GDPR – This is how it works
Have you heard about GDPR? This is probably not your first email on the topic. We understand that it may seem complicated and not entirely easy to grasp what everything means. Moment Hotels has therefore chosen to summarize what the law entails so that you as a guest can easily understand how we handle your personal information. Perhaps not the most fun read? … but important and interesting for those who want to know more.
If you already want to give us your consent or, unfortunately, withdraw your consent (your personal information), please contact us at [email protected].
Please note that the following has been developed by professionals, and we have outlined how we work based on GDPR.
General about GDPR
As of May 25, 2018, the new General Data Protection Regulation (GDPR) applies. GDPR replaces the existing Personal Data Act (PUL) and applies to all EU countries.
Description of GDPR
DPR has been developed to protect you as a customer and your rights regarding the handling and dissemination of your personal information. The idea is that, as our guest, you will feel confident that your registered information is not used in an improper manner. The current Swedish PUL is actually the foundation for GDPR, and most of PUL is included in GDPR.
What is personal data?
Personal data is any information that can in some way identify you as an individual. This includes name, address, telephone number, email address, etc.
Non-personal data related to bookings, sales, and activities is not included, as this is classified as business secrets and, in many cases, subject to accounting and financial regulations.
Who is responsible for personal data?
Working Partner Sweden AB has the overall responsibility for personal data. Together with the data processors at Moment Hotels (hotel director), they are responsible for and determine the purpose of collecting, handling, and using the personal data you provide to us.
How do we store your personal information?
Our booking system and digital applications process relatively large amounts of personal data. If you do not consent or do not rebook with us within 12 months, your personal information will be deleted from our systems.
It is important to distinguish between regular and sensitive personal data.
Sensitive data includes, for example, ethnic origin, political opinions, religious or philosophical beliefs, trade union membership, and personal data related to health or sexual preferences.
Moment Hotels will never collect or store sensitive data. However, if a guest provides allergy information when booking, this will be noted to offer allergy-friendly alternatives. These notes will be deleted within one week after your stay.
This is how it works:
Moment Hotels encourages all users of our booking system to not enter sensitive information into our systems. As a guest, you always have the right to receive a copy of all information stored about you, including data stored in free-text fields in the customer register.
Specific to the digital application – Moment Hotels App
The main function of the app is to book rooms and open hotel room doors using a mobile phone. To enable this, Bluetooth must be activated on your device. As a result, location data is collected, but this data is not stored.
Personal data collected and stored specifically for the app includes:
- Name
- Email address
- Mobile phone number
These personal details will be deleted upon user request by contacting [email protected].
News, upgrades, and exclusive offers via email and SMS
Would you like to continue receiving exclusive offers and news via email or SMS? Then you need to provide your consent.
This is how it works:
Moment Hotels does not need to obtain your consent if you book a lodging or restaurant visit, as a customer agreement is created when the booking is made.
However, if you want to receive exclusive deals and offers before everyone else, you must provide your explicit consent.
What happens in the event of a personal data breach?
If Moment Hotels experiences a data breach or an accidental loss of personal data, the incident will be documented and reported to the Swedish Authority for Privacy Protection (IMY) and affected customers within 72 hours.
This is how it works:
In the event of a data breach within any part of Moment Hotels, we will record the incident and notify all affected customers within 72 hours.
What is a data extract (registry extract)?
If you have booked a stay with us or have given us consent to store your personal information, you have the right to request an overview of the data we have stored about you.
This is how it works:
Since you have entered into a customer agreement with Moment Hotels, you are entitled to request information about what personal data is stored about you.
Non-personal data related to bookings, sales, and activities is not included, as this is considered business secrets.
Can I be erased from your system?
If you have entered into a customer agreement with Moment Hotels, you have the right to request the deletion of all your personal information stored with us. You can easily do this by contacting the hotel according to this policy.
This is how it works:
From May 25, 2018, you have the right to have all personal information that identifies you as an individual deleted.
Non-personal data related to bookings, sales, and activities is not included, as this is classified as business secrets and is often subject to accounting and regulatory requirements.
How does GDPR work in practice?
Moment Hotels has already implemented, or will implement, all necessary functions in our booking system to ensure compliance with GDPR.
- Data Extracts (Registry Extracts) – Any customer who has entered into an agreement with Moment Hotels may at any time request an overview of their stored information. This includes any free-text data that identifies you as a guest. Requests should be sent to [email protected].
- Information Updates – If you wish to update your personal data, please contact Reception at Moment Hotels via [email protected].
- Offers and Emails – If you have chosen to give consent, you will be the first to receive our exclusive offers via email or SMS. Moment Hotels also has the right to market to you reasonably within one (1) year after you visit our hotel, restaurant, or spa without explicit consent, based on legitimate interest.
Any more questions about GDPR?
Please contact our responsible Burim C. Sumiq (Hotel Director) at [email protected].