Privacy Policy

About Greenland Travel

Greenland Travel sells travel services to, from, and within Greenland to private customers who wish to experience and travel in Greenland, as well as to corporate and public-sector customers with travel needs to, from, and within Greenland.

With more than 50 employees at our offices in Denmark and Greenland – and a professional tour leader team of 30 people – we proudly consider ourselves experts on Greenland and on travel to, from, and within Greenland. We all have Greenlandic roots or backgrounds in different ways. That is why we know what we are talking about.

This ensures that you receive a professional, safe, and cost-conscious travel service. We can handle all aspects of your journey – from transportation to, from, and within Greenland to hotel bookings and the planning of your excursions and experiences in Greenland.

As part of our business as a travel agency, Greenland Travel collects and processes personal data to fulfill the purposes described in this Privacy Policy. Greenland Travel is the data controller responsible for processing personal data for these purposes.

If you have any questions regarding this Privacy Policy or our processing of your personal data, you may contact us here:

Greenland Travel
Wilders Plads 13A, 1st Floor
1403 Copenhagen K
Email: [email protected]

1. Data Security Is Important to Us

For us, the responsible handling of personal data collected in the course of operating our business is essential to our business objectives and reputation. This Privacy Policy explains how your personal data is collected and used when you are a customer, supplier, or business partner of Greenland Travel, and how you may gain access to your personal data.

In certain cases, we act as a data processor for our customers. When we act as a data processor, personal data is processed in accordance with the data controller’s instructions, the customer. When acting as a data processor, we enter into a data processing agreement with the data controller customer. In such cases, this information regarding the processing of personal data does not apply.

2. Suppliers and Business Partners

As part of our cooperation with suppliers and business partners, one or more individuals may be involved in various ways. This may, for example, include individuals employed by such suppliers and business partners. If you are one of these individuals, we may process your personal data.

We process such information to fulfill the agreement we have entered into with the supplier or business partner with whom you are affiliated, and, where relevant, to fulfill agreements with our customers.

As a general rule, we process only ordinary personal data, such as name, address, telephone number, email address, job title, and similar contact details. In addition, we process the information exchanged with us as part of our cooperation, for example, email correspondence and other communications.

The information is generally collected directly from you or from other individuals at the supplier or business partner with whom you are affiliated.

Where you are a direct party to the agreement we have entered into with the supplier or business partner, the legal basis for the processing is Article 6(1)(b) of the GDPR. Otherwise, the legal basis is Article 6(1)(f) of the GDPR and our legitimate interest in fulfilling the agreement entered into with the supplier or business partner with whom you are affiliated, including communicating with our suppliers and business partners as part of our ordinary business operations.

As a general rule, the information is deleted 3 years after the termination of the supplier or business relationship. However, following a specific assessment, the information may be stored for a longer period where necessary to fulfill the purpose, for example, in connection with disputes. The purpose of such storage is to document the history of the supplier or business relationship until the limitation period for any claim arising from this relationship expires.

Invoice information is stored for the accounting year plus 5 years in accordance with Article 6(1)(c) of the GDPR in conjunction with Section 10 of the Danish Bookkeeping Act.

3. What Is Personal Data?

Personal data means any information relating to an identified or identifiable natural person. An identifiable natural person is a person who can be identified, directly or indirectly, in particular by reference to an identification number or one or more factors specific to that person’s identity.

4. What Types of Personal Data Do We Process About You and Why?

The information we collect about you will be used for various purposes related to your customer relationship and the operation of Greenland Travel’s business. The information collected may vary depending on whether you are a customer, supplier, or business partner. Still, it will generally include information on customer and supplier administration, as well as Greenland Travel’s rights and obligations.

Failure to provide personal data may mean that Greenland Travel is unable to fulfill its obligations in connection with your customer or supplier relationship.

As a general rule, Greenland Travel only collects and processes ordinary personal data. However, in specific cases related to booking a trip, it may be necessary for us, to a limited extent, to process special categories of personal data (for example information regarding special meal requests for your flight or information regarding the need for special assistance during your journey), as well as personal identification numbers (for example in connection with obtaining a copy of your passport for visa application purposes), to provide the requested travel services to you.

