General data protection regulation

This privacy policy applies to www.soriamoria.no, owned and operated by Soria Moria hotel. This privacy policy describes how we collect and use information, including personal data, which you provide on our website www.soriamoria.no. It also describes the choices you have in connection with our use of your personal information and how you can access and change this information.

COLLECTION OF INFORMATION
We collect, among other things, the following types of personal information:
Your first name, last name, email address, telephone number, and residential address.
Card information (card type, card number, name on the card, expiration date, and security code).

Information about guests’ stays, including arrival and departure dates, guest preferences, and observed preferences in connection with the services offered (including room preferences, facilities, or other services used).

Information you provide in connection with marketing preferences or in connection with your participation in surveys, competitions, or promotional offers.

You can always choose what kind of personal information you want to give us. If you choose not to provide certain information, however, it may affect the guest experience with us.

INFORMATION WE COLLECT AUTOMATICALLY
When you use our website, we also automatically collect information, some of which may be personal. This may be information related to language settings, IP address, location, device settings, the device’s operating system, other information related to the operating system, log information, the time of use/visit, the web address the visitor goes to or tries to go to, status reports, the user agent (information about the browser version), the result of the visit (just browsing or booking), browser history, the user’s booking ID, and the type of information viewed. We may also automatically collect information through cookies.

PURPOSE OF USING PERSONAL INFORMATION
We use your personal information in connection with the following:

Bookings: We use your personal information to complete and manage your online bookings.

Customer Service: We use your personal information to provide customer service.

Guest Reviews: We may use your contact information to send you an email inviting you to write a review after your stay.

Marketing-Related Activities: We may use your information in connection with marketing-related activities, to the extent and extent permitted by law.

Other Types of Communication: We may contact you by email, post, phone, or SMS in other connections, depending on the contact information you share with us. For example, we may need to respond to and process requests you have made.

Analyses, Improvements, and Surveys: We use personal information to conduct surveys and analyses. We may involve a third party to do this on our behalf. We may share the results of such surveys, also with third parties, anonymously and in aggregated form. We use your personal information for analysis purposes, to improve our services, to improve the user experience, and to improve the functionality and quality of our online services.

Security Measures, Prevention, and Detection of Fraud: We use information, including personal information, to prevent fraud and other activities that are illegal or violate someone’s rights. We also use this information to conduct investigations in connection with and detect fraud. We may use personal information to conduct risk assessments and security measures, including user verification. In connection with these purposes, personal information may be shared with third parties, such as authorities to the extent and extent permitted by law, and external consultants.

Legal Disputes, Laws, and Regulations: In certain cases, it may be necessary for us to use the information provided, including personal information, to handle and resolve legal disputes or complaints, to investigate and ensure that regulations are complied with, or to ensure compliance with agreement(s) or to comply with lawful requests from authorities to the extent required by law.

If we use automatic ways to process personal information that has legal consequences or otherwise significantly affects you, we will implement appropriate measures to protect your rights and freedoms, including the right to human intervention.

LEGAL PRECONDITIONS
In connection with the purposes mentioned in 1 and 2, we base the use of the information on the fulfillment of obligations in an agreement. The use of your information may be necessary to fulfill the obligations of the agreement you have entered into with us. For example, if you use our services to perform an online booking, we will use your information to fulfill our obligation to complete and manage this booking in accordance with the agreement we have entered into with you.

In connection with the purposes mentioned in 3–8, we base the use of the information on legitimate interests. We use your information in line with our legitimate interests, such as being able to provide you with the most appropriate content on the website, in emails, and in newsletters, to improve and promote our products and services and the content on our website, and in connection with administrative and legal purposes and to detect fraud. When we use your personal information in line with our legitimate interests, we will always weigh your right to and interest in the protection of your information against our rights and interests.

In connection with the purpose mentioned in 8, we also base our use of the information on, where applicable, our obligation to comply with applicable legal regulations.

In cases where it is necessary under legal provisions, we will ask for your consent before we use your personal information in connection with direct marketing.

If it is necessary under legal provisions, we will ask for your consent. You can withdraw your consent at any time by contacting us using the contact information found at the bottom of this privacy policy.

If you want to oppose the use of personal information in connection with the purposes mentioned in 3–6, and you have no opportunity to refuse access to such use yourself (for example, through a change in the settings in your account), you can, to the extent applicable, contact privacyGDPR@soriamoria.no.

