We are the data controller
HimmerLand, HGSR A/S, Lars Larsens Vej 1, Gatten, 9640 Farsø, CVR nr. 10467489 is the data controller for the processing of your personal data. Below, you will find our contact details. We ensure that the storage and processing of your personal data is done in accordance with the law.
When using our website, we collect the following personal data:
When you use our website, we place cookies. You can read more about cookies further down. HimmerLand regularly receives statistical information from our data processor about visitors to the website. However, it is not possible to recognise individuals from this information.
When surfing on the web, you leave an “electronic trail” with information on where you’ve been. So, after visiting www.himmerlandresort.dk, we will know the following about you:
- Which pages you have looked at and when
- Which browser you use
- Your IP address
We use the technical information to find out which path our visitors take to find information on our site. For example, we can see if they start from the front page and scroll down to the sub-pages, or if they use a search engine to jump into the middle of the website.
When chatting with us on our website, you provide your name and email address, which we use in the dialogue with you and on behalf of your query.
As a guest or one of our customers, the following personal data is processed:
We use your general data, including name, address and contact details, to process your order and store it in our order system. This applies whether you book a stay, an activity or make a purchase via our online shop. Your data is also processed during and after your stay; for example, in connection with check-in and check-out. We may ask for your account details in connection with refunds.
We will only use your email address for the purpose of processing your order and conducting customer surveys. If you want to receive our newsletter, you need to give us your specific consent. You can sign up for the newsletter here.
We will not use your phone number to contact you for sales purposes. We will only contact you by phone if we need to give you a service message, e.g., if there are problems with your reservation.
Your credit card information is sent directly and encrypted to our payment provider and is thus not stored in Himmerland’s system. We use DIBS Payment Service – the largest online payment provider in the Nordic countries.
Regarding sensitive information, guests are requested not to provide this during their stay. Special considerations can of course be accommodated. However, avoid providing information that is personally identifiable, as it could be considered sensitive personal information. That is, simply indicate any special considerations such as health or dietary allergies, without giving any further information about the person. Alternatively, you are also welcome to contact HimmerLand by phone regarding special considerations.
For foreign guests, there is a requirement to present and record ID information, either passport details or driving licence, as well as nationality. According to The Danish Aliens Consolidation Act, a record must be kept of all foreign visitors who arrive. The protocol contains information on the foreign guest’s full name, date of birth, nationality, permanent residence, date of arrival and type and passport number or other travel document.
Selected common areas are video monitored. There are signs about this in the relevant areas.
If HimmerLand helps you reserve tee times, we may ask for your DGU number. If you are from a country that does not use GolfBox, we will ask for your name, handicap and tee location.
At concerts and other major events, photos may be taken and published on our website and social media. Guests may appear in the photos, which will appear as a description of the atmosphere. If necessary in the given situation, Himmerland will obtain your consent before publishing the images.
Your personal data will be stored in Himmerland’s system. Your data is stored securely at our hosting partners. The processing of your personal data is necessary to complete your order, which is the legal basis. We will store your data for 5 years after your purchase. We will store your data for the period of time that is relevant, and for the period of time that is required by separate legislation, e.g., your right to make a complaint under the Purchase Act.
If you apply for a job with us, the following personal data will be processed:
Processing consists of screening applications, CVs and other uploaded documents, as well as calling and preparing for job interviews. The purpose of processing data is to assess whether we can offer you relevant career and training opportunities now or in the future. If your employment has or may have direct contact with children under the age of 15, we ask for your consent to obtain a child certificate, cf. section 36 of the Criminal Register Statutory Order. The police website www.politi.dk provides further information on the conditions and procedure for obtaining criminal and child certificates, including consent.
Your personal information will be treated confidentially, and only the necessary and relevant staff will have access to your personal data and files.
Your personal data will be stored in Himmerland’s system. Your data is stored securely at our hosting partners. Even if you are not considered for the job you have expressed interest in, we will keep your details for any future opportunity, unless you specifically ask us to delete them. Your data will be kept for 6 months, after which it will be deleted. Afterwards, only a few anonymised data will be kept for statistical purposes. The statistical processing is intended to improve the recruitment process for the user, as well as for HimmerLand.
Who has access to the information?
The above-mentioned data is only handed over to persons from HimmeLand and the person responsible at our data processors. Your information will never be sold to third parties. They are disclosed only to the extent necessary to perform our contract.
Your personal data may be used in cases with the police, as we prosecute, e.g., false payments. We release account information and other personal information when we believe it is necessary to comply with applicable law and to prevent fraud, such as credit card fraud.
If you have booked your stay through an agent or a booking site, they are the ones to whom you have provided your data in the first place and are therefore the data controllers. They then pass on the data to HimmerLand for our processing of your data in connection with your stay.
Under the GDPR, you have a number of rights in relation to our processing of information about you.
If you want to exercise your rights, please contact us.
Right to see information (right of access)
You have the right to access the data we process about you, as well as a range of additional information.
Right of rectification (correction)
You have the right to have inaccurate information about yourself corrected.
Right to erasure
In exceptional cases, you have the right to have information about you deleted before the time of our general deletion occurs.
Right to restriction of processing
In certain cases, you have the right to restrict the processing of your personal data. If you have a right to restrict processing, we may only process the data in the future – apart from storage – with your consent for asserting or defending legal claims or for the protection of an individual or important public interests.
Right to object
In certain cases, you have the right to object to our or lawful processing of your personal data.
Right to transfer data (data portability)
In certain cases, you have the right to receive your personal data in a structured, commonly used and machine-readable format, and to have those personal data transferred from one controller to another without impediment.
We protect your personal data and have adopted an internal information security policy which contains instructions and measures to protect your personal data from unauthorised disclosure and from unauthorised access or knowledge of your data. Procedures are established to protect your data. To avoid data loss, we continuously back up our datasets. We also protect the confidentiality and authenticity of your data through encryption.
In the event of a security breach that results in a high risk to ID theft, financial loss or other significant inconvenience, we will notify you of the security breach as soon as possible.
Complaint to the Data Protection Authority
You have the right to make a complaint to the Data Protection Authority if you are dissatisfied with the way we process your personal data. The contact details for the Data Protection Authority are available at www.datatilsynet.dk.