─ Last changed 2023-11-15
2. Who is responsible for personal data?
2.1 Hotell & restaurant Söder om Söder AB (in this policy referred to as “Hotel Point”) is responsible for the processing of your personal data when Hotel Point provides and markets products and services and in other contacts with Hotel Point, such as visits to our website or service matters via e-mail and telephone. As a personal data controller, it is Hotel Point’s responsibility to ensure that your data is handled correctly and securely in accordance with applicable legislation.
2.2 The business transactions with our customers as well as associated personal data and databases covered by this infrastructure are managed and owned centrally by Hotel Point. Hotel Point thus has the controlling influence over your personal data.
3. What personal data about you do we process?
Hotel Point collects and processes the following categories of personal data about you as a customer or potential customer in connection with making purchases, using our services and in connection with marketing and promoting our products and services.
Contact information such as name, title and certification rights, e-mail address, delivery address, billing address and telephone number.
Account information such as customer number, username, password and when the account was registered or changed.
The customer’s choice of settings for marketing communications and personalized offers
Identification number, i.e. social security number or organization number.
Order information such as order number, ordered products or services, order date, price, any discount and purchase history.
Payment details such as payment method, card number, cardholder, transaction time, amount, IP address and payment history.
Financial information such as credit reports.
Correspondence and other information about support matters such as audio recordings of calls, notes and emails when contacting customer service.
User-generated data about your interaction with Hotel Point’s marketing communications and websites, such as IP address, device information (technical information about the computer, mobile phone and other devices you use such as browser settings, time zone, operating system), location information, survey responses and click and visit history such as shows which of our products or offers you were interested in, how you interact with our newsletters and which of our events you have registered for and participated in, as well as results from customer satisfaction or market surveys.
Behavior and/or preferences such as event participation, Hotel Point customer experience reviews, and in-store activity patterns to evaluate suspected crimes.
If you are entitled to take advantage of various offers or discounts through membership in various associations or organizations that have negotiated agreements with Hotel Point for their members.
Information provided in competition entries and registration for and evaluation of events or other marketing efforts, including health data such as information about allergies.
4. From what sources do we collect information about you as a customer?
4.1 Hotel Point collects your personal data directly from you when you place an order, visit Hotel Point’s website, participate in our events, click on links in digital marketing communications that we have sent you, are in contact with our customer service and when you otherwise case contact Hotel Point and provide information about yourself. Information about you is collected on these occasions so that you can enter into an agreement with Hotel Point and so that Hotel Point can provide its products and services to you.
4.2 If you are the holder of a Hotel Point account, Hotel Point also collects personal data about you when registering the account and during the time you are the account holder, e.g. your purchase history, your behavior on Hotel Point’s website, your customer choices to receive marketing communications and which offers you have been interested in by visiting our online store and by reading or clicking on links in our digital mailings.
4.3 In addition to the information that Hotel Point collects from you, we may also collect personal data from someone else, i.e. from third parties. We collect information from public records through third-party address update services, to verify that we have the correct contact information for you. We collect credit rating information from credit rating agencies, information companies or banks. We also collect information for marketing purposes from social media.
5. Why do we process personal data about you?
Hotel Point collects and processes information about you for various purposes. These purposes set the external framework for what we may use your personal data for. Below we explain the purpose of our processing and give examples of which processing activities take place under each purpose. Please note that some of your personal data may be processed for multiple purposes.
a) Provide customized information, benefits and offers and provide a personalized experience when we communicate with you
We at Hotel Point want you to have the best possible experience when you visit our website and when we communicate with you. Therefore, we process personal data for this purpose so that we can improve your user experience in order to create, offer and provide you with personalized content in communications and marketing via post, email, SMS/MMS and telephone with individual benefits and offers, recommendations, invitations to events and other information that we think is relevant to you. To enable this, analyzes are made of the information that Hotel Point collects, such as age, place of residence, order history and user-generated data.
