Data Protection and Privacy Policy
The team at The Old Vicarage (trading as P & C Starling Limited) are committed to protecting your personal information when you are using The Old Vicarage’s (“we”, “our”, “us”, the “data controller”) services.
We wish to create a safe environment for our customers and we respect your personal data.
This Data Protection and Privacy Policy relates to our use of any personal information you provide to us through our website (“site”) or by other means.
In order to provide you with the full range of services, we are sometimes required to collect and process information about you, for example if you book a room, an event such as a party or a special celebration like a wedding, or a table with us.
Whenever you provide such information, we are legally obliged to use your information in line with all laws concerning the protection of personal information, including the Data Protection Act 1998 and General Data Protection Regulation (GDPR).
This policy applies between you, the user of this website and, us, The Old Vicarage, the owner and provider of this website. This privacy policy applies to our use of the information collected by us or provided by you in relation to your use of this website. Please read our privacy policy carefully and if you have any questions, don’t hesitate to get in touch.
This policy sets out the basis on which any personal data we collect from you, or that you provide to us, will be processed by us. By visiting this website and proceeding, you are accepting and consenting to the practices described in this policy.
For the purpose of GDPR (the “Act”) or any subsequent or relevant legislation, we are the “data controller”.
Information we may collect from you
We may collect and process the following data about you:
Information you give us:
You may give us information about you by filling in forms at our premises or by corresponding with us by phone, email or otherwise. This includes information you provide when you register to receive our newsletter by email, book a room or an event such as a party, or special celebration like a wedding, buy a ticket for an event, or book a table with us, comment on a blog posted on this website or other social media functions on our site, enter a competition, promotion or survey, and when you report a problem with our site to us.
Information we collect about you:
When you visit our website, we may automatically collect the following information:
- technical information, including the Internet protocol (IP) address used to connect your computer to the Internet, your login information, browser type and version, time zone setting, browser plug-in types and versions, operating system and platform; and
- information about your visit, including the full Uniform Resource Locators (URL) clickstream to, through and from our site (including date and time); items you viewed or searched for; page response times, download errors, length of visits to certain pages, page interaction information (such as scrolling, clicks, and mouse-overs), and methods used to browse away from the page and any phone number used to call us.
Uses made of the information:
We use information held about you in the following ways:
The information you give to us:
We will use this information:
- to carry out our obligations arising from any contracts entered into between you and us, and to provide you with the information, products and services that you request from us;
- to provide you with information about other goods and services we offer that are similar to those that you have already purchased or enquired about;
- if relevant, to provide you, with information about goods or services we feel may interest you. Subject to your consent. If you do not want us to use your data in this way, please inform us.
Information we collect about you:
We will use this information:
- to administer our site and for internal operations, including troubleshooting, data analysis, testing, research, statistical and survey purposes;
- to improve our site to ensure that content is presented in the most effective manner for you and for your computer;
- to allow you to participate in interactive features of our service, when you choose to do so;
- as part of our efforts to keep our site safe and secure;
- to measure or understand the effectiveness of the advertising we serve to you and others, and to deliver relevant advertising to you; and
- to make suggestions and recommendations to you and other users of our site about goods or services that may interest you or them.
Disclosure of your information
We may share your personal information with selected third-parties including analytics and search engine providers that assist us in the improvement and optimisation of our site.
These third-parties have been carefully chosen and all of them comply with the legislation and include currently:
Google (Privacy policy)
Mailchimp (Privacy policy)
Why we process your personal data
The data requested from you throughout the course of the use of the website will be necessary in the interest of registering to receive our newsletter by email, booking a room, an event such as a party, or special celebration like a wedding, buying a ticket for an event or booking a table with us, commenting on a blog posted on this website or other social media functions on our site, entering a competition, promotion or survey, and when you report a problem with our site. Non-Mandatory fields will be marked as such to give you the option of inputting personal data.
The basis of processing for each use of the website varies. Generally, use of our website is based on legitimate interest.
Legitimate interest is registering to receive our newsletter by email, booking a room, an event such as a party, or special celebration like a wedding, buying a ticket for an event or booking a table with us, commenting on a blog posted on this website or other social media functions on our site, entering a competition, promotion or survey, and when you report a problem with our site.
