Duinrell values your privacy and personal data. In this privacy statement, we provide information on the way we handle this data. We may amend this privacy statement from time to time. For example, when there are changes in the way we process your personal data or when this is necessary because of law and regulations.
Duinrell always follows the applicable privacy legislation, including the General Data Protection Regulation (GDPR). In doing so, we apply a number of basic principles.
This means that we will:
We process the personal data that you have given us, for example in the context of your visit to our amusement park and/or holiday park, or that we have obtained through your use of our website, by filling in a contact form, by reporting a complaint or by registering for our newsletter.
The personal data that we process may fall into the following categories:
Name and contact details
These include your name, the address where you live, gender, date of birth, nationality and sometimes the registration number of your car. We may also store your telephone number and email address.
Information about subscriptions, bookings and purchases
When purchasing a season ticket, making a booking or buying a ticket, in addition to your name and contact details we also process your bank account number, information about the type of season ticket, the length of stay at our park and the composition of the family or travel companions.
For the security of you, our employees and our property, we have camera surveillance at our park, around accommodations and in the Tiki Pool. Some cameras at our park save the images. Other cameras only have a live stream. Our security staff are equipped with body cams that are activated in the event of an incident.
There are also photo cameras installed at various attractions that capture images of the visitors. The photos can later be purchased by those pictured on them.
Information from social media
We may receive information through the social media you use, such as Facebook, Instagram, Snapchat, Twitter, etc. For example, if you log in to our network using one of these services, we may receive your profile on said services. The use of social media such as Facebook, Instagram, Twitter or YouTube is not governed by our terms and conditions and privacy statement, but by the terms and conditions, privacy and cookie statement and other statements of the respective social media. We encourage you to read them carefully if you have any questions about them.
Information you provide us
You may share information with us, for example, by participating in a promotional activity such as a contest. We also send out surveys about your experience at Duinrell. If the survey is completed, we will process this information and add it to the personal details already known to us. In addition, these data are shared with our management team. We also process your personal data when you communicate directly with us by email.
Information we obtain through our website, apps and other digital media
We use your personal data for a number of different purposes. The use we make of your personal data can always be based on one of the principles mentioned in the GDPR. Below we explain the use of your personal data.
Executing the agreement
If you enter into an agreement with us, for example by purchasing a ticket for our amusement park or booking a stay at our holiday park, we need your personal data, such as contact details, to execute the agreement. Without these details we cannot follow up on a reservation or issue a ticket.
In addition, we may collect personal data during your visit to our amusement park and/or holiday park, such as the photos that are taken at certain attractions and which you may purchase. At the attractions where a photo is taken, a sign will indicate this. You are then free to decide whether to make use of this attraction.
Executing he agreement is the basis for these processes.
The contact details we have obtained because you have visited our park are kept in our customer system and can be used by us to send newsletters, updates, invitations to events and to send information that you have requested from us.
We base the use of your personal data on the basis of executing the agreement and the justified interest we have in using the data. We therefore do not require your permission to use these contact details. The legitimate interest consists of the fact that we would like you to visit our park again.
Improving our information services and marketing activities
We would like to provide you with relevant information so that we can give you a clear picture of our park and our services. Of course, we hope that you will visit our park and continue to do so. This is our legitimate interest in using your personal data.
To achieve this aim, we analyse personal data obtained from contact between you and Duinrell, for example via our website. We also analyse personal information about your behaviour, such as your preferences, opinions, wishes and needs. We can derive these data from your surfing behaviour on our website, from reading our newsletters or from your request for information.
We also analyse the use of our website. The website's user statistics enable us to get an idea of, among other things, the number of visitors, the length of the visit and which pages of the website are viewed. It concerns the collection of generic data, without personal information. We use the information obtained to improve our website.
The basis for these processes is our legitimate interest. For some processing, such as the placement and analysis of cookies, we rely on the basis of consent.
Security of persons and property
The camera surveillance is for reasons of safety and security of our employees, visitors to our park and our property. The images recorded are only stored for a limited period of 30 days and then deleted. In the event of an incident, images may be stored for a longer period, for example until the incident is resolved. We base the processing of images on the basis of legitimate interest.
Compliance with laws and regulations
We are obliged to keep a so-called 'night register' if you are staying in one of our accommodations. The night register records the name and place of residence of the (principal) guest, the date of arrival and departure and which identity document the (principal) guest has presented. We must be able to show this register to the authorities. This processing is therefore based on a legal obligation.
In order to process your personal data, we may engage service providers (processors) who process personal data solely on our behalf.
For example, to process your booking and reservation through our website. We also use services of third parties to send newsletters, commercial emails and online questionnaires as part of customer satisfaction surveys. We conclude a (data) processing agreement with these parties. This agreement states, among other things, that the processors may only act on our instructions, may not use the personal data for their own purposes and must take adequate security measures.
The processor outside the EEA that provides us with services to analyse the use of our website is Google Inc. Google is based in the United States and is registered for the EU-US Privacy Shield. You can find more information about this at: https://www.privacyshield.gov/welcome
Your personal data will not be shared with third parties for commercial purposes.
Every person can, on the basis of the law, exercise certain rights with regard to his or her personal data.
For example, you have the right to inspect, correct and delete personal data. You can also object to the use of your data or ask to limit this use. In certain cases, you can even request your data to be transferred to another party. For all these questions, please contact us at [email protected].
If we have asked you for permission to process your personal data and you have granted permission, you also have the right to withdraw this permission at any time. Upon receipt of your notification that you are withdrawing your consent, we will immediately follow up on this. The use we made of your personal details up to the moment you withdrew your permission will remain lawful.
We retain your personal data for as long as is necessary for the purpose for which we have obtained the data, unless a statutory retention period applies. If we no longer need the personal details, we remove or anonymise them. Anonymisation means that we ensure that the data cannot be traced back to you.
Your privacy is important, so we take the security of your data very seriously. We have taken various measures to ensure that your data is and remains safe. When securing your data, we take into account any processing risks of your data: for example, if it is lost or misused.
If you have any complaints or questions about how we handle your personal data, you can contact us by sending an e-mail to [email protected]. Complaints can also be sent in writing to: Vakantie- en attractiepark Duinrell, Duinrell 1, 2242 JP Wassenaar, The Netherlands. To ensure that only you have access to your details, we always ask you to send us a copy of your identity document.
We will be happy to help you find a solution. Should this not be possible, then it is always possible to turn to the Dutch Data Protection Authority ("Autoriteit Persoonsgegevens").