal, technical and organizational measures to ensure that personal data is processed securely. Our suppliers may in turn share personal data with their suppliers.
Where Is Personal Data Processed?
We process personal data in EU/EES.
 
How Long Do We Save Personal Data?
Personal data is saved as long as we need it to fulfil our agreement with our guests. Furthermore, personal data is stored as long as authorities require by law.
To Request Personal Data, Rectification, Completion and Deletion
You are always entitled to get information about the personal data we process. You also have the option of changing incorrect personal data as well as adding data. You can also request that your personal data should be deleted.
 

B. Corporate Agreements and Personal Data

Memory Hotel has corporate agreements. We process personal data of contact persons at these companies. The personal data is processed in order to fulfil our agreements with the companies for hotel and restaurant services. Personal data we process is name and contact details. Personal data is not shared. Personal data is processed as long as we have an agreement with the company and as long as the relevant person in the company is responsible for the relationship with us. For persons who request information, rectification, completion and deletion, the same rules apply to corporate customers as for our guests (section 5A).
 

C. Suppliers and Partners

For suppliers and partners, Memory Hotel processes personal data for our contact persons. The personal data is processed in order to manage agreements with our suppliers and partners. The personal data we process is name and contact details. Personal data is not shared. Personal data is stored as long as we have an agreement with the company and as long as the relevant person in the company is responsible for the relationship with us. For persons who request data, rectification, completion and deletion, the same rules apply to suppliers and partners as for our guests (section 5A).
 

D. Social Media

Memory Hotel is present on Facebook and Instagram. There is a possibility for individuals to post personal data on our social media pages. For those who choose to post personal data on our Facebook and Instagram pages, we refer to the privacy policies of those companies. Memory Hotel never upload pictures or comments about guests on our social media pages.
 

6 CONTACT

Memory Hotel
Borgarfjordsgatan 3
164 25 Kista
Sweden
Memoryhotel.se
Telephone +46-(0)8-7930700
Mathias.wallerstrom@memoryhotel.se
}