Here at Craig Manor Hotel, we place a huge importance on respecting and protecting your privacy.
We hope that the policy below is clear in outlining when, how and why we collect your personal information and the way in which we use it and of course, keep it secure.
We are committed to respecting and protecting your privacy and any changes we may make to refresh the policy in the future will be published on this page. Any personal data you give to us for the purposes set out in this Policy will be processed in accordance with this Policy unless stated otherwise at the time of collection.
We would welcome you to contact us with any questions regarding this policy by emailing email@example.com, or by contacting our Privacy Manager via post at Craig Manor Hotel, Lake Road, Windermere, LA23 2JF. Alternatively, please do feel to contact us by phone on 015394 88877.
Who are we
We are Craig Manor Hotel, a family owned hotel and limited company with a registered address as above on Lake Road, Windermere, LA23 2JF.
How do we collect information about you?
When you visit our website (or subdomains), make a reservation, contact us, purchase products from us or visit our hotel, we collect personal data from and about you. This Policy describes what personal data is collected and for which purposes this personal data is processed by Craig Manor Hotel. It also states which rights you have under applicable data protection law.
What type of information is collected from you?
The personal information we collect might include your name, address, email address, booking details, IP address, and information regarding pages that you viewed on our website. If you make a booking online or purchase a gift voucher from us, your card information is not held by us, it is collected by our third-party payment processors, who specialise in secure online capture.
How is your information used?
When you stay at Craig Manor Hotel, your personal data will be stored in (i) centralised systems which are under the control of Craig Manor Hotel and accessible by authorised staff only of Craig Manor Hotel, and (ii) local systems controlled solely by Craig Manor Hotel accessible by authorised staff only. We want to get to know you, because that enables us to make your stay even better, so you may one day decide to return and stay with us. We collect, store and process personal data at two different stages: (i) before you decide to stay at or visit our hotel and (ii) when you stay or have stayed or visited in our hotel.
(i) Before you decide to stay with or visit us
(ii) When you stay or have stayed with or visited us
When you make a reservation, you will have to provide us with your name, your (email) address, phone number, the dates you are staying with or visiting us and a credit card token or other payment information as applicable. We use this personal data to process the reservation, for billing purposes, and to allow us to communicate with you about your reservation. When you stay at or visit Craig Manor Hotel, we will collect personal data about your preferences, use of our services, and location.
Overview of activities under stage (i) and (ii)
We may at each of the stages outlined above use your personal data. For your convenience, we have made an overview of activities that involve the processing of your personal data, and the corresponding legal basis/legal bases that allow/s us to process this data:
|Purpose / Activity
|First of all, we store the personal data you provide to us in our systems for administrative purposes.
|We are legally obliged to ask you to provide us with certain information when you arrive at Craig Manor Hotel. This may include information such as: birth date, nationality, place of residence and date of arrival.
|We will have to verify your identity when you arrive at Craig Manor Hotel. We will use your passport or other identification document. We will not store a copy of your passport, unless to the extent permitted by law.
|We store information of your use of the systems in the guest room to ensure that they work correctly. This information is used by our 24/7 support team for preventative and reactive support purposes.
|We store your personal data in our database(s) until your visit is complete and our contract with you is complete, also after your transaction has been completed and after you have stayed in our hotel, in order to comply with data retention obligations and to be able to contact you about our offers, products and services and welcome you again in the future.
|For many of our business purposes we use cloud-based services. Therefore, for technical and organisational reasons, it may be necessary that your personal data is transferred to servers located in the US, or to servers located in countries outside of the European Economic Area (‘EEA’).
|We process your booking, howsoever made (directly via our website or via a third party (online) travel agent).
|We create a general and simple profile of you on the basis of information disclosed by you via public sources on the internet. We will not use any sensitive personal data that we may collect or derive from your stay or from public sources on the internet.
|We offer and provide services and products you request from us or which we may think you are interested in, via email, telephone or other media. You can subscribe to our newsletter, which contains commercial offers and news of Craig Manor Hotel only. We use the email address you provide to send the newsletter to. If you no longer wish to receive the newsletter, you can use the link provided in every newsletter to unsubscribe.
|We use credit card data or other payment data for invoicing purposes.
|If you would like to park in our car park we may collect your license plate number in order to provide you access to the car park.
|We collect (meta) data on your use of our Wi-Fi services for security and anti-piracy purposes (such as: IP address, your device’s MAC address, connections made, location, etc.). We do not process the content of traffic.
