Introduction

Welcome to the privacy policy relating to Carnarvon Hotels. The Collingham Serviced Apartments is part of the Carnarvon Hotels portfolio of business.  Please see the section headed “Controller” for further information on the businesses within this portfolio and an explanation on the terms used in this privacy notice.

Carnarvon Hotel respects your privacy and is committed to protecting your personal data. This privacy notice will inform you as to how we look after your personal data when you visit our website (regardless of where you visit it from) and tell you about your privacy rights.

This privacy policy is provided in a layered format, so you can click through to the specific areas set out below.

Purpose of this privacy policy 

Controller 

Personal data we collect

How your personal data is collected

How we use your data

How we disclose your data

International transfers  

Data Security

Third Party Links

Data Retention

Your legal rights

Cookie usage

Job Applicants

Changes to this policy

Purpose of this privacy policy 

The intent of this privacy policy is to give you information on how Carnarvon Hotels collects and processes your personal data through your use of this website, including any data you may provide through this website when you sign up to our newsletter, book a room or service or take part in a competition.  It also explains how we use the data collected as part of the registration process and during your stay at one of our establishments.

This website is not intended to be used by children and we do not knowingly collect data relating to children through the website.  If you are a parent or legal guardian and think your child has given us information, please send an email to privacy@chlgroup.co.uk and we will look into this matter. Separately, you should also be aware that we may collect information about the ages of children staying with us as guests in one of our establishments.  Any such information is only collected for room reservations in order for us to provide child specific amenities.

It is important that you read this privacy policy together with any other privacy policy we may provide on specific occasions when we are collecting or processing personal data about you so that you are fully aware of how and why we are using your data.

Controller

Carnarvon Hotels is made up of different businesses, details of which can be found here. When we mention Carnarvon Hotels, “we”, “us” or “our” in this privacy notice, we are referring to the relevant business in the Carnarvon Hotels group of businesses, responsible for processing your data.  In this instance, the business is the Rathbone Hotel.  Carnarvon Hotels Limited is the controller and responsible for this website.

Please click on the below links for the Privacy Policies of the other Hotels and Serviced Apartments:

The Rathbone Hotel

The Winchester Hotel & Spa

Personal Data we collect

Personal data, or personal information, means any information about an individual from which that person can be identified.  Anonymous data i.e. data from which an individual cannot be identified, is not personal data.

In order to provide exceptional customer service, throughout your guest journey, via your interactions with our Online Services, via Offline interactions and Property visits, we collect the following personal information:

  • Identity and Demographic Data includes first name, last name, title, date of birth, age, gender, nationality (including preferred language), signature and, where required by law, passport details.
  • Contact Data includes postal address, email address and telephone numbers.  Contact Data may include employer or other relevant details if you are an employee of a corporate account or an employee of a vendor or other type of business partner (e.g., travel agent or supplier). Contact Data may also include additional contact information about you that we may obtain through third parties with whom we do business (e.g. travel agents or similar providers).
  • Financial Data includes bank account, signature and payment card details and billing address.
  • Transaction and Reservation Data includes information related to your reservation, stay, or visit to a property as well as on any products and services you have purchased from us.  Reservation data will include emails and faxes received, telephone numbers dialled, receipt of telephone messages when connected to the telephone services we provide guests during their stay.
  • Profile Data includes your profile picture, social media account ID or user ID, purchases made by you, your interests, preferences (including special requests and service preferences), Important dates, such as birthdays, anniversaries and special occasions, feedback and survey responses, browsing information i.e. information related to your use and interaction with our site. Allergies or food intolerances, mobility requirements and relevant travel information also fall within this category.
  • Usage and Loyalty Data includes information about how you use our website and services purchased, and information on your use of our loyalty program, including how you earn and redeem points. We also collect information you submit online or post.For example, we collect feedback about our hotels and services that you submit online or directly to us.
  • CCTV Data: Information collected through the use of closed circuit television systems and other security systems.
  • Technical Data includes internet protocol (IP) address, browser type and version, time zone setting and location, browser plug-in types and versions, operating system and platform and other technology on the devices you use to access this website and page interaction information.

