1. DATA CONTROLLER FOR YOUR PERSONAL DATA
The data controller decides the purposes for and the means by which personal data is processed.
c/o Oro Hotelldrift AS
Sørkedalsveien 6, 0369 Oslo
Postboks 5930 Majorstua, 0308 Oslo
2. THE INFORMATION ATT COLLECTS FROM YOU
When you register a booking with Att, or to receive our Newsletter on the Website, we will collect and process certain information about you. The type of information Att collects can be sorted into the following categories:
i. Personal information; i.e. information that can be used to identify an individual person, including name and surname, age, sex, date of birth, title/position, credit card information or other financial information, home address or other address, email address, phone number and other contact information, log of activity on user profile and advertising.
iii. Your IP address and other information about your computer; Att may collect and store your IP address (the number that identifies your computer on the internet) and other information about your computer for system administration purposes (e.g. to calculate how many users that have accessed and used the Website). The IP address will only be stored for the duration of the visit on the Website and will thereafter be either deleted or anonymized.
In order to detect and delete cookies, you can change the settings in your browser. The “Help” function of your browser can help you configure your browser to prevent cookies or delete existing cookies. You can also learn how to block all new cookies on your browser and which configuration steps are required to receive a notification about new cookies. However, please note that if you choose not to accept cookies, your access to certain functionality on the Website may be restricted.
4. WHERE IS YOUR PERSONAL DATA COLLECTED?
Personal data is collected through your use of the Website, from the form you complete when you register for a Newsletter, or from the information you provide to Att in connection with your booking.
5. HOW ATT USE YOUR PERSONAL DATA
Att will use the personal data you provide to us or that we collect through your use of the Website for the following purposes:
i. to fulfill an agreement with you, i.e. to offer you accommodation;
ii. to enable you to book accommodation directly from the Website;
iii. to improve our services, the content of the Website and other relevant platforms, for example by collecting and processing data for internal statistical purposes, administration and marketing of Att. This includes identifying general utility models to enable Att to improve its services and the Website;
iv. to respond to your questions and inquiries;
v. to provide you with information on new and other services offered by us;
viii. to comply with applicable laws and regulations;
6. CONSENT AND OTHER LEGAL BASIS’ FOR PROCESSING OF PERSONAL DATA
In order to process your personal data, Att requires your consent or other legal basis. Consent can be given upon request from us, or by voluntarily giving Att the information through a booking, the Website or other relevant platforms for us.
You can withdraw your consent at any time by sending an email to firstname.lastname@example.org. Note that certain services provided through the Website, such as booking accommodation is dependent on the processing of certain information regarding the customer, and that a withdrawal of consent may involve that the user will not be able to make a reservation through the Website.
Other legal bases for processing can be such processing of personal data that is necessary for Att to comply with all applicable rules and regulations to which Att is subject, e.g. statutory rules related to storage for accounting purposes.
Your personal data will not be stored for a longer period than necessary for us to fulfill the above mentioned purposes.
7. DISCLOSURE TO THIRD PARTIES
We may disclose your personal data to suppliers and sub-suppliers who perform services for us, to enable Att to provide you with services. (for example, make use of suppliers for hosting of the Website, to facilitate contact with customers via email or SMS, payments systems, etc.)
Suppliers and sub-suppliers may only use your personal data for the purposes the data was collected for, and to perform its assignments. Any such disclosure of personal data to suppliers and sub-suppliers will be governed by and done in accordance with a data processor agreement.
8. PROTECTION OF YOUR DATA
Att takes the privacy rights of our users seriously and has taken reasonable steps to protect the user’s privacy, including physical, technical and organizational measures, to prevent loss, alterations, theft and unauthorized access to information stored and otherwise processed by Att.
9. LINKS TO THIRD-PARTY WEBSITES
10. YOUR RIGHTS
You have the right to require access to the personal data we have collected about you.
You have the right to demand for your personal data to be deleted at any time. Upon such an inquiry, all your personal data will be deleted, unless statutory obligations or legitimate interests require continued storage. Anonymized information, i.e. information that cannot be linked to you, may be subject to continued storage.
Contact us as described above (see section 1) if you want to exercise your right to:
i. get information about what personal data has been registered on you;
ii. change or update the stored data and correct any errors in that data;
iii. request that unnecessary data is erased;
iv. stop receiving emails from us, such as newsletters and similar;
v. withdraw your consent to the collection, processing, use or disclosure of your personal data to third parties;
vi. request information about your right to data portability, i.e. your right to obtain, reuse and transfer personal data provided to Att to another IT environment;
If you believe that our processing of your personal data infringes relevant data protection regulations, you are entitled to lodge a complaint with the supervisory authority. In Norway, this is Datatilsynet.