Travelheart Family A/S (CVR number 44524155) is the data controller for the processing of personal data on this website.

Here, you can read about how we process your personal data.

In this section, you can read more about how we process personal data from visitors to our website and users of our app.

We use cookies to optimize the user experience and prevent misuse and downtime, among other things. The use of cookies and the processing of personal data in connection with this are described in more detail in our cookie banner, which is displayed when you visit our website or app for the first time.

Depending on your cookie settings, we also use pixels, including the Meta Pixel, to improve and optimize the user experience and ensure that relevant information is shown through ads on Meta’s social media platforms. Regarding our use of Meta Pixels, we are joint data controllers with Meta Platforms Ireland Limited (“Meta”). We have entered into an agreement with Meta on the distribution of data protection responsibilities. According to this agreement, Travelheart Family and Meta are each responsible for the parts of the processing they handle. However, Meta is responsible for managing your rights as described in the section ‘Your Rights’ below, and Travelheart Family is responsible for providing you with the information in this privacy policy. You can read Meta’s privacy policy [here].

If you have consented to the use of tracking technologies from Meta, TikTok, Snapchat, Pinterest, and Google via the cookie banner on the site, we may also use their Conversion API solutions and Look-a-like audience solutions.

Types of Personal Data
When you visit our website, we may collect the following information about you through cookies, pixels, and other tracking technologies:

• IP address

• Your activity on the website and in the app, including click behavior, the page you navigated to the site from, and where you go when leaving the site

• Information about your device, including type, browser, and operating system

• Online identifiers such as CookieID, ClientID, UserID, and TransactionID

• Information you enter during booking on the website, such as name, address, email address, and phone number (if you accept our use of tracking technologies from Meta, TikTok, Snapchat, Pinterest, and Google)

• Your geolocation, if you allow it

Purposes of the Processing
Your personal data may be processed for the following purposes:

• Targeted marketing, including tailored advertisements to you and others on Google and social media to promote Travelheart Family’s brands, products, and services

• Product and service development, including improving the website and user experience

• Statistics and analysis to understand user behavior and thereby improve and optimize our marketing

• To ensure that our website functions properly and that you can use its features, including remembering your choices on the site

Legal Basis for Processing
We process your personal data on the following legal bases:

• Legitimate Interests: We base the processing of your personal data collected through necessary cookies on our legitimate interest in ensuring the website and its essential features function properly (Article 6(1)(f) of the GDPR).

• Consent: When you visit our website, we ask for your informed consent to place cookies that are not strictly necessary, in accordance with cookie regulations. We also base the processing of your personal data for targeted marketing, product and service development, and statistical analysis on your consent (Article 6(1)(a) of the GDPR). You can change your cookie consent at any time by clicking the small cookie icon in the bottom-left corner of the website and deleting any already placed cookies from your device. You can also withdraw your consent to the processing of your personal data by contacting us as outlined in section 1 above.

Retention Period
The retention period for personal data collected via cookies depends on the individual cookie. However, your personal data will be deleted no later than 26 months after collection.
The data may be stored longer in anonymized form.

Disclosure
If you consent to our use of non-essential cookies, we may disclose information about your use of our website and app, including information entered during purchases, to our partners in social media, advertising, and analytics. We and our partners may combine the above personal data with other information about you or comparable users, such as data you have provided yourself or that our partners have collected from your or others’ use of their services. The purpose of this disclosure is to target and personalize marketing to you via our or third-party websites.
We disclose your personal data based on your consent (Article 6(1)(a) of the GDPR). You can see which partners we share data with and find links to their respective privacy policies by clicking the small cookie icon in the bottom-left corner. Here, you can also change your cookie settings and find information on how to delete already placed cookies, thereby stopping future disclosure of your personal data to these partners.

Some of our partners collect and process your personal data for their own purposes, and we therefore encourage you to read our partners’ privacy policies, which you can find via links in our cookie banner.

In this section, you can read about how we process your personal data when you book a trip with Travelheart Family.

