Skip to content

Privacy Policy

Icelandair Hotels takes protection of your personal information seriously and respects your privacy

Here is a summary of how Icelandair Hotels approaches your privacy rights, collection, usage and processing of your personal information:

  • Icelandair Hotels will provide you with details about the information we are gathering and what we will do with it.
  • Icelandair Hotels will put in place measures and use methods to keep your information secure and protected.
  • Icelandair Hotels will make sure your data protection rights are respected and to give you more control over your own information.
  • Icelandair Hotels will use the information you give us for the purposes described in our Privacy Policy. These purposes include providing you with services you have requested and enhancing your experience with Icelandair Hotels.
  • Icelandair Hotels will also use the information to help us understand you better and so that we can give you relevant offers.
  • Icelandair Hotels will not send you marketing material if you tell us you don’t want to receive it. However, we will continue to send you important updates and information on a service or product which you have purchased, in order to keep you informed of your booking or services.

By clicking “Icelandair Hotels Privacy Policy” below, you can read our Privacy Policy in more detail. Reading the Privacy Policy will give you a better understanding of how your personal information is used, what types of information we collect, how it is collected, what purposes it will be used for and who it may be shared with.

We will provide you with some specific examples of the processing of your personal information. If you have further inquiries, please contact us via e-mail by writing to privacy@icehotels.is.

Please keep in mind that the summary above, and the Privacy Policy below, are not contractual and do therefore not form part of your contract with us, without prejudice to your rights under applicable laws.

Icelandair Hotels Privacy Policy

+ Details about the data controller of your personal information

Where Icelandair Hotels processes your personal information under this Privacy Policy, it is considered to be the “data controller” of your personal information under European Union and Icelandic data protection law. Our address is as follows:

Data Protection Officer
Icelandair ehf.
Reykjavíkurflugvelli,
101 Reykjavík
Iceland

 

Icelandair Hotels has appointed a Data Protection Officer, whom you can reach by e-mailing privacy@icehotels.is or writing to the above address.

 Whenever you book to stay at an Icelandair Hotel, but some parts of your stay or journey are to be provided by other service providers, then those service providers are separate “data controllers” under European Union data protection law. In that case, Icelandair Hotels and any other service providers will be joint controllers of your personal information.

Any additional service providers, e.g. a travel agent or car rental company, which provide a part of your services will also be separate “data controllers”. Their privacy policies will be accessible from them directly.

Please be aware that, depending on the services that you have requested, other agreements will form your contractual relationship with Icelandair Hotels.

If you have requested additional services or booked a package including such services, then the providers of such services will be identified in the booking or ordering process. The providers of such services will also separately be “data controllers”.

+ When does this policy apply?

The Privacy Policy of Icelandair Hotels applies when we collect, use or otherwise process your personal information regarding your relationship with us as a customer or potential customer. This includes when you stay with us, use our additional services, websites or mobile applications. Additionally, the Privacy Policy applies when you contact our service agents or book our services through third parties. An example of such third party would be a travel agent.

Where we reference that others are data controllers in the sections ’Controller of Personal Information’ and ’Who do we share your personal information with?’ you should consult their privacy policies for further information.

For further information on the applicability of privacy policies, such as when there are additional “data controllers” as described in the section “Details about the data controller of your personal information” or when we share your personal information, as described in the section “In which cases and with whom do we share your personal information?” we advise that you refer to their privacy policies for additional details.

Additional Terms and Conditions or policies may apply if you request additional services from us, e.g. if you enter a competition linked to Icelandair Hotels and other third parties or if you sign up for Icelandair Saga Club.

+ What is personal information?

Whenever information provides details which identify your person or could be used for the same purpose, it is considered to be personal information. An example might be your name, your contact details or your purchase history. Details on how you use our websites and mobile applications may also be personal information.

+ In which cases do we process and from whom might we receive your personal information?

Whenever you use our services, website, mobile applications, make contact with us via e-mail or our service agents, we collect your personal information. The same applies when the services are provided by third parties or agents acting on behalf of Icelandair Hotels. Please be aware that if you do not wish to provide us with personal information which is necessary for the performance of a contract or which we are legally required to process, we may not be able to provide you with part or all of the services requested.

