Privacy and Cookies Policy

This website uses cookies to enhance your user experience.

Classic Lodges Limited
Privacy notice
24 May 2018

1. Introduction

Classic Lodges Limited (the ‘Company’, ‘us’ or ‘our’) is a company registered in Scotland with company number SC141222, VAT registration number 643834918.

The Company’s registered office is Quartermile One, 15 Lauriston Place, Edinburgh, EH3 9EP. The Company’s head office is Blenheim House, Ackhurst Park, Foxhole Road, Chorley PR7 1NY.

The Company is the owner and operator of a number of hotels and in the course of operating its business it collects a wide variety of personal information from a wide range of sources in order to run its business activities.

The company is registered as a data controller with the Information Commissioner in the UK with registration number ZA191633. This registration covers the uses of personal information set out below.

This privacy notice explains what personal information we collect about you, how we use it and the steps we take to ensure that it is kept secure, it also explains the rights you have in respect of the personal information we hold about you and how to contact us.

This privacy notice is subject to periodic review. The date at the top of this page reflects when it was last updated.  We will notify you by email if we make any substantial changes to this notice.

2. What is Personal Information

Personal information is any information which we collect about you that can be used to identify you and is stored either electronically or in a usable filing system.

This will include information such as your name, contact details and payment details that is collected by us about you for any reason, whether it be in connection with a hotel booking, marketing or when you contact us.

It is our intention to provide you with as much information as possible about what we do with your personal information, so that when you provide personal information to us, you do so with an awareness of how it will be used.

3. Personal information we collect and what we do with it

We collect personal information about you from various sources including:

  • from you when you contact us directly through our website, in a telephone conversation, guest registration, comments cards and loyalty cards;
  • when you make a booking with us using a third party booking website for example: Booking.com, Expedia, Laterooms, Travelclick (list is not exhaustive).
  • when you purchase vouchers online on our website through our commercial partner Shopify’s merchant and payment services

Where we receive personal information from our third party internet booking partners and voucher providers, you will know who these partners are as you will have booked your stay with us, or purchased vouchers for us through them. These partners are controllers of your personal information and will have their own privacy notices on how they use your personal information, which we will have no control or say over. We recommend you contact them for details regarding your personal information use. Please note we only receive your name from our internet booking partners; they will not provide us with your contact details or payment details and any communications we have with you prior to your stay will be through their booking platform. Our voucher provider, Shopify, provides us with your address as well as your name. Shopify is based in Canada and may transfer your personal information to Canada and the USA. Please note that Canada is considered a safe country to transfer personal information to under EU data protection laws and Shopify is party to the EU-US Privacy Shield, which is an EU approved privacy certification scheme. If you would like to find out more about how Shopify shares your personal information, please visit https://www.shopify.com/legal/privacy

We aim to only collect information that is necessary for us to perform our business operations efficiently and effectively.

We collect the following categories of information about you:

  • Personal contact details such as name, title, address, telephone number and personal email addresses
  • Payment card information
  • CCTV footage

We use your information for the following purposes:

  • To comply with legal obligations in connection with guest registration, including for fire and emergency purposes
  • To process bookings at our hotels in accordance with our contractual relationship
  • To process your details for loyalty card purposes and various customer offers
  • To process your details for marketing mailshots to keep you informed of offers across our hotels, unless you have chosen to opt out

Your personal information is stored on secure networks, protected by firewalls, virus checking, anti-spyware and security updates and there are regular secure back-ups. In certain instances, it may also be stored on local drives, in which case the relevant files are password encrypted.

We will ensure access to personal information is restricted to employees working within our group on a need to know basis.  Training will be provided to any employees working within the group who need access to your personal data to ensure it is secured at all times.

 4. Legal basis that permits us to use your information

Under data protection legislation we are only permitted to use your personal information if we have a legal basis for doing so as set out in the data protection legislation. We rely on the following legal bases to use your information:

  • Where we need information to perform the contract we have entered into with you.
  • Where we need to comply with a legal obligation.
  • Where it is necessary for our legitimate interests (or those of a third party) and your interests and fundamental rights do not override those interests.

In more limited circumstances we may also rely on the following legal bases:

  • Where we need to protect your interests (or someone else's interests).
  • Where it is needed in the public interest or for official purposes.

We need some of your personal information in order to perform our contract with you. For example, we need to know your payment card details so that you can pay us. We also need some information so that we can comply with our legal obligations, for example, for fire and emergency purposes.

Where information is needed for these purposes if you do not provide it we will not be able to perform our contract with you.

5. Our marketing activities

If you have made a purchase from us, or have made an enquiry, we will have given you a clear opportunity to object or opt-out of receiving marketing communications at the time of collecting your personal information.  If you have not opted out of receiving the marketing communication, we will contact you by email or telephone in our legitimate interests to promote our products and services that are relevant to your purchase or enquiry. You have the right to object to receiving these communications at any time by contacting us using the details listed in section 11.

