Book with us for absolutely the best possible rates:
BOOK ONLINE NOW
or call: 01394 450205

The Crown and Castle

OUR PRIVACY POLICY POST GDPR

The Crown and Castle at Orford takes your right to privacy very seriously as outlined below.
The Crown and Castle at Orford is part of TA Hotel Collection Limited whose registered address is 26 Lakeside Avenue, Thorpeness, Suffolk IP16 4NH (“we”). For the purposes of the General Data Protection Regulation (GDPR) 2016 we are the Data Controller and are responsible for ensuring we preserve and protect your privacy under data protection legislation. This policy outlines how we collect and process your personal data and is our Privacy Notice for the purposes of GDPR.

1.   The Information we collect
1.1      We may collect personal information from you as a result of the following activities: –
1.1.1      By making a reservation and using any of our services. When making a reservation or using services provided by TA Hotel Collection it is necessary to obtain information in order to identify you, contact you and process your purchase and requests. For an accommodation booking we will require information such as your name, address, phone number, email address and credit/debit card details. Where you have chosen to provide them, it may also include details pertaining to your personal preferences, such as the type of room, type of pillows, food allergies and the like enabling us to ensure that your needs are met.
1.1.2      By visiting our website. You may choose to complete an online form located on one of our websites. The domains we use are www.whitelion.co.uk, www.brudenellhotel.co.uk, www.thecrownatwoodbridge.co.uk, www.theswanatlavenham.co.uk, www.thorpeness.co.uk, www.thorpenesscountryclub.co.uk , www.thecrownandcastle.co.uk, www.tahotelcollection.co.uk, www.aldeburghbreaks.co.uk, www.musicbythesea.co.uk, www.seaspice.co.uk (“our websites”). The information we request will include your name and email address, and may also include postcode, postal address, telephone number, date of birth, credit card information, gender and other relevant information.
1.1.3      By corresponding with us by phone, email, Linkedin and social media sites (including but not limited to, Facebook, Twitter, Instagram) or otherwise. The information you give us may include your name, email address, postcode, postal address, telephone number, date of birth, credit card information, gender and other relevant information. We may keep a record of that correspondence.
1.1.4      By submitting details on a comment card or feedback form. This may include your name, email address, telephone number, details of your experience, details of your interests and other relevant information.
1.1.5      By registering for our loyalty scheme. If you have signed up to be part of our loyalty scheme you have also consented to supply personal information in accordance with the Terms & Conditions of the scheme.
1.1.6      By participating in a competition or other marketing initiatives. This may include your name, email address, postcode and other relevant information.
1.1.7      By choosing to complete a survey. If you choose to complete a survey the information collected will be relevant to the research being conducted. This may include information such as your name, email address, date of birth, gender, interests, postcode.
1.1.8      By choosing to send us a CV or a completed job application form by email, post or via an online recruitment site such as Indeed.
1.1.10   Technical information regarding your visit to our websites including, but not limited to, the Internet protocol (IP) address used to connect your computer to the internet, browser type and version, operating system and platform geographical location; and
1.1.11   Website performance, using Google Analytics, provided by Google Inc. Google uses Cookies to collect information on your visit to our website and how you use it including the full Uniform Resource Locators (URL), length of visits to certain pages, page interaction, date, time as well as page response times, mobile compatibility.

2.   Cookies
2.1      We use cookies for our legitimate interests:
2.1.2      For technical purposes, to ensure our websites are functioning properly and across multiple devices and operating systems;
2.1.3      to enable us to collect statistical information about browsing habits, page interaction and preferences so we can constantly improve our website and service;
2.1.4      to define types of customers for our products and services;
2.1.5      to develop an informed marketing strategy and grow our business.
2.2      We use cookies for our site statistics package, which allows us to collect information about how visitors use our site. We use the information to compile reports to help us improve the site. The cookies collect information in an anonymous form, including the number of visitors to the site, where visitors have come to the site from and the pages they visited. We collect this information in a way which does not identify anyone.
2.3      We use third party social cookies, such as Facebook, in accordance with their own privacy policy, for general marketing purposes.
2.4      If you would like your computer to decline these cookies, you can do this by disabling all cookies in your internet browser settings – please refer to your browser’s “help” menu for instructions. Please note that if you choose to decline the use of cookies you may be unable to access certain parts of the website.
For further information on Cookies please visit www.aboutcookies.org

3.   How we use your personal data:
3.1   We may use the information we collect and hold about you in the following ways:
3.1.1      to facilitate an enquiry to provide you with the information you request from us prior to the completion of a purchase or other form of contract;
3.1.2      to answer enquiries and provide requested information in accordance with our legitimate interests;
3.1.3      information provided to us in the form of comment cards / guest feedback forms will be used to follow up with you; and shared with hotel staff and wider management to ensure we continually improve our services and products and to recognize individual employees good work;
3.1.4      to enable us to fulfil any contractual obligations between you and us as is necessary;
3.1.5      to notify you about changes to our services or inform you of circumstances that may impact on our ability to deliver those services or your experience as is in our legitimate interest to do so;
3.1.6      to ensure that content on our websites are effective for both you and your chosen device as is in our legitimate interest;
3.1.7      to provide you with information about other products or services we offer that are similar to those that you have already purchased or been provided with where it is in our legitimate interests to do so. You may unsubscribe at any time from receiving further communications from us for these purposes;
3.1.8      to provide you with information about our products or services we feel may interest you, any news or industry updates, offers, upcoming events or other information, where you have consented to be contacted for such purposes. You may unsubscribe at any time from receiving further communications from us for these purposes;
3.2      For the purposes of this policy our legitimate interests include our right:
3.2.1      to facilitate an enquiry, purchase or on going use of our services or products;
3.2.2      to provide a customer service which is tailored to your needs and preferences;
3.2.3      to develop and enhance our services and products to ensure they meet the needs or our guests and are delivered efficiently;
3.2.4      to promote our business including direct marketing.