We also collect, use and share Aggregated Data such as statistical or demographic data. Aggregated Data may be derived from your personal data but is not considered personal data in law where this data does not directly (or indirectly) reveal your identity. For example, we may aggregate your Usage Data to calculate the percentage of users accessing a specific website feature. However, if we combine or connect Aggregated Data with your personal data so that it can identify you (or can be combined with other data to identify you), we treat the combined data as personal data which will be used in accordance with this Privacy Policy.

Other than some health data such as information about allergies, or religious data to enable us to address your dietary requirements, we do not collect any Special Categories of Personal Data about you.  Special Categories of Personal Data includes details about your race or ethnicity, religious or philosophical beliefs, sex life, sexual orientation, political opinions, trade union membership, information about your health and genetic and biometric data. We do not collect any information about criminal convictions and offences for customers or guests.

Please note, that if you submit Personal Data relating to a potential customer or job applicant (for example  if you make a reservation for another individual or submit a colleague’s CV), you represent that you have the authority to do so and to permit us to use the information in accordance with this Privacy Policy.

How your personal data is collected

  • Through our websites.
  • Via email or phone.
  • Via On and Offline Travel agents used to make a reservation with us.
  • When you visit or stay as a guest at one of our properties.
  • Through our social media pages when you interact with us.

How we use your data

We will only use your personal data when the law allows us to. Most commonly, we will use your personal data in the following circumstances: –

  • Where we need to perform a contract, we are about to enter into or have entered into with you.
  • To facilitate reservations, take payment and provide the services you request.
  • Send you emails that relate to your stay such as confirmation, pre and post-stay correspondence, or to ask you to participate in a customer survey.
  • To respond to your customer-service inquiries or requests.
  • To personalise your experience with us and inform you of services that may be of interest.
  • If you have specific needs when you are visiting one of our establishments relating to your dietary, access and accommodation requirements, and you let us know that you wish us to cater to these needs.
  • Where we need to comply with a legal or regulatory obligation
  • Where it is necessary for our legitimate interests (or those of a third party) and your interests and fundamental rights do not override those interests.
  • To improve our website and services.
  • To confirm, update and improve our customer records
  • To run a loyalty programme.
  • In correspondence with Personnel, Service Providers and other third parties.
  • To review and administer employment applications.
  • For our business purposes, such as anonymized data analysis, security and fraud monitoring and prevention (including through the use of closed circuit television, card keys, and other security systems), improving or modifying our services, identifying usage trends, and determining the effectiveness of our promotional campaigns.
  • For Marketing purposes (via letter, telephone or email) to inform you of services that may be of interest to you such as; our local area, new services and special offers. We might also use your information to serve you ads about our hotels. Your personal information will not be disclosed to any third party for marketing purposes. Please note, you can opt out of receiving marketing emails by following the un-subscribe instructions in the correspondences we send you.
  • For our business purposes as part of administering and managing the business
  • To facilitate reservations, take payment and provide the services you request.
  • Send you emails that relate to your stay such as confirmation, pre and post-stay correspondence, or to ask you to participate in a customer survey.
  • To respond to your customer-service inquiries or requests.
  • To personalise your experience with us and inform you of services that may be of interest.
  • To improve our website and services.
  • To confirm, update and improve our customer records.
  • To run a loyalty programme.
  • In correspondence with Personnel, Service Providers and other third parties.
  • To review and administer employment applications.
  • For our business purposes, such as anonymized data analysis, security and fraud monitoring and prevention (including through the use of closed circuit television, card keys, and other security systems), improving or modifying our services, identifying usage trends, and determining the effectiveness of our promotional campaigns.
  • For Marketing purposes (via letter, telephone or email) to inform you of services that may be of interest to you such as; our local area, new services and special offers. We might also use your information to serve you ads about our hotels. Your personal information will not be disclosed to any third party for marketing purposes. Please note, you can opt out of receiving marketing emails by following the un-subscribe instructions in the correspondences we send you.

Generally we do not rely on consent as a legal basis for processing your personal data.  However, where consent is the lawful basis relied on, you have the right to withdraw consent at any time by Contacting us.

If you fail to provide personal data

Where we need to collect personal data by law, or under the terms of a contract we have with you and you fail to provide that data when requested, we may not be able to perform the contract we have or are trying to enter into with you (for example, to provide you with goods or services). In this case, we may have to cancel a product or service you have with us but we will notify you if this is the case at the time.  Additionally, if you have special dietary requirements but do not provide us with details of what these are, please note that we cannot take this into account.

