PRIVACY POLICY

CORPORATE WEBSITE PRIVACY POLICY

LAST REVISED ON 17 JULY 2018

Scope of this policy
Definitions
Recruitment
Social Media & Corporate Blog
Media & Influencer Requests
Radisson Hospitality News
Contacting us
Your rights
Security measures
What rules apply to children?
How is your Personal Data shared with Third Parties?
International Data Transfers
How long will we keep your Personal Data?
Does this Privacy Policy apply to Third Party websites?
What happens if we make modifications to this Policy?
How to contact us?

 

Scope of this policy

This policy describes how the Radisson Hotel Group and its Affiliates and Subsidiaries (“we” or “us”) collects, uses, consults or otherwise processes an individual's Personal Data on its corporate website http://www.radissonhospitalityab.com/ .

Radisson Hospitality AB is a company incorporated under the laws of Sweden, registered at Swedish Companies Registration Office with company number 556674-0964, having its registered seat in Stockholm, Sweden and its offices at Box 248 101 24 Stockholm, Sweden, telephone number: +32 2 702 9200, email address: info@radissonhotels.com

Radisson Hospitality Belgium SPRL/BVBA is a company incorporated under Belgian laws, registered at the Belgian Crossroads Bank for Enterprises with company number 0442.832.318, having its registered seat and its offices at Avenue du Bourget 44, B-1130 Brussels, telephone number: +32 2 702 9200, email address: info@radissonhotels.com.

Depending on the type of Personal Data processing described in this policy, Radisson Hospitality AB, Radisson Hospitality Belgium SPRL/BVBA and/or Affiliates and Subsidiaries of the Radisson Hotel Group may be operating as a sole or joint Controller. If operating as joint Controllers, the entities jointly determine the means and purposes of the processing of your Personal Data. This has however no impact on your rights and how you can exercise them against either of the joint Controllers by contacting us as set out below. Each Radisson Hospitality entity is solely responsible for the processing activities for which it is the sole Controller.

This Privacy Policy is intended to inform you how we gather, define, and use Personal Data that you provide to us when using our corporate website. Please take a moment to read this Privacy Policy carefully. Please note that if you plan to submit someone else's Personal Data to us, you may only provide us with that person's details with their consent and after they have been given access to information about how we will use their details, including the purposes set out in this Privacy Policy.

This policy includes a description of your data protection rights, including a right to object to some of the processing activities we carry out. Please note that your rights as a data subject may vary depending upon where you live.

Please note that there may be local variations to this Privacy Policy in order to comply with local legislation.

Definitions

Affiliates and Subsidiaries

Any corporation, firm, partnership or other entity which directly or indirectly controls, is controlled by, or is under common control with Radisson Hospitality AB and/or Radisson Hospitality SPRL/BVBA.

Controller

The natural or legal person, public authority, agency or other body which, alone or jointly with others, determines the purposes and means of the processing of Personal Data.

EU Privacy Law

Regulation 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of Personal Data and on the free movement of such data (the "GDPR"), as well as any legislation and/or regulation implementing or created pursuant to the GDPR and the e-Privacy legislation, or which amends, replaces, re-enacts or consolidates any of them, and all other national applicable laws relating to the processing of Personal Data and privacy.

Processor

A natural or legal person, public authority, agency or other body which processes Personal Data on behalf of the controller.

Recipient

A natural or legal person, public authority, agency or another body, to which the Personal Data are disclosed, whether a Third Party or not.

Third Party

A natural or legal person, public authority, agency or body other than the data subject, controller, Processor and persons who, under the direct authority of the controller or processor, are authorised to process Personal Data.

Supervisory Authority

An independent public authority which is established by a Member State pursuant to Article 51 of the GDPR.

Personal Data

Any information relating to an identified or identifiable natural person ("Data Subject"). An identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person.

Processing

Any operation or set of operations which is performed on Personal Data or on sets of Personal Data, whether or not by automated means, such as collection, recording, organisation, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure or destruction.

Privacy Shield

The EU-U.S. and Swiss-U.S. Privacy Shield legal framework, designed by the U.S. Department of Commerce and the European Commission and Swiss Administration to provide companies on both sides of the Atlantic with a mechanism to comply with data protection requirements when transferring Personal Data from the European Union and Switzerland to the United States in support of transatlantic commerce.

