Personal data relates to a living individual who can be identified from that data. Identification can be by the information alone or in conjunction with any other information in the data controller’s possession or likely to come into such possession.

The processing of personal data is governed by the General Data Protection Regulation (the “GDPR”). The governing body is the Information Commissioner’s Office (the “ICO”).

Country Cottage Holiday are committed to protecting and respecting your privacy.

This policy sets out the basis on which any personal data we collect from you, or that you provide to us, will be processed by us and stored. Please read the following carefully to understand our views and practices regarding your personal data and how we will treat it. We keep certain basic information when you visit our website and recognise the importance of keeping that information secure and letting you know what we will do with it.

WHO WE ARE

For the purpose of the “GDPR” the data controller is:

  • Country Cottage Holiday a trading division of Broadland Properties Ltd, 137 Scalby Road, Scarborough, YO12 6TB (registration number 483844)

HOW WE PROCESS YOUR DATA

We comply with our obligations under the “GDPR” by keeping personal data up to date; by storing and destroying it securely; by not collecting or retaining excessive amounts of data; by protecting personal data from loss, misuse, unauthorised access and disclosure and by ensuring that appropriate technical measures are in place to protect personal data.

THE PURPOSE(S) FOR WHICH WE USE YOUR PERSONAL DATA

We use your personal data for the following purposes:

  • To enable us to provide a service or fulfil a booking or contract.
  • To maintain our own reports, accounts and records
  • To make improvements to our products and services
Accommodation Services

We collect and use your personal data to enable us to enter into, administer and manage our contract with you when you book accommodation services with us. This includes using your personal data to administer and manage your booking with us.

CCTV Usage

Please note that in our grounds we may use CCTV and surveillance cameras which capture personal data about visitors to our site. This is for the prevention and detection of crime and for protecting the safety and security of our guests and staff.

Marketing and Promotions

We may invite you to complete surveys or provide us with feedback. You can choose not to take part.

We do not share your information with any other third party for marketing purposes.

HOW LONG DO WE RETAIN YOUR INFORMATION?

We will only retain your personal data for a reasonable period; after you have stopped being an active customer and as long as necessary to fulfil the purposes we collected it for, including for the purposes of satisfying any legal, accounting, or reporting requirements.

To determine the appropriate retention period for personal data, we consider the amount, nature, and sensitivity of the personal data, the potential risk of harm from unauthorised use or disclosure of your personal data, the purposes for which we process your personal data and whether we can achieve those purposes through other means, and the applicable legal requirements.

INFORMATION WE MAY COLLECT FROM YOU

We may collect and process the following data about you:

Information that you provide

  • Information that you provide us by filling in forms on our sites or by corresponding with us by telephone, email or otherwise.
  • This includes information provided at the time of making a booking, or enquiring about a property, or requesting information on other products and services.
  • We may also ask you for information when you report a problem or have a complaint.
  • We may also ask you to complete surveys that we use for research purposes, although you do not have to respond to them.
  • If you contact us, we may keep a record of that correspondence.
  • The information you may give us may include your name, email address, postal address and telephone number and financial and credit card information

INFORMATION WE SHARE WITH OTHER SOURCES

We do not share your information with any third party company or organisation other than those listed below and for the purposes stipulated. Other categories of the recipient of the personal data you provide to us are:

Our insurers where necessary in connection with our insurance cover and provision.

We may pass your personal data to our third party service providers, agents, subcontractors and other associated organisations for the purposes of completing tasks and providing services to you that we have agreed to provide.

When we use third party service providers, we disclose only the personal information that is necessary to deliver the service and we have a contract in place that requires them to keep your information secure and in to keep in accordance with the requirements of the “GDPR” and not to use it for their own direct marketing purposes.

We may transfer your personal information to a third party as otherwise permitted by the “GDPR”, for example to our legal advisors or in order to comply with a legal requirement or obligation placed on us by law.

We may transfer CCTV to a third party security organisation (e.g. Police) in respect of any connection with a crime or security issue.

