Coastal Retreats Ltd (‘Coastal Retreats’) takes the issue of safeguarding your privacy seriously. This policy describes what information we collect from you and how that is handled by us to better serve the needs of our guests and owners.
1.Who we are
1.1 We (or ‘us’) means Coastal Retreats Limited, a registered limited company (number 06435257) whose registered address is 5-10 Causey Street, Newcastle upon Tyne, NE3 4DJ.
1.2 We are registered with the Information Commissioner’s Office as a data controller under number ZA338620.
1.3 By contacting us, using our services or visiting our website, you are accepting and consenting to the practices described in this policy unless you inform us otherwise.
2.What is Personal Information?
The term ‘Personal Information’ refers to information about you as an individual, such as your name, address, age, gender, image and credit card information.
3.What Personal Information we collect
3.1 To provide superior customer service to our guests and owners
Your Personal Information is collected to assist us in making your booking and provide the services you request at any of our properties, to ensure we meet your needs while you are staying with us and/or to allow us to contact you in relation to matters that arise from your stay with us.
Our goal is to provide you with superior customer service, whether you stay with us once, or many times. By keeping certain stay related Personal Information on file, such as guest history, guests and owners have the ability to confirm prior visits, access feedback pertaining to a stay to better facilitate a future booking and reconcile statements or invoices.
We only share this information with a third party as a means of processing your booking. For example, with our housekeeping and maintenance teams, and owners, where owners manage the property themselves. These companies/people are under contract with Coastal Retreats and are contractually required to protect all Personal Information to which they have access.
3.2 To keep our guests and owners informed
We may use the Personal Information you provide to send you newsletters regarding our properties and to advise you of promotions or to inform you of offers or other information that may be of interest to you. We will only send you a newsletter if you have consented to this via our online newsletter sign up. We never share this information with a third party for marketing purposes. If you do not wish to receive information from Coastal Retreats, you may unsubscribe from our newsletter via the link on our email newsletters or email us at firstname.lastname@example.org
3.3 For feedback
We contact guests following their stay to ask for valuable feedback on their holiday. Guests can also submit a holiday evaluation via our website at https://www.coastalretreats.co.uk/holiday-evaluation/ Any information submitted to us in this way is confidential and is only used as a means of improving the holiday experience or property. We may also conduct surveys with owners to receive your views of our service delivery or marketing materials such as our brochure.
4. How is Personal Information collected?
4.1 On our website
Our data retention period for this type of data held with Google Analytics is 38 months.
If you do not wish to accept cookies on your PC, you can disable them by adjusting the settings on your browser. However, this will affect the way our website works for you and the bookings system will not work function properly.
4.1b Technical information
Our website logs the Internet Protocol (IP) address used to connect your computer to the internet.
4.1c When making an online booking
You can search for prices and availability at our Retreats without providing any Personal Information.
When the form is complete, your credit card number will be verified using a checking sequence, and once this is confirmed we authorise payment for the amount shown on your order form. Once your transaction is confirmed you will see a ‘Thank You’ screen, and an email confirmation will be sent within a few moments. Again, due to the personal nature of the information you provide when making a purchase through our website, the form is secure, such that your credit card number is protected with encryption technology. Purchasing transactions are assisted by third party processor Sage Pay Europe Ltd who is required by contract with us to protect the privacy of your Personal Information.
We follow PCI DSS guidelines, and our servers are regularly scanned in accordance with their requirements to ensure compliance. Our website uses SSL technology which allows secure connections from a web server to a browser. This secure connection is evident from the padlock icon in the status bar of your web browser.
We retain a log file of transactions at our website, excluding your credit card information, connected to your ID number/name. We will then use that information to assist in any enquiries about your transaction.
4.2 When making a booking via the Coastal Retreats team
Bookings can also be made by calling our office. When you make a booking we may ask you for Personal Information such as your name, address, telephone number and method of payment. We may also obtain from you any bed configurations or special requests. Personal Information obtained in this way is held in a secure cabinet and inputted into our online password-protected booking system. The hard copy of the information is destroyed once your booking has lapsed. Confirmation of your booking will be provided to you, by email.
4.3 During your stay at a Retreat
Information particular to your stay may be stored (i.e health issues, special requests, service issues). This stay specific information is stored in our booking system and is combined with information from previous visits that you have made.
In addition, we may retain the content of any document (including letters, evaluation forms, electronic documents such as emails and other similar forms of communication) that you send us before, during or following your stay. This information may be shared with employees, contractors or owners of Coastal Retreats.
4.4 As a Coastal Retreats owner
If you have indicated on our website, in a personal mailing or otherwise that you are interested in becoming a Coastal Retreats owner, you may receive information about our services.
