Personal data relates to a living individual who can be identified from that data. Identification can be by the information alone or in conjunction with any other information in the data controller’s possession or likely to come into such possession. The processing of personal data is governed by [the General Data Protection Regulation 2016/679 (the “GDPR”)
We would like to reassure you that we will not share your personal data including your email address with any other companies nor shall we bombard you with junk style e-mails.
All direct payment gateways used by our company adhere to the standards set by PCI-DSS as managed by the PCI Security Standards Council, which is a joint effort of brands like Visa, MasterCard, American Express and Discover. PCI-DSS requirements help ensure the secure handling of credit card information by our store and its service providers.
We collect such Non-personal and Personal Information for the following purposes:
- To provide and operate the Services;
- To complete accommodation and restaurant bookings.
- To provide our Users with ongoing customer assistance and technical support;
- To be able to contact our Visitors and Users with general or personalized service-related notices and promotional messages;
- To comply with any applicable laws and regulations.
- To operate the The Carradale Hotel web site and deliver the services that individuals have requested.
We may contact you to notify you regarding your account, to troubleshoot problems with your account, to resolve a dispute, to collect fees or monies owed, contact you to enforce our User Agreement, applicable national laws, and any agreement we may have with you. For these purposes we may contact you via email, telephone, text messages, and postal mail.
We collect personal information that you choose to provide:
- when you make an enquiry online, by email or by phone;
- when you make a booking online, by email or by phone; and
- when you check-in and complete a registration card.
Throughout your stay, we will collect personal information about your time with us and your dining and leisure activities.
What type of information is collected from you?
- If you make a booking with us, we will ask for your name, contact details, the details of any other guests, billing information and any specifics about your stay.
- In order to improve your guest experience we may from time to time collect and store other information about you such as your personal preferences. We will only ever ask for information to enable us to provide the services you have requested.
- During your stay we will collect information from you in the form of requests and feedback. We will also collect information about your activities whilst you are with us for billing purposes and to improve our services to you.
- We may from time-to-time require sensitive personal information (such as medical information) to provide specific services to you safely or to comply with our legal obligations, where this is the case we will always inform you (and where required) ask for your explicit consent to record this information at the time.
- After your stay we will retain relevant information about you to enable us to comply with our legal obligations and to ease the accommodation of any future stays.
What is the legal basis for processing your personal data?
Under data protection law, we can only use your personal information if we have
a proper reason for doing so. In order to use your personal information, we
rely on the following legal bases:
- you have given consent to the processing of your data for one or more specific purposes;
- processing is necessary for the performance of a contract to which you are party or in order to take steps at your request prior to entering into a contract;
- processing is necessary for compliance with a legal obligation to which we are subject;
- processing is necessary in order to protect your vital interests, or the vital interests of another individual; and
- processing is necessary for the purpose of the legitimate business purposes pursued by us:
We may use your information to:
- process bookings (and any specific requests) you have made;
- carry out our obligations arising from any contracts entered into by you and us;
- carry out our legal obligations arising from health & safety and security monitoring;
- seek your views or comments on the services we provide;
- notify you of changes to our services;
- record your interactions with us in order to provide personalised experiences to you and improve our services;
- requesting services on your behalf with third parties during your stay
If you do not provide personal information we ask for, it may delay or prevent us from providing the services you have requested to you.
Sharing your personal data
Your personal data will be treated as strictly confidential, and will be shared only with:
- Third Party Service Providers working on our behalf: we may pass your information to our third party service providers, agents, subcontractors and other associated organisations for the purposes of providing services to you on our behalf. However, when we use third party service providers, we disclose only the personal information that is necessary to deliver the service and we ensure appropriate safeguards are in place that requires them to keep your information secure, in accordance with data protection laws, and not to use it for their own direct marketing purposes. Please be reassured that we will not release your information to third parties beyond our approved suppliers, unless you have requested us to do so, or we are required to do so by law, for example, by a court order or for the purposes of prevention of fraud or other crime.
- Law Enforcement/Regulatory Bodies: we may disclose and exchange information with law enforcement agencies and regulatory bodies to comply with our legal and regulatory obligations.
