Great northern
Privacy Policy
Great Northern Privacy Policy
At Great Northern (“we”, “us” or “our”) we prioritize data security and privacy. This privacy policy sets out clear guidelines for Great Northern’s processing of your personal data when you visit our website, Great Northern | Golf – Spa – Restaurant – Hotel | Outstanding Experiences, or otherwise communicate with Great Northern.
1. Data controller
Great Northern is the data controller for the processing of your personal data:
Great Northern A/S
Great Northern Ave. 1
5300 Kerteminde
CVR: 35801987
Tel: +45 3333 7711
Mail: info@greatnorthern.dk
2. Purposes, basis of processing and types of personal data
We have outlined below the purposes for which we process your personal data when you interact with Great Northern.
a. To respond to inquiries
If you contact us via our website, by email or otherwise, we will process your personal data in order to respond to your inquiry. We typically process the following standard personal data about you name, address, email, phone number, company name, title and information about your booking.
We use the balancing of interests rule in Article 6(1)(f) of the General Data Protection Regulation as the basis for this processing, as it is necessary in order to respond to your inquiry and communicate with you.
We collect the personal data directly from you and will only retain it for as long as necessary to fulfill the above purposes.
b. Hotel & Spa
If you book an accommodation or stay, we process normal personal data about you. We will typically process the following personal data in order to book your accommodation or stay: name, invoice details, address, email, phone number, company name, country, confirmation of acceptance of terms and information about which stay you have chosen and what is included and passport or ID.
We use Article 6 (1) (b) of the General Data Protection Regulation (GDPR) as the basis for processing this data, as it is personal data that is necessary to process in order to fulfill the agreement with you. In addition, the basis for our processing is the balancing of interests rule in Article 6 (1) (f) GDPR, as we have a legitimate interest in adapting the services provided to your needs and wishes and to be able to send evaluation forms in connection with your stay.
In certain cases, we are required to process information about your name, nationality, position, address, date of arrival, passport details or other travel documents. The basis for processing this personal data is Article 6 (1) (c) of the General Data Protection Regulation and statutory provisions on the obligation to keep an authorized guest protocol in the form of Executive Order 2022-08-23 no. 1206 and Executive Order 2021-12-28 no. 2693 on passports etc.
We collect the personal data directly from you and will only store it for as long as it is necessary to fulfill the above purposes. We store invoice information for the relevant financial year plus 5 years in accordance with Danish accounting legislation.
Passport and ID information is stored for a maximum of 2 years, after which the information is deleted cf. the above executive orders.
When booking, a customer card is generated in Great Northern’s booking system see more about this in section e.
Please note that stays with spa, golf or events included are described in the other sections of this privacy policy.
c. Spa
In connection with your visit to Great Northern Spa, we collect, process and store information about you and any accompanying guests in order to complete your booking or inquiry.
In this connection, we may process data such as name, address, telephone number and e-mail address.
A guest profile is created for all our guests so that we know who and how many people are in the spa area and to be able to enforce the spa’s rules of conduct towards our guests. In connection with the creation of the guest profile, you must present a photo ID. Your photo ID is not registered but is used to verify the information provided when creating your guest profile.
When creating the guest profile, we process: name, telephone number, date of birth via your social security card (the last 4 digits of your social security number are encrypted so they are not visible to us), your photo. When you subsequently use the guest profile, we also register the date and time of your visits, which is done by scanning your health insurance card in connection with the visit.
In the event of expulsion, the reason, date and period of expulsion are registered in the guest profile.
Our processing of your personal data is based on Article 6 (1) (b) of the General Data Protection Regulation, as the information is necessary to fulfill our booking agreement and guest profile creation.
When registering your social security number, we use consent, as by clicking accept to create your guest profile, you consent to our registration of your social security number, cf. section 11(2)(2) of the Data Protection Act and Article 7 of the General Data Protection Regulation. If the consent of an expelled guest is withdrawn, the guest profile will be maintained during the quarantine period without a social security number.