SHARING OF INFORMATION
With Booking.com: We work with Booking.com B.V., which has the following registered address: Herengracht 597, 1017 CE Amsterdam, Netherlands, (Booking.com) (hereinafter referred to as “Booking.com”) to offer you our online booking services. While we are responsible for the content on this website and you make bookings directly with us, bookings are processed via Booking.com. Information you provide through this website will therefore also be shared with Booking.com and their partners. This information may include personal information such as your name, contact details, payment details, the names of guests in your travel party, and any preferences you provide when booking a stay. To read more about Booking.com and the other companies in the same group, you can go to About Booking.com. If you have questions about Booking.com’s use of your personal information, you can contact dataprotectionoffice@booking.com.
With Expedia: We work with Expedia, Inc., which has the following registered address: 333 108th Avenue NE, Bellevue, WA 98004, USA (Expedia) to offer you our online booking services. While we are responsible for the content on this website, and you make bookings directly with us, bookings are processed via Expedia. The information you provide through this website will therefore also be shared with Expedia and their partners. This information may include personal information such as your name, contact details, payment details, the names of guests in your travel party, and any preferences you provide when booking a stay. To read more about Expedia and the other companies in the same group, you can go to About Expedia. If you have questions about Expedia’s use of your personal information, you can contact privacy@expedia.com.

With third-party service providers: We use service providers in connection with the use of your personal information on our behalf. This use will be in line with the purposes mentioned in this privacy policy, such as facilitating payment for bookings, sending out marketing-related material, or in connection with analytical support services. These service providers are subject to confidentiality and may not use your personal information for their own purposes or any other purposes.

With authorities: We share personal information with police and other public authorities to the extent and extent required by law, or if it is strictly necessary to prevent, detect, or report criminal acts and fraud.

INTERNATIONAL TRANSFERS OF INFORMATION
The transfer of personal information as mentioned in this privacy policy may include the transfer of personal information to countries with privacy regulations that are not as comprehensive as the privacy regulations in the EU. In cases where it is necessary under EU law, we will only transfer personal information to recipients who can provide an adequate level of protection of personal information. In these situations, we will ensure that the applicable agreements protect your personal information in line with EU standards. You can ask us to see a copy of the contractual terms by contacting us using the contact information below.

SECURITY
We use appropriate operating systems and procedures to protect and secure information, including personal information. We also operate security procedures and technical and physical restrictions for access to and use of personal information on our servers. Only authorized persons are allowed to view personal information in connection with their work.

STORAGE OF INFORMATION
We store your information, which may include personal information, for as long as we deem necessary to be able to provide you with services, comply with applicable legal regulations, resolve disputes with other parties, and in other cases where it is necessary for us to be able to operate our business, including also to detect and prevent fraud or other illegal activities. All personal information we store will be subject to this privacy policy. If you have questions about the storage period for certain types of personal information about you that we use, you can contact us using the contact information below.

YOUR CHOICES AND RIGHTS
We want you to have control over how your personal information is used by us. You can do this in the following ways:

You can ask us for a copy of the personal information we have stored.

You can inform us of any changes to your personal information, or you can ask us to change the personal information we have stored.

In certain situations, you can ask us to delete, block, or limit the use of the personal information we have stored, or you can oppose certain ways we use your personal information.

In certain situations, you can also ask us to send the personal information you have given us to a third party.

In cases where we use your personal information based on your consent, you have the right to withdraw your consent at any time in accordance with applicable legal provisions. In cases where we use your personal information based on legitimate interests or a public interest, you have the right to oppose the use of your personal information at any time, in accordance with applicable legal provisions.

We rely on your help to ensure that your personal information is complete, up-to-date, and current. We ask you to inform us immediately if your personal information has changed or is incorrect. You do this by contacting booking@soriamoria.no. We will process your request in accordance with applicable legal provisions.

QUESTIONS OR COMPLAINTS
If you have questions regarding our use of your personal information, or if you want to exercise a right derived from this statement, you can contact us via privacyGDPR@soriamoria.no. You can also contact the Data Inspectorate in case you have questions and complaints.

CHANGES TO THE STATEMENT
Just as our business is constantly changing, this privacy policy may also be changed from time to time. If you want to stay updated on the changes in this privacy policy, we recommend that you check this page regularly. If we make changes that affect you (e.g., if we want to use your personal information for other purposes than those mentioned above), we will contact you before we use your information.