4.   Disclosure of your personal data to others
4.1      We may share your personal data with:
4.1.1      any authorised personnel within our group insofar as necessary for the purposes set out in this policy;
4.2      We may also share your personal information with selected third parties who are:
4.2.1      under contract to provide services to us (our “data processors”) where the use of your personal information forms part of their contractual duties;
4.2.2      business partners, suppliers and sub-contractors for the performance of any contract we enter into with them or you;
4.2.3      consultants and professional advisors as it is in our legitimate interest to do so.
4.3      We will share your personal data with third parties:
4.3.1      where we are required to do so in order to comply with any legal obligation or to protect the rights, property or safety of TA Hotel Collection Ltd, our customers or others. This may also include other companies and organisations for the purposes of fraud protection and credit risk reduction as it is in our legitimate interests to do so;
4.3.2      where companies in our group have a legitimate interest in receiving that information;
4.3.3      If our business enters into a joint venture with or is sold to or merged with another business entity, your information may be disclosed to our new business partners or owners or their professional advisers as is in our legitimate interest to do so.

5       Data Storage
5.1      All the information you provide to us will be stored securely and we use strict procedures and security features to try to prevent unauthorised use, disclosure or accidental loss. CSS Cloud Ltd act as our Data Processor and have a contractual obligation to provide network security on our behalf.
5.2      Selected third parties act as our Data Processors and have contractual obligations to ensure the data you provide is kept secure and are subject to a duty of confidentiality. Details of our Data Processors can be obtained by contacting us at TA Hotel Collection, 26 Lakeside Avenue, Thorpeness, Suffolk IP16 4NH or by emailing us at privacy.manager@tahotelcollection.co.uk.
5.3      The data that we collect from you may be transferred to, and stored outside the European Economic Area (“EEA”). We will take all steps reasonably necessary to ensure that your data is treated securely and in accordance with this privacy policy including ensuring that the transfer is made subject to appropriate safeguards. For example, Data Processors such as Google for the use of Google Analytics and Mailchimp are obligated to protect your personal information as a member of the EU-ES Privacy Shield.

6       How long will we keep your personal data
6.1      We will only retain your personal data for as long as necessary to fulfil the purposes we collected it for.
6.2      We may retain your personal data where such retention is necessary for compliance with our legal obligations.
6.3      For further details regarding our retention policy please contact us by emailing privacy.manager@tahotelcollection.co.uk.

7       Your rights in connection with Personal Data
7.1      You have the right to request access to your personal data (also known as a “data subject access request”). This enables you to receive a copy of the personal data held about you.
7.2      You have the right to rectification. If you believe the information we hold to be incorrect or incomplete you can request an amendment by contacting us.
7.3      You have the right to request the erasure of your personal information. This enables you to ask us to delete or remove personal data. Please be aware that in certain circumstances we may not be able to delete or erase your data such as where this is still required for the purpose for which it was provided, or where we have overriding legitimate interests, or legal obligations in retaining your data.
7.4      You have the right to restrict processing. This enables you to ask us to restrict the manner in which we process your data or suspend the processing should for example you want us to establish its accuracy or the reason for processing it.
7.5      You have the right to ask us not to process your personal data for marketing purposes. Any marketing communication we send to you by email will always have the option for you to unsubscribe. You also have the right to withdraw your consent at any time by contacting us using the details below. Please note that there may be a short period during which you continue to receive communications from us whilst your unsubscribe request is being processed.
7.6      If you wish to exercise any of the above rights please contact us at TA Hotel Collection, 26 Lakeside Avenue, Thorpeness, Suffolk IP16 4NH or by emailing us at privacy.manager@tahotelcollection.co.uk.
7.7      Our websites may include links to third-party websites, plug-ins and applications. If you choose to follow a link or enable a connection, please note that these websites have their own privacy policies for which we have no responsibility. If you choose to submit any personal data on these external websites we encourage you to read their privacy policy first.

8       Changes to our privacy policy
8.1      We reserve the right to update this privacy policy at any time, a copy of which will be available on our websites. Please check back frequently to see any updates or changes to our privacy policy. Where appropriate we may also contact you by email with regards to any changes to this policy.

9       Contacting us
9.1      We take our responsibilities as a Data Controller seriously and welcome any questions about this privacy policy, comments or requests you may have. Please contact Jenny Hill, Chief Operating Officer, TA Hotel Collection, 26 Lakeside Avenue, Thorpeness, Suffolk IP16 4NH or by email at privacy.manager@tahotelcollection.co.uk.
9.2      We have not appointed a Data Protection Officer and are not currently required to do so.

10   Complaints
10.1  You have the right to make a complaint at any time to the Information Commissioner’s Office (ICO) should you be unhappy with the way in which we collected or processed your personal data. Further information can be found on the ICO website www.ico.org.uk or via their helpline on 0303 123 1113.