Radisson Hotel Group

Radisson administrative entities, including but not limited to Radisson Hospitality AB and Radisson Hospitality Belgium SPRL/BVBA, but also to the hotels operating under the Radisson Hospitality brands (including but not limited to Radisson Blu, Radisson RED, Radisson Collection, and Park Inn).

Standard Contractual Clauses

Sets of standard contractual clauses for transfers as adopted by the European Commission for the international transfer of Personal Data.

Personal Data Breach

A breach of security leading to the accidental or unlawful destruction, loss, alteration, unauthorised disclosure of, or access to, Personal Data transmitted, stored or otherwise processed.

 

Recruitment

When you submit a job application through our website or a third-party website for a vacancy at one of the Radisson Hotel Group entities or hotels, we will process your Personal Data for purposes of recruitment, and for the administration and management of our (future) staff. If your application is not successful (e.g. if the vacancy has already been filled) but we consider your profile relevant for potential future positions at the Radisson Hotel Group entities or hotels, we will add you to our talent pool and process your personal data for the purpose of potential future recruitment.

The table below describes the types of data we process for these purposes, where we get your data from, the ground we rely on to carry out the processing, and who we may share your data with.

Processed data categories

Source of data

Ground for processing

Recipients of data

Address, Age (date of birth), Education and studies, Email address, First Name/Last Name, Gender, Hobbies and interests, Immigration status (visa, work permit, residence or travel restrictions), Lifestyle (habits, social contacts, preferences etc.), Marital status, Nationality, Personality questionnaires, Picture recordings (photo/video), Place of birth, Profession and employment, Physical Data (opinions concerning personality or character, Telephone number

  • Directly from you through your application and/or during interviews
  • Opinions concerning your personality or character are generated internally by persons interviewing you/assessing your application
  • Personality questionnaires: from personality profile service provider

Ad hoc consent when filing your job application and participating to interviews

  • Other Radisson Hotel Group entities involved
  • IT service provider
  • Personality profile service provider

 

Social Media & Corporate Blog

Social Media

We may process your Personal Data obtained through social media platforms (including Facebook, Instagram, and Twitter) or our corporate blog for the purposes of (i) addressing your questions or complaints; (ii) monitoring our online reputation; (iii) improving our services and identifying opportunities on which we can focus; and (iv) internally sharing any achievements, activities, events you attended or competitions in which you participated and anything else you wish to share internally throughout Radisson through our corporate blog.

Some of our social media pages allow users to submit their own content. Please remember that any content submitted to one of our social media pages can be viewed by the public, and you should be cautious about providing certain personal information e.g. financial information or address details via these platforms. We are not responsible for any actions taken by other individuals if you post personal information on one of our social media platforms, e.g. Facebook or Instagram. Please also refer to the respective privacy & cookie policies of the social media platforms you are using.

The table below describes the types of data we process for these purposes, where we get your data from, the ground we rely on to carry out the processing, and who we may share your data with.

Processed data categories

Source of data

Ground for processing

Recipients of data

Any Personal Data you may decide to share with us or published on social media or on our corporate blog

  • Directly from you through publicly accessible social media pages
  • Directly from you when sending an entry for the corporate blog
  • It is in Radisson Hotel Group's legitimate interest as a business to process the Personal Data you have chosen to address to us or make publicly available on social media platforms in order to improve our general HR management and our individual employee relationships. In this context, Radisson Hotel Group's business interests prevail over yours.
  • Ad hoc consent for all entries to the corporate blog
  • Other Radisson Hotel Group entities involved
  • Corporate blog service provider
  • Social media platforms on which you post or submit content

 

Media & Influencer Requests

Media, ocial media influencers, bloggers and others can send requests to the Radisson Hotel Group through a dedicated web page. It is our aim to process each of these requests in the most efficient way possible. If you send us such a request, we will process your personal data to assess your application, contact you with updates on your application and offer you a final response as soon as possible. In case your application is successful, your personal data will also be processed to confirm your booking.

The table below describes the types of data we process for these purposes, where we get your data from, the ground we rely on to carry out the processing, and who we may share your data with.

