At The Hermitage Hotel we take the use, the confidentially and the protection of your personal data
very seriously. Please read our policy on how we use, safeguard your data and protect the
information that we gather from you.
At The Hermitage Hotel we take the use, the confidentially and the protection of your personal data
Information that we collect from you
When you visit our website and make a booking, we will collect the following information from you, including your name, your email address, your home address and your credit/debit card details. When you arrive on our website, we may also register anonymously how you are browsing the website. We may also gather information you post through the online enquiry form to use in customer services or training to improve the service we provide.
When you make a booking through our website, your information will be used to guarantee your reservation and enable us to follow-up with communications relating to your stay, for example a confirmation email or a feedback survey after departure.
When you sign-up to our mailing list you will start to receive promotional emails from which you can unsubscribe from at any time.
When using the contact form on our website, the details will only be used to make contact with you direct for the purpose of your enquiry.
If you post some feedback through the website specific to a stay or an experience that you’ve had, we will want to contact you directly. We will share this information amongst our team members and follow this up as quickly as possible to ensure we continue to give you excellent service.
To measure the effectiveness of our marketing campaigns and ensure they are relevant to you, we may anonymously collect information on your browser activity whilst on the website.
We may ask your permission to use your personal data for the following purposes:
Improve the effectiveness of our web site, your hotel experience, and various types of
communications, advertising campaigns, and promotions.
In the unlikely event that the hotel is sold, then your information may be disclosed to another third party.
Without exception, we take the security of your data very seriously and use standard encryption
technologies when transferring data between systems.
If any of the above is unclear and if you would like to discuss the security of your data, please
contact us directly on 01202 557363
Information security policy
1. Personal data
Data that identify you as an individual or relate to an identifiable individual.
During the booking process and throughout your stay, we collect Personal Data in accordance with law, such as:
- Name, gender, address, telephone number, email
- Credit or debit card number, language, date of birth
- Nationality, passport, visa or other government-issued identification data
- Important dates, such as birthdays, anniversaries and special occasions
- Employer details
- Travel itinerary, tour group or activity data
- Previous stays or interactions, goods and services purchased, special requests
- Location information
In more limited circumstances, we also may collect:
- Data about family members and companions, such as names and ages of children
- Images and video from security cameras located in public areas and the car park,guest preferences and personalised data such as your interests, food and beverage choices which we learn about during your visit or advised/ requested pre visit.
If you submit any Personal Data about other people to us or our Service Providers (e.g., if you make a reservation for another individual), you represent that you have the authority to do so and you permit us to use the data in accordance with this Privacy Statement.
2. Data Collection
We collect Personal Data in a variety of ways:
- Online Services. We collect Personal Data when you make a reservation, purchase services from our Website, communicate with us, or otherwise connect with us or post to social media pages, or participate in a survey or promotional offer.
- Hotel Visit or email interaction. We collect Personal Data when you visit our hotel.We also collect Personal Data when you attend client events that we host, or when you provide your Personal Data to facilitate an event.
- Booking services and queries. We collect Personal Data when you make a reservation over the phone, communicate with us by email.
Data that generally do not reveal your specific identity or do not directly relate to an individual. To the extent Other Data reveal your specific identity or relate to an individual, we will treat Other Data as Personal Data. Other Data include:
- Browser and device data
- Data collected through cookies, pixel tags and other technologies
- Demographic data and other data provided by you
- Aggregated data
We collect Other Data in a variety of ways:
- Cookies. We collect certain data from cookies, which are pieces of data stored directly on the computer or mobile device that you are using. Cookies allow us to collect data such as browser type, time spent on the Online Services, pages visited, referring URL, language preferences, and other aggregated traffic data. We use the data for security purposes, to facilitate navigation, to display data more effectively, to collect statistical data, to personalise your experience while using the Online Services and to recognise your computer to assist your use of the Online Services. We also gather statistical data about use of the Online Services to continually
improve design and functionality, understand how they are used and assist us with resolving questions.
- Aggregated Data.We may aggregate data that we collected and this aggregated data will not personally identify you or any other user.
The Hermitage Hotel operates a CCTV surveillance system throughout the ground floor public areas, car park and Orangery Suite with Images being monitored and recorded centrally. The system is owned and managed by the hotel.
The responsible Manager is the Managing Director.
