Icelandair Hotels takes protection of your personal information seriously and respects your privacy
Here is a summary of how Icelandair Hotels approaches your privacy rights, collection, usage and processing of your personal information:
By clicking “Icelandair Hotels Privacy Policy” below, you can read our Privacy Policy in more detail. Reading the Privacy Policy will give you a better understanding of how your personal information is used, what types of information we collect, how it is collected, what purposes it will be used for and who it may be shared with.
We will provide you with some specific examples of the processing of your personal information. If you have further inquiries, please contact us via e-mail by writing to privacy@icehotels.is.
Please keep in mind that the summary above, and the Privacy Policy below, are not contractual and do therefore not form part of your contract with us, without prejudice to your rights under applicable laws.
Icelandair Hotels Privacy Policy
+ Details about the data controller of your personal information
Where Icelandair Hotels processes your personal information under this Privacy Policy, it is considered to be the “data controller” of your personal information under European Union and Icelandic data protection law. Our address is as follows:
Data Protection Officer
Icelandair ehf.
Reykjavíkurflugvelli,
101 Reykjavík
Iceland
Icelandair Hotels has appointed a Data Protection Officer, whom you can reach by e-mailing privacy@icehotels.is or writing to the above address.
Whenever you book to stay at an Icelandair Hotel, but some parts of your stay or journey are to be provided by other service providers, then those service providers are separate “data controllers” under European Union data protection law. In that case, Icelandair Hotels and any other service providers will be joint controllers of your personal information.
Any additional service providers, e.g. a travel agent or car rental company, which provide a part of your services will also be separate “data controllers”. Their privacy policies will be accessible from them directly.
Please be aware that, depending on the services that you have requested, other agreements will form your contractual relationship with Icelandair Hotels.
If you have requested additional services or booked a package including such services, then the providers of such services will be identified in the booking or ordering process. The providers of such services will also separately be “data controllers”.
+ When does this policy apply?
The Privacy Policy of Icelandair Hotels applies when we collect, use or otherwise process your personal information regarding your relationship with us as a customer or potential customer. This includes when you stay with us, use our additional services, websites or mobile applications. Additionally, the Privacy Policy applies when you contact our service agents or book our services through third parties. An example of such third party would be a travel agent.
Where we reference that others are data controllers in the sections ’Controller of Personal Information’ and ’Who do we share your personal information with?’ you should consult their privacy policies for further information.
For further information on the applicability of privacy policies, such as when there are additional “data controllers” as described in the section “Details about the data controller of your personal information” or when we share your personal information, as described in the section “In which cases and with whom do we share your personal information?” we advise that you refer to their privacy policies for additional details.
Additional Terms and Conditions or policies may apply if you request additional services from us, e.g. if you enter a competition linked to Icelandair Hotels and other third parties or if you sign up for Icelandair Saga Club.
+ What is personal information?
Whenever information provides details which identify your person or could be used for the same purpose, it is considered to be personal information. An example might be your name, your contact details or your purchase history. Details on how you use our websites and mobile applications may also be personal information.
+ In which cases do we process and from whom might we receive your personal information?
Whenever you use our services, website, mobile applications, make contact with us via e-mail or our service agents, we collect your personal information. The same applies when the services are provided by third parties or agents acting on behalf of Icelandair Hotels. Please be aware that if you do not wish to provide us with personal information which is necessary for the performance of a contract or which we are legally required to process, we may not be able to provide you with part or all of the services requested.
Furthermore, we may receive your personal information from third parties, such as:
To see which types of personal information Icelandair Hotels processes about you, please see the section “What types of personal information do we process?”
+ What types of personal information do we process?
To provide you with our services, or the services of other data controllers which deliver part of the services that you have requested, we will need to process your personal information. Further processing may take place to provide you with relevant marketing materials and enhance your experience with Icelandair Hotels.
Icelandair Hotels processes the following types of personal information:
For more information, please see our Cookie Policy.
+ When and why do we collect ‘sensitive personal data’?
In some cases, Icelandair Hotels may process your personal information which is considered to be sensitive. Specific categories of personal information, such as on religion, health or ethnicity require additional safeguards under European Union and Icelandic data protection law. These categories are referred to as “sensitive personal data”. Icelandair Hotels will only process these categories of data in specific circumstances.
Following are examples where we may process “sensitive personal data”:
+ For which purposes do we process your personal information?
The main purposes for which we process your personal information are:
+ When will we send you marketing?
When you provide your information directly to us you may be asked if you don’t want to receive our marketing material. Icelandair Hotels sometimes promotes the products and services of third parties and other Icelandair Group subsidiaries.
Icelandair Hotels may ask you to consent to receive marketing material from other third parties.
Whatever your choice on receiving marketing material from us or by which methods they are delivered, we will respect it.
What options do you have when receiving marketing material from us?
You can change your mind at any time on whether you would like to be sent marketing material or not. To stop receiving marketing material from us, you can use the following methods:
Even if you choose not to receive marketing material, we will still communicate with you in relation to services or products you have purchased. For example, we will still send you messages with your booking confirmation or to inform you of any changes or disruptions to the services.
Please be aware that if you indicate that you would not like to receive marketing material from us, we will retain your personal information in order to fulfil your wishes not to receive such material.
+ What is our legal basis for processing your personal information?
Your personal information will only be processed by Icelandair Hotels where there is a legal basis for the processing. The legal basis may differ based on the purpose of the processing of your personal information. In almost all cases, the legal basis will be as follows:
You can see more information on the processing with regard to each legal basis below.
