This Privacy Notice explains in detail the types of personal data we may collect about you when you interact with us. It also explains how we will store and handle that data, and keep it safe.
We know that there is a lot of information here, but we want you to be fully informed about your rights, and how S. Notaro Hotels Limited may use your data.
We hope the following sections will answer any questions you have but if not, please do get in touch with us.
It’s likely that we will need to update this Privacy Notice from time to time. We will notify you of any significant changes, but you are welcome to come back and check it whenever you wish.
Who is Lakeview Holiday Cottages / S. Notaro Hotels Limited
- Notaro Hotels Limited operates as Lakeview Holiday Cottages. The operating company is based at Huntworth, Bridgwater TA7 0AJ.
Explaining the legal basis we rely on
The law on data protection sets out six ways which a company may collect and process your personal data. Having analysed our customer database and business model, we have assessed that legitimate interest is the primary basis. S. Notaro Hotels Limited uses a mix of legitimate interest and contract as the legal basis for processing personal data.
When do we collect your personal data?
Personal data is collected from the following sources:
- Booking aggregate sites
- Local companies
- Online bookings and enquiries
- Inbound calls
- Local event research and networking
What sort of personal data do we collect?
The personal data we collect is limited to the level we need to deliver our services and is made up of the following:
- Email address
- Phone numbers
- Business details
- Postal address
- Card details
How and why do we use your personal data?
Your personal data is used to ensure the products and services we deliver are suitable and appropriate. Any data collected is only used to administer and deliver the services we provide.
- To manage bookings and maintenance for Lakeview Cottages
- To notify you of your booking status
- To keep you updated on changes, news and special offers
- To administer the recruitment process
- To respond to queries and complaints
- We also embrace the use of social media and wish to process any comments made public by you
- To send you communications required by law or which are necessary to inform you about changes to the services we provide you.
- To comply with our contractual or legal obligations to share data with law enforcement agencies.
Of course, you are free to opt out at any time. If you wish to opt out, please either email firstname.lastname@example.org or contact us on 01278 661584
How we protect your personal data
An example would be our communications, which is managed using the Microsoft Office 365, which have an updated Privacy Amendment, which can be viewed here (view online)
The other main systems and companies in use by the Group include the following:
- Pegasus Opera – Privacy Notice
- Super Control – Privacy Notice
- Rent Pro – Privacy Notice
- Snap Inspect – Privacy Notice
- ICS&M IT management – Privacy Notice
- MailChimp – Privacy Notice
- Upperdog – Privacy Notice
In addition, we have internal processes for employees and contractors which clearly states their terms of reference and how personal data will be used.
How long will we keep your personal data?
Whenever we collect or process your personal data, we will only keep it for as long as is necessary for the purpose for which it was collected.
At the end of that retention period, your data will either be deleted completely or anonymised, for example by aggregation with other data so that it can be used in a non-identifiable way for statistical analysis and business planning.
Who do we share your personal data with?
Your personal data is only used to deliver the services we provide.
Where your personal data may be processed
The systems in place within the company are primarily UK based so data stays within the EEA.
In protecting your data outside the EEA; the EEA includes all EU Member countries as well as Iceland, Liechtenstein and Norway.
We may transfer personal data that we collect from you to third-party data processors in countries that are outside the EEA such as Australia or the USA. This will only be done using the technology solutions highlighted in the section How and Why do we use your personal data.
If we do this, we have procedures in place to ensure your data receives the same protection as if it were being processed inside the EEA. For example, our contracts with third parties stipulate the standards they must follow at all times. Any transfer of your personal data will follow applicable laws and we will treat the information under the guiding principles of this Privacy Notice.
What are your rights over your personal data?
The GDPR provides the following rights for individuals:
- The right to be informed
- The right of access
- The right to rectification
- The right to erasure
- The right to restrict processing
- The right to data portability
- The right to object
- Rights in relation to automated decision making and profiling
Where any subject access request is made there is a requirement to prove identity before any information is divulged. This may involve physical presence with accompanying ID.
Individuals also have the right to have their personal data erased in certain circumstances (sometimes known as the “right to be forgotten”) typically, if:
- The personal data collected is no longer necessary for the purpose which the Company originally collected or processed it for.
- As the Company is relying on legitimate interests as the basis for processing personal data, the individual objects to the processing of their data, and there is no overriding legitimate interest to continue this processing.
- The Company is processing personal data for direct marketing purposes and the individual objects to that processing.
Links to other websites
This privacy notice does not cover the links within this site linking to other websites. We encourage you to read the privacy statements on the other websites you visit.
Regulation changes and remedial actions
The GDPR became live on 25th May 2018 and the UK Data Privacy Bill gained Royal Ascent on 23rd May 2018. Therefore, this Notice is based on the regulations, as they exist with a review process set up to make any adjustments required to become and stay compliant.
In the event of any changes or processes which need remedial action the review procedure will capture those issues and remedy them.
Contacting the Regulator
If you feel that your data has not been handled correctly by S. Notaro Hotels Limited and you are unhappy with our response to any requests you have made to us regarding the use of your personal data, you have the right to lodge a complaint with the Information Commissioner’s Office.
You can contact them by calling 0303 123 1113.
Or go online to www.ico.org.uk/concerns (opens in a new window; please note we can’t be responsible for the content of external websites)
If you are based outside the UK, you have the right to lodge your complaint with the relevant data protection regulator in your country of residence.