Updated May 2018
WHAT PERSONAL INFORMATION DO WE COLLECT ABOUT YOU AND HOW?
Personal information you give us may include but is not limited to; your name, delivery address, e-mail address, preferences, phone number, technical data (such as internet protocol (IP) address, browser usage) and financial and credit/ debit card information. If you make a room reservation we may also collect further information such as details of other guests, employer details, for overseas visitors we are also required to collect your passport number and next destination.
We may receive personal information about you from third party suppliers who provide services on our behalf (such as Best Western, a booking engine or wedding venue finder) in order to fulfil your order. Any information we collect will be processed in accordance to this policy and added to the information we already hold about you, in order to help us provide goods and services and improve your customer experience with us. You should review a company’s own privacy policies to ensure you understand how they use your personal data.
CCTV is installed in public areas, entrances and exits of our properties for the prevention and detection of crime. Footage collected is stored securely, with access restricted to authorised personnel only. We would only ever share footage with authorities and if required to do so by law.
It may be that some of the personal information you give us (for example, about your health and age) is sensitive personal data within the meaning of the Data Protection Act 1998. Such information (‘sensitive information’) will only be disclosed with your express consent. This will be processed in accordance to Article 6 and Article 9 (2) of the GDPR for Special Category Data.
HOW DO WE USE YOUR INFORMATION?
Your information allows us to provide you with access to all parts of our website, notify you about changes to our services, supply you with goods and services you have requested and communicate with you in regards to your order before and after your stay. We will also use and analyse information so that we can administer, support, improve and develop our business. We may provide aggregate statistics about sales, customers, traffic patterns and information to third parties, but these statistics will not include any information that identifies you.
We love to stay in touch with our customers by sending special offers and news updates that we think may be of interest to you. Personal information will not be used for these marketing communications unless you have given us your express consent and opted –in to receiving marketing materials either electronically or by post. You are able to choose not to receive this information at any time. This can be done either via the unsubscribe link in all marketing emails, or by writing to the Hotel: Data Protection Officer, Best Western The Rose and Crown Hotel, East Street, Colchester, Essex, CO1 2TZ.
LEGAL BASIS FOR PROCESSING
LEGITIMATE INTEREST:the processing is necessary for the legitimate interests of us or a third party, where such interests are not overridden by your rights your interests. This would include anywhere you would reasonably expect us to process your personal information whilst providing any of our hotel services such as making a reservation, booking a restaurant table, processing payments, keeping the hotel secure through the use of CCTV;
CONTRACT: the processing is necessary in order for us to fulfil our contractual obligations to you;
CONSENT: you have provided consent for us to process your data (such as marketing) and are able to withdraw your consent at any time;
LEGAL OBLIGATION: the processing is necessary of us to comply with the law
HOW DO WE STORE AND PROTECT YOUR INFORMATION?
We have strict security procedures covering the storage of your information in order to prevent unauthorised access and to comply with the terms of the Data Protection Act 1998. This means that sometimes we may ask you for proof of identity or for other personal information before we can process your call or enquiry further.
When making a reservation your personal information is stored in our cloud- hosted property management system ‘Guestline’ which is a PCI certified level 1 service provider. We may also store information on other trusted third parties suppliers including Giftpro Limited (gift vouchers), Typeform (feedback and check in forms), Postmark (email delivery), Mailchimp (email marketing), Wedding Dates/ Hitched (wedding enquiries and bookings), if you chose to use any of their services.
Financial information will always be verified and processed using a secure, reliable and fully PCI compliant online payment processing gateway. We also ensure sensitive and private data exchange between the site and its users happens over a secure socket layer (SSL) secured communication channel and is encrypted and protected with digital signatures.
Personal data will be shared internally within the business departments when required, in order to provide the various services we offer. This is on a ‘need to know’ basis and all employees are aware of the importance of confidentiality and privacy.
We will store your personal information only for as long as it is necessary to fulfil our service to you, for business or legal purposes, or in accordance with applicable laws.
RIGHT OF ACCESS, RECTIFICATION AND ERASURE
If you have given us your personal data, you have the right to ask us the scope of information we process about you, the purpose and nature of processing and information on who we share it with. You can also request to update, correct or delete it at any time, (we may need to retain certain information for legal or administrative purposes, such as record keeping or to detect fraudulent activities). You will not have to pay a fee to access your personal data (or to exercise any of the other rights). However we may charge a reasonable administration fee if your request is clearly unfounded, repetitive or excessive. In these circumstances we may alternatively refuse to comply with your request. As a security measure, we may require proof of your identity before we make any changes to your information or provide a copy of your information.
