ABOUT THIS PRIVACY statement
In this privacy statement, we explain how we handle your personal data: which ones we collect and what we use them for. We also explain how you can view, change or delete your data. We find it important that you are well informed about this and recommend that you read this statement carefully.
- Golden Stay and privacy
- Use of personal data
- Provision to third parties
- Profiling and cookies
- Use for marketing purposes
- Securing and storing
- Third party websites
- Changes to this privacy statement
- Access, correction, amendment and deletion of your data
- Authority Personal Data
- Effective date
Golden Stay and privacy
Golden Stay is a “Vennootschap onder Firma” (General Partnership) that rents, brokers, manages and trades (own) real estate. Through our website we offer various accommodations and services. We process privacy-sensitive information, also called personal data. In some cases we work together with other organizations or companies in the execution of our services.
Personal data is carefully processed and protected by us. In doing so, we comply with the requirements of the privacy legislation. This means, for example, that we:
- Clearly state the purposes for which ends we process personal data. We do so at the time we request your personal data and through this privacy statement;
- First ask you for express consent to process your personal data in cases where your consent is required;
- Limit the collection of personal data to only those personal data that are necessary for the purposes for which they are processed. If we request more than is necessary, we will only do so with your explicit permission. In that case we will clearly explain to you why we are requesting these additional details;
- Don’t pass on your data to third parties, unless this is necessary to provide the requested service or when we are legally obliged to do so;
- Make arrangements with third parties when we share your information, to ensure, among other things, that it is not used for other purposes;
- Take appropriate security measures to protect your personal data and also require this of parties who process personal data on our behalf.
Use of Personal Data
When using our services and website, you leave certain data with us. This could be personal data. We do not always process all the data listed below. That depends on which services and functionalities you choose to use.
Depending on the services and functionalities you use, we may process the following personal data from you:
- email address
- date of birth
- data such as IP address, MAC address, identifiers in cookies and your surfing behavior on our website
- information that you enter yourself in an open field, such as a question, a complaint on Klachtenkompas.nl or a message in the contact form
- name and address details
- login details
- composition of travel group and the required name and address details
- phone number
- questions you ask us and/or reports you pass on to us
Special Personal Data
In order to be able to advise, mediate, trade and rent about an accommodation we process with your consent and in line with the agreement you have entered into with us a number of (special) personal data, including your BSN. We also process sensitive data, namely your financial data. For example, we process bank details relating to payments for the accommodation purchased. For our administration we have access to your sensitive and special data.
Depending on which service you use, we may, when necessary, also process these personal data:
- marital status
- account number for payment of invoices.
- personal details of your travel group
We store this personal data only when necessary or required by law. In all other cases, we delete this data immediately.
- We process your personal data for one or more of the following purposes (partly depending on which services or functionalities you use):
- To allow you to purchase an accommodation through our website and use all our functionalities and services.
- To process your booking and inform you of its progress.
- To process your complaint about us or your response to a complaint.
- To approach you about your complaint because we want to investigate it or publish about it (anonymously).
- To communicate with you by sending electronic newsletters and/or mail.
- To offer you personalized advertisements and content (see also the paragraph Profiling and cookies).
- To send you personalized newsletters based on your interests (see also the Profiling and Cookies paragraph).
- To process your data for possible participation in promotions, so we can reach you when you have won something.
- To answer your questions or deal with your complaints via social media, email, by post or by phone.
- To improve our website.
Backup of (personal) data
We make back-ups of our ICT systems so that we can restore them in the event of a security incident. We are also obliged to secure your personal data and to be able to restore it.
We learn from security incidents at other organizations and realize that despite our efforts, such a situation can also happen to us. If there is a security indication or if an ICT system crashes, we will recover our data, including your personal data. We will then run through all requests to delete personal data and make sure that we do not restore personal data that we should not possess.
