Introduction
Privacy Policy and Information for Data Subjects pursuant to Art. 13 and Art. 14 of the EU General Data Protection Regulation.
We are committed to protecting and respecting your privacy and security. This Privacy Policy describes the types of information we may collect from you or that you may provide when you visit our website at www.borelandlochtay.co.uk or any subdomain thereof (our “website”), as well as our practices for collecting, using, maintaining, protecting, and disclosing that information.
Please read the following carefully to understand our views and practices regarding your personal data and how we will treat it. By accessing or using the website in any manner, you accept and agree to be bound by this Privacy Policy. If you do not agree with any terms of this Privacy Policy, you may not access or use the website for any purpose. For the purpose of applicable data protection legislation, we, Gigaloch Limited, Pentland House, Saltire Centre, Glenrothes, Fife, United Kingdom, KY6 2AH are the data controller.
This Privacy Policy was last updated on 7 October 2021. Any changes to this Privacy Policy will be communicated on our website. Your continued use of the website after we make changes is deemed to be acceptance of those changes, so please check this policy periodically for updates.
This notice applies to:
- Bookers
- Guests;
- Visitors;
- Callers; and
- Other customers.
And anyone contacting, visiting or using our:
- Websites;
- Facebook sites
- LinkedIn sites; and
- Hotels and other premises.
If you require further details of our Privacy Policy please read more below.
If you have any comments or queries regarding our use of your data, please contact us by email at harry@gigaloch.com or by post at Gigaloch Limited, Pentland House, Saltire Centre, Glenrothes, Fife, United Kingdom, KY6 2AH.
Why we collect personal information
We process personal data to provide services, process and store payment details, and provide other products and services. We also deal with enquiries, gather customer feedback, undertake market research, and direct marketing, in our legitimate interests to promote our business and improve our service and delivery.
On our websites we use third party marketing and analytical cookies plus similar technologies are included in our marketing emails, as explained in our Cookie Policy below. You can reject and block cookies in your browser settings.
We monitor social media to respond to comments or complaints about our business and with the permission of the platform owner we may reproduce your comments on our website, on the lawful basis of our legitimate interests.
In order to fulfil the above purposes:
- We disclose your personal data to payment providers, technology providers, insurers, and other specialist professional and technical service providers and advisers, to manage your bookings, arrange payments, and provide services.
- We keep your data to enable us to fulfil our contract with you or to provide services, where required by law, to respond to a question or complaint, to obey rules about keeping records, to uphold or protect contractual or legal rights or where it is in your or another party’s vital interests or our legitimate interests. Where we process personal data on the basis of your consent, we will retain it for as long as required for the specified purpose. We also keep your data in line with any statutory limitation periods and for tax, legal or regulatory purposes.
We may provide additional information during the booking and check-in process and at other points at which we collect your personal data.
The type of personal information we may collect
Personal data or personal information means any information about an individual from which that person can be identified. It does not include data or information where the identifier has been removed (anonymous data).
We collect personal information from various sources, such as directly from you when you access or use the website. This includes site visits, using our website, or corresponding with us. This includes:
- Information that you provide by filling in forms on our website. This includes information provided at the time you subscribe to our services, post comments or material to the website, or request further services. We may also ask you for information when you enter a contest or promotion sponsored by us or when you report a problem with our website;
- Personal identifiers, such as title, name, postal and email addresses, postcode, and contact telephone numbers. We may also collect the names of those who are part of a group booking where necessary, and the age of children to meet your needs (e.g. to provide a cot) and enable us to confirm any restrictions that may apply to a room booking;
- Records and copies of your correspondence (including email addresses), if you contact us;
- Business-to-business information, for corporate customers and corporate business leads and contacts: job title, business address and business email address;
- Transaction information (if and to the extent that any such payment information constitutes personal data), including payment, reservation and booking details, and including meals, beverages & car parking;
- Your search queries on the website;
- Facebook Page Insights Data. In relation to our Facebook Pages, we may receive Insights Data from Facebook, i.e. aggregated data that can help us to understand how visitors are engaging with our Page, which may be based on personal data collected during your visit to our Page or its contents. In relation to the processing of this personal data only, we are joint controllers with Facebook Ireland Limited. Facebook Ireland Ltd has agreed to take primary responsibility under the GDPR for the processing of Insights Data and to comply with all applicable obligations under the GDPR with respect to the processing of Insights Data, so all requests and queries should be addressed to Facebook Ireland Limited. The Page Insights Controller Addendum sets out our respective responsibilities and is subject to the jurisdiction of the Irish Courts and the laws of Ireland. The Irish Data Protection Commissioner is the lead supervisory authority; and
- Customer special requests and feedback including complaints, whether via phone call, emails, or online free text fields.