Images obtained from the system which include recognisable individuals constitute personal data and are covered by the Data Protection Act.
This policy has been drawn up in accordance with the advisory guidance contained within the Information Commissioner’s CCTV Code of Practice and the Home Office Surveillance Camera Code of Practice.
The hotels registered purpose for processing personal data through use of the system is crime prevention and/or staff monitoring. This is further defined as:
CCTV is used for maintaining public safety, the security of property and premises and for preventing and investigating crime, it may also be used to monitor staff when carrying out work duties. For these reasons the information processed may include visual images, personal appearance and behaviours. This information may be about staff, customers and clients, offenders and suspected offenders, members of the public and those inside, entering or in the immediate vicinity of the area under surveillance. Where necessary or required this information is shared with the data subjects themselves, employees, police forces, court or tribunal, security organisations.
The operators of the system recognise the effect of such systems on the individual and the right to privacy.
The system is intended to produce images as clear as possible and appropriate for the purposes stated. The system is operated to provide when required, information and images of evidential value.
Cameras are located at strategic points throughout the hotel, entrance and exit points of buildings.
Signage is prominently placed to inform staff, guests and members of the public that a CCTV installation is in use.
Images captured by the system are recorded continuously and may be monitored. Images displayed on monitors are not visible from outside the Managing Director’s Office and access to this room is strictly limited.
All staff entering this office are made aware of the sensitivity of handling CCTV images and recordings.
No more images and information shall be stored than is required for the stated purpose. Images will be permanently deleted after a 42 day period.
Access to images is restricted to those who need to have access in accordance with this policy.
Disclosure of recorded material will only be made to third parties in accordance with the purposes of the system and in compliance with the Data Protection Act.
Anyone who believes that they have been filmed by the system can request a copy of the recording, subject to any restrictions covered by the Data Protection Act. Data subjects also have the right to request that inaccurate data be corrected or erased and to seek redress for any damage caused.
Access requests should be addressed to firstname.lastname@example.org or by letter to:
The Hermitage Hotel
Hotel guests or visitors should address any concerns or complaints over use of the hotel’s CCTV system to email@example.com or by telephone to the hotel reception 01202 557363. Hotel staff should address any enquiries or concerns relating to the system to their line manager in the first instance.
This policy was approved on 29 th May 2018. It will be reviewed annually to ensure that the purpose still applies.
Human rights policy and statement
The Hermitage Hotel focuses on those areas of human rights that are most relevant to our business and we work to ensure our values are reflected consistently across our business.
To demonstrate our commitment to human rights we
- Support the protection of human rights, particularly those of our colleagues, the parties we do business with, and the community where we operate.
- Respect our colleagues’ rights to voluntary freedom of association under the law.
- Provide a safe and healthy working environment.
- Do not support forced and compulsory labour or the exploitation of children.
- Support the elimination of employment discrimination and promote diversity in the workplace.
- Provide our colleagues with remuneration and tools for growing their careers, and take their well-being into consideration.
- Promote fair competition and do not support corruption.
- Conduct our business with honesty and integrity in compliance with applicable laws.
The Hermitage Hotel Human Rights Statement
We are committed to developing an organisational culture which implements a policy of support for the internationally recognised human rights contained within the Universal Declaration of Human Rights, and seeks to avoid complicity in human rights abuses.
The Hermitage Hotel seeks to improve its human rights performance by referencing and implementing key international principles such as the United Nations Guiding Principles on Business and Human Rights.
We take steps to ensure that there is a culture of responsible business, and that employees act with integrity.
We are committed to operating with integrity and to complying with all relevant laws including all applicable anti-corruption legislation. We have a zero-tolerance approach to bribery and corruption and this position is clearly set out in our Code of Conduct and Anti-Bribery policy. This position applies to all employees. Bribery is not permitted under any circumstances.
The company believes that its market expects a continually improving service. We aim to continually improve the service we provide to meet and exceed our client’srequirements and to produce levels of service that we can justifiably be proud of.
Only by providing an outstanding service and product quality will we achieve our aims of long term success and sustained improvements.
All personnel within the company are responsible for the quality of their work. The company provides training and has established systems to assist all personnel to achieve the standards required. While we endeavour to produce work and offer a service that we can be proud of, we have to recognise that we don’t always achieve our own standards. When a customer complains, we are committed to investigating the complaint and will do our best to put right all justified complaints.