Types of Personal Data

When you book a trip with Travelheart Family – whether through our website or by other means – we process your personal data. We may process the following types of personal data about you:

• The contact details and date of birth you provide

• Information about your trip, including booking number, booking date, add-ons, travel itinerary, and who you are traveling with

• Your payment details

• Information about your order/travel history

• Information you provide when making a purchase or otherwise communicate with us, e.g. details about special needs related to your trip, complaints about your journey, and information about your job title

Purposes of Processing

Your personal data is processed for the following purposes:

• Completing your booking and delivering your trip

• Customer service before, during, and after your trip

• Statistics and analysis as well as customer satisfaction surveys to improve and develop our products, services, and customer experience

• Handling complaints, disputes, and claims

• Optimizing the customer service experience

• Compliance with accounting law requirements for record retention

• Ensuring necessary accommodations for your specific situation (e.g., health-related needs during travel)

• Marketing our products and services to you

Legal Basis for Processing

We process your personal data on the following legal grounds:

• Contractual obligations: We process your personal data to fulfill the purchase agreement with you, including delivering the booked trip and any additional services (GDPR Article 6(1)(b)). We need your contact information, age, and payment details to enter into a purchase agreement with you.

• Legitimate interests: We process your personal data based on our legitimate interest in providing good customer service, including across Travelheart Family group companies, handling complaints, disputes, and claims, marketing our products and services directly to you, and improving our services and customer experience (GDPR Article 6(1)(f)). You have the right to object to our direct marketing. If we need to process health data related to a complaint or dispute, we do so based on our legitimate interest in establishing, defending, or exercising legal claims (GDPR Article 6(1)(f) and Article 9(2)(f)).

• Legal obligation: Travelheart Family is legally required under the Danish Accounting Act § 12 to retain accounting records, including personal data contained therein, for a minimum of 5 years from the end of the financial year. This processing is based on our legal obligation (GDPR Article 6(1)(c)).

• Consent: If you provide information about specific health conditions that we need to register for your trip, we will always ask for your explicit consent before processing such data (GDPR Article 6(1)(a) and Article 9(2)(a)).

Retention Period

Personal data collected in connection with booking a trip is retained for 5 years from your most recent trip with us.

Personal data included in accounting records is stored for up to 6 years, as required by the Danish Accounting Act § 12.

Data may be processed and stored for longer in anonymized form.

Disclosure

We share customer data with other companies within the Travelheart Family group to ensure we provide the best possible customer service when you inquire about or book a trip within the group. You may object to the sharing of your personal data by contacting us as described in section 1 above.

We may disclose your personal data to our bank in connection with payment processing and to our auditors for statutory audit purposes.

In the event of a dispute, we may also share your personal data with external advisors, complaint boards, or courts, depending on the nature of the dispute. We may also share your data with our insurance provider in case of a claim against Travelheart Family.

We may also disclose your personal data to hotels, airlines, agents, and other partners who help us deliver the service you have booked. Only relevant information is shared with suppliers directly involved in delivering the trip and services you have booked. This disclosure is solely for fulfilling our agreement with you.

If you have booked a trip to a country outside the EU/EEA, the recipients of your personal data may be located in a country without the same level of data protection as within the EU/EEA. In such cases, your data is typically transferred based on the EU Commission’s standard contractual clauses, which you are entitled to access.

We may also share your contact details and purchase information with Meta Platforms Ireland Limited, TikTok Technology Limited, and Pinterest Europe Limited for the purpose of marketing our brands and products. These disclosures are based on our legitimate interest in marketing directly to you (GDPR Article 6(1)(f)). We also use Snapchat for direct marketing. Snap Inc. is located in the USA but is certified under the Data Privacy Framework, which the EU Commission has approved as providing an adequate level of protection. Transfers to Snap Inc. are therefore based on this certification. We also use Google, including YouTube, for direct marketing. This may result in your personal data being transferred to countries outside the EU/EEA without adequate protection. In such cases, transfers are based on the EU Commission’s standard contractual clauses, which you may request access to. You have the right to object to the sharing and use of your personal data for direct marketing by contacting us as described in section 1 above.

Joint Data Controllership

We are joint data controllers with Meta Platforms Ireland Limited, TikTok Technology Limited, and Pinterest Europe Limited regarding the processing of your personal data for our direct marketing on their platforms as described above. We have entered into agreements with each provider regarding the division of data protection responsibilities.

According to these agreements:

• Meta is responsible for handling your rights as described in the section ‘Your Rights’ below, and Travelheart Family is responsible for providing you with the information in this privacy policy. You can read Meta’s privacy policy [here].

• TikTok is responsible for handling your rights as described in the section ‘Your Rights’ below, and Travelheart Family is responsible for providing you with the information in this privacy policy. You can read TikTok’s privacy policy [here].

• Pinterest is responsible for handling your rights as described in the section ‘Your Rights’ below, and Travelheart Family is responsible for providing you with the information in this privacy policy. You can read Pinterest’s privacy policy [here].