Processed data categories

Source of data

Ground for processing

Recipients of data

Full name, Nationality, Phone Number, Email address, Social Media Profile and Reach, Language(s), Images (Photos and Videos), Disability requirements, any further personal data you choose to share with us

Directly from you when completing the Media & Influencer Requests form

Ad hoc consent obtained when completing the request form

  • Other Radisson Hotel Group entities involved
  • IT service provider

 

Radisson Hospitality News

The corporate website allows you to subscribe to Radisson Hospitality AB's or other Radisson Hotel Group entities' and staff's interim reports and/or news releases to be sent to you via email. You also have the possibility to order Radisson Hospitality AB's annual reports in printed format.

If you have explicitly subscribed to one of these services, we may, from time to time, contact you with information and process your Personal Data for this purpose.

If you no longer want to receive such reports and/or news releases, you may unsubscribe by clicking the unsubscribe link at the bottom of the web page where you have previously subscribed, or by clicking the unsubscribe link in the emails sent to you.

The table below describes the types of data we process for these purposes, where we get your data from, the ground we rely on to carry out the processing, and who we may share your data with.

Processed data categories

Source of data

Ground for processing

Recipients of data

First Name, Last Name, Company, Position/Title, Industry, Country, Phone, Mobile Phone, Email address, any personal data you choose to share with us through the comments box

Directly from you when completing the subscription form

Ad hoc consent obtained when completing the subscription

  • Other Radisson Hotel Group entities involved
  • IT service provider
  • Public company services provider

 

Contacting us

Should you have a particular query or feedback, you may contact us through the contact forms available on our website. In such context, we may process your Personal Data for the purposes of handling and providing an answer to your query or request or to follow up on your feedback. You may also contact someone (e.g. an investor contact or a social media contact) directly through one of the email addresses provided on the corporate website. In this case, we will process all Personal Data provided by you in this respect for the purposes of handling and providing an answer to your query or request.

The table below describes the types of data we process for these purposes, where we get your data from, the ground we rely on to carry out the processing, and who we may share your data with.

Processed data categories

Source of data

Ground for processing

Recipients of data

First Name, Last Name, Company, Job Title, Country, Address, Work Phone, Fax, Home Phone, Email Address

Directly from you through the forms

Ad hoc consent obtained through the contact form

  • Other Radisson Hotel Group entities involved
  • Public company services provider
  • IT service provider

 

Your rights

If you are in the EU, EU Privacy Law grants specific rights, summarized below, which you can in principle exercise free of charge, subject to statutory exceptions. These rights may be limited, for example if fulfilling your request would reveal Personal Data about another person, or if you ask us to delete information which we are required by law to keep or have compelling legitimate interests in keeping. To exercise any of your rights, you can file a request here privacyquestion@radissonhotels.com .

Should you have unresolved concerns, you have the right to lodge a complaint with a Supervisory Authority where you live or where you believe a breach may have occurred. We encourage you to come to us in the first instance but, to the extent that this right applies to you, you are entitled to complain directly to the relevant Supervisory Authority.

 

1. Right to withdraw consent

Wherever we rely on your consent, you will be able to withdraw that consent at any time you choose and at your own initiative by logging into your account on our website (if you have one) or by contacting us here privacyquestion@radissonhotels.com . The withdrawal of your consent will not affect the lawfulness of the collection and processing of your data based on your consent up until the moment where you withdraw your consent. Please note that we may have other legal grounds for processing your data for other purposes, such as those set out in this Privacy Policy.

 

2. Right to access and rectify your data

You have the right to access, review, and rectify your Personal Data. You may be entitled to ask us for a copy of your information, to review or correct it if you wish to rectify any information like your name, email address, passwords and/or any other preferences, you can easily do so by logging into your account on our website (if you have one) or by contacting us here privacyquestion@radissonhotels.com . You may also request a copy of the Personal Data processed as described in this Privacy Policy.

 

3. Right to erasure

In accordance with EU Privacy Law, you have the right to erasure of your Personal Data processed by us as described in this Privacy Policy in case it is no longer needed for the purposes for which the Personal Data was initially collected or processed or in the event you have withdrawn your consent or objected to processing as described in this Privacy Policy and no other legal ground for processing applies. Should you wish to have your Personal Data erased, please file a request here privacyquestion@radissonhotels.com .

