Book now Book now

Privacy Policy

This privacy policy describes how GRAM Hotels collects and processes the personal information of our hotel/restaurant guests, members of our Gram Social Club loyalty program, and visitors to our various websites. “Personal Data” refers to any information that can directly or indirectly identify a person who is currently living.

Destination Bjäre Holding AB, organization number 559118-3073, is the entity with the overall personal responsibility for the processing of personal data that takes place within the domain of operations of the corporate group known as GRAM Hotel. Each hotel and/or restaurant within the corporate group GRAM Hotels (consisting of Hotel Skansen in Båstad, Torekov Hotel, Hotel Riviera Strand and Hamnplats 3) is responsible for the processing and collection of personal data for purposes within the framework of the hotel/restaurant operations. This processing and collection is undertaken in concert with Destination Bjäre Holding AB.

Regarding the processing of Personal Data of individuals that utilize the services of the Restaurant & Hotel Skansen in Båstad AB (organization number 556599-3515), the personal data responsibility is divided accordingly between Destination Bjäre Holding AB and Restaurant & Hotel Skansen in Båstad AB.

All references made below to terms such as “GRAM Hotels”, “we”, “our” or “us” shall be understood as a reference to the company or companies within the corporate group who are responsible for the personal data for the relevant data processing.

GRAM Hotels uses Personal Data for various purposes, including: the administration and processing of reservations/bookings; the adaptation, provision, and development of our services (referred to as “services”) in order to optimize the user experience; making communication with users more personal.

Your privacy is important to us, and to this end we work hard to comply with all applicable data protection laws and to safeguard your rights and data. Please read this privacy policy carefully to understand how and for what purposes we process your Personal Data, as well as to understand what rights you have as a user of these services. If you have any questions regarding the processing of your Personal Data or this privacy policy, if you want to exercise your rights as described below, or if you wish to inquire for any other reason regarding the processing of your Personal Data, you are welcome to contact us (please see contact details at the bottom of this privacy policy).

How do we collect personal data about you?

GRAM Hotels collects and processes your Personal Data only to the extent permitted by applicable data protection legislation. Personal Data may be collected when booking our Services, submitting information via our website, or when you stay with us. Your Personal Data is collected either directly from you or from a company, organization, or person who administers or provides our Services to you indirectly. Furthermore, we collect Personal Data through cookies, tags, tracking pixels, and via Club Grams member service. From time to time we may receive Personal Data about you from other companies within the Gram Hotels corporate group and its various partners.

It is important for GRAM Hotels to always keep your Personal Data up-to-date and accurate. For this reason we may sometimes import Personal Data about you from external sources such as public records.

What type of Personal Data do we collect?

We only collect Personal Data that is relevant for the purposes described in this privacy policy. Personal Data that may be collected includes: names, addresses, telephone numbers, email addresses, IP addresses, and cookies; information directed towards facilitating the use of our website (e.g. the default language selected and user history); information about membership within the GRAM Social Club; information about travel companies, booking preferences, payments, employers, contacts in emergency situations, requirements for special diets, requirements for changes due to disability, as well as other information that you share with us in your communications with us.

Why do we process your Personal Data?

GRAM Hotels collects Personal Data for various purposes. Which Personal Information is collected and how it is collected depends on which Services you use.

GRAM Hotels uses Personal Data in service of the following activities:

  • to administer, provide, develop and maintain our Services, including for purposes that are designed to increase your benefit and experience when using our Services;
  • to process bookings and orders as part of our Services;
  • to contact you through various means, including via SMS, mobile applications, or email. Avenues of contact may be used to notify you of your reservation status or to
  • provide you with information that may be useful before, during, or after your stay;
  • to diagnose errors, optimize our technology, or to contact you in the event of issues with bookings or the fulfillment of our Services;
  • to analyze and improve the quality and user experience of our services;
  • to personalize communication to you regarding our Services (e.g. by creating a profile for you and sending offers that fit your profile as a user of our Services);

Under what legal grounds do we process your Personal Data?