How long do we keep your personal data?
We will hold your personal information on our systems only for as long as is necessary for the relevant activity or to facilitate any future stays, or as long as is set out in any relevant contract you hold with us. We are legally required to hold some types of information to fulfil our legal obligations (e.g. financial record keeping).
Your rights and your personal data
Unless subject to an exemption under the GDPR, you have the
following rights with respect to your personal data: -
- The right to request a copy of your personal data which The Carradale Hotel holds about you;
- The right to request that The Carradale Hotel corrects any personal data if it is found to be inaccurate or out of date;
- The right to request your personal data is erased where it is no longer necessary for The Carradale Hotel to retain such data;
- The right to request that The Carradale Hotel provide the data subject with his/her personal data and where possible, to transmit that data directly to another data controller, (known as the right to data portability).
- The right, where there is a dispute in relation to the accuracy or processing of your personal data, to request a restriction is placed on further processing;
- The right to lodge a complaint with the Information Commissioners Office. (ICO website - https://ico.org.uk/ ICO helpline - 0303 123 1113)
If we wish to use your personal data for a new purpose, not covered by this Data Protection Notice, then we will provide you with a new notice explaining this new use prior to commencing the processing and setting out the relevant purposes and processing conditions.
Where and whenever necessary, we will seek your prior consent to the new processing.
Security precautions in place to protect the loss, misuse or alteration of your Personal Information
- When you give us personal information, we take steps to ensure that it is treated confidentially and held securely.
- Once we have collected your information, we make our best effort to ensure its security on our systems and in physical form. Where data is stored electronically we take steps to ensure your information is accessed only by those who need it to administer your stay. Your personal data is always encrypted when being sent between our systems, this is shown by the lock icon in your web browser when booking online. Where possible your personal data is also encrypted at rest. Where we are storing information about you on physical media i.e. registration card, this is stored securely and access restricted to only those who need it to administer your stay.
- Where we have given (or where you have chosen) a password which enables you to access certain parts of our websites, you are responsible for keeping this password confidential. We ask you not to share your password with anyone.
- Credit or debit card details are encrypted and protected by our card payment provider. When you are entering your card details these are sent to our card payment provider securely, this is shown by the lock icon in your web browser when booking online.
Use of 'cookies'
- It is possible to switch off cookies by setting your browser preferences. Turning cookies off may result in a loss of functionality when using our websites.
What types of cookies are used on this site?
Site Analytics – We use Google Analytics to help analyse use of our website. This analytical tool uses ‘cookies’, which are text files placed on your computer, to collect standard internet log information and visitor behaviour information in an anonymous form. The information generated by the cookie about your use of the website (including your IP address) is transmitted to Google. This information is then used to evaluate visitors’ use of the website and to compile statistical reports on website activity. To opt out of being tracked by Google Analytics across all websites visit http://tools.google.com/dlpage/gaoptout
How do I disable/enable cookies?
You have the ability to accept or decline cookies by modifying the settings in your browser. However, you may not be able to use all the interactive features of our site if cookies are disabled.
There are a number of ways to manage cookies. Please refer to your browser instructions or help screen to learn more about these functions. For example, in Internet Explorer, you can go to the Tools/Internet options/Security and Privacy Tabs to adapt the browser to your expectations. If you use different computers in different locations you will need to ensure that each browser is adjusted to suit your cookie preferences.
Some modern browsers have a feature that will analyse website privacy policies and allow a user to control their privacy needs. These are known as ‘P3P’ features (Privacy Preferences Platform).
Links to other websites
Our website may contain links to other websites. This Policy applies only to our website‚ so we encourage you to read the privacy statements on the other websites you visit. We cannot be responsible for the privacy policies and practices of other sites even if you access them using links from our website.
In addition, if you linked to our website from a third party site, we cannot be responsible for the privacy policies and practices of the owners and operators of that third party site and recommend that you check the policy of that third party site.
We are concerned to protect the privacy of children aged 16 or under. If you are aged 16 or under‚ we will require your parent/guardian's permission beforehand whenever you provide us with personal information.