Privacy Policy

Hammerfest Turist AS: Privacy Policy

Effective: 24 May 2018 

Sections

  1. Definitions
  2. Policy Context
  3. Consent
  4. Information we collect
  5. How we use the information we collect
  6. Sharing and disclosure
  7. Accessing/Changing your information
  8. Data retention
  9. Cookies, Web Beacons, Local Storage and Similar Technologies
  10. Information Security
  11. Changes to the Privacy Policy
  12. Privacy Policy Inquiries

 

Section 1 - DEFINITIONS

Consent - means any freely given, specific, informed and unambiguous indication of the data subject’s wishes by which he or she, by a statement or by a clear affirmative action, signifies agreement to the processing of personal data relating to him or her. [GDPR Ch. 1 Art. 4]

Data controller - means the natural or legal person, public authority, agency or other body which, alone or jointly with others, determines the purposes and means of the processing of personal data.

[GDPR Ch. 1 Art. 4]

Data processor - means a natural or legal person, public authority, agency or other body, which processes personal data on behalf of the controller. [GDPR Ch. 1 Art. 4]

Data subject - is the person to whom personal data may be linked. [Personal Data Act (14 April 2000 No. 31)]

Personal data - means any information relating to an identified or identifiable natural person (‘data subject’); an identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person. [GDPR Ch. 1 Art. 4]

Processing of personal data - means any operation or set of operations which is performed on personal data or on sets of personal data, whether or not by automated means, such as collection, recording, organisation, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure or destruction. [GDPR Ch. 1 Art. 4]

Sensitive personal data - means information relating to: racial or ethnic origin, or political opinions, philosophical or religious beliefs, the fact that a person has been suspected of, charged with, indicted for or convicted of a criminal act, health, sex life, trade-union membership. 

 

Section 2 - POLICY CONTEXT

Your privacy is important to us. Please take time to read this Privacy Policy carefully in order to understand the purpose for the collection of your personal data and the manner in which we process your personal data.

Hammerfest Turist AS (Organisation nr.: 954 361 403, registered address: Hamnegata 3, 9600 Hammerfest) is a destination management organisation.

We process personal data for members and customers who use our services. We safeguard your privacy according to the Personal Data Act of 14 April 2000 Nr. 31.

Hammerfest Turist AS is the data controller of any ‘personal data’ collected for both Hammerfest Turist and ‘The Royal and Ancient Polar Bear Society’ (hereafter referred to as ‘The Polar Bear Society’). The Polar Bear Society is a subsidiary of Hammerfest Turist AS and is as such fully controlled by Hammerfest Turist AS. Our websites include: www.hammerfest-turist.no, www.visithammerfest.no, www.visithammerfest.net and www.isbjornklubben.no.

Note: For a more detailed description of what constitutes ‘personal data’ please see ‘Section 1 - Definitions’.

For the most up to date Privacy Policy please visit: www.visithammerfest.no/privacy and www.isbjornklubben.no/privacy.

 

Section 3 - CONSENT

3.1       Your Consent

By providing your personal data to us, you give consent to the collection and use of this information in accordance with this Privacy Policy.

Note: Explicit consent is required only for the processing of sensitive personal data. For non-sensitive data, “unambiguous” consent suffices. Unambiguous meaning consent that is not open to more than one interpretation.

3.2       Consent for Minors

The age of consent in Norway is 16 years. As such, consent must be given by the holder of parental responsibility for the child (up to and including age 15) in order to collect and process the child’s personal data.

 

Section 4 - INFORMATION WE COLLECT

Our primary purpose for collecting your information is to provide you with services as provided under the Polar Bear Society Membership and to develop and promote Hammerfest as a destination.

There are three general categories of information we collect.

4.1       Information you give us

At the time you sign up for a membership to the Polar Bear Society we collect information such as names, addresses, age, gender and e-mail addresses.

In regards to memberships for children, we will only collect a child’s personal information with the consent of the holder of parental responsibility for that child. This is in effect for children aged up to and including 15 years of age.

4.2       Photographs taken during activities provided by Hammerfest Turist AS and/or by GoNorth AS.

Photographs taken during activities provided by Hammerfest Turist AS or their sightseeing activities supplier GoNorth AS may be used for the purpose of destination marketing. GoNorth AS supplies both sightseeing tours as well as electrical bicycle rentals to Hammerfest Turist AS.

If you do not wish to have photos of you published on social media or used in promotional materials please let your tour guide know before or during your tour or contact us and we will remove such materials from public view.

Contact information: This email address is being protected from spambots. You need JavaScript enabled to view it., This email address is being protected from spambots. You need JavaScript enabled to view it. or Hammerfest Turist AS, Postboks 504, 9615 Hammerfest or by calling +47 7841 2185.

4.3       Information collected via our websites

Websites included are: www.hammerfest-turist.no, www.visithammerfest.no, www.visithammerfest.net and www.isbjornklubben.no.

Please see ‘Section 9 - Cookies, Web Beacons and Similar Technologies’ in regards to what type of information is collected via our websites.

