The General Data Protection Regulation (GDPR) of 25th May 2018
Why we collect information from you.
Under the ‘Immigration (Hotel Records) Order 1972’ we legally have to collect your name nationality and address upon arrival and keep this information for at least 12 months. We also, naturally collect information in order to process your reservation with us.
For all who are not British, Irish or Commonwealth guests, we legally have to collect your Passport Number and Place of Issue, as well as the address of your next destination, if known.
The Information we hold about you.
We never have access to any of your debit or credit card details.
The transmission of information via the internet is not completely secure. Although we will do our best to protect your personal data, we cannot guarantee the security of your data transmitted to us through any online booking agent; any transmission is at your own risk. Once we have received your information, we will use appropriate procedures and security features to try to prevent unauthorised access.
How we store this information.
- Whitemoor House collects this information via the Guest Registration Form at the beginning of a Guest’s visit. This is securely stored on our premises for 7 years after the relevant tax year, in order to comply with HMRC requirements.
- It is our practice to email confirmation of your booking to you and therefore a record of your email address and email correspondence will be held in Outlook on our laptop, which is password protected and kept securely on our premises.
- Your name, telephone number and possibly email address is handwritten in our Reservations Diary, which is stored securely.
- Your name and visit date is recorded on an Excel Spreadsheet used for recording our sales revenue. This is kept on our password protected laptop and securely stored.
How we use this information
If the you choose to opt in by ticking the relevant boxes on the Registration Form, Whitemoor House may use this information to post you a Christmas Card or possibly send an email detailing any Special Offers or Local Events. In the latter case, your name and email address would be stored in the Address Book of Outlook.
Other Parties your Personal data is shared with.
We do not share your Personal Data with any 3rd Parties unless required to do so by Law Enforcement Agencies or if our assets are acquired by a third party, in which case personal data held by us about our customers may be one of the transferred assets.
If you book with Booking.com, they collect your name, address, telephone number and email address, which is made available to Whitemoor House (apart from your email address, which is encrypted). We can access this information via our Booking.com account until your visit is completed, after which time we can only see your name. Booking.com also securely collect your credit card details so that they can take payment for your reservation. These details are not shared with us.
If you book through our own website or the New Forest Official Visitor website (Guestlink), these details are made available to us and remain available for us to view for 12 months after the stay is completed.
You have the right to ask us not to process your personal data for marketing purposes. You can exercise your right to prevent such processing, at any time, by contacting us by email or by post.
You have a right of access to information held about you and this can be exercised in accordance with the Act. From 25 May 2018, when GDPR became law, a reasonable Subject Access Request (SAR) can be made without a fee being charged. It will be carried out within one month. As part of a SAR, you may request that your personal data is corrected or deleted. The result of a deletion request may be affected by any outstanding reservations in progress, or our obligation to keep tax records.
If you are not satisfied with our response you may contact the UK supervisory authority, the Information Commissioner’s Office, https://ico.org.uk to report your concern.