Book Now

Privacy policy

Hilly Hideaway (“We “or “us”) is committed to protecting and respecting your personal data and privacy. This privacy policy relates to our use of any personal data we collect from you from any of our services. Whenever you provide such information, we are legally obliged to use your information in line with all applicable laws concerning the protection of personal data; including the Data Protection Act 1998 (DPA) and The General Data Protection Regulation 2016 (GDPR) together, and with other subsequent laws “Data Protection Laws”.

Our contact details

For the purpose of the Data Protection Laws, the data controller is Hilly Hideaway. If you want to request more information about our privacy policy or information regarding data protection you should contact us using the details provided below:

Hilly Hideaway
North Hill Farm
North Hill
Chorleywood
WD3 6HA

Email: [email protected]
Telephone: +44 790 864 5173

What type of information we have

We collect and process Personal Data for the purpose of booking a stay in our lodge. Typically the Personal Data we collect and process will include name, address and email address but we may collect and/or process other Personal Data from time to time. It also may include IP address and cookies of your visit to websites.

We only collect data from you directly or via third parties (see Third Parties below).

How we get the information and why we have it

We collect and process Personal Data. Typically the Personal Data we collect and process will include name, address and email address but we may collect and/or process other Personal Data from time to time. It also may include IP address and cookies of your visit to websites.

Most of the personal information we process is provided to us directly by you for one of the following reasons:

  • When you provide your details on booking - so we can contact you
  • When you contact us to ask a question or give feedback - so we can reply

We also receive personal information indirectly, from the following sources in the following scenarios:

  • When you contact us via social media, we may be able to see other information you have provided on the social media platform, depending on your personal settings.
  • When you make a payment to us via bank transfer, we can see some details on our bank statement e.g. the name on your account.
  • When you use our website or other online services, data about your visit may be recorded e.g. the browser you used, the length of your visit, which pages you viewed.

Under the General Data Protection Regulation (“GDPR”), the lawful bases we rely on for processing this information are:

  • Your consent. You are able to remove your consent at any time. You can do this by contacting us in writing
  • We have a legitimate interest.

What we do with the information

We may use information held about you to:

  • ensure that content from our site is presented in the most effective manner for you and for your devices;
  • provide you with information, products or services that you request from us or which we feel may interest you (where you have consented to be contacted for such purposes or by Legitimate Interest);
  • carry out our obligations arising from any contracts entered into between you and us;
  • allow you to participate in interactive features of our service when you choose to do so, e.g. asking a question through our website.
  • carry out necessary maintenance to our infrastructure; and
  • notify you about changes to our services

We also embrace the use of social media and may wish to process any comments made public by you.

Occasionally, we may also share certain limited information with external suppliers. If this is the case, you will always be told exactly what information will be shared and it will not be shared without your consent.

How we store your information

Information provided digitally is securely stored on cloud storage that meets the requirements of current data protection legislation. We sometimes use cloud services that transfer your data outside of the UK or European Economic Area (e.g. we use Google services who have servers outside this area). We will ensure that any such companies provide you an adequate level of data protection to make sure we comply with relevant legislation. Digital information may also be stored on the personal computers and devices of employees or contractors engaged by us, while it is being used. All employees are expected to maintain adequate security on computers and other devices.

How long we store your information

We keep personal information related to bookings until the event and any related administration has been completed. This is usually a few weeks after the booking. Specific time periods will be given when you provide your information. We will then dispose of your information by shredding paper copies and deleting digital copies, ensuring that back-ups and ‘recycle bins’ are also deleted.

When you have made a bank transfer to us, any details provided by your bank against your payment will be contained on our bank statements and kept for at least 6 years.

When you contact us, we will keep your information until no later than the end of the next calendar year.

Your Data Protection rights

Under data protection law, you have rights including:

  • Your right of access - You have the right to ask us for copies of your personal information.
  • Your right to rectification - You have the right to ask us to rectify information you think is inaccurate. You also have the right to ask us to complete information you think is incomplete.
  • Your right to erasure - You have the right to ask us to erase your personal information in certain circumstances.
  • Your right to restriction of processing - You have the right to ask us to restrict the processing of your information in certain circumstances.
  • Your right to object to processing - You have the right to object to the processing of your personal data in certain circumstances.
  • Your right to data portability - You have the right to ask that we transfer the information you gave us to another organisation, or to you, in certain circumstances.
  • Your rights in relation to automated decision making and profiling – We do not use automatic decision making or processing.

You are not required to pay any charge for exercising your rights. If you make a request, we have one month to respond to you.

Please contact us in writing if you wish to make a request.

How to complain

You have the right to complain about the processing of your personal data. Please contact us using the details provided above.

You can also complain to the ICO if you are unhappy with how we have used your data. The ICO’s address:

Information Commissioner’s Office
Wycliffe House
Water Lane
Wilmslow
Cheshire
SK9 5AF

Helpline number: 0303 123 1113

Review

We keep our privacy policy under regular review and you should check back regularly to ensure you are aware of changes to it. We may display this notice to you from time to time to help ensure you are aware of its contents.

Last reviewed September 2024.

©2024 Hilly Hideaway All rights reserved - Powered byLodgify