In addition to your right to object, if you ever decide you no longer wish to receive our marketing communications, you can opt out at any time by unsubscribing from the mailing list, using the link provided in the marketing communications email, or by using the contact details in section 11. If you do unsubscribe, please note that we will still keep your email details in a separate secure list so that we can make sure that you do not receive our marketing communications again in the future.

6. How we share your information and how long we keep it

We share your personal information in our legitimate interests with our service providers and processors in the following ways:

  • With other associated companies within the same group
  • Our guest profiles are electronically stored on Rezlynx, a Guestline property management system.
  • Our website is hosted by Thinkology.
  • We use Mailchimp to manage our marketing communications on our behalf.

Where we share your personal information with our service providers and processors, we ensure that we have appropriate measures in place to safeguard your personal information and to ensure that it is solely used in accordance with our instructions and in line with this privacy notice.

We also share your personal information in our legitimate interests with providers of merchant and payment services, for example: Worldpay, First Data, Realex and Elavon Merchant Services (list is not exhaustive), when you make a payment to us.

These providers are controllers of your personal information and will have their own privacy notices on how they use your personal information, which we will have no control or say over. We recommend you contact them for details regarding your personal information use.

We do not currently transfer any data to countries outside of the UK and European Economic Area, other than in the case of Mailchimp covered below.

The Rocket Science Group LLC (Mailchimp) provides marketing communications processing services to us. They are based in the US and information may be transferred outside the EEA to them or any of their sub processors in order to facilitate this processing. Mailchimp is party to the EU-US Privacy Shield, which is an EU approved privacy certification scheme. We will ensure that appropriate  safeguards are put in place to protect your personal information in accordance with the GDPR.

We keep your personal information for a period of up to 7 years from the last contact from you to us. At the end of that period, we will either automatically erase your personal information or we will communicate with you and give you the option for you to request that we erase your personal information.

7. Our website

7.1 Cookies

The Company uses cookies and similar tools across our website to improve their performance and enhance your user experience. Cookies allow it to recognise returning system users and customise their experience. Cookies can collect and use data.

 A cookie is a simple text file that is stored on a user’s computer (or mobile device) that is created when a user visits a website using a program called a browser. A cookie isn’t a program itself and doesn’t actively do anything on a user’s computer. A cookie cannot be used to identify a user personally but they do contribute to improving a user’s experience of a website. A cookie simply allows the website to read the contents of the cookie text file. The text file itself simply contains a unique identifier code; the site name and some digits and numbers.

 Most websites will use cookies in order to improve the user experience by enabling the website to ‘remember’ the user, either for the duration of the visit or for repeat visits. Cookies do lots of different jobs, such as:

- Remembering what items a user may have added to a shopping basket or an itinerary as the user moves between pages on a website

- Saving a user’s preferences to allow them to customise a website

- Measuring what users do on a website to ascertain which parts of a website are popular, how long they spend on a website, how often users return, where they come from etc.

Cookies are set by our website (first party cookies) but may also be set by other websites that run content on our website’s pages (third party cookies). Cookies can be set to remember a visitor for the duration of their visit (session cookies) or to remember a visitor for repeat visits (persistent cookies).

The standard cookies used by our website can be found using the following link

https://www.classiclodges.co.uk/media/5635/cookies-information.pdf

Cookies can be disabled and each browser has different settings which allow a user to adjust their particular cookie permissions.

7.2 Social Media

Any information you provide to us via social media (including messaging, "liking", "following" and other communications) is controlled by the relevant social media network.

We recommend that you read their privacy notices and contact them directly if you have any concerns regarding their use of your personal information.

Our website contains links to our social media pages and we currently use:

7.2.1     Twitter, whose privacy notice can be found at https://twitter.com/en/privacyhttps://twitter.com/en/privacy

7.2.2     Facebook, whose privacy notice can be found at https://engb.facebook.com/privacy/explanation

7.2.3     Instagram, whose privacy notice can be found at https://help.instagram.com/155833707900388

7.2.4     YouTube, whose privacy notice can be found at https://www.youtube.com/static?template=privacy_guidelines

8. Disclosure of personal information

We will not usually disclose your personal information other than as already explained in Section 6 above. However, there may be circumstances where we need to share personal information other than as anticipated in Section 6 above. These include:

8.1 where we are legally required to disclose the information. This includes sharing the personal information with tax authorities and law                     enforcement agencies for the purposes of the prevention and detection of crime;

8.2 where we need to disclose the personal information for the purpose of or in connection with any legal proceedings, or for the purpose of         obtaining legal advice, or the disclosure is otherwise necessary for the purposes of establishing, exercising or defending legal rights;

8.3 disclosure is required to protect our interests, or someone else's interests (for example, to prevent fraud);

8.4 disclosure is necessary in the legitimate interests of a third party for the purposes of crime prevention and the prosecution of offenders              (for example, where the police request to view CCTV footage around the time of an incident or crime);

8.5 disclosure is necessary to protect your vital interests (for example if you are unwell at our premises, we may need to seek medical                  assistance);

8.6 it is to a third party for the purposes of providing administrative or processing services on our behalf. If such disclosure is required we will           take steps to ensure that the third party protects the personal information in the same way that we do and notify you of any changes to this       privacy notice; and

8.7 to any prospective purchaser of our business assets or organisation.

