This document refers to personal data, which means any information relating to an identified or identifiable natural person (‘data subject’); an identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person
The General Data Protection Regulation (GDPR) and Data Protection (Jersey) Law 2018 (DPJL) seek to protect and enhance the rights of data subjects. These rights cover the safeguarding of personal data, protection against the unlawful processing of personal data and the unrestricted movement of personal data within the EU. It should be noted that GDPR or DPJL do not apply to information already in the public domain.
Seymour Hotels Limited incorporated under the Laws of the Island of Jersey. Our registered office is 1 Wharf Street, St Helier, Jersey JE4 0ZX. We are registered with the Office of the Information Commissioner, registration number 17973 as a data processor. Seymour Hotels Ltd are the data controllers and we are pleased to provide you with the following Privacy Notice:
Seymour Hotels Ltd uses the information collected from you to provide quotations for reservations, make telephone contact and to email you marketing and promotional material or information which Seymour Hotels Ltd believes may be of interest to you and your family. In you making initial contact Seymour Hotels Ltd will use a legal basis of Legitimate Interest to maintain a marketing dialogue with you until you either opt out (which you can do at any stage) or we decide to desist in promoting our services.
Some personal data may be collected about you from the forms and surveys you complete, from records of our correspondence and phone calls and details of your visits to our website, including but not limited to personally identifying information like Internet Protocol (IP) addresses. Seymour Hotels Ltd may from time to time use such information to identify its visitors. Seymour Hotels Ltd may also collect statistics about the behavior of visitors to its hotels, restaurants, function rooms and website.
Cookies and how we use them
A cookie is a small file placed on your computer’s hard drive. It enables our website to identify your computer as you view different pages on our website.
Cookies allow websites and applications to store your preferences in order to present content, options or functions that are specific to you. They also enable us to see information like how many people use the website and what pages they tend to visit.
For more information on what cookies we use and how you can control them please visit our cookie notice here.
Legal basis for processing any personal data
We will only collect and process personal data about you where we have lawful basis. Lawful basis includes consent (where you have given consent), contract (where processing is necessary for the performance of a contract with you) and our “legitimate interests” (we believe you would have a reasonable expectation to hear from us).
Where possible, we will always ask for your consent for Seymour Hotels Ltd to process your personal data for the purposes outlined. You can withdraw consent at any time by emailing firstname.lastname@example.org or writing to us (see last section for full contact details).
We have a contract with you, and we need to process your personal data to comply with our obligations under the contract.
We haven’t yet got a contract with you, but you have asked us to do something as a first step (eg provide a quote for a reservation or function) and we need to process your personal data to do what you have asked.
Legitimate interests is most likely to be an appropriate basis where we use data in ways that people would reasonably expect and that have a minimal privacy impact. Where there is an impact on individuals, it may still apply if we can show there is an even more compelling benefit to the processing and the impact is justified.
We can rely on legitimate interests for marketing activities if we can show how we use people’s data is proportionate, has a minimal privacy impact, and people would not be surprised or likely to object to the processing.
Employment and Social Fields
The processing is necessary for Employment, Social Security, Tax and other employment obligations on the controller.
Another legal basis
From time to time we may rely on separate legal basis or conditions for processing. If you want to know the legal basis we use to process your information please contact us and ask for it. We will provide this in accordance with our policy and procedure for Data Subject Access Requests.
Use of CCTV and Photography
In premises owned or managed by Seymour Hotels Ltd where CCTV is in operation, clear signs will be displayed to show its use and images recorded will be retained for a period of 30 days from recorded date. These images will be disclosed to 3rd parties only in the event of criminal activity on the premises, a formal request by a law enforcement agency or for internal investigations.
The use of photography within the premises will be used on occasion for marketing and promotional purposes. If images are taken of persons, who are the main subject of the image, consent will be obtained beforehand. Images of groups on the premises will, on occasion be publicised on the Seymour Hotels Ltd website or social media sites and may be reused at the discretion of Seymour Hotels Ltd.
Seymour Hotels Ltd and the specific premises will monitor the social media site on occasion and, as soon as practically possible, any inappropriate entries will be removed.
Seymour Hotels Ltd may on occasions pass your Personal Information to third parties exclusively to process work on its behalf. Seymour Hotels Ltd requires these parties to agree to process this information based on our instructions and requirements consistent with this Privacy Notice, GDPR and DPJL.