Furthermore, we may receive your personal information from third parties, such as:

  • When a company that is contracted by Icelandair Hotels provides services to you.
  • When a company or third party that is involved in your stay with us provides you with services, such as a travel agents or airlines which you have used to book your stay with us.
  • When a company is involved in our loyalty schemes, competitions or other customer programmes, such as another hotel, airlines, travel providers or rental car companies.
  • When a company provides your information to Icelandair Hotels as stated in their privacy policy.

To see which types of personal information Icelandair Hotels processes about you, please see the section “What types of personal information do we process?” 

+ What types of personal information do we process?

To provide you with our services, or the services of other data controllers which deliver part of the services that you have requested, we will need to process your personal information. Further processing may take place to provide you with relevant marketing materials and enhance your experience with Icelandair Hotels.

Icelandair Hotels processes the following types of personal information:

  • Information that you provide which is used to manage and complete a booking or provide you with services which you have requested.
    • + See example
    • Your name, address, email, contact details, date of birth, gender, your account details and payment information.
    • If you book for someone else, we may collect your billing information but may communicate with the guest directly about their stay.
    • We will know if you booked your stay on our website or used another sales channel such as a travel agent or our service center.
  • Information which is collected during your stay with us.
    • + See example
    • We may collect information such as your interactions with staff.
  • Information about your requests or preferences.
    • + See example
    • Details of your booking.
    • Details of any specific preferences such as meals, required additional assistance or services and other relevant information.
  • Information about services that you have previously used. 
    • + See example
    • Information on your previous stays with us, issues, service changes such as upgrades and customer feedback.
  • Information about online interactions and registrations. 
    • + See example
    • We will retain your information to ensure we interact with you appropriately if you have registered with us through our loyalty schemes or customer programs.
    • We will retain your information if you have entered a competition, registered for a promotion or interacted with us via social media such as Facebook or Twitter.
  • Information about how you use and interact with our websites, service agents and mobile applications. 
    • + See example
    • To help us to personalize your information and improve our website we collect information about your searches and the content you have viewed and interacted with on our website using cookies and similar technologies, such as the website you come from, internet banner advertisements and links which appear on our marketing partners’ websites.
    • We will use previous web usage data stored within the cookie to personalize and understand you as a customer. This could include if you have entered any booking information on our website.
    • We would be able understand from your data usage that you have visited our website and searched for a hotel room, but did not complete your booking. We may use this information to contact you to offer more information about the booking and destinations which you have shown interest in.
  • Information about your location from your device if you have been browsing on our website or using our mobile application. (This is your IP address. An IP address (i.e. Internet Protocol address) is a numeric code that can act as a unique identifier for your computer or other device – this can be turned off from your device).
    • + See example 
    • Identifying the country from which you are accessing the relevant website or application which will enable us to provide more relevant content and use an appropriate language.

For more information, please see our Cookie Policy.

+ When and why do we collect ‘sensitive personal data’?

In some cases, Icelandair Hotels may process your personal information which is considered to be sensitive. Specific categories of personal information, such as on religion, health or ethnicity require additional safeguards under European Union and Icelandic data protection law. These categories are referred to as “sensitive personal data”. Icelandair Hotels will only process these categories of data in specific circumstances.

Following are examples where we may process “sensitive personal data”:

  • If you have requested specific medical assistance, such as wheelchair assistance or oxygen.
  • Some requested services, such as certain types of meals, may provide suggestions of your religion, health or other preferences. These types of information may or may not be considered “sensitive personal data”.
  • If you have chosen to provide such information to us or it has been passed onto us by a third party such as the travel agent through which you made your booking.

+ For which purposes do we process your personal information?

The main purposes for which we process your personal information are:

  • To provide you with the services you have requested.
    • + See example 
    • We will need to use information such as your name, address, contact details, date of birth, gender, your account details and payment information so that we can process bookings, fulfil your preferences, process payments, provide information to relevant authorities and so that Icelandair Hotels agents know who is booked to stay with us.
  • To send you updates about your booking or other services.
    • + See example 
    • We may send you information when and if there have been disruptions or alterations to the services you have requested.
  • To help maintain safety and to meet certain legal and regulatory requirements which apply to Icelandair Hotels.
    • + See example 
    • We operate CCTV in some of our hotels to provide increased safety to our customers, staff and assets.
    • Icelandair Hotels maintains data which may be used to deny services to certain individuals due to previous incidents, e.g. jeopardizing of safety, harassment of other guests or staff.
  • To provide services tailored to your requirements or preferences and to treat you in a more personal way. 
    • + See example 
    • If you have stayed with us before, we may personalize the experience you have while checking in to our hotels. For example, a member of our staff may welcome you back to an Icelandair Hotel.
    • We may update and share non-personal information with our media agencies, in order to serve tailored and relevant advertising from our partners and third parties on our websites, applications and electronic communications.
  • To carry out analysis and market research. 
    • + See example 
    • We will analyze the way in which our sales channels, products and services are being used by customers so that we can understand how to improve the service we offer and encourage customers to use the full range of our products and services.
  • To market and keep you informed of Icelandair Hotels products and services. 
    • + See example 
    • We may send you information about our products and services, as well as the products and services of other Icelandair Group companies, by email or text message.
    • We may tailor the content of our websites, applications, emails and other communications to ensure they are as relevant to you as possible – including previous bookings including offers and/or services relating to that or a similar destination.
    • Understand your preferences when staying with us and provide information about offers, such as upgrades.
    • If you’ve searched for hotels or destinations but not booked, we may remind you about our services via social media, e.g. Facebook or Twitter based on the destinations you searched for previously.
    • We may combine/match anonymized customer relationship marketing data with a third party (e.g. Google, Facebook) so both companies can understand behavioral activities such as knowing other sites visited.
  • To send you status updates and service communications.
    • + See example 
    • Even if you have opted-out of receiving marketing material from us, we may still send you communications about the services you have booked to use, such as your booking confirmation. These communications will help you get the most from the services we provide and may also contain options and other details about the services you will be using.
    • We may also send you communications about the services you have previously used, for example, where you experienced some form of issue or problem and we wish to contact you about it proactively in order to resolve it successfully.
  • To improve our websites, products and services.
    • + See example 
    • We may monitor the way that you and other customers use our website so that we can identify ways to improve the website experience and enhance the security of our website.
  • For purposes related to legal claims or disagreements.
    • + See example  
    • We may use your personal information to uphold our legal rights as a business or the rights of our employees, e.g. in cases related to illegal activities, fraud or harassment.
  • For management and administrative purposes.
    • + See example  
    • We may use and retain your personal information, including your purchase history, for administrative purposes, which may include for example, accounting and billing, auditing, credit or other payment card verification, anti-fraud screening (including the use of credit reference agency searches and payment card validation checks) and systems testing, maintenance and development.
    • We may process your personal information when performing searches related to requests for copy or deletion of personal information.

+ When will we send you marketing?

When you provide your information directly to us you may be asked if you don’t want to receive our marketing material. Icelandair Hotels sometimes promotes the products and services of third parties and other Icelandair Group subsidiaries.

Icelandair Hotels may ask you to consent to receive marketing material from other third parties.

Whatever your choice on receiving marketing material from us or by which methods they are delivered, we will respect it.

What options do you have when receiving marketing material from us?

You can change your mind at any time on whether you would like to be sent marketing material or not. To stop receiving marketing material from us, you can use the following methods:

  • You can write to Icelandair Hotels marketing@icehotels.is
  • Furthermore, each marketing communication sent to you via e-mail will provide you with the option to unsubscribe from receiving any further marketing materials from us.
  • Alternatively, you can call our service center +354 444 4000 and ask to be unsubscribed from marketing materials in the future.

Even if you choose not to receive marketing material, we will still communicate with you in relation to services or products you have purchased. For example, we will still send you messages with your booking confirmation or to inform you of any changes or disruptions to the services.

Please be aware that if you indicate that you would not like to receive marketing material from us, we will retain your personal information in order to fulfil your wishes not to receive such material.

+ What is our legal basis for processing your personal information?

Your personal information will only be processed by Icelandair Hotels where there is a legal basis for the processing. The legal basis may differ based on the purpose of the processing of your personal information. In almost all cases, the legal basis will be as follows:

  • Because the processing of your information is necessary for the performance of a contract or in order to take steps at your request prior to entering into a contract, e.g. so that we can fulfil your requests, process your booking or provide you with the services that you have requested.
  • Because Icelandair Hotels has a legitimate interest as a hotel service provider to process your personal information to operate and improve our business activities.
  • Because Icelandair Hotels needs to process your personal information to comply with legal or regulatory requirements.
  • Because Icelandair Hotels may need to process your personal information to protect the vital interests of you or another person.
  • Because you have given your consent to Icelandair Hotels for processing your information for a specific purpose.