We also apply Article 6 (1) (b) of the General Data Protection Regulation when we register a breach of the agreed rules of conduct, and we make use of the balancing of interests rule to process information about any expulsions and breaches of our rules of conduct in accordance with Article 6 (1) (f) of the General Data Protection Regulation. The legitimate interests justifying the processing are our desire to ensure that expelled guests do not gain access to our spa, to ensure the well-being of other guests and staff.
In addition, we process booking data for the purpose of optimizing our spa. The basis for our processing of your data for this purpose is the balancing of interests rule in Article 6 (1) (f) of the General Data Protection Regulation. The legitimate interests that justify the processing are that we want to be able to continuously analyze visitor data to optimize and develop the experience for our guests and enable internal reporting.
The guest profile will be deleted no later than 12 months after the last visit to Great Northern Spa. Guest profiles of expelled guests are maintained for 24 months from the expulsion unless special circumstances apply.
When booking online, a customer card is generated in Great Northern’s booking system for the booking manager, see more in section e.
d. Restaurant
If you book a table or have booked a stay with dining, we process normal personal data about you. We will typically process the following personal data in order to book your table upon request: e-mail, phone number, name, number of guests, special requests, special food considerations and confirmation. When booking online, we typically use the following additional information: information registered in your user profile, see section e.
We use Article 6 (1) (b) of the General Data Protection Regulation as the basis for processing this information, as it is personal data that is necessary to process in order to fulfill the agreement with you. In addition, the basis for our processing is the balancing of interests rule in Article 6 (1) (f) of the General Data Protection Regulation, as we have a legitimate interest in adapting the services provided to your needs and wishes.
We process the information you have provided in connection with your reservation and possibly the information from your profile.
We retain your personal data for as long as it is necessary to fulfill the agreement with you and the evaluation thereof. We store invoice information for the relevant financial year plus 5 years in accordance with Danish accounting legislation. The information in your user profile is only deleted when you delete your profile or if you contact us to delete the information.
e. Great Northern customer card
Restaurant:
When booking a table at Restaurant Eat, a customer card is created in the restaurant’s booking system for planning and service in the restaurant and to allow the customer to change and keep track of reservations.
The customer card contains the information listed under point d. and the reservation ID.
We use Article 6 (1) (b) of the General Data Protection Regulation (GDPR) as the basis for processing this data as it is personal data that is necessary to reserve your table and plan the restaurant operation accordingly.
In addition, the basis for our processing of your customer card is the balancing of interests rule in Article 6 (1) (f) of the General Data Protection Regulation, as we have a legitimate interest in storing your preferences and history as well as offering access to future bookings including changing these.
The information in your customer card will only be deleted when you delete your customer card or if you contact us to delete information or your customer card.
Hotel and Spa:
When booking a stay in a Spa or Hotel, a customer card is created in the booking system so that your booking and any options can be registered and managed. The customer card is necessary in order to manage and settle your stay. In addition, Great Northern has an interest in being able to use the customer card to optimize our service by storing your service preferences.
The customer card contains the personal data listed under points b and c.
We use Article 6 (1) (b) of the General Data Protection Regulation (GDPR) as the basis for processing this information as it is personal data that is necessary to book your stay, administer your stay and for Great Northern’s operations.
In addition, the basis for our processing of your customer card is the balancing of interests rule in Article 6 (1) (f) GDPR, as we have a legitimate interest in storing your preferences and history in order to fulfill future bookings.
The information on the customer card will be deleted when there is no longer a purpose for storing the information, but for a maximum of 5 years from the last booking on the customer card. You are welcome to contact us if you want your customer card deleted, however, you should be aware that after deletion we will no longer be able to service you according to the information previously provided and registered on your customer card.
Hotel and Spa:
When booking a stay in a Spa or Hotel, a customer card is created in the booking system so that your booking and any optional extras can be registered and managed. The customer card is necessary in order to manage and settle your stay. In addition, Great Northern has an interest in being able to use the customer card to optimize our service by storing your service preferences.