Seymour Hotels Ltd do not broker or pass on information gained from your engagement with us without your consent. However, Seymour Hotels Ltd may disclose your Personal Information to meet legal obligations, regulations or valid governmental request. Seymour Hotels Ltd may also enforce its Terms and Conditions, including investigating potential violations of its Terms and Conditions to detect, prevent or mitigate fraud or security or technical issues; or to protect against imminent harm to the rights, property or safety of the Seymour Hotels Ltd, its clients and/or the wider community.
Seymour Hotels Ltd will process personal data during the duration of any contract and will continue to store only the personal data needed for a set period after the contract has expired to meet any legal obligations. After the specifies set period any personal data not needed will be deleted or archived. You can at any time as us to provide you with the retention schedule relating to your own personal data. We will provide this information in accordance with our policy and procedure for Data Subject Access Requests.
Data is held in Jersey and the United Kingdom using different (multiple) servers. Seymour Hotels Ltd does not store personal data outside the EEA.
Your rights as a data subject
At any point whilst Seymour Hotels Ltd is in possession of or processing your personal data, all data subjects have the following rights:
- Right of access – you have the right to request a copy of the information that we hold about you. Click here for our request form.
- Right of rectification – you have a right to correct data that we hold about you that is inaccurate or incomplete.
- Right to be forgotten – in certain circumstances you can ask for the data we hold about you to be erased from our records.
- Right to restriction of processing – where certain conditions apply you have a right to restrict the processing.
- Right of portability – you have the right to have the data we hold about you transferred to another organisation.
- Right to object – you have the right to object to certain types of processing such as direct marketing.
- Right to object to automated processing, including profiling – you also have the right not to be subject to the legal effects of automated processing or profiling.
In the event that Seymour Hotels Ltd refuses your request under rights of access, we will provide you with a reason as to why, which you have the right to legally challenge.
Seymour Hotels Ltd at your request can confirm what information it holds about you and how it is processed.
You can request the following information:
- Identity and the contact details of the person or organisation (Seymour Hotels Ltd) that has determined how and why to process your data.
- Contact details of the data protection SPOC and/or Adviser, where applicable.
- The purpose of the processing as well as the legal basis for processing.
- If the processing is based on the legitimate interests of Seymour Hotels Ltd or a third party such as one of its clients, information about those interests.
- The categories of personal data collected, stored and processed.
- Recipient(s) or categories of recipients that the data is/will be disclosed to.
- How long the data will be stored.
- Details of your rights to correct, erase, restrict or object to such processing.
- Information about your right to withdraw consent at any time.
- How to lodge a complaint with the supervisory authority (Data Protection Regulator).
- Whether the provision of personal data is a statutory or contractual requirement, or a requirement necessary to enter into a contract, as well as whether you are obliged to provide the personal data and the possible consequences of failing to provide such data.
- The source of personal data if it wasn’t collected directly from you.
- Any details and information of automated decision making, such as profiling, and any meaningful information about the logic involved, as well as the significance and expected consequences of such processing.
To access what personal data is held, identification will be required
Seymour Hotels Ltd will accept the following forms of ID when information on your personal data is requested: a copy of your national ID card, driving license, passport, birth certificate and a utility bill not older than three months. A minimum of one piece of photographic ID listed above and a supporting document is required. If Seymour Hotels Ltd is dissatisfied with the quality, further information may be sought before personal data can be released.
All requests should be made to email@example.com or writing to us at the address further below.
In the event that you wish to make a compliant about how your personal data is being processed by Seymour Hotels Ltd, you have the right to complain to Seymour Hotels Ltd CEO. If you do not get a response within 30 days or are dissatisfied with the response, you can complain to the Data Protection Regulator.
The details for each of these contacts are:
Seymour Hotels Ltd, attention of the CEO
1 Wharf Street, St Helier, Jersey JE4 0ZX
Telephone +44 (0) 1534 768603 or email firstname.lastname@example.org
Office of the Information Commissioner – Jersey
One Liberty Place, Liberty Wharf, La Route De La Liberation, St Helier, Jersey JE2 3NY
Telephone +44 (0) 1534 716530 or Email: email@example.com