As you navigate through and interact with our website, we may use automatic data collection technologies to collect certain information about your equipment, browsing actions, and patterns, including:
- Details of your visits to our website, including traffic data, location data, logs, and other communication data and the resources that you access and use on the website;
- Information about the devices you use to access the website (such as the IP address and type of device, operating system, and web browser);
- Dates, times, and the duration of your use of the website (including whether you are a repeat or first time visitor to the website); and
- Information about your online activities over time and across third-party websites or other online services (behavioral tracking).
Information we collect automatically may be statistical data that does not include personal information. We may maintain or associate any such statistical data with personal information we collect in other ways or receive from third parties. It helps us to estimate our audience size and usage patterns, speed up user experience, and to improve and personalise our services, including enabling us to identify and authenticate users. To the extent that we associate any of this non-personal information with your personal information, we will treat it as personal information under the terms of this Privacy Policy.
Technologies we use for automatic data collection may include cookies. A cookie is a small file placed on the hard drive of your computer. Pages of our website and our emails may also contain small electronic files known as web beacons (also referred to as clear gifs, pixel tags, and single-pixel gifs) that permit us, for example, to count users who have visited those pages or opened an email and for other related website statistics (for example, recording the popularity of certain website content and verifying system and server integrity).
We may also receive personal data about you from another source. Third parties that we receive personal data from may include:
- Corporate customers and public information sources such as Companies House or similar registers in the jurisdictions of our operations;
- Comparison and review websites;
- Social networks;
- Marketing service providers and advertising technology providers; and
- Other licensees in accordance with licensing requirements.
Some content or applications on the website may be served by third-parties, including content and application providers. These third parties may use cookies alone or in conjunction with web beacons or other tracking technologies to collect information about you when you use our website. The information they collect may be associated with your personal information or they may collect information, including personal information, about your online activities over time and across different websites and other online services. They may use this information to provide you with interest-based (behavioral) advertising or other targeted content.
We do not control these third parties’ tracking technologies or how they may be used. If you have any questions about any targeted content, you should contact the responsible provider directly.
Why we have your personal information
We will only collect personal data where that information is necessary for us to complete one of the listed functions or activities.
We use information that we collect about you or that you provide to us, including any personal information:
- To provide, operate, and maintain our website;
- To improve, personalize, and expand our website;
- To understand and analyze how you use our website;
- To develop new products, services, features, and functionality;
- To communicate with you, either directly or through one of our partners, including for customer service, to provide you with updates and other information relating to the website, and for marketing and promotional purposes;
- To send you emails;
- To protect against and prevent fraud, unauthorised transactions, claims, and other liabilities, and manage risk exposure, including by identifying potential hackers and other unauthorised users;
- To process orders you place and complete other transactions you have requested, and to maintain a record of your transactions;
- To send you information you request;
- To provide you with products and services you request;
- To respond to your questions and comments and provide customer support;
- To communicate with you about our products, services, offers, and promotions;
- To operate, evaluate, and improve our business and the products and services we offer;
- To enforce our agreements with our clients;
- To comply with applicable legal requirements and industry standards; and
- For any other purpose for which you provide your consent.
Basis for processing information
Under the General Data Protection Regulation (GDPR), the lawful bases we rely on for processing this information are:
1. We have a contractual obligation.
We use your information when you enter into a contract with us so we can:
- process your contract;
- take payment; and
- provide you with customer support.
2. We have a legitimate business interest.
To conduct market research and analysis which helps improve and customise our products and services.
For our marketing purposes, unless your consent is required for such marketing.
To send you customer service emails including booking confirmations and reminders.
To prevent or detect unlawful behaviour, to protect or enforce our legal rights or as otherwise permitted by law.
3. Your consent.
You are able to remove your consent at any time. You can do this by contacting harry@gigaloch.com.
To deliver tailored advertising and marketing communications on our websites and apps (see our Cookie Policy below for more information).
How we store your personal information
Your information is stored in our secure servers.
Unfortunately, the transmission of information via the internet is not completely secure. Although we will do our best to protect your personal data, we cannot guarantee the security of your data transmitted to us; any transmission is at your own risk. Once we have received your information, we will use strict procedures and security features to try to prevent unauthorised access.
Data is only accessible to staff who require access for work and staff are trained to ensure that your data is secure.
We will only use and store information for so long as it is required for the purposes it was collected for. How long information will be stored for depends on the information in question and what it is being used for.
If you request to be removed from our contact database, we will remove you from the database but will keep a record of your request to be removed.
We continually review what information we hold and delete what is no longer required.
Third party providers
Without limiting the foregoing, we may also employ third party companies and individuals to facilitate our website and to process data, perform website-related services, or to assist us in analysing how our services are used (collectively, “third party providers”). These third party providers may have access to your personal information for purposes of performing these tasks on our behalf, and may have the right to retain and use personal information or other information through performance of these tasks in accordance with the terms of the applicable third party provider’s privacy policy. We advise you to review the privacy policies of the third party providers, but note that we have no control over and assume no responsibility for the content, privacy policies, or practices of any third party providers, their sites or services.
