Cookies & Privacy statement

HotelGiftcard.com B.V. (“we”, “us”, “our”) is committed to protecting your privacy. This Privacy and Cookie Policy explains how we collect, process, store, and share your personal data when you use our website hotelgiftcard.com (“the Website”). We comply with the EU General Data Protection Regulation (GDPR) and the Finnish Data Protection Act (1050/2018).

1. Data controller

HotelGiftcard.com B.V.
Ambachtsweg 6
1474 HW Oosthuizen
The Netherlands
Email: [email protected]

We act as the data controller for the personal data processed.

2. What data we collect

We collect personal data when you:

• Make a booking through the Website
• Subscribe to our newsletter
• Contact our customer service

The data we collect may include:

• Name, address, email address, telephone number
• Payment details (processed securely)
• Booking details
• Technical information such as IP address, browser type, and device information

We do not use your email address for marketing purposes without your explicit consent.

3. Purposes of processing

We process your personal data for the following purposes:

• Managing bookings and special requests
• Providing customer service
• Secure processing of payments
• Preventing fraud and misuse
• Sending marketing communications (only with consent)
• Complying with legal obligations

4. Legal basis for processing

In accordance with the GDPR, we process personal data based on the following legal grounds:

• Consent (e.g. newsletters)
• Performance of a contract (e.g. a booking)
• Legitimate interest (e.g. improving customer service)
• Legal obligation (e.g. accounting requirements)

5. Cookies and tracking technologies

We use cookies and similar technologies to:

• Ensure the functionality of the Website
• Analyze and improve performance
• Personalize content and advertisements

Legal basis: consent provided via the cookie banner, in accordance with Traficom guidelines and the GDPR.
You may change your cookie settings at any time via your browser or the cookie banner.

6. Data retention periods

We retain your personal data only for as long as necessary to:

• Fulfill the purposes described above
• Comply with legal obligations
• Ensure customer service and follow-up

Marketing data is retained until consent is withdrawn.

7. Data sharing

We share data only with necessary service providers, such as:

• Payment service providers
• Accommodation service providers (e.g. Expedia)
• IT and hosting service providers
• Authorities, where required by law

We never sell your personal data.

8. Transfers outside the EU/EEA

If we transfer your data outside the EU/EEA, we ensure that:

• The recipient complies with GDPR requirements, or
• EU Standard Contractual Clauses or equivalent safeguards are in place

9. Your rights

Under the GDPR, you have the right to:

• Access your personal data
• Request rectification or erasure
• Restrict processing
• Object to processing
• Transfer your data to another system
• Withdraw consent at any time

To exercise your rights, please contact: [email protected].

10. Data security

We apply technical and organizational measures to protect your data, including:

• SSL encryption and secure payment connections
• Restricted access to data
• Security monitoring and audits

11. Changes to this policy

We may update this policy due to changes in legislation or our business practices.
Material changes will be clearly communicated on our Website or by email.

12. Complaints and contact

If you suspect that your personal data has been processed unlawfully, you may file a complaint with the data protection authority:

Office of the Data Protection Ombudsman
Ratapihantie 9
00520 Helsinki
www.tietosuoja.fi

You may also contact us directly:
HotelGiftcard.com B.V.
Ambachtsweg 6
1474 HW Oosthuizen
The Netherlands
Email: [email protected]