Discretion is absolutely key, whether in house or online, we enusre our guests are always safe and secure
- AB Hotels
Personal identification information
We may collect personal identification information from Users in a variety of ways, including, but not limited to, when Users visit our site, register on the site, place an order, subscribe to the newsletter, respond to a survey, fill out a form, and in connection with other activities, services, features or resources we make available on our Site. Users may be asked for, as appropriate, name, email address, mailing address, phone number, credit card information. Users may, however, visit our Site anonymously. We will collect personal identification information from Users only if they voluntarily submit such information to us. Users can always refuse to supply personally identification information, except that it may prevent them from engaging in certain Site related activities.
Non-personal identification information
We may collect non-personal identification information about Users whenever they interact with our Site. Non-personal identification information may include the browser name, the type of computer and technical information about Users means of connection to our Site, such as the operating system and the Internet service providers utilized and other similar information.
Web browser cookies
How we use collected information
AB Hotels may collect and use Users personal information for the following purposes:
– To improve customer service
Information you provide helps us respond to your customer service requests and support needs more efficiently.
– To personalize user experience
We may use information in the aggregate to understand how our Users as a group use the services and resources provided on our Site.
– To improve our Site
We may use feedback you provide to improve our products and services.
– To process payments
We may use the information Users provide about themselves when placing an order only to provide service to that order. We do not share this information with outside parties except to the extent necessary to provide the service.
– To run a promotion, contest, survey or other Site feature
To send Users information they agreed to receive about topics we think will be of interest to them.
– To send periodic emails
We may use the email address to send User information and updates pertaining to their order. It may also be used to respond to their inquiries, questions, and/or other requests. If User decides to opt-in to our mailing list, they will receive emails that may include company news, updates, related product or service information, etc. If at any time the User would like to unsubscribe from receiving future emails, we include detailed unsubscribe instructions at the bottom of each email or User may contact us via our Site.
How we protect your information
We adopt appropriate data collection, storage and processing practices and security measures to protect against unauthorized access, alteration, disclosure or destruction of your personal information, username, password, transaction information and data stored on our Site.
Sensitive and private data exchange between the Site and its Users happens over a SSL secured communication channel and is encrypted and protected with digital signatures. Our Site is also in compliance with PCI vulnerability standards in order to create as secure of an environment as possible for Users.
Sharing your personal information
We do not sell, trade, or rent Users personal identification information to others. We may share generic aggregated demographic information not linked to any personal identification information regarding visitors and users with our business partners, trusted affiliates and advertisers for the purposes outlined above. We may use third party service providers to help us operate our business and the Site or administer activities on our behalf, such as sending out newsletters or surveys. We may share your information with these third parties for those limited purposes provided that you have given us your permission.
Third party websites
Users may find advertising or other content on our Site that link to the sites and services of our partners, suppliers, advertisers, sponsors, licensors and other third parties. We do not control the content or links that appear on these sites and are not responsible for the practices employed by websites linked to or from our Site. In addition, these sites or services, including their content and links, may be constantly changing. These sites and services may have their own privacy policies and customer service policies. Browsing and interaction on any other website, including websites which have a link to our Site, is subject to that website’s own terms and policies.
Your acceptance of these terms
By using this Site, you signify your acceptance of this policy. If you do not agree to this policy, please do not use our Site. Your continued use of the Site following the posting of changes to this policy will be deemed your acceptance of those changes.
AB Hotels Head Office
T: +44 (0) 1727 864477
Your privacy is of the utmost importance to us, which is why we have compiled this comprehensive Data Protection policy in compliance with national and international regulations.
This site is owned and managed Five Lakes and we respect the privacy of all visitors to the site. Please find below information on how the data we collect on you is used, and what you should do if you have any concerns regarding the data held. If you have queries regarding the information contained in this policy please e-mail firstname.lastname@example.org
“Personal data” referred to henceforth means any of your information collected and logged by us in a way which allows us to identify you directly or indirectly. Please read this policy before providing us with any direct information (i.e. name) or indirect information (i.e. address).
This policy has been created as part of the terms and conditions of our hotel services. By accepting our terms and conditions, you expressly accept the terms of our Data Protection policy detailed below.