The customer card contains the personal data listed under points b and c.
We use Article 6 (1) (b) of the General Data Protection Regulation (GDPR) as the basis for processing this information as it is personal data that is necessary to book your stay, administer your stay and for Great Northern’s operations.
In addition, the basis for our processing of your customer card is the balancing of interests rule in Article 6 (1) (f) GDPR, as we have a legitimate interest in storing your preferences and history in order to fulfill future bookings.
To support the preparation and personalization of your stay, we use a digital guest experience platform. This platform compiles, structures and enriches the information in your customer profile to create an extended guest profile that is accessible to relevant employees at our company.
In addition to the data mentioned in sections b, c and d, the following data may be processed through the Guest Experience Platform: booking requests entered in free text (such as food preferences, purpose of stay and accessibility needs), employee notes manually added to your booking or profile, and AI-assisted preference suggestions generated by text analysis of booking data. No automated decisions with legal effect are made in connection with this analysis. You have the right to object to our profiling based on Article 6(1)(f) of the General Data Protection Regulation, cf. Article 21(1) of the General Data Protection Regulation.
If your booking contains health information such as information about allergies or accessibility needs, this information constitutes special categories of personal data. The processing of such data is based on your explicit consent, which is obtained if and when you choose to provide such data in connection with your booking. You may withdraw your consent at any time by contacting us at info@greatnorthern.dk. Upon revocation, the relevant information will be deleted.
The information on your customer card will be deleted when there is no longer a legitimate purpose for storing it, and always no later than five years after the last booking registered on the customer card. You are welcome to contact us if you want your customer card deleted. However, please note that after deletion, we will no longer be able to serve you on the basis of the information previously provided and registered on your customer card.
Your data is stored in the guest experience platform as long as the corresponding data is active in our booking system.
f. Gift cards
If you order a gift card, we process normal personal data about you. We will typically process the following personal data in order to create your gift card: email, phone number, name, amount, address, date of birth, delivery and payment details.
We use Article 6 (1) (b) of the General Data Protection Regulation (GDPR) as the basis for processing this data, as it is personal data that is necessary to process in order to fulfill the agreement with you.
We process the information you have provided in connection with your order.
We retain your personal data for as long as it is necessary to fulfill the agreement with you and the evaluation thereof. We store invoice data for the relevant financial year plus 5 years in accordance with Danish accounting legislation.
g. Events
If you attend one of our events, seminars or workshops, we use your personal data to register you and communicate with you before, during and after the event. In connection with a seminar, webinar or workshop, we will typically only process the following information about you: name, position, email, phone number, company and type of event.
We use Article 6(1)(b) GDPR as the basis for processing when you register for an event as it is necessary to fulfill the agreement with you. However, we may also use the balancing of interests rule in Article 6(1)(f) of the GDPR as the basis for this processing as it is necessary in order to administer registrations and send out evaluation forms etc.
We receive most personal data directly from you, but we may also receive your personal data from other sources such as your employer if they handle your registration.
We store your personal data for as long as it is necessary to hold the event in question and for the evaluation thereof. If you have paid to participate in the event, we store invoice information for the relevant financial year plus 5 years in accordance with Danish accounting legislation.
h. Images, video and audio recordings
We often take pictures or videos (audio and video) of our activities (e.g. tournaments, open air events or virtual events) in order to share them on our website or other social media platforms such as LinkedIn, Facebook and Instagram.
If you are attending an event that we are recording, we will always inform you about it when the event starts and we will notify all participants during the introduction.
If you do not wish to be filmed/recorded during a virtual event, you can disable audio and video before attending the event. When we publish recordings from our virtual events, we use the balancing of interests rule in Article 6(1)(f) of the General Data Protection Regulation as the basis for this processing, as we have a legitimate interest in being able to market Great Northern and our many offers and experiences.
Please note that when we share images and footage on social media, we do so according to the terms of the relevant social media. You can see our privacy policy for Instagram and Facebook in the privacy policy section O.
