Privacy, Cookies & GDPR | St. David's Hotels

+44(0)20 7723 3856 | info@stdavidshotels.com

Privacy, Cookies & GDPR

Privacy Policy

The Border Hotel Limited (“We”) are committed to protecting and respecting your privacy.

This policy (together with any terms of use) sets out the basis on which any personal data we collect from you, or that you provide to us, will be processed by us. Please read the following carefully to understand our views and practices regarding your personal data and how we will treat it. By continuing to use our Website (as defined below), you are agreeing to this policy.

For the purpose of the Data Protection Act 1998 (the Act), the data controller is The Border Hotel Limited of 14-20 Norfolk Square, Paddington, London W2 1RS with company number 3086606.

Information we may collect from you

We may collect and process the following data about you:

  • Information that you provide by filling in forms on our site www.stdavidshotels.com (our Website). This includes information provided at the time of, by way of example, registering to use our Website, subscribing to our service, posting material or requesting further services.
  • We may also ask you for information when you enter a competition or promotion sponsored by The Border Hotel Limited (if applicable), or if you report a problem with our Website.
  • If you contact us, we may keep a record of that correspondence.
  • We may also ask you to complete surveys that we use for research purposes, although you do not have to respond to them.
  • Where applicable, where our Website is an ecommerce site, details of transactions you carry out through our Website and of the fulfilment of your orders.
  • Details of your visits to our Website including, but not limited to, traffic data, location data, weblogs and other communication data, whether this is required for our own billing purposes or otherwise and the resources that you access.
  • IP addresses

    We may collect information about your computer, including where available your IP address, operating system and browser type, for system administration and to report aggregate information to our advertisers. This is statistical data about our users’ browsing actions and patterns, and does not identify any individual.

    Cookies

    Our Website uses cookies to distinguish you from other users of our Website. This helps us to provide you with a good experience when you browse our Website and also allows us to improve our Website.

    Certain features of our Website depend upon cookies to function and are deemed, within the law, as strictly necessary (essential cookies).

    A cookie is a small file of letters and numbers that we store on your browser or the hard drive of your computer if you agree. Cookies contain information that is transferred to your computer’s hard drive.

    The cookies we use are “analytical” cookies. They allow us to recognise and count the number of visitors and to see how visitors move around the Website when they are using it. This helps us to improve the way our Website works, for example, by ensuring that users are finding what they are looking for easily.

    We may use the following cookies on our Website:

  • Strictly necessary cookies – These are cookies that are required for the operation of our Website and are deemed, within the law, to be strictly necessary. They include, for example, cookies that enable you to log into secure areas of our Website and other essential cookies.
  • Analytical/performance cookies – They allow us to recognise and count the number of visitors and to see how visitors move around our Website when they are using it. This helps us to improve the way our Website works, for example, by ensuring that users are finding what they are looking for easily.
  • Functionality cookies – These are used to recognise you when you return to our Website. This enables us to personalise our content for you, greet you by name and remember your preferences (for example, your choice of language or region).
  • Targeting cookies – These cookies record your visit to our Website, the pages you have visited and the links you have followed. We will use this information to make our Website and the advertising displayed on it (if applicable) more relevant to your interests. We may also share this information with third parties for this purpose.
  • Please note that our advertisers may also use cookies, over which we have no control.

    You can block cookies by activating the setting on your browser that allows you to refuse the setting of all or some cookies. However, if you use your browser settings to block all cookies (including essential cookies) you may not be able to access all or parts of our Website or have a better browsing experience and internet service from us.

    Where we store your personal data

    The data we collect from you may be transferred to, and/or stored at, a destination outside the European Economic Area (EEA). It may also be processed by staff operating outside the EEA who work for us, other members of our group, or for one of our suppliers. By submitting your personal data, you agree to this transfer. We will take all steps reasonably necessary and within our reasonable control to ensure that where we act as data controller your data is treated securely and in accordance with this privacy policy. Information you provide to us is stored on our servers or those of our subcontractors.

    Where our Website is an ecommerce site, all information you provide to us is stored on our secure servers. Any payment transactions will be encrypted using SSL technology. Where we have given you (or where you have chosen) a password which enables you to access certain parts of our Website, you are responsible for keeping this password confidential. We ask you not to share a password with anyone.

    Unfortunately, the transmission of information via the internet is not completely secure. Although we will do our best to protect your personal data, we cannot guarantee the security of your data transmitted to our Website; any transmission is at your own risk. Once we have received your information, we will use strict procedures and security features to try to prevent unauthorised access.

