DATA PROTECTION AND PRIVACY NOTICE [EU GDPR COMPLIANT]
1. General Information
This Data Protection and Privacy Notice sets out the ways in which “The Glenridding Hotel, Ullswater, Penrith, Cumbria CA11 0PB – Company Registration Number: 06506827” hereinafter “The Glenridding Hotel” collects, processes and shares your personal information and data.
2. What information does The Glenridding Hotel collect?
The Glenridding Hotel may collect, process and use the following information that you provide during the online or telephone booking process: such as when you book accommodation, a special inclusive package; purchase a gift voucher; when your sign up to our newsletter online; or, when you telephone to make a booking, at one of our bars, coffee shops, or restaurants; or, use the complimentary internet and broadband access whilst visiting, or staying in the hotel or using any of the facilities:
Your name, and names of those in your party;
Company or Organisation;
Your address and demographic information such as postcode;
Your email address;
Your date of birth;
Your payment card information; and
Electronic tracking information such as your IP address, cookies, and MAC address;
Your car/vehicle registration number;
Information pertinent to fulfilling our legal obligations
Other information you provide during the booking process, such as your preferences orspecial requests.We may receive certain categories of information listed above from sources other than you, such as from third-party websites, booking agents, applications; or, individuals who have added you as a guest to their booking, or who have purchased a gift voucher for you.We may combine this information with other information we collect.
3. What is your data used for?
The Glenridding Hotel processes your personal data in the following ways, and on the following legal bases:
Your name, telephone and email address are used for the purposes of sending you direct electronic marketing. The Glenridding Hotel will only do this if you have given your consent to being provided with the direct electronic marketing.
You may opt-out of receiving this at any time by contacting email@example.com, or by changing your preferences.
To carry out The Glenridding Hotel’s obligations arising from any contracts entered into between The Glenridding Hotel and you: for example to take payment, or to book accommodation, a table or gift voucher.
To send you confirmation email(s) or text message(s) to verify and confirm your accommodation reservation and booking, table bookings and gift voucher orders, this is necessary for the performance of The Glenridding Hotel’s contract with you so that it can confirm your bookings and provide you with details about your stay. It is also in The Glenridding Hotel’s legitimate interests to ensure that customers may be reminded about their bookings.
To enhance your experience of the The Glenridding Hotel accommodation, restaurants, bars and coffee shop and website, we do this as it is in our legitimate interest to ensure that you receive the best experience possible when you book and dine with us.
To optimise your experience of the types of direct electronic marketing that The Glenridding Hotel sends you (where you have consented to direct electronic marketing). The Glenridding Hotel does this on the basis that it is necessary in The Glenridding Hotel’s legitimate interest to ensure that such direct marketing is of interest and use to you.
To inform you of our allergen procedure and to ascertain whether special dietary requirements apply to your booking.
Employees, contractors and agents of The Glenridding Hotel may be given access to any Personal Information which we collect, but their use shall be strictly controlled and limited to the performance of their duties and in line with the reason for processing. Our employees, contractors and agents who do have access to your Personal Information are required to keep that information confidential and are not permitted to use it for any purposes other than to explicitly enable us to provide you with the highest levels of customer service.We may use your information in an anonymised and/or aggregated manner in order to analyse the data so that we can enhance our IT systems, booking systems; or, to optimise our website; or, to carry out market research. We may share this anonymised and/or aggregated data with third parties, but you will not be personally identifiable from any such data.The Glenridding Hotel may review your personal data if it has reason to believe that the information has been provided either inappropriately, unlawfully or illegally.The Glenridding Hotel does this on a routine basis that it is necessary in its legitimate and interest and legal responsibilities to ensure that the hotel reservations, accommodation, restaurants and website are being used appropriately, lawfully and legally.
4. Disclosing data and information to third parties
The Glenridding Hotel does not sell, trade, or otherwise transfer your personal identifiable information to outside parties other than as set out in this data protection and privacy notice.
