Privacy Policy

Data security and personal data

ALIVE’s privacy policy applies to all our customers, suppliers and business partners. We value data security when it comes to your personal data. What do we use it for and when? And how are they protected?

The website you are visiting is owned and operated by:

ALIVE

Folk Bernadottes Allé 5,2

2100 Copenhagen Ø, Denmark

CVR number: 37247030

(“ALIVE”, “we”, “us”, “our”). When we collect and process personal data about you in connection with your visit to our website or otherwise contact us in connection with the purchase of a trip or participation in a trip purchased from us, we are the data controller that you can contact with questions.

Below you will find a description of the personal data that we collect and process about you, as well as the purpose and legal basis for this collection and processing.

1. Categories of personal data we process and the legal basis

1.1 Marketing

If you sign up for one of our newsletters, you consent to us sending you our newsletters, cf. the General Data Protection Regulation (“GDPR”) Article 6(1)(a), where we process:

(a) Name and date of birth

(b) Contact information, including e-mail address, postal code and telephone number

The marketing in newsletters on our and others’ websites, including social media, is customized to your personal circumstances based on our knowledge of you by profiling, cf. GDPR Article 6(1)(f), where we process:

(a) Consent to newsletters

(b) Declared areas of interest

(d) Information from your social media profiles

Our legitimate interest in personalized marketing to you overrides your interests and fundamental rights. We conduct an automated evaluation of your personal data in order to personalize marketing to you, but we do not use automated decisions that have legal effect or similarly significantly affect you.

1.2 As a customer

If you are our customer or if your company is a customer or supplier, we process your personal data to fulfill our agreement with you, e.g. purchases and sales in connection with travel as well as completion of and follow-up on purchased travel, etc. cf. GDPR Article 6(1)(b), where we process

(a) Name and date of birth

(b) CPR and passport number when these are necessary for booking and completion of your trip

(d) Order details

(e) Certain health information when this is necessary for the completion of your trip

(f) Payment information

(g) Other information related to commercial purchases

We also conduct analytics to optimize our products and learn more about our customers’ preferences. We do this by analyzing our customer databases and by sending you questionnaires, where our legitimate interest in processing the personal data overrides your interest in not processing the data, cf. GDPR Article 6(1)(f), where we process

(a) Information from our customer databases

(b) User behavior and log files from our website

Finally, we market on our and others’ websites, which also includes social media, customized to your personal circumstances based on our knowledge of you by profiling, cf. GDPR Article 6(1)(f), where we process:

(a) Declared areas of interest

(b) Cookies

(d) Data from our customer databases

1.3 When you apply for employment with us

If you submit a job application to us, we collect and process the following personal data about you for the implementation of measures taken at your request prior to the conclusion of a possible employment contract, cf. GDPR Article 6(1)(b), where we process

(a) Name and date of birth

(b) Contact information, including address, email address and telephone number

(d) Information contained in job applications, CVs and other documents uploaded to the Website as part of the job application process, including any health information or similar sensitive personal data that you choose to include

(e) References

1.4 Security on our website and in our solutions

We log user behavior and have implemented security solutions on our website and in our solutions where our legitimate interest in securing websites and our solutions against misuse outweighs your interest in not having the data processed, cf. GDPR Article 6(1)(f), where we process:

(a) User behavior and log files

(b) Other security information

1.5 Cookies when using our website

Cookies are small text files that are stored on the user’s computer or other IT equipment when a website is visited. When you interact with our website, we collect cookies, which can be divided into three categories

(a) Necessary cookies that help make a website usable by enabling basic functions such as page navigation and access to secure areas of the website. This category of cookies cannot be opted out and does not require consent.

(b) Analytics cookies that help website owners understand how visitors interact with websites by collecting and reporting information. This category of cookies is optional and requires your consent as per GDPR Article 6(1)(a).

(c) Marketing cookies used to track visitors across websites. The intention is to serve ads that are relevant and engaging to the individual user, and thus more valuable to publishers and third-party advertisers. This category of cookies is optional and requires your consent, cf. GDPR Article 6(1)(a).

You can see a list of the cookies that we set in your browser when you visit our website and when they expire here.

If you do not want us to set or read cookies on your device, you have the option to opt out of cookies in your web browser, where you can choose which cookies to allow, block or delete.

You can also choose to have your computer warn you every time a cookie is sent or you can choose to disable all cookies. You can do this in the internet settings of your browsers and devices. All browsers are different, so check your browser’s help function to find the right way to change your cookie settings.

