We process your personal information in accordance with the applicable Norwegian Personal Data Act, including the GDPR.
- Controller of your personal data
Anker STI, organization number 966891750, post box 4674 Sofienberg 0506 OSLO, tel. + 47 22 99 75 00, is the data controller for personal data in our central booking, invoicing and hotel management systems.
When you book, stay overnight, and pay at our hotels, ANKER STI is responsible for the processing of your personal info.
Anker STI is also the data controller for our Internet sites, which includes Anker Hotel, Anker Hostel, Anker Apartment and Anker Studentbolig. We also have some responsibilities around our residential app.
- Processing of personal data relating to booking and accommodation
In connection with your bookings made by yourself or by others on your behalf, we process the personal data we need to fulfil your booking payment of services. This is information you have provided to us directly or that you have provided us through a travel agent or agent. For example, we process information about your identity, your contact information, and your payment information. In some cases, we will make copies of your identification, passport, credit card, etc.
In addition, we treat any other information you may have provided that is relevant to your stay with us. This can be information about allergies or special requests for your stay. We record all purchases and orders you make with us such as accommodation, restaurant, conference, etc., to provide such services and for you to be able to pay for them.
We process this information for as long as necessary to fulfil our booking agreement with you, and in addition, as long as applicable law or government orders are imposed on us.
We log the use of key cards in our hotels. We do this to counteract and solve crime, and for security reasons, including fire safety.
- Processing of personal Data in our hotel system Hotsoft
The information you provide will be stored along with your booking data and purchase history. We will use this information to personalize future orders according to your needs and will also use the information to personalize your hotel stay with us. The basis of our use of the information is to fulfill our agreements with you.
- Processing of personal data for marketing purposes
As of today, we do not use personalized advertisements. We do not send out large email campaigns, we advertise only on a general basis and we do not have any loyalty programs or app/profile solutions that require you to sign up for benefits.
- Processing of personal data for development, troubleshooting and security
We will process information that includes personal data in order to troubleshoot and correct errors, improve our services and the technology we use, and analyze usage and user behavior.
Some personal data is used for statistical purposes but has very little privacy practices, as it is mostly anonymized and used in macro context.
- Processing of personal data otherwise
If you contact our customer service or otherwise address us with inquiries, we will process personal data you provide as far as is necessary to answer and log your inquiry. The basis for this is legitimate interests or to fulfill agreements with you or to answer your inquiries. The legitimate interests are to exercise good customer service.
- Processing of personal data about our suppliers, business customers and business contacts
We process information about contact persons at our suppliers, business customers, partners, and participants at our events aimed at business and other people acting in business activities. We do this in order to work effectively, make and enforce contracts, recruit, run our business and develop our business and our professional network. Such information is typically disclosed by name, contact information, position, business, competence, business interests and participation in our events for business or previously expelled interest for us and our employees.
We also process purely practical information of the accounting nature that ensures good cooperation and ease of operation for our business customers and tenants.
We store such information as long as the person is a business contact with us.
The basis of this is legitimate professional interests.
- Disclosure of personal data and statutory processing
We do not disclose your personal information to third parties unless you have consented to this, or unless applicable law, including the Personal Data Act and the GDPR, valid governmental order or court permits us or imposes to us.
For the sake of clarity, we disclose that our use of data processors to process information on our behalf is not considered disclosure.
- Obtaining personal data from others
In order to ensure that we have the correct information about you, we sometimes check your information against other sources such as the phone book, public registry etc. It may in some cases be applicable to credit check our company customers and business customers, which means obtaining credit data from other sources. We collect information from our partners and from other parts of our company when this is lawful and necessary for the delivery of services and communications to you.
- Your rights
You as a person have additional rights under the personal data protection regulations.
You have the right to require access, rectification or deletion of the personal data we process about you. You further have the right to require limited processing, to object to the processing and to claim the right to data portability.
If you want to access our processing of your personal data, please contact our Data Privacy Official Alexandr Galankin at firstname.lastname@example.org who will respond to your inquiry to us as soon as possible and no later than 30 days.
We will ask you to confirm your identity or ask you to provide further information before we allow you to apply your rights to us. We need to do this to make sure that we only provide access to your personal data to you, and not someone who makes it out to be you.
In terms of data portability in our systems, we strive to facilitate this where possible. You should be able to move your data to other systems if needed. We are helpful in getting this done but rely on an assessment if this is possible in every single case.
- Duty of confidentiality
We follow the rules of confidentiality that are always applicable in our divisions. As an example, your personal data will not be used beyond the necessary areas. Any extraordinary matters are handled only by those who have the necessity to be involved. Our staff should not discuss people, guests, customers and students with outsiders. There are also internal rules regarding the use of social media and the general processing of media requests in Anker STI.
If you find that this is not followed as described in this statement, it is very important that you contact the Data Protection Official to clarify where the rules have been violated.
- Data Protection Official
We have our own Data Protection Official in Anker STI that can be contacted at email@example.com. The Data Protection Official is the data protection offical for all our companies and all personal data we process.
The Data Protection Official is our point of contact for The Norwegian Data Protection Authority.
Our Data Protection Official provides Anker STI, our data processors and our employees with advice and guidance on the processing of personal data and the rules of this. The Data Protection Official is working to control our compliance with the rules of personal data and our internal policies.
Our Data Protection Official can also help you protect your rights with us, or help you get answers to questions about your personal data with us.
If you believe that our processing of personal data does not match what we have described here or otherwise violate privacy laws, you may alternatively complain to The Norwegian Data Protection Authority or the supervisory authority of your country of residence. Information on how to contact The Norwegian Data Protection Authority is on their website: www.datatilsynet.no.
- Use of data processor. Transfer to other countries
We have the Hotsoft booking system on all our properties provided by the HOIST Group. You can read more about their approach to the GDPR on this page https://www.hoistgroup.com/no/om/gdpr.
Navision is the accounting system used for invoicing both guests, students and business customers. They are part of Microsoft and are covered by their GDPR regulations, you can read more here https://privacy.microsoft.com/nb-no
A permanent cookie is left on your equipment for a specified period of time. A session cookie is stored randomly in your device memory while you are on our website. The session cookie disappears when you close your browser. We use both persistent and session cookies. Anker STI may also use third party cookies.
If you do not want our websites to place cookies on your equipment, you can turn off cookies in your browser. If you turn off cookies, the functionality of our website will be reduced.
We are continuously working on the development and improvement of our services to our customers. This may change the way or scope of our processing of personal data. The information we provide through this privacy statement will therefore be adjusted and updated periodically. We will also change the privacy statement when new rules or government practices make it necessary.
All our customers who are covered by this policy are encouraged to periodically check this statement for any change and new information.
- The following companies are covered by this statement
Anker Hotel: Anker Hotel has 296 rooms and a conference department with 7 meeting rooms.
Anker Hostel: Anker Hostel has 190 rooms in the summer months and 95 rooms throughout the year.
Anker Apartment: Anker Apartment has 78 private rooms and 158 beds.