Privacy policy

1. Introduction

Dronningens Ferieby is a privately run, accessible holiday facility built in 1990 by The Danish Multiple Sclerosis Society, an organisation that works to combat MS. Its main object is to support Danes who have multiple sclerosis and to improve conditions for the many Danish families whose lives are affected by the disease. Dronningens Ferieby offers holidays in light, newly renovated chalets that have been tastefully decorated and designed with safety and freedom in mind, particularly for wheelchair users, people with reduced mobility and people who need extra flexibility or aids in their daily lives. Accordingly, all the holiday chalets at Dronningens Ferieby have been modernised to a high standard and thoroughly tested by no fewer than 10 groups of people with various disabilities – for example, people with multiple sclerosis or visual impairments, and wheelchair users. Dronningens Ferieby thus benefits numerous residential facilities, day centres, care centres and families.

According to law, we are required to inform you about how we process and disclose personal data. When, as a holiday village guest or an anonymous user, you visit Dronningens Ferieby’s website and possibly book a stay with us, as the data controller, Dronningens Ferieby (hereinafter ‘Feriebyen’) collects and processes a range of personal data.

We process personal data for certain general purposes:

  • To give you, as a user of Feriebyen’s website, a better visitor experience.
  • To enable us to improve and develop our products and services for the benefit of our guests.

The details are set out below.

2. Types of personal data

Categories of registered persons (data subjects) and of personal data

For all anonymous users:

  • We collect and process the following personal data when you visit Feriebyen’s website:
  • MAC address and other types of ID on the device, eg, tablets
  • The device used to access the given website (eg, tablet, smart device, PC)
  • Browser type, browser ID and language settings of the device
  • The website or app that referred you to the website in question
  • IP address
  • Geolocation of the device used, which includes mobile devices (either via the IP address or GPS coordinates of your device, subject to your active consent)
  • Any articles and pages you visit, and the time, duration and number of visits
  • Any video clips you may have played and their duration

For all users wishing to book a stay at Feriebyen:

In addition to the above data, we collect and process the following information:

  • Name
  • Address
  • E-mail address
  • Telephone no.
  • Need for daily living aids (which gives an indication of health data)
  • The Danish Multiple Sclerosis Society membership no. (which gives an indication of health data), which entitles the user to apply for a holiday village grant (discounted stay) if the user has multiple sclerosis.
  • For all users wishing to receive newsletters from Feriebyen:

We collect and process the following information:

  • Name
  • Address
  • E-mail address
3. Purpose

For all anonymous users:

We process personal data for these purposes:

Personalisation

  • To optimise and personalise your user experience, which includes an analysis of your user behaviour, selected content and interests to serve as a basis for recommending content we believe you’ll find interesting and relevant.
  • To personalise content on the basis of your personal preferences in terms of sporting activities, etc.

Business development

  • Statistical and analytical purposes so we can improve Feriebyen’s digital products and make them easier and better for our users and members. This entails, for example, improving technological solutions and the user experience across Feriebyen’s digital services and/or developing all-new initiatives and services.

Compliance with legislation and other legitimate purposes

  • Compliance with current legislation (eg, the EU General Data Protection Regulation and the Danish Data Protection Act) and other legitimate purposes.
  • Duty to provide documentation
  • Compliance with the basic principles governing personal data processing and the legal basis for the processing
  • Initiating and maintaining technical and organisational security measures, including measures to ensure operational stability and our options for protecting our services against any hostile attacks, eg, hacking.
  • Safeguarding Feriebyen’s legal interests, eg, in respect of the violation of user rights and legislation concerning, for instance, personal data and intellectual property rights.
  • Investigations of suspected security breaches or knowledge thereof, and reporting such breaches to individuals and authorities
  • Handling enquiries and complaints from data subjects and others
  • Handling inspections and enquiries from supervisory authorities
  • Settling disputes with data subjects and third parties
  • Statistical investigations and reports

For all users wishing to book a stay at Feriebyen:

We process personal data for these purposes (in addition to those mentioned above):

Personalisation

  • To tailor and personalise our communication with you

Active contact

  • To provide customer service if you direct enquiries to us
  • To enable you to ask questions, vote in competitions or in any other way submit comments and content to our organisation
4. The legal basis for collecting and processing personal data

For all anonymous users:

The information below concerns the legal basis for our data processing

Processing/legal basis

All anonymous users

Display of content, etc:
Article 6(1)(f) of the General Data Protection Regulation regarding legitimate interests; see section 6 of the Data Protection Act.

Feriebyen’s legitimate interest is to enable you to use and access public websites containing articles and information about Dronningens Ferieby.