We also film other events to document activities and internal training that we may share on our website or on social media. We process such recordings on the basis of Article 6(1)(a) of the GDPR (consent). However, we may also use the balancing of interests rule in Article 6(1)(f) of the GDPR as a basis for this processing if we deem it appropriate based on a general assessment of the situation and motive, as we have a legitimate interest in sharing our activities.
Generally we shoot the footage ourselves or use an external photographer, but we can also receive images and other footage directly from you or other participants.
We will retain your personal data (images and recordings) for as long as necessary to fulfill the above purposes, but no longer than 5 years after the event in question.
i. Marketing / Newsletters
We use your personal data for marketing purposes, including direct marketing, e.g. in the form of newsletters.
The newsletters may also contain marketing material from our business partners. In that case, we may process information about your name, age, email, phone number, consent form and nationality in order to send you relevant news.
We process your personal data for direct marketing purposes on the basis of our legitimate interest in selling our and our partners’ products and services, cf. Article 6(1)(f) of the General Data Protection Regulation.
However, we only send marketing material via e-mail based on your active prior consent in accordance with section 10(1) of the Danish Marketing Practices Act. You will not be contacted directly by our business partners, nor will we disclose your data to them.
Your personal data will be deleted when the marketing consent is withdrawn or if we do not utilize the consent within a period of 1 year. However, the consent form itself will be stored for 2 years after withdrawal of consent or due to expiration of the consent.
Once marketing consent has been withdrawn, we will no longer process your personal data for the purpose of sending newsletters or for other marketing purposes.
j. Use of our website
When you access our website, we use cookies to collect personal data about your movements. We also use various plug-ins that make it easier for you to share content from our website on social media such as Facebook, Instagram, LinkedIn etc. You can read more about this and get an overview of these third-party providers in the cookie overview, which can be accessed via our cookie policy.
We process your personal data in connection with your use of our website as described above and further described in our cookie overview. In connection with our use of necessary cookies, we process your personal data on the basis of Article 6(1)(f) of the General Data Protection Regulation, as we have a legitimate interest in offering you a website that works.
If you consent to the use and placement of additional categories of cookies, we will process your personal data in connection with this based on Article 6(1)(a) of the General Data Protection Regulation on consent.
You can read more about the use of cookies in our cookie policy. You can revoke or change your consent by rejecting cookies in the cookie overview or by blocking cookies in your browser settings.
k. Monitoring
We have installed CCTV surveillance in specific, targeted areas of our indoor and outdoor locations. The video monitored areas are clearly marked by signage.
In this connection, we process personal data in the form of CCTV recordings of traffic on Great Northern’s territory.
The purpose of video surveillance is to control access to the premises in question, prevent crime and ensure the safety of our employees and visitors. The recordings may also be used to investigate and document incidents. Recordings will only be viewed and reviewed in case of suspected criminal acts or internal/external audits.
We use the Danish Act on Television Surveillance and the balancing of interests rule in Article 6 (1) (f) of the General Data Protection Regulation (the balancing of interests rule) as the basis for our processing of your personal data, as it is necessary to register this personal data to ensure an adequate level of security for our employees and guests in relation to unauthorized access, suspicious behavior, asset protection and to prevent and prosecute crime. We use section 8(3) of the Data Protection Act as a basis if the monitoring reveals criminal acts.
TV surveillance recordings made for the purpose of preventing crime may be disclosed to the police in the event of criminal acts or if the disclosure is otherwise required by applicable law. We may also disclose the recordings to lawyers and other advisors as well as public authorities where required by applicable law. If it is necessary to disclose the recordings for purposes other than the aforementioned, we will request your consent to such disclosure if you are included in the recordings.
Recordings from CCTV surveillance for the purpose of crime prevention will be deleted or anonymized within 30 days of the recording, unless it is necessary for us to retain the recordings for the purpose of handling a specific case, e.g. in connection with solving a crime. In that case, the data will be stored for as long as it is necessary for the processing of the specific incident.
