Engestofte Estate I/S' Personal Data Policy

for processing guest, customer and supplier information

 

1. Data controller

Engestofte Gods I/S is the data controller.

Engestofte Gods I/S contact details are:

Engestofte Gods, Søvej 10, 4930 Maribo, tel. +45 54 49 00 73 e-mail: mail@engestofte.dk

Engestofte Gods I/S handles all personal information in accordance with the applicable personal data legislation.

Engestofte Gods I/S enters into agreements with guests, customers and suppliers regarding the delivery - purchase and sale - of various services and products.

When a guest/customer orders and buys one or more of Engestofte Gods I/S's services, and as part of this submits his personal data to Engestofte Gods I/S, he simultaneously gives his consent that the guest's/customer's/supplier's personal data can processed by Engestofte Gods I/S.

The same applies with regard to any personal data that suppliers to Engestofte Gods I/S provide to Engestofte Gods I/S in connection with making offers or entering into agreements with Engestofte Gods I/S.
 

2. Engestofte Gods I/S' collection of personal data

Personal information is collected by Engestofte Gods I/Spå in the following way:

  • When a guest/customer - or a representative for this - chooses to obtain an offer for and/or purchase one of Engestofte Gods I/S services/products.

  • When suppliers enter into agreements with Engestofte Gods I/S or make offers to Engestofte Gods I/S.

  • In connection with the use of Engestofte Gods I/S digital services.

  • By subscribing to Engestofte Gods I/S newsletter.

  • From social media, advertising and analytics providers and public records.

Collection and processing of personal data, cf. above, will always take place in compliance with the personal data regulations applicable at any time.

3. Information collected by Engestofte Gods I/S

Engestofte Gods I/S collects the following personal data:

  • Name, address, telephone number, e-mail address and other general non-personally sensitive personal data.

  • Bank details – as a guarantee for a reservation and for payment of events and stays.

  • Demographic information.

  • Purchase history.

  • Information from any tendered competitions

  • Information from Engestofte Gods I/S social media and other digital platforms belonging to Engestofte Gods I/S.

  • Browser information.

  • Information about the guest's/customer's company and relevant contact persons such as toastmaster, DJ and the like.

  • Information about suppliers' business as well as information about relevant contact persons and key persons, including key accounts.

A guest/customer/supplier may, voluntarily and at their own choice, provide Engestofte Gods I/S with additional personal data that they believe may be important for Engestofte Gods I/S's operation/servicing of the guest/customer/supplier, or that the person in question believes should given for security reasons.

This can e.g. be information about:

  • Handicap

  • Allergy

  • Special food preferences

  • Other health or medication information

If a guest/customer/supplier chooses to provide such information voluntarily and by their own choice, Engestofte Gods I/S perceives this as consent to be able to register and store this sensitive information about the person concerned.

In addition to the information that Engestofte Gods I/S receives directly from guests/customers/suppliers, Engestofte Gods I/S will in some cases obtain or process additional information that Engestofte Gods I/S has received from third parties, e.g. a travel agency, another intermediary or an employee of the company where the data subject is employed.

Where this is the case, the relevant third party is obliged to inform the relevant guests/customers/suppliers about Engestofte Gods I/S terms and conditions as well as Engestofte Gods I/S personal data policy. It is also the responsibility of the third party in question to ensure that there is the necessary legal basis for the collection and processing of the information in question, including obtaining any necessary consent for the processing of any sensitive information.
 

4. Payment by payment card  

Engestofte Gods I/S uses DIBS  www.dibs.dk (Nets) for redeeming payments with payment and credit cards. DIBS and Engestofte Gods I/S are approved and certified by Pengeinstitutternes Betalingssystem ( www.pbs.dk ). 

For orders and bookings, Engestofte Gods I/S stores the information that the guest/customer/supplier has provided for up to 5 years, after which the information is deleted.

In addition to handling the order, the information provided is only used if a guest/customer/supplier e.g. contact you with questions or if there are errors in the order. 
 

5. What is the purpose of the collection and processing?

Engestofte Gods I/S only collects personal data which is necessary to fulfill the agreements entered into with guests/customers/suppliers regarding the provision of services, e.g. an overnight stay, or purchase/sale of products or services.

It is the content of the individual agreement/the nature of the service that determines which personal data Engestofte Gods I/S collects and processes, and which determines the purpose of the collection.

The purpose of collecting and processing personal data will primarily be:

  • Processing guests'/customers' bookings and purchases of Engestofte Gods I/S services.

  • Processing suppliers' offers for - and sales - of products and services

  • Contact the guest/customer before, during or after their event or stay.

  • Fulfillment of the guest/customer's request for an offer or purchase of services.

  • Improvement and development of Engestofte Gods I/S services.

  • Adaptation of Engestofte Gods I/S marketing and other communications.

  • Analysis of guests/customers/suppliers' user behavior and marketing towards them

  • Adaptation of Engestofte Gods I/S partners' communication and marketing to guests/customers/suppliers.

  • Administration of guests/customers/suppliers' relationship with Engestofte Gods I/S, including possible participation in Engestofte Gods I/S customer/loyalty program.

  • Fulfillment of legal requirements, e.g. requirement to register overnight guests in accordance with the immigration legislation and the passport order.
     

6. Authorization - the legal basis for the processing.

Engestofte Gods I/S will most often process personal data because it is necessary to fulfill an agreement with Engestofte Gods I/S to which a guest/customer or a supplier is a party. This may, for example, be in connection with events, stays, conducting meetings and/or handling and fulfilling cooperation and supplier agreements.

In addition, Engestofte Gods I/S will process personal data in connection with booking prior to an event/an overnight stay, handling of meetings, companies, conferences, etc. and prior to entering into supplier agreements.

