The policy applies mainly, but is not limited to, guest and customer data. If you have had any correspondence with ION Hotels, the policy most likely applies to you. The policy furthermore applies to the collection, storage, and disclosure of data and or information that can identify the above-mentioned parties in any way possible.
To whom it applies
- Guests who stay at our hotels,
- Persons who correspond with employees of our hotels,
- Persons who contact ION Hotels electronically, by email, visit our websites and or social media profiles, and sign up for our mailing lists.
In any processing of personal and identifiable information, ION Hotels ensures that it is compliant with Data Protection Legislation effective in Iceland at any given time, as well as the GDPR.. In parallel, ION Hotels ensures that the rights of any individual and legal entity are respected and that their personal and private information is handled with the utmost care in compliance with best practices of handling personal and identifiable information and applicable laws and regulations.
The information ION Hotels collects and keeps on guests is limited to the following information:
- Email and other communication information
- Phone number
- Passport number
- Financial information, such as credit card information
- Reception and restaurant video surveillance
- Traveler market segment
- Personal information you decide to share with us regarding your upcoming stay
Information use and legal grounds
Your personal information will only be processed by ION Hotels where there is an appropriate legal basis for the processing. The legal basis may differ based on the purpose of the processing of your personal information. In almost all cases the legal basis for the processing is to fulfill our contractual obligations in regard to your reservation at our hotels, for analytical purposes, for fulfilling legal obligations required of us by applicable privacy laws and regulations, to safeguard the legitimate interests of ION Hotels, to protect the vital interests of you or another person, and processing based on your consent given to ION Hotels for processing your information for a specific purpose. Whenever we process personal information based on your consent, you may withdraw your consent at any time.
The information we collect is stored for the time necessary to fulfill the abovementioned obligations, and in accordance with applicable laws and regulations at any given time. ION hotels actively review personal information so that personal information is not retained longer than there is a legal basis for it being processed. When data is no longer considered necessary it is deleted.
When you visit our website, ION Hotels collect cookies with the goal of a better understanding of how guests visit our website. We never ask for information on kids under the age of twelve. If needed, we will store with the utmost care.
Security and rights
ION Hotels has taken appropriate security, technical and organizational measures that it can be expected to take to make sure the information collected and stored is protected. The way we do this is by our organizational structure along with a high standard of computer security. ION Hotels will not transfer personal information outside of the European Economic area unless permitted by applicable laws and regulations. We always do our best to make sure your information is always kept secure in accordance with applicable privacy laws and regulations.
According to the applicable privacy laws mentioned in this policy, you may be entitled to know and receive information on what personal information ION Hotels has stored on you. You may also be entitled to know where said information originates. You can also request to know in which manner your personal information is processed and object processing if applicable. If your information has been sent to a third party, you may be entitled to know which party has your information and what the purpose of the data transfer was. You can ask us to update, rectify and or delete specific personal information about you and also ask us to limit the use and collection of the data and how said data is used internally. In case of a situation where ION Hotels are unable to meet your request, we will seek to explain why such a request is rejected, with respect to applicable laws and regulations. In any of these cases, please contact us directly at email@example.com, and we will respond accordingly.
If applicable, you also have a right to lodge a complaint, with respect to the abovementioned rights, to the Icelandic Data Protection Authority. A complaint can be made in writing to:
The Icelandic Data Protection Authority
ION Hotel may update this policy on a regular basis in accordance with changes to applicable laws or regulations or as a result of changes made by ION Hotel with respect to the processing of personal data. ION Hotels encourages you to review this policy on a regular basis in order to be informed about how we use and protect your personal information.