1. What information do we collect?
At various points, we may need to collect information about you or your family/fellow guests. This information may include:
• Contact details such as your first name, last name, telephone number or email
• Personal information such as your nationality or date of birth
• Information about your children such as first name, date of birth or age
• Your credit card number for transaction and reservation purposes
• Your arrival/departure dates and room preferences
• Your questions, comments or feedback during or after a stay or visit to us
• Your IP address or cookie information
We will never deliberately collect sensitive information such as racial, religious, sexual or political alignment and only collect information regarding adults or their children from those aged over 18.
2. When do we collect it?
Your information may be collected at the hotel when:
• Booking a room, checking in or paying
• Eating or drinking at our bar or restaurant
• Making a request or complaint
Your information may be collected online when:
• Participating in a customer survey or online competition
• Subscribing to our promotional email newsletter
• Through a third party i.e. a reservation system or travel agent
• When connecting to our website i.e. IP address or cookies
3. Why do we collect it and how we use it
Contact details – To manage your reservation, requests and services; to monitor use of amenities; to manage your restaurant or bar bookings; to manage special requests, to send you special offers or information via email newsletter and to manage financial and payment records pertaining to your stay or visit.
Personal information – To improve the level of service we offer; to assist in marketing and promotion of our services and help us adapt our services.
Information pertaining to your children – To manage their stay at the hotel; information can only be supplied by an adult.
Credit card number – To guarantee bookings and take payment.
Arrival and departure dates – To manage your hotel booking.
Your questions, comments or feedback – To improve the level of service we offer.
IP address or cookie information – To improve our website navigation and prevent fraud or security breaches.
4. Secure information storage
We take data security seriously and use appropriate technologies and procedures to protect your personal information. Our information security policies and procedures are aligned with widely accepted international standards, we apply the controls detailed in the Payment Card Industry Data Security Standard to all environments storing personal data. These standards are applied and are reviewed regularly and updated as necessary to meet our business needs, changes in technology, and regulatory requirements.
Policies and procedures
• We have measures in place to protect against accidental loss and unauthorised access, use, destruction, or disclosure of data
• We have a Business Continuity and Disaster Recovery strategy that is designed to safeguard the continuity of our service to our clients and to protect our people and assets
• We place appropriate restrictions on access to personal information
• We implement appropriate measures and controls, including monitoring and physical measures, to store and transfer data securely
• We conduct Privacy Impact Assessments in accordance with legal requirements and our business policies
Training for employees and contractors
• We require privacy, information security, and other applicable training on a regular basis for our employees and contractors who have access to personal information and other sensitive data
• We take steps to ensure that our employees and contractors operate in accordance with our information security policies and procedures and any applicable contractual conditions
Vendor risk management
• We require, through the use of contracts and security reviews, our third-party vendors and providers to protect any personal information with which they are entrusted in accordance with our security policies and procedures
5. Your rights
We hold on to your information for as long as you have a booking with us, and for as long as is necessary to provide support-related reporting. We’ll also hold on to your information If reasonably necessary or required to meet legal or regulatory requirements, resolve disputes, prevent fraud and abuse, or enforce our terms and conditions. We may also keep hold of some of your information as required, even if it is no longer needed to provide the services to you. You may see or receive marketing information or promotions when appropriate. You have the following rights:
• The right to be informed about how your personal information is being used
• The right to access the personal information we hold about you
• The right to request the correction of inaccurate personal information we hold about you
• The right to request that we delete your data, or stop processing it or collecting it, in some circumstances
• The right to stop direct marketing messages, and to withdraw consent for other consent-based processing at any time
• The right to request that we transfer elements of your data either to you or another service provider
• The right to complain to your data protection regulator — in the UK, the Information Commissioner’s Office (ICO)
We may use certain information to refine your online experience with us and to show you promotions or products which may be of interest to you; you may amend your marketing preferences across your social media channels to opt out of this. We may also email you with exclusive information and promotions; you may unsubscribe from these emails at any time.
Site functionality cookies – these cookies allow you to navigate the site and use our features
Site analytics cookies – these cookies allow us to measure and analyse how our customers use the site, to improve both its functionality and your shopping experience
Customer preference cookies – when you are browsing, these cookies will remember your preferences (like your language or location), so we can make your experience as seamless as possible, and more personal to you
Targeting or advertising cookies – these cookies are used to deliver ads relevant to you. They also limit the number of times that you see an ad and help us measure the effectiveness of our marketing campaigns.
