Who we are
Clermont Hotel Management Limited (“we”, “our”, “us”) is the data controller when you provide information to any of our brands, including: Thistle, Thistle Express, The Clermont Hotel, Guoman Hotels and Hard Rock Hotel London.
What information do we collect?
When you interact with our products and services, for example when browsing our website or booking a hotel room, we collect information about you and that particular interaction. Generally, this may include your personal data which means personal details from which you can be identified or are identifiable, for example:
- Contact information, and preferences;
- Information about your use of our hotels, and other services when you stay with us;
- Images of you in areas of our hotels covered by CCTV;
- Conversations you have when you call our reservations or sales teams;
- Information about anyone you’re travelling with or meeting, if that information is provided to us; and Information about the devices you use to interact with us.
- More sensitive information, for example when you tell us about dietary requirements, disabilities, and religious beliefs;
Where you provide us with sensitive details, for example in relation to requirements you may have regarding accessibility to our hotels, we will only hold this information with your express permission. This information is stored securely with restricted access and handled the greatest respect for your privacy. Where you provide information to us about other people, you need to make sure you have their permission to do so or that you can speak on their behalf, for example, in the case of children.
When and how we collect your information
We collect information you provide to us directly and indirectly when interacting with our products and services, including when you stay with us.
This may include when you:
- Book a room online, over email or on the phone;
- Create, use or manage an online account;
- Sign up to our loyalty programmes
- Visit our website or use our apps;
- Fill out our online forms or registration cards;
- Visit our hotels or use our hotel services, like room service or gym and spa facilities;
- Access hotel internet; Use our restaurants;
- Use social media login functionality;
- Interact with us in online forums, by email, text, telephone, or on social media;
- Post reviews of your stay or interaction with us; Complete our market research/customer surveys;
- and Enter competitions or promotions.
Legal basis for using your information
All organisations need a legal reason to use your personal information, if they don’t have one, they can’t use it. There are a number of legal grounds that enable data processing. It’s quite complicated but below are the most relevant grounds you should be aware of.
With your consent
There are some activities where we process personal information with your consent, for example, where we want to send you marketing messages by email, we would ask your permission first and you could opt-out at any time by clicking on the unsubscribe link on the email or updating your account preferences. We will indicate in the Policy where we rely on consent.
To fulfil a contract
We also process your personal information in order to fulfil a contract we have with you. For example, when you book a stay with us, we will process your information to administer that stay.
For a legitimate interest
Sometimes we may use your information to help achieve our business objectives but only where that activity doesn’t negatively affect your rights. For example, we might use your information to analyse occupancy rates of our hotels and adjust room rates or to send you details of special offers or other information about our hotels. You can object to us relying on our legitimate interest to use your personal data in these ways at any time through your account preferences or by getting in touch with us using the contact details below.
To comply with legal obligations
There may be situations where we need to use your information to comply with legal obligations. For example, we are required by law to keep records of who is in our hotels in case there is an emergency, so we can make sure you’re safe.
How we use your personal information
The reason we use your information will often be obvious from the way you interact with us. For example, if you book a room at one of our hotels, we would use that information to administer your stay with us. However, our uses of your information may not always be so obvious. You can find out more below. When you provide your information to us, we may use it to:
|Use of personal information||Legal basis for processing (where there is more than one, the exact grounds will depend on the activity - see the section above for an explanation of each)|
|Provide you with the products and services you have requested, including administering your booking, responding to any enquiries, complaints or requests you may have||Consent, Legitimate Interest, Contract|
|To manage our relationship with you||Consent, Legitimate Interest, Contract|
|Allow you to participate in loyalty programmes||Consent, Legitimate Interest, Contract|
|Send you market research surveys||Consent, Legitimate Interest|
|Tailor our service to your preferences, where you tell us about them||Consent, Legitimate Interest, Contract|
|Make decisions about what direct marketing to show you based on how you have interacted with us||Legitimate Interest|
|Improve our products and services online and offline, including our websites and apps||Legitimate Interest|
|Allow you to interact with us online and offline, in forums, on social media and elsewhere||Consent, Legitimate Interest, Contract|
|Monitor the use of our products and services and content||Legitimate Interest, Legal Obligation|
|Verify your identity||Legitimate Interest, Contract|
|Conduct analysis, system testing and statistical research||Legitimate Interest, Legal Obligation|
|Comply with legal obligations on us||Legitimate Interest, Legal Obligation|
|Detect ad blockers and other technologies that affect the services we provide||Consent, Legitimate Interest, Contract|
|Manage our hotels efficiency, including regulating the use of utilities, lighting and heating based on occupancy||Legitimate Interest|
|Send you product or service related communications, service messages||Legal Obligation, Consent, Legitimate Interest, Contract|
|Send you direct marketing, where you have consented||Consent, Legitimate Interest|
|Allow social sharing functionality||Consent, Legitimate Interest, Contract|
|Keep guests safe and ensure the security of our hotels||Legal Obligation, Legitimate Interest|
|Conduct data matching and audience insight activities||Legitimate Interest|
|Detect ad blockers||Legitimate Interest|
|Ensure the acceptable use of our services||Legitimate Interest, Legal Obligation|
|Facilitate payments and credit checks||Legal Obligation, Consent, Legitimate Interest, Contract|
|Facilitate the restructuring or sale of all or part of our business||Legal Obligation, Consent, Legitimate Interest, Contract|
|Investigate and respond to disputes||Consent, Legitimate Interest, Contract|
|Provide you with help and support where it may be required. For example, we contact you to provide assistance if you do not complete the booking process or experience technical difficulties, where we have your contact details||Legitimate Interest, Contract|
Updating your information
Please ensure you keep your information up to date by logging into your account and modifying it. Alternatively, you can tell us when you check-in that your information has changed and we will update it for you.
Controlling direct marketing
You can change your mind about receiving direct marketing from us or change your preferences by logging into your account, if you have one, opting-out in any marketing or product communication you have received from us or emailing us using the contact details below.
Requesting copies of your information
You may request a copy of your personal information which we may hold about you by getting in touch with us using the contact details below. You may also ask us to correct any inaccuracies in your personal information. This right may be restricted by law where disclosing information may result in the personal information of other individuals being disclosed and it would be unreasonable to do so.
Where we may rely on consent to use your information, you have the right to withdraw that consent for that processing activity at any time by logging into your account, if you have one, opting-out in any marketing or product communication you have received from us or emailing us using the contact details below. However, we may have the right to rely on an alternative legal basis for the processing activity so that we are able to provide you with the product or service you have requested and, in that case, will inform you of that.
You may have the right to object, erase, or restrict our processing of your information - for example, where we process your personal information because this is in our legitimate interests, you may object to this. We will carefully consider your request as there may be circumstances which require us to, or allow us to, continue processing your data.
Complaining to the regulator
If you have any comments, concerns or complaints about our uses of your information we would ask that you contact us first, so that we can try and resolve any matter. However, where we are unable to help, you are able to complain to the Information Commissioner’s Office in the United Kingdom or the data protection regulator in your country of residence, who will be able to liaise with the UK Information Commissioner in the UK. Details for the UK Information Commissioner can be found at https://ico.org.uk/
From time to time we may make changes to this Policy. This might be in relation to changes in the law, best practice, changes to the services we provide or collection and use of your personal information. We will always display clearly when the Policy was last updated and where appropriate, notify you of any relevant changes.
If you would like to get in touch with us, please contact
By Email: firstname.lastname@example.org
By Post: The Data Protection Officer, Clermont Hotel Management Limited, 110 Central Street, London EC1V 8AJ