GDPR (General Data Protection Regulations)
We are committed to protecting your privacy and maintaining the security of any personal information you provide us with. This statement outlines how we ensure this and how we comply with legislation on data protection.
Information We Collect
We may collect personal information from you in order to fulfil your service requests. This includes email addresses, personal name, postal address, and contact numbers. Any personal information used is for the operation and fulfilment of a service requested by you.
Under the Data Protection Act 1998 and the General Data Protection Regulations 2018, you have the right to review any personal information provided to us at any time. This includes reviewing for correctness, requesting correction of errors, that information cannot be used to contact you, that information be deleted from our records, and to opt-out of communication.
Credit Card details are stored on a secure booking system when making a booking in order to secure the reservation. All card details are automatically deleted once the guest has checked out. We do not sell, rent or share customer details with any third party for commercial reasons.
Keeping Your Information Secure
Our servers are protected using HTTPS and SSL technology. Any data provided by you to us will be as secure as it can be. We are fully aware of our responsibilities regarding data under the Data Protection Act 1998 and the General Data Protection Regulation 2018.
If we ask an external organisation to provide a service for us we will always ensure that they have appropriate security measures in place
What Are Cookies
Cookies could be either ‘persistent’ or ‘session’ cookies. A persistent cookie will be stored by a browser and remain valid until its set expiration date and can be deleted by the user prior to expiry. A session cookie expires at the end of the user session on a website once the browser has been closed.
1. To provide a more interactive and personal user experience
2. For statistical purposes
3. To show adverts that you may be interested in and control the number of times you see them
It is important to note that disabling cookies may have a negative impact on how a site runs.
Cookies Used By Serviced Providers
Social Media Profiles
We may use official profiles on social media channels. We advise our users to verify the legitimacy of any profile pertaining to be our company before interacting with them. Our social media profiles will never ask for user passwords or personal details.
External Web Links
We are strongly against spam. We only contact our customers when they have requested to receive communication or there is a need to update you on information about services you have requested from us when signing up to our news letter.
Track And Trace Policy
To support NHS Test and Trace (which is part of the Department for Health and Social Care) in England, we have been mandated by law to collect and keep a limited record of staff, guests who come onto our premises for the purpose of contact tracing. You can choose whether to use our service or the NHS COVID-19 app. This official app can be downloaded from your app store.
By maintaining records of staff, guests and visitors, and sharing these with NHS Test and Trace where requested, we can help to identify people who may have been exposed to the coronavirus.
As a guest you will be asked to provide some basic information and contact details, which will be collected at the time of booking. The following information will be collected:
- the names of all guests residing in the apartment.
- a contact phone number for each guest, or for the lead member of a group of people.
- a contact email address for the lead booker
- date of check in and departure
UR STAY Apartments as the data controllers for the collection of your personal data, will be responsible for compliance with data protection legislation for the period of time it holds the information. When that information is requested by the NHS Test and Trace service, the service would at this point be responsible for compliance with data protection legislation for that period of time. If you use the NHS COVID-19 app, they are the data controller.
The NHS Test and Trace service as part of safeguarding your personal data, has in place technical, organisational and administrative security measures to protect your personal information that it receives from UR STAY Apartments, that it holds from loss, misuse, and unauthorised access, disclosure, alteration and destruction.
In addition, if you only interact with one member of staff during your stay, the name of the assigned staff member will be recorded alongside your information.
NHS Test and Trace have asked us to retain this information for 21 days from the date of your departure, to enable contact tracing to be carried out by NHS Test and Trace during that period. We will only share information with NHS Test and Trace if it is specifically requested by them.
For example, if another guest at UR STAY Apartments reported symptoms and subsequently tested positive, NHS Test and Trace can request the log of customer details for a particular time period (for example, this may be all guests who stayed during that time period).
In addition the information is held on our central booking system, with restricted logged access. Where the information is only collected for the purpose of contact tracing, it will be destroyed by us 21 days after the date of your visit.
Your information will always be stored and used in compliance with the relevant data protection legislation.
The use of your information is covered by the General Data Protection Regulations Article 6 (1) (c) – a legal obligation to which we as an apartment provider are subject to. The legal obligation to which we’re subject, means that we’re mandated by law, by a set of new regulations from the government, to co-operate with the NHS Test and Trace service, in order to help maintain a safe operating environment and to help fight any local outbreak of corona virus.
Other Privacy Notices
We retain personal information for the period necessary to fulfil the services requested unless a longer retention period is permitted or required by law.
This latest revision comes as a result of our ongoing efforts to be transparent and to comply fully with new data protection regulations.
All changes will be effective immediately.