Greenland Travel will typically collect the following information:

4.1 Basic Information

When you are a customer with us, we process a range of information about you to fulfill our obligations to you and to provide the travel services and other products and services (such as travel insurance and transfer services) that you have ordered. This includes, among other things, the following information: contact details (first name, middle name(s), surname, address, telephone number, email address, and, where relevant, job title), customer number, payment details, loyalty card numbers, membership of associations affiliated with our business partners, and information about the services you have purchased from us (travel history).

As a general rule, we use Article 6(1)(b) of the GDPR as the legal basis for processing this information, as the personal data is necessary for us to process to fulfill our obligations to you under our agreement. We may also use Article 6(1)(f) of the GDPR as the legal basis in cases where the trip or services were not ordered directly by you. We also use Article 6(1)(f) of the GDPR as the legal basis when processing the information as part of the ongoing administration of your customer relationship. We do this to manage the ongoing operations of our business, including maintaining our customer records and preparing statistics.

Greenland Travel may also obtain credit information from credit reference agencies to assess your financial stability and creditworthiness in connection with your customer relationship.

4.2 Special Meals and Airport Assistance

When booking a trip with us, you may inform us if you require special meals on the flight and/or at the destination, and whether you require special assistance at the airport and/or at the destination. This information, along with any other information you may provide regarding your or other travelers’ health conditions, such as information about allergies, illnesses, disabilities, or similar matters, is considered sensitive personal data.

If you provide us with sensitive personal data in connection with your travel booking, we will request your consent to process such information. In this situation, we use Article 9(2)(a) of the GDPR in conjunction with Article 6(1)(a) of the GDPR as the legal basis for the processing.

4.3 Visas

If you require a visa for your trip, we may collect and process additional information about you. This may include, among other things, the following information: a passport or a copy of your passport (including your date of birth, as it appears on your passport), contact information for your next of kin, the purpose of your trip, and your nationality.

As a general rule, we use Article 6(1)(b) of the GDPR as the legal basis for processing this information, as the personal data is necessary for us to fulfill the agreement we have entered into with you regarding visa services. Where you have not personally consented to our use of visa services, we rely on Article 6(1)(f) of the GDPR as the legal basis for processing.

If we require your passport or a copy of it for the visa application, we will request your consent. We use Article 6(1)(a) of the GDPR and Section 11(2)(2) of the Danish Data Protection Act as the legal basis for the processing, as your date of birth appears in the passport or passport copy.

4.4 Medical Treatment Trips and Stays

When you book a medical treatment trip or stay, it may be necessary for us to process information regarding your health conditions. This may, for example, be the case if you are to receive treatment during your stay and the accommodation or treatment provider therefore requires specific information regarding your health conditions.

If it is necessary for us to process health information about you in connection with your booking of a medical treatment trip or stay, we will request your consent for such processing pursuant to Article 9(2)(a) of the GDPR in conjunction with Article 6(1)(a) of the GDPR.

In addition, it may be necessary to provide your date of birth when booking your trip, for example, to receive a referral or authorization from your municipality of residence. We process this information based on Section 11(2)(4) of the Danish Data Protection Act in conjunction with Section 7(1) and Article 9(2)(f) of the GDPR, as the processing is necessary for you to receive the municipal travel subsidy to which you are entitled.

4.5 Sports and Activity Trips

When you book a sports or activity trip, we may need to obtain additional information about you to provide the booked activities or the required equipment. This may include information such as clothing size, shoe size, height, and weight.

This may be relevant if we are to provide sports equipment for you at your destination, such as skis, bicycles, diving equipment, or similar items, or if the organizer of an activity included in your trip requires the information for planning purposes. This may, for example, apply to booking helicopter tours or bungee jumping.

We use Article 6(1)(b) of the GDPR as the legal basis for the processing, as the information is necessary for us to provide the services you have ordered. In cases where you did not personally order the services, we use Article 6(1)(f) of the GDPR as the legal basis for the processing.

4.6 Customer Inquiries and Complaints

As a customer, you are always welcome to contact us with questions or to report issues relating to your trip. We use Article 6(1)(b) of the GDPR, Article 6(1)(f) of the GDPR, and Article 9(2)(f) of the GDPR in conjunction with Article 6(1)(b) and Article 6(1)(f) of the GDPR as the legal basis for processing the personal data you provide when contacting us with questions or when reporting issues or complaints relating to your trip.