• Google is responsible for handling your rights as described in the section ‘Your Rights’ below, and Travelheart Family is responsible for providing you with the information in this privacy policy. You can read Google’s privacy policy [here].

In this section, you can read about how we process your personal data when you shop in our webshop.

Types of Personal Data

When you use our webshop, we process your personal data. We may process the following types of personal data about you:

• Your contact information

• Your payment details

• Information about your order/purchase history, including the sizes you have ordered

• Any correspondence with you related to your purchase, including complaints and claims

Purposes of Processing

Your personal data is processed for the following purposes:

• Fulfillment of your order

• Customer service following your purchase

• Statistics and analysis, as well as customer satisfaction surveys, to improve and develop our products, services, and customer experience

• Handling of complaints, claims, and disputes

• Optimization of the customer service experience

• Compliance with the retention requirements under the Bookkeeping Act

• Marketing of our products and services to you

Legal Basis for Processing

We process your personal data based on the following grounds:

Contractual obligations:
We process your personal data to fulfill the purchase agreement with you, including delivering the ordered products (GDPR Article 6(1)(b)). We need your contact and payment details in order to enter into a purchase agreement with you.

Legitimate interests:
We process your personal data based on our legitimate interest in delivering quality customer service — including across companies within the Travelheart Family group — in handling any complaints, disputes, and claims, as well as marketing our products and services directly to you and improving our services and customer experience (GDPR Article 6(1)(f)). You have the right to object to our direct marketing to you.

Legal obligation:
Travelheart Family is obligated under Section 12 of the Danish Bookkeeping Act to retain accounting records, including personal data contained in those records, for a minimum of 5 years from the end of the financial year. We therefore process personal data included in such records to comply with this legal obligation (GDPR Article 6(1)(c)).

Retention Period

Personal data collected in connection with webshop purchases is stored for 5 years from the date of your purchase.

Personal data included in accounting records is stored for up to 6 years. This retention period is based on the legal requirement in Section 12 of the Bookkeeping Act.

The information may, however, be processed and retained for a longer period in anonymized form.

Disclosure of Personal Data

We share customer information with other companies within the Travelheart Family group to ensure we can provide the best possible customer service experience when you shop with any company in the group. You have the right to object to the sharing of your personal data by contacting us as outlined in Section 1 above.

We may disclose your personal data to our bank in connection with processing your payment. We may also share your data with our auditors as part of the mandatory audit of our financial statements.

In the event of a dispute, we may disclose your personal data to external advisors, complaints boards, or courts, depending on the nature of the dispute.

We also share your personal data with the shipping company delivering your order to ensure proper delivery.

We may share your contact details and information about your purchases with Meta Platforms Ireland Limited, TikTok Technology Limited, and Pinterest Europe Limited for the purpose of marketing our brands and products. Such disclosures are based on our legitimate interest in marketing to you, including through direct marketing (GDPR Article 6(1)(f)).

We also use Snapchat for direct marketing. Snap Inc. is based in the U.S. but is certified under the Data Privacy Framework, which the EU Commission considers sufficiently secure. Transfers to Snap Inc. are therefore based on this certification.

We also use Google, including YouTube, for our direct marketing efforts. This may result in your personal data being transferred to countries outside the EU/EEA that do not offer an adequate level of protection. In such cases, transfers are based on the EU Commission’s Standard Contractual Clauses, which you have the right to access.

You can object to the sharing and use of your personal data for direct marketing by contacting us as described in Section 1 above.

Joint Data Controllers

We are joint data controllers with Meta Platforms Ireland Limited, TikTok Technology Limited, and Pinterest Europe Limited regarding the processing of your personal data in connection with our direct marketing on their platforms as described above. We have entered into agreements with each provider regarding the allocation of data protection responsibilities. According to these agreements:

• Meta is responsible for handling your rights as described in the section “Your Rights” below, and Travelheart Family is responsible for providing you with the information in this privacy policy. You can read Meta’s privacy policy [here].

• TikTok is responsible for handling your rights, and Travelheart Family is responsible for providing you with the information in this privacy policy. You can read TikTok’s privacy policy [here].

• Pinterest is responsible for handling your rights, and Travelheart Family is responsible for providing you with the information in this privacy policy. You can read Pinterest’s privacy policy [here].

• Google is responsible for handling your rights, and Travelheart Family is responsible for providing you with the information in this privacy policy. You can read Google’s privacy policy [here].

In this section, you can read about how we process your personal data when you purchase a gift card.