    Uses made of the information

    We use information held about you in the following ways:

  • To ensure that content from our Website is presented in the most effective manner for you and for your computer.
  • To provide you with information, products or services that you request from us or which we feel may interest you, where you have consented to be contacted for such purposes.
  • To carry out our obligations arising from any contracts entered into between you and us.
  • To allow you to participate in interactive features of our service, when you choose to do so.
  • To notify you about changes to our service.
  • We may also use your data, or permit selected third parties to use your data, to provide you with information about goods and services which may be of interest to you and we or they may contact you about these by post or telephone.
  • Before providing your data to us, you will be presented with certain tick boxes in respect of our different methods of marketing. If you do not want us to use your data for any of the reasons listed, please refrain from giving us your consent.
  • We do not disclose information about identifiable individuals to our advertisers, but we may provide them with aggregate information about our users (for example, we may inform them that 500 men aged under 30 have clicked on their advertisement on any given day).
  • Intended use of personal data

    Most of our services do not require any form of registration, allowing you to visit our site without telling us who you are. However, some services may require you to provide us with Personal Data. In these situations, if you choose to withhold any Personal Data requested by us, it may not be possible for you to gain access to certain parts of the site and for us to respond to your queries appropriately.

    We may collect and use Personal Data to provide you with products or services, to bill you for products and services you request, to market products and services which we think may be of interest to you or to communicate with you for other purposes which we will inform you of when we collect Personal Data from you.

    For further information, please visit General Data Protection Regulation (GDPR).

    Disclosure of your information

    In accordance with the General Data Protection Regulation (GDPR), we will not sell, share, or distribute your Personal Data to third parties except as provided in this Privacy Policy. We may disclose your Personal Data to other divisions that agree to treat it in accordance with this Privacy Policy. Personal Data may also be transferred to third parties who act for or on our behalf, for further processing in accordance with the purpose(s) for which the data were originally collected or may otherwise be lawfully processed, such as services delivery, evaluating the usefulness of this website, marketing, data management or technical support. These third parties have contracted with us to only use Personal Data for the agreed upon purpose and not to sell your Personal Information to third parties, and not to disclose it to third parties except as may be required by law, as permitted by us or as stated in this Privacy Policy.

    Personal Data collected from you may also be transferred to a third party in the event that the business of this site or a part of it and the customer data connected with it is sold, assigned or transferred, in which case we would require the buyer, assignee or transferee to treat Personal Data in accordance with this Privacy Policy. Also, Personal Data may be disclosed to a third party if we are required to do so because of an applicable law, court order or governmental regulation, or if such disclosure is otherwise necessary in support of any criminal or other legal investigation or proceeding here or abroad

    In the event that we sell or buy any business or assets, in which case we may disclose your personal data to the prospective seller or buyer of such business or assets.

    If The Border Hotel Limited or substantially all of its assets are acquired by a third party, in which case personal data held by it about its customers/users will be one of the transferred assets.

    If we are under a duty to disclose or share your personal data in order to comply with any legal obligation, or in order to enforce or apply our terms of use or any other agreements or terms; or to protect the rights, property, or safety of The Border Hotel Limited, our customers/users, or others. This includes exchanging information with other companies and organisations for the purposes of fraud protection and credit risk reduction.

    Your rights

    Whenever we process Personal Data, we take reasonable steps to ensure that your Personal Data is kept accurate and up-to date for the purposes for which it was collected. We will provide you with the ability to object to the processing of your Personal Data if such processing is not reasonably required for a legitimate business purpose as described in this policy or our compliance with law. In the case of electronic direct marketing, we will provide you with a method to opt out of receiving further marketing materials or with a method to ‘opt-in’ if required by Law and the General Data Protection Regulation (GDPR).

    If you wish to contact us regarding our use of your Personal Data or object to the processing of your Personal Data, please email us at hotel@stdavidshotels.com. If you contact us, please note the specific information you would like us to correct, update or delete plus a proper identification of yourself. Requests to delete personal data will be subject to any applicable legal and ethical reporting or document filing or retention obligations imposed on us.

    Access to information

    If you wish to access the information we hold for you, please contact hotel@stdavidshotels.com. If you contact us, please note the specific information you would like us to correct, update or delete providing suitable identification of yourself. In accordance with the General Data Protection Regulation (Privacy Policy), requests to delete personal data will be subject to any applicable legal and ethical reporting or document filing or retention obligations imposed on us.

    Changes to our privacy policy

    We reserve the right to change this privacy policy from time to time, without prior notice, by changing it on our Website.

    Contact

    Questions, comments and requests regarding this privacy policy are welcomed and should be addressed to hotel@stdavidshotels.com.

    ——————————————————————–

    General Data Protection Regulation (GDPR)

    The Border Hotel Limited (“We”) are committed to protecting and respecting your privacy.

