Any questions concerning personal data should be addressed to the Data Protection Officer by email to [email protected] or by post to Golfbreaks.com, Tuborgvej 5, 2900 Hellerup
You have the right to make a complaint at any time to the Datatilsynet, the Danish supervisory authority for data protection issues (http://www.datatilsynet.dk/). We would, however, appreciate the chance to deal with your concerns before you approach the Datatilsynet so please contact us in the first instance.
We reserve the right to modify or amend this Policy at any time and will display the effective date at the end of this Policy. Previous versions can be obtained by contacting us.
It is important that you read this Policy together with any other privacy notice or fair processing notice that we may provide on specific occasions when we are collecting or processing personal data about you so that you are fully aware of how and why we are using your data. This Policy supplements the other notices and is not intended to override them.
This Policy is organised into sections which you can click through to:
As a travel business, we need to collect certain personal data (such as name, address and contact details) from you to ensure that we can make the arrangements for your golf break with the golf, hotel and other suppliers, and in order to perform your golf break contract services. We will also collect your personal data to able to provide you with details of future golf breaks and for the other purposes set out in this Policy. We will ask for your consent or rely on another legal basis for processing before we process your personal data, in accordance with the Data Protection Laws.
Under the Data Protection Laws, personal data means any information relating to an identified or identifiable natural person. An identifiable natural person is one who can be identified, directly or indirectly in particular by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more factors specific to the physical physiological, genetic, mental, economic, cultural or social identity of that natural person.
We will collect personal data, such as your full name, address, email address and telephone number when you:
If you make a booking with us we will also ask you to provide us with the name and contact details of the other members of your party. Where we make flight bookings as part of your golf break, we may also need to ask you for your passport details.
Health and mobility information: When you make an enquiry or a booking with us, we will ask you to disclose whether you have a medical condition or health issue or have any restrictions on your mobility. See the Section below on “How we use your Personal Data" for information for details of why we need to process this information and how we will obtain your consent. If you choose not to disclose this information to us or do not give us your consent to use it for the outlined purposes, we may not be able to provide the services you have requested due to our legal responsibility to provide you with a safe holiday.
Group data: If you provide us with the personal data of any other parties, for example, any other individuals included in your booking, you must ensure that you have the consent of those other parties to provide their information to us. We will use their personal data as necessary to perform the booking contract.
Automated technologies: As you interact with our website, we may automatically collect technical data about your equipment, browsing actions and patterns. Technical data may include internet protocol (IP) address, your login data, browser type and version, time zone setting and location, browser plug-in types and versions we collect from the devices you use to access our website. We collect this personal data by using cookies and other similar technologies. We may also receive technical data about you if you visit other websites employing our cookies.
When you make an enquiry about a golf break, we will use the personal data that you provide to us, such as name and contact details, to enable us to service your enquiry and take the steps that you request towards making a possible booking with us.
When you make a booking for a golf break, we will need to use your personal data such as name and address to make the travel arrangements for your break and otherwise as necessary to ensure that your booking contract is performed. This will usually require us to pass your personal data on to relevant third party suppliers of your travel arrangements such as hotels, airlines, transport providers, ground agents and destination management companies.
In order to effect your booking, we may also need to provide your personal data: to security or credit checking companies and/or credit and debit card companies in order to take payment for your booking; and to regulatory or public authorities such as customs or immigration if required by them, or as required by law.
Where we need to disclose your information to a third party for the fulfilment of your travel booking, we require that third party to have appropriate technical and organisational measures in place to protect your personal data and to process your data in accordance with our instructions and the Data Protection Laws.
Data transfers outside of the EEA: If necessary to perform your booking contract, we may need to transfer your personal data to third parties, such as travel suppliers, located outside of the European Economic Area (EEA). This will be the case where you book a golf break or tour that is based outside of the EEA, such as the USA or one of our other worldwide destinations. See the Section on “Sharing your Personal Data” for details of how we ensure adequate safeguarding of your personal data when transferring it outside of the EEA.
Health and Mobility information: We will use the health and mobility information that you provide to us to enable us (and the suppliers of your golf break) to ensure your health, safety and welfare during your break, which is our legal responsibility. We will ask for your explicit consent for our use of this information at the time of requesting it, including our sharing of your information with the suppliers of your break only for the purposes set out above.
We would like to be able to send you details of our offers and promotions by email, telephone, text message and/or post according to your choice. You can change your preferences at any time by simply emailing us [email protected] We will not send you any marketing communications unless you have expressly opted in to receive them.
You can also opt in by:
- Subscribing online for our email newsletters;
- Emailing us on [email protected];
- Writing to us at Tuborgvej 5, 2900 Hellerup
If you have opted-in to receive marketing communications from us, you can opt out at any time by:
- Clicking the unsubscribe link in our email newsletters;
- Emailing us on [email protected];
- Writing to us at Tuborgvej 5, 2900 Hellerup
Where you have consented to do so, we may also use your personal data to keep you informed about the selected partner offers that may be of interest to you.
For other lawful purposes:
We will use your personal data for such other lawful purposes as are permitted under the Data Protection Laws and we will always obtain consent where required.