CCTV recordings made for other purposes will be deleted when it no longer serves a purpose to store the data.
l. Great Northern Golf Club
Personal data that you provide voluntarily and which is otherwise processed by Great Northern Golf Club in connection with the administration of your membership is not subject to this privacy policy. You can find Great Northern Golf Club’s privacy policy here: Privacy Policy – Great Northern Golf Club | Great Northern
m. Golf
When booking golf time, green fees, training etc. we use various modules in the GolfBox application. In connection with booking golf time, green fees, training, etc. we may process information about you, such as name, address, date of birth, telephone number, e-mail address, current golf handicap, Danish Golf Union membership number and your previous/current golf club. We collect this from GolfBox.
If you are not a member of a golf club, you will be created as a guest. We will register your name, which golf club you are a member of and your handicap.
We use Article 6 (1) (b) of the General Data Protection Regulation (GDPR) as the basis for processing this data, as it is personal data that is necessary to process in order to fulfill the agreement with you.
Users of GolfBox (members, clubs/organizations, teaching pros, tour operators and DGU) can search for other members via GolfBox, just as these users can add members to golf times, tournaments, lessons and courses. Personal information (member number, name, gender, handicap and age) is visible to all users of GolfBox, and information about booked golf times in your own club, but also in other clubs, can be viewed. If you sign up for a tournament, the above personal data is also visible to other GolfBox users. In addition, the club/organization responsible for the tournament can see your contact information for use in the event of, for example, cancellation or changes to the event. If you book a training session, your personal data is visible to the Pro/coach/club/organization responsible for the training, but not to other members.
If you do not want your personal data to be visible to others when you use GolfBox, you can choose to be anonymous in your user settings when you are logged into GolfBox.
If you have any questions about the use of GolfBox, you are always welcome to contact us.
You can log in to Golfbox here: GolfBox – please note that cookies may be used when using the link.
n. Facebook fanpage and Instagram
When does this privacy policy apply?
This privacy policy applies to Great Northern A/S’ (“Great Northern”) processing of the personal data that you leave and/or provide when you visit Great Northern’s Facebook page (“Facebook page”) and Great Northern Instagram page or when you participate in competitions via Facebook and Instagram organized by Great Northern. The Privacy Policy supplements Facebook Ireland Ltd’s (“Facebook”) general privacy policy.
In the following, “Facebook” and “Facebook page” are also used to refer to the Instagram page.
Who is the data controller of my personal data?
Great Northern and Facebook are joint controllers for the processing of your personal data.
Facebook’s corporate information is:
Facebook Ireland Ltd.
4 GRAND CANAL SQUARE, GRAND CANAL HARBOUR
D2 Dublin
IRELAND
Reg No: 462932
Great Northern follows the Danish Data Protection Agency’s guidelines on joint data responsibility, and Great Northern uses the applicable tools in the best possible way to ensure that you receive information about the processing of your personal data when you visit the Facebook page.
In this connection, Facebook has published an appendix on joint data responsibility for “Facebook Insights” (in English “Facebook Insights”), which you can find here.
What personal data is collected on Facebook?
Depending on your behavior on the Facebook page, Great Northern and Facebook may receive the following personal data about you:
– Whether you “like” or have used other reactions on the Facebook page
– Comments you leave on the Facebook page
– That you have visited the Facebook page
– Your behavior and interests on the Facebook page
– Personal data collected in connection with the holding of competitions (eg name and interests)
In addition, Facebook uses Facebook Insights on the Facebook page to collect statistical information about visitors’ behavior on the page, including age, gender, relationship status, work, lifestyle, interests, purchase information and geographical information. For this purpose, Facebook has placed cookies on your device when you visit the Facebook page. Each cookie contains a unique identification code that remains active for a period of two years unless deleted before the end of this period. Facebook receives, stores and processes your personal data through these cookies.
To read more about Facebook’s use of cookies on the Facebook page, including deletion, please read Facebook’s general cookie policy.
