We absolutely respect your right to privacy. Our overall aim is to ensure that our collection and use of personal information is appropriate to the provision of services to you and our clients and is in accordance with applicable data protection laws.
Who we are
Stay in Wells is the data controller of the personal information that we collect from you. It is a company registered in England and Wales (registration number ???????), whose registered office is at Westfield Farm Foxley Road, Foulsham Norfolk NR20 5RH.
The personal information we collect about you
If you are seeking to book B&B, hire a property or to obtain further details about a potential holiday, we will usually collect the minimum information required to fulfil your needs. This will likely include your name, contact details, payment details, date of birth, details of other members of your party plus information on your specific requirements in order to customise your holiday and deliver your specific requirements.
If you sign up to join our mailing list we will collect your name and e mail address, together with your consent to receive communications from us. This consent can be removed at any time simply by using the unsubscribe button on any of our e mail communications.
How we store, use and share your personal information for our core business
Individuals who rent, or enquire about, a property
We collect, store and use your personal details as outlined above for our legitimate business interests, so that we can fulfil both your immediate and any potential future booking or enquiry needs.
This storage and use of your personal information allows you to be contacted about your current booking or enquiry. We do not believe that this storage and use will unduly prejudice your rights or freedoms.
Individuals who join our mailing list
We collect, store and use your personal details as outlined above with your explicit consent so that we can contact you with details of our properties, offers and other marketing items which we believe will be of interest or potential benefit. You can remove your consent at any time using the unsubscribe button on any of our e mail communications to you.
All other users of the sites and our services
We collect, store and use your personal information for the following purposes:
- to make the sites available to you; and
- to provide any services that you request.
Sometimes, our use of your personal information is for purposes which are ancillary to the provision of the sites and services, or which are desirable in order to make them to operate more effectively. In those circumstances, we believe we have a legitimate business interest in handling your personal information, and do not believe that this storage and use of your personal information will unduly prejudice your rights or freedoms.
The relevant circumstances are:
- detecting and preventing fraud;
- keeping our websites, apps, products and IT systems secure;
- ensuring that our own processes, procedures and systems are as efficient as possible;
- analysing and enhancing the information that we collect;
- determining the effectiveness of our promotional campaigns and advertising; and
- if you have joined our mailing list and you have given us your consent, contacting you (including by SMS and e-mail) with products and services which we think may interest you.
In some, relatively limited, circumstances we need to handle your personal information in a certain way to be able to comply with our legal obligations – for example: if we are requested to disclose your personal information to regulatory bodies or if we need to demonstrate our compliance with applicable law such as any tax and national insurance legislation relating to the payment of personal service company contractors and immigration law.
We also collect anonymised details about visitors to our websites for the purposes of generating site statistics, reporting purposes or improving our website and marketing effectiveness. However, no single individual will be identifiable from the anonymised details we collect for these purposes.
How we might otherwise share your personal information and who we share it with
We will disclose information under the following circumstances:
- Third-party service providers: When we share information with third-party service companies for them to facilitate or to provide certain services on our behalf. This will include:
- IT support service providers;
- third-party service providers who track our customers' use of the sites and our services for us.
These companies are contracted to use your personal information only as necessary to provide the relevant services to us and are required to maintain full security and confidentiality.
- Merger or acquisition: When we need to transfer information about you if we are acquired by or merged with another company. If we are involved in a merger, acquisition, or sale of all or a portion of its assets, you will be notified by email and/or a prominent notice on our sites of any change in ownership or uses of your personal information, as well as any choices you may have regarding your personal information.
Technologies such as cookies, beacons, tags and scripts are used by us and our affiliates, or analytics or service providers. These technologies are used in analysing trends, administering the sites, tracking users’ movements around the sites and to gather demographic information about our user base as a whole. We may receive reports based on the use of these technologies by these companies on an individual as well as aggregated basis.
We employ comprehensive, reasonable and appropriate security measures to protect against the loss, misuse, and alteration of the personal information we process. This includes organisational security (passwords and access controls), physical security (data centre protection) and IT security (encryption). Please note that no transmission over the Internet can ever be guaranteed secure and as a consequence please note that we cannot guarantee the security of any personal information that you transfer over the Internet to us.
We retain information (including personal information) for the minimum reasonable time period to allow us to provide our services and will delete it after that time. The only exceptions are in cases where we need to keep limited personal information to comply with our legal obligations, resolve ongoing disputes, or enforce our agreements.
Should you require more detail about our retention timescales for a specific category of data or information please contact us at firstname.lastname@example.org
You have certain rights in relation to your personal information. If you would like further information in relation to these or would like to exercise any of them, please contact us at email@example.com at any time. You have the right to request that we:
- provide access to any personal information we hold about you;
- update any of your personal information which is out of date or incorrect;
- delete any personal information which we are holding about you;
- restrict the way that we process your personal information;
- prevent the processing of your personal information for direct-marketing purposes;
- provide your personal information to a third-party provider of services;
- provide you with a copy of any personal information which we hold about you; or
- consider any valid objections which you have to our use of your personal information.
We will consider all such requests and provide our response within a reasonable period (and in any event within any time period required by applicable law). Please note, however, that certain personal information may be exempt from such requests in certain circumstances.
If an exception applies, we will tell you this when responding to your request. We may request you provide us with information necessary to confirm your identity before responding to any request you make.
Third party sites
Complaints, questions and suggestions
If you have any complaints, questions and suggestions about our sites or services, please contact us at firstname.lastname@example.org
In the EEA, you may also make a complaint to our supervisory body for data protection matters (the Information Commissioner's Office in the UK) or seek a remedy through local courts if you believe your rights have been breached.