You can see more information on the processing with regard to each legal basis below.

In cases where the processing of your data is subject to other laws, then the legal basis for processing may be different than stated above. In such circumstances, the processing may be based on your consent in all cases.

Processing based on a contractual necessity

In order for us to provide you with services, such as fulfil your request to stay with us, it is necessary for us to process some of your personal information. We will need to process information such as your name, contact details and payment information so that you can check in to a hotel or other services in case of a package booking.

Processing based on legitimate interests

Icelandair Hotels operates several hotels in Iceland. As such, we have a legitimate interest to use your personal information in order to provide, improve and market our services.

    • + See example 
    • We may send you marketing materials in order to promote services and inform you of products.
    • We may carry out analysis and use data to provide you with a more personalized experience.
    • When we need to conduct legal claims.

Processing to comply with legal obligations

As a business, Icelandair Hotels needs to comply with legal and regulatory requirements and may need to process your personal information in order to comply with these requirements. 

    • + See example
    • Icelandair Hotels is required by Statistics Iceland to provide information on the nationalities of our guests. We may process your personal information to compile aggregate statistics to fulfil this requirement.

To protect the vital interest of you or another person

In rare cases, there may be an urgent need that we process your personal information to protect your vital interests or the interests of another person.

    • + See example 
    • If there is a medical emergency, we may need to process your personal information so that necessary medical assistance may be provided.

Processing based on consent

In some cases, we may process your personal information when you have provided your consent for us to do so.

Whenever we process personal information based on your consent, you may withdraw your consent at any time. To do so, please contact Icelandair Hotels by write to us at:

Data Protection Officer
Icelandair ehf.
Reykjavíkurflugvelli,
101 Reykjavík
Iceland

Please be aware that if you withdraw your consent, we may not be able to provide you with some or all of the services that you have requested from us. Additionally, it may not be possible to cancel your booking or for us to provide you with a refund of payments you have made to us.

+ For how long do we retain personal information?

Your personal information will be kept as long as it is needed for the purpose it is being processed. For example, we will need to retain information related to your stay for as long as it is needed to fulfil your booking and after that so that we can respond to claims, disputes or questions about the booking. Your information may also be retained so that we can provide you with improved and personalized services, as well as so that you may enjoy any loyalty benefits which you have accrued.

Icelandair Hotels actively reviews personal information so that it is not retained longer than there is a legal basis for it being processed. In some cases, it may be anonymized and in other cases, deleted.

+ In which cases and with whom do we share your personal information?

Icelandair Hotels may share your personal information with its sister companies within the Icelandair Group, which include Air Iceland Connect, Icelandair, Iceland Travel, Fjárvakur-Shared Services and Icelandair Cargo. Icelandair Hotels shares details within the Icelandair Group so that our sister companies can help us provide, improve and market our services. As an example, if you have used the services of our sister companies, we may use this information to learn more about the sorts of services or products you may be interested in. For more information about the companies within the Icelandair Group, please see the website of our parent company.

Icelandair Hotels may share your personal information with other service providers which participate in the fulfilment of your bookings and travel arrangements. Icelandair Hotels will only share your information as part of its business operations as a hotel chain and travel provider, or if we have a legal og regulatory obligation to do so.

Your personal information may also be shared with the following third parties:

  • Other service providers which participate in providing the services you have requested. For example, if you book a day tour as part of your journey which you have booked through Icelandair Hotels, your personal information will need to be shared with any service providers needed to provide you with these services. These additional service providers will be identified in the booking process.
  • If you become a member of Icelandair Saga Club, Hilton Honors or an affiliated loyalty program and you accrue benefits, your personal information may be shared with those loyalty programs to make sure your benefits are delivered to you.
    • + See example 
    • If you are a member of Icelandair Saga Club and you stay at an Icelandair Hotel, you may be eligible for benefits within Saga Club. In order to issue those benefits to you, we will need to share details of your stay with Icelandair.
  • Payment and credit card companies, credit reference agencies and companies involved in anti-fraud screening in order to process and receive payments from you and to protect ourselves against possible fraud.
  • In cases where we are legally required to share your information with government and law enforcement agencies.
  • Third party providers which we use to process data in order to provide you with products, services and marketing material. For example, third party providers which are involved in the storage of data, ground handling agents on airports or marketing services.
  • Third parties involved in the conduct of legal claims, such as law firms or courts.
  • Third parties, such as security companies, the police and regulatory authorities, when we may need to safeguard our property and assets, provide safety to our customers, staff and assets or have our rights enforced.
  • Icelandair Hotels may provide non-personalized data on usage to other websites which will allow them to know whether you have visited our websites. For further information, please see our Cookie Policy [TO BE COMPLETED].

