- Data controller
- How does Core Hospitality collect personal data?
- What information does Core Hospitality collect?
- How may Core Hospitality share your personal information?
- What is the purpose of collecting personal data?
- The legal basis for processing
- Your rights
- Withdrawal of consent
- If you apply for a job at Core Hospitality
- Storage security
1. Data controller
Core Hospitality is a hotel operator, which handles all personal data in accordance with existing laws. Core Hospitality provides a range of services, which each has its own terms and conditions. When booking a service and submitting your personal information to any of the hotels that are operated by Core Hospitality, you accept the policies of that specific brand and you give Core Hospitality consent to process these data.
2. How does Core Hospitality collect personal data?
Personal data is collected during several circumstances. These include but are not limited to:
- When buying or requesting the use of one of Core Hospitality’s services
- When booking a room, venue or other service through business partners, e.g. franchisors
- From persons acting on your behalf
- When requesting a quote on a service
- When requesting a corporate agreement
- Via browser cookies (see more in item 11)
- When signing up for Core Hospitality’s newsletter
- When applying for a job at Core Hospitality or one of its hotels
- From social media, advertising and analysis providers as well as public registers
- Via TV surveillance*
*TV surveillance is situated in the joint facilities of the hotels. Generally, these are found by the hotel’s entrance and in employee areas, such as the reception and the bar. Surveillance is installed to create a sense of security for our employees and our guests.
3. What information does Core Hospitality collect?
Core Hospitality collects, among other things, the following personal data:
- Name, address, phone number, e-mail address and birthday
- Credit card information
- Demographic information
- Purchase history
- Feedback through customer surveys
- Feedback through social media and other digital platforms
- Browser information
- Information about your company and relevant contact persons
In some cases, Core Hospitality is supplied with further information from third-parties, such as employers, business partners, and group managers. It is the third-party’s responsibility to inform the involved guest of Core Hospitality’s terms and conditions as well as obtaining consent to register and process sensitive data.
4. How may Core Hospitality share your personal information?
Core Hospitality may share personal information with our business partners. These can be defined as follows:
- Franchisors: Personal data is shared with franchisors of the brands that Core Hospitality operate. This is for the purpose of providing the purchased service.
- Service providers: Personal data may be shared with third-party service providers that offer services, such as website hosting, data analysis, payment processing, related infrastructure provision, customer service, email delivery and others.
We refer you to Core Hospitality’s franchise partners’ data policies for further information:
5. What is the purpose of collecting personal data?
Core Hospitality only gathers personal data that is necessary to complete the purpose of the concerned services. It is thus the individual service that determines the personal data, which is being collected and for what purpose. The purpose can be one or more of the following:
- Processing of your booking
- Contact with you before/during/after your stay
- Development of services
- Customization of communication and marketing
- Analysis of user behavior
- Compliance with legal requirements
6. The legal basis for processing
Core Hospitality processes your personal data as it is necessary to comply with a contract. This could be in relation to a hotel stayover, a group booking, or a corporate agreement. Core Hospitality also processes your personal data to complete certain actions upon request.
Processing may also occur for the purpose of the legitimate interests pursued by Core Hospitality, e.g. statistics, customer surveys, interest-based marketing, and analysis of general customer behavior with the purpose of developing Core Hospitality’s services.
Core Hospitality is also legally obliged to process your personal data. The law prescribes certain personal data that must be registered upon registration at check in.
7. Your rights
In accordance with the EU General Data Protection Regulation, you have the following rights:
- You have the right to obtain access to a copy of your personal data that Core Hospitality processes. Access may be limited to protect other people’s private lives, trade secrets, and intellectual property rights.
- You have the right to update the personal data that Core Hospitality has registered about you.
- You have the right to delete the personal data that Core Hospitality has stored about you. If you want your personal data deleted, all information that Core Hospitality is not required to save will be removed.
- You have the right to receive your personal data.
- You have the right to object to the processing of your personal data. The right to object only applies in certain circumstances.
8. Withdrawal of consent
Processing of your personal data is based on your consent, and you have the right to withdraw your consent. This means that the processing will be discontinued unless Core Hospitality is legally obliged to process said personal data in accordance with the law. If you want to exercise this right, please send a request to firstname.lastname@example.org. Core Hospitality will answer your request within a month after receiving it; should the request be complicated, the deadline will be extended by two additional months. For security reasons, Core Hospitality must verify your identity (e.g. by sending a copy of your driver’s license or passport) before your request can be processed. Requests are rejected if they demand disproportionate technical action or affect the protection of other people’s personal data.
9. If you apply for a job at Core Hospitality
When you apply for a position at Core Hospitality, the information that has been submitted in relation to your application will be processed. The information typically includes name, birthday, address, phone number, e-mail address, educational background as well as existing and previous employment. Core Hospitality may also ask you to send a copy of criminal record and may collect references from previous employers. Furthermore, candidates for specific positions are asked to complete a personality test, which is processed by Core Hospitality’s HR department and other relevant department managers. All of this information will be used for communication throughout the recruitment process and for assessing whether or not to offer the job to the candidate.
Personal data that is informed in the context of the recruitment process is stored in Core Hospitality’s HRM system, Emply. All relevant managers, the HR department, and IT administrators have access to the data with a personal login. If you are hired by Core Hospitality, your information will be stored in compliance with the personal data policy for employees.
Applications from candidates that are not hired will be stored for six months after the application was received. Core Hospitality obtains consent to store the candidate’s data in the recruitment system; after the first six months, consent will be obtained again if the candidate wishes for his/her data to remain within the system.
10. Storage security
Your personal data is protected at Core Hospitality. Internally, the organization has adopted procedures and rules about information security that protects your data from unauthorized publication and access from unauthorized persons. Core Hospitality has established procedures on assigning access rights, which ensure that the employees who process sensitive data are controlled through logging and monitoring. Your personal data is thus shared and forwarded internally at Core Hospitality with utmost care. The purpose of sharing the data internally is to be able to provide the optimal service.
In the event of security breaches that may affect high-risk discrimination, such as ID theft, financial loss, or other significant inconveniences, Core Hospitality will notify you as soon as possible. Core Hospitality’s security procedures are regularly revised when new technologies are developed and implemented.
Cookies are small pieces of data that are stored on your computer when surfing the web. Cookies are used to, among other things, register your behavior on specific websites and remember your profile the next time you visit the same website. The information that cookies register is often used for statistics or to improve your experience on a website. A cookie cannot contain a virus; it is thus not dangerous for your computer.
You can delete the cookies that have been stored on your computer when you want to. Below, you can find information that guides you through deleting cookies in different browsers.
- Internet Explorer
- Mozilla Firefox
- Google Chrome
- Flash cookies – all browsers
- iPhone, iPad and iPod
- Smartphones with Android
- Smartphones with Windows 7
If you have any questions, comments or complaints about Core Hospitality’s collection and processing of personal data, please contact us on:
2770 Kastrup, Denmark
Should we not be able to clarify the matter, you can then register a complaint with the Danish Data Protection Agency. Their current contact information can be found on www.datatilsynet.dk.