The General Data Protection Regulation (GDPR) is the data protection regulation that replaces the PuL (Personal Data Act). GDPR is an EU regulation and acts as a law in Sweden since 2018-05-28, with the aim of strengthening the protection of natural persons in the processing of personal data within the EU.

GDPR applies to all companies and nonprofit organizations in the EU and non-EU companies that handle personal data about citizens in EU countries.

We at Åre Travel choose to be completely transparent in terms of what and how your information is stored and used, and why. All registration takes place in digital form.

Who in the company and which external partners who have access to the organization's personal data are shown below.

Collection of customer information when booking


Customer registers his / her data: Name, address, telephone number, e-mail, number of persons, card details, check-in date
Customer book online on a booking channel, eg. Booking, Airbnb, Hotels, Expedia
Customer information is stored in the respective company's extranet
Customer can also book via, e-mail, text and phone and then provide the same information.

Registration of customer information at Åre Travel

Customer information is imported into Åre Travels Channel Manager / Hotel System Sirvoy and Åre Travel complements with social security numbers.

Kalix24 phone service will receive incoming calls when Åre Travels staff is not available. Need Kalix24 to answer questions about your booking Kande see first name and last name, booked accommodation and date. This is to identify the right person to get a check in.

Manage booking and provide accurate information about purchased service to the right customer
Pay and follow the Tax Agency's guidelines for what should appear on an invoice
Follow the Policing Authority's regulations and general advice on registration cards for hotel guests
Provide correct documentation. Bookkeeping
Customer information is saved as many customers are recurring
A customer is entitled to information: Data Inspection's regulation on the right to information
Customer may request a check-out checkout at any time after check-out and, if so, it will be documented.
Should the personal records come into contact with a burglar, burglary or accident incident, the data will be documented and reported to the Data Inspectorate.

Information sent to customer


Åre Travel offers additional services for booking via website, mail, text or telephone
Åre Travel sends the necessary information to the customer about the accommodation, such as booking confirmation, address details, booking terms and codes

Client receives contact information for Åre Travel staff to housekeeping and  booking manager. Staff have written in writing that we handle data


INFORMATION: Manage booking and provide necessary information about purchased service to the right customer
Provide the desired service to the customer


Payment by credit card: Necessary customer information is exported to the card issuer Stripe and then on to the company's bank, Handelsbanken
Airbnb is paid by the guest
Paying customer via invoice exported necessary customer information to Nox Finance

Pay for services securely
Card information is encrypted and can not be seen by Åre Travel



All transactions are posted in Fortnox
Each transaction must have a basis in the form of complete booking information.
This is digitally stored for at least 7 years

To comply with the Accounting Act



Åre Travel never shares or sells any information.

Åre Travels Personnel who have access to information sign a privacy agreement.

How GDPR management is conducted in other companies listed as partners, contact them directly.

Competent authorities that so request will have access to customer information
Competent staff at Åre Travel Book keeping company.

At least 7 years, according to the Bookkeeping Act

Through logins to respective systems, and backup is managed by respective supplier

Only information required to complete the booking is saved

GDPR Privacy policy

We respect and value your privacy and integrity. Hence, no personal information will be sold, given or transferred in any way to a third party.

You have the right to request the personal information we have about you. If the personal information should be found to be incorrect, incomplete or inaccurate, you have the right to demand that the personal information is corrected or deleted. You can also request to have your data transferred to a third-party of your choosing (portability). For requests concerning your personal information, send an e-mail to us.

If you believe we use or process your personal data in an unacceptable manner, you can contact us or raise a complaint to a higher authority.

What rights you have over your data
If you have an account on this site,  you can request to receive an exported file of the personal data we hold about you, including any data you have provided to us. You can also request that we erase any personal data we hold about you. This does not include any data we are obliged to keep for administrative, legal, or security purposes.