9. Your rights

You have rights in respect of your personal information and this section explains a bit more about those rights that are applicable to you, what we do with your personal information and when you can exercise them. If you would like more information about any of your rights, please contact us on the details set out section 11.

9.1 Accessing your personal information

We want you to fully understand and be comfortable with how we use your personal information. You can contact us at any time to ask whether we process any personal information about you. If we do hold or use your personal information in any way, you have the right to access that personal information. All we ask is that:

9.1.1 you make your request to access in writing to the contact details in section 11;

9.1.2 you verify your identity; and

9.1.3 you are fair and reasonable with how often you make this kind of request.

Please allow us up to one month from receipt of your request in order to provide a response.

9.2 Requesting more information

We hope that you can understand that it is very difficult to cover all the possible ways in which we collect and use personal information. We have tried to be as clear and as open as we can and will continue to update this privacy notice as our use of personal information develops. However, if you have any questions regarding our use of your personal information, we will be happy to give you peace of mind by answering any questions or providing any additional information that we can. If you do have any specific questions, or need anything explaining, please get in touch on the contact details in section 11.

9.3 Additional rights

You also have some additional rights that you may exercise as set out here. We may publish a policy from time to time, to explain how we will handle such requests and what you can expect from us when you make a request to exercise your rights. If we do publish any such policy, we will provide a link to it here. In each instance we may ask you to make your request in writing to the contact addresses in section 11 and provide verification of your identity.

9.3.1 You have the right to request that we rectify any inaccuracy about you that we may hold, in which case we may ask you to verify the corrected information (for example, we may ask for a recent utility bill for proof of change of address)

9.3.2 You have the right to request that we erase your personal information. Please be aware that we can only comply with such a request if

9.3.2.1 your personal information is no longer required for the purposes it was collected for (for example, we need your personal information to respond to a communication);

9.3.2.2 the collection, storage or use of the personal information by us is prevented by law;

9.3.2.3 your personal information is not required for the purposes of establishing, exercising or defending a legal claim such as in the conduct of legal proceedings.

9.3.3 You have the right to request that we restrict or refrain from processing your personal information:

9.3.3.1 for the time it takes us to verify the accuracy of your personal information where you have disputed its accuracy;

9.3.3.2 where the collection, storage or use of the personal information by us is unlawful but you decide not to ask for erasure;

9.3.3.3 where, we no longer need your personal information but you need them for the purposes of establishing, exercising or defending a legal claim;

9.3.3.4 for the time it takes to determine whether we have an have an overriding legitimate ground to continue to process your personal information, where you have exercised your right to object to processing.

9.3.4 You have the right to data portability in respect of information we have collected from you based on consent or for the reason of entering into a contract. If you exercise this right, we will transfer a copy of the information that you have provided to us ­­­at your request.

9.3.5 You have the right to object to our use of your personal information:

9.3.5.1 where we are using that information based on our legitimate interests, and where we do not have compelling overriding grounds to continue to use your personal information; or

9.3.5.2 at any time, where we use your personal information to send you the newsletter or any other type of direct marketing in which case it will no longer be used for that purpose, but may use it for another lawful purpose.

9.3.5.3 which case it will no longer be used for that purpose, but may use it for another lawful purpose.

10. Complaints

You are important to us, and so is protecting your personal information. We have high standards when it comes to collecting and using personal information. For this reason, we take any complaints we receive from you about our use of your personal information very seriously and request that you bring any issues to our attention.

Where you are communicating with us for the purpose of making a complaint, we will only use your personal information to handle, investigate and respond to the complaint and to check on the level of service we provide. Where the complaint is about a member of our team, we may have to disclose your identity to whoever the complaint is about. You may let us know that you don't want information that identifies you to be disclosed and we will try to respect your request; however, it may not be always possible to handle a complaint on an anonymous basis.

If you are unhappy, you can also contact the Information Commissioner's office to make a complaint directly. 

11. How to contact us

Please contact us using the details below if you have any questions or queries in relation to any aspect of this privacy notice:
Post:
Anthony Massey, Classic Lodges Limited, Blenheim House, Ackhurst Park, Foxhole
Road, Chorley PR7 1NY.

Email: AMassey@Classiclodges.co.uk

Telephone: 01257 238400

 

test