Privacy policy

1. Introduction

    1.1 At Warner Leisure Hotels we are committed to protecting and respecting your privacy, whilst striving to provide the very best booking experience. We work very hard to keep your information safe and we want our services to be safe and enjoyable for everyone. We follow strict security procedures on how personal information is stored and used and who sees it to help stop any unauthorised person getting hold of it.

    1.2 This privacy policy (and any other documents referred to in it) sets out the basis on which we will process and use any personal information about our website visitors and guests that we collect from them, that they provide to us, or that we collect from third parties. Please read this privacy policy carefully to understand our practices regarding your personal information and how we will treat it.

    1.3 This privacy policy was last updated on 19 May 2018

2. Identity and Contact Details

    2.1 We have a legal duty to protect personal information that we collect under the Data Protection Act 1998, (the “DPA”) and the General Data Protection Regulation (EU) 2016/679, (the “GDPR”).

    2.2 For the purpose of the DPA and GDPR, we are the data controller and are located at One Park Lane, Hemel Hempstead, HP2 4YL. If you have any queries relating to this policy you may also contact us at privacy@warnerleisurehotels.co.uk.

3. Personal information we collect from you and how we use it

    3.1 We may collect and use various types of personal information about visitors to our websites and guests who book a holiday with us. Details of this information are set out below:

        a) When you make an enquiry, confirm a booking or join Concierge Club we will collect your name, contact information and details about the places you are interested in so that we can provide you with the information that is of interest to you. The information we collect can include the following:

  • Name
  • Date of Birth
  • Telephone contact details
  • Email address
  • Postal Address
  • Ferry booking information (when we arrange this for you) 

        b) We may collect and use certain other personal information when we correspond with you (whether by telephone, e-mail, social media, web chat or otherwise). This will normally be limited to:
  • Name
  • Email address
  • Booking Number
  • Post code
  • Other information you provide during the course of the correspondence

        c) Where there are additional members of your party, we may ask you for their name, address, phone number and date of birth. These are used to allow us to manage your booking.

        d) If you take part in a competition we will collect and process information about your entry.

        e) We collect information about your credit or debit card where you use it to pay for our services.

    We use this information for the following purposes:

        a) Providing the products, services and information that you ask us for and performing our obligations to manage your holiday booking.

        b) Responding to messages from and corresponding with you regarding your booking and recording any communications.

        c) To administer your website account

        d) To administer your membership of Concierge Club

        e) Allowing you to participate in interactive features of our website and other services.

        f) Administering competitions that you may enter.

    The legal basis for our use of this information is to fulfil our contract(s) with you.

        g) We may also use this information for internal operations including troubleshooting, data analysis, testing, research, statistical and survey purposes.

        h) To protect our guests and premises from crime, we operate CCTV and Automated Number Plate Recognition (ANPR) systems in our hotels and car parks which record images for security.

        i) If we discover any criminal activity or alleged criminal activity through our use of CCTV, we will process this data for the purposes of preventing or detecting unlawful acts. Our aim is to protect our guests and business from criminal activities.

    The legal basis for our use of this information is our legitimate interest to protect our guests and business and to develop and improve our services.

    3.2 We will collect and use certain technical information about you and your visit when you visit our website. This may include:
  • The IP address of the device you use
  • The pages you visit on our website, whether the page load was successful and the order in which you visit them
  • The browser which you are using

We collect this for the following purposes: 

        a) Improving our website and ensuring that content is presented effectively.

        b) Managing our website and ensuring that it is safe and secure. This is outlined in more detail in the cookie policy.

        c) To proactively offer you advertising which we believe will be of interest when you visit other websites

        d) Administering our website and other systems and for internal operations, including troubleshooting, data analysis, testing, research, statistical and survey purposes.

    The legal basis for our use of this information is our legitimate interest in developing and improving our services.

    Where our website places third-party cookies, the legal basis for their use of this information is your consent which is given when you accept the use of cookies. You can manage all cookies using your browser settings. See our Cookies Policy (Link) for more information.

    3.3 We may collect details of your marketing preferences and whether or not you want to receive certain marketing messages (e.g. marketing e-mails or direct marketing via post) from us.

We combine this with your personal information detailed in 3.1 & 3.2 and we use this information for the following purposes: 

        a) Providing you with marketing information about our services that we feel may interest you if you have agreed to receive these (these can be unsubscribed from at any time using links provided in the e-mails or through the return address provided). Email marketing information may also be provided through advertising on websites. 

        b) Providing information about changes to our services. 

Where you have booked or received a quotation for a holiday with us, the legal basis for our use of this information is our legitimate interests in promoting and selling our services. You have the right to object to us processing this data at any time and our right to process data is not overridden by your interests, fundamental rights and freedoms. If you have not booked or received a quotation for a holiday with us, the legal basis for our use of this information is your consent. You have the right to withdraw your consent at any time. 

        c) We may collect certain other information that you give us, for example, if you take part in discussion boards or other social media functions on our website, participate in a webchat, register with us for and/or enter into competitions or promotions, complete surveys, or report problems with our website. 

        d) If you are involved in a reportable accident or incident while you are with us, we will record your details and the incident details in our accident book.
    
    The legal basis for our use of this information is our legitimate interests in managing our business and developing our services.