We make the following backups:
- Daily backups which we keep for a maximum of 14 days
- Weekly backups on tape that we keep for a maximum of 1 month
- Monthly tape backups that we keep for a maximum of 1 year
- Annual backups on tape that we keep for a maximum of 2 years
Provision to third parties
We pass on the information you provide to third parties if this is necessary for the delivery of the accommodation or services you have ordered. For example, we use a third party to handle iDeal payments and bookings made through Airbnb, Booking.com, Home Away and Smoobu.
When we provide your information to a third party, we ensure among other things (with an agreement) that your data will not be used for other purposes. We also agree herein that your data will be deleted as soon as it is no longer needed.
Furthermore, we will not provide the data you provided to other parties, unless this is required by law. For example, it is possible that the police request data from us as part of a fraud investigation. In that case we are legally obliged to hand over your data.
Profiling and cookies
We combine your personal data from different sources (such as the data from your reservation(s) and contacts via e-mail, website or telephone or with each other, in order to provide you with the best experience. In doing so, we also combine this data with the data you have left on, or through, one of the Golden Stay’s websites, namely:
By combining your data, we can provide you with personalized offers (newsletters) that match your interests. This prevents you from receiving content or offers that are less interesting to you. Based on this profiling, we make selections at the group level. However, we will never exclude you from one of our services and/or products on this basis.
Use for marketing purposes
When we use your personal data for marketing purposes (e.g. newsletters) you can always unsubscribe. You can easily unsubscribe by using the unsubscribe link in our newsletter or by logging in to My Golden Stay and adjusting your preferences.
It is also possible to unsubscribe via the contact form on www.goldenstay.nl. Would you rather contact us by phone? Call us at (+31) 6 14463645
Securing and storing
We take appropriate security measures to limit misuse of and unauthorized access to your personal data. We have an information security policy for this. For example, we ensure that only the necessary people have access to the data, that access to the data is protected and that our security measures are checked regularly.
We do not keep data longer than necessary. We apply a standard retention period of 2 years. This means that we will delete your data 2 years after you have been a member and/or active. If a different retention period applies, we will inform you of this. Exceptions to this are the data that we must retain for longer because the law requires us to, such as data for the tax authorities.
Websites of third parties
This statement does not apply to third party websites that are connected to our website via links. We cannot guarantee that these websites will handle your personal data in a reliable or safe manner. Always read the privacy statement of the website in question before using it, for more information about how they handle your data.
If you are 16 years or younger, you may only use our website under the supervision of your parents or legal representatives.
Changes to this Privacy Statement
We may change this privacy statement from time to time. It is advisable to consult this privacy statement regularly.
Access, correction, amendment and deletion of your data
If you have an account, you can log in to see and change your data.
If you want to contact us because of this privacy statement, you can do so via the contact information below.
|By phone||Monday through Friday from 8:30 a.m. to 6:00 p.m.|
|Via the contactform on www.goldenstay.com or to firstname.lastname@example.org|
|Online via ‘Mijn Golden Stay’||Log in (not yet available)|
Catharinastraat 2, 6245LB Eijsden
To prevent abuse, we ask you to identify yourself when you make a written request, by sending a copy of a valid identification document. Do not forget to screen your BSN and passport photo on the copy. You can, for example, use the KopieID app for this. Even if you submit your request by telephone, we will need to be able to identify you on the basis of the information known to us before we will process your request.
When you submit a request to inspect, correct, change and/or delete data to us, we will ensure that your request is dealt with within 4 weeks. If we are unable to process it within this period, we will inform you accordingly.
Personal Data Authority
Of course we will be happy to help you if you have any complaints about the processing of your personal data. If, despite this, you are unable to resolve the matter with us, you also have the right, under the privacy legislation, to submit a complaint to the privacy regulator, the Netherlands Data Protection Authority. You can contact the PDA (Autoriteit Persoonsgegevens.)
This (updated) privacy statement came into effect on February 24, 2019.