Book a Room Book a table Book a Meeting

Privacy Policy

Effective as of May 25, 2018

Table of Contents

  1. Introduction
  2. What is personal data, and what does the processing of personal data entail?
  3. Who does this policy apply to?
  4. Who does this policy apply to?
  5. What does it mean to be a data controller?
  6. Hotel Skeppsholmen as the data controller
  7. Why are we allowed to process personal data?
  8. What personal information do we collect?
  9. How long do we retain personal data?
  10. Our measures to protect your personal data
  11. When do we share personal data?
  12. Your rights
  13. Changes to this policy
  14. Contact

1. Introduction

Thank you for choosing Hotel Skeppsholmen , and a special thank you for taking the time to carefully read through this Privacy Policy. We would like to begin by briefly explaining why we have created this policy. Our fundamental goal is to, in a clear and easy-to-read manner,

  • Explain the roles that you and we play in this context
  • explain how we use the information you share with us so that we can deliver and continue to develop Sweden’s best hotel experience;
  • ensure that you understand what information we collect and what we actually do with it;
  • show how we work to protect your rights and privacy.

Our goal is for you, after reading this policy, to feel confident that your privacy is respected and that your personal data is processed correctly. We therefore work continuously to ensure that our processing of personal data is fully compliant with applicable legislation, primarily the new General Data Protection Regulation (GDPR), which took effect on May 25, 2018.

2. What is personal data, and what does the processing of personal data entail?

2.1 Personal data is any information that, either directly or indirectly in combination with other data, can be linked to a living natural person. A non-exhaustive list of examples of personal data includes:

  • Name
  • Social Security Number
  • Credit card number
  • Email address
  • IP address
  • Photos

2.2 The processing of personal data includes any operation performed on personal data, whether or not it is carried out by automated means. This means that the following operations, among others, are covered:

  • Fundraiser
  • Registration
  • Usage
  • Summary
  • Transfer
  • Deletion

3. Who does this policy apply to?

This Privacy Policy primarily applies to individuals staying at our hotel whose personal data we process (the “Data Subject”). Different sections of this Privacy Policy may also be relevant to you depending on your relationship with Hotel Skeppsholmen . In summary, this policy applies to individuals who

  • are guests at our hotel
  • dine at our restaurant
  • organize meetings or events at our facilities
  • visit our website or interact with us on social media
  • communicate with us in other ways, such as through our customer service

By accepting this Privacy Policy, you consent to Hotel Skeppsholmen processing your personal data in accordance with this Privacy Policy.

4. What about the policy?

This Privacy Policy governs how Hotel Skeppsholmen collects and processes personal data in order to provide and continue to develop our Services.

5. What does it mean to be a data controller?

A data controller is a natural or legal person, or any other entity, that determines the purposes and means of the processing of personal data. A company is a data controller with respect to the personal data it holds on its own behalf regarding its employees, customers, suppliers, and others.

6. Hotel Skeppsholmen as Data Controller

Hotel Skeppsholmen (Corporate ID No. 556722-3069) is the data controller for the processing of your personal data in connection with Hotel Skeppsholmen Services and is responsible for ensuring that such processing is carried out in accordance with applicable law.

7. Why are we allowed to process personal data? 7 .1 In order for the processing of personal data to be permitted, there must always be a basis in the GDPR, known as a legal basis. Such legal bases include, among others,

  • consent from the data subject
  • that the processing of personal data is necessary for the performance of a contract with the data subject, such as a contract regarding the use of the Services
  • to comply with a legal obligation, such as the requirement to retain data due to accounting obligations
  • that, after weighing the interests involved, it determines that Hotel Skeppsholmen interest in processing personal data outweighs the data subject’s interest in the protection of such data.

7.2 Hotel Skeppsholmen always processes your personal data in accordance with applicable law. Our primary legal basis for processing your personal data is that it is necessary to fulfill our agreement with you regarding the use of our services.

7.3 It may happen that the same personal data is processed both on the basis of the performance of a contract, specifically based on consent, and on the basis that the data is necessary to comply with other legal obligations. This means that even if you withdraw your consent and the processing based on that consent ceases, the personal data may still remain with us for other purposes.

8. What personal information do we collect?

In this section of our policy, we’d like to provide you with some examples of how we handle personal data to ensure that we consistently deliver exceptional experiences with a high level of service.