We process this information to fulfill our obligations to you regarding the delivery of the trip and the products and services you have ordered. In addition, the information is processed to safeguard our legitimate interest in ensuring the efficient and professional operation of our business, for example, in connection with disputes, as the information may affect our legal position in the event of subsequent disputes.

4.7 Information Regarding Our Suppliers and Business Partners

Information that you provide to us in connection with entering into a supplier or cooperation agreement, including contact details (company, job title, first name, middle name(s), surname, address, telephone number, and email address), information regarding your preferences in relation to marketing or communication, as well as information you provide if you contact us with a question, to report an issue, or otherwise communicate with us as part of our cooperation.

5. Visitors to Our Social Media Pages

When you visit our profiles/pages on social media platforms (Facebook, Instagram, LinkedIn, YouTube), we act as joint data controllers with the provider of the relevant social media platform for the processing of personal data that occurs on our profile/page. You should, therefore, be particularly aware that the social media platform provider processes information about you when you visit or interact with our profile/page. Processing may also occur even if you do not have a profile on the relevant social media platform.

The information processed will typically include:

Information available on your profile
Information that you have “liked” or otherwise reacted to our profile/page
Comments or reactions to our posts
Information that you have visited our profile/page

Our purpose in using social media is to communicate with and market to our customers, followers, and potential new customers. For these purposes, we may use the statistics and analyses that we continuously receive from the social media platform provider regarding visitors to our profile/page.

The provider of the social media platform will typically process your personal data to prepare statistics on your behavior, including those based on your visits to our profile/page, to improve its advertising systems, and to conduct advertising and customize activities on the profile/page. Please note that the social media provider may share information with, among others, partners, advertisers, measurement partners, and researchers, and may also transfer information to countries outside the EU/EEA.

You can find more information about how the providers of the relevant social media platforms process your information here:

The information you choose to publish on our social media profiles/pages is shared with many people. You should therefore not describe circumstances or share images, etc., that you do not wish to be publicly available. You are encouraged never to post sensitive or confidential personal data about yourself or others when creating posts or commenting on our social media posts. You may delete your own posts and comments from our profile/page whenever you no longer wish them to be publicly available.

As the legal basis for processing, we rely on the legitimate interests provision in Article 6(1)(f) of the GDPR and our legitimate interest in marketing ourselves and communicating with customers, followers, and other potential new customers on social media.

6. Participants in Our Events

If you participate in one of our courses, seminars, or other events, we process your personal data. We only process ordinary personal data such as name, address, telephone number, and email address.

The legal basis for the processing is Article 6(1)(b) of the GDPR when you have registered for the event yourself. If another person has registered you for the event, the legal basis is Article 6(1)(f) of the GDPR, namely our legitimate interest in offering and conducting the event and in distributing relevant course materials, evaluation forms, etc.

We store the information for as long as necessary to conduct and subsequently evaluate the course, seminar, or event in which you participated. Invoice information is stored for the accounting year plus 5 years in accordance with Section 10 of the Danish Bookkeeping Act.

7. Recipients of Electronic Marketing and Participants in Competitions

When you receive electronic marketing material from us or participate in competitions, we process information such as your name, address, telephone number, and email address. We also process information regarding your areas of interest in relation to marketing or communication from us, as well as your interaction with the marketing materials we send to you, including whether you have opened an email from us, whether the email has been read, which links you have opened, and any other information you provide to us.

We process your information to market our company and products to you and to administer competitions, including selecting winners. We use information about your preferences and interactions with our marketing to understand how our customers respond to it and to continuously organize, target, and improve our marketing toward you and our other customers.

We only send marketing material to you by email, SMS, or through other electronic channels in compliance with the applicable rules of the Danish Marketing Practices Act. We use Article 6(1)(a) of the GDPR as the legal basis for the processing.

When you receive electronic marketing from us, we store your information until you unsubscribe. If you have participated in a competition without subscribing to our electronic marketing, we store your information for as long as necessary to conduct and subsequently evaluate the competition in which you participated.

