PRIVACY POLICY
How we handle your personal information
Shrigley Hall Hotel is committed to safeguarding the privacy of our clients, website visitors and staff; in this policy we explain how we will treat your personal information.
1.Who are we
1. Shrigley Hall Hotel is registered in England and Wales under registration number 09174105 and our registered office is at Shrigley Hall Hotel & Spa, Pott Shrigley, Cheshire, SK10 5SB
2. You can contact us by using our website contact form, by email at marketing@shrigleyhallhotel.co.uk or by telephone on 01625 575757
Our website is owned and operated by Shrigley Hall Hotel
3. What personal information we collect
We may collect, store and use the following kinds of personal information:
a. information that you provide to us when using our services, or that is generated in the course of the use of those services
b. information relating to any purchases you make of our services
c. information contained in or relating to any communications that you send to us or send through our website (including the communication content and meta data associated with the communication)
d. information about your computer and about your visits to and use of this website
e. any other personal information that you choose to provide to us
f. information about staff employed by Shrigley Hall Hotel to manage their employment
2.How we use your personal information
1. We may use your personal information to:
a. send statements, invoices and payment reminders to you, and collect payments from you
b. send you non-marketing commercial communications
c. send you email notifications that you have specifically requested
d. send you marketing communications relating to our business which we think may be of interest to you, by post or, where you have specifically agreed to this, by email or similar technology (you can inform us at any time if you no longer require marketing communications)
e. deal with enquiries and complaints made by or about you relating to our website or any other service provided to you by Shrigley Hall Hotel
f. to support your rights under Data Protection law in relation to our use of your personal information (see section 9 below)
g. manage your employment (where you are a member of staff employed by Shrigley Hall Hotel or working with Shrigley Hall Hotel)
h. administer our website and business including:
1. personalising our website for you
2. enabling your use of the services available on our website
3. keeping our website secure and preventing fraud
2. Personal information submitted to us through our website will be used for the purposes specified in this policy or on the relevant pages of the website.
3. We will not, without your express consent, supply your personal information to any third party for the purpose of their or any other third party’s direct marketing.
4. The personal data we hold about you will only be used in line with the purposes detailed above and the legal basis for this will be either for the administration of a contract we have in place with you or in line with the legitimate interests of our business in providing information governance and IT Security services (ensuring that this does not impact on your rights or freedoms in relation to privacy) or disclosed as required by law (as detailed in section 5).
5. Shrigley Hall Hotel have no reason to process sensitive information (special categories or criminal convictions data) about you
3. Disclosing personal information
1. We may disclose your personal information to any of our employees, officers, insurers, professional advisers, agents, suppliers or subcontractors insofar as reasonably necessary for the purposes set out in this policy.
2. We may disclose your personal information:
1. to the extent that we are required to do so by law
2. in connection with any ongoing or prospective legal proceedings
3. in order to establish, exercise or defend our legal rights (including providing information to others for the purposes of fraud prevention and reducing credit risk)
4. to any person who we reasonably believe may apply to a court or other competent authority for disclosure of that personal information where, in our reasonable opinion, such court or authority would be reasonably likely to order disclosure of that personal information
3. Except as provided in this policy, we will not provide your personal information to third parties
4. International data transfers
1. Information that we collect will only be stored and processed within the UK and is protected by UK Data Protection laws.
5. Retaining personal information
1. This section sets out our data retention policies and procedure, which are designed to help ensure that we comply with our legal obligations in relation to the retention and deletion of personal information.
2. Personal information that we process for any purpose or purposes shall not be kept for longer than is necessary for that purpose or those purposes.
3. Notwithstanding the other provisions of this section, we will retain documents (including electronic documents) containing personal data:
a. to the extent that we are required to do so by law
b. if we believe that the documents may be relevant to any ongoing or prospective legal proceeding
c. in order to establish, exercise or defend our legal rights (including providing information to others for the purposes of fraud prevention and reducing credit risk)
d. to support the ongoing business purposes of Shrigley Hall Hotel as specified in section 4 (with due consideration for the rights and freedoms of individuals privacy)
4. If you would like further details of how personal data is retained by our organisation, please contact us directly.
6. Security of your personal information
1. We will take all reasonable technical and organisational precautions to prevent the loss, misuse or alteration of your personal information.
2. We will store all the personal information you provide on our secure servers.
3. You acknowledge that the transmission of information over the internet is inherently insecure, and we cannot guarantee the security of data sent to us over the internet.
7. Your rights
1. You have a number of rights under the Data Protection Act including:
a. The right to be informed about the collection and use of your personal data e.g. via this privacy notice
b. The right to access your personal data
c. The right to have any inaccurate personal data rectified, or completed if it is incomplete
d. The right to have your personal data erased in certain circumstances
e. The right to request the restriction or suppression of their personal data in certain circumstances
f. The right to data portability – to obtain and reuse your personal data for your own purposes across different services
g. The right to object to our use of your information in certain circumstances e.g. for marketing or profiling purposes
2. If you would like to access your own personal information or exercise any of the rights detailed above please contact us by email on marketing@shrigleyhallhotel.co.uk or by telephone on 01625 575757
3. In the majority of cases, we will respond to your request within 30 days after receiving the necessary information required to deal with your request
4. We may ask you to supply appropriate evidence of your identity (for this purpose, we will usually accept a photocopy of your passport plus an original copy of a utility bill showing your current address) and any additional information to help us to deal with your request effectively.
5. There may be some exemptions to dealing with your rights as specified in Data Protection law, but Shrigley Hall Hotel will ensure you are fully informed of this within 30 days of receiving your request.
6. We do not carry out any profiling or automated decision making based on your personal data
7. Full information on your rights under the Data Protection Act can be found from the following link:
https://ico.org.uk/for-organisations/guide-to-the-general-data-protection-regulation-gdpr/individual-rights/
8. Third party websites
1. Our website includes hyperlinks to, and details of, third party websites.
2. We have no control over, and are not responsible for, the privacy policies and practices of third parties.