For the purposes of the Site, the data controller isDornoch Castle Hotel. Full contact details are provided below. The data controller is a legal term used in the Data Protection Act 1998 and 2018 (the “Act”) to signify the person who controls what to do with any given personal information.
For the purposes of this Policy:
“Personal Data” means information about an identified or identifiable individual. An identifiable individual is one who can be identified, directly or indirectly, in particular by reference to an identification number or to one or more factors specific to his physical, physiological, mental, economic, cultural or social identity; and “Processing” means the collection, recording, organisation, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, blocking, erasure or destruction, or any other use, of Personal Data.
We may collect Users’ Personal Data, and further Process those Personal Data, as set out below. Third parties may also provide Dornoch Castle Hotel with Personal Data about Users. Such Personal Data will be Processed in accordance with this Policy.
Collection of Personal Data
Dornoch Castle Hotel may collect Personal Data from Users or their devices when they: visit any Services, register to use any Services, use any Services, download any Services, contact us by mail, phone, email or any other means; or otherwise interact with us.
When Users visit the Site, their devices and browsers will automatically disclose certain information. The disclosed information may include a User’s browser characteristics, IP address, device operating system, language settings, dates and times of connecting to the Site and other technical communications information. Some of this information may constitute Personal Data. Dornoch Castle Hotel may also collect information about your online activities over time and across third party websites or services.
Dornoch Castle Hotel may also collect any of the following types of Personal Data from Users, in the course of using the Site: contact information (e.g., name, address, email address, phone number, or social media details), username and password. We may use your contact information to send you information about our Services, when we feel such information is important. You may unsubscribe from these messages through your User account settings, although we reserve the right to contact you even if you unsubscribe if we believe it is necessary in connection with the Services, such as for account recovery purposes.
Dornoch Castle Hotel may further collect any content that Users submit via the Site.
We may collect statistical information about the use of the Services by unregistered and registered users. Some of this information is derived from Personal Data.
Users may refuse to supply Personal Data when using the Site, or the Services, but doing so may prevent them from accessing the Services or certain features of the Services.
Dornoch Castle Hotel may receive Personal Data about third parties from Users (for example, if third parties are identified in any communications sent from Users toDornoch Castle Hotel). Whenever Users make any such disclosures, Users must ensure that any affected third parties have consented to: (i) the disclosure of their Personal Data toDornoch Castle Hotel; and (ii) Dornoch Castle Hotel further Processing of those Personal Data in accordance with this Policy. If Users cannot obtain such consent, Users must refrain from communicating the Personal Data of third parties toDornoch Castle Hotel.
Processing of Users’ Personal Data
Dornoch Castle Hotel may Process Users’ Personal Data for the following purposes:
- to display the content of the Site, and the Services and any customisations selected by the User;
- to support, enhance and improve the Site, the Services and our customer service;
- to verify the User’s identity;
- to respond to Users’ service requests and support needs;
- on an aggregate basis, to understand how Users collectively use the features of the Site, and the Services;
- to administer content, promotions, surveys or other features of the Site, and the Services;
- to show and send Users information and content relevant to their interests;
- to send Users communications regarding administration of their accounts and the features of the Site, or the Services;
- to notify Users of changes to the Site, or the Services;
- to perform data analyses and other Processing (including trend analysis and financial analysis);
- to give effect to the User’s legal rights;
- to share interests and other relevant information between Users;
- to protect against fraud, identity theft, and other unlawful activity;
- to exercise legal rights or defend legal claims;
- to comply with applicable laws and regulations, relevant industry standards and our policies; and
- in any other way that we notify to Users at the time of collection of their Personal Data.
Protection of Users’ Personal Data
Dornoch Castle Hotel is committed to processing Users’ Personal Data securely. We adopt appropriate data Processing practices, and appropriate technical and organisational security measures, to protect against unauthorised access, alteration, disclosure or destruction of Personal Data. Users are responsible for keeping their access credentials for the Services safe and confidential. Users should notify Dornoch Castle Hotel promptly if they become aware of any misuse of their access credentials, and immediately change their passwords. We provide a SSL secured communication channel, and all data transferred using this channel are encrypted and protected with appropriate digital signatures. However, Users should be aware that the Internet is not a secure environment for Personal Data. We cannot provide absolute assurances that Users’ Personal Data will be secure during transmission across the Internet. Any such transmission is entirely at Users’ own risk.