If you decide to join our collection, we will collect financial information from you for the purposes of making monthly payments to you for your guest bookings. Coastal Retreats will not share this information with third parties, and will keep it in a secure location.
We will also create an owner profile that is stored in a secure cabinet and inputted on our online password-protected booking system. The information recorded in your owner profile includes your name, contact information, certain account and financial information and your contract with Coastal Retreats.
Your contact details, including your name, address, email and phone number will be shared with the housekeeping team of your Retreat, any of our approved maintenance contractors who we instruct, with your consent, and with The Ocean Club, Seahouses for your leisure club membership, when and if necessary, for the purpose of invoicing for services provided.
Please see (9) for how long we retain owner information.
5.How do we store Personal Information
5.1 At Coastal Retreats main office
Personal Information is stored in a secure location, be it a filing cabinet or locked cabinet. Furthermore, we take steps to ensure that only designated individuals have access to this information.
5.2 In our online booking system
We store our guest or owner profiles on our online booking system. The stored profile information may include name, address, phone numbers and email. The guest profile may also include certain information regarding your booking preferences, or notes pertaining to previous visits. We store other transaction information in here, including the number of stays you have had at Coastal Retreats properties including the number of nights of each stay. Where you have been given a password which enables you to access certain parts of our site, you are responsible for keeping this password confidential. We ask you not to share a password with anyone.
5.3 In our marketing databases
We maintain databases of our owners and of those who sign up to our newsletter, which are used for marketing, promotional and research purposes. Guests will only receive such information if they have provided permission via the Coastal Retreats website, or in some other form. Any information sent provides a clear notice of how to discontinue receiving promotional materials.
6.What information is not secure?
We endeavour to protect the privacy of your account and other Personal Information that we hold in our records, but unfortunately, we cannot guarantee complete security. Unauthorised entry or use, hardware or software failure, and other factors, may compromise the security of user information. Also, while we endeavour to put adequate contractual protections in place we cannot guarantee the security of any Personal Information in databases hosted by third parties.
When you log in to complete or modify your account, your online interaction with us is protected from eavesdropping using encryption technology based on the SSL security certificate we use. In order to ensure your privacy and the protection of information you choose to share with us, we allow only encrypted communications from all of our web forms.
It is important to note that any email communication is not secure. This is a risk inherent in the use of email. Please be aware of this when requesting information or sending forms to us by email (for example, from the “Contact Us” section of our website). We recommend that you do not include any confidential information (i.e. credit card information) when using email. For your protection, our email responses to you will not include any confidential information.
Finally, to be prudent, please be sure to always close your browsers when you are done using a form or the check-out section of our website. Although the session will terminate after a short period of inactivity, it is best to close your browsers immediately upon completion.
Our site may contain links to and from the websites of our partner networks, advertisers and affiliates. If you follow a link to any of these websites, please note that these websites have their own privacy policies and that we do not accept any responsibility or liability for these policies.
7.What Personal Information may be provided to third parties?
We will only share Personal Information about you outside Coastal Retreats without your consent, where: (a) it is required or authorised by law); (b) it is required to provide you with services you have requested in which case you will be considered to have implied your consent; (c) if your stay has been paid for by a third party we will provide billing information to the paying party; or (d) if you have failed to pay amounts owed us.
If Coastal Retreats suspects any unlawful activity is taking place, it may investigate and/or report its findings or suspicions to the police or other relevant law enforcement agency.
8.How do I access my Personal Information?
You can access what Personal Information we hold about you at any time by accessing your online Coastal Retreats account. All your personal details are contained in your profile and you can update these at any time.
For non-guests of Coastal Retreats, you can visit our office in person or make a formal written request. We may ask for proof of your identity via a passport or driving licence. Formal requests should be addressed to:
Fiona Mckeith, Director
Coastal Retreats Ltd
5-10 Causey Street
Newcastle upon Tyne
Any access requests may be subject to a fee of up to £10 to meet our costs in providing you with details of the information we hold about you.
9.How long is my Personal Information retained?
Your Personal Information is stored on our booking system for as long as it is required for the purposes set out in this policy.
You also have the right to ask us to delete the Personal Information we hold about you following your holiday. Please be aware, if we do this we will not be able to access information about your previous stays, or offers that we have given you.
For owners of properties in our collection, we delete all personal information and any emails we have stored after six months of you leaving the collection unless you specifically ask for it to be deleted earlier.
10.Changes to this Policy
11.To whom do I direct questions or concerns regarding this policy?
You also have a right to complain to the Information Commissioner’s Office (ICO) if you have concerns over how we handle your data. For more information see its website at www.ico.org.uk
This policy is written in accordance with the Data Protection Act 1998 and was last updated in July 2019.