INFORMATION WE RECEIVE FROM OTHER SOURCES
  • There are certain third parties with whom we have to work closely (including, for example, business partners, professional advisers, sub-contractors in technical, payment services, advertising networks, analytics providers, search information providers) and we may receive information about you from them.
  • If we are doing business with you, we may have to conduct due diligence on you, for example where we are under a legal or regulatory requirement.

We may combine information we receive from other sources with the information you give to us and information we collect about you.

We may use this information and the combined information for the purposes set out above (depending on the types of information we receive).

WHERE WE STORE YOUR PERSONAL DATA

We do not store or transfer your personal data outside of the European Union.

Any payment transactions taken via our website or card machines will be encrypted.

Unfortunately, the transmission of information via the internet is not completely secure. Although we will do our best to protect your personal data, we cannot guarantee the security of your data transmitted to our site; any transmission is at your own risk. Once we have received your information, we will use strict procedures and security features to try to prevent unauthorised access.

USES MADE OF THE INFORMATION

We use information held about you in the following ways:

  • To ensure that content from our site is presented in the most effective manner for you and for your computer.
  • To provide you with information, products or services that you request from us or which we feel may interest you, where you have consented to be contacted for such purposes.
  • To carry out our obligations arising from any contracts entered into between you and us.
  • To allow you to participate in interactive features of our service when you choose to do so.
  • To notify you about changes to our service.
AUTOMATED DECISION MAKING AND PROFILING

We do not currently use automated decision-making systems or profiling.

DISCLOSURE OF YOUR PERSONAL INFORMATION

We may disclose your personal information to third parties:

  • In the event that we sell or buy any business or assets, in which case we may disclose your personal data to the prospective seller or buyer of such business or assets.
  • If we are under a duty to disclose or share your personal data in order to comply with any legal obligation, our customers, or others. This includes exchanging information with other companies and organisations for the purposes of fraud protection and credit risk reduction.
YOUR RIGHTS

Unless subject to an exemption under the “GDPR”, you have the following rights with respect to your personal data:

  • The right to request a copy of your personal data which we hold about you;
  • The right to request that we correct any personal data if it is found to be inaccurate or out of date;
  • The right to request your personal data is erased where it is no longer necessary for us to retain such data;
  • The right to withdraw your consent to the processing at any time;
  • The right to request that the data controller provide the data subject with his/her personal data and where possible, to transmit that data directly to another data controller (known as the right to data portability);
  • The right, where there is a dispute in relation to the accuracy or processing of your personal data, to request a restriction is placed on further processing;
  • The right to object to the processing of personal data;
  • The right to lodge a complaint with the Information Commissioner’s Office.

Further details on these rights, when they apply, how to exercise them and the exemptions and wider rules and requirements that apply to such rights. Please visit the Information Commissioner’s website at ico.org.uk

RAISING CONCERNS

If you are unhappy with how we are using your personal data we would encourage you to raise this concern with our Data Protection Officer.
You have the right to lodge a complaint with the Information Commissioner if you are unhappy with how we are handling our data protection obligations, please visit the Information Commissioner’s website at ico.org.uk

What we may need from you

We may need to request specific information from you to help us confirm your identity and ensure your right to access your personal data (or to exercise any of your other rights). This is a security measure to ensure that personal data is not disclosed to any person who has no right to receive it. We may also contact you to ask you for further information in relation to your request to speed up our response.

Time limit to respond

We try to respond to all legitimate requests within one month. Occasionally it may take us longer than a month if your request is particularly complex or you have made a number of requests. In this case, we will notify you and keep you updated.

CHANGES TO OUR PRIVACY POLICY

Any changes we may make to our privacy policy in the future will be posted on this page. Please check back frequently to see any updates or changes to our privacy policy. This policy was last updated on 25th May 2018.

GET IN TOUCH

Questions, comments and requests regarding this privacy policy should be addressed This email address is being protected from spambots. You need JavaScript enabled to view it.

CONTACT

Tel: +44 (0)1723 373461
Email: This email address is being protected from spambots. You need JavaScript enabled to view it.