Privacy Policy
1. Introduction

This privacy policy (and any other documents referred to in it) explains in detail the types of personal data we may collect about you when you interact with us. It also explains how we’ll store and handle your personal data and keep it safe. Please read this privacy policy carefully to understand our practices regarding your personal information and how we will treat it. 

We know it may seem like a lot of information, but we want you to be appropriately informed about your rights and how we use your data.

We hope the following sections will answer any questions you may have, but if not, please do get in touch with us.

We may update this notice from time to time. If there is any significant change, we will let you know, but you’re welcome to come back and check it whenever you wish.

For your information this privacy policy was last updated on the 14 March 2024.


2. Who are Warner Hotels?

Warner Leisure Hotels owns and operates country and coastal properties around the UK, offering short adult only breaks.

For simplicity throughout this notice, ‘we’ and ‘us’ means Warner Leisure Hotels, and its business units.

We have a legal duty to protect personal information that we collect under Privacy Legislation such as, the General Data Protection Regulation (GPDR), Data Protection Act 2018 (the “DPA”) and the Privacy and Electronic Communications Regulations 2003, (PECR).

For the purpose of the DPA and PECR, we are the data controller and are located at Warner Leisure Hotels 1 Park Lane, Hemel Hempstead, HP2 4YL. 

If you have any queries relating to this policy, you may write to us this address or contact us Here

 

3. What types of Personal Data do we collect?

  • Your Full Name.
  • Your Address and Postcode.
  • Your email address.
  • Telephone Number.
  • Age and DOB (including additional guests).
  • Your Gender.
  • Additional guest names.
  • Internet or other electronic network activity information, including information regarding your interaction with our websites, applications, or advertisements.
  • Online identifiers such as IP address and session ID’s.
  • Booking reference or unique identifiers.
  • Health & Medical information, (where required, for example if voluntarily provided at booking or to enable participation in an activity or treatment).
  • Financial information (e.g. bank/credit/debit details) These will be collected directly by a third party payment provider and tokenised. We will never store your full payment card number.
  • Images or footage captured by Photography/CCTV/ ANPR and Poolview (Anti drowning technology in some of our pools).
  • Vehicle Information.
  • Audio voice recording.
  • Research information. For example you may choose to sign up to research panels and or respond to surveys or polls that help us understand our guests opinions and views. 
  • Competition Data. This is only used for the purposes of the relevant competition and will be subject to the terms and conditions of that competition, which will be notified to you when you enter the competition. 
  • We may also collect publicly available information from social networking sites such as Facebook, Twitter, YouTube, and Instagram, for example likes, shares, tweets and posts about Warner Hotels. This information is used at an aggregate level for analysis purposes.

4. What do we use your data for?

It’s important that you understand how and why we use the personal data that we collect from you. This section sets out the different purposes for which we process personal data and which types of personal data we need for each purpose. 

  • When you create an account with us we will manage and administer your account and provide you with the relevant services.
  • When you book a break with us we will process your information to fulfil your break and send you service messages relating to your break.
  • When you use My Warner Stay to manage your break and additional services.
  • When you engage with us on social media.
  • When you download or install one of our applications.
  • When you voluntarily contact us with a query, a comment or make a complaint we will ensure your query is appropriately dealt with.
  • When you engage with one of our contact centres, we may record audio for training and monitoring purposes.
  • When you purchase gift cards.
  • When you voluntarily enter a prize draw or competition, we will process your data to enable you to participate in that competition and to carry out activities that relate to the competition; for example, letting you know if you have won a prize and or using your details to communicate with you, if you are a winner.
  • When you book an appointment or attend an event that is provided by a 3rd party supplier we will process your data to the extent required to meet our purposes and fulfil the service to the 3rd party provider and their guests or delegates.
  • We may use your contact details to contact you from time to time to ask you to participate in surveys to help us improve our services and offerings. It may also inform our marketing and promotional activity and help us to personalise our offer through our marketing to you. 
  • From time to time, we may use research panels to conduct market research for us which may involve collecting personal data for the purposes of carrying out research. Where this collection of personal data is by third party research companies, it may be subject to separate privacy policies.
  • We may sometimes use anonymised data for analytics purposes. When used for this purpose, this data does not enable you or any other individual to be identified.
  • With your consent, we will use your personal data, and marketing preferences to keep you informed by email, web, text, telephone and through our contact centres about relevant products and services, including tailored special offers, discounts, promotions, events, competitions and so on. You are free to opt out at any time. 
  • If you fill in any forms e.g. booking an activity or when going to a spa we will process your data to enable us to fulfil the service booked and to ensure the health and safety of our guests and team members.
  • If an accident or incident takes place on one of our hotels we may collect certain data from you to ensure we are able to support those involved and ensure our health and safety procedures are followed.
  • We may sometimes receive requests from TV and other companies to film/photograph at our hotels. We also take our own Warner Hotels’ promotional films and photographs on the parks throughout the year.
  • To protect our customers, premises, assets and Partners from crime, and to ensure health and safety at all times, we operate CCTV systems in our facilities and car parks which record images for security. We do this on the basis of our legitimate business interests.
  • To process payments and to prevent fraudulent transactions. 

