How we handle your personal data
This Privacy Policy describes how Tällbergsgruppen AB (corporate ID 556792–7180) processes your personal data. The policy applies to all businesses operated by Tällbergsgruppen:
• Hotell Villa Långbers
• Hotell Gyllene Hornet
• Hotell Klockargården
• Dalmål Kafé & Hantverk
This Privacy Policy explains how we collect, use, share and store your personal data when you stay at or visit our hotels, use our websites, subscribe to newsletters, interact with us on social media or otherwise contact us.
Our aim is to be transparent and to protect your privacy in accordance with applicable data protection laws.
1. Contact Information
Tällbergsgruppen AB (corporate ID 556792–7180) is the data controller for the processing of your personal data. If you have any questions regarding how we process your personal data or if you wish to exercise your rights, please contact us:
• Email: [email protected]
• Phone: +46 247 512 00
• Address: Tällbergsvägen 28, 793 70 Tällberg, Sweden
Tällbergsgruppen collaborates with various franchisors who provide loyalty programmes, membership clubs and websites. For personal data connected to these programmes or websites, the respective franchisor is the data controller. Tällbergsgruppen and its hotels act as data processors.
2. What is personal data?
Personal data includes any information that can be directly or indirectly linked to you. Examples include your name, address, phone number, email address, payment information and booking confirmations. Usage data such as purchase history, click behaviour, website browsing history, IP addresses, purchasing patterns and preferences are also considered personal data, as well as any information you provide when contacting our hotels.
3. Where we collect your personal data
We collect your personal data directly from you, or from third parties (such as your employer, travel agency or a family member) if they book or purchase services on your behalf. In some cases, we also collect data from your use of our websites and online services.
4. Categories of processing
A. Accommodation or Visit
We process personal data in order to:
• Manage your booking
• Provide services (hotel, restaurant, conference, meetings, spa, activities and events)
• Communicate before, during and after your stay
• Manage payments and customer service
• Send surveys
• Carry out marketing (with consent or legitimate interest)
Legal basis: Contract, legitimate interest, consent (for sensitive data)
Retention period: 36 months after your stay
B. Website Visits
With your consent (via our cookie banner), we process data for the following purposes:
• Analyse website usage (Google Analytics)
• Provide relevant marketing (Google, Meta, LinkedIn, etc.)
Legal basis: Consent
Retention period: 36 months
C. Email Communications
We process personal data in order to:
• Send email communications
• Measure engagement
You may unsubscribe at any time.
Legal basis: Consent
Retention period: Until you unsubscribe; unsubscribe logs retained indefinitely
D. Social Media & Pre-Booking Contact
We process personal data when you:
• Contact us via phone, email, chat or social media
• Interact with our posts
• Allow us to share your posts
Legal basis: Legitimate interest, consent
Retention period: 36 months
E. Events and VIP Invitations
We process personal data to:
• Invite guests based on stay history
• Send tailored marketing
Legal basis: Legitimate interest, consent
Retention period: 36 months
F. Customer Service and Complaints
We process personal data to:
• Handle support matters and claims
• Comply with legal obligations
Legal basis: Legitimate interest, legal obligation
Retention period: Until the matter is resolved, or longer if required by law
G. Payments and Accounting
We process payment data for transactions and to comply with accounting regulations.
Legal basis: Contract, legal obligation
Retention period: 7–8 years
5. Sharing and Transferring Data
We share your personal data only with:
• Group companies within Tällbergsgruppen
• IT providers (for secure system operations)
• IT consultants (for technical support)
• Marketing, booking and customer service partners
• Payment processors (e.g., Klarna)
• Debt collection agencies, if payment remains outstanding
• Law enforcement authorities such as police or courts
Transfers of personal data outside the EU/EEA are carried out only with appropriate safeguards in place (such as Standard Contractual Clauses).
6. Profiling and Automated Decision-Making
We may use automated analysis to tailor offers to you or to assess your potential interest in VIP programmes. You may object to this processing at any time.
7. Cookies
We use cookies on our websites for functionality, statistics and marketing purposes. You can manage your cookie preferences through our cookie banner or via your browser settings. For more information, please see our full Cookie Policy.
8. Your rights
Under applicable data protection laws, you have several rights regarding our processing of your personal data:
Right of access
You have the right to request information at any time about the personal data we hold about you.
Right to data portability
When processing is based on a contract or your consent, you have the right to receive your personal data in a structured, commonly used and machine-readable format, and to transfer it to another controller.
Right to rectification
You have the right to request the correction of inaccurate or incomplete personal data.
Right to erasure (“right to be forgotten”)
You have the right to request the deletion of your personal data when it is no longer necessary for the purposes for which it was collected, or when you withdraw your consent.
Right to restriction of processing
You may request that we restrict the processing of your personal data. This may affect the services we can provide.
Right to withdraw consent
Where processing is based on your consent, you may withdraw it at any time. Withdrawal does not affect processing that has already taken place.
Right to object
You may object to processing based on legitimate interest if you have reasons relating to your particular situation.
Right to lodge a complaint
You have the right to lodge a complaint with the Swedish Authority for Privacy Protection (IMY) if you believe your personal data has been processed incorrectly.
9. Changes to this Policy
We may update this policy from time to time. The most recent version will always be available on our website. Significant changes will be communicated clearly.
Effective from: 3 October 2025.