|We collect automatically generated information for statistical (research) purposes. This information tells us how well our services are functioning. This information may be provided to third parties, but only if permitted by law or if this information cannot be traced back to you.
|We track information on your purchases for future use in case you return to Craig Manor Hotel.
|We track and record your use of our, or our affiliates’, (online) services, either through cookies or via other means. Cookies enable us and others to monitor your browsing behaviour. Please read our Cookies Policy for further information on cookies.
|We engage in the advertising and marketing of our brand, company, affiliates, services and/or products both online and offline, possibly via third party service providers. For this, we use your contact details, information on your stay at Craig Manor Hotel and information collected through cookies.
|We endeavour to provide a high level of security of both the information we store as well as our facilities, (IT) systems and premises, by means of encryption, physical security measures, passwords, company procedures and policies and professional IT support. Personal data may be processed in this context Craig Manor Hotel and its vendors.
|We endeavour to prevent our services and facilities (hotels) from being used for illegal purposes, of any kind. Personal data may be processed in this context by Craig Manor Hotel and its vendors, such as through CCTV surveillance.
|We engage in activities required for compliance with legal obligations, third party claims or requests from public authorities, such as (i) the mandatory storage/containment of certain information because of a criminal investigation, (ii) requests from third parties for access to information (iii) any further instructions from third parties, such as supervisory authorities, that involve data processing.
Whenever we process data for any of the purposes above we will ensure that we always keep your Personal Data rights in high regard and take account of these rights. You have the right to object to processing if you wish, and if you would like to do so please email us at firstname.lastname@example.org.
Please bear in mind that if you object this may affect our ability to carry out some of the tasks above for your benefit or provide you with a particular service or product.
Click here to learn more about what we mean by legitimate interests, and when we process your data for our legitimate interests.
Who else has access to your information?
Third Party Service Providers working on behalf of Craig Manor Hotel include – Siteminder for online bookings, Opera as our PMS system, Gift Pro for online gift voucher sales and Guestfolio or Adestra for CRM and the creation of marketing e-newsletters.
We may pass your information to our third party service providers, their agents, subcontractors and other associated organisations for the purposes of completing tasks and providing services to you on our behalf (for example to process bookings, purchases or to send you e-newsletters). However, when we use third party service providers, we disclose only the personal information that is necessary to deliver the service and we have a contract in place with them that complies with our and their legal obligations under the General Data Protection Regulation (GDPR).
Please be reassured that we will not release your information to third parties beyond Craig Manor Hotel for them to use for their own direct marketing purposes, unless you have requested us to do so, or we are required to do so by law, for example, by a court order or for the purposes of prevention of fraud or other crime.
When you are using our secure online booking pages, your booking is processed by Siteminder and Sage World Pay, who specialise in the secure online capture and processing of credit/debit card transactions. If you have any questions regarding secure transactions, please contact us.
How long is your data stored?
We store the data you provide to us on an ongoing basis relevant to the average length between stays and visits to Craig Manor Hotel. On an annual basis, we cleanse our marketing databases and remove data from our lists for the purposes of direct marketing that have not engaged with our marketing communication in any way during the previous two years. We will continue to keep any personal data to do with your purchases from us for a period of 6 years after the purchase or stay.
Right to revoke consent
If we process personal data on the basis of your consent, you have the legal right to revoke such consent at any time. We will then cease the relevant processing activity going forward.
Right of access to your information
If you would like to know what personal data we have collected or process about you, you may request us to provide a copy of your personal data by sending an email to email@example.com. We will ask you to identify yourself. We will not provide you with a copy of such data to the extent that the rights and freedoms of others are or may be adversely affected by such disclosure to you such as the data containing personal data about others.
Right to rectification and erasure of data, and restriction of processing
If you believe that our processing of your personal data is incorrect, inaccurate, unlawful, excessive, incomplete, no longer relevant, or if you think that your data is stored longer than necessary, you may ask us to change or remove such personal data or restrict such processing activity, by sending an email to firstname.lastname@example.org.
Right to data portability
You have the right to receive your personal data, which you have provided to us, in a structured, commonly used and machine-readable format, in accordance with Section 20 of the General Data Protection Regulation.
Right to object
You have the legal right to object, on grounds relating to your particular personal situation, at any time to processing of your personal data which is based on the legal basis of either point (e) or (f) of section 6(1) of the General Data Protection Regulation (i.e. the performance of a task carried out in the public interest; the purposes of our, or a third party’s, legitimate interests) including profiling based on those provisions.
