Privacy Policy

The Kinloch Hotel is committed to the privacy and confidentiality of your information. This privacy policy describes current policies and practices about our use of personal information. Please take the time to read this Privacy Policy carefully. This policy should be read alongside the terms and conditions.

  • 1. About us.
  • As a hotel provider, we collect and process data so that we can manage your booking, deal with your booking enquiries, improve your experience when using our website and where relevant, deal with any issues that you may have. This makes us a “controller” of your personal data.

  • 2. Our processing of your personal information
  • We will collect and use different personal information about you for different reasons, depending on our relationship with you.
    Where you provide personal information to us about other individuals (for example, members of your family or other guests staying in the rooms or apartment) we will also be controller of their personal information and we are responsible for protecting their personal information and using it appropriately. This Policy will therefore apply to those individuals and you should refer them to this Policy.
    In order to make this Policy as user friendly as possible, we have split it into different sections. Please click on the section below that best describes your relationship with us and the service you receive from us.
    At booking stage
  • Your full name and title, address, telephone numbers and email address will be taken
  • Details of your special requests which are relevant to your booking.
  • Details of your previous stays or bookings with Kinloch Hotel.
  • A check in form will be emailed to you prior to your visit, please complete the form & return to us
  • We will require names of adults and children that will be staying in the apartment/room with you.
  • Details of the payment card that you use to make the booking, including the type of card,
  • expiry date and last three digits.

  • On arrival at Kinloch Hotel
  • If you wish to charge food & drinks to your room, card number
  • will be taken at check in and added to your room details. On check out payment will be taken from the card provided and an email receipt will be sent to you. Card numbers are removed at check out.
    During or following your stay
  • Any feedback that you provide to us, including any complaints that you may have.
    What will we use your personal information for?
    We use your information for the following legal reasons:
  • We need to use your personal information to enter into the booking contract with you. We will rely on this legal reason for all activities that are connected to your booking and without using your personal information we would be unable to do, such as confirming your booking details following confirmation of payment.
  • We have a business need to use your personal information. This will include for the purpose of operating and improving our website, ensuring the security of our website and services, maintaining back-ups of our databases, and responding to your enquires. When relying on this legal ground, we are under a duty to assess your rights and to ensure that we do not use your information unless we can demonstrate a legitimate business need.
  • 3. What marketing activities do we carry out?
    When you subscribe to our email notifications and/or newsletters we will send you the relevant notifications and/or newsletters – but only if you’ve agreed. You can unsubscribe from this type of communication at any time by clicking the link in the footer of the email, or emailing us on . We also collect additional information in connection with your participation in any competitions that we run. 
    We also use Facebook marketing services in order to promote our serviced apartments on Facebook and Instagram.
    We do not sell your information to third parties.

    4. Automated Decision-Making
    Automated decision making refers to a situation where a decision is taken using personal information that is processed solely by automatic means (i.e. using an algorithm or other computer software) rather than a decision that is made with some form of human involvement.
    The Kinloch Hotel does currently undertake automated decision making. We do this in several ways:
  • Automatically sending you pre and post stay emails based on the dates of your stay.
  • Assigning apartments/ apartment types based on any special requirements that have
  • been received (such as a wheelchair accessible room).
  • Automatically assigning specific rooms based on arrival date and availability.
  • Should you stay with us on more than one occasion our systems will tag you as a
  • returning customer. This allows us to offer a more personalised service based on previous stays.
    5. How long do we keep personal information for?
    We will only keep your personal information for as long as reasonably necessary to fulfil the purposes set out in Section 3 above and to comply with our legal and regulatory obligations. We set out below examples of the retention periods that we apply:

    Where you book an apartment or room, the personal information that we collect from you and from the relevant Partner will be retained for 1 year.
    6. What is our approach to sending your personal information overseas
    We are also entitled under European data protection laws to transfer your personal information to countries outside the EEA in the following circumstances:
    It is necessary for the performance of the contract we have with you.
    It is necessary to protect your vital interests i.e. it is a life or death situation.
    There may also be some instances where your personal information is transferred to countries outside the EEA such as when we transfer information to third party suppliers who are based outside the EEA or when third parties who act on our behalf transfer your personal information to countries outside the EEA.
    Where such a transfer takes place, we will take the appropriate safeguarding measures to ensure that your personal information is adequately protected. We will do so in a number of ways including:
    Entering into data transfer contracts and using specific contractual provisions that has been approved by European data protection authorities otherwise known as the “standard contractual clauses”;
    Transferring personal data to companies in the United States who are certified under the “Privacy Shield”. The Privacy Shield is a scheme whereby companies certify that they provide an adequate level of data protection;
    We will only transfer personal data to companies in non-EEA countries who have been deemed by European data protection authorities to have adequate levels of data protection for the protection of personal information. 

  • 7. How do we protect your information?
    The Kinloch Hotel will ensure that all our systems are protected using secure passwords and multi-factor authentication mechanisms. All customer data is held within secure data centres using industry standard protection and encrypted where applicable. All data access is segmented by role and user rights.
  • 8. Your rights
    You have several data protection rights which entitle you to request information about your personal information, to dictate what we do with it or to stop us using it in certain ways.
    We respect your rights in relation to personal information we hold about you, however we cannot always comply with your requests, for example:
    We may not be able to delete your information if we are required by law to keep it for a longer period of time; or
    If we delete your information we would not have the necessary information we need to complete your booking or manage your bookings.
    The right to access your personal information
    You can request a copy of the personal information we hold about you and certain details of how we use it.
    Your personal information will normally be provided to you in writing unless you request otherwise or where you have made a request by electronic means such as email, we will provide such information in electronic form where possible.

    The right to withdraw your consent 
    Where we rely on consent as the legal ground to use your personal information, you are entitled to withdraw that original consent.

    The right to rectification

    We make reasonable efforts to keep your personal information where necessary up to date, complete and accurate. We encourage you to ensure that your personal information is accurate so please regularly let us know if you believe that the information we hold about you may be inaccurate or not complete. We will correct and amend any such personal information and notify any third party recipients of necessary changes.

    The right to restriction of processing 

    Subject to the circumstances in which you exercise this right, you can request that we stop using your personal information, such as where you believe that we no longer need to use your personal information. 

    The right to erasure
    You can request that we delete your personal information. For example, where we no longer need your personal information for the original purpose we collected it for or where you have exercised your right to withdrawn consent.
    Whilst we will assess every request, this request is subject to legal and regulatory requirements that we are required to comply with. 

    The right to object to direct marketing 
    You can request that we stop sending you marketing messages at any time by clicking on the “unsubscribe” button in any emails that we send to you.

    The right to make a complaint with the ICO
    Where you believe that we have breached data protection laws when using your personal information, you can complain to the Information Commissioner’s Office (ICO). For more information visit the ICO’s website.  Please note that exercising this right and lodging a complaint will not affect any other legal rights or remedies that you have.

    10 Updates to this Privacy Policy
    We are continually improving our methods of communication and alongside with changes in the law and the changing nature of technology, our data practices and how we use your data will change from time to time. If and when our data practices change, we will notify you via our website.
  • 11. Who will we share your personal information with?
  • We do not share or distribute your personal information.
  • Any third parties in the event of a sale, merger, reorganisation, transfer or dissolution of our business.
  • Law enforcement agencies such as the police, HMRC and taxation authorities. 
  • September 2021