Introduction
This is the Chateau Denmark privacy notice and describes how we process your personal data when you visit our hotel or our website – www.chateaudenmark.com
Chateau Denmark is a company registered in England and Wales with registration number 8526677. Chateau Denmark is also registered with the UK Information Commissioner’s Office (ICO) under registration number ZB267938.
We respect your rights to data protection and privacy and this notice provides details of what personal data we collect, what we use it for, who we share it with and the rights you have under data protection legislation, which means the UK Data Protection Act 2018 (DPA 2018), the UK General Data Protection Regulation (UK GDPR) and the Privacy and Electronic Communications (EC Directive) Regulations 2003.
Contact details
If you have any questions about this privacy notice or how we process your personal data, you can contact our Data Protection Officer by any of the following methods:
· Telephone: +44 203 656 1000
· Email: hello@chateaudenmark.com
· Post: Chateau Denmark, Denmark Place, London, WC2H 0LA
If you are not happy with how we respond to your request, you can contact the ICO via their website https://ico.org.uk/make-a-complaint/
The remainder of this notice provides details of:
· the personal data we collect
· our data retention approach
· the lawful bases we use for processing your personal data
· your rights under data protection legislation
· security of your data.
The personal data we collect
When you use our website
If you want to keep in touch and provide us with your email address and name through the Stay up to date section, we will furnish you with stories and the latest happenings from Chateau Denmark. We may also send you details of events that are happening at Outernet London.
You will be able to unsubscribe at any time by using the link that will be in any emails we send you.
Our contact page provides several options for getting in touch with us, include telephone numbers and email addresses. Any information you choose to give us when contacting us will only be used for the purpose of dealing with, and responding to, your communication.
You can sign up to receive offers and exclusives from our restaurant partners. This is done through their websites and any personal data you choose to share with them will be covered by their privacy notice.
If you, or someone acting on your behalf, book a room with us we need to process your personal data to service your request and require:
· Full name
· Email address
· Telephone number
· Nationality
Payment is taken via our payment services partner and needs:
· Full name
· Card number
· Expiry date
· CVV
You can also opt in to receive our marketing updates when you are on the payment page.
After you have successfully completed your booking, you will receive a confirmation email that invites you to download the Chateau Denmark app. This to enhance your stay with us and provides easy control of in-room climate, lighting, multimedia controls, as well as direct access to our butler services. All we need for this is your last name and room number.
We may use cookies or similar software when you visit our website. For details of this please see our Cookies notice.
When you visit Chateau Denmark
As part of our registration process when you arrive at Chateau Denmark, we are required by law to validate and record:
· a copy of your identity document, for example, your passport
· date of birth
· your physical address.
This information is not used for any other purpose.
We operate CCTV within the public areas of Chateau Denmark for security and safety reasons. The recorded footage is retained for 30 days unless required for evidential purposes.
Chateau Denmark provides two Wi-Fi networks for its guests and visitors. For those staying in one of our rooms the Wi-Fi login details will be provided on arrival and will not require additional personal data. The Chateau Denmark public wi-fi requires that you provide an email address to gain access.
When you apply for a role with us
When you submit an application for a role with us the lawful basis we rely on relates to processing necessary to perform a contract or to take steps at your request, before entering a contract.
If we make a conditional offer of employment, we will ask for additional information to allow us to carry out pre-employment checks, which will include confirming your identify and right to work in the UK. When we do this, we will send you a separate, more specific notice about the personal data we will be processing.
If you are successful, any personal data we have collected during the recruitment process will be added to your employment record. If not, we may keep your personal data to consider you for other roles that come up at a later date.
Who we share your personal data with
We may share your personal data if required to do so by law and only if it is strictly necessary.
We use key suppliers to provide our core services and these are shown in the table below.
Product or service, Organisation, Location
Property management system: MEWS Systems B.V, Netherlands
Guest data platform: Revinate, Netherlands
Payment service provider: MEWS Systems B.V, Netherlands
Gift vouchers: Giftpro, London
Digital marketing: Core Optimisation, Ireland
Forms and details: Malcolm, London
Payment processor: Stripe, Dublin
Recruitment platform: TALOS, Warrington
When you book via a third party - we will send you marketing emails relating to Chateau Denmark, which you can unsubscribe from at any time
We do not sell or otherwise share your personal data with any other third party
Our data retention approach
Chateau Denmark will only retain your personal data for as long as we have a relationship with you or because there is an external requirement for us to do so, for example, for accounting or legal reasons.
The lawful bases we use for processing your personal data
Consent – when you sign up to receive communications from us or provide us with your contact details so we can respond to communications from you.
Contract – when you book a room with us or apply for a position with Chateau Denmark.
Legitimate interests – such as our CCTV that is there to help keep our people, guests and visitors safe.
Your rights under data protection legislation
You have several rights, which are described below, and these depend on the nature of the processing that we are doing.
· Right of access – you can request that we provide you with a copy of your personal data that we hold, which is commonly referred to as a subject access request, what we are doing with it, who we are sharing it with and where we obtained it
· Right to rectification – you can ask us to correct or complete any information that is inaccurate or incomplete
· Right to erasure – you can request that we erase your personal data., also known as the right to be forgotten. It is important to note that this is not an absolute right and there are some circumstances in which it does not apply
· Right to restriction of processing – You can ask us to restrict the processing of your personal data in some circumstances
· Right to object to processing – You can object to us using your personal data at any time. Again, this only applies in certain circumstances, and we may have a legitimate reason to continue to use your personal data
· Right to data portability – this right only applies to personal data that you have given us and where it is being held in electronic form
To exercise your rights under data protection legislation you should contact us using the details given in the contact details section of this privacy notice.
Security of your data
Chateau Denmark takes seriously the security of any personal data that you provide to us and has implemented appropriate technical and organisational measures to protect it from unauthorised access, misuse or compromise.