K&S Mir – Place Hotels Ltd, 5 Queen Charlotte Street, Edinburgh, Scotland, EH6 7HT (“we”, “our”, “us”) are committed to protecting and respecting your privacy and confidentiality.
This policy sets out the basis on which any personal data we collect from you, or that you provide to us, which will be processed by us via The Place Hotel website (https://yorkplace-edinburgh.co.uk) our “website”. Please read the following carefully to understand our views and practices regarding your personal data and how we will treat it.
For the purpose of the Data Protection Act 1998 (DPA) up to and including 24 May 2018 and the EU General Data Protection Regulation 2016/679 (GDPR) thereafter (the Data Protection Legislation), we are the data controller, the company who is responsible for, and controls the processing of, your personal data. All enquiries regarding the collection of your data should be addressed to:
The Data Controller, K&S Mir – Place Hotels Ltd, 45 Queen Charlotte Street, Edinburgh, Scotland, EH6 7HT
We do not share, sell or disclose to a third party, any information collected through our website or during the course of doing business.
Personal information we collect
We collect personal data on our website only if it is directly provided to us by you when you visit our website and share your personal information with your consent when you contact us or use the following services on our website:
- Complete a contact form
- Contact us by email or telephone
- Make a reservation with us
- Via social networks i.e. facebook, Twitter, Google plus
- Submit a review, comments
- Submit a job application
Personal Information includes:
- Email address
- Contact telephone number
- Payment card information (only when you make a reservation)
We also use statistical tools that monitor details of your visits to our website and the resources that you access, including, but not limited to, traffic, location information and other communication data. This data will not identify you personally.
How we use your information
We may hold and process personal data that you provide to us in accordance with the DPA and GDPR. The information that we collect and store relating to you is used for us to provide you with our services, and to meet our contractual commitments to you. In addition, we may use the information for the following purposes:
- Process your reservation
- Manage your account
- Provide you with the services you have requested through the Website
- Respond to complaints or account enquiries
- To respond to requests for information submitted by you on the website.
- For research purposes and to improve the services we offer.
- In order to protect Our contractual and other rights. For example, we may pass your details onto a third party should We believe that you have used another person’s credit card fraudulently.
- To notify you about any changes to our website, such as improvements or service/product changes, that may affect our service
- If you are an existing customer, we may contact you with information about goods and services similar to those that were the subject of a previous sale to you.
We collect the data you have given to us in order to reply with the information you need. We record your request and our reply in order to increase the efficiency of our business as when you send us a message by e-mail to which you would expect us to reply. We keep personal information associated with your message, such as your name and email address so we can track our communications with you to provide a high level of customer service.
Information we may disclose
We may disclose your information to regulatory bodies to enable us to comply with the law and to assist fraud protection and minimise credit risk.
If you do not want us to use your data for our use, you will have the opportunity to withhold your consent to this when you provide your details to us on the form on which we collect your data, or you can do so by writing to us at the address detailed in at the top of this page or by sending us an email to:
firstname.lastname@example.org or in writing to the address above at any time.
Where we store your data
We will not sell your information or share it with third parties for marketing purposes.
We are committed to protecting your personal details and information when you register with us. Unless otherwise stated by yourself, you give us permission to share your details with carefully chosen third parties, and companies who are involved in:
- Services offered to you through our website, the personal data that you provide to us may be transferred to and stored with our third party hosting company with servers located within the European Economic Area (“EEA”).
- Analytics and search engine providers that assist us in the improvement and optimisation of our website
You have the right to opt out of processing your personal data for marketing purposes by contacting us by email email@example.com or in writing to the address above at any time.
Security of your personal data
We will take reasonable technical and organisation precautions to prevent the loss, misuse or alteration of your personal information in compliance with current DPA & GDPR regulations. We will store all personal information you provide to us on secure (password- and firewall- protected) servers. We will establish that all data processors are compliant with DPA & GDPR Regulations.
Our website has a security certificate so your data is protected. Having an SSL certificate shows we have a trustworthy online presence. For example, we may disclose your data to a credit card company to validate your credit card details and obtain payment when you make a reservation or purchase.
We may be obliged to disclose personal data to a third party if we have a legal or regulatory obligation to do so, for example to comply with a court order, or meet obligations in accordance with applicable law.
Of course, data transmission over the internet is inherently insecure, and we cannot guarantee the security of data sent over the internet.
Third party links
You may find links to third party websites on our website such as social media links Facebook, Twitter, Google +, TripAdvisor. These websites have their own privacy policies. We have no control over their policies and we do not accept any responsibility or liability for their policies whatsoever.
How long we keep your information
To make sure we meet our legal data protection and privacy obligations, we only hold on to your information for as long as we actually need it for the purposes we acquired it for in the first place.
In most cases, this means we will keep your information for as long as you continue to use our services and are deemed a client, and for a reasonable period of time afterwards if you stop doing so, to see if we can persuade you to come back to us.
After that we will delete it other than where we lawfully can keep any data for audit or legal reasons.
We shall keep your personal information on our database for not longer than 1 year from receipt, subject to an individual’s right to unsubscribe or exercise your right to be forgotten at any time.
The DPA and GDPR give you the right to access information held about you by us. Please write to us or contact us by email if you wish to request confirmation of what personal information we hold relating to you. You can write to us at the address detailed at the bottom of this page or by email firstname.lastname@example.org. There is no charge for this request. We will provide this information within one month of you requesting the data.
Changes to this policy
We may update these policies to reflect changes to the website and customer feedback. Please regularly review these policies to be informed of how we are protecting your personal data.
You can find out more about your rights from the Information Commissioner, who regulates data protection and privacy. The Information Commissioner’s website is https://ico.org.uk/.
Last Update May 2018