 

If we discover any alleged or actual criminal activity through our use of CCTV, fraud monitoring and suspicious transaction monitoring, we will process this data for the purposes of preventing or detecting unlawful acts. 

We may be required to comply with our contractual or legal obligations to share data with law enforcement and other authorities. For example, when a court order is submitted to share data with Government functions & law enforcement agencies or a court of law e.g. HM Revenue or DWP.

 

5. How we use Sensitive Personal Information

We do not normally collect sensitive personal information from you as part of the booking process. However, if you make us aware of any special requests voluntarily, for your booking including anything due to specific medical, dietary, or religious requirements, we will note these so that we can do our best to meet your request. We will not process this data for any other purpose.

If you book onsite activities (including, but not limited to, sports, outdoor activities and spa treatments), we ask for information about your health including any existing conditions relevant to the activity and details of who to contact in the event of an emergency.

The information is collected for the following purposes:

  • To provide the activities and treatments you want and to ensure you can safely take part.
  • To ensure we are able to contact someone in an emergency.

 

6. Combining your data for personalised marketing

We want to bring you news and offers that are most relevant to your interests at particular times. To help us form a better, overall understanding of you as a customer, we may, where relevant, combine your personal data, for example your booking history and activities preferences. For this purpose, we may also combine the data that we collect directly from you with data that we obtain from third parties to whom you have given your consent to pass that data onto us.

We may also use something called “custom audiences” to deliver advertisements to our website customers, based on Targeting Cookies that we collect from you.  

We also use something called "Lookalike Audiences" this tool enables us to create a lookalike audience of our customers with similar demographics. Facebook or Google finds users who have similar attributes to our customer base.

Our customers would never receive marketing as a result of this activity.

To opt out of receiving marketing see section 13 below, titled ‘How can you stop the use of your personal data for direct marketing?’

 

7. What is our legal basis for using your data?

Data protection law says that we must tell you the legal basis that we rely on to process your personal data for the purposes that we have notified to you. This section tells you what that legal basis is in relation to each of the purposes set out above.

The law on data protection sets out a number of different reasons for which a company may collect and process personal data, including:

Consent

In certain circumstances, we can collect and process your data with your consent. 

For example, when you tick a box to tell us you would like to receive news and offers from us. 

Contractual Obligations

In certain circumstances, we can collect and process your personal data to comply with contractual obligations.

For example, if you book a break with us, we’ll collect your personal information to enable us to book break and communicate with you about details in relation to your booking.

Legal obligation

Warner Leisure Hotels may disclose personal information If the law requires us to.

For example, we can pass on details of people involved in fraud or other criminal activity to law enforcement to protect the safety and security of people and property, to pursue available remedies or limit damage and to respond to an emergency.

Legitimate Interest

In specific situations, we require your data to pursue our legitimate interests in a way which might reasonably be expected as part of running our business and which does not materially impact your rights, freedom or interests.

For example, we will use your booking history to send you or make available personalised offers but we will seek your consent to send you marketing.