Where we store your personal data
All information you provide to us is stored on our secure servers. Unfortunately, the transmission of information via the Internet is not completely secure. Although we will do our best to protect your personal data, we cannot guarantee the security of your data transmitted to our site; any transmission is at your own risk. Once we have received your information, we will use strict procedures and security features to try to prevent unauthorised access.
How long we store your personal data
When use of the website is based on:
- Legitimate interest – we will hold the data until such a time that it is no longer in your interest that we hold your data. This can include but is not limited to at the point of resolution of your enquiry or feedback
- Consent – we will check with you regularly that you still want to receive our communications. We will take inaction as confirmation that you no longer want to receive our communications
- Contract – we will hold the data in line with HMRC requirements of seven years plus the current year we’re in.
Our blog page
Should you choose to add a comment to any posts that we have published on our news & events page, the name and email address you enter with your comment will be saved to this website’s database, along with your computer’s IP address and the time and date that you submitted the comment. This information is only used to identify you as a contributor to the comment section of the respective news & events post and is not passed on to any of the third-party data processors. Only your name will be shown on the public-facing website although if the supplied email address is linked to a Gravatar account, your Gravatar photo will also be displayed.
Your comment and its associated personal data will remain on this site until we see fit to either 1.) remove the comment or 2.) remove the blog post. Should you wish to have the comment and its associated personal data deleted, please email us here using the email address that you commented with.
If you are under 18 years of age you MUST obtain parental consent before posting a comment on our blog.
NOTE: You should avoid entering personally identifiable information to the actual comment field of any blog post comments that you submit on this website.
Your rights
You have the right to ask us not to process your personal data for marketing purposes. We will usually inform you (before collecting your data) if we intend to use your data for such purposes or if we intend to disclose your information to any third-party for such purposes. You can exercise your right to prevent such processing at any time by contacting us or by following the unsubscribe instructions on the MailChimp newsletter emails from us.
You have the right to object to us processing your data where we are doing so on the basis of legitimate interest, however it may mean that we are unable to provide the service you are requesting. You may restrict our processing of your data (for instance not receive marketing communications) if the information we hold on you is incorrect, with the right to have this corrected at any time. You can do this by contacting us.
You have the right to ask for a copy of any of your personal data held by us (where such data is held).
You have the right to update or amend the personal data we have collected about you if it is inaccurate or incomplete.
You have the right to erase, restrict the processing of or withdraw any consents relating to, the personal data we have collected about you.
You have the right to have your data removed from our systems at any time by contacting us. This will only be done in as far as possible if we are no longer required to retain the information for instance for financial records, or under legal obligation.
Our site may, from time to time, contain links to and from other websites. If you follow a link to any of these websites, please note that these websites have their own privacy policies and that we do not accept any responsibility or liability for these policies. This privacy policy does not extend to your use of such websites. Please check these policies before you use or submit any personal data to these websites.
Connecting to third-party services including social networks
Our offering may contain links to third-party apps, services, tools and websites that are not affiliated with, controlled or managed by us (including Facebook®, Instagram and Twitter®) and these services and links may also include social networking features (such as the Facebook® “Like” button and widgets, “Share” buttons, and other interactive mini-programs).
Additionally, you may choose to use your own social networking logins from, for example, Facebook or LinkedIn® to log into some of our services. If you choose to connect using a social networking or similar service, we may receive and store authentication information from that service to enable you to log in and other information that you may choose to share when you connect with these services.
These services may collect information, such as the web pages you visited and IP addresses, and may set cookies to enable features to function properly. We are not responsible for the security or privacy of any information collected by these third-parties.
You should review the privacy statements or policies applicable to the third-party services you connect to, use or access as the privacy practices of these third-parties will be governed by their own privacy statements. If you do not want your personal information shared with your social media account provider or other users of the social media service, please do not connect your social media account with your account for the services we provide and do not participate in social sharing.
Other third-party websites and services
Mailings
Guests can choose to opt in to receiving mailings from us and/or third-party companies as part of the booking process via our online booking engine, High Level Software. Any personal details entered during the booking process are submitted via secure pages and payment details are processed using the highest level of payment security which is Level 1 PCI Compliance.
Once a guest has clicked through to the High Level Software portal, High Level Software’s own privacy policy becomes applicable. For more information, please see High Level Software’s privacy policy.
