For the purpose of the Data Protection Act 1998, the data controller is…
The Palace, Palace Yard,
Herefordshire HR4 9BL
Information we collect
In running our website we may collect and process the following data about you: Information about your use of our site including details of your visits such as pages viewed and the resources that you access. Such information includes traffic data, location data and other communication data. Information provided voluntarily by you. For example, when you send a booking enquiry. Information that you provide when you email us.
We are aware of and try to be compliant with EU PECR legislation.
We strive to be compliant with these requirements of GDPR 2018…
- Breach notification. Under the GDPR, we must inform our users within 72 hours if any breach occurs that might compromise their data.
- Right of access. Users have a right to access the information we have about them. We may charge a fee of £10.
- Right to be forgotten. Users have the right to ask us to delete their accounts and all personal information we have.
- Right to portability. Users will be able to request that we forward their records to other ‘controllers’ or services if need be.
- Note. We will need to confirm the identity of the user prior to complying with above three points.
- Privacy by design. This site runs through WordPress, and this has GDPR compliance built into the setup. And is continuously updated. We assure you that our systems are as secure as we know how. And we are continually monitoring, and seeking to improve, our security setup. We may be held liable for data breaches if our system isn’t secure by design. In other words, we can be held responsible for failing to take precautions to protect user information.
Use of information
We use the information that we collect from you to provide services to you. In addition to this we may use the information for one or more of the following purposes: To provide information to you that you request from us relating to our services, i.e. sending you a reply when you contact us. To provide information to you relating to offers and events. But such additional information will only be provided where you have explicitly consented, say by online sign-up, to an email newsletter. We comply with UK spam laws as detailed in the Privacy and Electronic Communications Regulations 2003. Newsletters, mailing lists and their maintenance are administered using a secure third-party organisation, Mailchimp. We will never allow selected third parties to use your data.
Storing personal data
In operating our website it is sometimes necessary to transfer data that we collect from you to secure locations outside of the EU for processing and storing. This particularly applies to forms. By providing your personal data to us, you agree to this transfer, storing or processing. We do our utmost to ensure your data is treated stored securely. Sending such information is at your risk, though we believe this to be minimal.
Disclosing your information
We will not disclose your personal information to any other party except in the circumstances below: In the event that we sell all or part of our business. Where we are legally required by law to disclose your personal information. To further fraud protection and reduce the risk of fraud.
Third party links
Social media platforms
Communication and actions taken through external social media platforms (like say, Facebook) that this website and its owners participate in, are subject to the terms, conditions and privacy policies held by each social media platform. This website may use social sharing buttons which help share web content directly from web pages to the social media platform in question. Users are advised before using such social sharing buttons that they do so at their own discretion. And note that the social media platform may track and save your request to share a web page respectively through your social media platform account.
Access to information
In accordance with the Data Protection Act 1998 you have the right to access any information that we hold relating to you. Please note that we reserve the right to charge a small fee to cover costs incurred by us in providing you with the information.
Questions or comments?
Please contact us and we will respond as soon as possible.
Resources and more information
GDPR information www.eugdpr.org
Data Protection Act 1998 www.legislation.gov.uk/ukpga/1998/29/contents
Privacy and Electronic Communications Regulations 2003 – guide www.ico.org.uk/for_organisations/privacy_and_electronic_communications/the_guide