By accessing the website or providing information, you agree to our privacy practices as set out in this privacy statement. We may change this policy from time to time. You should check this policy frequently to ensure you are aware of the most recent version.
If you have any questions regarding this policy or about our privacy practices, please contact us at the relevant address set out below in the ‘Contact Us’ section.
Our site is owned and operated by Barony Castle LLP, a limited liability partnership registered in Scotland under company number SO303918, whose registered address is Barony Castle, Eddleston, Peebles, EH45 8QW.
Our Data Protection Officer is Richard Spanner, and can be contacted by e-mail at firstname.lastname@example.org; by telephone on 01721 730 395, or by post at Barony Castle, Eddleston, Peebles, EH45 8QW.
Barony Castle LLP is registered with the Information Commissioner’s Office under registration reference ZA198976.
Personal data is information that can be used to uniquely identify or contact a single person. We will collect and process information about users of our website and hotel guests, in order to provide our services. Therefore, we may process any information, including personal data, that our hotel guests provide to the hotel or to any online travel agency relating to the hotel guests’ arrangements.
Personal data processed by us may include, but is not limited to: name, address, e-mail address, phone number and credit card information, date of birth, records of our interactions and travel information.
We will hold your personal data on our systems for as long as is necessary for the relevant activity, or as long as is set out in any relevant contract you hold with us. We review our retention periods for personal data on a regular basis. We are legally required to hold some types of information to fulfil our statutory obligations.
Reasons/purposes for processing information
We process personal information to enable us to provide all our services as a hotel; promote and advertise our business, maintain our own accounts and records; support and manage our employees; the use of CCTV systems for crime prevention.
We process information relevant to the above reasons/purposes. This may include:
lifestyle and social circumstances
education and employment details
goods and services
We also process sensitive classes of information that may include:
racial or ethnic origin
religious or other beliefs
trade union membership
physical or mental health details
offences and suspected offences
criminal proceedings, sentences and outcomes
visual images; personal appearance and behaviour
Who the information is processed about
We process personal information about:
consultants and professional advisers
offenders and suspected offenders
individuals captured by CCTV images
We collect personal data from and about users of our website and our hotel guests through the provision of our services.
Information you give us
This is information about you that you give us directly through our website or by corresponding with us by phone, e-mail or otherwise. It includes information you provide when you register to use our website or services, when you report a problem and when you provide us with details relating to the nature of any query or problem.
Details you provide relating to your proposed travel arrangements, including relevant hotel bookings and related information.
Information we collect about you
When you visit our website we will automatically collect:
standard internet log information and details of visitor behaviour patterns using a third party service, Google Analytics. We do this to find out things such as the number of visitors to the various parts of the site. This information is only processed in a way which does not identify anyone.
We use information held about you in order to administer any contracts between you and us and for the legitimate interests of our business
Information you give to us
We will use this information:
to provide you with information, products or services that you request from us;
to carry out our obligations under any contracts entered into between you and us and to provide you with the information, products and services that you request from us;
to provide you with information about other goods and services we offer that are similar to those that you have already purchased or enquired about;
to provide you with information about goods or services we feel may interest you. If you change your mind and decide that you do not want us to use your data in this way, please use the unsubscribe option when we contact you;
to notify you about changes to our service;
to ensure that content from our website is presented in the most effective manner for you and for your computer.
Information we collect about you
We will use this information:
to administer our website and for internal operations, including troubleshooting, data analysis, testing, research, statistical and survey purposes;
to improve our website to ensure that content is presented in the most effective manner for you and for your computer or other device;
to allow you to participate in interactive features of our service, when you choose to do so;
as part of our efforts to keep our website safe and secure;
to measure or understand the effectiveness of advertising we serve to you and others, and to deliver relevant advertising to you;
to make suggestions and recommendations to you and other users of our website about goods or services that may interest you or them.
Information we receive from other sources
We will combine this information with information you give to us and information we collect about you. We will use this information and the combined information for the purposes set out above (depending on the types of information we receive) and to facilitate the hotel booking and related services of hotel guests.