Types of Personal Data

When you purchase a gift card from us, we process your personal data. We may process the following types of personal data about you:

• Your contact information

• Your payment information

• Information about your order/purchase history, including which sizes you have ordered

• Any correspondence with you related to your purchase, including complaints or claims

Purposes of Processing

Your personal data is processed for the following purposes:

• Fulfilling your purchase

• Customer service in connection with your purchase

• Statistics and analysis, as well as customer satisfaction surveys aimed at improving and developing our products, services, and customer experience

• Handling complaints, claims, and disputes

• Optimizing the customer service experience

• Complying with accounting record-keeping requirements

• Marketing our products and services to you

Legal Basis for Processing

We process your personal data on the following bases:

• Contractual obligations: We process your personal data to fulfill the purchase agreement entered into with you, including to deliver your gift card (General Data Protection Regulation Article 6(1)(b)). It is necessary for us to receive your contact and payment information before we can enter into a purchase agreement with you.

• Legitimate interests: We process your personal data based on our legitimate interest in providing good customer service—including across companies within the Travelheart Family group—handling complaints, disputes, and claims, as well as marketing our products and services directly to you and improving our services and customer experience (GDPR Article 6(1)(f)). You have the right to object to our direct marketing.

• Legal obligation: Travelheart Family is obligated under Section 12 of the Danish Bookkeeping Act to retain accounting material, including personal data included therein, for a minimum of 5 years from the end of the financial year. Therefore, we process personal data included in such material to comply with this legal obligation (GDPR Article 6(1)(c)).

Retention Period

Personal data collected in connection with the purchase of a gift card is stored for 2 years from the date of your purchase.

Personal data included in accounting records is stored for up to 6 years. This retention period is determined based on the requirement in Section 12 of the Danish Bookkeeping Act.

However, the information may be processed and retained for longer in anonymized form.

Disclosure

We share information about our customers with other companies in the Travelheart Family group to ensure we can provide you with the best possible customer service experience when you do business with companies in the group. You may object to the sharing of your personal data by contacting us as described in section 1 above.

We may disclose your personal data to our bank in connection with processing your payment. Additionally, we may share your personal data with our auditors for the statutory audit of our accounts.

In the event of a dispute, we may also disclose your personal data to external advisors, complaint boards, or courts, depending on the nature of the dispute.

If you have chosen to have your gift card delivered by post, we will also disclose your personal data to the shipping company responsible for delivering your order.

We may also disclose your contact information and information about your purchases to Meta Platforms Ireland Limited, TikTok Technology Limited, and Pinterest Europe Limited for the purpose of marketing our brands and products. Such disclosures are based on our legitimate interest in marketing to you, including via direct marketing (GDPR Article 6(1)(f)). We also use Snapchat for direct marketing. Snap Inc., based in the USA, is certified under the Data Privacy Framework, which is approved by the EU Commission as providing an adequate level of protection. Transfers to Snap Inc. are therefore based on Snap Inc.’s Data Privacy Framework certification. We likewise use Google, including YouTube, for direct marketing. This may result in your personal data being transferred to countries outside the EU/EEA that do not provide an adequate level of protection. In such cases, the transfer of your personal data is based on the EU Commission’s Standard Contractual Clauses, which you have the right to access. You can object to the sharing and use of your personal data for direct marketing by contacting us as described in section 1 above.

We are joint data controllers with Meta Platforms Ireland Limited, TikTok Technology Limited, and Pinterest Europe Limited regarding the processing of your personal data in connection with our direct marketing on their platforms, as described above. We have entered into agreements with each provider regarding the distribution of data protection responsibilities. Under these agreements, Travelheart Family and each provider are responsible for the processing activities they perform, with the following exceptions:

• Meta is responsible for handling your rights as described in the section “Your Rights” below, and Travelheart Family is responsible for providing you with the information in this privacy policy. You can read Meta’s privacy policy [here].

• TikTok is responsible for handling your rights, and Travelheart Family is responsible for providing you with the information in this privacy policy. You can read TikTok’s privacy policy [here].

• Pinterest is responsible for handling your rights, and Travelheart Family is responsible for providing you with the information in this privacy policy. You can read Pinterest’s privacy policy [here].

• Google is responsible for handling your rights, and Travelheart Family is responsible for providing you with the information in this privacy policy. You can read Google’s privacy policy [here].

In this section, you can read about how Travelheart Family processes your personal data when you subscribe to our newsletter.

