diff --git a/apps/scandic-web/utils/refId.ts b/apps/scandic-web/utils/refId.ts
index e594b9fd9..c77653e54 100644
--- a/apps/scandic-web/utils/refId.ts
+++ b/apps/scandic-web/utils/refId.ts
@@ -9,12 +9,20 @@ export function calculateRefId(confirmationNumber: string, lastName: string) {
 }
 
 export function parseRefId(refId: string) {
-  // Some external systems that link to us do not encode the refId parameter
-  // properly, so we reverse the decoding of plus sign into spaces.
-  // Slash and equal sign are not decoded into anything, so no action needed.
-  // We only need to cater for those three (plus, slash, equals) as RefId is
-  // Base64 encoded which only has these three special characters.
-  const data = decrypt(refId.replace(/ /g, "+"))
+  // RefId is DES-ECB encryption + Base64 encoding. For legacy reasons we have
+  // to do some manual handling here to get a proper Base64 string.
+  //
+  // - Use case: Current web replaced plus sign with hyphens when generating RefIds.
+  //   Handling: We replace hyphens with plus signs.
+  //
+  // - Use case: Incoming links in the wild do not encode the RefId properly.
+  //   Handling: We replace spaces with plus signs. Effectively, reversing the
+  //   decoding of plus signs into spaces that Next.js does for us for incoming
+  //   search params.
+  //   Slash and equal sign are not decoded into anything, so no action needed.
+  //   We only need to cater for those three (plus, slash, equals) as RefId is
+  //   Base64 encoded which only has these three special characters.
+  const data = decrypt(refId.replace(/ |-/g, "+"))
   const parts = data.split(",")
   if (parts.length !== 2) {
     throw new Error("Invalid refId format")