UN logo
Statsraad Lehmkuhl

Privacy Policy

almost 5 years ago
Statsraad Lehmkuhl > Privacy Policy

Privacy Policy

Statsraad Lehmkuhl
almost 5 years ago
Privacy Policy

This Privacy Policy explains how the Foundation Seilskipet Statsraad Lehmkuhl (SSSL) collects and uses personal data.

Foundation Seilskipet Statsraad Lehmkuhl’s address:
Skur 7, Bradbenken 2, 5003 Bergen, Norway.

Contact details:
Phone: +47 55 30 178 00
Email: lehmkuhl@lehmkuhl.no.

Foundation Seilskipet Statsraad Lehmkuhl is responsible for the processing of personal data collected about you.

What is Personal Data
Personal data is anything that describes you or can be linked to you as an individual. This may include contact information (name, phone number, etc.), identification numbers (IP address, customer number, cookie ID, etc.), and information about actions or behaviors (products you have purchased, pages you have visited, emails you have received, etc.).

SSSL places great emphasis on protecting the personal data entrusted to us. SSSL ensures careful handling of your information and complies with laws and regulations as required by the Personal Data Act (GDPR).

Why We Collect Personal Data and the Purpose of It
3.1 Collection of Personal Data in Connection with Sailing Voyages

Most of our sailing voyages are booked well in advance. Personal data is necessary for both handling the booking in the office and on board the ship during the voyage. Therefore, the personal data is temporarily stored in a database at SSSL.

After you disembark from a sailing voyage, all personal and contact information about you, as well as contact information about your next of kin, will be deleted within one year.

SSSL does not retain personal data longer than necessary for the purpose it was provided or required by law.

For participation in sailing voyages (not applicable to coastal tours and/or activities on board when the ship is docked), we will request the following personal data:

First name, last name, middle name
Date of birth
Gender
Address
Phone number
Email address
Passport number and expiration date (for voyages abroad)
Allergies and dietary needs
Health conditions and medication usage relevant to the voyage
Information about next of kin:
First and last name
Phone number
Flight information, if applicable
Information about relevant health conditions/medication usage is shared with our ship doctors, who are bound by confidentiality.

Contact information for your next of kin: We assume that you inform the person yourself that you have shared their contact information with us. We will only use this information in emergencies.

3.2 Statistics for Website Improvement and Marketing Communication

We collect and analyze data on how you and other users use the website. The purpose of this is to understand how the site is used so that we can improve our content and products/services based on these insights.

What data: Behavioral data (which pages you visit, what you click on, etc.), data about your device (type of computer/mobile phone, operating system, browser, etc.), data about your network and location (derived from the IP address). All data is linked to an anonymous ID number stored in a cookie in your browser. (Read more about cookies)

Legal basis: Legitimate interest. We place great value on collecting and analyzing this data, and we assess that it does not pose a significant burden on your privacy as long as the information is not linked to other sources and contact details.

How we process personal data: We use Google Analytics to collect this data from your browser. The data is stored on Google's servers but owned by us. It is not linked to other tools or sources unless you have given consent (see other purposes). To minimize privacy impacts, the IP address is stored only in anonymized form (read about IP anonymization), and we set the expiration time for the cookie that identifies you to a maximum of 7 days. Once the cookie expires, the data will no longer be linked to you as a person. Additionally, all individual data is automatically deleted by Google Analytics after 14 months.

3.3 Tracking Conversions for Advertising

We measure the results of our marketing by reporting how many contact inquiries and sales come from a marketing campaign. The purpose is to optimize and streamline our marketing.

What data: That you have performed a specific action on our website, and from which source you arrived at our website. This is also linked to all other data collected for statistics (see above).

Legal basis: Legitimate interest. Data processing enables us to use our resources as efficiently as possible and save both effort and money on actions that do not produce results. In cases where data collection cannot be carried out without linking it to other information from third parties, we rely on your active consent.

How we process personal data: Data processing follows the same principles as for general statistical purposes. Based on legitimate interest, we collect and process data in Google Analytics, and we send data to Google Ads using so-called Consent Mode (data is sent without cookie information). If you have given consent to “marketing,” we send data to Google Ads in the usual way, as well as to Facebook, Bing, and any other ad providers (more on advertising below).

3.4 Targeting of Ads

We collect data about your behavior on our websites and share this with various ad providers (data processors) to achieve more precise ad targeting.

What data: Behavioral data (which pages you visit, what you click on, etc.), data about your device (type of computer/mobile phone, operating system, browser, etc.), data about your network and location (derived from the IP address). All data is linked to an anonymous ID number stored in a cookie in your browser. This ID number is a common identifier for you across all websites you visit that exchange data with the same ad providers.

Legal basis: Consent, which you give by accepting “marketing” as a purpose (or “all”) when visiting our websites.

How we process personal data: Data is collected from your browser when you visit our pages and sent to storage and processing with the ad provider. We use several different providers, including Google Ads, Google Marketing Platform, Facebook, Microsoft Bing, and LinkedIn. Next, you are placed in various “audiences” with these providers, allowing us to buy ads from them that you see when you visit other sites in their network. Therefore, you will often see ads for Synlighet in various places after visiting our sites. Data about you is also included in your general profile with the provider and used to describe your interests and estimate other characteristics about you (profiling). If you have provided contact information or other personal information to the provider (e.g., Facebook), the data will also be linked to this. This allows other advertisers besides Synlighet, who use the same ad network, to buy ads with more precise targeting. The consequence for you is that the ads you see are more tailored to you and your situation. To avoid data about your behavior on our sites being used in this way, you can decline to consent to the use of cookies for “marketing.” To generally prevent ad providers from collecting such data and using it to create a profile of you, you can either delete/reject all cookies in your browser or edit your settings with the provider. Here are links to how you can do this with Google, Facebook, and LinkedIn.

3.5 Transfer of Personal Data to Recipients in Countries Outside the EEA

It is our goal that all processing of personal data should take place within the EEA, but it may be that we use providers or process personal data outside the EEA. In such cases, transfer and processing outside the EEA will take place in countries approved by the EU Commission or in accordance with valid legal grounds for the transfer of personal data under GDPR Chapter V. If the transfer does not take place to a country approved by the EU Commission, the transfer will only take place under the guarantees set out in GDPR Article 46 (2). You can obtain information about the legal basis used for the transfer by contacting us. Both the providers we use for advertising and analytics (such as Google, Facebook, etc.) We are aware of the challenges and requirements arising from the “Schrems II” ruling and are working to find good solutions for this.

Your Rights
Below are your rights as a data subject. To exercise your rights, you must [fill in how the data subject should proceed, e.g., contact us, see contact information above].

We will respond to your inquiry as soon as possible and no later than 30 days. If it takes longer than 30 days, you will be informed.

We may need to ask you to confirm your identity or provide additional information before we allow you to exercise your rights with us. This is to ensure that we only give access to your personal data to you – and not someone pretending to be you. Regarding information collected based on cookie identification, such confirmation will be very difficult. Therefore, we cannot provide you with access to such information other than on a general basis, or make changes or deletions. If you delete cookies in your browser, the information we have stored will no longer be associated with you.

4.2 Information

You have the right to receive information about the personal data we process about you. Through this statement, we inform you about our processing of personal data. You can also contact us if you want more information.

4.3 Access

You have the right to request access to the personal data processed about you.

4.4 Correction and Deletion

You can also ask us to correct incorrect information we have about you or ask us to delete personal data. We will comply with a request to delete personal data as far as possible, but we cannot do this if we still need the