At Book Hem AS (“Hem” or “we”), we know that your privacy is important. We respect your privacy regarding any personal data we may collect while operating our service, either at this website (www.bookhem.com), or by using other services (collectively the “Services”). We are committed to be transparent regarding our privacy practices and to respect your rights in relation to personal data that is processed as a part of the Services.
1 DATA COLLECTION AND USE
1.1 DATA WE COLLECT
1.1.1 For the purposes of improving and developing our Services, providing you with the best customer experience, creating statistics for us and our business partners, integration, and analysis, we collect the following categories of personal data:
i. Personal preferences, name, booking reference, contact information (e-mail, telephone number and address), payment information and other information you provide to us when you communicate with us by using the Services; and
ii. Information relating to reservations, booking information (including booking reference and payment information) and travel-related information (details about your stay, booking number, dietary requirements, room service etc.)
1.1.2 In addition to the personal data mentioned in 1.1.1, we may collect and use other data which does not directly or indirectly identify you as an individual (such as aggregated data) for the purposes of improving our Services and your experience of the Services, benchmarking, studies, analysis, marketing, system administration, research and other similar purposes.
1.2 HOW WE COLLECT DATA
1.2.1 We collect information about you from a variety of sources, including but not limited to:
i. Directly from you when you interact with us, such as when you request a quote or an offer to rent an apartment or make a booking by using the Services;
ii. From our customers, business partners and other third parties, for fulfilling the service request. We may receive and collect information from these parties to provide you with the Services; and
1.3 HOW WE USE YOUR DATA
1.3.1 When you use the Services, Hem uses your personal data for the following purposes:
i. For providing you with the Services that you request, such as by providing you with a booking quote or offer, make a booking on your behalf and provide you with other information related to the service request;
ii. For developing and improving our services and providing you with the best customer experience; and
iii. For creating statistics and analysis related to the Services for us and our business partners and for creating a profile that we use in order to provide you with a personalized customer experience.
1.4.1 We will not contact our users via e-mail unless they’ve agreed to be contacted by us, or the party to whom we are operating as a service provider. We will respect all requests by people to block, discontinue, or otherwise opt-out of using e-mail to communicate with them.
1.4.2 While using our Services, we may send you links to external sites where payment information is collected, if use requires payments, including, but not limited to completion of booking of hotel, flight, restaurant, ordering food delivery, ground transport, activities or other services related to such.
1.4.3 We may use your email address to communicate with you when responding to your requests and to send information that you have requested, such as booking confirmations and similar.
1.4.4 With your consent, we may use your email address to send information about other products or services developed or provided by us. Upon your consent, we may receive a confirmation when you open an email from Hem if your computer supports this type of program. We use this confirmation to help us make emails more interesting and helpful and improve our service. We may also create a profile that we use in order to provide you with targeted marketing offers, product information or invitations that we deem are of your interest. You may at any time reserve yourself from marketing via electronic communication by following instructions in those messages or by contacting us at email@example.com or click here to learn how to unsubscribe.
2 LEGAL BASIS FOR COLLECTION
2.1 On most occasions, we process your data when we need to do this to fulfil a contract with you (for example, for fulfilling your request or billing purposes) or when we are required to do this by law (for example, to comply with record keeping obligations).
2.2 We also process your data when it is in our legitimate interests to do this and when these interests are not overridden by your data protection rights. Our legitimate interest is for example to be able to improve and develop the Services.
2.3 On some occasions, we process your data with your consent (for example, when you agree that we may place cookies or process information that you input into our website).
3.1 We do not sell or rent your personal data to third for direct marketing purposes. We may only share your personal data as follows:
i. With our business partners and other third parties where the disclosure is necessary in order to fulfill your request and for providing you with the best customer experience, typically for sending booking confirmations if you have booked any services through Hem. Our business partners are typically other actors in the hospitality industry such as hotels, payment providers, booking services, airlines and cruise boats;
ii. When required by law and/or government authorities. We may also share aggregated data with our business partners and other third parties for various purposes, such as for improving our recommendations for the Services, for developing the Services, for system administration, statistics, research and analyses. If you do not wish to provide your personal data to us, we may not be able to provide you with the Services you request.
4 YOUR RIGHTS
4.1 You have the right to request access, rectification, restriction and deletion of your personal data held by Hem. Inquiries regarding processing of personal data and access requests should be directed to the point of contact provided below.
4.2 You also have the right to object to some processing and, where we have asked for your consent to process your data, to withdraw this consent. Where we process your data because we have a legitimate interest in doing so (as explained above), you also have the right to object to this. These rights may be limited in some situations, for example, where we can demonstrate that we are legally required to process your data.
4.3 Your personal data will be retained as long as necessary for fulfilling the purposes of the processing. Your personal data will automatically be deleted after 3 years from inactive date. You can at any time send us a request to firstname.lastname@example.org and ask us to delete the information we have about you.
5 INFORMATION SECURITY
5.1 We are committed to keep your personal data secure and will protect your personal data by appropriate security safeguards against loss or theft, as well as unauthorized access, disclosure, copying, use or modification. We limit access to personal data to those who have a business need.
6 TRANSFER OF PERSONAL DATA TO OTHER COUNTRIES
6.1.1 In order to provide you with the Services, we transfer some personal data to an EU-US Privacy Shield certified processor in the USA. We will only transfer personal data to a third country outside the EEA that does not provide adequate protection if appropriate safeguards are provided, e.g. by entering unto EU Standard Contractual Clauses or if the receiving party is certified under the EU-US Privacy Shield.
6.1.2 We may transfer aggregated non-personal data to third parties (domestic and/or foreign) for the purposes of improving or developing the Services and for the proper functioning of the Service.
7 PRIVACY POLICIES OF THIRD PARTIES
8 CHANGES AND AMENDMENTS TO THIS POLICY
9 JURISDICTION AND APPLICABLE LAW