Your privacy and the privacy of your data is really, very important to us.
We will never sell your details or pass your details to anyone else. We gather information during your booking, so we can make the run to up to your stay and the stay itself as great as an experience as it can be.
What data do we collect?
Booking details – we never store any payment information or card details. We ask for personal information such as your name and partner’s name to personalise our communications with you. We store purchase and transaction history.
Contact us – when you get in touch with us using the website, livechat, by email or by phone, we may keep a record of this. If you contact us using a form on our website we may keep these details incase we need to contact you about your enquiry.
Surveys - once a year we undertake a survey with guests about their break and to gain views on future customer experiences. This survey is entirely optional. We will store this information and use the information for research purposes and to improve our service. We also store competition entry information.
Platinum Club – anyone who has stayed with us has the opportunity to join our loyalty scheme, known as the Platinum Club. This is optional. We will store information on how many times guests have stayed in order to be able to issue rewards such as gift vouchers.
Communication Options
E-news - if you have stayed with us we will only add you to our monthly e-newsletter if you have opted in to joining our Platinum Club OR if you have opted in to receive our e-newsletter.
Choosing your communication preferences – if you have stayed with us you can log into your account and select options for how you wish to be contacted by us in the future, including no future communication.
Storing Data
All data is stored on secure servers. Every payment transaction is encrypted.
How do we use your data?
We use your data to provide a personal service to you during your stay – for example we hold your mobile phone number, so we can offer an early check in if we can, and contact you on the morning of your arrival.
We use your data to keep you updated on special offers, services and new developments in our business, if you have subscribed to receiving e-news or offers.
We use your data to manage our business effectively – for example by reviewing what marketing methods are working to attract guests to book a stay.
External website links
We do have a small number of external links on our website, for example, other local businesses we recommend. We cannot guarantee or verify the content of any external website links.
Disclosure of your information
We will not disclose any of your information to anyone outwith the Management Team in our business, The Hideaway Experience.
Deleting your personal information
If you would like us to delete any of your personal information please email stay@thehideawayexperience.co.uk.
Access to information
If you would like access to see what information we store about you and your booking, we can provide this to you for a fee of £10. We are fully compliant with the Data Protection Act of 1998.
Changes
We may revise this Privacy Policy from time to time. Any changes will be updated on this website page.
Contact
If you have any questions about our Privacy Policy, please do not hesitate to contact Caroline Millar (Owner) at stay@thehideawayexperience.co.uk or by calling 01382 320 707.
Cas Millar Consulting trading within The Hideaway Experience Privacy Notice (from hereonin referred to as Cas Millar Consulting)
Introduction
Cas Millar Consulting gathers and processes your personal information in accordance with this privacy notice and in compliance with the relevant General Data Protection Regulation (GDPR) and laws. This notice provides you with information on your rights and our obligations, and explains how, why and when we process your personal data.
Cas Millar Consulting’s registered office is at Balkello Farm, Auchterhouse, by Dundee DD2 0RA and we are a company registered in Scotland under company number SC656 860.
We are registered on the Information Commissioner's Office Register as ZB357407 .
Caroline Millar is Cas Millar Consulting’s Data Controller, and she can be contacted on 01382 320707
Personal Data
Information we collect
CasMillar Consulting processes your personal information to meet our legal, statutory and contractual obligations and to provide you with our services. We will never request any unnecessary personal data from you and will only process your information as specified in this notice.
All data collected will be for legitimate business interest.
The fullest extent of personal data we will collect from you is:
- Name
- Business Name
- Business Location and purpose
- Role within the business
- Photographs
- Social media profiles
- Social media accounts
- Home Address
- Email address
- Home Telephone Number
- Mobile Telephone Number
- Billing Details
If you are under the age of 13 please do not provide Cas Millar Consulting with any personal data. If you are under the age of 16 please ensure that you have permission from your parent or guardian before you provide any personal information to Cas Millar Consulting.
How we use your personal data
Cas Millar Consulting takes your privacy very seriously and we will never disclose, share or sell your data without your consent, unless required to do so by law.
We will only share your information with third parties where there is a legitimate business interest however if you participate in a project funded by a third party then we may be required to share your data with the funder but this will be highlighted prior to you providing your data.
We only retain your data for as long as is necessary and for the purposes specified in this notice and other guidance provided by Cas Millar Consulting.
Where you have consented to us providing you with information related to specific services, you are free to withdraw this consent at any time. To withdraw consent please contact Caroline Millar, Data Controller, and she can be contacted on 01382 320707.
