We never pass on any details to 3rd parties or share your details in any way.
We only Send out Newsletters which you can safely unsubscribe from. Only those who have requested to be on our Newsletter Lists will receive Newsletters when GDPR comes into effect.
We operate a Secure Socket Layer to our Online booking system. This is the standard security technology for establishing an encrypted link between a web server and a browser. This link ensures that all data passed between the web server and browsers remain private and integral.
When guests book online all financial data is actually carried out on our Internet Banking Gateway page and therefore not on our website. We do this to eliminate all problems of transaction security.
We are Security Compliant and Certified IPS- DSS as safe and Secure Internet Merchants
We are registered with The Information Commissioner's Office (ICO) and follow their guidelines.
We only hold your data in relation to bookings that you have made, we are required to hold bookings data by law for a minimum of one year and financial data for 7 years.
When GDPR comes into effect you will be able to request that we delete your data from the system but bookings information will be archived and financial data held securely by the Bank – we do not see or hold any card details on any of our systems. We are allowed one month to do this work and are allowed to charge £10
We will be creating a ‘Forget Me’ tick box for registered customers who wish to have their details completely removed and we will respond to this on a case by case basis and in accordance with government laws and HMRC demands – we are allowed one month to by GDPR rules to resolve such requests and are entitled to charge £10. Please note that overiding legislation requires us to keep all booking information one year and also that HMRC requires full financial data for 7 years: which basically covers the extent of the information we hold on you.
We will be reviewing our policies to be GDPR Compliant as rules change and evolve.
We will always respond personally to anyone who is worried or has a specific request about their Data.
The Website is brought to you by The Cottage Agency LTD. The Cottage Agency LTD believes it is important to protect your Personal Data (as defined in the Data Protection Act 1998) and we are committed to giving you a personalised service that meets your needs in a way that also protects your privacy. This policy explains how we may collect Personal Data about you. It also explains some of the security measures we take to protect your Personal Data, and tells you certain things we will do and not do. You should read this policy in conjunction with the Website Terms.
When we first obtain Personal Data from you, or when you take a new service or product from us, we will give you the opportunity to tell us if you do or do not want to receive information from us about other services or products (as applicable). You can normally do this by ticking a box on an application form or contract. You may change your mind at any time by emailing us at the address below.
Information we collect
We will collect personal data on this website only if it is directly provided to us by you the user, e.g. your e-mail address, name, home or work address and telephone number, and therefore has been provided by you with your consent. Normally you will only provide such details if you are making a purchase from us. We also use analytical and statistical tools that anonymously monitor details of visits to our website and the resources that are accessed, including, but not limited to, traffic data, location data, weblogs and other communication data - this data will cannot identify you personally and is used to improve our site.
Your payment information (e.g. credit card details) provided when you make a purchase from our website is not received or stored by us: That information is processed securely and privately by third party payment processors that we use who are one of the UK’s biggest Secure Internet Payment Gateways: ‘Worldpay’ – we do not have access to that information at any time. We may share your personal data with our payment processors, but only for the purpose of completing the relevant payment transaction. Such payment processors are banned from using your personal data, except to provide these necessary payment services to us, and they are required to maintain the confidentiality of your personal data and payment information.
Use, storage and disclosure of your information
We may hold and process this personal data in accordance with the Data Protection Act 1998 and send you our e-newsletters from time to time if you have signed up to such email marketing, but we will not transfer, share, sell, rent or lease your personal data to third parties. We may share your personal data within our group of companies, but it will still be subject to these terms if we do.
The information that we collect and store relating to you is primarily used to enable us to provide our services to you. In addition, we may use the information for the following purposes if you have signed up for our Newsletters:
To provide you with information requested from us, relating to our products or services. To provide information on other products which we feel may be of interest to you, where you have consented to receive such information;
To meet our contractual commitments to you;
To notify you about any changes to our website, such as improvements or service/product changes, that may affect our service;
If you are an existing customer, we may contact you with information about goods and services similar to those which were the subject of a previous sale to you;
To assist fraud protection and minimise credit risk.
If you do not want us to send you Newsletters you may unsubscribe from your members Area on our site or do it safely from the Newsletter itself.
Please be advised that we do not reveal information about identifiable individuals to our advertisers like Google but we may, on occasion, provide them with aggregate statistical information about our visitors.
We do not require, hold or use sensitive personal data, such as race, religion, or political affiliations.
Otherwise, we will process, disclose or share your personal data only if required to do so by law or in the good faith belief that such action is necessary to comply with legal requirements or legal process served on us or the website.
You have the right to opt out of our processing your personal data for marketing purposes by contacting us at firstname.lastname@example.org or unsubscribing in your Members Area on our website or by Unsubscribing from any unwanted Newsletter you receive from us.
Secure Website: We operate a Secure Socket Layer to our website and Online booking system. This is the standard security technology for establishing an encrypted link between a web server and a browser. This link ensures that all data passed between the web server and browsers remain private and integral.
The transmission of information via the Internet or email is not completely secure. Although we will do our best to protect your personal data, we cannot guarantee the security of data while you are transmitting it to our site; any such transmission is at your own risk. Once we have received your personal data, we will use strict procedures and security features to try to prevent unauthorised access.
Where you have set a password so that you can access certain parts of our site, you are responsible for keeping this password confidential. You should choose a password it is not easy for someone to guess.
Third party links
You might find links to third party websites on our website. These websites should have their own privacy policies, which you should check. We do not accept any responsibility or liability for their policies whatsoever as we have no control over them.
Access to information
The Data Protection Act 1998 gives you the right to access information held about you by us. This right can be exercised by you in accordance with the Act - an access request will be subject to a fee of £10 towards our costs of complying with your request for the information we hold about you.Should you wish to receive details that we hold about you, please contact us email@example.com
GDPR also gives you the right to be forgotten; but this is has to take into account overriding legislation covering accommodation whereby we have to keep booking details one year and also by HMRC requiring sales details are kept 7 years
Changes to this policy
We may update these policies to reflect changes to the website and customer feedback. Please regularly review these policies to be informed of how we are protecting your personal data.