Privacy and Data Policy

In accordance with the General Data Protection Regulation (GDPR) that comes into force in May 2018 this policy conforms to the regulations required. This policy applies to The Stable Annexe self-catering accommodation. It explains what personal data we collect about you and how we use it.

 

Who we are?

We are a holiday let providing self-catering accommodation for visitors to the local area. We have a website and a Facebook page which are used to advertise our services and for limited marketing purposes. We are liked into other local service providers and to Airbnb. Bookings are made either directly through us or via Airbnb  

 

What personal data do we collect and store about you, and how we collect it.

We are required by law to keep records of guest name, address, email and phone number, nationality and passport number (if coming from abroad).  These details are used to book accommodation, arrange payment, if there is a problem or query about a booking, a cancellation by the owner or guest. This information is collected at the time of a booking being made. If a booking is made by a third party booking agency they hold the information. We keep billing addresses for invoicing purposes. invoices are kept for tax information for the required legal periods.

 

Information is not used for marketing or advertising purposes. We do not use email shots. We only contact guests if they request or consent to us contacting them.

Any information that we hold is will be regarded as confidential and will not passed onto a third party unless it is with the consent of the guest. We do not sell or share personal information about you.

 

Data security and credit cards

Bookings made though a third-party agency are under the control of that agency. We receive notification of a booking and payment is made by the agency. Credit card details are not shared by the third party.

Payments made to us directly are done securely via credit card, using a card machine and card details are not kept or stored.  If BACS are used the information is securely stored until payment has been received and then destroyed.

 

How we will use the data.

We use your data to confirm and arrange bookings, in case of cancellations or changes to bookings. We will not share your data with any 3rd party individual or organisation without asking you first, and receiving your reply. We will process your data in order to comply with any legal requirements if required for an investigation or legal process.  

 

How do we keep your data?

We keep guest’s information for 12 months. Information held electronically is password protected. Information held manually is shredded.

Bookings are made direct or through a third party. Our main third-party bookings are through Airbnb. They have a robust privacy policy which can be viewed at their website.  They hold details of guests who have chosen to book our premises. Registration details have to be kept legally but are destroyed after 12 months

Guest information is held on a manual filing system or on a 3rd party data base. Invoices are held electronically and are stored securely and kept for the time specified by HMRC and for accounting purposes.

 

How to check or change the data held for you.

If you need to check or update you details, please contact us at the address above or via email.

You have the right to request a copy of the information we hold about you. If you would like a copy of all the information we hold, please write to us at the above address.  There will be an administration charge of £5.

 

Your consent

By submitting your personal information to us you consent to the use of that information as set out in this policy. We keep our policy under review and if we change it we will post the changes to our website and give notice as appropriate so that you will be aware of the information we collect and how it is used.

 

Website and social media

The website and Facebook page issued to collect information or for marketing purposes. Cookies are not used. User journeys are not tracked.

We do not use Google analytics.  Facebook analytics are used to provide some statistics on site traffic and trends. There are links to other websites such as Trip Advisor and the Facebook page. This privacy policy only applies to our website so when you link to other websites you should read their own privacy policies.

Social media is used to advertise the property but viewer information is not shared.

Visitor reviews are used to monitor the quality of the service we provide and sometimes published on social media but the reviewer is not identified and it is kept anonymous. These reviews already appear in public places such as Airbnb or Trip Advisor. Reviews appear on Trip Advisor or Airbnb. (See their privacy policies) reviews are voluntary and they are aware these are made public on 3rd party sites.

We use CCTV cameras outside the property for security purposes (A precaution against burglaries and for the guests and owner’s security). The owner monitors CCTV material and it is only kept for a month. A sign is displayed to make guests aware of the cameras

 

How you can access or change your information.

You have the right to request a copy of the information we hold about you. You have the right to change details or have information removed. If you would like a copy of all the information we hold, please write to us at the above address. There will be an administration charge of £5.

This policy is reviewed annually

Data Protection Officer Jackie Tweedale

 

Data breach

If a breach of data occurs we are required to notify the Information Commissioners Office within 72 hours of first having become aware of the breach where that breach is likely to “result in a risk for the rights and freedoms of individuals”. For any breach, we are required to notify the customers without undue delay after first becoming aware of a data breach. We will do this in writing to the last known address given to us at the time of booking