The Inn at Lathones are extremely concerned to protect your privacy and confidentiality. We understand that all users of our site are quite rightly concerned to know that their data will not be used for any purpose unintended by them, and will not fall into the hands of a third party. We undertake to preserve the confidentiality of all information you provide to us.
Our policy complies with the current Data Protection Act 1998 (DPA) accordingly implemented, including that required by the EU General Data Protection Regulation (GDPR) coming into force on the 25th May 2018.
Except as set out below, we do not share, sell or disclose to a third party, any information collected through our website or during the course of doing business.
For the purpose of the DPA and GDPR we are the data controller and any enquiry regarding the collection of your data should be addressed to firstname.lastname@example.org or in writing to the General Manager, Inn at Lathones, Largoward, St Andrews, Fife KY9 1JE
Information we collect from you
We collect personal data on this on the Inn at Lathones website only if it is directly provided to us by you i.e. name, address, email address, telephone number and payment details and has been provided by you with your consent. Normally you will only provide such details if you:
- complete the ‘sign up’ form on the Inn at Lathones website to receive email communications about our News & Offers via email communication to your email address – your name and email address is required
- complete a contact form – if you would like to contact us with any questions – your name and email address are required
- contact us by email or telephone – we will ask for your name
- make a reservation with us – we will ask for your full name, address, contact telephone number, email address and payment details.
You may contact us by telephone or email as such you give your consent implicitly. We collect the data you have given to us in order to reply with the information you need. We record your request and our reply in order to increase the efficiency of our business as when you send us a message by e-mail to which you would expect us to reply. We keep personal information associated with your message, such as your name and email address so we can track our communications with you to provide a high level of customer service.
Your payment information (e.g. credit card details) provided when you make a purchase from our website is not received or stored by us. This information is processed securely by the third party payment processors i.e. reservation system and gift voucher purchasing system. The Inn at Lathones do not store payment transaction information at any time. We may share your personal data with our payment processors, but only for the purpose of completing the relevant payment transaction. Payment processors will not share your personal data, except to provide the necessary payment services to us, and they are required to maintain the confidentiality of your personal data and payment information at all times.
How we use your information
We may hold and process personal data that you provide to us in accordance with the DPA and GDPR. The information that we collect and store relating to you is primarily used to for us to provide our services, and to meet our contractual commitments to you. In addition, we may use the information for the following purposes:
– To notify you about any changes to our website, such as improvements or service/product changes, that may affect our service;
– If you are an existing customer, we may contact you with information about goods and services similar to those that were the subject of a previous sale to you;
– Where you have consented to receive our e-newsletters, from time to time to provide that to you.
What information we may disclose
We may disclose your information to regulatory bodies to enable us to comply with the law and to assist fraud protection and minimise credit risk.
If you do not want us to use your data for our use, you will have the opportunity to withhold your consent to this when you provide your details to us on the form on which we collect your data, or you can do so by writing to us at the address detailed in at the top of this page or by sending us an email to email@example.com at any time.
How we control the use of your data
If you have given us consent to use your data for a particular purpose you can request ‘your right to be forgotten at any time’. If you do not wish us to use your data and exercise ‘your right to be forgotten’ and have the information you have provided to us you removed/deleted you can write to us at the address detailed in at the top of this page or email us at firstname.lastname@example.org at any time.
Where we store your data
We will not sell your information or share it with third parties for marketing purposes.
We are committed to protecting your personal details and information when you register with us. Unless otherwise stated by yourself, you give us permission to share your details with carefully chosen third parties, and companies who are involved in:
As part of the services offered to you, for example through our Website, the personal data that you provide to us may be transferred to and stored with our third party hosting company with servers located within the European Economic Area (“EEA”).
When you enter your details into a sign up form on the Inn at Lathones website to receive email communications from us your data is stored on our website and with our data processor who provides us with email marketing services. The Inn at Lathones has ensured this data processor is fully committed to storing your data in compliance with the current DPA and GDPR regulations.
You have the right to opt out of our processing your personal data for marketing purposes by contacting us at email@example.com or in writing to the address at the top of this page.
Security of your personal data
We will take reasonable technical and organisational precautions to prevent the loss, misuse or alteration of your personal information in compliance with current DPA & GDPR regulations.
We will store all the personal information you provide on secure (password- and firewall- protected) servers. We will establish that all data processors are compliant with DPA & GDPR Regulations. All electronic transactions you make to or receive from us will be encrypted using SSL technology. Our website has a security certificate so your data is protected. Having an SSL certificate shows our visitors we have a trustworthy online presence.
Please note that data transmission over the internet is inherently insecure, and we cannot guarantee the security of data sent over the internet.
Third party links
You might find links to third party websites on our website such as social media links. These websites have their own privacy policies. We have no control over their policies and we do not accept any responsibility or liability for their policies whatsoever.
The DPA and GDPR give you the right to access information held about you by us. Please write to us or contact us by email if you wish to request confirmation of what personal information we hold relating to you. You can write to us at the address detailed at the bottom of this page or by email to Lathones@innatlathones.co.uk. There is no charge for requesting that we provide you with details of the personal data that we hold. We will provide this information within one month of you requesting the data.
You have the right to change the permissions that you have given us in relation to how we may use your data. You also have the right to request that we cease using your data or that we delete all personal data records that we hold relating to you. You can exercise these rights at any time by writing to us at the address detailed at the bottom of this page or by email to Lathones@innatlathones.co.uk
Changes to this policy
We may update these policies to reflect changes to the website and customer feedback. Please regularly review these policies to be informed of how we are protecting your personal data.
Version 1: April 2018