8.1 When you book a room at our hotel

When you book a room at our hotel—whether you make the reservation at the front desk, by phone, via email, or at https://www.hotelskeppsholmen— we process the following information that you provide to us:

  • Your name and contact information (phone number, email)
  • Credit card number and other payment information
  • Your name and contact information (phone number, email)
  • Your name and contact information (phone number, email)
  • Your name and contact information (phone number, email)
  • Information about your question, comment, or inquiry

8.1.1 We process your personal data in order to:

  • Please log in to access information related to your reservation and stay at Hotel Skeppsholmen
  • Charge you for the services and products you have purchased from us
  • We will contact you with information regarding your stay via email, text message, or WhatsApp
  • Compile statistics and conduct analyses in order to improve our Services, products, and offers
  • To provide, maintain, test, improve, and develop our Services and the technical platform used to provide them
  • To ensure the security of our Services, to detect or prevent various types of unlawful use or use that otherwise violates our Terms of Service
  • Stay informed about personalized offers, promotions, and benefits from us and our partners via email and text message, for example
  • Please log in to access your reservation and dining experience at Långa raden
  • Charge you for the services and products you have purchased from us
  • We will contact you with information regarding your stay via email, text message, or WhatsApp
  • Compile statistics and conduct analyses in order to improve our Services, products, and offers
  • To provide, maintain, test, improve, and develop our Services and the technical platform used to provide them
  • To ensure the security of our Services, to detect or prevent various types of unlawful use or use that otherwise violates our Terms of Service
  • Stay informed about personalized offers, promotions, and benefits from us and our partners via email and text message, for example
  • Please log in to access your reservation and experience at our hotel
  • Charge you for the services and products you have purchased from us
  • We will contact you with information regarding your reservation via email, text message, and WhatsApp
  • Compile statistics and conduct analyses in order to improve our Services, products, and offers
  • To provide, maintain, test, improve, and develop our Services and the technical platform used to provide them
  • To ensure the security of our Services, to detect or prevent various types of unlawful use or use that otherwise violates our Terms of Service
  • Stay informed about personalized offers, promotions, and benefits from us and our partners via email and text message, for example
  • Answer your questions and handle your request, for example by resolving issues and addressing complaints
  • Improve our Services and the information we communicate through our various channels

8.1.2 Legal basis for the processing:

We process your personal data based on the performance of a contract when we fulfill our obligations to you as a hotel guest (e.g., when we manage services related to your hotel room and when we provide relevant offers) and based on a balancing of interests when we have a legitimate interest in using information about your stays and purchases to generate statistics and to develop, improve, and ensure the security of our Services.

8.1.3 Retention period:

We store your personal data during your hotel stay and for up to 3 months thereafter. To ensure traceability, we store records of our communications with you for 12 months. Your hotel history is stored for up to 2 years to support our legitimate interest in analyzing trends over time.

8.2 When you make a reservation at Restaurant Långa raden

When you make a reservation to dine at our restaurant Långa raden—whether you make the reservation in person, by phone, via email , or at https://www.hotelskeppsholmen— we process the following information that you provide to us:

8.2.1 We process your personal data in order to:

8.2.2 Legal basis for the processing:

We process your personal data based on the performance of a contract when we fulfill our obligations to you as a restaurant guest (e.g., when we manage services related to your table reservation and when we provide relevant offers) and based on a balancing of interests when we have a legitimate interest in using information about your visits and purchases to generate statistics and to develop, improve, and ensure the security of our Services.

8.2.3 Retention period:

We store your personal data for up to 3 months after your visit to the restaurant. To ensure traceability, we store records of our communications with you for up to 12 months. Your visit history is stored for up to 2 years to support our legitimate interest in analyzing trends over time.

8.3 When you book our meeting and event spaces

When you book one of our wonderful meeting or event spaces—whether you make the reservation at the hotel front desk, by phone, via email, or at https://www.hotelskeppsholmen— we process the following information that you provide to us:

8.3.1 We process your personal data in order to:

8.3.2 Legal basis for the processing:

We process your personal data based on the performance of a contract when we fulfill our obligations to you as a visitor (e.g., when we administer services related to your meeting or event booking and when we provide relevant offers) and based on a balancing of interests when we have a legitimate interest in using information about your stays and purchases to generate statistics and to develop, improve, and ensure the security of our Services.

8.3.3 Retention period:

We store your personal data for up to 3 months after your visit. To ensure traceability, we store records of our communications with you for 12 months. Your visit history is stored for up to 2 years to support our legitimate interest in analyzing trends over time.

8.4 When you communicate with us

You can choose to contact us in a variety of ways, including through our social media accounts or by calling or emailing our customer service team.

When you book or communicate with us, we process the following information that you provide to us:

8.4.1 We process your personal data in order to:

8.4.2 Legal basis for the processing:

We process your personal data based on our and your legitimate interest in handling the matter (balancing of interests)

8.4.3 Retention period:

To ensure traceability, we retain records of our communications with you for 12 months.

8.5 When you use our Wi-Fi or visit our website

When you connect to our Wi-Fi, we are the data controller for the processing required to connect you to the Internet, but not for any subsequent processing or for the content of your communications via Wi-Fi. When you connect to our Wi-Fi, we process

  • Your IP address and MAC address

When you visit our website, we process:

  • Information about how you interact with and use our website, such as when booking a hotel room
  • Information about your visits to our website, collected through cookies. For more information about how we use cookies, see https://www.hotelskeppsholmen....

8.5.1 We process your personal data in order to:

  • Provide our digital services
  • Get support when you encounter various types of technical issues
  • Maintain, test, and improve our digital services
  • Detect and prevent security attacks, such as virus attacks

8.5.2 Legal basis for the processing:

We process your personal data based on the performance of a contract when we provide Wi-Fi, and based on a balancing of interests to protect our legitimate interests in maintaining, testing, and improving our digital services.