The Glenridding Hotel provides your personal data:
To selected third party providers in order to process and deliver your bookings and orders,for example payment providers, gift voucher merchants and third party online bookingproviders;
To selected marketing agencies, web-mailing companies and hosting companies, that haveEU GDPR compliant operations;
Credit reference agencies or fraud prevention agencies.The Glenridding Hotel will only transfer your personal data outside of the EEA to organisations who are proven to have adequate safeguards in place to ensure the security of your personal data.The Glenridding Hotel will disclose your personal data to third parties:
If The Glenridding Hotel sells or buys any business or assets, in which case TheGlenridding Hotel will disclose your personal data to the prospective seller or buyer of suchbusiness or asset;
If The Glenridding Hotel or substantially all of its assets are acquired by a third party, inwhich case personal data held by it about its customers will be one of the transferredassets; or
If The Glenridding Hotel is under a duty to disclose or share your personal data in order tocomply with any legal obligation, or to protect the rights, property, or safety of The
Glenridding Hotel, you or any third party: and, to investigate illegal activities and breaches of any agreement The Glenridding Hotel has with you. This includes exchanging information with other companies and organisations for the purposes of serious crime, fraud protection and credit risk reduction.
The Glenridding Hotel may pass your personal data to third parties in a statistical and/or aggregated manner in order to analyse the data. The Glenridding Hotel will always ensure that you are not personally identifiable from any such data.
We may otherwise share your information as directed by you or subject to your consent.
5. Protecting your personal data
The Glenridding Hotel has put in place appropriate security measures to prevent your personal data from being accidentally lost, used or accessed in an unauthorised way, altered or disclosed.
In addition, it limits access to your personal data to those employees, agents, contractors and other third parties who have a business need to know and in accordance with, and bound to this data protection and privacy notice. They will only process your personal data in accordance with The Glenridding Hotel’s instructions.
The Glenridding Hotel has put in place procedures to deal with any suspected personal data breach and will notify you and any applicable regulator of a breach where it is legally required to do so, without any undue delay.
You also play an important role in keeping your information secure. If you have any reason to believe that your interactions with us are no longer secure, then please contact us without delay at firstname.lastname@example.org
6. Holding your personal data
The Glenridding Hotel will retain your data for as long as we need to hold it in order to provide you with exemplary services and to improve, analyse and optimise your customer experience; further, as required so by law.
We may also retain your data for longer periods where we need to do so in order comply with any legal or regulatory or statutory requirements (including keeping certain records for seven years for HMRC VAT purposes), to carry out audits, to detect and prevent fraud, to enforce contracts; or, to resolve any disputes.
To determine the appropriate retention period for personal data, The Glenridding Hotel considers the amount, nature, and sensitivity of the personal data: the potential risk of harm from unauthorised use, or disclosure of your personal data, the purposes for which The Glenridding Hotel processes your personal data and whether those purposes can be achieved through other means, and the applicable legal requirements.
7. Your Rights
Where The Glenridding Hotel relies on your explicit consent as the condition for processing your personal data, for example for sending you electronic direct marketing, you have the right to withdraw that consent at any time.
You have various additional statutory rights in relation to your personal data. In particular, you have the right to:
Right to object to direct marketing communications at any time;
Right to request basic information and to obtain access to your personal data;
Right to rectification or erasure of your personal data, in certain circumstances, and whereit is lawful for us to do so;
Right to object to, or restrict the processing of your personal data, in certain circumstances;
Right to have your personal data stored in a manner in which it is portable from theenvironment in which it is stored by The Glenridding Hotel to another environment; and
File a complaint with the Information Commissioner’s Office.
8. Changes to this Data Protection and Privacy Notice.
If The Glenridding Hotel decides to change this privacy notice, any changes will be posted on the appropriate web page, and will be available for inspection at time of check-in at our hotel, and other locations within the property that the management may make available from time to time.
This privacy notice was last modified on 28th April 2018.
9. Contact Information
Our Data Protection Officer will manage your complaint and will give you additional information about how it will be handled.