See Facebook’s cookie policy via the following link:
Facebook
Instagram
What is the purpose of processing your personal data?
Great Northern also uses your personal data to improve products, improve the Facebook page and to conduct surveys, compile statistics, develop and protect Great Northern’s services and products, including on the basis of your feedback. In this connection, Great Northern uses aggregated information that Facebook makes available through Facebook’s cookies via “Facebook Insights”, such as information about age, gender, relationship status, work, lifestyle, areas of interest and information about purchases and geographical information.
Among other things, Facebook processes your personal data to enable Facebook to improve its advertising system and to provide Great Northern with statistics that Facebook compiles based on your visit to the Facebook page, among other things, in order to advertise and customize the activities on the page. Through cookies, Facebook and Great Northern thus learn whether you “like” the Facebook page and use the page’s applications so that Facebook and Great Northern can customize the content of the Facebook page and develop features that you might be interested in.
What is the legal basis for the processing?
Great Northern processes your personal data as a result of Great Northern’s legitimate interest in being able to improve Great Northern’s products and services and in order for you, a friend or family member, to participate in a competition to win prizes (Article 6(1)(f) of the General Data Protection Regulation).
Facebook processes your personal data on the basis of Facebook’s legitimate interests, including Facebook’s interest in providing an innovative, personalized, secure and profitable service (Article 6(1)(f) GDPR). Facebook further processes your personal data in accordance with your consent, which you can withdraw at any time via the Facebook settings (Article 6(1)(a) GDPR).
For more information about Facebook’s legal basis for the processing of personal data, please refer to Facebook’s general privacy policy under “What is our legal basis for data processing?”.
See Facebook’s privacy policy via the following link:
Facebook
Instagram
Who receives my personal data?
Great Northern does not disclose your personal data to other companies but uses data processors such as media agencies and IT providers and may in some cases transfer your personal data to third countries. If your personal data is transferred to countries outside the EU/EEA, such transfer will take place on the following legal basis: Binding corporate rules, the country is approved as a so-called “safe” third country or if the country is not approved as a “safe” third country, we transfer data based on standard rules adopted by the EU Commission.
Facebook may share personal data with the following categories of recipients, among others:
– Internally among Facebook companies
– Externally with Facebook’s partners using analytics services
– Advertisers
– Other people using the Facebook page
– Measurement partners
– Researchers and academics
For more information about who Facebook shares your personal data with, please refer to Facebook’s general privacy policy under “How is this information shared?”.
Your personal data may be transferred by Facebook to Facebook in the USA and other third countries. Facebook uses standard contracts approved by the European Commission as well as adequacy decisions of the European Commission as the basis for transfers to third countries. You can find more information under “How do we process and transfer data as part of our global services?” in Facebook’s general privacy policy.
See Facebook’s general privacy policy via the following link:
Facebook
Instagram
3. Recipients
Great Northern may in some cases disclose your personal data to service providers (data processors) who process the personal data on behalf of Great Northern and in accordance with our instructions. For example, your personal data may be disclosed to: (i) suppliers that we cooperate with to provide services to you in connection with your visit to Great Northern, your membership and/or your use of our golf club, Great Northern Golf Club, and other services that we offer and (ii) other third parties in connection with the administration of your membership and/or use of our golf club, including GolfBox A/S (owner of the GolfBox application) or Visbook which is the supplier of our booking and administration system.
We also use data processors in the IT area, consultants, marketing, and other suppliers that Great Northern works with.
Disclosure of your personal data to third parties may occur if you have given your consent or if it is necessary for the performance of an agreement to which you are a party. In addition, disclosure may be made if it is necessary to pursue our legitimate interest, unless your interests are overridden. Under certain circumstances and in accordance with legislation, it may be necessary to disclose personal data to, for example, public authorities or the police. For example, data may be disclosed to the police in case of suspected credit card fraud.