How we disclose your data

We work closely with a number of trusted partners with whom we need to share Personal Data to help us provide you with the highest level of service and to do so, we share Personal Data and other information with the following:

  • We will share your information within the business within the Carnarvon Hotels Group unless legally prohibited. For example, we will share your information to facilitate reservations or to customize offers to your preference. After your stay we retain your Personal Data including details of your stay, preferences, room/accommodation type and amenities used.
  • We will share your information with third-party service providers that perform services on our behalf (as contracted at any point in time). The services provided are those needed for a business of this type such as website hosting, data analysis, our property management system, payment processing, health and safety online monitoring, information technology and related infrastructure provision, customer service, email delivery, auditing, marketing, insurance and other services.  Please note that this is not an exhaustive list but intended to give you an idea of the types of service providers we use and whom we may share your data with.
  • To the individual, representative or travel advisor that has supplied us with your Personal Data (for example, your travel agent, personal assistant, employer or spouse who has provided us with your details).
  • Through Social Media: When you chose to post information about our businesses on message boards, chat, profile pages and blogs and other services to which you are able to post information and materials (including, without limitation, our Social Media Pages such as Facebook or Instagram) any such information you post or disclose through these services will become public and may be available to other users and the general public. We urge you to be very careful when deciding to disclose any information on the Online Services (such as Social Media Platforms and other review sites).
  • We will share your information with law enforcement or governmental organisations where we are required to make such disclosures by any applicable law.
  • To Bank and payment providers, to authorise and complete payments.
  • In the event of a sale of all or part of our business operations or assets, personal information held by us about our customers will be among the assets shared with and transferred to the buyer. In the event of a sale, the buyer may use your personal data in the same way as set out in this Privacy Notice.

 

International transfers

If you are based outside the EEA and contact us with a query, we will respond to your query.  Please note that this communication may involve the transfer of some of your personal data back to you.  Other than this, we do not currently transfer data outside of the European Economic Area (EEA). If this changes we will update this Privacy Policy accordingly.

Data Security

We have put in place appropriate security measures to prevent your personal data from being accidentally lost, used or accessed in an unauthorised way, altered or disclosed. In addition, we limit access to your personal data to those employees, agents, contractors and other third parties who have a business need to know. They are subject to a duty of confidentiality.

We have also put in place procedures to deal with any suspected personal data breach and will notify you and any applicable regulator of a breach where we are legally required to do so.

Unfortunately, we have no control over the transmission of information via the internet – this is not 100% secure and we encourage you to use caution when using the internet. As indicated above, we have put in place appropriate security measures to prevent your personal data from being accidentally lost, used or accessed in an unauthorised way, altered or disclosed and by making purchases via our online booking engine, you are protected by Secure Socket Layer (SSL) technology, which is utilised by most popular browsers, including Google Chrome, Mozilla Firefox and Internet Explorer. This ensures, through encryption, the personal data that you enter, such as credit-card information is converted into code before being dispatched over the Internet.

Third Party Links

This website may include links to third-party websites, plug-ins and applications. Clicking on those links or enabling those connections may allow third parties to collect or share data about you. We do not control these third-party websites and are not responsible for their privacy statements. When you leave our website, we encourage you to read the privacy policy of every website you visit.

Data Retention

We will only retain your personal data for as long as necessary to fulfil the purposes we collected it for, including for the purposes of satisfying any legal, accounting, or reporting requirements.

To determine the appropriate retention period for personal data, we consider the amount, nature, and sensitivity of the personal data, the potential risk of harm from unauthorised use or disclosure of your personal data, the purposes for which we process your personal data and whether we can achieve those purposes through other means, and the applicable legal requirements.

In some circumstances you can ask us to delete your data: see “Your Rights” below for further information.

In some circumstances we may anonymise your personal data (so that it can no longer be associated with you) for analysis or statistical purposes in which case we may use this information indefinitely without further notice to you.

Your legal rights

When it comes to how we use your personal data, we want to ensure you have the information to make the choices that are right for you.

You are entitled to the following rights:

  • To request access to your personal data.
  • To request correction of your personal data.
  • To request erasure of your personal data.
  • To object to processing of your personal data.
  • To request restriction of processing your personal data.
  • To request the transfer of your personal data.
  • To withdraw consent.

