Last updated 11th June 2018
Direct Booking - When you make a booking with us we collect the names of the guest booking, home address, email address and telephone number via our booking form to enable us to answer your queries and for booking purposes. This contractual data is held securely by ourselves and is not shared with any third parties.
Booking through Holiday Letting (owned by TripAdvisor) - When you make a booking through Holiday Letting the information they collect may include, but is not limited to: your name, email address, postal address, phone number and billing information.
Booking through HomeAway - When you make a booking through HomeAway the information they collect to enable your booking request may include, but is not limited to: your name, email address, and phone number as well as billing information.
Booking through Airbnb - When you make a booking through Airbnb the information they collect to enable your booking request may include, but is not limited to: your name, email address, date of birth and phone number as well as billing information.
We use your name and home address as part of the booking process. We use your email address to send you confirmation of the booking and other information you may find useful for your stay prior to arrival.
After your stay you will receive an email asking for any feedback. We also provide details of different ways you can leave a review if you choose. If you leave a review, we may display this on our website. However, this is done in an anonymised way.
All data you supply us, as part of the booking process, is stored securely on our booking system as well as with Holiday Lettings. We do not store any payment details. We will not share your information with any third party unless there is a legal reason to do so.
If you use our website contact form, a record of your email is stored securely on the website and securely deleted after one year. We back up our website to an external secure server in a destination outside the European Economic Area (EEA) in which data protection laws may be of a lower standard than in the EAA. Regardless of location or whether the person is an employee or contractor, we will impost the same data protection safeguards the we deploy inside the EAA. All contact form information and reviews, submitted via our website, are accessible by our website manager. This information is used by the website manger as explained in this policy and is kept confidential and secure.
We retain personal information about you for the period necessary to fulfil the purposes outlined in this policy, to meet contractual requirements and legal obligations. We review our retention periods for personal information on a regular basis. When your information is no longer required, we will ensure it is disposed of securely.
No data transmission over the Internet can be guaranteed to be secure from intrusion. However, we maintain physical, electronic and procedural safeguards to protect your personal information in accordance with applicable data protection legislative requirements. We have put in places procedures to deal with any suspected data security breach and will notify you and any applicable regulator of a suspected breach as required by regulations.
You have a right of access to the information we hold on you, as well as the right to request we amend it or delete it, unless prohibited by law. This will be done within 30 days of the request. There is no charge to access, update or delete your information. You can contact us to request this by email: firstname.lastname@example.org or by post to: Carn Du Reservations, Spye Arch House, Spye Park, Lacock, Chippenham, Wiltshire SN15 2PR.