In some cases, Engestofte Gods I/S will process personal data as part of Engestofte Gods I/S pursuing a legitimate/fair interest that precedes the interests of the guest/customer/supplier (the data subject).

Such a legitimate interest can, for example, be the preparation of statistics, customer surveys, marketing and analysis of general guest/customer behaviour, which is intended to generally improve the experience at Engestofte Gods I/S and the quality of Engestofte Gods I/S services and products.

If a guest/customer in connection with their stay/visit at Engestofte Gods I/S discloses special personal preferences or considerations, including e.g. health information, disability, religious beliefs or the like, Engestofte Gods I/S only uses the information to ensure that the guest's/customer's personal preferences, your health, etc. are taken into account.

 In some situations, Engestofte Gods I/S receives personal data from third parties, e.g. a travel agency, an agent or the like, i.a. in connection with bookings, reservations and obtaining offers. When this happens, the third party in question is required to inform the guests/customers/suppliers in question about the terms and conditions of Engestofte Gods I/S and the content of this personal data policy.

Engestofte Gods I/Sees further according to law, cf. above under section 5, obliged to register various information about overnight guests. This information must be stored for a minimum of one year and a maximum of two years. 

7. The data subject's rights

According to the rules in the Personal Data Regulation, the registered (customers/guests/suppliers) have different rights.

  • A registered person has the right at any time to gain insight into which personal data Engestofte Gods I/S processes about the registered person.

  • A registered person has the right at any time to have the personal data that Engestofte Gods I/S holds about the registered person corrected and updated.

  • A registered person has the right at any time to have the personal data that Engestofte Gods I/S holds about the registered person deleted. If a registered person requests deletion, all the information that Engestofte Gods I/S is not obliged by law to store will be deleted. Deletion of the registered person's information may in some cases mean that Engestofte Gods I/S cannot fulfill any concluded agreements or provide certain services to the data subject.

If some of the information that Engestofte Gods I/S holds about the data subject is given on the basis of the data subject's consent, the data subject has the right to withdraw consent at any time, which means that the information is deleted or no longer used by Engestofte Gods ICE. However, this does not apply to information that Engestofte Gods I/S, cf. above, is legally obliged to store.

The possibility to request deletion etc. may, however, be limited due to the protection of other people's privacy, trade secrets or intellectual property rights, as well as e.g. for the sake of the possibility of being able to enforce potential legal claims.

The registered person can at any time ask Engestofte Gods I/S in writing to get an overview of, and a copy of, the personal data about the registered person that Engestofte Gods I/S holds.

A written request to this effect must be signed by the registered person and contain his name, address, telephone number, e-mail address.

The data subject can also contact Engestofte Gods I/S if the data subject believes that his personal data is being processed in violation of the law or in violation of other legal obligations, e.g. the agreement/contract that the data subject has with Engestofte Gods I/S

Written request is sent to Engestofte Gods I/S, see contact information above under section 1

Engestofte Gods I/S will, as far as possible, send the overview to the registered person's e-mail address within 1 month after receiving the registered person's written request.

If the data subject requests correction and/or deletion of his personal data, Engestofte Gods I/S will assess whether the conditions for the request have been met, and Engestofte Gods I/S will, in that case, carry out changes or deletion as soon as possible.

Engestofte Gods I/S reserves the right to reject requests that have the character of harassing repetition, that require disproportionate technical measures (e.g. development of a new IT system) or that affect the protection of other data subjects' personal data, or in other situations where it will be disproportionately resource-intensive or very complicated to meet the request.

Security and sharing of personal data

Engestofte Gods I/S protects the data subject's personal data and has established guidelines that protect the data subject's personal data from unauthorized disclosure and from unauthorized persons gaining access or knowledge of it.

Only the persons/employees at Engestofte Gods I/S who, by virtue of their job function, need the personal data of the registered persons have access to it.

Engestofte Gods I/S continuously checks that there is no unauthorized access to the registered persons' personal data.

Engestofte Gods I/S regularly backs up the registered personal data.

In the event of a security breach, where there is a high risk of misuse of the registered person's personal data, including e.g. identity theft, financial loss, loss of reputation or other form of abuse, Engestofte Gods I/S will notify the data subjects of the security breach as soon as possible

Engestofte Gods I/S security procedures are continuously reassessed and updated in relation to technological developments.

Engestofte Gods I/S uses a number of external suppliers of IT services, IT systems, payment solutions, etc.

Engestofte Gods I/S continuously ensures that the providers of IT solutions that Engestofte Gods I/S uses for the storage of personal data maintain a necessary and high level of protection, as far as the personal data of the registered are concerned.

In order to fulfill agreements with the data subjects and to meet the needs of guests and customers, Engestofte Gods I/S shares selected personal data, typically the data subject's name and contact details, with external suppliers such as accommodation, and suppliers of wedding cakes, flowers and other decorations, glass, service , tables, chairs, tents and other party equipment as well as suppliers of transport.

Engestofte Gods I/S is in some cases legally obliged to pass on personal data or obliged to do so as a result of a decision by a public authority.

Engestofte Gods I/S deletes your personal data when Engestofte Gods I/S's legal obligation ends or when the purpose for collecting and processing the information is no longer present

10. Cookies

Engestofte Gods I/S uses cookies. Further information about Engestofte Gods I/S cookie policy can be obtained here: https://www.engestofte.com/cookie-information

11. Complaint

Complaints about Engestofte Gods I/S processing of personal data can be made to the Danish Data Protection Authority, BORGERGADE 28, 5, 1300 KØBENHAVN K, TELEPHONE 3319 3200 - E-MAIL  dt@datatilsynet.dk