8. What Do We Use Your Personal Data For?

Greenland Travel processes your personal data to fulfill the purposes set out below. Please note that not all of the stated purposes, categories of information, recipients of information, or types of processing apply to you in all cases.

Greenland Travel processes your personal data only to the extent necessary in connection with your customer, supplier, or cooperation relationship (taking into account any relevant interests in each individual case) or as required by applicable law.

8.1 Customer Administration

Greenland Travel processes your personal data in connection with the establishment and ongoing administration of your customer relationship with Greenland Travel as part of the operation of our business, including the booking of travel and the delivery of our other products and services (such as visa applications, travel insurance, transfer services, etc.), maintaining our customer records, credit assessments, invoicing, debt collection, marketing, statistics, etc.

All statistics and analyses are prepared in anonymized form and therefore do not contain information that can be directly attributed to you as an individual.

8.2 Administration of Supplier and Cooperation Relationships

Greenland Travel processes your personal data in connection with the administration of supplier and/or cooperation relationships where you are a supplier or business partner, or a contact person at a supplier or business partner with whom Greenland Travel cooperates as part of operating our business, including maintaining our CRM register containing information about our contact persons at suppliers and business partners.

8.3 Compliance with Applicable Laws and Regulations

Greenland Travel processes your personal data in connection with compliance with laws and regulations to which Greenland Travel is subject in connection with the operation of the business, or to fulfill various reporting or disclosure obligations under applicable laws and regulations.

Greenland Travel does not use your personal data to make decisions based solely on automated processing, including profiling.

Greenland Travel strives to ensure that all personal data we process is accurate and up to date. We therefore ask you to inform us of any changes to your personal circumstances (for example, changes to your address or payment information) so that we can ensure your personal data remains accurate and up to date. If you have created a travel profile with us, we ask that you log in to your profile and update it if there are any changes.

9. Sharing of Personal Data

Greenland Travel only discloses information to the extent necessary to operate our business, including to deliver your trip and the other products and services you have purchased from us in connection with the trip.

In connection with booking a trip and related products, Greenland Travel will typically disclose personal data to the following recipients:

9.1 Global Distribution Systems (GDS)

A GDS is an IT network system owned or operated by a company that enables transactions between travel industry service providers, primarily airlines, hotels, car rental companies, and travel agencies. A GDS connects services, prices, and bookings by consolidating products across the three travel sectors: airline reservations, hotel reservations, and car rentals.

Greenland Travel uses the following GDS as part of our business operations: Amadeus.

We use Article 6(1)(b) of the GDPR as the legal basis for disclosure when you are a party to the agreement we have entered into regarding the provision of travel services. Otherwise, we rely on Article 6(1)(f) of the GDPR and on our legitimate interest in providing travel services to individuals participating in the trip who are not themselves direct parties to the agreement for those services.

If special categories of personal data are disclosed, for example, in connection with special assistance requirements during the trip, we use Article 9(2)(a) of the GDPR in conjunction with Article 6(1)(a) of the GDPR as the legal basis for processing, as in such cases we will request your consent for this processing.

9.2 Airlines

Greenland Travel discloses personal data to airlines in connection with booking your trip. For the purpose of booking your flight, we will typically disclose information such as first name, middle name(s), surname, departure airport, destination, departure and return travel dates, loyalty card number, special requests relating to your trip, including requests for special meals during the flight, and any need for special assistance on the aircraft or at the airport to the selected airline.

In connection with travel to certain destinations, we may also disclose your passport number to the airline.

When booking your flight, we must make the reservation in accordance with the airline’s seat reservation rules. This may mean that your flight reservation is classified as a group reservation under the airline’s rules, even if you have not booked a group trip. This may, among other things, be due to the reservation price, special cancellation terms attached to the reservation, and other factors.

If this is the case, the airline processes information about the passengers classified within the same reservation as a group. This means that, in certain cases, passengers classified as traveling in the same group may access the names of other passengers in that group through the airline’s electronic self-service solutions.

If you are classified as traveling as part of a group, the other passengers in the relevant classification group may, therefore, in certain cases, access information about your name and the fact that you are traveling on the relevant flight through the airline’s electronic self-service solutions.

