When we collect and use your personal data, we are subject to Data Protection Act 2018 and for the purposes of the law, Chardon Hotels Ltd is the 'data controller’, that is, the company which is responsible for and controls the processing of your personal data.
Below explains some key terms used in this policy:
|We, us, our||Chardon Hotels Ltd|
|Our Data Protection Officer||Elisabeth Steel
0141 332 9899
|Personal Data||Any data relating to an identified or identifiable individual|
|Special Category Personal Data||Personal data revealing racial or ethnic origin, political opinions, religious beliefs, philosophical beliefs or trade union membership.
Genetic and biometric data.
Data concerning health, sex life or sexual orientation.
Personal data we may collect about you
In supplying services, we may view, collect or be sent personal information about yourself, your employees or your customers.
How your personal information is collected
We collect or view this personal information via email or on documents shared with us by you, as part of a business relationship.
How and why we use your personal information
Under data protection law, we can only use your personal information if we have a proper reason for doing so, e.g.:
- To comply with our legal and regulatory obligations;
- For the performance of our contract with you or to take steps at your request before entering into a contract;
- For our legitimate interests or those of a third party; or
- Where you have given consent.
A legitimate interest is when we have a business or commercial reason to use your information, so long as this is not overridden by your own rights and interests.
If we request consent for any processing (e.g. electronic marketing only), you will always be able to withdraw it, please see ‘How to Contact Us’ below if you wish to do so.
What we use your personal information for
- To provide business consultancy services.
- To manage our contracts with third parties.
- To prevent and detect fraud against our company, the individuals we provide accommodation to, or the third parties we have contracts with.
- To conduct checks to verify the identity of individuals we provide services to.
- To manage the day to day running of our services.
- Operational reasons, such as administration, improving efficiency, training and quality control.
- Ensuring safe working practices, staff administration and assessments.
- Necessary for us to prepare and manage the services that we offer to clients.
- For the performance of our contract with our third parties or to take steps at their request before entering into a contract.
- For our legitimate interests or those of a third party, i.e. to minimise fraud that could be damaging for us and for our partners.
- To comply with our legal and regulatory obligations.
Who we share your personal information with
We share personal information with:
- Third parties we are contracted to deliver services to.
- Other third parties we use to help us run our business.
- Law enforcement agencies in connection with any investigation to help prevent unlawful activity.
- Our regulators.
Where your personal information is held
- Information may be held at our offices. We do not share your information with any third parties.
- We will not transfer your information out of the EEA '.
How long your personal data will be kept
We will keep your personal data while we are providing services to you. We keep your personal information to allow us to:
- Respond to any questions, complaints or claims made by you or on your behalf.
- Show that we treated you fairly.
- Keep records required by law.
We will not retain your personal information for longer than necessary for the purposes set out in this policy. When it is no longer necessary to retain your personal information, we will delete or anonymise it.
You have the following rights:
|Access||The right to be provided with a copy of your personal information (the right of access)|
|Rectification||The right to require us to correct any mistakes in your personal information|
|To be forgotten||The right to require us to delete your personal information—in certain situations|
|Restriction of processing||The right to require us to restrict processing of your personal information—in certain circumstances, e.g. if you contest the accuracy of the data|
|Data portability||The right to receive the personal information you provided to us, in a structured, commonly used and machine-readable format and/or transmit that data to a third party—in certain situations|
|To object||The right to object:?
—at any time to your personal information being processed for direct marketing (including profiling);?
—in certain other situations to our continued processing of your personal information, e.g. processing carried out for the purpose of our legitimate interests.
|Not to be subject to automated individual decision-making||The right not to be subject to a decision based solely on automated processing (including profiling) that produces legal effects concerning you or similarly significantly affects you|
If you would like to exercise any of those rights, please Email, call or write to us or our Data Protection Officer—see below: ‘How to contact us’;
How to contact us
Our contact details are shown below:
Registered office address: 3rd Floor, 142 West Nile Street, Glasgow, G1 2RQ
Contact email address: Elizabeth.firstname.lastname@example.org
Contact telephone number: 01413329899
HOW to complain
We hope that we or our Data Protection Officer can resolve any query or concern you may raise about our use of your information.
The General Data Protection Regulation also gives you right to lodge a complaint with a supervisory authority, in particular in the European Union (or European Economic Area) state where you work, normally live or where any alleged infringement of data protection laws occurred. The supervisory authority in the UK is the Information Commissioner who may be contacted at https://ico.org.uk/concerns or telephone: 0303 123 1113.