Privacy — The future of cruising

Privacy Policy

Last updated: May 27, 2019

In this Privacy Policy, we describe how we collect and process personal data (“data”) relating to our business contacts, customers, and other contacts such as job applicants.

As used herein, “personal data” refers to all information that can be directly or indirectly linked to a natural person. In this Privacy Policy, you will be informed about what types of personal data are collected by Dreamlake.

For the purposes of applicable data protection legislation, Dreamlake AB reg. no. 559154-3144(“Dreamlake”) is the controller of your personal data and determines how and why your personal data will be processed. Should you have any questions regarding Dreamlake’s processing of personal data, please do not hesitate to contact us at privacy@Dreamlake.com.

There may be links to other home pages or applications on Dreamlake websites that are not controlled by Dreamlake. This Privacy Policy covers only your use of Dreamlake services and therefore Dreamlake is not responsible for the content or processing of personal data that may occur on such linked home pages or applications.

How we collect data

We collect your personal data:

· When we engage in a business relationship.

· Through our website.

· Through our payment service providers.

· Through email correspondence.

· When you provide us with data through meetings, social media or events.

What data we collect:

We do not collect more information than we need to fulfill our stated purposes.

Personal data we process in relation to our business-to-business (“B2B”) contacts:

· Basic information such as your name, workplace, and title.

· Contact details such as address, e-mail address, and telephone number.

· Payment information.

· Information you provide in connection with meetings or events, such as requirements with respect to availability of premises or allergies.

· E-mail correspondence and confirmation when you open or forward an e-mail from Dreamlake.

· Your visit to our website and IP address.

Personal data we process in relation to our online store and/or services available in connection with business-to-consumers (“B2C”):

· Basic information such as your name and workplace.

· Contact details such as address, e-mail address, and telephone number.

· Payment information such as payment method, amount, order number, and date of purchase.

· IP address.

Personal data we process in relation to other contacts:

· Information you provide us with, such as emails, job applications, etc.

· In the recruitment process we may also process data provided by references or former employees.

Why we process your data

Please find below information regarding how we use your personal data, the legal bases for doing so, and how long we store your data:

Our business contacts’ data (B2B)

We use personal data to manage our business relationship with you (“Business relationship purposes”). The legal basis is for the performance of the contract between you and Dreamlake. If there’s no contract the processing is based on Dreamlake’s legitimate interest in maintaining and managing its business relationships. The data will be stored as long as we have a business relationship with you or the company you represent.

We use your contact information to market our services through, for example, newsletters, emails, publications, and events (“Marketing purposes”). The legal basis for other marketing activities (reaching out to you with newsletters etc.) is Dreamlake’s legitimate interest in marketing its products and services. The data is stored as long as we have your consent, a business relationship or until you, where applicable, opt out. With your consent, we may receive information about whether you’ve opened our email and if you interacted with any content such as links.

We use data regarding transactions between you or the company/organization you represent and Dreamlake (“Legal obligations”). The legal basis is for complying with a legal obligation, e.g. Dreamlake’s legal obligations due to the Swedish Accounting Act (Sw. bokföringslagen). The data is stored as long as prescribed by law.

We may use personal data for the establishment, exercise or defense of legal claims (“Legal rights”). The legal basis is Dreamlake’s legitimate interest in establishing, exercising or defending any legal claims. Information that is relevant for any legal claim is kept for up to 10 years in accordance with the Swedish Act on Limitation (Sw. preskriptionslagen).

Data related to our online store or products (B2C)

We use data for the performance of the contract between you and Dreamlake. The legal basis for processing is the performance of the contract between you and Dreamlake. If there’s no contract the processing is based on Dreamlake’s legitimate interest in maintaining and managing its business relationships. The data is stored if there is a contract between you and Dreamlake. The data may however be stored longer for other purposes (Legal obligations or Legal rights below).

We use data to prevent unauthorized access and misuse of Dreamlake’s website and services and to ensure the safety of information (“Prevention of misuse”). The legal basis is Dreamlake’s legitimate interest in having control over authorizations, access to and functioning of Dreamlake’s digital services. The data is stored no longer than necessary based on your use of our website and services.

We may use personal data for the establishment, exercise or defense of legal claims (“Legal rights”). The legal basis is Dreamlake’s legitimate interest in establishing, exercising or defending any legal claims. Information of relevance to any legal claim is retained for up to 10 years in accordance with the Swedish Act on Limitation (Sw. preskriptionslagen).