The purposes and reasons for processing your personal data are detailed below: -
- We collect your personal data in the performance of a contract or to provide a service
How long we will keep your data
Cas Millar Consulting only ever retains personal information for as long as is necessary and we have strict review and retention policies in place to meet these obligations.
Sharing and disclosing your personal data
We do not share or disclose any of your personal information without your consent, other than for the purposes specified in this notice or where there is a legal requirement. Cas Millar Consulting uses Mailchimp, Eventbrite and Slido to provide the services below. However, all processors acting on our behalf only process your data in accordance with instructions from us and comply fully with data protection laws and any other appropriate confidentiality and security measures.
Will I be contacted for marketing purposes
We will only send you marketing emails if you have given your consent to receive them.
Privacy
- You have the right to be informed of any information Cas Millar Consulting processes and the reasons for us processing this information
- You have the right to access any personal information that Cas Millar Consulting holds about you
- You have the right to rectification. If you believe that we hold any incomplete or inaccurate data about you, you have the right to ask us to correct it. We will do so within 20 working days, unless there is a valid reason for not doing so. If there is, we will tell you. Cas Millar Consulting will also ask any third parties holding your data to make these changes too.
- You have the right to have data erased, but in doing so Cas Millar Consulting may not be able to continue to provide the expected delivery of service. At your request, data will be erased within 20 working days
- You have the right to restrict processing of your personal data when:
- the accuracy of the data is contested (for a period of time to enable the controller to verify the accuracy)
- the processing is unlawful and you object to the erasure of the data and request restrictions of its use instead
- You object to processing based on the grounds of legitimate business interests
- Where Cas Millar Consulting as the controller no longer requires the data but you do to exercise or defend a legal claim
- If you exercise this right it may mean that Cas Millar Consulting will not be able to continue to provide the expected service delivery
- You have the right to object to:
- direct Marketing. You do not need to demonstrate grounds for your objection, as there are no exceptions which will allow processing to continue.
- processing based on legitimate interests, the performance of a task in the public interest or exercise of official authority.
- processing for scientific or historical research or statistical purposes.
- You have the right to data portability and to obtain and reuse your personal information elsewhere therefore, you will be provided with this in a common, readable format such as a pdf or csv file. This only applies where the information provided to the data controller for processing is based on personal consent and when processing is carried out by automated means.
If we receive a request from you to exercise any of the above rights, we may ask you to verify your identity before acting on the request. This is to ensure that your data is protected and kept secure.
Cas Millar Consulting will always advise:
- why we require your data
- with whom your personal data may be shared
- how long we intend to hold your data for and means of storage and disposal
- information about the source, if we did not collect the data directly from you
​Cas Millar Consulting takes every reasonable measure and precaution to protect and secure your personal data. We work hard to protect you and your information from unauthorised access, alteration, disclosure or destruction and have several layers of security measures in place, including:
- thehideawayexperience.co.uk is secured with an SSL certificate using SHA-256 with RSA Encryption. The emails are held with Office 365 and by standard are encrypted at rest using Microsoft BitLocker encryption technology.
- All the systems have their firewall enabled and the router also has its firewall enabled.
- The Windows Firewall has separate profiles for when on a Trusted network vs Public network. Our user accounts are centrally managed through the NAS.
- Full antivirus scanning across all systems through Windows Defender provided by Microsoft.
Cas Millar Consulting only processes your personal information in compliance with this privacy notice and in accordance with the relevant data protection laws. If, however, you wish to raise a complaint about the processing of your personal data or are unsatisfied with how we have handled your information, you have the right to make a complaint with the supervisory authority.
Make your complaint in the first instance to:
Caroline Millar, Cas Millar Consulting, Balkello Farm, Auchterhouse, by Dundee. DD3 0RA.
caroline@casmillar.co.uk 01382 320707
Report a concern to:
Information Commissioners Office (ICO), Supervisory Office, Wycliffe House, Water Lane, Wilmslow, Cheshire, SKP 5AF
0303 123 1113 www.ico.org.uk
Cookie Notice
A ‘cookie’ is a piece of data sent from a website and stored on your computer by your web browser while you are browsing. The first time you visit a site that uses cookies, it puts a cookie onto your computer to log certain types of information. So the next time you visit, your device will remember things like the web pages you visited or your logon options.
Cookies are widely used to optimise your user experience and allow some features and services to work properly.
Most web browsers have settings that allow you to restrict or block cookies, but if you disable cookies you may find this affects your ability to use certain parts of our website or services. Find out more at About Cookies