We take appropriate technical and organisational measures to protect your personal data against unauthorised or unlawful processing and against accidental loss, destruction or damage to personal data. This includes, as appropriate: the pseudonymisation and encryption of personal data; the ability to ensure the ongoing confidentiality, integrity, availability and resilience of processing systems and services; the ability to restore the availability and access to personal data in a timely manner in the event of a physical or technical incident; and a process for regularly testing, assessing and evaluating the effectiveness of technical and organisational measures for ensuring the security of the processing.
When you provide your personal data through our website, this information is transmitted across the internet securely using high-grade encryption. In addition to this, we are a PCI DSS compliant company. This means we adhere to high security standards in order to protect your payment card details when you make a booking over the phone or pay your balance through your online account in our secure customer portal.
Where we have given you (or where you have chosen) a password which enables you to access certain parts of our site, you are responsible for keeping this password confidential. We ask you not to share your password with anyone.
We will only retain your personal data for as long as is appropriate and necessary to the fulfil the purposes for which it was collected, including for the purposes of satisfying any legal, accounting, or reporting requirements, taking into account the amount, nature and sensitivity of the data, the potential risk of harm from unauthorised use or disclosure of your data, and whether we can achieve those purposes through other means. We will limit the period for which personal data is stored to a minimum. We will set time limits for erasure or periodic review. You may request details of our retention policy and in addition, you have a right to have your personal data restricted or erased – see more details under “Your Rights” below.
Dine rettigheder i henhold til databeskyttelsesloven i relation til dine personoplysninger omfatter (men er ikke begrænset til) følgende:
Du har ret til at bede os om at give dig en kopi af de personoplysninger, som vi opbevarer om dig til enhver tid gratis. Dette kan omfatte bookingoplysninger vedrørende rejser, som du har reserveret gennem os. Yderligere kopier kan medføre et rimeligt gebyr, også hvis din anmodning er klart ubegrundet, gentagne eller overdrevne (eller vi kan nægte at overholde din anmodning under disse omstændigheder).
Du kan også bede os om at rette op på eventuelle fejl i dine personlige data eller udfylde eventuelle ufuldstændige data, som vi har, eller du kan til enhver tid opdatere dine egne oplysninger ved at sende en email til [email protected]
Hvor du har givet dit samtykke til vores behandling af dine data, har du ret til at trække dit samtykke til enhver tid. Hvis du trækker dit samtykke tilbage, og der ikke er nogen anden juridisk grund til at behandle dine data, kan du bede os om at slette dine personlige data. Du kan også kræve, at vi sletter dine data, hvis vi har behandlet dine data ulovligt, eller hvis loven kræver, at vi sletter dine data. Bemærk dog, at vi måske ikke altid kan overholde din anmodning om sletning af specifikke juridiske grunde, der vil blive meddelt dig, hvis det er relevant, på tidspunktet for din anmodning.
Du kan også begrænse behandlingen af dine data: Dette giver dig mulighed for at bede os om at suspendere behandlingen af dine personlige data, hvis: (a) hvis du vil have os til at fastslå datas nøjagtighed; (b) hvor vores brug af data er ulovlig, men du vil ikke have os til at slette den (c) hvor du har brug for os til at opbevare data, selvom vi ikke længere har brug for det, hvis du har brug for det til at etablere, udøve eller forsvare juridiske krav eller (d) du har protesteret mod vores brug af dine data, men vi skal kontrollere, om vi har overvejende legitime grunde til at bruge det.
Du kan anmode om overførsel af dine personlige data til dig eller til en tredjepart. Vi vil give dig eller en tredjepart, du har valgt, dine personlige data i et struktureret, almindeligt anvendt, maskinlæseligt format. Bemærk, at denne ret kun gælder for automatiseret information, som du oprindeligt gav samtykke til at bruge, eller hvor vi brugte oplysningerne til at indgå en kontrakt med dig.
Transfers outside of the EEA: Where we need to transfer your data to a third party supplier or service provider based in a country located outside of the EEA, either in order to fulfil your booking, or for the purposes of the third party providing us with a service, we will ensure that either the country to which the data is to be transferred has an adequate level of protection for data (as determined by the European Commission) or we may use specific contracts approved by the European Commission which give personal data the same protection it has in Europe or where a supplier or service provider is based in the US, we may transfer data to them if they have certified to the Privacy Shield Framework Principles which requires them to provide similar protection to personal data shared between the Europe and the US.
Please contact us if you want further information on the specific mechanism used by us when transferring your personal data out of the EEA.
We will share your personal data with any member of our group of companies (which means our subsidiaries, our ultimate holding company and its subsidiaries) for internal administrative purposes including processing of personal data on the basis of being in our legitimate interests to do so. We ensure that our group companies follow the same rules when processing your personal data. These rules are called “binding corporate rules”.
If the shares in Golfbreaks or substantially all of our assets are sold to a third party, your personal data may be disclosed to the prospective buyer during the sale negotiations and on conclusion of the sale will be transferred as a company asset to the third party. This is necessary for our legitimate interests to be able to sell the company or its assets in the future, provided that we take all appropriate steps to keep your personal data confidential and secure at all times in accordance with this Policy and the Data Protection Laws, including requiring the third party to sign a confidentiality and non-disclosure agreement.
Golfbreaks will not give or sell any personal data to any third party companies, organisations or individuals without your prior consent.
Our site may, from time to time, contain links to and from the websites of our partners and affiliates. If you follow a link to any of these websites, please note that these websites have their own privacy policies and that we do not accept any responsibility or liability for these policies. Please check these policies before you submit any personal data to these websites.