Privacy Notice under the General Data Protection Regulation (GDPR)

About this Notice

We are Rachel Stott and Christopher Stott and we are the “Data Controller” for data protection purposes. This Notice sets out the data protection principles we follow (our “Privacy Policy”) and covers our dealings with guests to our holiday properties.  Please note that our guests must be over the age of 18 and so we do not collect personal information from children.

We will update our Privacy Policy as data protection law or business practice changes. This version of the policy is effective from 8 May 2018.

Your rights

We generally use your data based on a contract between us (i.e. when you book a holiday in one of our holiday properties).  Or it may be on the basis of your consent for specific purposes.  You have the right to withdraw your consent.  If you withdraw your consent, we will stop processing your data as requested.  But bear in mind if you have booked a holiday property and you have not yet stayed, we’ll still need to hold onto your data so we can process the booking.  That’s because the contract between us is the basis for using your data (rather than consent). For more information, see the “Legal basis of processing” section below.

You have the right to receive a copy of your personal data. You also have the right to request that we correct or remove your data, when there remains no legal basis for keeping it.  You will need to contact us by email or post, to exercise these rights.

Personal information we collect

In order to provide you with accommodation at one of our holiday properties, we may collect some or all of the following information:

Identification: name, title, age/age range, gender.
Contact details: postal addresses, phone numbers, email addresses.
Bookings: property booked, holiday start/end dates, cost of holiday, amounts paid, limited details of other people booked on the same holiday (names, gender, age range), pets.
Payment or refund: method, bank details.
Holiday experience: any feedback you leave.
Communication:  emails, letters, notes of telephone calls.

How we use your personal information

We use your personal information to:

• Manage your holiday booking/letting
• Understand how to improve our services
• Detect and prevent fraud or abuse of our services
• Communicate with you, including for example, responding to your emails, letters, phone messages, messages on social media and so on
• Process your payments
• Make sure our servers and websites are operating correctly

How we collect personal information

We receive personal information from:

• You, as you provide it to us (e.g. when booking a property, leaving a review or enquiring about renting a property)
• Your use of our website (see below)
• Third party holiday providers you may book with, who advertise our properties

Legal basis of processing

There are several grounds on which we will store and use your data, as follows:

Consent:  for certain types of processing we rely on your consent to use your data.  You may withdraw your consent at any time.
Contract:  much of the time, our use of your data will be because of the contract between us – that is, in relation to your holiday booking.  We will usually retain relevant data for up to seven years from the date the contract completes – i.e. the last day of your holiday.
Legal obligations:  we are under certain binding legal obligations, such as accounting to the government for tax and making financial records available for audit.  In such cases, we are typically obliged to retain data for up to seven years from the date of the transaction.
Legitimate interests: we use data to manage our property letting operation.

How we share your personal information

We give some of your contact information to our housekeepers, so they can get in touch about key collection or in the event of problem arising with the property.

Security of your data

We protect your data with various technological measures.  Data saved electronically on computer is protected by industry standard firewall and password protection.

Website
This website stores very limited information about our site visitors. However we do use some external services which may store data about you. We list what we store and the external services we use below.
• We have a contact us form which allows you to send us a message/enquiry. The details you fill in are passed to us by email but not stored on the website. We will retain the emails sent to us this way and may use your contact details to respond to you about your enquiry.
• We have a guestbook which allows you to post a public message to us. If you fill in the name and optional email address boxes your details will be stored on the website and shown publicly so that we, and other website visitors can respond to you by email if they wish.
• This website collects visitor information through Google Analytics. This information is anonymised and should not personally identify you. You can view Google's privacy policy here.
If you have any queries about our use of your data please use the contact details you can find on the website. If this does not help you can contact the website hosting service at info@spanglefish.com.

14 May 2018

sitemap | cookie policy | privacy policy | accessibility statement