Finally, we share your information about your use of our website with our social media, advertising and analytics partners. We and our partners may combine this data with other information you have provided to them or that they have collected from your use of their services in order to customize marketing to your personal circumstances based on our knowledge of you by profiling, cf. GDPR Article 6(1)(f), where we process:

(a) Consent to newsletters

(b) Cookies

You should be particularly aware that some of our partners use your cookie data for their own purposes and we encourage you to read our partners’ privacy policies.

2 How we secure your personal data

We choose to use suppliers that implement security in accordance with industry practices for good IT security and we only use encrypted data communication when transferring sensitive personal data. This includes, where necessary, the ability to obtain written assurances from third parties who have access to your personal data, in an appropriate manner, that they will protect the data with security measures designed to provide an adequate level of protection.

However, no information system can be 100% secure. So we cannot guarantee the absolute security of your information. In addition, we are not responsible for the security of information that you send to us over networks that we do not control, including internet and wireless networks.

3 How we share your personal data

We only disclose the information to the extent necessary for the operation of our business, including to deliver your trip and the other products you have purchased from us.

We will typically disclose personal data to the following recipients in connection with the booking and completion of a trip and related products:

3.1 Global Distribution Systems (GDS)

A GDS is an IT network system owned or operated by a company that enables transactions between travel industry service providers, mainly airlines, hotels, car rental companies and travel agencies. A GDS connects services, pricing and booking by consolidating products across the three travel sectors, i.e. airline reservations, hotel reservations and car rental.

3.2 Airlines

We disclose personal data to airlines in connection with booking your trip. For the purpose of booking your flight, we will typically disclose information about your name, departure airport, destination, departure and return dates, frequent flyer card number, special requests in connection with your trip, including health information in the form of ordering any special menus during the flight and the need for special assistance on the plane or at the airport to the selected airline.

In connection with travel to special destinations, we may also disclose information about your passport number to the airline.

3.3 Hotels

We disclose personal data to the hotels that you will use during your trip. For the purpose of booking your hotel stays, we will typically disclose information about your name, destination, date of arrival and departure, room category, loyalty card number, special requests in connection with your trip, including any special dietary requirements during your hotel stay and the need for special assistance during your hotel stay in connection with disability or illness.

3.4 Car rental companies

We disclose personal data to car rental companies if you need to have a vehicle available during your trip. For the purpose of booking your rental car, we will typically disclose information about name, pick-up location, driver’s license number, rental period, vehicle category, bonus card number, special requests in connection with the rental of the vehicle, including special measures in connection with disability or illness, child seats, etc.

3.5 Bus companies

ALIVE discloses personal data to bus companies if you are going on a bus trip as part of your trip, for example in connection with day trips to well-known tourist attractions. For the purpose of booking your bus trip, we will typically disclose information about name, pick-up point, date and time of the bus trip, destination and special requests in connection with the bus trip, including any ordering of special menus during the bus trip and need for special assistance due to disability or illness.

3.6 Shipping companies

We disclose personal data to shipping companies if you are traveling by ship as part of your trip, e.g. in connection with cruises, day trips to famous tourist attractions, etc. For the purpose of booking your cruise, we will typically disclose information about your name, address, telephone number, destination, itinerary, date and time of departure and return, passport information and social security number as well as special requests in connection with the cruise, including any ordering of special menus during the cruise and need for special assistance during the cruise due to disability or illness.

3.7 Bedbanks

A bedbank is an IT network system owned or operated by a company that enables transactions between travel industry service providers, mainly hotels and travel agencies or the end customer. We disclose personal data to bedbanks in order to book the hotels that you will use on your trip. For the purpose of booking your hotel stays through a bedbank, we will typically disclose information about name, destination, date of arrival and departure, room category, loyalty card number, special requests in connection with your trip, including any special dietary requirements during the hotel stay and need for special assistance during the hotel stay in connection with disability or illness.

3.8 Travel agents

If, as part of your trip, you need to participate in excursions or need transfers, we may disclose personal data to travel agents. The travel agent is responsible for arranging the excursion or transfer in question by ordering the requested services from local suppliers at the destination. For the purpose of booking your excursions, transfers etc. we typically disclose information about name, date and time of arrival and/or departure, telephone number, type of vehicle, destination and special requests in connection with the transfer or excursion, including any ordering of special menus and need for special assistance due to disability or illness.

3.9 Insurance companies

As part of the booking of your trip with us, you have the option to purchase travel and/or cancellation insurance. If you wish to purchase such insurance, we will disclose personal data to the insurance company for the purpose of registering the insurance with them. For the purpose of taking out travel and/or cancellation insurance, we typically disclose information to the insurance company about name, e-mail address, destination, date of departure and return and type of travel.