We may aggregate your data into an anonymised form to help us provide more useful information to our customers and to understand which parts of the website are of most interest to visitors.
Where necessary or required we share information with:
customers and clients
family, associates and representatives of the person whose personal data we are processing
current, past and prospective employers
educators and examining bodies
employment and recruitment agencies
credit reference agencies
debt collection and tracing agencies
other companies in the same group
police forces and security organisations
It may sometimes be necessary to transfer personal information overseas. When this is needed information is only shared within the European Economic Area (EEA).
Any transfers made will be in full compliance with all aspects of the data protection act.
You have the right to ask us not to process, or to stop processing, your personal data for marketing purposes. We will usually inform you (before collecting your data) if we intend to use your data for such purposes or if we intend to disclose your information to any third party for such purposes. You can exercise your right to prevent such processing by checking certain boxes on the forms we use to collect your data. You can also exercise the right at any time by contacting us on the details set out below in the ‘Contact Us’ section.
Our website may, from time to time, contain links to and from the websites of our partner networks, advertisers and affiliates. If you follow a link to any of these websites, please note that these websites have their own privacy policies and that we do not accept any responsibility or liability for these policies. Please check these policies before you submit any personal data to these websites.
You have the right to access the personal information that we hold about you in many circumstances. This is called a subject access request. If we agree that we are obliged to provide personal information to you (or someone else on your behalf), we will provide it to you or them free of charge except in exceptional circumstances.
Before providing personal information to you or another person on your behalf, we may ask for proof of identity and sufficient information about your interactions with us so that we can locate your personal information.
We strive to maintain accurate, complete, and relevant personal information for the purposes identified in this privacy statement. If any of the personal information we hold about you is inaccurate or out of date, you may ask us to correct it.
You have the right to object to us processing your personal information if we are not entitled to use it any more or to have your information deleted or have its processing restricted in certain circumstances. You also have the right to port your personal data in certain circumstances.
If you would like to exercise any of these rights, please contact us using the details set out below in the ‘Contact Us’ section.
You also have the right to lodge a complaint with the supervisory data protection body that regulates us if you have concerns about how we use your personal information.
We have implemented reasonable measures designed to secure your personal information from accidental loss and from unauthorized access, use, alteration and disclosure.
physical security and access to all premises;
all access to computer hardware is password protected, with encryption and default security firewalls in place;
staff access to personal information is given on a need to know basis only. Tight controls, consistent with the Payment Card Industry standard (audited annually), are maintained in relation to the use, storage and processing of PII credit card data;
Regular training of staff in relation to storage; and
Otherwise in accordance with Barony Castle’s Data Protection Policy.
The safety and security of your information also depends on you. Any content, including personal information, that you contribute to be shared, published or transmitted to other users of the website, is visible to other users and can be read, collected, or used by them. We urge you to be careful about giving out information in public areas of any of the website. You understand and acknowledge that, even after removal, copies of your content, including personal information, that you contribute to be shared, published or displayed on a website, or transmitted to other users of a website, may remain viewable in cached and archived pages. Although we take efforts to protect your personal information, we cannot guarantee the security of your personal information transmitted to a website. Any transmission of personal information is at your own risk.
The website may use “cookies” and other technologies such as pixel tags and web beacons. These technologies help us to improve and to deliver a better and more personalized service by enabling us to:
Estimate our audience size and usage patterns;
Store information about your preferences, allowing us to better customize the services according to your individual interests;
Speed up your searches;
Recognize you when you return to the website; and
Deliver targeted advertising based on products or content you have shown an interest in.
You may refuse to accept cookies by activating the appropriate settings on your browser. Check with your provider to find out how to disable cookies. Please note that certain features of the website may not be available if cookies are disabled.
If you have any questions regarding this policy or about our privacy practices please contact us by email at email@example.com; by telephone on 01721 730 395, or by post at Barony Castle, Eddleston, Peebles, EH45 8QW.