Intro and terms
This privacy notice for St Michaels Resort Falmouth (‘company, we, us, or our’), describes how and why we might collect, store, use, and/or share your information when you use our ‘services’, such as when:
· Visit our website www.stmichaelsresort.com
· Engage with us in other ways, including sales, marketing, or events
· Make a reservation and stay or use the facilities as a guest at the resort
The privacy and security of your information is very important to us. Whether you are booking a room or just a prospective client browsing our website (the “Site”) and looking at our property/services, we want you to trust that the information that you have provided to us is being properly managed and protected. We will only use the information that we collect about you lawfully and in accordance with the Data Protection Act 2018 and The General Data Protection Regulation 2016 (GDPR) together, and with other subsequent laws “Data Protection Laws”.
Who we are and how to contact us
For the purpose of the Data Protection Laws, the data controller is St Michaels Resort Falmouth, registered company number 10479395. This means that we are responsible for deciding how we hold and use personal information about you. We are required under data protection legislation to notify you of the information contained in this privacy notice. If you want to request more information about our privacy notice or information regarding data protection you should contact us using the details provided below:
FAO: Data Protection Officer
St Michaels Resort
Telephone: 01326 312707 and ask to speak to the Data Protection Officer (DPO)
The data we collect about you
At various points throughout your guest journey, we collect personal data in accordance with the law, and to serve you better. This information covers:
· Contact details (for example, last name, first name, email, telephone number, address)
· Personal information (for example, date of birth, nationality, medical conditions)
· Information relating to your children (for example, first name, date of birth, age)
· Your credit card number (for transaction and reservation purposes)
· Your IP address and cookies of your visit to our website
· Your arrival and departure dates
· Your preferences and interests (for example, preferred cottage/ hotel room, cultural interests)
· Your questions/comments, during or following a stay at St Michaels Resort.
Like many businesses, we also collect information through cookies and similar technologies. You can find more about this in our Cookie Notice: https://www.stmichaelsresort.com/cookie-policy
How your data will be used
We use the information collected from you primarily to fulfil your hotel reservation. Prior to your stay, this may include sending your information to the Hotel or sending you pre-stay communications. Following your stay, we may also send you post-stay communications and satisfaction surveys to get feedback on your experience. We also embrace the use of social media and may wish to process any comments made public by you.
In some instances where we have your consent or where permitted under applicable law, we may send you marketing communications (which may include text messages) for products and services that we believe would be relevant for you. We also may use information related to your stay to display targeted advertisements on our websites or on third party websites or to send you more relevant messaging. Additionally, we use this information for purposes of aggregated trend and statistical analysis to evaluate and improve our products and services, plan new hotel locations and services and other market research.
We may also use your personal information in situations where we need to protect your interests or where it is needed in the public interest. We never sell your data to third parties or allow third parties to contact you without your permission.
We will share your information with the Hotel you are staying at to fulfil your reservation. We may also share your information with third party service providers to provide services in relation to our business as well as to help us improve our products and services. For example, we might use a third party or a third-party product for the purposes of market research and data analytics. In certain instances, subject to local consent requirements, third party service providers may also assist us with various marketing campaigns. We may also share your information with third parties to extend special offers about their own products and services to you.
All our third-party service providers and other entities in the group are required to take appropriate security measures to protect your personal information in line with our policies. We do not allow our third-party service providers to use your personal data for their own purposes. We only permit them to process your personal data for specified purposes and in accordance with our instructions.
We will retain your personal data for the period necessary to fulfil the purposes outlined in this Privacy Notice unless a longer retention period is required or permitted by law.
The criteria used to determine our retention periods include:
•The length of time we have an ongoing relationship with you and provide the Services to you.
•Whether there is a legal obligation to which we are subject (for example, certain laws require us to keep records of your transactions for a certain period of time before we can delete them).
•Whether retention is advisable considering our legal position (such as, for statutes of limitations, litigation, or regulatory investigations).
Access to your information and correction
If you would like to request to access, change, delete, restrict the use of, or object to the processing of your personal data that you have previously provided to us, feel free to contact us at firstname.lastname@example.org.
For your protection, we only fulfil requests for the personal data associated with the email address that you identify in your request, and we may need to verify your identity before fulfilling certain requests. When permitted by law, we may charge an appropriate fee to cover the costs of responding to your request.
St Michaels Resort acknowledges and respects our guests’ privacy, and we will try to comply with your request as soon as reasonably practicable and consistent with applicable law.
We seek to use reasonable organisational, technical, and administrative measures to protect personal data. Unfortunately, no data transmission or storage system can be guaranteed to be 100% secure. We have put in place procedures to deal with any suspected data security breach and will notify you and any applicable regulator of a suspected breach where we are legally required to do so.
We keep our privacy notice under regular review, and we will place any updates on this web page. This privacy notice was last updated on 26 July 2022.