3.10 Equipment rental companies

As part of the booking of your trip with us, you have the option to rent any equipment you may need for your trip, such as bicycles, ski equipment, diving equipment and similar. If you wish to rent such equipment, we will pass on the information to the company at your destination that you will rent the equipment from. For the purpose of equipment rental, we typically disclose information to the rental company about name, type of equipment, pick-up location, rental period and information about height, weight, clothing and shoe size and any illness or disability, if necessary.

3.11 International transfers of your personal data

Due to the nature of our business, your personal data may be transferred to countries outside the EU/EEA in connection with booking a trip with us. In order to be able to provide our services to you, we need to use partners and suppliers outside the EU/EEA in certain cases.

Without the ability to transfer your data to recipients outside the EU/EEA, we will be unable to provide you with the requested trip. This applies if booking your trip requires that data is transferred to recipients outside the EU/EEA, e.g. in order to book flights, hotels etc. at your travel destination.

Data protection legislation in these countries may be more lenient than in Denmark and the rest of the EU/EEA, as in most cases these will be countries where the EU Commission has assessed that the level of data protection is not on par with the level of data protection within the EU/EEA.

In cases where it is practically possible for us to do so, the transfer of your personal data will be based on the standard transfer contracts prepared by the European Commission specifically for this purpose. You can request a copy of the contract covering the transfer of personal data by sending an email to alive@alive.dk

In certain cases, however, it will not be practically possible for us to conclude a standard transfer contract as a legal basis for transfer. In such cases, the transfer of the data will be based on Article 49(1)(b) of the GDPR, as the transfer of your personal data to that country is necessary for the performance of the contract between you and us (the booking and execution of your trip) or for the implementation of measures taken at your request prior to the conclusion of such contract, for example in connection with the submission of a qualified offer.

It is therefore important that you are aware that transferring your personal data to countries outside the EU/EEA in connection with booking a trip with us means that your personal data will not always enjoy the same protection as under Danish or EU law.

In addition, we do not in any case disclose your personal data to recipients outside the EU/EEA unless this is necessary in order to carry out our business and meet your needs by, for example, delivering the desired trip to you.

4 When do we delete your personal data

We store your personal data for as long as necessary to fulfill the purpose of the processing, unless we are required by applicable law to store the personal data for a longer period.

For job applications, we will delete your personal data no later than 6 months after the final rejection of the specific job application.

We delete your customer data 5 years after the end of the customer relationship, where transaction data is stored for 5 years after the end of the financial year in which the last transaction was made.

Personal data in connection with marketing will be deleted 5 years after the last marketing was made to you.

5 Automated decisions

We use automated decision-making in the processing of your personal data for selected services and products. One example is our fraud prevention and detection efforts on our online platforms.

You can request that we provide you with information about the decision-making method and ask us to verify that the automated decision has been performed correctly. We may deny the request as prescribed by applicable law, including if disclosure of the information would result in the disclosure of trade secrets or interfere with the prevention or detection of fraud or other crimes. Generally, in these cases, we will verify that the algorithm and source data work as intended without error or bias.

6 Your rights

6.1 The right to information

You have the right to request information about or access to your personal information. However, there are exceptions, which means that you do not always receive all the information we process.

6.2 The right to object

You have the right to object to our processing of your personal data. This means that you can stop or prevent us from processing your personal data. However, this only applies in certain cases and we do not have to stop processing your personal data if we can provide legitimate grounds to continue processing your personal data.

6.3 The right to erasure

You have the right to request erasure of your personal data in certain cases.

6.4 The right to data portability

You have the right to receive a copy of your personal data in a structured, commonly used and machine-readable format by contacting us through the contact details provided in section 5. Where technically feasible, you have the right to request that the personal data be transmitted directly to another company or person acting as data controller.

6.5 The right to rectification

You have the right to have inaccurate personal data concerning you rectified. You also have the right to have personal data that you believe is incomplete completed.

6.6 The right to restriction of processing

You have the right to have the processing of your personal data restricted in certain cases.

6.7 The right to complain

If you have a query regarding this notice, the way we process your personal data, wish to exercise your rights or lodge a complaint, you can contact us by email: alive@alive.dk

If you wish to complain about our processing of your personal data, you can contact the Danish Data Protection Agency. You can read more about your rights in the Danish Data Protection Agency’s guide on the rights of the data subject on the Danish Data Protection Agency’s website.

7 Contact information

7.1 You can contact us using the information below:

– E-mail: alive@alive.dk, or

– Mail: ALIVE, Attn: GDPR, Folke Bernadottes Allé 5, 2, 2100 Copenhagen Ø