Why do we keep this data?
The Immigration (Hotel Records) Order, 1972 for all serviced and self-catering accommodation states that a record of all guests over the age of 16 (full name and nationality) must be kept for at least 12 months. For those who are not British, Irish or Commonwealth guests, a passport number, place of issue and details of their next destination are listed.
How do we collect this data?
The data we collect is provided to us by you or an agent/representative acting on your behalf or/and through booking channels: Booking.com, Expedia and Freetobook (a UK booking site) when:
- forms are completed on our website or our online booking system
- we receive confirmed booking from booking channels
- we receive an email or a letter
- information is provided to us by telephone
- you tell us in person
What data we collect?
We must, as a minimum, collect the following information from guests on their arrival (including information we need to complete your booking):
- The full name and address of the person making the booking
- The email address of the person making the booking
- The telephone number of the person making the booking (landline and/or mobile)
- Credit/debit card details. These data will be entered into our secure payment terminal (Portable card machine). We will not hold your card details other than within the secure payment system. We request that you DO NOT provide card details by email.
For all who are not British, Irish or Commonwealth guests:
- passport number and place of issue (or other document which shows their identity and nationality) - details of their next destination (including the address, if known) on or before departure.
How we store your data and keep it secure?
We take all reasonable technical and organisational precautions to store your information in a secure manner and prevent its loss or misuse. Through the booking process of Booking.com, Expedia or Freetobook, Robin 7 Lodge City Centre has viewing access to booking details such as addresses, phone numbers and credit card details. This information can be viewed by secure extranet or app on pc, laptop or mobile phone. All computers, laptops and mobile phones are password protected and each extranet site and app is password protected with additional layers of security such as access codes. All credit and debit card data captured via our booking system or by other means is kept secure with the PCI level 4 compliance of PCI DSS Card Storage. Where you choose to pay us by credit or debit card using our processing terminal (whether it is by using the physical card or when we process a card in the “cardholder not Present” manner), we will have a printed receipt slip that contains details of the amount paid and some card details. This receipt slip is kept in a secure location and can only be accessed by authorised personnel. The slip is kept separately from any other information that could identify the card as belonging to an individual. Card payment slips are only kept for as long as is reasonable and destroyed using a security grade shredder. On arrival, we require you to verify your identity and booking details by signing a printed registration form that includes the personal information you (or your representative) have provided. This registration form is kept in a secure location and can only be accessed by authorised personnel. This form is only kept for as long as is reasonable and destroyed using a security grade shredder.
How long is this data stored?
The Visitor’s Book is an ongoing record of guests who have stayed at Robin 7 Lodge City Centre, and only full name and nationality (For all who are not British also passport number, place of issue and next destination) are kept for at least 12 months. Other temporary data such as guest’s addresses, email addresses and mobile phone contact numbers are deleted after the guest's stay, by both the booking channel and by Robin 7 Lodge City Centre directly. The Visitor’s Book is kept in a secure location and can only be accessed by authorised personnel.
Using your personal information
The personal information provided to us will only be used in connection with the services we are providing to you and is intended to improve your experience. We may use your personal information to:
- Process your booking and provide confirmation details
- Obtain payments for our services via credit/debit card
- Respond to any questions or comments via e-mail, telephone or post
- Provide information that may be useful to you before your arrival
- Request feedback about your stay with us, the booking experience and our website. This is sometimes done in conjunction with TripAdvisor and Freetobook.
- Return any items that you may forget to take with you on check-out
Disclosures, Data Storage and Information sharing
We will not store or process your personal information outside the United Kingdom. Other than this, we may disclose your personal data as required by law to any third parties.
We consider obtaining feedback about your stay as part of the service we provide. To this end, we do supply your email address to TripAdvisor or/and Freetobook for the sole purpose of obtaining this feedback. You are under no obligation to provide such feedback, and you will only receive 1 email from each of our review partners. If you do provide feedback this may be used for marketing purposes, but we will not disclose any of your personal information.
Third party websites
Our website contains links to other websites. We are not responsible for the privacy policies or practices of third party websites and you should exercise caution and look at the privacy statement applicable to the website in question.
You may request that we provide you with any personal information we hold about you. Provision of such information will be subject to the supply of appropriate evidence of your identity ( e.g. a photocopy of your passport certified by a solicitor or bank plus an original copy of a utility bill showing your current address). You also have the right to request that we delete and destroy your personal data. Subject to providing evidence of your identity (see above) we will be happy to comply with a request to delete your data.
Who we are and how to Contact us?
Details of Freetobook data protection:
Freetobook is compliant and supportive of GDPR data rules. Freetobook does not store or capture any personal data that is not strictly needed for the booking process nor do they ever transfer any personal data to any other party if it is not part of the booking process.
UPDATED MAY 2018