-->

THE POLEBARN HOTEL PRIVACY POLICY

The Polebarn Hotel takes your privacy seriously. This policy describes what, why and how we collect and use your personal information, how we protect it and how you can contact us.

Privacy Policy

Introduction

The Polebarn Hotel Ltd trading as Polebarn House and herein referred to as ”The Polebarn Hotel Ltd”, “Polebarn House”, “us” or “we” within this document.

At Polebarn House, we are committed to protecting and respecting your privacy. Please read this policy as it contains important information about how we use personal data that we collect from you or that you provide to us.
By accessing the website or providing information, you agree to our privacy practices as set out in this privacy statement. We may change this policy from time to time. You should check this policy frequently to ensure you are aware of the most recent version.
If you have any questions regarding this policy or about our privacy practices, please contact us at the relevant address set out below in the ‘Contact Us’ section.

Who we are?

We are The Polebarn Hotel Ltd at Polebarn House. We own no other subsidiaries or affiliate companies.
The Data Controller is Natasha Owen 01225 777006.

What information do we collect?

Personal data is information that can be used to uniquely identify or contact a single person. We will collect and process information about our guests, in order to provide our services. Therefore, we may process any information, including personal data, that our guests provide us to use via a third party Online Travel Agent (OTA). All data received from OTA bookings and direct bookings made through our website are stored using a third party processor, Queensborough Group and their sub-processors HotelHost Company and Rackspace.
Personal data processed by us may include, but is not limited to: name, address, e-mail address, phone number and credit card information, date of birth and travel information. We will hold your personal data on our systems for as long as is necessary for the relevant activity. We review our retention periods for personal data on a regular basis. We are legally required to hold some types of information to fulfil our statutory obligations. We do not collect and have no requirement for sensitive data.

How do we use personal information?

We use the information you have given us in order to:

• provide you with information, products or services that you request from us;
• contact you in relation to information, products or services that you request from us;
• to carry out our obligations under any contracts entered into between you and us and to provide you with the information, products and services that you request from us;
• personalise content, business information or user experience;
• deliver marketing and events communication.

What legal basis do we have for processing your personal data?

We process personal data for the following reasons:

Consent: our customers have freely given consent for their information to be processed for a specific purpose;

Contract: Processing is necessary due to the fulfilment of a contract between us as accommodation/event provider and our customers as end user;

Legal Obligation: Processing is necessary to comply with the law.

When do we share personal data?

Data collected through direct bookings and received from third party processors is not shared with anyone by us. Data given in bookings made through our website is processed by Queensborough Group and their sub-processors HotelHost Company and Rackspace.

If a booking has been made online via a third party agent, they will process the data in accordance with their privacy policy. They will pass on your data to us. If you make a booking through a third party OTA website, please note that these websites have their own privacy policies and that we do not accept any responsibility or liability for these policies. Please check these policies before you submit any personal data to these websites.

How do we secure personal data?

We have implemented reasonable measures designed to secure your personal information from accidental loss and from unauthorized access, use, alteration and disclosure.

These include:

• reviewing contracts to ensure compliance of third party processors we use to store and manage data, in accordance with current legislation;

• physical security and access to our premises;

• access to computer hardware is password protected, with encryption and default security firewalls in place;

• Tight controls, consistent with the Payment Card Industry Data Security Standard are maintained in relation to the use, storage and processing of PII credit card data;

• Regular training of staff in relation to storage; and

• Otherwise in accordance with The Polebarn Hotel Ltd’s Data Protection Policy.

How long do we keep your personal data for?

We will only keep data for as long as is necessary to carry out our contractual obligations. Specific data will be retained for the required period in accordance with tax, accounting and legal purposes. All data no longer required is securely removed from our systems.

Your rights in relation to personal data

You have the right to ask us not to process, or to stop processing, your personal data for marketing purposes. We will usually inform you (before collecting your data) if we intend to use your data for such purposes or if we intend to disclose your information to any third party for such purposes. You can exercise your right to prevent such processing by checking certain boxes on the forms we use to collect your data. You can also exercise the right at any time by contacting us on the details set out below in the ‘Contact Us’ section.

Our website may contain links to and from the websites of local businesses. If you follow a link to any of these websites, please note that these websites have their own privacy policies and that we do not accept any responsibility or liability for these policies. Please check these policies before you submit any personal data to these websites.

You have the right to access the personal information that we hold about you.

This is called a subject access request. The request must be submitted in writing and will incur a £10 administration fee. We will respond within 40 days stating whether we hold any data, what the data is, the reason we are holding it and those to whom it has/may be disclosed, along with an intelligible copy of the information and details of the manner in which it was collected.

Before providing personal information to you or another person on your behalf, we may ask for proof of identity and sufficient information about your interactions with us so that we can locate your personal information.

In some circumstances your rights may be limited, for example, if fulfilling a subject access request may expose personal data about another person, or if we are asked to delete data which we are required to keep by law.

If any of the personal information we hold about you is inaccurate or out of date, you may ask us to correct it.

You have the right to object to us processing your personal information if we are not entitled to use it any more or to have your information deleted or have its processing restricted in certain circumstances. You also have the right to port your personal data in certain circumstances.

If you would like to exercise any of these rights, please contact us using the details set out below in the ‘Contact Us’ section.

You also have the right to lodge a complaint with the supervisory data protection body that regulates us if you have concerns about how we use your personal information. For information on how to do this, please see the ‘Contact Us’ section.

Staff Data

By submitting your CV or other personal information to us you acknowledge that we may use and transfer data as described in this Privacy Notice.
You may provide personal information related to education, employment, contacts, preferences, job qualifications, and jobs when you submit a job application. You may also choose to provide us with additional information, such as resumes, CVs, letters and references. We recommend that you do not disclose sensitive personal information (e.g., height, weight, religion, philosophical or political beliefs, financial data, sexual orientation, membership of a trade union or political party) in your CV or any materials in support of your application. To the extent you provide sensitive personal information you expressly authorise us to handle such details as specified in this Statement. We will use your personal information for recruitment purposes, and if you are offered a job or become employed by us we will use it only for other employment-related purposes. These purposes include, but are not limited to: verifying past employment and/or education, checking references, confirming ability to legally work in the country, contacting you and/or your emergency contacts at home if necessary, setting/adjusting and paying wages, job duties and titles, administering benefits, including health insurance, administering savings and pension plans, managing performance, withholding and payment of applicable taxes and complying with legal and regulatory obligations. We may also retain your information after the recruitment process is complete to contact you about potential future opportunities or for record keeping purposes for a period of three years from the date of your application. If you provide information about others (i.e. reference contact details), please ensure you have informed them that you will be providing their information.

By submitting your resume/CV or other information and any subsequent application materials to us, you agree that we may use such information for recruitment, hiring and employment purposes.

How to contact us?

If you have any questions or concerns about our privacy practices, your personal information or if you wish to file a complaint you can contact us in the following ways:

Post: Privacy Officer, The Polebarn Hotel Ltd, Polebarn House, Polebarn Road, Trowbridge, Wiltshire BA14 7EG.