Trackman
When using Trackman, personal data is processed in accordance with the conditions applicable to Trackman at any time, including processing in third countries. You can read more about Trackman’s processing of personal data at
https://mytrackman.com/system/privacy-policy. We will only upload training videos to Trackman if you have given your consent.
Danish Golf Union
When joining Great Northern Golf Club, your membership information is shared with the Danish Golf Union in order for you to receive a DGU card and DGU number. You can read more about the Danish Golf Union’s processing of personal data at https://www.danskgolfunion.dk/artikel/privatlivspolitik.
Social media
Due to the way social media works, your posts and other user content may be available to others on Great Northern’s websites and on social media around the world.
Additional recipients of personal data may be payment solution providers, banks, public authorities and advisors.
4. Processing of personal data outside the EU/EEA
Great Northern transfers, stores and processes your information (including personal data and content) both inside and outside Denmark. Wherever in the world your personal data is stored or processed by us or by a supplier on our behalf, we will take reasonable steps to protect your personal data.
In general, we store data within the EU/EEA. However, your personal data may be transferred or accessed from countries outside the EU/EEA.
If your personal data is transferred to countries outside the EU/EEA, such transfer will take place on the following legal basis:
a. Binding Corporate Rules
b. The country is approved by the EU Commission as having an adequate level of protection or the recipient is certified under e.g. EU-US Data Privacy Framework.
c. If the country is not approved by the EU Commission as having an adequate level of protection, we will secure the transfer as follows:
– By using the EU Commission’s Standard Contractual Clauses
– By obtaining your consent to the transfer
5. Sources
We generally process data that we have received directly from you or the devices you use. However, in some cases we also process information about you that we have received from other sources, such as DGU, your employer or the organizer of an event you participate in.
6. Erasure
We will retain your personal data for as long as it is necessary to fulfill the above purposes.
We may process and store the data for longer periods if it is anonymized or if we have a legal obligation to store it.
7. Withdrawal of consent
You may at any time withdraw any consent you may have given to us. Consent can be withdrawn by contacting us at the contact details listed above in section 1. If you withdraw your consent, it will only take effect from that time. It will therefore not affect the lawfulness of our processing of the data up to the time you withdraw your consent.
If you withdraw your consent, photos of you will not be used in new material, and photos of you on websites or similar will be immediately deleted or anonymized. Photos in printed material will be used while stocks last, after which they will be removed before reprinting. In addition, we will make reasonable efforts to delete already published footage that is available on media that Great Northern has at its disposal.
8. Your rights
Under the legislation of the General Data Protection Regulation and the Data Protection Act, you have a number of rights.
– You have the right to access, correct or delete the data we process about you,
– You have the right to object to the processing of your personal data and have the processing of your personal data restricted
– You have the unconditional right to object to the processing of your personal data for marketing purposes
– You have the right to receive your personal data in a structured, commonly used and machine-readable format (data portability)
Please note that there may be conditions or limitations to these rights. Therefore, you may not always have the right to data portability, for example – it depends on the specific circumstances of the processing activity.
You can exercise your rights by accessing your account settings or by contacting us at info@greatnorthern.dk. If you contact us by email, it will be necessary to verify your identity for security reasons.
9. Changes to this privacy policy
We may change this privacy policy from time to time to accommodate new technologies, industry practices, compliance with regulatory requirements or for other reasons. You can find the updated and applicable privacy policy here: https://greatnorthern.dk/persondatapolitik/
10. Links to other websites
Our website may contain links to other websites or to embedded pages. We are not responsible for the content of other companies’ websites or for such companies’ procedures for collecting personal data. When you visit other websites, you should read the privacy policies and other relevant policies of those sites.
11. Questions and complaints
If you have any questions about this privacy policy or if you wish to complain about our processing of your personal data, please contact us at the contact details provided above in section 1.
You can also complain to:
Datatilsynet
Carl Jacobsens Vej 35
DK-2500 Valby
T: +45 33 19 32 00
E: dt@datatilsynet.dk
Privacy Policy version 4.0 – August 2024