We use MailChimp as our marketing automation platform. By submitting your details to us, you acknowledge that the information you provide will be transferred to MailChimp for processing in accordance with their privacy policy and terms.
We may, from time to time, employ the services of other parties for dealing with certain processes necessary for the operation of the website. The providers of such services do not have access to personal data provided by users of this website.
If you choose to join our email newsletter, the email address that you submit to us will be forwarded to and held by MailChimp who provide us with email marketing services. We consider MailChimp to be a third-party data processor. The email address that you submit will not be stored within this website’s own database or in any of our internal computer systems.
Your email address will remain within MailChimp’s database for as long as we continue to use MailChimp’s services for email marketing or until you specifically request removal from the list. You can do this by unsubscribing using the unsubscribe links contained in any email newsletters that we send you or by emailing us. When requesting removal via email, please send your email to us using the email account that is subscribed to the mailing list.
If you are under 18 years of age you MUST obtain parental consent before joining our email newsletter.
While your email address remains within the MailChimp database, you will receive periodic (approximately four times a year) newsletter-style emails from us.
Room bookings
When you make a booking through our website, the personal details entered during the booking process are submitted via secure pages to our online booking engine partner, High Level Software, and payment details are held/processed by them using the highest level of payment security, which is Level 1 PCI Compliance. Once a guest has clicked through to the High Level Software portal, High Level Software’s own privacy policy becomes applicable. For more information, please see High Level Software’s privacy policy.
Our cookie policy
Our website may place and access certain cookies on your computer. We use these cookies to improve your experience of using the website. We have carefully chosen these cookies and have taken steps to ensure that your privacy is protected and respected at all times.
Cookies allow us to identify the computer or device you’re using to access our websites. They do not allow us to identify you personally.
You can set up your web browser to disable cookies, but this website may then fail to operate correctly, so please be aware of this.
By default, most Internet browsers accept cookies, but this can be changed. For further details, please consult the help menu in your Internet browser.
The cookies we may use on our website are used in accordance with current UK and EU cookie law.
This website may place the following cookies:
Strictly necessary cookies: These are cookies that are required for the operation of our website.
Analytical/performance cookies: They allow us to recognise and count the number of visitors and to see how visitors move around our website when they are using it. This helps us to improve the way our website works, for example, by ensuring that users are finding what they are looking for easily.
You can choose to delete cookies at any time, however this website may then fail to operate correctly, so please be aware of this.
It is recommended that you ensure that your Internet browser is up-to-date and that you consult the help and guidance provided by the developer of your Internet browser if you are unsure about adjusting your privacy settings.
You can learn more about cookies at the following third-party websites:
AllAboutCookies: http://www.allaboutcookies.org/
Network Advertising Initiative: http://www.networkadvertising.org/
Changes in business ownership and control
We may, from time to time, expand our business and this may involve the sale and/or the transfer of control of all or part of The Old Vicarage, Bridgwater. Data provided by users will, where it is relevant to any part of our business, be transferred along with that part and the new owner or newly controlling party will, under the terms of this privacy policy, be permitted to use the data for the purposes for which it was originally supplied to us.
We may also disclose data to a prospective purchaser of our business or any part of it.
In the above instances, we will take steps with the aim of ensuring your privacy is protected.
Access to information
The Act gives you the right to access information held about you. Your right of access can be exercised in accordance with the Act. You can do this by contacting us.
You also have the right to have any data we hold transferred to a third-party at your request, if that data is held on the basis of consent or contract. Please use the link above to contact us to do this.
Data breaches
We will report any unlawful data breach from this website or the database(s) of any of our third-party data processors to any and all relevant persons and authorities within 72 hours of the breach if it is apparent that personal data stored in an identifiable manner has been stolen.
Changes to our privacy policy
Any changes we may make to our privacy policy in the future will be posted on this page. Please check back frequently to see any updates or changes to our privacy policy. This policy was updated January 2019.
To contact us
Questions, comments and requests regarding this privacy policy are welcomed and should be addressed to our nominated Data Protection Officer, Peter Starling, who is a director of the business, via one of the following methods:
45-51 St Mary St,
Bridgwater,
TA6 3EQ.
Tel: 01278 458891
Email: enquiries@theoldvicaragebridgwater.co.uk
If you are not satisfied with our response or believe we are processing your personal data not in accordance with the law, you can contact the Information Commissioner’s Office https://ico.org.uk/