GRAM Hotels processes Personal Data on the basis of various legislation including:

  • Personal Data that is collected in order to administer and process a booking that you have made on your own behalf. Such processing also ensures that you can use the relevant Services in accordance with this booking. The processing for this Personal Data must be undertaken before a contract with you is completed (a contract to provide our Services). The legal basis for this processing is to fulfill our agreements with you once the booking is confirmed.
  • Your Personal Data may also be processed to administer and process a booking made by someone else on your behalf. Such processing ensures the use of relevant Services and this Personal Data is collected for the legitimate interest of our organization to adequately fulfill the agreements made with the Company, organization or person who made the booking at issue. If you make a booking on someone else’s behalf, we will process your Personal Data for our legitimate interest in fulfilling the agreement with the company, organization or person to whom the booking relates.
  • Regarding the processing of your Personal Data to diagnose errors, optimize our technology, analyze statistics and user behavior, and individualize communication with you, the legal basis for such processing is our legitimate interest to provide our customers with the best possible service, as well as to optimize our communication and our Services.
  • The processing of your Personal Data to send offers, information, and marketing regarding our Services is based on our legitimate interest in marketing, promoting, and informing people about our business and our services.
  • Personal Data regarding allergies or disabilities will only be processed to the extent that we have obtained explicit consent from you. Our starting point for such information is that it should be securely anonymized as much as possible, to the extent that it does not compromise the individual’s safety. Furthermore, this information will be deleted immediately after your visit has ended and our need for such information has also ended.

Dispatch of information

When you make a booking or reservation with us, we may use your Personal Data to send out materials such as booking confirmations, important information about your upcoming visit, and offers related to the stay. Such information will be sent to the email address you provided when booking.

Once your stay has concluded, a survey will be sent out asking a few questions about your visit to help us improve our services. We may also send emails thanking you for your visit.

Before and during your stay, we may also send out information to the email address and/or mobile number that has been entered in connection with the booking (via email correspondence and/or SMS). Such messages may contain information regarding available SPA times, important information for the stay, or reminders of reservations at our restaurant, etc.

Receipt of Personal Data by email

This paragraph applies to individuals who, either as a private person or as a representative of your company, have sent email correspondence to an employee or other representative of GRAM Hotels. From such correspondences we may collect Personal Data in the form of your name, email address and other information that you voluntarily share with us in emails you have sent. Upon receipt of an email, we will make an assessment of whether we have any reason and/or legal basis under this privacy policy to store or otherwise continue to process the Personal Data received. If we make the assessment that there is indeed an adequate reason and/or legal basis, we will continue to process the relevant Personal Data in accordance with this privacy policy. Otherwise, we will delete the Personal Data received through the email.

Storage and transfer of personal data

GRAM Hotels stores Personal Data in accordance with this privacy policy and all applicable legislation. Personal Data may be stored in connection with a booking and subsequent visits to us; it may be stored thereafter to the extent that it is necessary for GRAM Hotels to be able to fulfill the legal obligations incurred by GRAM Hotels and its partners/entities. Furthermore, GRAM Hotels saves Personal Data to the extent required to determine, enforce, or defend legal claims, as well as to detect or prevent fraud and other security issues.

After your visit, GRAM Hotels retains certain Personal Data about you in order to send you offers and information. You are entitled at any time and without charge to request that GRAM Hotels cease processing your Personal Data for marketing purposes.

Personal data may be transferred between the companies within GRAM Hotels in order to be processed for the purposes stated within this privacy policy. GRAM Hotels uses subcontractors (for computer operations and other services) to provide you with our services in the best possible way; subsequently, personal data may be transferred to these subcontractors. GRAM Hotels may utilize personal data assistants who process your Personal Data only on behalf of GRAM Hotels and in accordance with our instructions. Personal Data will only be processed by a personal data assistant after a personal data support agreement has been established between us and the personal data assistant; such an agreement ensures that we can adequately create a high level of protection for your Personal Data.

