Privacy Policy
DATA PRIVACY STATEMENT
1. To ensure GDPR compliance The Windsor Hotel will:
• only act upon written instructions of our clients (normally the data controllers)
• be subject to a duty of confidence, and ensure the same of all relevant staff members
• ensure the appropriate measures are taken to ensure the security of the processing
• only engage a sub-processor on written consent of the data controller
• assist the data controller in providing subject access and allowing data subjects to exercise their rights under the GDPR
• assist the data controller in meeting its GDPR obligations in relation to the security of processing, the notification of personal data breaches and data protection impact assessments
• ensure to delete or return all personal data to the controller as requested at the end of any relevant contracts
• submit to audits and inspections, provide the controller with whatever information it needs to ensure that they are both meeting their Article 28 obligations, and tell the controller immediately if it is asked to do something infringing the GDPR or other data protection law of the EU or a member state
• train our staff to comply with these regulations
2. Our Direct Responsibilities under GDPR are to:
• only act on the written instructions of the controller (Article 29);
• not use a sub-processor without the prior written authorisation of the controller (Article 28.2)
• co-operate with supervisory authorities (such as the ICO) in accordance with Article 31;
• ensure the security of its processing in accordance with Article 32;
• keep records of its processing activities in accordance with Article 30.2;
• notify any personal data breaches to the controller in accordance with Article 33;
• employ a data protection officer if required in accordance with Article 37; and
• appoint (in writing) a representative within the European Union if required in accordance with Article 27
3. Our policy for controlling data is to:
• only collect & retain information necessary to transact with our customers and prospects
• ensure that revoked consent requests are managed with 30 days of revocation
• ensure to enable right to access within 30 days of request, unless otherwise specified in writing
• train our staff to comply with the regulation
4. Subject access requests
Upon receiving a written subject access request The Windsor Hotel will:
• ensure to verify the identity of the person requesting the information
• respond in writing within 30 calendar days with the requested information
• if requested, initiate the right to erasure process or correction within 30 calendar days
5. What The Windsor Hotel will do should there be a data protection breach
Should there be a data breach, our staff are trained to inform their line manager immediately, who will in turn, inform an authorised member of personnel at the client and also inform the ICO within 72 hours.
The information provided to the client and the ICO will include;
• What has happened
• When and how we found out about the breach;
• The people that have been or may be affected by the breach;
• What we are doing as a result of the breach
The management team at Windsor Hotel are responsible for the compliance and maintenance of this policy. If you have any other questions, please do not hesitate to contact Sara Clough on 0191 251 8888.
GDPR Privacy Policy
Last updated: May 17, 2018
The Windsor Hotel ("us", "we", or "our") operates the www.windsorhotel.com website (the "Hotel"). The main focus of our privacy policy is the protection of your personal data and digital privacy.
The Windsor Hotel policies regarding the collection, use, and disclosure of personal data when you use our Hotel website and the data we collect.
This Privacy Policy describes the information that we gather on or through our hotel, how we use and disclose such information, and the steps we take to protect such information. By visiting our website, you accept the privacy practices described in this Policy.
We use your data to provide and improve our Hotel services. By using our Hotel website, you agree to the collection and use of information in accordance with this policy.
Information We Collect And Use
We collect different types of information for a variety of purposes to provide and improve our Hotel services and offerings.
Types of Data We Collect - Personal Data
While using our Hotel website, we may ask you to provide us with certain personally information that can be used to contact or identify you ("Personal Data"). Personally information may include, but is not limited to:
• Email address
• First name and last name
• Phone number
• Address, Postal code, City
• Cookies and Usage Data
Opting out from Commercial Communications
If you receive commercial emails from us, you may unsubscribe at any time by following the instructions contained within the email or by sending an email to the address provided in the “How to Contact Us” section.
Please be aware that if you opt-out of receiving email from us or otherwise modify the nature or frequency of promotional communications you receive from us, it may take up to ten (10) business days for us to process your request.
Usage Data
We also collect information how the Hotel website is accessed and used ("Usage Data"). This Usage Data may include information such as your computer's Internet Protocol address (e.g. IP address), browser type, browser version, the pages of our Hotel website that you visit, the time and date of your visit, the time spent on those pages, unique device identifiers and other diagnostic data. This data is collected by Google. For more information, see Google Analytics Privacy and Data Sharing. You may opt out from the collection of navigation information about your visit to the Site by Google Analytics by using the Google Analytics Opt-out feature.
Tracking Cookies Data
We use cookies and similar technologies to track the activity on our Hotel website and hold certain information.
Cookies are files with small amount of data which may include an anonymous unique identifier. Cookies are sent to your browser from a website and stored on your device. Tracking may also be used such as tags, and scripts to collect and track information and to improve and analyze our Hotel website.
You can instruct your browser to refuse all cookies or to indicate when a cookie is being sent.
Examples of Cookies we use:
• Session Cookies. We use Session Cookies to operate our Hotel.
• Preference Cookies. We use Preference Cookies to remember your preferences and various settings.
• Security Cookies. We use Security Cookies for security purposes.
Use of Hotel Data
The Windsor Hotel uses the collected data for various purposes:
• To provide and maintain the Hotel website
• To provide customer service
• To provide analysis or valuable information so that we can improve the Hotel website
• To monitor the usage of the Hotel website
• To detect, prevent and address technical issues
• Response to RFP’s
The Windsor Hotel does not collect financial information for payment processing.
Disclosure Of Data - Legal Requirements
The Windsor Hotel may disclose your Personal Data in the good faith belief that such action is necessary to:
• To comply with a legal obligation
• To protect and defend the rights or property of The Windsor Hotel
• To prevent or investigate possible wrongdoing in connection with the Hotel website
• To protect the personal safety of users of the Hotel website
• To protect against legal liability
To Whom We Disclose Information
We will not intentionally disclose the Personal Data or Client Data that we collect ever with any third parties.
Security Of Data
The security of your data is important to us, but remember that no method of transmission over the Internet, or method of electronic storage is 100% secure. While we strive to use commercially acceptable means to protect your Personal Data, we cannot guarantee its absolute security.
Links To Other Sites
Our Hotel may contain links to other sites that are not operated by us. If you click on a third party link, you will be directed to that third party's site. We strongly advise you to review the Privacy Policy of every site you visit.
We have no control over and assume no responsibility for the content, privacy policies or practices of any third party sites or hotels.
Children's Privacy
Our Hotel does not address anyone under the age of 18 ("Children").
We do not knowingly collect personally identifiable information from anyone under the age of 18. If you are a parent or guardian and you are aware that your Children has provided us with Personal Data, please contact us. If we become aware that we have collected Personal Data from children without verification of parental consent, we take steps to remove that information from our servers.
Changes To This Privacy Policy
We may update our Privacy Policy from time to time and suggest you check on this website for all updates. The most recent update will always be listed on the top of the page with the "effective date".
You are advised to review this Privacy Policy periodically for any changes. Changes to this Privacy Policy are effective when they are posted on this page.
How to Contact Us and Our Data Controller