Types of Personal Data

When you subscribe to our newsletter, we may collect, process, and store the following types of personal data about you:

• Name, email address, postal code

• Your consent

• Click behavior in relation to sent material (collected when you interact with the newsletters)

In connection with organizing and sending marketing materials, we may also use the following personal data to target our newsletters:

• Your purchase history and previous travels

• Your click behavior on our website (collected via cookies, pixels, and other tracking technologies)

Purposes of Processing

Your personal data may be processed for the following purposes:

• Targeted marketing, including the sending of personalized newsletters and the use of automated decision-making

• Targeted marketing on social media

• Analysis and statistics to improve and develop our services and marketing efforts

• Documentation of your consent to defend ourselves in case of complaints or disputes

Legal Basis for Processing

We process your personal data based on the following legal grounds:

• Consent: We use your personal data for direct and targeted marketing via email, including profiling, if you have given your prior consent (Section 10(1) of the Danish Marketing Act and Article 6(1)(a) of the General Data Protection Regulation).

• Legitimate interests: We process your personal data based on our legitimate interest in defending against complaints and legal claims, our legitimate interest in targeting marketing on social media, and our legitimate interest in improving and developing our services and marketing materials (GDPR Article 6(1)(f)).

Retention Period

Your personal data will be retained as long as your consent to receive marketing is active.

If you no longer wish to receive our newsletters, you can unsubscribe via the link at the bottom of each email or by contacting us as described below. However, withdrawing your consent does not affect the lawfulness of the processing carried out before the withdrawal.

We store documentation of your marketing consent for two years from the time you withdraw your consent to receive direct marketing. This retention period is based on our legitimate interest in being able to document that we have sent direct marketing in accordance with applicable law.

Disclosure

We share your personal data with other companies in the Travelheart Family group to improve our marketing efforts across the group. You may object to the sharing of your personal data by contacting us as stated in section 1 above.

We may disclose your name, email address, postal code and city, and your click behavior in sent material to Meta Platforms Ireland Limited, TikTok Technology Limited, and Pinterest Europe Limited for the purpose of marketing our brands and products. Such disclosures are based on our legitimate interest in marketing our products and brands directly to you across channels (GDPR Article 6(1)(f)). We also use Snapchat for direct marketing. Snap Inc., based in the USA, is certified under the Data Privacy Framework, which has been approved by the EU Commission as providing adequate protection. Transfers to Snap Inc. are therefore based on Snap Inc.’s Data Privacy Framework certification. We also use Google, including YouTube, for direct marketing purposes. This may result in your personal data being transferred to countries outside the EU/EEA that do not provide an adequate level of protection. In such cases, the transfer of your personal data is based on the EU Commission’s Standard Contractual Clauses, which you have the right to access.

We are joint data controllers with Meta Platforms Ireland Limited, TikTok Technology Limited, and Pinterest Europe Limited regarding the processing of your personal data in connection with our direct marketing on their platforms as described above. We have entered into agreements with each provider regarding the allocation of data protection responsibilities. According to these agreements, Travelheart Family and the providers are generally each responsible for the part of the processing they perform, with the following exceptions:

• Meta is responsible for handling your rights as described in the section “Your Rights” below, and Travelheart Family is responsible for providing you with the information in this privacy policy. You can read Meta’s privacy policy [here].

• TikTok is responsible for handling your rights, and Travelheart Family is responsible for providing you with the information in this privacy policy. You can read TikTok’s privacy policy [here].

• Pinterest is responsible for handling your rights, and Travelheart Family is responsible for providing you with the information in this privacy policy. You can read Pinterest’s privacy policy [here].

• Google is responsible for handling your rights, and Travelheart Family is responsible for providing you with the information in this privacy policy. You can read Google’s privacy policy [here].

In this section, you can read about how Travelheart Family processes your personal data when you participate in a competition.

Types of Personal Data

When you take part in one of our competitions, we may collect, process, and store the following types of personal data about you:

• The contact information you provide when signing up for the competition

• Information about any prizes you win through participation in the competition

Purposes of Processing

Your personal data may be processed for the following purposes:

• Administration of the competition, including selecting and contacting the winner

• If you win, we will publish your name, city, and the prize you have won on our website in order to comply with the guidelines set by the Danish Consumer Ombudsman

• To monitor participation trends in our competitions to help plan future competitions

Legal Basis for Processing

We process your personal data based on the following legal ground:

• Legitimate interest: We process your personal data in order to select and announce a winner, including to comply with the Danish Consumer Ombudsman’s guidelines, and based on our legitimate interest in contacting you if you win and in improving future competitions (GDPR Article 6(1)(f)).