We may also combine the booking history of our customers to identify trends and ensure we can keep up with demand or develop new services.

We may use responses to Warner surveys to identify trends and make available personalised offers to you.

We may also use your address details to send you direct marketing information by post, telling you about news and services that we think might interest you.

We may contact you regarding market research.

In certain circumstances when you book with us and do not choose to opt out from receiving our emails we will use your personal data, preferences and details of your bookings to keep you informed by email, web, text and telephone through our contact centres about relevant news and services including tailored offers, discounts, promotions and competitions. This is known as a (‘Soft Opt In’).

 

8. Who do we share your personal data with?

We sometimes share your personal data with trusted third parties. Here’s the policy we apply to those organisations to keep your data safe and protect your privacy:

  • We provide only the information they need to perform their specific services.
  • They may only use your data for the exact purposes we specify in our contract with them.
  • We ensure appropriate Due Diligence is undertaken to ensure the security of your data.
  • We work closely with them to ensure that your privacy is always respected and protected.
  • If we stop using their services, any of your data held by them will either be deleted, returned or rendered anonymous.

Examples of the kind of third parties we may work with are:

  • Companies within our group.
  • Third party suppliers who help us manage our customer data. 
  • Information technology providers who help us to manage our IT systems and ensure that they are secure and protected from fraud and abuse.
  • Third party service providers who carry out our user testing for us.
  • Technology solutions providers who help us show you advertising.
  • Direct marketing companies who help us manage our electronic and postal communications with you.
  • Data Insight and Market research agencies, who may send surveys on our behalf.
  • Auditors and other professional advisors who help us manage our processes and improve accuracy of our data.
  • Social Media platforms to show you services that might interest you while you’re browsing the internet. This is based on either your marketing consent or your acceptance of cookies on our websites. See our Cookies Policy for details.
  • Payment service providers that enable us to fulfil transactions with you.
  • Partnerships we work with to bring certain services or breaks to our guests.
  • Companies within our Group Structure.
  • For fraud management, we may share information about fraudulent or potentially fraudulent activity in our premises or systems. This may include sharing data about individuals with law enforcement bodies.
  • We may also be required to disclose your personal data where we are required or permitted to do so by law or to protect or enforce our rights or the rights of any third party.
  • We may, from time to time, expand, reduce or sell our business and therefore may share data with Prospective buyers of our business or assets. If this happens, your personal data will, where relevant, be transferred to the new owner or controlling party, under the terms of this Privacy Notice.
  • Activity and event providers.
  • Where you are attending an event organised by a third party at our Resorts, we may share booking details with them to allow the event to be planned effectively. Our legal basis for the sharing of this data is our contractual obligation to our partners.
  • If you take out holiday insurance as part of your break, we will pass on details of your booking to our insurers, and their underwriters. This will allow them to administer your policy and any claim.

9. Security at our hotels

The following are operated in our hotels to assist with monitoring & maintaining hotel safety, to prevent and detect crime and; assist law enforcement (where necessary):

  • CCTV.
  • Automated Number Plate Recognition (ANPR).
  • Some sites may operate drowning prevention technology.

These systems are operated for the protection of our guests, employees & premises from criminal activities.

If we discover any criminal activity or alleged criminal activity through our use of CCTV, we will process this data for the purposes of preventing or detecting unlawful acts.

The Legal basis for our use of this information is in our Legitimate Interests to ensure the safety of guests and employees at our hotels and to assist with law enforcement. We may also use the footage to exercise and defend our legal rights.

 

10. Where We Transfer and Store Personal Information

The personal information that we collect from our website visitors and guests may be transferred to, and stored at, destinations outside the European Economic Area, (the "EEA”). If we do carry out transfers outside of the EEA, we will ensure the recipient has an adequate level of protection for your personal data and to make sure that it is properly protected. To ensure this we have put in place contractual safeguards with our Data Processors.

Any transfer of your personal data will follow applicable laws and we will treat the information under the guiding principles of this Privacy Notice.

 

11. How long will we keep your personal data?

Whenever we collect or process your personal data we’ll only keep it for as long as is necessary, for the purpose for which it was collected. This period will be determined based on any business and/or legal requirements.