By visiting and using our site, you agree to us placing these sorts of cookies on your device and accessing them when you visit the site in the future. If you want to delete any cookies that are already on your computer, the “help” section in your browser should provide instructions on
how to locate the file or directory that stores cookies.
8. Changes and updates to this policy
We may change our Data Protection policy from time to time, to reflect the way we process your data. Should we make significant changes, we will make that clear on our website, or by some other means of contact such as email, so that you are able to review the changes before you continue to make use of our services.
9. Contact us
Should you wish to contact us at any time with questions, comments, data-related requests or similar, please email us at email@example.com
Issue Date: July 2018
- THE SOPWELL HOUSE COMMITMENT TO PROTECTING YOUR PRIVACY
Because we consider you an important guest of Sopwell House, our first priority is to offer you a home from home and a stay that makes you want to come back for more.
Your complete satisfaction and confidence in Sopwell House is absolutely essential to us.
The main rules applicable within Sopwell House are founded on seven principles.
This Personal Data Protection policy forms part of the terms and conditions that govern our hotel services. By accepting these terms and conditions, you expressly accept the provisions of this policy.
- SOPWELL HOUSE SEVEN PRINCIPLES FOR PROTECTING YOUR PERSONAL DATA
- Transparency: When collecting and processing your personal data, we will communicate all information to you and inform you of the purpose and recipients of the data.
- Legitimacy: We will collect and process your personal data only for the purposes described in this policy.
- Relevance and accuracy: We will only collect personal data that is necessary for data processing. We will take all reasonable steps to ensure that the personal data we hold is accurate and up to date.
- Storage: We will hold your personal data for the period necessary for processing in compliance with the provisions of the law.
- Access, rectification, opposition: You may access, modify, correct or delete your personal data. You may also oppose the use of your personal data, particularly to avoid receiving sales and marketing information. The details of the department to contact and steps to be taken in this respect are shown below in the clause "Access and modification".
- Confidentiality and security: We will ensure reasonable technical and organisational measures are in place to protect your personal data against alteration or accidental or unlawful loss, or unauthorised use, disclosure or access.
- Sharing and international transfer: We may share your personal data with third parties for payment processing, email services and other services essential to the running of the business (such as commercial partners and/or service providers) for the purposes set out in this policy. We will take appropriate measures to guarantee security when sharing or transferring such data.
For any questions concerning the seven principles of Sopwell House’s data protection, please contact the General Manager at firstname.lastname@example.org via the details in the clause "Access and modification".
- SCOPE OF APPLICATION
This policy applies:
- To all data processing implemented in our hotel
- To Sopwell House reservation websites, including www.sopwellhouse.co.uk
- WHAT PERSONAL DATA IS COLLECTED?
At various times, we will be obliged to ask you, as a Sopwell House customer, for information about you and/or members of your family, such as:
- Contact details (for example, last name, first name, telephone number, email)
- Personal information (for example, date of birth, nationality, medical conditions)
- Information relating to your children (for example, first name, date of birth, age)
- Your credit card number (for transaction and reservation purposes)
- Your membership number for the Sopwell House Leisure Membership or another partner program
- Your arrival and departure dates
- Your preferences and interests (for example, preferred floor, cultural interests, newspapers)
- Your questions/comments, during or following a stay at Sopwell House.
The information collected in relation to persons under 18 years of age is limited to their name, nationality and date of birth, which can only be supplied to us by an adult.
We do not deliberately collect sensitive information, such as information concerning race, ethnicity, political opinions, religious and philosophical beliefs, union membership, or details of sexual orientation. We will collect details regarding your health if you have booked a spa treatment, this is necessary for your own health and safety.
Depending on applicable local laws, other information which could be considered sensitive, such as your credit card number, your leisure activities, personal activities and hobbies, may be collected in order to meet your requirements or provide you with an appropriate service, such as a specific diet.
In this case, depending on the laws in force in certain countries, your prior consent may be required with regard to the collection of this sensitive information.
- WHEN IS YOUR PERSONAL DATA COLLECTED?
Personal data may be collected on a variety of occasions, including:
- Hotel activities:
- Booking a room
- Checking-in and paying
- Requests, complaints and/or disputes.
