PEARTREE BRIDGE LODGE LIMITED needs to gather and use certain information about individuals (the data subject). These can include guests/customers, suppliers, business contacts, and other people the organisation has a relationship with. We believe it is important to protect the personal data of our guests/customers and are committed to this. This policy explains how we may collect and process your personal data. As the data controller, PEARTREE BRIDGE LODGE LIMITED is committed to adhering to the Data Protection Act 1998 and the General Data Protection Regulations.
- Complies with data protection law and good practices
- Protects your rights and keeps your data secure
- Is open about how your data is stored and processed
- Protects against data breaches
Collecting and Processing Information
PEARTREE BRIDGE LODGE LIMITED is the data controller and collects the following information from the data subject (guests/customers).
- Email address (on occasion)
- Contact number
- Credit or Debit card number
- CVV number
- Car registration number (if applicable)
- CCTV images
- Photo ID (on occasion)
We may collect personal data from you under any of the following circumstances:
- When you place a booking directly with PEARTREE BRIDGE LODGE LIMITED through either the telephone, via our website, face to face at the hotel, or via a third-party broker (booking agent). Your personal data is entered either manually or automatically via the booking agent, and stored using a secure computerised booking system called RMS. Their policy for data protection can be found here (https://help.rmscloud.com/rms-privacy-policy).
- RMS are also our Channel Manager and are ‘The Data Processor’, handling all our guest’s data. RMS stores data outside the EU or EEA for both processing purposes and also backup and disaster recovery purposes.
- When your booking is made through a third-party broker, we use a number of booking agents listed below, but this list is not exhaustive:
Click on each agent to see their Privacy Policies:
- EXPEDIA GROUP (Expedia, Hotels.com, Egencia, Trivago etc)
- Payment is taken via WORLDPAY and SAGEPAY. The Privacy Policies for each agent are detailed below:
- For bookings made through a third-party broker (booking agent) PEARTREE BRIDGE LODGE LIMITED receives the guests credit/debit card mandate from the booking agent direct to RMS electronically and stored in a secure token, or in printed format, where a secure token with the card mandate will be created manually onto RMS. Once the token is created, the card mandate is not visible.
- For bookings made directly with PEARTREE BRIDGE LODGE LIMITED, the guest provides the credit/debit card mandate over the phone or face to face. These details are input manually into a secure token onto RMS. Once the token is created, the card mandate is not visible.
- The printed form of guests’ data and card mandate for all booking methods is stored in files in a securely locked cabinet within the offices and only the relevant reservations staff will have access to this information. This will be shredded securely on the day of check-out.
- For ‘pay on arrival bookings’, a pre-authorisation on the Worldpay PDQ terminal machine at PEARTREE BRIDGE LODGE LIMITED reception will be taken off the printed card mandate for part or all of the amount of the stay to validate the credit/ debit card used to book the room. Full payment will be taken at guest check in using ‘chip and pin’ method through the Worldpay PDQ terminal.
- For other types of bookings, when the card holder is not present at the time of payment- either ‘non-refundable booking’, agent’s ‘virtual card booking’ or ‘company bookings’ – authorised payment can be taken prior to guest’s arrival using the secure RMS token or via Worldpay PDQ terminal.
- Payment can also be taken for guest’s ‘no shows’, when the guest does not arrive or ‘late cancellations’ where the guest fails to cancel their booking in time with PEARTREE BRIDGE LODGE LIMITED’S ‘cancellation policy’. These payments can be taken at any time via RMS token or using the Worldpay PDQ terminal.
- Payment can also be taken via the RMS token or via the Worldpay PDQ Terminal at any time for any guests’ damages to PEARTREE BRIDGE LODGE LIMTED property or smoking charges by the guest during or after their stay. These terms and conditions are set out in our Guest Registration forms that the guest signs at check in.
- For bookings made directly with PEARTREE BRIDGE LODGE LIMITED via the website, payment details are not captured at the time of booking and returns are made via SAGEPAY and then sent to Worldpay.
We will not collect any unnecessary data or ‘special categories of personal data’, such as health records or criminal records.
Any personal data provided by the data subject must be accurate and the data subject will have full right to view the personal data provided.
Using Your Personal Information
The personal data held by PEARTREE BRIDGE LODGE LIMITED of our customers is necessary for the operation of our business. Personal data will be used for the following purposes and shall be kept for a period of 2 years to fulfil these purposes:
- To help identify individuals when they contact us.
- To carry out customer bookings without asking for the details every time they contact us.
- To contact guests/customers directly to discuss their bookings.
- To conduct internal reviews and research into sales.
- To perform credit checks on organisations and individuals.
- To identify any individuals who have breached our ‘terms and conditions’ with improper conduct, so that we may refuse their booking.
PEARTREE BRIDGE LODGE LIMITED will never share your personal details with any third party without prior agreeing this action with you.
In accordance with Data Protection Laws, we adopt security measures to protect all personal data held by PEARTREE BRIDGE LODGE LIMITED. Appropriate technical and organisational measures shall be taken against unauthorised or unlawful processing of personal data and against accidental loss or destruction of data.
We will only gather the information necessary for processing your booking as a customer. If the data given or obtained is excessive for such purpose, they will be immediately deleted or destroyed.
The Rights of the Individual
All individuals that PEARTREE BRIDGE LODGE LIMITED hold data on have the right to:
- Ask PEARTREE BRIDGE LODGE LIMITED what information they hold about them and why.
- Gain access to their data.
- Prevent the processing of their data for the purpose of direct marketing.
- Not have their data shared with any third party that hasn’t been prior agreed with and outlined to the individual.
- The removal and correction of any inaccurate data about them.
In certain circumstances PEARTREE BRIDGE LODGE LIMITED might be required to disclose data to law enforcement agencies without the consent of the data subject. Under these circumstances, PEARTREE BRIDGE LODGE LIMITED will disclose requested data, however we will ensure the request is legitimate and seek legal advice where necessary.
If you require your details to be updated please contact email@example.com we will contact you further to amend the details that we hold. All amendments will be made within 48 hours of receipt of the details and any only details will be deleted or destroyed.
Reporting a breach of personal information
PEARTREE BRIDGE LODGE LIMITED has a policy to ensure they are compliant with the GDPR policy guidelines which you can request by emailing the Data Compliance Officer (firstname.lastname@example.org).
The GDPR policy guidelines will outline the process PEARTREE BRIDGE LODGE LIMITED will take to report a breach. If you wish to report a breach of your personal information, please read the guidance from the ICO https://ico.org.uk/for-organisations/report-a-breach/