Eddington Lodge is committed to complying with the General Data Protection Regulation and the Data Protection Act 1998. We understand that it is important to keep your personal information safe and secure and we want to explain how we collect information from you and what we do with it.
When you book a holiday with Eddington Lodge we collect the following information:
- Email address
- Contact numbers
- Number of adults and children booking the holiday
- Where you heard about us
You provide your payment information to the Sage online payment platform, this is not collected by us and we do not ever see this information unless you choose to pay over the phone. Should you choose to pay over the phone, we simply enter the information in for you and do not retain it.
What we do with your information
We use your name, address, email address and contact numbers to book your holiday with us, provide confirmation of your holiday and send any communication relating to your stay with us.
Should you wish to receive communications from us regarding future holidays, deals and other information you will be provided with a tick box where you can opt in to our mailing list. This is not necessary for receiving communications regarding your stay with us and you can choose to unsubscribe at any time simply by emailing ‘firstname.lastname@example.org.’
We do not share your information with anyone else.
How long we keep your information
We will retain your information until we no longer have a legitimate business reason to do so. Your information will be deleted from our systems after 7 years of no transactions with us unless you opt in to our mailing list or newsletter.
We keep your information for three reasons:
- To recognise repeat bookings and welcome returning guests
- To share marketing information and deals with you should you ‘opt in’
- To see trends of occupancy from year to year (statistical usage)
You are entitled to request the following information from us:
- Right of access - to request access to your personal information and information about how we process it
- Right to rectification - to have your personal information corrected if it is incorrect and to have incomplete personal information completed
- Right to erasure - to have your personal information erased
- Right to restriction of processing - to restrict processing of your personal information
- Right to data portability - to electronically move, copy or transfer your personal information in a standard form
- Right to object - to object to processing of your personal information
- Rights with regards to automated individual decision making, including profiling - rights relating to automated decision making, including profiling
If you have any general questions about your rights or want to exercise your rights please contact us at email@example.com
You have the right to lodge a complaint with a data protection regulator in Europe, in particular in a country you work or live or where your legal rights have been infringed. The contact details for the Information Commissioner’s Office (ICO), the data protection regulator in the UK, are available on the ICO website www.ico.org.uk where your personal information has or is being used in a way that you believe does not comply with data, however, we encourage you to contact us before making any complaint and we will seek to resolve any issues or concerns you may have.