At the end of that retention period, your data will either be deleted completely or anonymised, for example by aggregation with other data so that it can be used in a non-identifiable way for statistical analysis and business planning.

If you need further information, please contact us Here

 

12. Your Rights in Your Personal Information

You have certain rights in respect of the personal information that we hold about you. Details of these rights are set out below. To exercise any of your information rights, please contact us HerePlease note that requests that do not relate to your information rights will not be managed here. For Complaints or guest relations queries please follow our complaints process.

We will process all personal data in line with your rights, in each case to the extent required by and in accordance with applicable law only (including in accordance with any applicable time limits and any requirements regarding fees and charges). We will always respect your personal information rights. For more information on your rights, please see: https://ico.org.uk/your-data-matters/.

 

13. How can you stop the use of your personal data for direct marketing?

We want to make you aware of the fantastic breaks and services we offer. To do so, we may send you communications via email, text message, push notifications, in-app alerts, direct mail, and social media.

There are several ways you can stop direct marketing communications from us:

  • Click the ‘unsubscribe’ link in any email communication that we send you. We will then stop any further emails to you.
  • If you have an account with us you can log in into your account and change your marketing preferences.
  • In our apps, you can manage your preferences and opt out from one or all the different push notifications by selecting or deselecting the relevant options in the ‘Settings’ section.
  • If you do not wish to see advertising on social media, you can also manage this within your social media platform settings.
  • You can contact our Data Protection Team directly by clicking Here.

Please note that you may continue to receive communications for a short period after changing your preferences while our systems are fully updated.

 

14. Cookies and other tracking technology

Our website uses “cookies” and other tracking technologies which are placed and stored on your computers’ hard drives, or in their browser memories, if you agree, when you visit our website. These are used for various purposes, including distinguishing you from other website visitors. You can manage all cookies using your browser settings or using a service such as https://www.aboutcookies.org.uk/managing-cookies. You can manage your preferences for the Facebook pixel through Facebook settings.  See our Cookie Policy for more information.

 

15. How do we protect your personal data?

We treat your information with the utmost care and take all appropriate steps to protect it. We secure access to all transactional areas of our websites and apps using ‘https’ technology.

We take reasonable measures to protect personal information from unauthorised access, disclosure, alteration, or destruction and keep personal information accurate and up to date as appropriate. 

Warner Leisure Hotels employ a robust team of dedicated information security professionals who are responsible for managing our security. The team is responsible for, among many other things, monitoring our system for potential intrusions, responding to incidents, supporting security and regularly reviewing and updating our security controls to protect data.  

Sensitive data such as payment card information is processed securely and tokenised to ensure it is protected. 

Warner Leisure Hotels maintains a payment card industry (“PCI”) compliance program which helps ensure the security of card transactions. To ensure compliance we have to meet a number of operational and technical requirements to protect your card data. 

We will never ask you to send us confidential information or payment card information via email or text message.

We require third parties with whom we share personal information to exercise reasonable efforts to maintain the confidentiality of personal information.

In the event of a security incident, Warner Leisure Hotels will notify regulators and/or consumers as required by applicable laws and regulations.

 

16. Changes to Our Privacy Policy

We reserve the right to modify this privacy policy from time to time. Any changes we make in the future will be posted on https://www.warnerhotels.co.uk.

If you have any complaints regarding this privacy policy please contact us Here or write to the Data Protection Officer, Warner Leisure Hotels, 1 Park Lane, Hemel Hempstead, HP2 4YL.  You can also contact the UK Information Commissioner at telephone number 0303 123 1113 or https://ico.org.uk/make-a-complaint.

 

17. Any questions?

We hope this Privacy Notice has been helpful in setting out the way we handle your personal data and your rights to control it. If you have any questions that haven’t been covered, please contact our Data Protection Officer who will be pleased to help you: Questions, concerns, comments, requests or complaints regarding this privacy policy, our website and/or our use of your personal information, please submit your query Here.

If you have any complaints regarding this privacy policy, you may also contact the UK Information Commissioner at telephone number 0303 123 1113 or https://ico.org.uk/make-a-complaint.