The Georgian Hotel will always be up front about what we do with your data. We are committed to treating it with respect and keeping it safe. This privacy statement explains how we do this and how you can make sure that we do.
We determine the purpose and way your information is used and we will never sell or share your personal information with another organisation for their own purposes.
Information We Collect
We collect information when you give it to us by:
Email (directly or via our website or Facebook page)
Facebook personal message or in reply to a facebook post
Face to face at the hotel
We only ever collect and hold information about you that is relevant to your relationship with us. This includes:
Contact details (name, email address, phone number and home address)
Record of your previous business with us and future bookings
Record of previous correspondence
Billing and payment information including card details in our secure PMS (property management system)
Information relating to your use of our services, such as room preferences, special requests, feedback and survey responses
Where you are using our leisure facilities we may also ask you to advise us of any medical or health conditions from which you suffer where these are relevant to the activities you plan to participate in at the facilities or treatments you may wish to have.
How we Use the Information
We intend to use your personal information for the following purposes:
To fulfil your bookings and/or to provide services of facilities you request from us
To collect payment from you for services or products that we have provided to you
To administer and manage our relationship with you, which may include asking you to complete surveys or feedback forms
To send you marketing and promotional material which we think may be of interest to you (assuming you have opted in to receive this information)
Where required by law
Where necessary to protect your health or well being or that of another individual
Sharing and Disclosure
We will not disclose personal information we hold about you to any third party except where required by law or to third parties who provide services to us and act as data processors for us. These are trusted providers who comply with EU privacy laws and include the following:
Guestline (Our PMS supplier)
Microsoft Office – data storage and email
Facebook – pages and messenger
Wix - our website provider holds personal data from email form submissions, comments from blog posts.
Where possible we aim to keep your details within the European Economic Area (EEA) If however we do transfer your personal data out of the EEA we shall ensure a similar degree of protection is afforded to it by ensuring at least one of the following safeguards applies:
The countries to which it is transferred have been deemed to provide an adequate level of protection for personal data by the relevant regulators
We have put in place with the transferee specific contracts approved by the relevant regulators which give personal data similar protection to that it has in Europe
If the transferee is in the US it is registered with the Privacy Shield (or any similar replacement scheme) which requires it to provide similar protection to personal data as required in Europe.
We have put in place appropriate security measures to prevent your personal data from being accidentally lost, used or accessed in an unauthorised way, altered or disclosed. All of our computers and our PMS where data is stored are password protected, with access to personal data limited to those employees, agents, contractors and other third parties who have a business need to know.
We only retain your personal information for as long as necessary to fulfil the purposes we collected it for. To determine the appropriate retention period for personal data we consider the amount, nature and sensitivity of the personal data, the potential risk of harm from unauthorised use or disclosure of your personal data, the purposes for which we process your personal data and whether we can achieve those purposes through other means and the applicable legal requirements.
You may ask us at any time to correct data that we hold about you which you think may be inaccurate
You may ask us to limit what we do with your data or to delete it altogether
You may request a copy of the data that we hold about you
You may raise a complaint in regards to how we have handled your data
If you wish to exercise any of these rights please contact us by using the contact details below. We may need to request specific information from you to help us confirm your identity. This is a security measure to ensure that personal data is not disclosed to any person who has no right to receive it.
Changes to this Policy
Contacting the Data Controller
You can contact us at any time by one of the following means:
37-41 High Street
You can also contact the Information Commissioners Office here: www.ICO.org