8.5.3 Retention period:

We store your personal data for 3 months after you have used our digital channels and for 6 months after you have connected to our Wi-Fi.

9. How long do we retain personal data?

Your personal data will only be retained for as long as necessary to fulfill the purposes for which the data was collected, in accordance with this Privacy Policy. Hotel Skeppsholmen may retain the data for a longer period if necessary to comply with legal requirements or to protect Hotel Skeppsholmen legal interests, e.g., if legal proceedings are ongoing.

10. Our measures to protect your personal data

10.1 We at Hotel Skeppsholmen have ensured that we have implemented appropriate technical and organizational measures to protect your personal data against, among other things, loss, misuse, and unauthorized access.

10.2 To ensure, from a technical standpoint, that personal data is processed securely and confidentially, we use digital networks that are protected against unauthorized access through measures such as encryption, firewalls, and password protection. In the event of a breach, Hotel Skeppsholmen has established robust procedures for identification, damage mitigation, and reporting. Finally, Hotel Skeppsholmen has also developed an effective method to uphold the data subject’s rights, including the right to be forgotten.

10.3 To ensure a high level of knowledge regarding the processing of personal data, ongoing training sessions on the GDPR are organized for both Hotel Skeppsholmen employees and the consultants who are occasionally engaged to perform assignments for the company.

11. When do we share personal data?

11.1 Hotel Skeppsholmen will not sell, disclose, or share personal data with third parties, except as set forth in this Privacy Policy. Within the scope of the Services, personal data may be shared with, for example, subcontractors and business partners, if necessary for the performance and provision of the company’s services. In cases where we choose to share personal data, we enter into a so-called Data Processing Agreement to ensure that the recipient of the personal data processes such data in accordance with applicable law and that the recipient has implemented the necessary technical and organizational measures under the GDPR to adequately protect the rights and freedoms of the data subject.

11.2 Furthermore, we may disclose personal data if we are required to do so by applicable law or a court order, or if such disclosure is otherwise necessary to assist in a legal investigation.

12. Your rights

12.1 Hotel Skeppsholmen is responsible for ensuring that your personal data is processed in accordance with applicable law.

12.2 Hotel Skeppsholmen will, at your request or on its own initiative, correct, anonymize, delete, or supplement any information found to be incorrect, incomplete, or misleading.

12.3 You have the right to request access to your personal data. This means that you have the right to request a record of the processing we carry out regarding your personal data. You also have the right to receive a copy of the personal data being processed. You have the right, once per calendar year, to receive, free of charge, a written record of what personal data is stored about you, the purposes of the processing, and to whom the data has been or will be disclosed, by submitting a signed written request. You also have the right to receive information in the data subject report regarding the anticipated period during which the data will be stored or the criteria used to determine this period.

12.4 You have the right to have your personal data corrected. At your request, we will correct any inaccurate or incomplete data we process about you as soon as possible.

12.5 You have the right to have your personal data erased. This means that you have the right to request that your personal data be deleted if it is no longer necessary for the purpose for which it was collected. However, there may be legal requirements preventing us from immediately erasing your personal data, for example due to applicable accounting and tax laws.

12.6 You have the right to object to the processing of personal data based on a balancing of interests. If you object to such processing, we will only continue the processing if there are legitimate grounds for the processing that outweigh your interests.

12.7 If you do not want us to process your personal data for direct marketing purposes, you always have the right to object to such processing by either unsubscribing directly in each specific email message or by sending an email to gdpr@hotelskeppsholmen.se. Once we have received your objection, we will cease processing your personal data for such marketing purposes. If you are not satisfied with how we handle your personal data, you also have the option to report our processing of your personal data to the Swedish Data Protection Authority. However, for smooth and efficient handling, we recommend that you first contact us so that we can assist you with any questions or concerns you may have.

13. Changes to this policy

Hotel Skeppsholmen reserves the right to revise this Privacy Policy from time to time. The date of the most recent update is indicated at the end of the Privacy Policy. If we make any changes to the Privacy Policy, we will post those changes on the website. We therefore recommend that you review this Privacy Policy regularly to stay informed of any changes. If we change the Privacy Policy in a way that differs significantly from what was stated when your consent was collected, we will notify you of these changes and, if necessary, ask you to consent again to Hotel Skeppsholmen processing of your personal data.

14. Contact

Hotel Skeppsholmen (Corporate ID No. 556722-3069) is the data controller responsible for the processing of your personal data. If you would like further information about how your personal data is processed, please contact us by sending a written, personally signed request to:

Hotel Skeppsholmen

Gröna gången 1, P.O. Box 1616,

111 49 Stockholm

In the letter, please include your name, address, email address, phone number, and social security number along with a description of your inquiry. Please also attach a copy of your identification. A response will be sent to the most recent address on record in the population register.

Nobis Hospitality Group