Here you will find detailed information about Grend's privacy policy.
At Grend, we process your personal data in various contexts, such as when you book services from us, stay in our nature suites, use the services we provide, and in some other contexts. Our privacy policy provides more information about how we handle personal data. Below, you will also find contact information if you have any questions or wish to request access.
We process your personal data in accordance with the current Norwegian Personal Data Act, including GDPR.
Our company, Grend AS, org. no. 929 030 729, Klostergata 30, 3732 SKIEN, tel. +47 400 36 511, email booking@grend.no, is the data controller for the processing of personal data in our central systems for booking, billing, and operations. When you book, stay, and pay with us, Grend is the data controller.
In connection with your reservations made by you or by others on your behalf, we process the personal data necessary to fulfill the agreement on booking and purchasing services. This information is provided directly by you or through a travel agency or agent. For example, we process information about your identity, contact details, and payment information. In some cases, we may store your passport number. Additionally, we process other information you may have provided that is relevant to your stay with us, such as information about allergies or special requests. We register all purchases and orders of products with us at Grend.
We process this information as long as it is necessary to fulfill the booking agreement with you and as long as applicable law or governmental regulations require us to do so. We log access to our nature suites for crime prevention and safety reasons, including fire safety.
If you sign up for our newsletters, we store and use your email address to send you news and offers from us. We will also use your email address or phone number to send you news and offers under the rules of existing customer relationships. Our basis for this is marketing legislation.
We will contact you on social media with your consent or within existing customer relationships. To use social media as a communication channel, we may provide your email address or phone number to the social media platform. Our basis for this is consent or legitimate interests.
We will process data, including personal data, for troubleshooting and correcting errors, improving our services and technology, and analyzing usage and user behavior. Additionally, we will process personal data to verify your identity, including in connection with your use of our digital services.
We anonymize data or prepare statistics as much as possible, but we may also need to process personal data for development, troubleshooting, statistics, and security purposes.
If you contact our customer service or otherwise reach out to us with inquiries, we will process the personal data you provide to the extent necessary to respond to and log your inquiry. We also keep a record of which newsletters and offers we send out and whether they are opened. The basis for this is legitimate interests or to fulfill agreements with you or respond to your inquiries. The legitimate interests are to provide good customer service and to adjust the amount of newsletters sent.
We do not disclose your personal data to third parties unless you have consented to this, or unless applicable law, including the Personal Data Act and GDPR, valid governmental regulations, or court orders allow or require us to do so.
Please note that our use of data processors to process information on our behalf is not considered disclosure.
To ensure we have accurate information about you, we may verify your information against other sources such as telephone directories, population registers, and similar. In some cases, it may be necessary to perform a credit check on our customers, which means obtaining credit data from other sources. We collect demographic information such as age, gender, and language from other sources. We collect information from our partners and other parts of our group when this is legal and necessary for the delivery of services and communication to you.
As an individual, you have several rights under the personal data regulations. You have the right to request access, correction, or deletion of the personal data we process about you. You also have the right to request restricted processing, object to the processing, and request data portability.
You can send other inquiries to us via email at booking@grend.no. We will respond to your inquiry as soon as possible, and no later than within 30 days.
We will ask you to confirm your identity or provide additional information before allowing you to exercise your rights with us. This is to ensure that we only grant access to your personal data to you and not to anyone pretending to be you.
We have our own Data Protection Officer at Grend. The Data Protection Officer is responsible for all our companies and all personal data we process in the countries where we operate.
The Data Protection Officer is our contact point for the Data Protection Authority. The Officer provides Grend, our data processors, and our employees with advice and guidance on the processing of personal data and the rules for this. The Officer works to ensure our compliance with the personal data regulations and our internal guidelines.
The Officer can also help you exercise your rights with us or answer questions about your personal data with us. You can contact our Data Protection Officer at booking@grend.no.
If you believe that our processing of personal data does not match what we have described here or that we otherwise violate the privacy regulations, you can alternatively file a complaint with the Data Protection Authority in Norway or the supervisory authority in the country where you reside. You can find information on how to contact the Data Protection Authority on their website www.datatilsynet.no.
We use several data processors to provide our services to you. Our primary data processor is our booking system, Mews. This means that personal data related to accommodation bookings are processed in Europe with Mews as our data processor.
We use cookies to improve the user experience on our website. A cookie is a small text-based data file placed on your device (your smartphone, computer, or tablet). The cookie helps recognize the type of content and pages visited on our site. Information stored using a cookie can include how you use the website, the type of browser you use, and which pages you have visited.
A permanent cookie remains on your device for a specified period. A session cookie is temporarily stored in your device's memory while you are on our website. The session cookie disappears when you close your browser. We use both permanent cookies and session cookies. Grend may also use third-party cookies.
If you do not want our website to place cookies on your device, you can disable cookies in your browser. Disabling cookies will reduce the functionality of our website.
We continuously work on developing and improving our services for our guests. This may change the way or scope of our processing of personal data. The information we provide through this privacy policy will therefore be adjusted and updated periodically. We will also change the privacy policy when new regulations or governmental practices make it necessary.