This is our Privacy Notice, in it you can find all the information you need about how we use your personal data.
Who we are
The property is owned and operated by Nici Hotels Limited, a company registered in England and Wales under Company No 10934327 with registered office at The Lathe, Northbrook, Farnham, Surrey, GU10 5EU (the “Company” or “We” or “Us”)
Personal Information we collect
We may collect and process the following data about you summarised by category:
Contact and identification details
We may record your name, postal and email addresses, telephone numbers and contact preferences when you enquire on our website or when you sign up for a newsletter, make a booking or connect to our wireless network service.
Session and device details
We record your name, email address, your device’s MAC address and IP address when you log on to our wireless network.
If you pay for goods and services in our properties by card we record your payment card details.
Usage and attendance details
We may capture your image on CCTV when you visit one of our properties.
When booking at one of our hotels, restaurants or spas we will keep a record of your booking and any transactions. Where required within our spa, we will keep details of all consultations which may hold information about your general health and treatment.
Correspondence and incidents
If you contact us we may keep a record of that correspondence and any comments and responses you submit via surveys and our feedback system.
If you or your child is involved in an incident at one of our properties, we will record details of the incident.
How we use your Personal Information
Legal basis for processing
Contact and identification details
We use your contact details to respond to your enquiry or manage your booking and to let you know about our products and services which may be of interest (including through the use of email, phone and text if you have agreed to receive this information from us electronically).
Session and device details
We use session and device details to manage access to our network, to make our website easier to use and to alert you about bookings and classes through our mobile app.
We use your payment card details to collect payment for goods and services. We use your payment details to collect fees and other payments due from you in line with our terms and conditions; to take advice and action in relation to the collection of debts and to assist us in resolving any disputes.
Usage and attendance details
We use CCTV for the prevention and detection of crime and the health and safety of guests and staff. We use information about website usage to make our website easier to navigate.
We use the information you give us when visiting the property to manage our bookings and to inform our staff.
We use usage and attendance data to administer our booking policy and the terms and conditions on the use of our facilities; to improve your experience of our facilities and to tailor our communications with you.
Correspondence and incidents
We use your feedback to improve our facilities and services and to assist us in dealing with any query you may have. We record details of incidents to comply with our obligations under health and safety legislation.
Details about your child
We use the information you give us about your child to safeguard their health and safety.
Your personal circumstances
We use the information you give us to administer our policy on suspension or cancellation.
We use call recordings to monitor the quality of our service, to investigate and resolve complaints and for the detection, investigation and prevention of crime (including fraud).
We may also use the information that you provide or that we collect in any other way as described to you at the time of collection of your personal data.
Special Categories of Personal Data
We may process information about you. Where the processing is to provide a service to you, we will always ask for your agreement. If you are not happy for us to have this information you do not have to agree, and you can change your mind at any time.
Sharing your information with others
We value your privacy and do not sell your information to any third parties under any circumstances.
We may give information about you to the following third parties, who may use it for the same purposes as us and also as set out below:
- We share data with our agents, contractors and employees to administer your visit , your booking, and any products and services provided to you now or in the future.
- We share your card and bank details with our secure payment providers to process card transactions and direct debit payments.
- We share your contact details and preferences with mailing houses, our marketing agencies, systems providers and other distributors for the distribution of information to you.
- We share contact and identification details with our media agents, search engine providers and social media platforms so that we can tailor our communications to the right audience.
- We may share your data with anyone to whom we transfer or may transfer our rights and duties under our agreement with you, if we have a duty to do so or if the law allows us to do so. This includes exchanging information with other companies and organisations for the purposes of fraud protection and credit risk reduction.
- We share data with third parties who will help process or administer our services or who will provide advice and take action in relation to the collection of debts.
How long we keep your information
We keep the information that you provide or that we collect only for as long as we need to in line with the reason it was collected. More detail is given below for each category of information.
We keep your contact details for up to four years after your first enquiry. We keep enough information to record your communication preferences indefinitely in order to avoid sending you unwanted information in future.
We keep correspondence for up to seven years in case you contact us again about the same subject.
We keep details of incidents for three years after the date of the incident.
CCTV recordings are deleted automatically after 28 days.
You have the right to make a request for a copy of the personal data that we keep about you or to correct the details that we hold about you. We will respond within one month.