- Participation in marketing programs or events:
- Signing up for loyalty programs
- Participation in customer surveys (for example, the Guest Satisfaction Survey)
- Online games or competitions
- Subscription to newsletters, in order to receive offers and promotions via email.
- Transmission of information from third parties:
- Tour operators, travel agencies, GDS reservation systems, and others
- Internet activities:
- Connection to Sopwell House website (IP address, cookies)
- Online forms (online reservation, questionnaires, Sopwell House pages on social networks, etc.).
- HOW WILL WE USE THE INFORMATION ABOUT YOU?
We collect your personal data for the purposes of:
- Meeting our obligations to our customers.
- Managing the reservation of rooms and accommodation requests:
- Creation and storage of legal documents in compliance with accounting standards.
- Managing your stay at the hotel:
- Monitoring use of services (telephone, bar, pay TV etc.)
- Managing access to rooms
- Internal management of lists of customers having behaved inappropriately during their stay at the hotel (aggressive and anti-social behavior, non-compliance with the hotel contract, non-compliance with safety regulations, theft, damage and vandalism, or payment incidents).
- Improving our hotel service, especially:
- Processing your personal data in our customer marketing program in order to carry out marketing operations, promote brands and gain a better understanding of your requirements and wishes
- Adapting our products and services to better meet your requirements
- Customising commercial offers and the promotional messages we send to you
- Informing you of special offers and any new services created by Sopwell House
- Managing our relationship with customers before, during and after your stay:
- Managing the loyalty program
- Segmentation operations based on reservation history and customer travel preferences with a view to sending targeted communications
- Predicting and anticipating future behaviors
- Developing statistics and commercial scores, and carrying out reporting
- Providing context data for offer tool when a customer visits the website or makes a reservation
- Knowing and managing the preferences of new or repeat customers
- Sending newsletters, promotions and tourist, hotel or service offers, or contacting by telephone
- Managing requests to unsubscribe from newsletters, promotions, tourist offers and satisfaction surveys
- Taking into account the right to object
- Using a dedicated telephone service to search for persons staying at Sopwell House in the event of serious events affecting the hotel (natural disasters, terrorist attacks etc.).
- Use a trusted third party to cross-check, analyze and apply certain devices to your collected data at the time of booking or at the time of your stay, in order to determine your interests and your customer profile, and to allow us to send you personalized offers.
- Improving Sopwell House services, especially:
- Carrying out surveys and analyses of questionnaires and customer comments
- Managing claims/complaints
- Offering you the benefits of our leisure membership
- Securing and enhancing your use of the Sopwell House website, especially:
- Improving navigation
- Implementing security and fraud prevention.
- Conforming to local legislation (for example, storing of accounting documents).
- CONDITIONS OF THIRD-PARTY ACCESS TO YOUR PERSONAL DATA
To guarantee you the right of access and amendment ("Access and modification" clause), we have to share your personal data with internal and external recipients subject to the following conditions:
- Within Sopwell House, in order to offer you the best service, we can share your personal data and give access to authorised personnel from Sopwell House, including:
- Hotel staff
- Reservation staff using Sopwell House reservation tools
- IT departments
- Commercial partners and marketing services such as an email service provider
- Medical services if applicable
- Legal services if applicable
- Generally, any appropriate person within Sopwell House entities for certain specific categories of personal data.
- With service providers and partners: your personal data may be sent to a third party for the purposes of supplying you with required services and improving your stay, for example:
- External service providers: IT sub-contractors, banks, credit card issuers, external lawyers, dispatchers, printers.
- Commercial partners: Sopwell House may, unless you specify otherwise to us, enhance your profile by sharing certain personal information with its preferred commercial partners. In this case, a trusted third party may cross-check, analyze and apply certain devices to your data. This data processing will allow Sopwell House and its privileged contractual partners to determine your interests and your customer profile, and will allow us to send you personalised offers.
- Local authorities: We may also be obliged to send your information to local authorities if this is required by law or as part of an inquiry and in accordance with local regulations.
- PROTECTION OF YOUR PERSONAL DATA DURING INTERNATIONAL TRANSFERS
For the purposes set out in Clause 7 of this policy, we may transfer your personal data to internal or external recipients who may be in countries offering different levels of personal data protection.
Consequently, in addition to implementation of this policy, Sopwell House employs appropriate measures to ensure secure transfer of your personal data to a Sopwell House entity or to an external recipient located in a country offering a different level of privacy from that proposed in the country where the personal data is collected.
