As a company, we are committed to the ethical and transparent use of data. This page explains what happens to any personal data that you provide to us directly or data that we collect through website cookies and other technologies.
People who visit our website
A brief summary
- We collect anonymous statistics about your visit, like which of our pages you viewed.
- Some 3rd parties like Facebook and Twitter may know you visited this website if you use their services. We can’t control them but we don’t believe this knowledge poses any threat to you.
- We never share your data with 3rd parties except to help us improve our own products.
These are just the key points. If you need detail, keep reading.
Measuring our visitors
We measure visitors to our website using Google Analytics. This records what pages you view within our site, how you arrived at our site, and some basic information about your computer. All of that information is anonymous – so we don’t know who you are; just that somebody visited our site.
The information we collect from analytics helps us understand what parts of our sites are doing well, how people arrive at our site, and so on. Like most websites, we use this information to make our website better.
We are using social interaction tools on our website – such as the “Like” and “Tweet” buttons.
To do so we embed the code that they provide and we do not control ourselves. To function their buttons generally know if you’re logged in; for example, Facebook uses this to say “x of your friends like this”. We do not have any access to that information, nor can we control how those networks use it.
Social networks therefore could know that you’re viewing this website if you use their services (that isn’t to say they do, but their policies may change).
Embedded content from other websites
Articles on this site may include embedded content (e.g. videos, images, articles, etc.). Embedded content from other websites behaves in the exact same way as if the visitor has visited the other website.
Cookies are used on this site to remember visitor preferences and improve user experience. We have provided site visitors with a clear option to accept or reject all cookies directly on our site. For detailed information about the cookies we use and why please read the Cookies section.
People who contact us via social media
Management of our social media channels (Facebook, Instagram, Twitter & Youtube) is supported by a number of third-party Marketing & PR Partners. More information is available under the Third-Party Data Recipients section included on this page.
If you send us a private or direct message via social media you should be aware that the content and any links (e.g. your name, a link to your public profile, and any information on your public profile) will also be visible/available to those partners.
Equally, if you reach out to an employee or representative of Hospitality directly through social media in relation to the company or our products the information you provide may also be processed by us in order to facilitate your request.
People who email us
We use G-Suite – a collection of SaaS products developed and maintained by Google to deliver various infrastructure services to support our business including email. In their own words “Google employs an extensive team of lawyers, regulatory compliance experts, and public policy specialists who look after privacy and security compliance for Google” – you can read more about how Google is committed to GDPR compliance across Google Cloud services here: https://cloud.google.com/security/gdpr/
We will never provide your personal information or email address to any third parties except where they are specifically employed to help deliver our services.
People who purchase our products and/or use services provided by us
We use a number of third-party Infrastructure Services & Providers to fulfill our regulatory accounting and finance obligations.
If you purchase products directly from us or use services provided by us, details of those transactions will be shared with the appropriate partner as required in order to complete the transaction/request. More information is available under the Third-Party Data Recipients section included on this page.
We follow the guidelines set out by the General Data Protection Regulation (GDPR) when we collect and process personal data which states that processing should be:
- We take every reasonable step to ensure that data is accurate and kept up to date, and that inaccurate data, having regard to the purposes for which they are processed, are erased or rectified without delay.
- The data we collect will be adequate, relevant, and limited to what is necessary for relation to the purposes for which they are processed (also referred to as ‘data minimization’).
- We process personal data in a manner that ensures appropriate security, including protection against unauthorized or unlawful processing and against accidental loss, destruction or damage, using appropriate technical or organizational measures.
- Personal data will be processed lawfully, fairly, and in a transparent manner in relation to the data subject.
- Data is collected for specified, explicit, and legitimate purposes and not further processed in a manner that is incompatible with those purposes.
- Data will only be retained for a period necessary to complete the purposes for which it was collected.
Lawful Bases for Data Processing
We only process personal data on the following legal bases:
Where the data subject has given clear consent for us to process their personal data for a specific purpose such as:
- Receiving our newsletters
Where the processing is necessary for a contract we have with the data subject, or because they have asked us to take specific steps before entering into a contract.
- Before we have a contract so that we can communicate.
- If we’re entering into a contract so that we can perform our obligations to you.
- If we have a contract together so that we can fulfill our end of the bargain.
Where the processing is necessary for us to comply with the law (not including contractual obligations) such as:
- HMRC and accounting purposes.
Right To Object To Processing
You have the right to object to us processing your data for direct marketing purposes at any time.
To ensure your request is processed efficiently please submit your request in writing directly to: email@example.com or use the unsubscribe link in the footer of any marketing correspondence you have received.
Third-Party Data Recipients
We use third-party data processors to provide various elements of our services. We have contracts in place with those processors. This means that they cannot do anything with your personal information unless we have instructed them to do it. They will not share your personal information with any organisation apart from us. They will hold it securely and retain it for the period we instruct.
In some circumstances, we are legally obliged to share information. For example under a court order or where we cooperate with other European supervisory authorities in handling complaints or investigations.