    3.4 We combine the information you provide with certain information we obtain from other sources. This can include:

  • Electoral roll
  • Credit reference agencies
  • Demographic information
        We process this information to:
        a)   improve our ability to present you with offers which may be of interest to you 

Where you have booked or received a quotation for a holiday with us, the legal basis for our use of this information is our legitimate interests in promoting and selling our services. You have the right to object to us processing this data at any time and our right to process data is not overridden by your interests, fundamental rights and freedoms. If you have not booked or received a quotation for a holiday with us, the legal basis for our use of this information is your consent. You have the right to withdraw your consent at any time. 

        b) validate your identity so that we can accept your booking 

        c) protect our business and you from fraud and other illegal activities 

The legal basis for our use of this information is our legitimate interests in managing our business and promoting our services. 

If you have booked through our partnership with SAGA we will share your details with SAGA so that we can administer your booking with SAGA.

4. How we use Sensitive Personal Information
    4.1 We do not normally collect sensitive personal information from you. However, if you make us aware of any special requests for your booking including anything due to specific medical, dietary or religious requirements, we will note these so that we can do our best to meet your request. We will not process this data for any other purpose. 

The legal basis for our use of this data is your consent and to fulfil our contract with you. You have the right to object to us processing this data at any time and our right to process data is not overridden by your interests, fundamental rights and freedoms.

5. How We Share Personal Information 

    5.1 We do not share website visitor and guest personal information with third parties for the purposes of the third party sending you marketing information. 

    5.2 We share our website visitor and guest personal information, as necessary, with the following third parties: 

        a) Any member of our group, which includes our subsidiaries 

        b) Selected third parties, such as business partners and service providers where we ask them to fulfil services which enhance your holiday experience or provide other services such as fulfilment of our marketing activities. In these cases, the third parties act as Data Processors for us and your information remains in our care and under our control. 

        c) Prospective buyers of our business or assets. 

        d) Third parties, such as the police and regulatory authorities, to protect our rights, property, or the safety of our guests, staff and assets or when obliged to by court order or similar legal obligation. 

        e) Third parties, such as law firms and law courts, to enforce or apply any contract with you. 


6. Where We Transfer and Store Personal Information

    6.1 The personal information that we collect from our website visitors and guests will be transferred to, and stored at, destinations outside the European Economic Area, (the "EEA”). To safeguard your personal information and to make sure that it is properly protected we have put in place contractual safeguards with our Data Processors. 


7. Retention of Personal Information

    7.1 We will keep your personal information for limited and appropriate periods of time only. 

    7.2 We will retain your personal information for the period necessary to fulfil the purposes outlined in this privacy policy unless a longer retention period is required or allowed by law. If you need further information, please contact us at privacy@warnerleisurehotels.co.uk


8. Your Rights in Your Personal Information

    8.1 You have certain rights in respect of the personal information that we hold about you. Details of these rights are set out below. To exercise any of these rights, please contact us at privacy@warnerleisurehotels.co.uk. 

    8.2 We will process all personal data in line with your rights, in each case to the extent required by and in accordance with applicable law only (including in accordance with any applicable time limits and any requirements regarding fees and charges). We will respect your personal information rights in respect of: 

        a) Access. 

    We will confirm to you whether or not we are processing and using personal information about you, at your request and, if so, provide you with access to and a copy of such personal information and the other details to which you are entitled. 

        b) Rectification. 

    We will correct any inaccurate personal data and complete any incomplete personal data (including by providing a supplementary statement) that we hold about you. 

        c) Prevention of processing likely to cause damage or distress. 

    We will respect your rights under the DPA to require us to cease or not to begin processing your personal information for a specific purpose, or in a specific way, that is likely to cause you or any third parties unwarranted damage or distress. 

        d) Erasure. 

    We will erase your personal information at your request without undue delay. 

        e) Restriction. 

    We will restrict the processing of your personal information in certain circumstances if you ask us to do so. 

        f) Data portability. 

    We will provide you or third parties on your behalf with a copy of any personal information that we hold about you which you have provided to us in a structured, commonly used and machine readable format. 

        g) Objection (including objection to direct marketing). 

    We will respect your general rights to object to the processing of your personal information in certain circumstances, including for direct marketing purposes. We will usually inform you (before collecting your information) if we intend to use your information for such purposes or if we intend to disclose your information to any third party for such purposes. 

        h) Automated decisions and profiling. 

We will not make decisions based on automated processing, including profiling 


9. Cookies

    9.1 Our website uses “cookies” and other tracking technologies which are placed and stored on your computers’ hard drives, or in their browser memories, if you agree, when you visit our website. These are used for various purposes, including distinguishing you from other website visitors. By continuing to browse our website, you agree to our use of cookies and other tracking technologies. View our Cookie Policy 

10. How we look after your information 

    10.1 We treat your information with the utmost care and take all appropriate steps to protect it. 

    10.2 We secure access to all transactional areas of our websites and apps using ‘https’ technology. 

    10.3 Access to your personal information is password-protected, and sensitive data is secured and tokenised to ensure it is protected. 

    10.4 We regularly monitor our system for possible vulnerabilities and attacks, and we carry out penetration testing to identify ways to further strengthen security. 

11. Changes to Our Privacy Policy

    11.1 We reserve the right to modify this privacy policy from time to time. Any changes we make in the future will be posted on the following website: www.warnerleisurehotels.co.uk. You should check back frequently to see any updates or changes to our privacy policy. 

12. Contact and Complaints

    12.1 Questions, concerns, comments, requests or complaints regarding this privacy policy, our website and/or our use of your personal information should be addressed to privacy@warnerleisurehotels.co.uk 

    12.2 If you have any complaints regarding this privacy policy, you may also contact the UK Information Commissioner at telephone number 0303 123 1113 or https://ico.org.uk/. (Opens in new window)