We use Article 6(1)(b) of the GDPR as the legal basis for disclosure when you are a party to the agreement we have entered into regarding the provision of travel services. Otherwise, we rely on Article 6(1)(f) of the GDPR and our legitimate interest in providing travel services to individuals participating in the flight who are not themselves direct parties to the agreement for the trip.

If special categories of personal data are disclosed, for example, in connection with special assistance requirements during the flight, we use Article 9(2)(a) of the GDPR in conjunction with Article 6(1)(a) of the GDPR as the legal basis for processing, as in such cases we will request your consent for this processing.

9.3 Hotels

Greenland Travel discloses your personal data to the hotels you will stay at during your trip. For the purpose of booking your hotel accommodations, we will typically disclose information such as first name, middle name(s), surname, destination, arrival and departure dates, room category, loyalty card number, special requests relating to your trip, including requests for special meals during the hotel stay, and any need for special assistance during the hotel stay due to disability or illness.

If special categories of personal data are disclosed, for example, in connection with special assistance requirements during the stay, we use Article 9(2)(a) of the GDPR in conjunction with Article 6(1)(a) of the GDPR as the legal basis for processing, as in such cases we will request your consent for this processing.

In cases where the accommodation provider requires receipt of a copy of your passport, we use Section 11(2)(2) of the Danish Data Protection Act as the legal basis for disclosure, as we will request your consent for this.

9.4 Car Rental Companies

Greenland Travel discloses personal data to car rental companies if you require a vehicle during your trip. For the purpose of booking your rental car, we will typically disclose information such as first name, middle name(s), surname, pick-up location, rental period, vehicle category, loyalty card number, special requests relating to the vehicle rental, including special arrangements relating to disability or illness, child seats, etc.

Greenland Travel uses the following car rental companies in its operations: Europcar, Hertz, Avis, and Sixt.

We use Article 6(1)(b) of the GDPR as the legal basis for disclosure when you are a party to the agreement we have entered into regarding the provision of car rental services. Otherwise, we rely on Article 6(1)(f) of the GDPR and our legitimate interest in providing travel services to individuals participating in the trip who are not themselves direct parties to the car rental agreement.

If we disclose special categories of personal data to the car rental company, for example, in connection with ordering special equipment, we use Article 9(2)(a) of the GDPR in conjunction with Article 6(1)(a) of the GDPR as the legal basis for processing, as in such cases we will request your consent for this processing.

9.5 Bus Companies

Greenland Travel discloses personal data to bus companies if you are traveling by bus as part of your trip (for example, for day tours to well-known tourist attractions). For the purpose of booking your bus trip, we will typically disclose information such as first name, middle name(s), surname, pick-up location, date and time of the bus trip, destination, and special requests relating to the bus trip, including requests for special meals during the journey and any need for special assistance during the trip due to disability or illness.

We use Article 6(1)(b) of the GDPR as the legal basis for disclosure when you are a party to the agreement we have entered into regarding the provision of the bus trip. Otherwise, we rely on Article 6(1)(f) of the GDPR and our legitimate interest in providing travel services to individuals participating in the trip who are not themselves direct parties to the bus trip agreement.

If we disclose special categories of personal data to bus companies, for example, in connection with special assistance requirements during the bus trip, we use Article 9(2)(a) of the GDPR in conjunction with Article 6(1)(a) of the GDPR as the legal basis for processing, as in such cases we will request your consent for this processing.

9.6 Cruise Lines and Other Tour Operators at Sea

Greenland Travel discloses personal data to Cruise lines or other tour operators if you are to travel by ship as part of your trip (for example, in connection with day tours to well-known tourist attractions, cruises, etc.). For the purpose of booking your sea voyage, we will typically disclose information such as first name, middle name(s), surname, destination, itinerary, departure and return dates and times, and special requests relating to the voyage, including requests for special meals during the journey and any need for special assistance during the voyage due to disability or illness.

We use Article 6(1)(b) of the GDPR as the legal basis for disclosure when you are a party to the agreement we have entered into regarding the provision of the sea voyage. Otherwise, we rely on Article 6(1)(f) of the GDPR and our legitimate interest in providing travel services to individuals participating in the trip who are not themselves direct parties to the agreement regarding the sea voyage.