GRAM Hotels may also disclose Personal Data to the police or other legal authority if GRAM Hotels is obliged to disclose such information by law or by legal decision. GRAM Hotels may in some cases also need to submit information to other parties within the framework of a judicial case or a company acquisition process such as audits or the like.

GRAM Hotels generally does not process or transfer Personal Data to countries outside the EU/EEA; however, if we employ a subcontractor in a country outside the EU/EEA, or if it is necessary for us to be able to carry out our contractual obligations towards you, Personal Data may be transferred outside the EU/EEA even if, according to the EU Commission, the country in question does not have adequate protection for Personal Data. GRAM Hotels will in such cases take the necessary measures to ensure a high level of protection for your Personal Data and will operate in compliance with all applicable EU/EEA rules.

Security and the protection of Personal Data

GRAM Hotels has put into place ongoing measures to comply with the principles of “built-in data protection and data protection as standard”. GRAM Hotels continuously evaluates the security risks associated with personal data processing and works to takes the necessary security measures to reduce those risks. Furthermore, GRAM Hotels restricts access to Personal Data such that it is only accessible to the staff and employees that require access to the data in order for the purposes described in this privacy policy to be fulfilled.

We continuously train our staff on data protection issues. If you have direct questions about how we work with the General Data Protection Regulation (GDPR), please contact us at privacy@gramhotels.se and include the phrase “Personal Data” as the subject line.

You can read more about the General Data Protection Regulation: https://www.datainspektionen.se/dataskyddsreformen/

External web pages and applications

GRAM Hotels’ websites may have links to other applications and/or web pages that are not controlled by GRAM Hotels. This privacy policy applies only to your use of websites owned or operated by GRAM Hotels. GRAM Hotels is not responsible for the content of linked applications/web pages. GRAM Hotels is also not responsible for the processing of Personal Data that may be collected or managed by the owners or operators of linked applications/web pages.

At your request or by independent discovery, GRAM Hotels will correct or delete any incorrect or incomplete information. You also have the right to receive, without charge, a summary that shows what Personal Data about you is being processed.

Under special circumstances (as laid out under applicable data protection laws) you are entitled to request that GRAM Hotels limit the use of your Personal Data or to delete your Personal Data. Under certain conditions you also have the right to data portability, in accordance with applicable data protection legislation. This includes the right to extract and transfer your Personal Data in a structured, generally-used, and machine-readable format that can be utilized by another data controller.

If GRAM Hotels processes Personal Data based on your consent, you have the right to revoke your consent at any time through a written notice to GRAM Hotels. Withdrawals of this nature apply only to continued and potential future processing of your data; they do not apply retroactively. However, please be advised that revoking your consent does not affect processing undertaken with a legal basis other than consent (e.g. the provision of the Services you have ordered).

As stated above, you are entitled at any time and without charge to request that GRAM Hotels cease its processing of your Personal Data for marketing purposes. You may invoke this right by contacting us at privacy@gramhotels.se — please indicate the heading “Personal Data” as the subject line. In addition, you can also unsubscribe from our offers and other information that we send via email by clicking on the deregistration link located in the footer of all market mailings.

If you are dissatisfied with how we process of your Personal Data, please feel free to contact us and we will do our best to accommodate your concerns. Your privacy is very important to us and we always strive to treat your Personal Data with the utmost care and to protect it with safety and security. If you feel that we are lacking in this goal, you have the right to file a complaint regarding the way we process your Personal Data to the Swedish Data Protection Authority (Datainspektionen).

Cookies

Read about how we use cookies here.

Contact

If you wish to exercise your rights as stated above or you have any questions, comments or complaints regarding the ways GRAM Hotels processes your Personal Data or with our compliance to applicable data protection legislation, you can contact us at privacy@gramhotels.se — please write “Personal Data” in the subject line. Alternatively, you can get in touch with us at the following address:

GRAM Hotels
Att: Personal Data
Box 1073
269 21 Båstad

What will you book? --->