Emmaus House Guest House provides full clarity on how your information is collected, stored and processed by us. This page will outline our policy on how we will use and protect your personal information in compliance with GDPR.
Information we collect
The personal information we collect (including information we need to complete your booking) includes the following:
The full name and address of the person making the booking
The email address of the person making the booking
The telephone numbers of the person making the booking (landline and/or mobile)
The names of all guests staying as part of the booking (not mandatory)
Your time of arrival at our guest house. This may include us making a note on your booking form that you are arriving by train or plane etc. This is to make sure we can let you into the house.
Any additional information you wish to provide that you feel is pertinent to your stay (e.g. food or other allergies, dietary requirements, special requirements, etc.)
Credit / Debit card details (which are stored securely by SagePay. We can only view the last 4 digits and the expiry date of the card). We also lose access to these on the day you checkout.
If you provide Credit/debit card details over the telephone or in person these will be entered into our secure payment system. We will not hold your card details other than within the secure payment system. We request that you DO NOT provide card details by email.
How we collect data
The data we collect is provided to us by you or an agent/representative acting on your behalf. It is collected when:
You complete forms on our website or our online booking system
You provide information to us in an email or a letter
You provide information to us by telephone
You tell us in person
How we store your data and keep it secure
We take all reasonable technical and organisational precautions to store your information in a secure manner and prevent its loss or misuse.
Your data is stored on a secure database operated by our booking manager Freetobook. This database is fully compliant with the GDPR data rules.
This Freetobook database does not store or capture any personal data other than as detailed above (see the Information we Collect).
Neither Emmaus House Guest House nor Freetobook will transfer any personal data to any other party if it is not part of the booking and review process.
Example: The room booking will be passed from Freetobook to Expedia.com but it will only appear as red block on the room. Freetobook will not pass on any personal information, only that the room is occupied.
All credit and debit card data captured via our booking system or by other means is kept secure with the PCI level 1 compliance of FabPay, Stripe and PCI Card Storage.
We do not have physical card processing terminal. All payments using a card will be processed through Freetobook and its card system.
Using your personal information
We may use your personal information to:
Process your booking and provide confirmation details
Obtain payments for our services via credit/debit card
Respond to any questions or comments via e-mail, telephone or post.
Provide information that may be useful to you
Request feedback about your stay with us, the booking experience and our website. This is sometimes done in conjunction with TripAdvisor and Freetobook.
Return any items that you may forget to take with you on check-out
Disclosures and Data Storage
We will not store or process your personal information outside the United Kingdom. Other than this, we may disclose your personal data as required by law to any third parties.
We consider obtaining feedback about your stay as part of the service we provide. To this end, we do supply your email address to third parties (including TripAdvisor, Expedia and Freetobook) for the sole purpose of obtaining this feedback. You are under no obligation to provide feedback, and you will only receive 1 email from each of our review partners. If you do provide feedback this may be used for marketing purposes, but we will not disclose any of your personal information.
Embedded content from other websites
Articles on this site may include embedded content (e.g. videos, images, articles, etc.). Embedded content from other websites behaves in the exact same way as if the visitor has visited the other website.
You may request that we provide you with any personal information we hold about you. Provision of such information will be subject to the supply of appropriate evidence of your identity (e.g. a photocopy of your passport certified by a solicitor or bank plus an original copy of a utility bill showing your current address). You also have the right to request that we delete and destroy your personal data. Subject to providing evidence of your identity (see above) we will be happy to comply with a request to delete your data.
Third party websites
Our website contains links to other websites. We are not responsible for the privacy policies or practices of third party websites and you should exercise caution and look at the privacy statement applicable to the website in question.
Please let us know if the personal information which we hold about you needs to be corrected or updated.
How to Contact us
Information Commissioners Office Guide to GDPR: https://ico.org.uk/for-organisations/guide-to-the-general-data-protection-regulation-gdpr/