If we disclose special categories of personal data to shipping companies, for example, in connection with special assistance requirements during the voyage, we use Article 9(2)(a) of the GDPR in conjunction with Article 6(1)(a) of the GDPR as the legal basis for processing, as in such cases we will request your consent for this processing.

In cases where the shipping company requires receipt of a copy of your passport, we use Article 6(1)(a) of the GDPR and Section 11(2)(2) of the Danish Data Protection Act as the legal basis for disclosure, as we have obtained your consent for this.

9.7 Bedbanks

A bedbank is an IT network system owned or operated by a company that enables transactions among travel industry service providers, primarily hotels and travel agencies, as well as end customers. Greenland Travel discloses personal data to bedbanks to book the hotels you will use during your trip.

For the purpose of booking your hotel accommodations through a bedbank, we will typically disclose information such as first name, middle name(s), surname, destination, arrival and departure dates, room category, loyalty card number, special requests relating to your trip, including requests for special meals during the hotel stay, and any need for special assistance during the hotel stay due to disability or illness.

Greenland Travel uses the following bedbanks as part of our business operations: Hotels.com, Booking.com, and Totalstay.com.

We use Article 6(1)(b) of the GDPR as the legal basis for disclosure when you are a party to the agreement we have entered into regarding the provision of travel services. Otherwise, we rely on Article 6(1)(f) of the GDPR and our legitimate interest in providing travel services to individuals participating in the trip who are not themselves direct parties to the hotel stay agreement.

If special categories of personal data are disclosed, for example, in connection with special assistance requirements during the hotel stay, we use Article 9(2)(a) of the GDPR in conjunction with Article 6(1)(a) of the GDPR as the legal basis for processing, as in such cases we will request your consent for this processing.

9.8 Travel Agents

If, as part of your trip, you participate in excursions or require transfers, Greenland Travel may disclose your personal data to travel agents. The travel agent’s task is to arrange the relevant excursion or transfer by booking the requested services with local suppliers at the destination.

For the purpose of booking your excursions, transfers, etc., we will typically disclose information such as first name, middle name(s), surname, arrival and/or departure dates and times, type of vehicle, destination, and special requests relating to the transfer or excursion, including requests for special meals and any need for special assistance due to disability or illness.

If special categories of personal data are disclosed, for example, in connection with special assistance requirements during accommodation, transfers, or excursions, we use Article 9(2)(a) of the GDPR in conjunction with Article 6(1)(a) of the GDPR as the legal basis for processing, as in such cases we will request your consent for this processing.

In cases where the local supplier requires receipt of a copy of your passport, we use Article 6(1)(a) of the GDPR and Section 11(2)(2) of the Danish Data Protection Act as the legal basis for disclosure, as we have obtained your consent for this.

9.9 Insurance Companies

When booking your trip with us in Denmark, you can purchase travel and/or cancellation insurance. If you choose to purchase such insurance, we will disclose your personal data to the insurance company to arrange the insurance policy.

For the purpose of arranging travel insurance and/or cancellation insurance, we will typically disclose information to the insurance company such as first name, middle name(s), surname, email address, destination, departure and return dates, and type of travel.

Greenland Travel cooperates with the following insurance company as part of our business operations: Ergo.

We use Article 6(1)(b) of the GDPR as the legal basis for disclosure when you are a party to the agreement we have entered into regarding the provision of insurance services. Otherwise, we rely on Article 6(1)(f) of the GDPR and our legitimate interest in providing travel services to individuals participating in the trip who are not themselves direct parties to the insurance services agreement.

9.10 Equipment Rental Companies

As part of booking your trip with us, you may rent any equipment you need during your trip, such as ski or diving equipment. If you choose to rent such equipment, we will disclose your information to the company at your destination from which the equipment will be rented.

For equipment rental, we will typically disclose information to the rental company, such as first name, middle name(s), surname, type of equipment, pick-up location, rental period, height, weight, clothing size, and shoe size.

If we disclose special categories of personal data to the equipment rental company, for example, in connection with ordering special equipment related to a disability, we use Article 9(2)(a) of the GDPR in conjunction with Article 6(1)(a) of the GDPR as the legal basis for processing, as in such cases we will request your consent for this processing.