Read more about how we adapt our offers and communications to your personal characteristics and how you can reject personalized offers here. The collection of information that we do for this purpose is based on consent. Consent can be revoked at any time by contacting us at email@example.com
b) Provide information about and market products and services
We process personal data for this purpose in order to inform you via post, e-mail, sms/mms and telephone as well as market the products, services and offers that Hotel Point sells, show recommendations and invite you to events, competitions and market and customer satisfaction surveys.
c) Conduct and manage participation in events, competitions and other marketing activities
The processing of personal data for this purpose includes measures to e.g. identify entrants, communicate with entrants in a contest and select winners and award prizes, verify entrants’ age, and communicate with entrants before and after an event (such as entry confirmations, reminders and evaluations). Please note that information about your participation in events falls under the category of user-generated data processed for other purposes.
d) Handle matters received by Hotel Point’s customer service or other support functions
The processing of personal data for this purpose includes Hotel Point’s operations to e.g. communicate, ensure the customer’s identity, investigate complaints and support matters, answer questions that come to customer service or other support functions via e-mail, phone or digital channels, correct incorrect information, provide technical support and nurture the customer relationship.
e) Fulfill legal obligations required by Hotel Point
Personal data is processed for this purpose so that Hotel Point can meet the requirements of laws, judgments or authority decisions. Examples of such requirements are product liability and product safety such as the production of communication and information about product alarms and product recalls (e.g. in the event of a defective or dangerous product) and obligations to store certain information according to the Accounting Act that can be attributed to. to an individual. If the information Hotel Point collects in connection with this purpose is not provided, our legal obligation cannot be fulfilled and in that case we can deny you the order, purchase or activity that gives rise to our legal obligations.
f) Evaluate, develop and improve Hotel Point’s services, products and systems for our customers in general
To fulfill this purpose, Hotel Point performs general analyzes in aggregated form, i.e. not at an individual level, regarding, among other things, click and visit behavior, device information, order history, payment history, geographical location and individual customer feedback.
6. What are the legal grounds for our processing of your personal data?
In order for Hotel Point to have the right to collect and process your personal data, there must be a legal basis for each purpose for which the data is processed. The legal grounds on which we base our processing are described in this section. Please note that several legal grounds may apply to the same processing.
a) Legal obligation
This basis means that our processing is necessary to fulfill a legal obligation required by Hotel Point, for example to document payment information to meet the requirements of the Accounting Act.
b) Contractual obligations
This basis means that the processing is necessary to fulfill an agreement with you as a customer or to be able to enter into one speech at a later stage. For you who are the holder of a Hotel Point account, by accepting the Terms and Conditions for a Hotel Point account, you have entered into an agreement with Hotel Point that sets the framework for the processing of your personal data that may take place in order to provide, manage and administer our services linked to the Hotel Point account, e.g. analysis of your personal characteristics to provide you with personalized benefits and offers. When ordering or purchasing, we process your data to fulfill obligations in accordance with Hotel Point’s general terms and conditions of sale. Then it can e.g. It may be necessary for Hotel Point to register your contact details so that we can fulfill our obligation to deliver the product or service and that we make a credit report if you choose invoice as a payment method so that we can ensure your ability to pay.
c) Legitimate interest
This basis means that our processing is based on a so-called balance of interests of legitimate interest. This means that the processing takes place because Hotel Point considers that we have a legitimate interest in processing your personal data that outweighs your interest in not having the personal data processed. On this basis, we process your personal data, among other things, to prevent misuse of the Hotel Point account and to prevent, prevent and investigate crimes within the scope of our business. If we judge that a crime or attempted crime has been committed and we make a police report, Hotel Point will also continue to process your personal data so that we can establish, defend or make a valid legal claim.
This basis means that we process your personal data when you have given your express consent to our processing. For example, Hotel Point obtains your consent to process personal data about allergies when ordering food for events. You have the right to withdraw your consent at any time. The withdrawal of consent shall not affect the legality of processing based on consent, before this withdrawal.
7. How long do we store your personal data?
Hotel Point will retain your personal data for as long as is necessary to fulfill the purposes for which the data is processed. The length of the storage period therefore depends on the purpose for which the data is processed. In addition, Hotel Point may save the data longer if necessary to establish, defend or assert a legal claim, e.g. if there is a dispute or if a crime report has been submitted to the Police Authority. We regularly thin out and delete personal data that is no longer necessary.
8. Who do we share your personal data with?
8.1 Hotel Point may disclose your information to other companies in order for you to benefit from our offers, products and services. The recipients of your personal data can either be personal data assistants to Hotel Point, i.e. companies that process your data on our behalf and according to our instructions, or independent personal data controllers, i.e. companies that are independently responsible for the processing of your data as they have a direct relationship with you as a customer such as Klarna.
8.2 Hotel Point may also disclose your information to authorities if it is necessary to comply with laws, regulations or authority decisions or for Hotel Point to be able to establish, defend or assert legal claims.
