Thiss Privacy Statement describes how Gamli Skólinn Hotel, ID Sjóferðir Arnars ehf Kt. 610498-2569, Stórigarður 6, 640 Húsavík (here referred to as “Gamli Skólinn Hotel”, “company", “us” or “we”), operates with data processing, ie. the collection, registration, storage and disclosure of personally identifiable information (here also referred to as “you”). The statement covers, in particular, the processing of personal data when individuals:

• visit our website, gamliskolinnhotel.is

• book and stay in our hotel

• contact the company, whether by e-mail, phone or social media

Gamli Skólinn Hotel processes all personal information in accordance with current personal data protection legislation in effect in Iceland at any given time, as well as the relevant provisions contained in the EEA Agreement.

Personal data protection

Personal data protection is extremely important to us. We are deeply committed to respecting individuals' rights and ensure that all personal data is handled in strict compliance with applicable regulations and aligned with the highest standards of hotel operations at all times.

Information We Collect and Why We Collect It

At Gamli Skólinn Hotel, we are committed to collecting only the personal information necessary for the purposes for which it is intended. We do not process personal data for unrelated purposes unless the individual is informed and provided with the legal basis for such processing.

Depending on the situation, we may collect the following types of personal information:

1. Identification and Contact Details:

   • Name, ID number, address, nationality, email, and phone number.

2. Financial Information:

   • Payment details such as credit card information.

3. Technical Information:

   • IP address and other internet-related technical data.

4. Cookies and Online Behavior:

   • Information about website usage and online preferences.

5. Marketing Preferences:

   • Data related to your selection of marketing communications, if chosen.

6. Booking and Stay Details:

   • Booking numbers, room numbers, special requests, stay duration, and other relevant information.

7. Social Media Interactions:

   • Communications via social media platforms.

In specific cases, we may collect sensitive personal information, such as details about food intolerance and allergies, to ensure guest safety and comfort.

Purpose of Data Collection

We process personal data strictly for the following purposes:

• Managing bookings and providing services to hotel guests.

• Organizing and overseeing events held at the hotel.

• Conducting marketing activities and data analysis.

• Ensuring security and protecting property, including the use of surveillance systems.

• Addressing guest inquiries, complaints, and feedback.

• Complying with legal obligations.

• Arranging tours and activities with third-party providers.

Website Usage Data
When you visit our website (gamliskolinnhotel.is), we collect certain information such as:

• IP address

• Browser type and version

• Duration and timing of your visit

• Pages accessed within the site

This information helps us improve user experience and manage site performance effectively.

At Gamli Skólinn Hotel, we prioritize transparency and ensure that all data handling is compliant with relevant laws and conducted with respect for your privacy.

Legal Basis for Processing

At Gamli Skólinn Hotel, we collect and process personal information based on the following legal grounds:

1. Fulfilling Contractual Obligations:

   • This applies primarily when individuals book stays or engage in services with us.

2. Complying with Legal Requirements:

   • Certain data, such as accounting records, are processed to meet legal obligations, including compliance with accounting laws.

3. Protecting Legitimate Interests:

   • This includes ensuring the security of our property through surveillance and managing collections for unpaid obligations.

4. Consent-Based Processing:

   • Personal information is processed for marketing purposes only with the explicit consent of the individual. Consent can be withdrawn at any time, and individuals can unsubscribe from communications via the link provided in our emails. Please note that withdrawing consent does not affect the processing conducted before the withdrawal.

Storage of Personal Information

We retain personal information only as long as necessary to fulfill its intended purpose. For example: Accounting records: Stored for seven years in compliance with the Accounting Act No. 145/1994.

Sources of Personal Information

We collect personal information directly from individuals and, in some cases, from third-party sources, including:

• Booking platforms

• Review sites

• Travel agencies

Sharing Personal Information with Third Parties

Gamli Skólinn Hotel does not sell personal information. However, we may share it with third parties in the following circumstances:

1. Legal Compliance: When required by law.

2. Service Providers and Contractors: For tasks such as:

   • Managing bookings

   • Analysis and targeted advertising

   • Maintaining IT and telecommunications services

   • General Management of email communications and mailing lists

When working with processing parties, we establish agreements that ensure data is handled securely and only for the specified purposes.

Third-Party Privacy Policies
Please note that Gamli Skólinn Hotel’s Privacy Statement does not cover how third parties handle personal data. For example:

• Financial services: Providers like Rapyd for electronic payments.

• Social media platforms: Providers such as Facebook and Google.
  We encourage you to review the privacy policies of these organizations.

Data Security and Breach Notifications

Protecting your personal data is a top priority. Gamli Skólinn Hotel takes appropriate technical and organizational measures to safeguard information. In the event of a data breach that poses a significant risk to your rights and freedoms, we will notify you promptly.

Public Information
Please note that information shared on our social media platforms (e.g., Gamli Skólinn Hotel’s Facebook page) is considered public. Gamli Skólinn Hotel does not control or take responsibility for how such information is used or disclosed. We recommend refraining from sharing sensitive information on social media and reviewing the privacy policies of these platforms.

Your Rights

Under applicable privacy laws, you have the following rights regarding your personal data:

1. Access and Information:

   • Request details about the personal information on what Gamli Skólinn Hotel has about you and its origin, as well as information on the manner in which your personal information is processed

2. Data Portability:

   • Access to the personal information processed about you and to request that such information is sent to a third party

3. Correction:

   • Update or correct your personal data if it is inaccurate.

4. Deletion:

   • Request that Gamli Skólinn Hotel deletes your personal information if there are no objective reasons or legal obligations to store such information

5. Restriction or Objection:

   • Submit your objections if you wish to limit or prevent the processing of your information

6. Withdraw Consent:

   • Withdraw your approval for data collection and processing when the processing is based on your consent.

To exercise any of these rights, please contact us at info@gamliskolinnhotel.is.

Filing Complaints
If you believe your data protection rights have been violated, you may file a complaint with the Icelandic Data Protection Authority. More information can be found on their website: www.personuvernd.is.

Further information

If you would like more information about issues relating to your personal information, please contact us at Gamli Skólinn Hotel. We’re here to assist with any questions or concerns.

Gamli Skólinn Hotel
Stórigarður 6
640 Húsavík
+354 859 4253
info@gamliskolinnhotel.is

Review of the Gamli Skólinn Hotel Privacy Statement

The most recent update of the policy was on 29.11.2024.