Disclosure of Users’ Personal Data
Dornoch Castle Hotel may disclose Users’ Personal Data to third parties in the following circumstances:
- We may share Users’ Personal Data with recipients within our organisation, for the purposes of operating our business, operating the Site, or the Services, or otherwise for the purposes set out in this Policy.
- We may use third party service providers to help us operate our business, the Site, or the Services or to administer activities on our behalf, such as sending out newsletters or we may share Users’ Personal Data with these third parties for the purposes set out in this Policy.
- We may share generic aggregated demographic information with our business partners for the purposes outlined in this Policy. While we make all reasonable efforts to ensure that such information is anonymized, it is possible that Users’ Personal Data may be disclosed.
- Subject to obtaining appropriate consent, we may share Users’ Personal Data with our third party marketing partners, for direct marketing purposes. Users may withdraw their consent at any time, or object on legitimate grounds at any time to the Processing of their Personal Data, by contacting us via the Site, or by using the contact information provided in this Policy. We will apply Users’ contact preferences going forward. If Users make a payment via the Site, or the Services Users’ Personal Data may need to be provided to third parties (e.g., payment services providers) for the purposes of facilitating those payments.
- If we sell, merge or transfer all or a portion of our business or assets (including in the event of a reorganization, dissolution, liquidation or other restructuring), we may disclose Users’ Personal Data to the prospective seller or buyer, or their representatives, provided that we have first taken reasonable steps to ensure the security and confidentiality of such information.
- We also may disclose Users’ Personal Data: (i) in connection with any legal proceedings, or otherwise for the purposes of establishing, exercising or defending any legal rights; (ii) if required by applicable law, regulation or legal process; (iii) in response to requests by government agencies and law enforcement authorities; (iv) when we believe disclosure is necessary or appropriate to prevent physical harm or material financial loss; or (v) for the purposes of investigating actual or alleged unlawful activity.
Third party websites
Users may find advertising or other content on the Services that link to the sites and services of our partners, suppliers, advertisers, sponsors, licensors and other third parties. We do not control the content or links that appear on these sites and are not responsible for the practices employed by third party websites linked to or from the Site, App or Services. In addition, these sites or services, including their content and links, may be constantly changing. These sites and services may have their own privacy policies and customer service policies. Browsing and interaction on any other website, including websites which have a link to the Site, is subject to that website’s own terms and policies.
Unsubscribing from marketing communications
From time to time, we may contact Users via email or other electronic means, to provide information relating to products or services that may be of interest to those Users. If any User wishes to unsubscribe from receiving future communications, we include detailed unsubscribe instructions in each such communication. Alternatively, the User may use the unsubscribe features provided through the Services respectively. Please note that, in the event that a User unsubscribes from receiving communications relating to marketing or advertising, we may nevertheless continue to contact the User for the purposes of account administration, or as required by law.
It is the responsibility of each User to ensure that their Personal Data held by Dornoch Castle Hotel is complete, accurate and up-to-date. Subject to applicable law, users may have the right to access their Personal Data held by Dornoch Castle Hotel, correct any errors in those Personal Data, object on legitimate grounds to the Processing of those Personal Data, and/or request the deletion of those Personal Data. These rights may be exercised by sending a request to [email protected]
It is not mandatory to accept cookies. For example, users may set their browsers to produce an alert when a cookie is received, to enable them to either accept or reject those cookies in each instance. However, Users should note that refusing cookies may have a negative impact on the functionality and usability of the Site and Services. For more information on deleting or controlling cookies, please visit www.AboutCookies.org.
How to contact us
Dornoch Castle Hotel
Acceptance of this Policy
Your use of the Site, and/or the Services is deemed acceptance of this Policy. Users who do not agree to the terms set out in this Policy, must not use the Site, and the Services.
Revisions to this Policy
Last updated: May 2018