8.3 Depending on the contacts you have had with Hotel Point, e.g. if you are a Hotel Point account holder or receive marketing communications, Hotel Point may disclose your personal information to the following recipients:
Other companies within the Hotel Point group that act as personal data assistants to Hotel Point in order for us to fulfill the various purposes set out in this policy. The legal basis for the transfer to our group companies is the same as for our own processing.
Companies that provide information from the civil registry or other public records to ensure that we have the correct contact information for you so that we can manage your orders and purchases as well as your Hotel Point account and the services connected to your account holdings. The information provided is identification number and contact information based on our contractual obligations to you as a legal basis.
Analytics and marketing companies that provide services such as automated marketing tools, analytics, communications, printing and distribution. These recipients help Hotel Point analyze your information and inform and promote the products and services that Hotel Point sells. The information provided is contact information, account information, customer selection, order information and user generated data based on legitimate interest and our contractual obligations to you as the holder of the Hotel Point account as a legal basis.
State authorities, such as the Swedish Police Agency, The Swedish Tax Agency, to whom we are obliged to disclose your personal data according to law or authority decision or to whom we disclose personal data due to suspicion of crime or attempted crime. The categories of information provided are contact information, identification numbers, account information, order information, payment information, user-generated data and video recordings based on legal obligation owed to Hotel Point or to enable us to establish, defend or assert legal claims.
8.4 If you place an order or make a purchase from Gion, we may also disclose your personal information to the following recipients in the context of processing your orders and purchases based on our contractual obligations to you as a legal basis:
Suppliers, manufacturers, distributors and subcontractors of products and services sold by Gion who, among other things, provide the products and services and assist us with support services such as maintenance, repair and disposal of returned products. The information provided is contact information and order information.
Logistics companies and freight forwarders who help us with freight transport so that we can deliver our products and services to you. We provide contact information and order information to these recipients.
Insurers who provide insurance for some of our products and services. The information provided when you have chosen to take out insurance is contact details and order details.
Partners and providers of payment solutions, e.g. card processing companies, banks, credit institutions and other financial actors, who ensure that you can make payments and offer you various financing solutions. The information provided is contact information, social security number and payment information.
Credit rating agencies, credit reporting companies or banks that provide us with data so that we can ensure your ability to pay, e.g. credit information, when you apply for credit within the framework of managing your orders and purchases. The information provided is the identification number.
Companies that provide financial services such as ledgers and collection activities that ensure Gion is paid for products and services delivered in the context of managing your orders and purchases. The information provided is contact information, identification number, order information and payment information.
8.5 Gion will not sell your personal information to third parties unless we have your permission to do so.
9. Where do we store your personal data?
Hotel Point will mainly handle your personal data within the EU/EEA. However, we can also transfer your personal data to a country outside the EU/EEA if we need to share your data with Hotel Point’s suppliers or partners who are located outside or store personal data in a country outside the EU/EEA. If your personal data is transferred to a country outside the EU/EEA, Hotel Point will take the necessary steps to legally transfer the personal data by ensuring that your personal data is handled securely and with an adequate level of protection comparable to the protection offered within the EU. / EEA, for example by entering into an agreement with the recipient that contains the EU Commission’s standard contractual clauses.
10. What rights do you have as a customer?
10.1 Hotel Point is responsible for your personal data being processed in accordance with applicable law. This section describes your rights related to our processing of your personal data. We will, at your request or on our own initiative, correct, de-identify, delete or supplement information that proves to be incorrect, incomplete or misleading. If you have any questions about this or wish to exercise any right, please contact us using the information at the bottom of this policy.
a) The right to access your personal data
We at Hotel Point want to be open about how we process your personal data. If you want to gain insight into the processing that we do about you, you have the right to request information about the processing, including a copy of your personal data that is being processed, a so-called register extract. This includes information about purposes, categories of personal data, categories of recipients of personal data, storage time or the criteria for determining the storage period, information about where the data has been collected and the existence of automated decision-making including information about the logic behind it and the meaning. of processing. Please note that when requesting access, we may ask for additional information about you to ensure that we disclose the information to the right person and what information you want to receive.
b) The right to correct your personal data
Hotel Point is committed to having accurate and up-to-date personal information. If the information we have about you is incorrect, you have the right to request that it be corrected taken. You also have the right to complete any incomplete personal data, e.g. if we have the correct street address but no street number. At your request, we will as soon as possible correct the incorrect or incomplete data that we process about you.