Disclosure

If you win one of our competitions, we will publish your personal data on our website or social media channels, depending on what is stated in the specific competition terms.

Retention Period

Your personal data will be stored for as long as the competition is ongoing. Once a winner has been selected and contacted, the personal data related to the competition will be deleted. The winner’s personal data will be stored for up to 2 years after the winner has been selected. However, the data may be retained for a longer period in anonymized form.

If you collaborate professionally with Travelheart Family, including as a sole proprietor or as a contact person at one of our suppliers or other partners, you can read more about how we process your personal data here.

Types of Personal Data

We may collect, process, and store the following types of personal data about you:

• Name, company, job title

• Your work-related contact details, such as email address, phone number, and address

• Contractual information such as orders, invoices, contracts, and other agreements between your company (or your employer) and us, which may include your contact details

• Other information included in our correspondence

The above information may be received directly from you (primarily through emails and other correspondence) or from your employer. We process your data if your company or the company you work for enters into an agreement with us, if you have shown interest in our products and services (e.g., by sharing your contact information with us), or in connection with other cooperation.

Purposes of Processing

Your personal data may be processed for the following purposes:

• Administration of our professional collaboration, including fulfillment of agreements

• Handling disputes

• Compliance with bookkeeping law retention requirements

Legal Basis for Processing

We process your personal data on the following grounds:

• Contractual obligations: If you are a sole proprietor who has entered into a contract with us, we typically process your personal data to fulfill a contract to which you are a party (GDPR Article 6(1)(b)). It is necessary for us to receive your contact details before we can enter into a cooperation agreement with you.

• Legitimate interests: If you are employed by one of our partners, we process your personal data based on our legitimate interest in managing day-to-day operations, including safeguarding our rights and obligations under agreements with our partners (GDPR Article 6(1)(f)). Similarly, we process data related to sole proprietors based on our legitimate interest in handling any disputes.

• Legal obligation: Travelheart Family is obligated under Section 12 of the Bookkeeping Act to retain accounting material, including personal data contained in such material, for a minimum of 5 years after the end of the fiscal year. We therefore process personal data contained in accounting records to comply with this legal obligation (GDPR Article 6(1)(c)).

Retention Period

Personal data related to professional collaborations are generally retained for up to 2 years after the agreement or cooperation ends, unless special reasons justify a longer retention period.

Personal data included in accounting material are retained for up to 6 years to comply with Section 12 of the Bookkeeping Act. However, the information may be kept for a longer period in anonymized form.

Disclosure

We may disclose your personal data to our bank in connection with payment processing. We may also share your personal data with our auditors for mandatory auditing of our accounts.

In case of dispute management, we may disclose your personal data to external advisors, complaint bodies, and courts depending on the nature of the dispute.

To fulfill the purposes described above, we may grant third parties access to your personal data, who, based on a contractual relationship with Travelheart Family, provide relevant services. These may include, for example, IT providers, email and marketing providers, and suppliers of IT solutions. Such service providers will only process personal data in accordance with our instructions under data processing agreements.

If your personal data is transferred to processors located in countries outside the EU/EEA that do not have an adequate level of protection, such transfer will be based on the EU Commission’s standard contractual clauses or another lawful transfer mechanism in accordance with Chapter V of the GDPR. If you have questions or want to know more about specific transfers, including the legal basis for the transfer, you are always welcome to contact us. You also have the right to receive a copy of the transfer basis.

In connection with the development of the Travelheart Family group, the company structure may change, for example, through the full or partial transfer of group activities. In the event of the transfer of parts of the business or other commercial changes, the legal basis for the related disclosure of personal data is generally our legitimate interest in doing so (GDPR Article 6(1)(f)).

Other disclosures are described under each processing activity above.

• You have the right to access the personal data we process about you.

• You have the right to object to our collection and further processing of your personal data.

• You have the right to rectification and deletion of your personal data, subject to certain legal exceptions.

• You have the right to request restriction of the processing of your personal data.

• Under certain circumstances, you can also request to receive a copy of your personal data and to have the personal data you provided to us transmitted to another data controller (data portability).

• You may withdraw any consents you have given at any time. We will then delete your personal data unless we can continue processing on another legal basis. You can unsubscribe from our newsletter by clicking the link at the bottom of the newsletter.

If you have questions about this privacy policy or if you wish to exercise your rights or file a complaint regarding our processing of your personal data, you can always contact us as indicated in section 1 above. You can also file a complaint with the Danish Data Protection Agency via this link. Alternatively, you can write to: dt@datatilsynet.dk.