We will only cease the processing if so required under section 21(1) of the General Data Protection Regulation. Furthermore, you have the right to object at any time to our processing of your personal data for direct marketing purposes by either (i) opting out by using the option we provide in the relevant direct marketing message (e.g. an email newsletter), or (ii) by sending an email to email@example.com.
General information relevant for all requests and queries
You must exercise your rights, as explained in this clause, in accordance with applicable law, in particular Section 15, 16, 17, 18, 20 and 21 of the General Data Protection Regulation, if and when it applies. We will solely review your request or query in light of our obligations under applicable mandatory data protection law. Nothing in this Policy is intended to provide you with rights beyond or in addition to your rights as a data subject under applicable mandatory data protection law.
We will use reasonable endeavours to respond to your request or query within one month. We are entitled to extend this term by another two months if the complexity of the situation so requires. If your request is manifestly unfounded or excessive we may either (i) charge you a fee, or (ii) refuse to process your request. With respect to access requests we may also charge you for extra copies. If we decide not to honour your request or answer your query, we will explain our reasons for doing so in our reply.
How you can access and update your information
The accuracy of your information is important to us. If you change email address, or any of the other information we hold is inaccurate or out of date, please email firstname.lastname@example.org, or contact our Privacy Manager via post at Craig Manor Hotel, Lake Road, Windermere, LA23 2JF. Alternatively, please do feel to contact us by phone on 015394 88877.
You have the right to ask for a copy of the information Craig Manor Hotel hold about you at any time.
Security precautions in place to protect the loss, misuse or alteration of your information
When you give us personal information, we take steps to ensure that it is treated securely. Any sensitive information (such as credit or debit card details) is encrypted and protected with appropriate software. When you are on a secure page, a lock icon will appear on the bottom of web browsers such as Microsoft Internet Explorer, Safari or Firefox.
Non-sensitive details (your email address etc.) are transmitted normally over the Internet, and this can never be guaranteed to be 100% secure. As a result, whilst we strive to protect your personal information, we cannot guarantee the security of any information you transmit to us, and you do so at your own risk. Once we receive your information, we make our best effort to ensure its security on our systems.
For the purpose of customer relationship management and campaign effectiveness, we may analyse your personal information to create a profile of your interests and preferences so that we can contact you with information relevant to you. We may make use of additional information about you when it is available from external sources to help us do this effectively. We may also use your personal information to detect and reduce fraud and credit risk.
It is possible to switch off cookies by setting your browser preferences. For more information on how to switch off cookies on your computer, visit our Cookies Policy. Turning cookies off may result in a loss of functionality when using our website.
Links to other websites
Our website may contain links to other websites run by other organisations. This Policy applies only to our website‚ so we encourage you to read the privacy statements on the other websites you visit. We cannot be responsible for the privacy policies and practices of other sites even if you access those using links from our website.
In addition, if you linked to our website from a third party site, we cannot be responsible for the privacy policies and practices of the owners and operators of that third party site and recommend that you check the policy of that third party site.
Our web site may also use Lucky Orange web site recording service. Lucky Orange is a product that has been developed by Lucky Orange Ltd. Lucky Orange may record mouse clicks, mouse movements, page scrolling and any text keyed into website forms. The information collected does not include bank details or any sensitive personal data. Data collected by Lucky Orange is for Craig Manor Hotel’s internal use only. The information collected is used to improve our website usability and is stored and used for aggregated and statistical reporting.
16 and under
We are concerned to protect the privacy of children aged 16 or under. If you are aged 16 or under‚ you will be required to provide parent/guardian’s consent beforehand whenever you provide us with personal information.
Transferring your information outside Europe
As part of the services offered to you through this website, the information which you provide to us may be transferred to countries outside the European Union (“EU”). By way of example, this may happen if any of our servers are from time to time located in a country outside of the EU. These countries may not have similar data protection laws to the UK. When you submit your personal data, you either agree to this transfer, storing or processing or it will be undertaken to enter into or perform a contract to which you are a party or for the purposes of our legitimate interests. If we transfer your information outside of the EU in this way, we will take steps to ensure that appropriate security measures are taken with the aim of ensuring that your privacy rights continue to be protected as outlined in this Policy.
If you use our services while you are outside the EU, your information may be transferred outside the EU in order to provide you with those services.
We are committed to keeping our policy under regular review, this policy was last updated in April 2018.
How to contact us
If you have a complaint to do with your personal data or our use of it please send an email to email@example.com and we will investigate it for you. If you wish you can complain to the Information Commissioner’s Office on ico.org.uk.