Other than those that are required to carry out your reservation, data flows to countries having different levels of personal data protection are regulated by standard contractual manager-to-subcontractor clauses defined by the European Commission. Data flows to the United States are made to entities that belong to Privacy Shield.
- HOW WE SECURE YOUR INFORMATION
Sopwell House takes data security seriously, and we use appropriate technologies and procedures to protect personal information. Our information security policies and procedures are aligned with widely accepted international standards; we apply the controls detailed in the Payment Card Industry Data Security Standard to all environments storing personal data. These standards are applied and are reviewed regularly and updated as necessary to meet our business needs, changes in technology, and regulatory requirements.
Policies and procedures
- We have measures in place to protect against accidental loss and unauthorized access, use, destruction, or disclosure of data
- We have a Business Continuity and Disaster Recovery strategy that is designed to safeguard the continuity of our service to our guests and to protect our people and assets
- We place appropriate restrictions on access to personal information
- We implement appropriate measures and controls, including monitoring and physical measures, to store and transfer data securely
- We conduct Privacy Impact Assessments in accordance with legal requirements and our business policies
Training for employees and contractors
- We require privacy, information security, and other applicable training on a regular basis for our employees and contractors who have access to personal information and other sensitive data
- We take steps to ensure that our employees and contractors operate in accordance with our information security policies and procedures and any applicable contractual conditions
Vendor risk management
- We require, through the use of contracts and security reviews, our third-party vendors and providers to protect any personal information with which they are entrusted in accordance with our security policies and procedures
We would like to send you information about products and services of ours and other companies in our group which may be of interest to you. If you have consented to receive marketing, you may opt out at a later date. You have a right at any time to stop us from contacting you for marketing purposes or giving your information to other members of the
AB Hotels Group. If you no longer wish to be contacted for marketing purposes, please email email@example.com or click the unsubscribe link at the footer of any of our marketing emails.
- (1) Site functionality cookies – these cookies allow you to navigate the site and use our features.
- (2) Site analytics cookies – these cookies allow us to measure and analyse how our customers use the site, to improve both its functionality and your shopping experience.
- (3) Customer preference cookies – when you are browsing, these cookies will remember your preferences (like your language or location), so we can make your experience as seamless as possible and more personal to you.
- (4) Targeting or advertising cookies – these cookies are used to deliver ads relevant to you. They also limit the number of times that you see an ad and help us measure the effectiveness of our marketing campaigns.
By using our site, you agree to us placing these sorts of cookies on your device and accessing them when you visit the site in the future. If you want to delete any cookies that are already on your computer, the “help” section in your browser should provide instructions on how to locate the file or directory that stores cookies. Further information about cookies can be found at https://ico.org.uk/for-organisations/guide-to-pecr/cookies-and-similar-technologies/. Please note that by deleting or disabling future cookies, your user experience may be affected and you might not be able to take advantage of certain functions of our site.
- STORAGE OF DATA
We’ll hold on to your information for as long as you have a booking with us, and for as long as is necessary to provide support-related reporting, or accounting purposes.
We’ll also hold on to your information if reasonably necessary or required to meet legal or regulatory requirements, resolve disputes, prevent fraud and abuse, or enforce our terms and conditions, we may also keep hold of some of your information as required, even if it is no longer needed to provide the services to you.
- ACCESS AND MODIFICATION
You have the right to access your personal data collected by Sopwell House and to modify it subject to applicable legal provisions.
You may also exercise your right to object by writing to the address below.
If you have any questions, would like to request access, deletion or changes be made to your information please contact the General Manager directly by sending an email to firstname.lastname@example.org or by writing to the address below:
St Albans, Herts
For the purposes of confidentiality and personal data protection, we will need to identify you in order to respond to your request.
If your personal data is inaccurate, incomplete or not up to date, please send the appropriate amendments to the above details.
All requests will receive a response as swiftly as possible and in accordance with applicable law. Substantial access requests may incur an administration charge.
- UPDATES AND CHANGES TO OUR HOW PROTECT YOUR PRIVACY
We may modify this policy from time to time. Consequently, we recommend that you consult it regularly, particularly when making a reservation at Sopwell House.
- QUESTIONS AND CONTACTS