If you would like a copy of the information held on you please write to us at: Data Protection Officer, Best Western The Rose and Crown Hotel, East Street, Colchester, Essex, CO1 2TZ. If you believe that any information we are holding on you is incorrect or incomplete, please write to us as soon as possible at the above address. We will promptly correct any information found to be incorrect.
DISCLOSURE OF PERSONAL INFORMATION
We reserve the right to access and disclose individually identifiable information to enable us to comply with applicable laws and lawful government requests to operate its systems and to protect itself or its users. Unless required or permitted to do so by law, we will not otherwise share, sell or distribute any of the information you provide to us without your consent.
What are cookies?
Cookies are text files containing small amounts of information which are downloaded to your device when you visit a website. Cookies are sent back to the originating website (first –party cookies) on each subsequent visit, or to another website to which it belongs (third- party cookies). Cookies are useful because they allow a website to recognise a user’s device, let you navigate between pages efficiently, remember your preferences, and generally improve the user experience. They can also help to ensure that adverts you see online are more relevant to you and your interests.
COOKIE USED ON THIS WEBSITE
The cookies used on our website can be categorised by their functions:
- Strictly Necessary cookies
These cookies are essential in order to enable you to move around the website and use its features, such as accessing secure areas of the website. Without these cookies services you have asked for cannot be provided. Strictly necessary cookies cannot be disabled using the features of this website.
- Performance Cookies
These cookies collect information about how visitors use a website, for instance which pages visitors go to most often, and if they get error messages from web pages. These cookies don’t collect information that identifies a visitor. All information these cookies collect is aggregated and therefore anonymous. It is only used to improve how a website works.
- Functionality Cookies
These cookies allow the website to remember choices you make (such as your user name, language or the region you are in) and provide enhanced, more personal features. For instance, a website may be able to provide you with local weather reports or traffic news by storing in a cookie the region in which you are currently located. These cookies can also be used to remember changes you have made to text size, fonts and other parts of web pages that you can customise. They may also be used to provide services you have asked for such as watching a video or commenting on a blog. The information these cookies collect may be anonymised and they cannot track your browsing activity on other websites.
- Targeting or advertising cookies
These cookies are used to deliver adverts more relevant to you and your interests. They are also used to limit the number of times you see an advertisement as well as help measure the effectiveness of the advertising campaigns. They are usually placed by advertising networks with the website operator’s permission. They remember that you have visited a website and this information is shared with other organisations such as advertisers. Quite often targeting or advertising cookies will be linked to site functionality provided by the other organisation.
Our websites may also contain plug-ins and other features that integrate third party social media platforms. Third parties who operate these platforms may be able to identify you, determine how you use this website and they may link and store this information with your social media profile. Please consult the data protection policies of these social media platforms to understand what they will be doing with your personal data. If you activate these plug-ins and other features, or share any information publicly you will be doing so at your own risk.
Managing your cookies
Most web browsers allow some control of cookies through the browser settings on your device, so you are able to withdraw your consent at any time. It is important to note that if you change your settings and block certain cookies, you may not be able to take full advantage of some features of our site and we may not be able to provide some features you have previously chosen to use.
To find out more about cookies, including how to see what cookies have been set and how to manage and delete them click here. To opt out of being tracked by Google Analytics across all websites click here
We may update this Privacy and Cookies Policy from time to time to ensure that you are kept informed of how we use your personal information. Any changes will be posted here so please ensure you review this regularly.
For the purpose of the Data Protection Act 1998 and EU General Data Protection Regulation 2018:
Best Western The Rose and Crown Hotel, is registered as a Data Controller with the Information Commissioner’s Office. In the unlikely event of a data breach, Best Western The Rose and Crown Hotel will notify the Information Commissioner’s Office (ICO) without undue delay. If there is a risk to an individual they will be notified in the same manner.
The details of our main central registration can be found below:
Data Controller name: Bremwell Limited (T/A Best Western The Rose and Crown Hotel)
Registration Number: ZA332247
For any issues relating to our practices, please contact our Data Protection Officer:
Data Protection Officer
Best Western The Rose and Crown Hotel