If you would like to know what personal information we hold about you, or would like us to correct the details we hold about you, you should write to the address below or email firstname.lastname@example.org, enclosing proof of your identity (such as a copy of your passport or driving licence) and asking to see your personal information or asking us to correct the relevant information. You will have to give us enough information so we can identify the personal information you have asked to see or have corrected. We do not have to respond to your request until you have given us the information we need. We will contact you within one month of your request or, where we have asked for further information to identify you, within one month of receiving such information.
You have the right to receive the information in a portable electronic form. If your request is by email from the address that we hold for you we will respond by email to that address.
You have the right to ask us to erase your personal data under certain circumstances.
You have the right to ask us to stop processing your personal data where the processing is based on our legitimate interests. This does not include processing which is in line with our Terms and Conditions , for example payment processing. If we believe we have a legitimate reason for processing your personal information including for the defence of any legal claims we may decline your request.
Under certain circumstances, for example if we decline your request to stop processing, you have the right to ask us to restrict the processing of your personal data.
Updating Your Marketing Preferences
We may use your personal information to provide you with marketing information about our products and services such as newsletters, product updates, surveys, company announcements and invites to events that will be of interest to you.
You can opt out of receiving marketing messages at any time by following the unsubscribe links located within any electronic communication from us. You can also contact us by phone or email using the contact details on our website.
Please note that, even if you opt out of receiving marketing messages, we may still send you service related communications where necessary.
Your Right to Complain
If you are unhappy about how your personal data is being processed you should raise your concern with us first – see “Contacting Us” below. If you are not happy with the way that we deal with your concerns you can contact the Information Commissioner’s Office (ICO) at ico.org.uk
When you visit one of our websites or mobile applications, we may send you a cookie. A cookie is a small file that can be placed on your computer’s hard disk or mobile device for record-keeping purposes and we may use them to do a number of things.
Cookies help us to recognise you when you next visit one of our websites and note the advertisements displayed to you. This allows us to tailor the advertisements we provide to your preferences. We may use the services of third party ad servers for this purpose.
Cookies may be used to compile anonymous statistics related to the take up or use of services, or to patterns of browsing. A third party collects such data on our behalf to measure web site performance. Information collected is aggregated for reporting purposes. No personally identifiable information is collected by this service. The use of this service assists us in measuring and improving the structure and ease of use of our web sites.
We cannot be responsible for any technical faults or failures to your system.
Security and Liability
In order to comply with our obligations under Data Protection law, we will protect your personal data from unauthorised access, misuse, alteration or loss by using commercially reasonable security measures. Any payment transactions will be encrypted using SSL technology.
Nothing in this policy in any way excludes or limits our liability for negligence causing death or personal injury or for fraudulent misrepresentation.
Unfortunately, the transmission of information via the internet is not completely secure. Although we will do our best to protect your personal data, we cannot guarantee the security of any data transmitted to our site; any transmission will be at your own risk.
We are not responsible or liable to you for any loss or damage you may suffer or incur in connection with your use of our online services which is caused by any event beyond our reasonable control including the electronic transmission of information, content, material and data over the internet and the interception and decryption of it by others.
We are not responsible to you for any losses or damage you may suffer caused by any distributed denial-of-service attack, or any viruses, trojans, worms, logic bombs or other material which is malicious or technologically harmful and which may infect, contaminate or damage your computer equipment or computer programs, or cause damage to software or damage to or loss of data unless caused by our negligence.
You should ensure that you use appropriate virus checking software and firewalls.
Whilst we have taken reasonable steps to ensure the accuracy, currency, correctness and completeness of the information contained on our website, we do not check, review, monitor, verify or endorse any information, content, material or data collected from or provided by third parties which is displayed on or is otherwise available from our website or any third party websites or services which you can access from our site.
We are not responsible to you for any loss, damage or injury you may suffer or incur in connection with such information, content, material or data. It is your responsibility to check that such information, content, material or data is accurate, current, correct and complete.
If your personal data is accessed by an unauthorised third party, we will not be responsible for any direct or indirect damage caused as a result of such unauthorised access.
Where we have given you a password which enables you to access certain parts of our site, you are responsible for keeping this password confidential. We ask you not to share your password with anyone.
Whilst we take all reasonable steps to ensure that our website continues to be available there may be times when it is not available. This may be for reasons relating to the maintenance of, or alterations to, the website or for reasons beyond our control. We are not responsible to you if the website is unavailable.
Or by writing to: Nici Hotels Limited T/A Avington Park, Avington, Winchester SO21 1DB
This policy was last updated 28th July 2021.