If you wish to exercise any of the rights set out above, please Contact us.

No fee usually required

You will not generally have to pay a fee to access your personal data (or to exercise any of the other rights). However, we may charge a reasonable fee if your request is clearly unfounded, repetitive or excessive. Alternatively, we may refuse to comply with your request in these circumstances.

What we may need from you

We may need to request specific information from you to help us confirm your identity and confirm your right to access your personal data (or to exercise any of your other rights). This is a security measure to ensure that personal data is not disclosed to any person who has no right to receive it. We may also contact you to ask you for further information in relation to your request to speed up our response.

Time limit to respond

We try to respond to all legitimate requests within one month. Occasionally it may take us longer than a month for example if your request is particularly complex or you have made a number of requests. In this case, we will notify you and keep you updated.

How to contact us

If you have any questions or are concerned that any of the information we hold about you is incorrect, out of date or may be used inappropriately, please contact us at the below address or at privacy@chlgroup.co.uk with your concerns and we will respond to your request and/or take the appropriate steps to amend our records.

Data Protection Office
Carnarvon Hotels Ltd
10-11 Greenland Palace
NW1 0AP

How to complain

We hope that you would not need to complain about our use of personal data.  However, if you do have a concern, please email us at privacy@chlgroup.co.uk with details of your complaint.  We will look into and respond to any complaints received.

Furthermore, please note that you can also contact the Information Commissioner’s Office via their website at www.ico.org.uk/concerns or write to them at:

Information Commissioner’s Office
Wycliffe House
Water Lane
Wilmslow
Cheshire
SK9 5AF

Cookie usage

Cookies are small amounts of information that are sent to and are stored on your computer. We use them to identify you when you visit the websites, and to make your use of the websites more convenient for you. If you do not wish to have Cookies placed on your computer, you can disable Cookies on your Internet browser. Please see our Cookies policy for further details.

Job Applicants

This section contains information that we believe will specifically be of interest to job applicants

We collect and use the following information: –

  • Identity and Demographic Data
  • Contact Data
  • Usage Data (when you apply for a job through our website)
  • CCTV Data
  • Technical Data
  • Data on your Qualifications

This data is collected from the following sources:

  • Your CV
  • The take up of References
  • Through Criminal background checks and right to work checks
  • Your visits to our premises
  • Your use of our website
  • Through online searches

This information will have been provided, or will be provided, by you or a third party who we work with, such as a Job Board Company or another employment agency. In the case of references, these will be from your previous employer. The outcome of criminal record checks and right to work checks, will be supplied by a third-party company.

Data Usage and period of time for which data is retained

The personal data above may be used in the following ways:

  • To match your skill sets with job vacancies and where appropriate to process your application (This use would be in our legitimate interests)
  • To keep you informed of available opportunities as they arise (This use would be in our legitimate interests).

This information will have been provided, or will be provided, by you or a third party who we work with, such as a Job Board Company or another employment agency. In the case of references, these will be from your previous employer. The outcome of criminal record checks and right to work checks, will be supplied by a third-party company.

  • To establish that you have the right to work(We need to do this in order to comply with a legal or regulatory obligation)
  • To undertake relevant security and criminal record checks as required by us and as permitted by lawapplication (Required in order to comply with a legal or regulatory obligation)
  • To enable us to provide feedback on applications if requested and to comply with legislation; interview notes and registration forms will be retained and stored securely for a period of no greater than 12 months (This use would be in our legitimate interests)
  • As part of the recruitment process and where it may increase your chances of securing a role, your data may be shared within internal departments and across our company(This use would be in our legitimate interests)
  • If you have applied via email, your data may be retained for a period of up to 12 months, enabling us to make candidates aware of potentially suitable vacancies during this time. If you do not wish us to do this, please let us know.

Changes to this policy

We may modify this Privacy Policy from time to time. The Updated Version at the bottom of this page indicates when this Privacy Policy was last revised. Any changes will become effective when we post the revised Privacy Policy on the website.

Updated: 28th November2018

Book Now

  • Lowest Rate Guarantee
  • Exclusive Discounts
  • Priority Upgrade*
  • Early Check-In*
02 December 2024