Privacy Policy for Selma City Spa

At Selma City Spa Stockholm, we process your personal data in various contexts, such as when you book a treatment or spa entrance with us or in other contexts. In our privacy policy, you will find information about our processing of personal data. Below you will also find contact information if you have questions or if you want to request access to information.

We process your personal data in accordance with the current Swedish Data Protection Ordinance, hereinafter GDPR.

Data Controller for your personal data

Selma City Spa Stockholm, part of Clarion Hotel Sign AB reg. no. 556466-0107, Östra Järnvägsgatan 35  phone +46 8 676 98 00, email: reservations.sign@strawberry.se is responsible for the processing of personal data in our booking, billing, and hotel operations systems. Clarion Hotel Sign is part of Strawberry. We are also jointly responsible for our marketing and sending email to our customers and other contacts.

Processing of personal data in connection with spa bookings

In connection with the bookings you make yourself or that others make on your behalf, we process personal data that we need to fulfill the agreement for booking and purchasing services. This includes information that you have provided to us directly or that you have provided to us through a travel agency or agent. We process, for example, information regarding your identity, your contact information, and your payment information. In some cases, we save your passport number. Additionally, we process other information that you may have provided and that is relevant to your stay with us. This may include information about allergies or special requests regarding your stay. We record all purchases and orders you make with us, such as spa, restaurant, room service, in order for us to deliver these services and for you to pay for them.

We process this data as long as necessary to fulfill the booking agreement with you, and also as long as current laws and regulations require us to do so.

Processing of personal data for marketing purposes

When you subscribe to our newsletter, we save and use your email address to send news and offers from us.

We also use your email address or phone number to send news and offers in accordance with regulations regarding existing customer relationships. Our basis for this is the Marketing Act.

We may contact you via social media with your consent or in accordance with existing customer relationships. In order to use social media as a communication channel, we must provide your email address or phone number to the social media platform. Our basis for this is consent or legitimate interests.

You can withdraw any consent you have previously given to us at any time. You can also opt out of receiving marketing communications based on existing customer relationships. You can do this by sending an email to reservations.sign@strawberry.se.

Processing of personal data for development, troubleshooting, and security

We process data, including personal data, for troubleshooting and correcting errors, to improve our services and the technology we use, and to analyze users and user behavior. Additionally, we process personal data to verify your identity, including verifying identity when using our digital services.

We anonymize data and generate statistics as much as possible, but we also have to process personal data for development, troubleshooting, statistical, or security purposes.

Processing of personal data for other purposes

If you contact our customer service or otherwise reach out to us with inquiries, we process the personal data you provide to the extent necessary to respond to and log your inquiry. The basis for this is legitimate interests, or to fulfill agreements with you, or to respond to your inquiries.

In addition to processing described in our privacy policy or based on your consent, we may in some cases be obliged to process personal data when current regulations, including data protection regulations and the GDPR, require or allow us to do so by valid authority order or court order.

Disclosure of personal data and statutory processing

We do not disclose your personal data to a third party without your consent, or without valid authority order or court order as allowed or required by current laws, including data protection regulations and the GDPR.

To avoid misunderstandings, we want to clarify that our data processing for processing data for our own purposes is not considered disclosure.

Your rights

As an individual, you have a number of rights under the data protection regulation.

You have the right to request information, correction, and deletion of personal data we process about you. You also have the right to request restriction of processing, the right to object to processing, and the right to data portability.

To exercise your rights, you can contact us here. We will respond to your request as soon as possible, and no later than within 30 days.

We will ask you to confirm your identity or provide additional information before allowing you to exercise your rights against us. We do this to ensure that we only provide your personal data to you – and not to someone pretending to be you.

Data Processor

We are part of Strawberry. Strawberry has its own data processor. The data processor is an agent for all hotels affiliated with Strawberry, including ourselves.

The processor is our contact point for the Norwegian Data Protection Authority (Datatilsynet).

The processor provides all hotels within Strawberry, our data processors, and our employees with advice and guidance on the processing of personal data and the regulations for this. The processor works to ensure that we comply with the regulations regarding personal data and our internal guidelines.

Our data processor can also help you manage your rights against us, or help you get answers to questions about your personal data with us.

You can contact our data processor at DPO@strawberry.no.

If you believe that our processing of your personal data does not comply with our description herein, or if we otherwise violate the data protection regulation, you can also submit your complaint to the Norwegian Data Protection Authority (Datatilsynet), or to the supervisory authority in the country where you stay at one of our hotels. Information on how to contact Datatilsynet is available on Datatilsynet's website www.datatilsynet.no.

Cookies

We use cookies to improve the user experience on our websites.

A cookie is a small text file that is saved on your device (such as your smartphone, computer, tablet). Cookies help identify which pages are visited on our website. The information saved by cookies may include how you use the website, what browser you use, and which web pages you have visited.

A permanent cookie stays on your device for a predetermined period. A session cookie is temporarily stored in your device's memory while you are on our websites. Session cookies are deleted when the browser is closed. We use both permanent cookies and session cookies. Strawberry may also use third-party cookies. If you do not want our websites to save cookies on your device, you can disable cookies in your browser. Disabling cookies will reduce the functionality of our websites.

Changes to Privacy Policy or Processing

We continuously work on developing and improving our services for our customers. This may change the approach or scope of our processing of personal data. The information provided in this privacy policy will therefore change and be updated from time to time. We will also change the privacy policy in accordance with new regulations or if regulatory practices require it.