Other contacts

We may use any information you provide us with to manage our relationship with you, for example for answering your queries or providing you with relevant information regarding your relationship with Dreamlake (“Communication purposes”). The legal basis is Dreamlake’s legitimate interest in managing the relationship with you. The data is stored no longer than necessary based on the relationship between you and Dreamlake.

We use data you provide us with in relation to a job application to process your application and assess your suitability for employment (“Recruitment purposes”). The legal basis is Dreamlake’s legitimate interest in recruiting employees with adequate skillsets. The data is stored as long as necessary to assess if you are suitable for employment at Dreamlake.

For the establishment, exercise or defense of legal claims in relation to recruitment (“Legal rights”). The legal basis is Dreamlake’s legitimate interest in establishing, exercising or defending any legal claims related to recruitment. We will not store your data for more than 25 months after we recruited someone for an employment position for which you have applied.

How we share your data

We do not sell your data to any third party for marketing purposes. However, we may share information with our suppliers when they perform services on our behalf to maintain and support our IT systems. Such suppliers may only process the data in accordance with our instructions, i.e. in accordance with this Privacy Policy.

We may also disclose or share your data with:

· Auditors.

· Professional advisors.

· A third party when it’s necessary to comply with a legal obligation whether by law or contract.

· Social media such as Facebook, Instagram, LinkedIn, Twitter or the like when you contact us through such services. If you use these services, we refer to the respective service’s Privacy Policy for information on how they process personal data.

We strive to process all your data inside EU/EEA. However, some of Dreamlake’s IT providers and collaborative partners operate in the United States, for example (Google by the use Google Analytics). When personal data is shared with these providers, Dreamlake has put forth reasonable efforts to ensure the level of protection is equivalent to that applicable in the EU/EEA, through the providers' accession to the EU-US framework, Privacy Shield, in accordance with Article 45 of the General Data Protection Regulation. You can read more about the framework here.

If we transfer your personal data outside the EU/EEA, such transfer will be subject to appropriate safeguards in accordance with applicable data protection legislation.

How we protect your data

We use a range of technical and organizational measures to protect your data from unauthorized access, use, loss, change or deletion in accordance with applicable data protection legislation. Such measures include, but are not limited to, physical controls, encryption, eligibility restrictions, policies, etc.

Your rights

In accordance with applicable data protection legislation, you have a right to request access to, rectification or erasure of your personal data or restriction of the processing of your personal data. You also have a right to object to processing as well as the right to data portability.

You have a right to lodge a complaint regarding our processing of your data with the Swedish Data Protection Authority, Box 8114, 104 20 Stockholm, Sweden. You can also contact the Data Protection Authority in the Member State of your domicile or place of work.

Changes to this Privacy Policy

Dreamlake reserves the right to make changes to this Privacy Policy from time to time. If substantial changes to the Privacy Policy are made, Dreamlake will inform you about such changes by e-mail, provided Dreamlake has your e-mail address or, if reasonably possible, in some other manner.

How to contact us

Please do not hesitate to contact us should you have any questions about this Privacy Policy or the processing of your data or if you would like to exercise any of your rights under applicable data protection legislation.

You can contact us at: Dreamlake AB, 559154-3144, Sickla Industriv. 3, 131 54, Nacka, Swedenor by email at privacy@Dreamlake.com.

Cookies

Dreamlake’s website uses cookies. A cookie is a small text file that the website you visit requests to save on your computer. Dreamlake uses cookies based on your consent to:

· Facilitate and improve your use of the website, and to differentiate you from other users which promotes a more tailored and positive experience for you in connection with your use of the Dreamlake website.

· Collect information about your experience on our website using Google Analytics. Such information includes number of website visitors, average duration per session, the pages per session, your interests based on your searches and other behavior while visiting our site, and more.

· Identify when business contacts visit our website.

· Engage in marketing: Display Dreamlake’s advert when you visit certain websites, including but not limited to Facebook, LinkedIn, Twitter, Instagram, and to create social media marketing profiles based on the information collected via cookies, assess marketing performance to create better marketing campaigns.

If you do not wish to receive cookies, the “Help” portion of the toolbar on most browsers will tell you how to prevent your browser from accepting new cookies or how to have the browser notify you when you receive a new cookie. Additionally, you may be able to disable or delete similar data used by browser add-ons, such as Flash cookies, by changing the add-on’s settings or visiting the website of its manufacturer. Further, previously stored cookies can also be deleted through the browser. More information can be found through your browser’s support section. Should you have any questions regarding Dreamlake’s use of cookies, do not hesitate to contact us at privacy@Dreamlake.com.