When you make an enquiry about the goods or services we supply or purchase/order goods or services from us, you will need to provide us with certain personal data relating to you. Your privacy is extremely important to us so we want you to know exactly how we will use that personal data. We’ve set out all the details below.
Our full name is Vale of Glamorgan Hotel Limited known as the Vale Resort. We will be the data controller in respect of any personal data you provide to us. This term “data controller” is a legal phrase used to describe a person or entity that controls the way personal data is used and processed.
1. What information will we hold about you?
As a customer/potential customer of The Vale Resort we will ask you to provide us with certain personal information about you when you make an enquiry about our goods or services and/or when you purchase goods or services from us. This information will include:
• Your name
• Your address
• Your email address
• Your telephone number
• Your bank details or credit card information (when you actually book or join)
• Your IP address, cookies and your browsing activity where you use our website
• Details about your health and medical conditions for the purpose of ensuring safe use of the leisure club facilities.
2. What will we use your information for and what are our legal bases for doing so?
We use the personal information we hold about you for a number of different purposes, which we list below. Under data protection law we need to have a valid legal basis for using your personal information, we also set out below the legal bases which we will be relying upon.
Information you give to us. We will use this information:
In these cases the legal basis that we will be relying upon to process your personal information will be because it is necessary for the performance of the contract between us.
We will also use the personal information we hold about you for the following reasons:
In this case our legal basis for processing your personal information will be because the processing is in our legitimate interests, namely to provide you with a high level of service, resolve complaints and to promote our business, or in the case of credit checks to protect our financial position.
We will also use the personal information we hold about you to comply with any regulatory requirements or applicable laws and our legal basis for doing so will be that it is necessary for us to so to comply with legal obligations to which we are subject.
Some of the personal data we request will be because we have a legal or contractual requirement to obtain and use the information or it is necessary for us to obtain the information to be able to enter into a contract with you. Failure to provide such information will prevent us from providing you with such goods and/or services.
While we do not carry out any automated decision-making or profiling in relation to you directly, if you decide to take advantage of one of our finance offers, our finance providers use an automated system to check your credit history and confirm eligibility.
3. Who do we share your information with?
From time to time we will need to share your information with other people and organisations. We will only do so where we have a legitimate legal basis for doing so and in compliance with our obligations under data protection laws.
Your information may be disclosed to other organisations/individuals in the circumstances set out below:
• Third-Party Service Providers: We use other companies and individuals to perform functions on our behalf. Examples include holding data about your exercise routines to allow you to chart your improvement, sending postal mail and e-mail, analysing data, providing marketing assistance, processing credit card payments, and providing customer service . Such providers will have access to personal information about you needed to perform those functions, but may not use it for other purposes.
• Business Transfers: As we continue to develop our business, we might sell or buy stores, subsidiaries, or business units. In such transactions, customer information is generally one of the transferred business assets but remains subject to the promises made in this Privacy Notice. Also, in the unlikely event that Vale Resort Limited, or substantially all of its assets are acquired, customer information will of course be one of the transferred assets.
• Protection of Vale of Glamorgan Hotel Limited and Others: We release account and other personal information when we believe release is appropriate to comply with the law; enforce or apply our terms and conditions and other agreements; or protect the rights, property, or safety of Vale of Glamorgan Hotel Limited, our users, or others. This includes exchanging information with other companies and organisations such as the Police, credit reference agencies, professional or regulatory bodies, debt collection and tracing agents for fraud protection, credit referencing and credit risk reduction.
• Where we are legally obliged to do so, e.g. to comply with a court order
• To our professional advisers for example our lawyers or accountants when they need it to give us their professional advice.
• To other suppliers where you have shown an interest in their products
• To manufacturers in order to register warranties
We do not transfer any of your personal data outside the European Economic Area unless the organisation we are sharing the data with is either approved by the European Commission as providing adequate protection or there are appropriate safeguards in place in accordance with GDPR.
We review the ways we use your information regularly. In doing so, we may change what kind of information we collect, how we store it, who we share it with and how we act on it. If we make any such changes we will contact you to notify you.
4. How long do we keep your information for?
To make sure we meet our legal data protection and privacy obligations, we only hold on to your personal data for as long as we actually need it for the purposes we acquired it for in the first place.
This means we will usually keep information relating to any transaction you make with us for 10 years incase any contractual disputes arise. The only exceptions to this are for documents that we may need to rely on in evidence against a future claim against the business; for example accident forms, which we hold indefinitely. We will retain your contact details for direct marketing purposes unless and until you inform us that you no longer wish to receive direct marketing information from us.
5. Individual rights
Data protection legislation provides individuals with a number of different rights in relation to their data. For example, you have the right to ask us whether we hold information about you and if so, to obtain certain details about that information and/or the information itself. Exercising this right is commonly known as a “subject access request”. Certain exemptions and conditions apply to this right.
There are other rights which you also may be able to exercise (such as the right to have inaccurate personal data rectified, to object to the processing of personal data, to require the erasure of personal data or to have the processing of your personal data restricted as well as the right to have electronic data made portable). All these rights are subject to certain conditions and exemptions.
To obtain further information about these rights please see the ICO website - www.ico.gov.uk. If you wish to exercise any of these rights please contact or you want to advise us of changes to your personal details you can email [email protected] or write to us Privacy Team, Vale of Glamorgan Hotel Limited, Mwyndy Business Park, Pontyclun, CF72 8PN.
6. Where to get more information about your data protection rights
The Information Commissioner’s Office (ICO) regulates data protection and privacy matters in the UK. They make a lot of information accessible on their website – www.ico.gov.uk.
You can make a complaint to the ICO at any time about the way we use your information. However, we hope that you would consider raising any issue or complaint you have with us first. We will always do our very best to solve any problems you may have.
7. Contact us
You’re welcome to get in touch with us to discuss your information at any time. Our contact details are here you can email [email protected] or write to us Privacy Team, Vale of Glamorgan Hotel Limited, Mwyndy Business Park, Pontyclun, CF72 8PN.