Privacy

Business Guesthouse Groningen, being a trade name of Hotel Miss Blanche B.V. and registered at the Chamber of Commerce under number 02056008, respects everybody’s privacy. Therefore, a Privacy Statement was drawn up, also as part of the General Data Protection Regulation (GDPR) which takes effect from 25 May 2018.

Whereas:

  1. Business Guesthouse Groningen
    hereafter referred to as Processor;
  2. Hotel accommodation, website visit, request for information (such as a quotation, availability of hotel rooms), receiving a newsletter.
    hereafter referred to as Service and Services;
  3. Person who visits the website, purchases a Service from Processor
    hereafter referred to as Visitor.

Data to be processed

Processor asks Visitor for data in order to deliver Service.
Depending on the Service requested, Processor asks for the following data:

Minimum personal data required

The following are the minimum data required for delivering Services:

  • Gender
  • Initials, first names, suffixes, last names
  • Email address
  • Telephone number
  • Type of ID (passport, identity card or driving license)
  • Document number of ID

Optional personal data

Visitor may optionally transfer the data below for the purpose of the Service. Visitor is not required to do so. Processor asks for these data in order to deliver the best possible Service:

  • Nationality
  • Languages spoken
  • Street and number
  • Postcode and town
  • Country
  • Date of birth

Company data

Processor may ask Visitor the data below in case Visitor acts on behalf of a company:

  • Company name
  • Legal form
  • Street and number
  • Postcode and city
  • Country
  • Email address
  • Telephone number
  • Contact
    • Initials, first names, suffixes, last names
    • Email address
    • Telephone number

Payment data

Processor provides paid Services. For the authorisation and actual payment of Services Processor requests the following data of Visitor that, depending on the Service to be purchased, are required:

  • Type of credit card
  • Credit card holder
  • Credit card number
  • Date of expiry of the credit card

Special and/or sensitive personal data

Only persons older than 18 years of age are allowed to request a Service from Processor. Persons under the age of 18 need permission from a parent or guardian to do so. Furthermore, Processor will only store data relating to age of persons under the age of 18.

Purpose of processing

Processor requires the data listed above for the following purposes:

  • The delivery of Services;
  • The performance of payments for Services;
  • To contact someone in case of damages, violation or loss.

Automated Decisions

Processor will not make decisions based on automated processing with respect to matters that may have (significant) impact on persons. This concerns decisions taken by computer programmes or computer systems without the intervention of a human being (e.g. an employee of Processor).

Data security

Processor sets high requirements for the data security of Visitor. Processor therefore takes the following measures to guarantee that security.

  • HTTPS-protocol on the website. Data is sent via a secure connection;
  • The file server on which Visitor’s documents are stored is protected by firewall security.
  • Payment data is stored in encrypted format and is accessible to be viewed for a short time only after logging in.
  • Employees of Processor are trained to discreetly handle the data they process.

Period of data storage

As the Services provided are recurring, Processor stores data for an indefinite period.

The right to request data

At the request of Visitor, Processor may provide collected data of Visitor. However, the request will be granted only on presentation of an ID.

The right to update data

Processor may update data of Visitor at the request of and in consultation with Visitor. However, the request will be granted only on presentation of an ID.

The right to be forgotten

At the request of and in consultation with Visitor, Processor may make Visitor data anonymous to ensure Visitor cannot be identified by the data.

Sharing data with third parties

Processor makes data processing agreements with companies it has delegated data processing to, in order to ensure an identical level of security and confidentiality of your data. Processor may provide these agreements at the request of and in consultation with Visitor. However, the request will be granted only on presentation of an ID.

Cookies

Small text files on the computer of Visitor are used to monitor the browsing behaviour of Visitor. Processor differentiates between tracking cookies and functional cookies.

Tracking cookies

Processor uses the following tracking cookies.
Visitor is asked for consent for these cookies upon the first visit to the website:

  • Google Analytics – to measure website visits;
  • Facebook Pixel – to measure website visits;
  • LinkedIn Pixel – to measure website visits.

Functional cookies

Processor uses the following functional cookies:

  • PHPSESSID – to be able to recognise repeat visitors;
  • WordPress cookies – for website management.

Questions or comments

Processor is willing at all times to respond to questions or comments from Visitor. Visitor may contact Processor via the phone numbers and email addresses that are listed on Processor’s website.