In cases where the equipment rental company requires receipt of a copy of your passport, we use Article 6(1)(a) of the GDPR and Section 11(2)(2) of the Danish Data Protection Act as the legal basis for disclosure, as we have obtained your consent for this.

9.11 Special Information Regarding Qualified Offers

When choosing Greenland Travel, you can receive a qualified travel offer. A qualified offer is an offer in which, in connection with preparing the offer, a preliminary reservation for the requested trip is made for you. This allows you to reserve a seat on your desired departure up to 3 days before deciding whether to issue a ticket for the preliminary reservation or cancel it.

To provide a qualified offer, we disclose information about you and the requested reservation to a GDS (as described above), which then makes the preliminary booking with the airline, hotel, etc.

As part of obtaining the qualified offer, information about your employees may be disclosed to several new independent data controllers (GDS providers, airlines, hotels, etc.), and your information may therefore be stored by these recipients after the expiration of the offer, including in cases where the offer is canceled.

In addition, Greenland Travel may disclose and/or transfer your personal data to other suppliers and/or service providers in connection with the ordinary operation of our business, for example, in relation to external administration of our IT systems, analytics services, marketing services, debt collection, credit assessments, auditing, legal assistance, etc.

For further information about how our suppliers and business partners process and protect your personal data, please refer to their respective privacy policies and terms and conditions.

Greenland Travel seeks to limit the disclosure of personal data in personally identifiable form to the greatest extent possible to reduce situations in which information that can be directly attributed to you personally is disclosed.

Greenland Travel does not disclose your personal data unless necessary to carry out our business operations or to fulfill your needs.

9.12 Providers of Tickets, Excursions, etc.

If, as part of your trip, you participate in excursions, receive admission tickets to attractions or experiences, or engage in similar activities, we may disclose your personal data to the providers of these services.

For the purpose of booking your excursions, admission tickets, etc., we will typically disclose information such as first name, middle name(s), surname, arrival and/or departure dates and times, type of vehicle, destination, and special requests relating to the excursion or experience, including requests for special meals and any need for special assistance due to disability or illness.

The supplier responsible for providing the requested services at the destination may also require receipt of a copy of the passports of the individuals receiving the service. If this is the case, we will request your consent to send them a copy of your passport.

If special categories of personal data are disclosed, for example, in connection with special assistance requirements, we use Article 9(2)(a) of the GDPR in conjunction with Article 6(1)(a) of the GDPR as the legal basis for processing, as in such cases we will request your consent for this processing.

In cases where the supplier at the destination requires receipt of a copy of your passport, we use Article 6(1)(a) of the GDPR and Section 11(2)(2) of the Danish Data Protection Act as the legal basis for disclosure, as we have obtained your consent for this.

9.13 Visa Processing Agencies

If we are required to arrange a visa for you, we disclose personal data to visa processing agencies or to the embassy of the country issuing the visa. To obtain your visa, we will most often need to submit your passport. In some cases, however, it may be sufficient to submit a copy of your passport.

In addition, we typically disclose information such as your arrival and departure dates and times, contact information for your next of kin, information regarding the purpose of your trip, and your nationality. In certain cases, we may also disclose information regarding your travel insurance coverage.

When we are required to submit your passport or a copy of it as part of the visa application process, we disclose your date of birth. In such cases, we use Article 6(1)(a) of the GDPR and Section 11(2)(2) of the Danish Data Protection Act as the legal basis for disclosure, as we have obtained your consent for this.

9.14 Other Recipients

In addition, we may disclose and/or transfer your personal data to other suppliers and/or service providers in connection with the ordinary operation of our business, for example, in relation to external administration of our IT systems, analytics services, marketing services, debt collection, credit assessments, auditing, bookkeeping, legal assistance, disputes, etc.

10. International Transfers of Your Personal Data

Due to the nature of Greenland Travel’s business, your personal data may be transferred to countries outside the EU/EEA in connection with booking a trip with us. To provide our services to you, it is sometimes necessary for us to use business partners and suppliers located outside the EU/EEA.

Without the possibility of transferring your information to recipients outside the EU/EEA, Greenland Travel would be unable to provide the requested travel services to you. This applies when booking your trip requires transferring information to recipients outside the EU/EEA, for example, to book flights, hotels, or other services at your travel destination.