If the services you have requested include other Icelandair Group companies, such as if they provide you with day tours, your personal information will be provided to Icelandair Hotels as well as other Icelandair Group companies involved.

Icelandair Hotels will not sell your personal information to third parties. We will not allow third parties to send you marketing material unless you have provided your consent.

What countries will your personal information be transferred to?

As a hotel service provider, Icelandair Hotels has business partners located in countries around the world. Icelandair Hotels may therefore transfer and store your personal information in countries outside the European Economic Area. Icelandair Hotels may share your information with third parties in countries located outside the European Economic Area in order to provide you with services you have requested or for other legitimate reasons. To read more about who your personal information may be shared with, please refer to the section “In which cases and with whom do we share your personal information?”.

Please be aware that this means that your personal information may be transferred to third parties which are located in countries where may have fewer legal rights than provided by your local laws.

+ How does Icelandair Hotels safeguard personal information that is transferred to third countries?

According to European Union and Icelandic data protection laws, certain requirements need to be fulfilled when your personal information is transferred to a country outside the European Economic Area. The purpose of these requirements is to make sure your personal information is adequately protected, even when being transferred outside the European Economic Area. 

When Icelandair Hotels transfers your personal information to a third country, one of the following will apply:

  • The transfer is made to a country deemed to provide adequate protection of personal information according to a decision by the European Commission. When data is transferred to the US, transfers may be based on the EU-US Privacy Shield.
  • The recipient of the personal information has approved binding corporate rules which provide an adequate level of protection for your personal information.
  • Icelandair Hotels and the recipient of your personal information have made contracts regarding the transfer of data using standard contractual clauses which the European Commission has decided provide an adequate level of protection for your personal information.
  • The recipient of the personal information has approved Codes of Conduct which satisfy the requirements of European Union and Icelandic data protection law.
  • The recipient of the personal information has obtained certification issued by an accredited certification body according to European Union and Icelandic data protection laws.

+ What can you do to keep your personal information secure?

Icelandair Hotels makes every effort to protect your personal information. We encourage you to take steps to secure your personal information. Here are some measures that you can take to keep your information safe: 

Be careful when online and avoid internet fraud

Dishonest individuals may try to gather your personal information by trying to deceive you online. This illegal activity is called “phishing”. Phishing is often performed by sending you an e-mail which has been designed to make you think that it has been sent a legitimate business. However, such e-mails may often form part of a scam to trick you into disclosing details, such as your personal information, login credentials or bank information. Phishing e-mails will often contain links to fraudulent websites which imitate the look and feel of legitimate websites.

+ How can I make a request for a copy of my personal information and how do I lodge a complaint? 

Under European Union and Icelandic privacy law, you may request a copy of your personal information if it is processed by Icelandair Hotels. You do not need to pay a fee for this request, unless it is manifestly unfounded or excessive. Icelandair Hotels will make every effort to respond to your request within 30 days of it being received.

Your request must be in writing and must contain the following information:

  • Your name and postal address.
  • Details of your request.
  • Any details which may help us locate the information which is the subject of your request, for example:
    • Booking reference or the dates which you stayed with us.
    • Your e-mail address, telephone number or other contact details.

 Additionally, we require you to provide:

  • A copy of a government issued ID, such as your passport or driving license. This is necessary so that we can verify who is making the request.
  • Your signature and the date of the request.
  • If you are applying on behalf of another person then signed authority from the individual is required.

Please send your request to:

Data Protection Officer
Icelandair ehf.
Reykjavíkurflugvelli,
101 Reykjavík
Iceland

You also have a right to lodge a complaint with The Icelandic Data Protection Authority in. A complaint can be made by writing to:

The Icelandic Data Protection Authority
Rauðarárstígur 10
105 Reykjavík
Iceland