- Lion Hotel Criccieth Ltd are registered data controllers under the terms of the General Data Protection Regulation (GDPR). Details of our notifications to the data protection regulator may be found in the Information Commissioner’s Office Public Register of Data Controllers at ico.gov.uk we are registered under registration number ZA232047
- Our registered office address is at Lion Hotel, Y Maes, Criccieth, Gwynedd, LL52 0AA
Our Data Protection Officer is: Jordan Burnett
What information do we collect?
- The personal information we collect may include:-
- name, email address, home and/or business address, phone number;
- bank account and payment card information;
- booking history;
- transactional data including details about payments to and from you and other details of products and services you have purchased from us;
- information relating to your use of our services, such as room preferences, special requests, feedback and survey responses;
- marketing preferences.
How is our customers’ personal data collected?
- We will collect this data from you when you provide it to us by phone, email, post, through our website or in person.
Legal basis for processing our customers’ information
We will only use your personal information as the law permits. By law we are required to tell you the legal bases upon which we rely in processing your personal information. The legal bases we principally rely upon are these:-
- it is necessary for the performance of a contract between us for the provision of services or in order to take steps at your request prior to entering into such a contract; and/or;
- it is necessary for the purposes of the legitimate interests of pursuing and developing our business, where such interests are not overridden by your rights or interests.
Occasionally we may also rely upon the following legal bases for processing:-
(i) you have given your consent to the processing; and/or
(ii) it is necessary for us to comply with a legal obligation on us; and/or
(iii) it is necessary to protect your vital interests or those of another individual.
Where we rely on consent to process your personal information, you may withdraw that consent at any time by contacting us via email firstname.lastname@example.org
What do we use your information for?
We may use your information for the following purposes:
- to fulfil your bookings and/or to provide services or facilities you request from us;
- to collect payment from you
- to administer and manage our relationship with you, which may include asking you to complete surveys or feedback forms;
- where you have made a reservation with us, to send you information before your visit to confirm the reservation and to provide you with other information relating to your reservation which we think you may find of interest;
- to allow us to analyse your personal preferences and personalise our services to you;
- to store your data to pre-populate fields to make it easier for you to provide information when you return to our sites;
- to send you marketing and promotional material where we think this may be of interest to you (unless you have objected to receiving this by contacting us using the contact details set out under “HOW TO CONTACT US” below or by emailing email@example.com
- in pursuit of our legitimate interests, to record CCTV footage to ensure the safety and security of our premises, staff and customers;
- where required by law;
- where necessary to protect your health or well-being or that of another individual.
The provision of certain personal information is mandatory if you are to use our services. If you fail to provide such data we shall be unable to provide our services.
Who do we share your information with?
- As part of using our services, you consent to us sharing your personal information with the following parties:
- our agents, other service providers and third party partners, who process and store data on our behalf;
- professional advisors;
- law enforcement agencies;
- We may also share your personal information with third parties:in the event that we, our business, or substantially all of its assets are acquired by a third party (in which case personal information about customers will be one of the transferred assets);
- if we are under a duty to disclose or share your personal data in order to comply with any legal obligation, or in order to enforce or apply any contract with you; or to protect our rights, property, or safety of our employees, customers, or others. This includes exchanging information with other companies and organisations for the purposes of fraud protection and credit risk reduction.
- We may transfer your personal data outside of the European Economic Area (EEA). We shall ensure that any such transfers are lawful and that your information is kept secure in accordance with the GDPR.
How long do we store your personal data for?
- We only store your personal information for as long as necessary for the purposes listed in paragraph
What are your rights?
- Access to your personal data: You may request access to a copy of your personal data.
- Right to withdraw: Where you have given your consent for us to use your personal data, you may withdraw your consent at any time. Please contact us using the details located at section 13 of this policy if you would like to withdraw your consent and we will delete your data in line with your right to erasure at 7.4 below.
- Rectification: You may ask us to rectify inaccurate information held about you. If you would like to update the data we hold about you, please contact us using the details below and provide the updated information.
- Erasure: You may ask us to delete your personal data. If you would like us to delete the personal data we hold about you, please contact us using the details below, specifying why you would like us to delete your personal data.
- Portability: You may ask us to provide you with the personal information that we hold about you in a structured, commonly used, machine readable form, or ask for us to send such personal data to another data controller.
- Make a complaint: You may make a complaint about our data processing activities to a supervisory authority, for the UK this is the Information Commissioner’s Office, at https://ico.org.uk/.
- You are advised that if you do not consent to the use and saving of cookies from this website on to your computer hard drive then you should take necessary steps within your web browser security settings to block all cookies from this website and its external serving vendors.
- Other cookies may be stored on your computer hard drive by external vendors when this website uses referral programs, sponsored links or adverts. Such cookies are used for conversion and referral tracking and typically expire after 30 days, though some may take longer. It should be noted that no personal information is stored, saved or collected.
Security and Data Storage
We will treat all of your information in strict confidence and we will endeavour to take all reasonable steps to keep your personal information secure once it has been transferred to our systems. We adopt appropriate data collection, storage and processing practices and security measures to protect against unauthorised access, alteration, disclosure or destruction of your personal information, and data stored on the website and associated database.
Please note that the internet is not a secure medium and we cannot guarantee the security of any data you disclose online. You accept the inherent security risks of providing information and dealing online over the Internet and will not hold us liable for any data breach.
How to Contact us
- Lion Hotel, Y Maes, Criccieth, Gwynedd, LL52 0AA
- 01766 522460