RESERVATIONS
RESERVATIONS

Privacy policy for Norrlyst Group ApS

1. Data controller

Norrlyst Group ApS
Vester Voldgade 8
1552 Copenhagen K
Tel.: 61 42 95 81
E-mail: [email protected]

Norrlyst Group ApS consists of the following companies, which in this policy are collectively referred to as “Norrlyst ApS”:

Norrlyst – Lille Norrlyst – Theo – Gemini – Odette – Søkig – Gabrielle – Væksthuset – Oasis Vinbar – Kjærbøllings Hus – Sukaiba – Norrlyst i Tårnet – Abigail – Udtryk

2. Purpose and basis for processing

We process personal data in order to:

  • Manage reservations, companies and purchases

  • Communicating with guests and suppliers

  • Improve our services and user experience

  • Comply with applicable legislation, including bookkeeping obligations

The basis of treatment is primary:

  • GDPR Art. 6(1)(b) (performance of contract)

  • GDPR Art. 6(1)(f) (legitimate interests – e.g. marketing)

  • GDPR Art. 6(1)(a) (consent – e.g. newsletters and cookies)

  • GDPR Art. 9(2)(a) (consent to the processing of sensitive data)

3. What data do we process?

We typically collect and process the following information:

When contacting, buying or visiting

  • Name, contact details, date of birth

  • Reservation and purchase history

  • Payment details (via certified third-party providers – we do not store card data)

  • Special information if you choose to provide it (allergies, preferences, disabilities, etc.)

On the website and social media

  • IP address (possibly masked), browser info, user behavior (via cookies)

  • Information from contact forms, competitions or gift card purchases

  • Demographic and analytical data via statistical tools (e.g. Google Analytics and Mixpanel) – only if consent is given

4. Cookies and tracking

Our website uses cookies. Some are technically necessary, while others are used for statistics and marketing – only if you have given consent.

Read more in our cookie policy.

5. Sharing of information

Personal data can be shared with:

  • IT, payment and booking system providers

  • Marketing and analytics partners (only with consent)

  • Public authorities, if we are legally obligated

All external data processors are subject to data processing agreements.

We also share information internally within the Norrlyst Group to provide a unified service.

6. Storage and deletion

  • Reservations and contact details: Deleted after 2 years from last contact/visit

  • Financial transactions: Stored for up to 5 years according to the Danish Bookkeeping Act

  • Sensitive information (allergies, disabilities): Deleted immediately after purpose is exhausted

  • Consent for newsletters and marketing is stored until withdrawal

7. Your rights

You have the right to:

  • Get insight into the information we hold about you

  • Get information corrected or deleted

  • Withdraw consent

  • Object to processing

  • Get data handed over (data portability)

Contact us in writing at [email protected]. You can complain to the Danish Data Protection Agency at www.datatilsynet.dk.

8. Safety and security

We protect your data with appropriate technical and organizational security measures and continuously review our procedures.

9. changes

This policy is updated regularly.
Last updated: June 6, 2025

BOOK BORD
RESERVATIONS