Third party providers may include, but are not limited to, the following:
- Analytics. We may use third party providers to monitor and analyse use of our website.
- Google Analytics. Google Analytics is an independent web analytics service offered by Google that tracks and reports website traffic. Google uses the data collected to track and monitor the use of our website. This data is shared with other Google services. Google may use the collected data to contextualise and personalise the ads of its own advertising network. You can learn about Google’s privacy practices at https://www.google.com/intl/en/policies/privacy.
- ActiveCampaign. ActiveCampaign is a user database management service that tracks and reports website traffic. We may use ActiveCampaign’s site tracking feature to track website visits and user interaction. We may use this data to determine the number of people using our site to better understand how they find and use our web pages and to see their journey through the website. Information is only gathered by ActiveCampaign for those contacts that are already in our database and who have consented to receive communications from us. You can learn about ActiveCampaign’s privacy practices at https://www.activecampaign.com/legal/privacy-policy.
You may opt out of the aggregation and analysis of data collected about you on our website by Google Analytics by downloading the Google Analytics opt-out browser add-on, available at https://tools.google.com/dlpage/. Please note that if you opt out, analytics companies other than Google Analytics may continue to aggregate and analyse data collected about you on the website.
Other Service Providers
- Google Ads. Google Ads may be used to develop and enhance our online advertising. You can learn about Google’s privacy practices at https://www.google.com/intl/en/policies/privacy.
- Facebook. We may use Facebook Ads to enhance and customise our online advertising. You can learn about Facebook’s privacy practices at https://www.facebook.com/privacy/explanation. You can also view your Facebook Ad Preferences under your Facebook settings.
- Twitter. We may use Twitter to customise and target our online advertising. You can learn about Twitter’s privacy practices at https://twitter.com/en/privacy. You can learn more about how to opt out of Twitter’s targeted advertising by visiting https://help.twitter.com/en/safety-and-security/privacy-controls-for-tailored-ads.
- LinkedIn. We may send data to LinkedIn about actions you take on the website after you interact with a LinkedIn ad. You can learn about LinkedIn’s privacy practices at https://www.linkedin.com/legal/privacy-policy. You can also manage your preferences under your LinkedIn settings.
- Reddit. We may use Reddit Ads to supplement and target our online advertising. You can learn about Reddit’s privacy practices at https://www.redditinc.com/policies/privacy-policy.
- ActiveCampaign. We may use the email service ActiveCampaign to send automated emails to those who have registered interest in Gigaloch. You can learn about ActiveCampaign’s privacy practices at https://www.activecampaign.com/legal/privacy-policy.
Your data protection rights
Under data protection law, you have rights including:
- The right to ask us for copies of your personal information
- The right to ask us to rectify personal information you think is inaccurate
- The right to ask us to complete information you think is incomplete
- The right to ask us to erase your personal information in certain circumstances
- The right to ask us to restrict the processing of your personal information in certain circumstances
- The right to object to the processing of your personal information in certain circumstances
- The right to ask that we transfer the personal information you gave us to another organisation, or to you, in certain circumstances
You are not required to pay any charge for exercising your rights. If you make a request, we have one month to respond to you.
Please contact us at harry@gigaloch.com if you wish to make a request.
Disclaimers
Every effort is made to ensure that the information provided on this website, and in this Privacy Statement, is accurate and up-to-date, but no legal responsibility is accepted for any errors or omissions contained herein.
We cannot accept liability for the use made by you of the information on this website or in this Privacy Policy, nor do we warrant that the supply of the information will be uninterrupted. All material accessed or downloaded from this website is obtained at your own risk. It is your responsibility to use appropriate anti-virus software.
This Privacy Policy applies solely to the data collected by us, and therefore does not also apply to data collected by third party websites and services that are not under our control. Furthermore, we cannot be held responsible for the Privacy Policies on third party websites, and we advise users to read these carefully before registering any personal data.
Data breaches
We will report any unlawful data breach of this website’s database, or the database(s) of any of our third party data processors, to all relevant persons and authorities within 72 hours of the breach if it is apparent that personal data stored in an identifiable manner has been stolen.
Contact us
If you have any concerns or complaints about the ways in which your personal information has been handled as a result of you using this website, you can contact us at harry@gigaloch.com.
Alternatively, you have the right to complain to the Information Commissioner’s Office (ICO) if you are unhappy with how we have used your data.
The ICO’s address:
Information Commissioner’s Office
Wycliffe House
Water Lane
Wilmslow
Cheshire
SK9 5AF
Helpline number: 0303 123 1113
ICO website: https://www.ico.org.uk