Personalisation
Consent: see Executive Order no. 2011/1148 on Information and Consent Required for Storing and Accessing Information in End-user Terminal Equipment (the ‘cookie executive order’)

Business development
Article 6(1)(f) of the General Data Protection Regulation regarding legitimate interests; see section 6 of the Data Protection Act.

Feriebyen’s legitimate interest is our ability to further develop existing products and predict trends, future products and services.

Initiating security measures, etc:
Article 6(1)(c) of the General Data Protection Regulation, see articles 32–36; and Article 6(1)(f) of the General Data Protection Regulation regarding legitimate interests, see section 6 of the Data Protection Act.

Our legitimate interest is our ability to protect personal data.

For all users submitting consent to receive newsletters from Feriebyen (in addition to all those mentioned above)

Direct marketing purposes, etc:
Article 6(1)(f) of the General Data Protection Regulation regarding legitimate interests; see section 6 of the Data Protection Act.

Feriebyen’s legitimate interest is our ability to send you any marketing information and notifications you have requested, eg, via your permission for e-mail marketing; see Article 6(1)(f) of the General Data Protection Regulation regarding legitimate interests, section 6(1) of the Data Protection Act and section 10 of the Danish Marketing Act.

For all users wishing to book a stay at Feriebyen (in addition to all those mentioned above)

In connection with Feriebyen’s collecting and processing of sensitive personal health data. Article 9(2)(h)–(j) of the General Data Protection Regulation regarding conditions for the lawful processing of sensitive data and Article 6(1)(b) of the General Data Protection Regulation regarding the conclusion of contracts.

5. Voluntary submission

When we collect personal data directly from you, you submit this data voluntarily to gain access to the services we offer. You are under no obligation to provide us with personal data, but if you do not, you may be unable to book a stay at Feriebyen and thus access a range of Feriebyen’s services and products.

6. Disclosure of personal data

Feriebyen discloses personal data to third parties in the following situations:

In connection with travel planning, data is disclosed to the tour operator; see Article 6(1)(b).

7. Transfer of personal data to data processors and recipients outside the EU/EEA.

We use the providers we deem can help us best, and some of them process personal data in countries outside the EU/EEA. For instance, our data processors help plan travel in third countries outside the EU for which visa applications may be needed.

The legal basis for our international transfers is the EU’s ‘Standard Contractual Clauses’ for transfers from data controllers to data processors in non-secure countries outside the EU/EEA. The standard agreement is available in various languages via this link:

http://eur-lex.europa.eu/legal-content/EN/TXT/?qid=1401799946706&uri=CELEX:32010D0087, recipient’s code of conduct, certification or ‘Binding Corporate Rules’ (BCR). Transfers to the USA may also be based on the EU-US Privacy Shield.

8. Storage period

We store your personal data for as long as necessary for the purposes stated above. Data is stored in accordance with the rules on bookkeeping and limitation of criminal liability and liability in damages (mandatory time limits) if relevant. If this is not relevant, we erase personal data at an earlier time.

Under the Danish Bookkeeping Act (Bogføringsloven) the minimum storage period at present is the current calendar year plus five years.

9. Your rights

When data processing is based on your consent, you have the right to withdraw your consent at any time without this having any negative consequences for you. However, this withdrawal does not affect any processing or personal data transfer carried out prior to the withdrawal of consent.

Within the limits of the law, you have certain rights, including:

  • The right to access your personal data
  • The right to have incorrect personal data rectified
  • The right to have personal data erased
  • The right to have the processing of personal data restricted
  • The right to data portability
  • The right to object to the processing of personal data, including data related to automated, individual decision-making

Should you wish to exercise one or more of the above rights, you can contact us at post@dronningensferieby.dk. 

You are also entitled to complain to a relevant supervisory authority such as the Danish Data Protection Agency.

Comments relating specifically to objections

You are entitled – for reasons relating to your particular situation – to object to the processing of personal data based on Article 6(1)(e)–(f), including profiling based on these provisions. Thereafter, Feriebyen may no longer process personal data unless Feriebyen demonstrates compelling legitimate grounds for the processing that override your interests, rights and freedoms, or if the processing is necessary for the establishment, exercise or defence of legal claims.

If your personal data are processed for direct marketing purposes, you are entitled at any time to raise an objection against such processing. This includes objections raised against profiling to the extent it relates to direct marketing. If you raise an objection against data processing for direct marketing purposes, your personal data must no longer be processed for this purpose.

10. Contact

If you have any questions regarding the processing of your personal data or how to exercise your rights, you are welcome to contact Dronningens Ferieby.

Dronningens Ferieby
Dronningens Ferieby 1
8500 Grenaa, Danmark

+45 8758 3650
post@dronningensferieby.dk