The data protection legislation in these countries may be less stringent than in Denmark and the rest of the EU/EEA, as, in the majority of cases, these are countries where the European Commission has determined that the level of data protection does not correspond to the level of protection within the EU/EEA.

Where practically possible, transfers of your personal data will take place based on the European Commission’s Standard Contractual Clauses, which have been specifically developed for this purpose. Regarding transfers to the United States, such transfers will, where possible, take place under the Privacy Shield framework. Privacy Shield is an agreement between the EU and the United States that establishes, among other things, a strong set of data protection rules and security measures that participating U.S. companies must comply with when processing personal data.

In certain cases, however, it will not be practicable for Greenland Travel to enter into Standard Contractual Clauses or to rely on Privacy Shield as the legal basis for the transfer. In such cases, the transfer of information will take place pursuant to Article 49(1)(b) of the GDPR, as the transfer of your personal data to the relevant country is necessary for the performance of the contract between you and Greenland Travel (the booking of your trip) or for the implementation of measures taken at your request before entering into such a contract (for example in connection with the provision of a qualified offer as described above in Section 7).

It is therefore important that you are aware that transferring your personal data to countries outside the EU/EEA in connection with booking a trip with Greenland Travel means that your personal data will not enjoy the same level of protection as under Danish or EU law.

In connection with such transfers, there is a foreseeable risk that the relevant country may not have clear, precise, and accessible rules regarding the authorities’ access to and use of your personal data; that there may be no rules requiring such access to be necessary and proportionate; that the country may not have an independent and effective supervisory authority; and that effective legal remedies for data subjects may not be available.

If you do not wish Greenland Travel to transfer your personal data to recipients outside the EU/EEA in connection with booking your trip(s), please inform us no later than at the time of booking your trip.

Under no circumstances will Greenland Travel transfer your personal data to recipients outside the EU/EEA unless necessary to conduct our business and fulfill your needs, for example, by providing the requested travel services.

11. Data Integrity and Security

Personal data is not stored for longer than necessary to fulfill the purpose for which it was collected, unless storage is required to comply with national legal requirements, including statutory retention periods for bookkeeping.

It is Greenland Travel’s policy to protect personal data by implementing adequate technical and organizational security measures. When your personal data is no longer required, we will ensure it is securely and appropriately deleted.

12. Your Rights

You may at any time exercise your rights under applicable data protection legislation.

Right of Access

You have the right to obtain access to the information we process about you, as well as to receive additional information regarding our processing of your personal data.

Right to Rectification

You have the right to have incorrect information about yourself corrected and to have incomplete information supplemented. This may, among other things, be done by providing additional information yourself.

Right to Erasure

In certain cases, you have the right to have information about yourself deleted. This applies, among other things, where the information is no longer necessary for the purposes for which it was collected or processed, or where the processing of the information is unlawful.

Right to Restriction of Processing

In certain cases, you have the right to obtain the restriction of the processing of your personal data. This means we may not process the information for any purpose other than storage.

Right to Object

You have the right at any time — on grounds relating to your particular situation — to object to our otherwise lawful processing of your personal data.

Right to Data Portability

In certain cases, you have the right to receive the personal data you have provided to us in a structured, commonly used, and machine-readable format, and to have it transferred from us to another data controller without hindrance.

Right to Withdraw Consent

You have the right at any time to withdraw your consent to the processing of your personal data. However, please note that such a withdrawal only takes effect from the time of withdrawal. It therefore does not affect the lawfulness of our processing of your personal data before the withdrawal of your consent.

If you wish to exercise one or more of your rights, please contact us by email at: [email protected]. Your request will be processed in accordance with the applicable data protection legislation in force at any given time.

Complaints regarding Greenland Travel’s processing of your personal data may be submitted to:

The Danish Data Protection Agency (Datatilsynet)
Borgergade 28, 5th Floor
1300 Copenhagen K
Email: [email protected]

13. Updates

Greenland Travel continuously reviews and updates this Privacy Policy. You should therefore regularly review this Privacy Policy for any changes that may affect our processing of your personal data. We publish new versions on our website: www.greenland-travel.com