    On May 25th 2018, a new European privacy regulation called the General Data Protection Regulation (GDPR) came into effect. GDPR applies to companies that are based in the EU and global companies that process personal data about individuals in the EU. It provides citizens of the EU with greater control over their personal data and assurances that their information is being securely protected across Europe.

    For the purpose of the Data Protection Act 1998 (the Act), the data controller is The Border Hotel Limited of 14-20 Norfolk Square, Paddington, London W2 1RS with company number 3086606.

    Our promise and preparation

    As a company, we comply with all previous EU Data Protection Law (1998 Act) and will continue to comply with new GDPR Law (2018 Act), by doing the following:

    • Providing customers’ the right to access – this means that individuals have the right to request access to their personal data and to ask how their data is used by The Border Hotel Limited after it has been gathered. The Border Hotel Limited will at all times provide a copy of the personal data, free of charge and in electronic format when requested.
    • Providing customers’ the right to be forgotten – if consumers are no longer customers, or if they withdraw their consent from The Border Hotel Limited to use their personal data, then they have the right to have their data deleted.
    • Providing customers’ the right to data portability – individuals have a right to transfer their data from one service provider to another and it must happen in a commonly used and machine readable format.
    • Providing customers’ the right to be informed – this covers any gathering of data by The Border Hotel Limited and all individuals must be informed before data is gathered. Consumers have to double ‘opt-in’ for their data to be gathered and consent must be freely given rather than implied.
    • Providing customers’ the right to have information corrected – this ensures that individuals can have their data updated if it is out-of-date, incomplete or incorrect.
    • Providing customers’ the right to restrict processing – individuals can request that their data is not used for processing and that their records can remain in place, but not be used.
    • Providing customers’ the right to object – this includes the right of individuals to stop the processing of their data for direct marketing. There are no exemptions to this rule and any processing must stop as soon as the request is received. In addition, this right must be made clear to individuals at the very start of any communication.
    • Providing customers’ the right to be notified – if there has been a data breach which compromises an individual’s personal data, the individual has a right to be informed within 72 hours of first having become aware of the breach.

    Map our company’s data

    We mapped and continue to map where all of the personal data in our entire business comes from and document what we do with the data. We identify where all this data resides, who can access it and if there are any risks to the data.

    Data we process

    As a mail order online retailer, for us to be able to process customer orders and deliveries, we require certain information. At the time of purchase, you will be required to provide us with personal information:

    • Contact details (full name, email address and telephone number), to fulfil orders correctly.
    • Address details (billing and shipping address), for fraud protection and card processing requirements.

    Additional information such as your Date of Birth may also be asked for. This is because some of our products/services are age restricted and this is to ensure that one purchasing is over the legal age relevant to our website.

    In addition to holding your personal details on file (so as to process orders), there are other forms and submit requests such as ‘Contact Us’ and ‘Newsletter’ forms/fields. This information will be kept on file, so please be aware that by providing us with your details you have consented that you are happy for us to store this information. However, please note that under new GDPR legislation, you are able to remove your details from our system at any time.

    Where we store your personal data

    The data we collect from you may be transferred to, and/or stored at, a destination outside the European Economic Area (EEA). It may also be processed by staff operating outside the EEA who work for us, other members of our group, or for one of our suppliers. By submitting your personal data, you agree to this transfer. We will take all steps reasonably necessary and within our reasonable control to ensure that where we act as data controller your data is treated securely and in accordance with this privacy policy. Information you provide to us is stored on our servers or those of our subcontractors.

    Where our Website is an ecommerce site, all information you provide to us is stored on our secure servers. Any payment transactions will be encrypted using SSL technology. Where we have given you (or where you have chosen) a password which enables you to access certain parts of our Website, you are responsible for keeping this password confidential. We ask you not to share a password with anyone.

    Unfortunately, the transmission of information via the internet is not completely secure. Although we will do our best to protect your personal data, we cannot guarantee the security of your data transmitted to our Website; any transmission is at your own risk. Once we have received your information, we will use strict procedures and security features to try to prevent unauthorised access.

    Put security measures in place

    We have developed and implemented safeguards throughout our infrastructure to help contain any data breaches. We have put security measures in place to guard against data breaches and taking quick action to notify individuals and authorities in the event a breach does occur.

    Review our documentation

    All our privacy statements and disclosures comply where necessary.

    Changes to GDPR

    We will notify all accordingly should there be any changes in GDPR and also by changing it on our Website.

    Contact

    Questions, comments and requests regarding this GDPR policy are welcomed and should be addressed to our GDPR Data Controller responsible – hotel@stdavidshotels.com.