 

4. Right to restriction of processing

Under certain circumstances described in EU Privacy Law, you may ask us to restrict the processing of your Personal Data. This is for example the case when you contest the accuracy of your Personal Data. In such event, we will restrict the processing until we can verify the accuracy of your data.

 

5. Right to object to processing

Under certain circumstances described in EU Privacy Law, you may object to the processing of your Personal Data, including where your Personal Data is processed for direct marketing purposes.

 

6. Right to data portability

Where you have provided your data directly to us and where the processing is carried out by automated means and based on your consent or the performance of a contract between you and us, you have the right to receive the Personal Data processed about you in a structured, commonly used and machine-readable format, and to transmit this data to another service provider.

 

Security measures

Appropriate technical and organizational measures are implemented in order to ensure an appropriate level of security of your Personal Data, including but not limited to encryption techniques, physical and IT system access controls, obligations of confidentiality, etc.

In the event Personal Data is compromised as a result of a Personal Data Breach we will make the necessary notifications, as required under applicable laws.

 

What rules apply to children?

We do not knowingly collect or solicit Personal Data from anyone under the age of 18 or knowingly allow such persons to book a room in one of our hotels.

In the event we learn that we have collected Personal Data from a child under the age of 18 without verification of parental consent, steps will be taken promptly to remove that information. If you believe that we have or may have information from or about a child under 18 years of age, please contact us at privacyquestion@radissonhotels.com .

 

How is your Personal Data shared with Third Parties?

We only share or disclose information as described herein, including with Third Parties.

Your Personal Data will also be shared with government authorities and/or law enforcement officials if required for the purposes above, if mandated by law or if required for the legal protection of the Controller(s) legitimate interests in compliance with applicable laws. In addition, we may share your Personal Data and other information with a successor to all or part of our business, where this is in our legitimate interests in facilitating a business sale and in this context our business interests prevail over yours. For example, if parts of our business or assets are sold, we may disclose user information as part of that transaction, subject to applicable law.

 

International Data Transfers

If you are in the European Economic Area (EEA), the data that we collect from you as described in this policy may be transferred to and stored at a destination outside the EEA, including for the purposes of processing that data by selected Processors, in order to facilitate the Radisson Hotel Group's business. Countries outside the EEA may not have laws which provide the same level of protection to your Personal Data as laws within the EEA. Where this is the case we will put in place appropriate safeguards to ensure that such transfers comply with EU Privacy Law, either by putting in place Standard Contractual Clauses approved by the European Commission as ensuring an adequate protection or by ensuring that the transfer is done to an organisation that complies with Privacy Shield in case the transfer is made to the United States of America.

In case you wish to obtain more details about our data transfer safeguards and the mechanisms in place, you may contact us at privacyquestion@radissonhotels.com .

 

How long will we keep your Personal Data?

We retain your Personal Data for as long as is required to fulfil the activities set out in this Privacy Policy, for as long as otherwise communicated to you or for as long as is permitted by applicable law. For example, we may retain your Personal Data if it is reasonably necessary to comply with any legal obligations, meet any regulatory requirements, resolve any disputes or litigation, or as otherwise needed to enforce this Policy and prevent fraud and abuse.

To determine the appropriate retention period for the information we collect from you, we consider the amount, nature, and sensitivity of the Personal Data, the potential risk of harm from unauthorized use or disclosure of the data, the purposes for which we process the Personal Data, and whether we can achieve those purposes through other means, and the applicable legal requirements.

 

Does this Privacy Policy apply to Third Party websites?

If you click on a link to a Third-Party website, you will be taken to a website we do not control and our Privacy Policy will no longer be in effect. Your browsing and interaction on any other website is subject to the terms of use and privacy and other policies of such Third-Party website. Read the privacy policies of other websites carefully. We are not responsible or liable for the information or content on such Third-Party websites.

 

What happens if we make modifications to this Policy?

We reserve the right to modify and update this Privacy Policy from time to time. We will bring these changes to your attention should they be indicative of a fundamental change to the processing or be relevant to the nature of the processing or be relevant to you and impact your data protection rights.

 

How to contact us?

Questions, comments, remarks, requests or complaints regarding this Privacy Policy are welcome and should be addressed to: privacyquestion@radissonhotels.com .