In cases where the processing of your data is subject to other laws, then the legal basis for processing may be different than stated above. In such circumstances, the processing may be based on your consent in all cases.
Processing based on a contractual necessity
In order for us to provide you with services, such as fulfil your request to stay with us, it is necessary for us to process some of your personal information. We will need to process information such as your name, contact details and payment information so that you can check in to a hotel or other services in case of a package booking.
Processing based on legitimate interests
Icelandair Hotels operates several hotels in Iceland. As such, we have a legitimate interest to use your personal information in order to provide, improve and market our services.
Processing to comply with legal obligations
As a business, Icelandair Hotels needs to comply with legal and regulatory requirements and may need to process your personal information in order to comply with these requirements.
To protect the vital interest of you or another person
In rare cases, there may be an urgent need that we process your personal information to protect your vital interests or the interests of another person.
Processing based on consent
In some cases, we may process your personal information when you have provided your consent for us to do so.
Whenever we process personal information based on your consent, you may withdraw your consent at any time. To do so, please contact Icelandair Hotels by write to us at:
Data Protection Officer
Icelandair ehf.
Reykjavíkurflugvelli,
101 Reykjavík
Iceland
Please be aware that if you withdraw your consent, we may not be able to provide you with some or all of the services that you have requested from us. Additionally, it may not be possible to cancel your booking or for us to provide you with a refund of payments you have made to us.
+ For how long do we retain personal information?
Your personal information will be kept as long as it is needed for the purpose it is being processed. For example, we will need to retain information related to your stay for as long as it is needed to fulfil your booking and after that so that we can respond to claims, disputes or questions about the booking. Your information may also be retained so that we can provide you with improved and personalized services, as well as so that you may enjoy any loyalty benefits which you have accrued.
Icelandair Hotels actively reviews personal information so that it is not retained longer than there is a legal basis for it being processed. In some cases, it may be anonymized and in other cases, deleted.
+ In which cases and with whom do we share your personal information?
Icelandair Hotels may share your personal information with its sister companies within the Icelandair Group, which include Air Iceland Connect, Icelandair, Iceland Travel, Fjárvakur-Shared Services and Icelandair Cargo. Icelandair Hotels shares details within the Icelandair Group so that our sister companies can help us provide, improve and market our services. As an example, if you have used the services of our sister companies, we may use this information to learn more about the sorts of services or products you may be interested in. For more information about the companies within the Icelandair Group, please see the website of our parent company.
Icelandair Hotels may share your personal information with other service providers which participate in the fulfilment of your bookings and travel arrangements. Icelandair Hotels will only share your information as part of its business operations as a hotel chain and travel provider, or if we have a legal og regulatory obligation to do so.
Your personal information may also be shared with the following third parties:
If the services you have requested include other Icelandair Group companies, such as if they provide you with day tours, your personal information will be provided to Icelandair Hotels as well as other Icelandair Group companies involved.
Icelandair Hotels will not sell your personal information to third parties. We will not allow third parties to send you marketing material unless you have provided your consent.
What countries will your personal information be transferred to?
As a hotel service provider, Icelandair Hotels has business partners located in countries around the world. Icelandair Hotels may therefore transfer and store your personal information in countries outside the European Economic Area. Icelandair Hotels may share your information with third parties in countries located outside the European Economic Area in order to provide you with services you have requested or for other legitimate reasons. To read more about who your personal information may be shared with, please refer to the section “In which cases and with whom do we share your personal information?”.
Please be aware that this means that your personal information may be transferred to third parties which are located in countries where may have fewer legal rights than provided by your local laws.
+ How does Icelandair Hotels safeguard personal information that is transferred to third countries?
According to European Union and Icelandic data protection laws, certain requirements need to be fulfilled when your personal information is transferred to a country outside the European Economic Area. The purpose of these requirements is to make sure your personal information is adequately protected, even when being transferred outside the European Economic Area.
When Icelandair Hotels transfers your personal information to a third country, one of the following will apply:
+ What can you do to keep your personal information secure?
Icelandair Hotels makes every effort to protect your personal information. We encourage you to take steps to secure your personal information. Here are some measures that you can take to keep your information safe:
Be careful when online and avoid internet fraud
Dishonest individuals may try to gather your personal information by trying to deceive you online. This illegal activity is called “phishing”. Phishing is often performed by sending you an e-mail which has been designed to make you think that it has been sent a legitimate business. However, such e-mails may often form part of a scam to trick you into disclosing details, such as your personal information, login credentials or bank information. Phishing e-mails will often contain links to fraudulent websites which imitate the look and feel of legitimate websites.
+ How can I make a request for a copy of my personal information and how do I lodge a complaint?
Under European Union and Icelandic privacy law, you may request a copy of your personal information if it is processed by Icelandair Hotels. You do not need to pay a fee for this request, unless it is manifestly unfounded or excessive. Icelandair Hotels will make every effort to respond to your request within 30 days of it being received.
Your request must be in writing and must contain the following information:
Additionally, we require you to provide:
Please send your request to:
Data Protection Officer
Icelandair ehf.
Reykjavíkurflugvelli,
101 Reykjavík
Iceland
You also have a right to lodge a complaint with The Icelandic Data Protection Authority in. A complaint can be made by writing to:
The Icelandic Data Protection Authority
Rauðarárstígur 10
105 Reykjavík
Iceland