c) The right to delete your personal data
We respect that the personal data we process about you is borrowed from you. You therefore have the right to request that Hotel Point delete your personal data when the data has been processed unlawfully, must be deleted to fulfill a legal obligation to which Hotel Point is subject, is no longer necessary for the purposes for which it has been processed or when you object to a balancing of interests of legitimate interest that Hotel Point has done and there is no legitimate interest of Hotel Point or a third party that outweighs (see section f below) for information on the right to object). However, we cannot always comply with your request as there may be reasons that give us the right to continue processing, e.g.
d) Right to data portability
You have the right to receive a copy of the personal data concerning you in a structured format and in some cases to have the data transferred to another personal data controller. However, this right only covers information that you yourself have provided to Hotel Point and that we process with the support of consent or contractual obligation towards you as a legal basis.
e) Right to restriction of processing
You have the right to request that our processing of your personal data be limited in certain situations, which means that the data may only be processed for certain purposes. You can e.g. request limitation of incorrect information when you have requested correction. While Hotel Point investigates the accuracy of the information, processing will be limited. When processing is limited, personal data shall only be processed, with the exception of storage, when the following are available:
A. The data subject has given his consent to processing
B. Hotel Point Needs to Pursue or Defend Against Legal Claims
C. To protect the rights and freedoms of another data subject or legal entity
D. For reasons of general importance to the European Union or the Member State
f) The right to object to a certain type of treatment
When Hotel Point processes your personal data based on a balance of interests of legitimate interest as a legal basis or for direct marketing, you have the right to object to our processing. An objection to Hotel Point’s balancing of interests can be made when you have personal reasons relating to the situation. In the event of such an objection, Hotel Point assesses whether we have legitimate grounds for the processing that outweigh your interest in protecting your privacy. If this is the case, Hotel Point can continue to process your personal data even though you have objected to the processing. You can object to direct marketing and analyzes carried out for direct marketing purposes without giving any reasons. You control this yourself through the settings on My pages, where you choose whether you want to receive marketing communications and personal offers. In addition, you are given the opportunity to object to marketing for each individual digital mailing. If you object to direct marketing, we will stop processing your personal data for that purpose as well as all types of direct marketing measures such as sending newsletters and offers. If you only object to personal offers, the marketing communication to you will be general, as it is difficult for us to assess which marketing is relevant to you if we are not allowed to analyze your personal characteristics. Read more about how we adapt our offers and communications to your personal characteristics and how you object to such processing under If you object to direct marketing, we will stop processing your personal data for that purpose as well as all types of direct marketing measures such as newsletters and offers. If you only object to personalized offers, marketing communications to you will be general, as it is difficult for us to assess which marketing is relevant to you unless we are allowed to analyze your personal characteristics. Read more about how we adapt our offers and communications to your personal characteristics and how you object to such processing under If you object to direct marketing, we will stop processing your personal data for that purpose as well as all types of direct marketing measures such as newsletters and offers. If you only object to personal offers, the marketing communication to you will be general, as it is difficult for us to assess which marketing is relevant to you if we are not allowed to analyze your personal characteristics. Read more about how we adapt our offers and communications to your personal characteristics and how you object to such treatment during as we have difficulty assessing which marketing is relevant to you if we are not allowed to analyze your personal characteristics. Read more about how we adapt our offers and communication to your personal characteristics and how you can object to such treatment as it is difficult for us to assess which marketing is relevant to you if we are not allowed to analyze your personal characteristics. Read more about how we adapt our offers and communications to your personal characteristics and how you can object to such treatment under the Hotel Points account terms.
10.2 If you think that we are handling your personal data incorrectly, you are welcome to contact us. Contact information is at the bottom of this policy. You also have the right to submit any complaints regarding the processing of your personal data to the Swedish Data Protection Authority, which is the responsible supervisory authority for the processing of personal data in Sweden.
11. How do we protect your personal data?
You should always be able to feel safe when you provide us with your personal data. Hotel Point has therefore taken appropriate technical and organizational security measures to protect your personal data against inappropriate or involuntary disclosure, use, unauthorized access, deletion, alteration or damage to your personal data. For example, all customer information is stored in a database that is protected by a firewall and access control, so only Hotel Point employees who need access to your information to perform specific tasks have such access.
13. Contact information
Are you a consumer? Please send an email to firstname.lastname@example.org.
Do you represent a company? Please send an email to email@example.com.
You can also reach our special employees who work with the processing of personal data via e-mail at firstname.lastname@example.org.