 

Section 5 - HOW WE USE YOUR INFORMATION

You agree that we may use your personal information for:

5.1       Communication with Polar Bear Society members

We may communicate with you by phone, email or post in order to provide services to you. If you have a preferential way to communicate with us, please let us know. You can contact us at: This email address is being protected from spambots. You need JavaScript enabled to view it., This email address is being protected from spambots. You need JavaScript enabled to view it., at Hammerfest Turist AS, Postboks 504, 9615 Hammerfest or by calling +47 7841 2185.

5.2       Destination Marketing

Information collected may be used to promote Hammerfest as a destination using various methods. This includes:

-   Posts on various social media including but not limited to Facebook.

-   Promotional print materials.

-   Promotional videos.

 

Section 6 - SHARING AND DISCLOSURE

Hammerfest Turist AS will never sell your personal information. However, we may need to disclose your information if required by law or if we have your permission to do so.

If you participated on tours provided by our tour supplier GoNorth AS (organisation nr. 913 102 835) photos may have been taken during such tours. These may be used for marketing purposes to promote Hammerfest as a destination. Such photos may be posted on social media, including but not limited to Facebook or be used on other promotional materials.

 

Section 7 - ACCESSING/CHANGING YOUR INFORMATION

7.1       Right of Access

You have the right to request a copy of all the information we hold about you. The request should be in writing and include a name, address and a description of the information requested.

You can contact us at: This email address is being protected from spambots. You need JavaScript enabled to view it., This email address is being protected from spambots. You need JavaScript enabled to view it. or

Hammerfest Turist AS, Postboks 504, 9615 Hammerfest.

7.2       Changes to your Information

Keeping your information up to date is important. If your personal information changes or if you wish to cancel your membership please contact us at: This email address is being protected from spambots. You need JavaScript enabled to view it., This email address is being protected from spambots. You need JavaScript enabled to view it., at Hammerfest Turist AS, Postboks 504, 9615 Hammerfest or by calling +47 7841 2185.

 

Section 8 - DATA RETENTION

We only retain your personal data for so long as is necessary for the purposes for which it was collected.

The Polar Bear Society memberships are lifetime memberships. As such, personal information collected for this purpose will be kept indefinitely unless the data subject has made a request for deletion.

 

Section 9 - COOKIES, WEB BEACONS AND SIMILAR TECHNOLOGIES

When you access our websites www.hammerfest-turist.no, www.visithammerfest.no, www.visithammerfest.net and www.isbjornklubben.no, we may use cookies and other such technologies (collectively called "Cookies").

These collect information about how our site is used and are solely used for statistical purposes or for the functionality of the website.

You are able to block most types of Cookies if your browser permits. However, be aware that declining some types of Cookies may interfere with the functioning of our websites. We are not responsible for the types of cookies, web beacons etc. used on third-party websites listed on our websites. Please refer to the individual site’s privacy policy.

 

Section 10 - INFORMATION SECURITY    

Hammerfest Turist AS is committed to handling personal information in accordance with the Personal Data Act of 14 April 2000, Nr. 31.

We take appropriate measures to ensure that your information is stored securely, is accurate and up to date as much as possible, and is kept only for so long as is necessary for the purposes for which it was collected.

All data is only stored on servers located in Norway.

How do we protect your personal information?

-      - We only authorise access to personal information to employees who require access to it in order to meet their job responsibilities.

-      - We use computer safeguards such as firewalls and data encryption to keep your information secure.

 

Section 11 - CHANGES TO THIS PRIVACY POLICY

Revisions to this Privacy Policy may be made at any time and the most up to date Privacy Policy will be posted on our websites at: www.visithammerfest.no/privacy and www.isbjornklubben.no/privacy.

If we make changes that we deem to be important, we will provide notice by appropriate means in order to provide you the opportunity to review the changes before they go into effect. If you object to these changes you may request the deletion of your membership. If you continue to be a member, after having the opportunity to review the changes, it will constitute your consent to the updated Privacy Policy.

 

Section 12 - PRIVACY POLICY INQUIRIES

For questions or concerns related to our Privacy Policy we encourage you to contact us at: This email address is being protected from spambots. You need JavaScript enabled to view it., This email address is being protected from spambots. You need JavaScript enabled to view it., or at Hammerfest Turist AS, Postboks 504, 9615 Hammerfest.

If we could not resolve your questions or concerns you may also lodge a complaint with your local supervisory authority. A list of National Data Protection Authorities is available at: http://ec.europa.eu/newsroom/article29/item-detail.cfm?item_id=612080

 

---

For detailed information on the Personal Data Act of 14 April 2000 Nr. 31 and the General Data Protection Regulation (GDPR) visit:

The Personal Data Act

https://www.datatilsynet.no/en/regulations-and-tools/regulations-and-decisions/norwegian-privacy-law/personal-data-act (English)

https://lovdata.no/dokument/NL/lov/2000-04-14-31 (Norwegian)

The General Data Protection Regulation (GDPR)

http://eur-lex.europa.eu/legal-content/EN/TXT/?uri=uriserv:OJ.L_.2016.119.01.0001.01.ENG (English) (Norwegian version not available)

---

 

 

Version 1 Effective: 24 May 2018