The General Data policy Regulation (GDPR) (EU) 2016/679 is a regulation in EU law on data protection and privacy for all individuals within the European Union. It also addresses the export of personal data outside the EU. The GDPR aims primarily to give control to citizens and residents over their personal data and to simplify the regulatory environment for international business by unifying the regulation within the EU. The following policy was drawn up in line with this regulation which came into effect on Friday 25th May 2018.
The data controller for the purposes of GDPR is: Seafield Hotel & Spa Resort
Information we may collect from you
We collect personal data from you which you volunteer when you provide such personal data to us, or via our services with which you interact. We may collect and process Data, including the following in the course of providing services to you, which could contain your personal data:
- Email address/es
- Contact numbers including mobile phone numbers
- Financial information about you, including your bank account details, credit card details, or other payment details which you freely supply
- All other Data which you ask us to process on your behalf, or which is necessary for us to process in order for us to fulfil our role as providing accommodation, spa, leisure, retail, conference & banqueting, and/or food related services to you.
We may also process other data, which is not identifiable personal data:
- When you access our website, your device’s browser provides us with information such as your IP address, browser type, access time and referring URL which is collected and used to compile statistical data. This information may be used to help us to improve our website and the services we offer, and to offer services to you.
- CCTV is in operation throughout the hotel for the purposes of, including but not limited to: Security of property, employees and guests; Health & Safety, and; Public Liability.
A full list of 3rd parties who we utilise to process data for any specific data subject is available upon request to the Data Protection Coordinator of the Hotel.
Uses made of your personal data:
We use your personal data that we hold:
- In our legitimate interest of advertising our services, provide you with information, products or services that you request from us or which we feel may interest you, where you have consented to be contacted for such purposes (our list of services below)
- carry out our obligations arising from any contracts entered into between you and us
- in our legitimate interest of advertising our services
- comply with legislation
- And/or notify you about changes to our services.
List of services
- Conference & Banqueting
- Restaurant, bar service and other food related services.
We may use your data to send you information relating to our services, events and products which may be of interest to you. If you do not want us to use your data in this way, please notify us to that effect.
Personal Data provided by you as part of a booking on our website is retained on the booking system for a period of 30 days, after the date of the booking. Personal Data provided by you that ultimately results in you becoming a customer of the business, is considered by us as being part of the books and records of the business which we are required under law to retain for a period of 7 years.
We retain all personal data securely and for as long as is necessary to ensure that we comply with the relevant governmental legislation and GDPR considerations.
Please note that if you consent to being contacted for marketing and promotion purposes, any personal information we use for this purpose will be processed by us until you notify us that you no longer wish to receive this information.
Security of your information
We are committed to protecting the information we collect. When you enter personal data during the online reservation process, or during a customer email sign-up, your data is protected by Secure Socket Layer technology (SSL) to ensure safe transmission.
All site servers are configured with data encryption technologies and industry-standard firewalls to ensure our site is hosted in a secure environment.
If you decide to make an online reservation at the Site, you will be linked to a reservation interface and a third party booking engine provided by our booking management system vendor Net Affinity. All information sent to this site, if in an SSL session, is encrypted, protecting against disclosure to third parties.
We would like our Guests and Website visitors to feel confident about using our site to plan and purchase their accommodations, and we are committed to protecting the information we collect. We have implemented a security program to keep information that is stored in our systems protected from unauthorized access.
Measures have been put in place to ensure that your personal data can only be accessed securely and only where there is a business need for them to access same.
Seafield Hotel & Spa Resort website may contain links to other sites. Please take note that Seafield Hotel & Spa Resort is not responsible for the privacy policies or practices of such other sites. We encourage our users to be aware when they leave our site and to read the privacy statements of each and every site that collects personally identifiable information. This privacy statement applies solely to information collected by this site
If you do not want to receive marketing and promotional emails from the hotel, you may click on the "unsubscribe" link in the email to unsubscribe and opt-out of marketing email communications. Please note that even if you opt-out of receiving marketing communications from us, we may need to send you service-related communications, such as confirmations of any future reservations you make.
Changes to this policy
We reserve the right to change this Policy from time to time in our sole discretion. If we make any changes, we will post those changes here so that you can see what information we gather, how we might use that information and in what circumstances we may disclose it. By continuing to use our site or our services or otherwise provide data after we post any such changes, you accept and agree to this Policy as modified. Last update made May 2018.
As an individual, under EU law you have certain rights to apply to us to provide information or make amendments to how we process data relating to you. These rights apply in certain circumstances and are set out below
- The right to access data relating to you (‘subject access request’)
- The right to rectify/correct data relating to you (‘rectification’);
- The right to object to processing of data relating to you (‘right to object’).
- The right to restrict the processing of data relating to you (‘right to restriction’)
- The right to erase/delete data relating to you (“right to erasure”)
- The right to move certain data relating to you from one organisation to another (‘right to data portability’).
Questions, comments, and requests regarding this Policy and the information we hold are welcome and should be addressed to us at firstname.lastname@example.org or by post to:
FAO Data Protection Coordinator
Seafield Hotel & Spa Resort
Gorey, Co Wexford.
Contacting the Data Protection Commissioner
Any concerns in regard to the use of your personal data can be freely raised with the Data Protection Commissioner at email@example.com or by post to:
Data Protection Commission
R32 AP23 Co. Laois