Privacy Policy | Crowne Plaza Royal Victoria

Crowne Plaza Sheffield – Privacy Policy

Introduction:

1.1 At Crowne Plaza Sheffield (“Crowne Plaza” or “us” or “we” or “our”), we respect the privacy rights of our online visitors and users of our website (“Site”), and recognise the importance of protecting the information we collect about you. This Policy is designed to help you understand how we collect, hold, process, disclose and delete personally identifiable information (“personal data”) about you.

1.2 This Policy, together with our Cookie Policy (https://cpsheffield.co.uk/cookie-policy/) sets out the basis on which we, Beck Conroy Consulting Limited, with company number 04079644 and registered address of Crowne Plaza Royal Victoria, Victoria Station Road, Sheffield, England , S4 7YE, will process any personal data we collect from you, or which you provide to us, in the course of using our Site (https://cpsheffield.co.uk/).

1.3 For the purposes of the Data Protection Act 2018 (“DPA’18”) we are the data controller and can be contacted on the following email address – [email protected].

Your information:

2.1 The personal data of users of our Site is processed under the General Data Protection Regulation (“GDPR”) and DPA’18 on the lawful basis of legitimate business interest to facilitate sale and marketing information relating to the provision of our services.

2.2 The provision of personal data is necessary in order to facilitate the provision of the service.

Information that may be collected about you:

3.1 The following personal data may be collected from you as a user of our Site when you either 1) fill in our contact form; or 2) make a booking.

Your full name;
Your email address;
Your full address, including your street address, city, county and postcode;
Your phone number;
Your vehicle registration;
Your payment information, including your account number, sort code, CVC number and expiry date.

3.2 During the course of using our Site other personal data may be collected from you. The personal data that may be collected includes:

Your Internet Protocol (“IP”) address;
Any referring or exit pages taking you to or from our Site;
Your web and browser type;
Your device type, for example IOS or Android;
Your time zone and location;
Date and time stamps;
Any browser plug-ins; and
Your operating system.

How your personal data may be used:

4.1 The personal data we collect about you during the course of you using our Site may be used in a number of ways including, but not limited to, the following:

To respond to any enquiries made through our contact form;
To provide any services as requested;
To fulfill our obligations under any contract we have with the users of our Site;
To collect payment for our services;
To provide you with updates regarding our Site and/or services;
To ensure that the content on our Site is presented in the most optomised and effective manner for you and your device;
To diagnose and fix technology issues;
To control unauthorised use or abuse of our Site, or otherwise detect, investigate or prevent activities that may violate our policies or are otherwise illegal;
To notify you about any changes to our services and our policies;
To deliver support where necessary;
To administer our Site including data analysis, testing, traffic monitoring, research, statistical and survey purposes; and
To send you newsletters and other marketing information from time to time.

4.2 If you do not wish to be contacted for marketing purposes, please tick any relevant box on which you submit your personal data or unsubscribe from any marketing communication using the unsubscribe function in the footer of the email.

Where your personal data may be stored:

5.1 The personal data you provide to us will be stored on our UK based secure servers which are encrypted using RSA encryption at 2048 bits.

5.2 We take your privacy seriously and will take all reasonable steps to protect your personal data. However, please beware that any data which you send to us via our Site is sent at your own risk.

5.3 In order to provide services to you, we may transfer your personal data to third parties, parent companies, affiliates, subsidiaries and other service providers, some of which may process and/or store your personal data outside of the European Economic Area (“EEA”). In such instances all reasonable steps will be taken to ensure that your personal data is treated securely and in accordance with this Policy (where possible). Any data transfers that take place outside of the EEA will be covered by appropriate safeguards, for example Standard Contractual Clauses (“SCCs”).

How your personal data may be disclosed:

6.1 In accordance with section 5.3 above, the third parties in which your personal data may be disclosed to include, but are not limited to:

Gravity Forms – https://www.gravityforms.com/privacy/; and
IHG Hotels and Resorts – https://www.ihg.com/content/us/en/customer-care/privacy-and-cookie-center.

6.2 Please note that some personal data collected through our Site may be collected directly by either of the above processors however, this personal data may still be stored and processed by us.

Additional information regarding the storage of your personal data:

7.1 We hold your personal data in a combination of hard copy and electronic files for the period necessary to support out Site, comply with our legal obligations, resolve disputes, or otherwise fulfill the purposes outlined in this Policy.

7.2 In order to provide our services, we may use third party systems who may process, store and/or have access to your personal data. These third parties will act as data processors on our behalf and will operate in line with this Policy where possible.

7.3 We may also retain backup information on our servers for some time in order to comply with applicable laws and regulations, and our internal security policies and procedures. Where applicable, we do not always remove or delete all of your personal data for a number of reasons including due to technical and system constraints, contractual or legal requirements.

7.4 In line with the DPA’18 and our internal data retention policies, we only retain data for as long as necessary. After the relevant data retention period comes to an end, all of the data stored, including personal data, will be review and securely deleted/destroyed.

7.5 Please note that no method of transmission over the internet, method of electronic storage or other security measures are 100% secure. Therefore, while we strive to use commercially acceptable means of security, such as firewalls, encrypted databases with limited physical and electronic access, and other encryption methods, to protect your personal data against unauthorised use, disclose or modification, we cannot guarantee its absolute security.

Processing of personal data of those below the age of 13:

8.1 This Site is not intended for use by anyone under the age of 13 and therefore we do not in any way knowingly collect or solicit personal data from anyone under the age of 13. If you are under the age of 13, you may not attempt to send any information about yourself to us, including your name, address, telephone number, or email address.

8.2 In the event that we confirm that we have collected personal data from under the age of 13 without verification of parental consent, we will delete/destroy that information promptly. If you are a parent or legal guardian of a child under the age of 13 and believe that we might have any information from or about such child, please contact us at the email or mailing address provided at the end of this Policy.

Data subject rights:

9.1 Subject access request – Under the DPA’18 you have the right to access the personal data we hold about you. If you wish to exercise this right, please send your request to [email protected].

9.2 Right to rectification – Under the DPA’18 you have the right to request the amendment or updating of all the personal data that we hold about you. If you wish to exercise this right, please send your request to [email protected].

9.3 Right to erasure – Under the DPA’18 you have the right to have all of the personal data that we hold about you deleted in line with our statutory and legal responsibilities. If you wish to exercise this right, please send your request to [email protected].

9.4 Right to restriction of processing – Under the DPA’18, and in line with Article 18 (1) (a) to (d) of the GDPR, you have the right to obtain from us the restriction of processing. If you wish to exercise this right, please send your request to [email protected].

9.5 Right to data portability – Under the DPA’18, where applicable, you have the right to request a copy of all of the personal data we hold about you in a structured, commonly used and machine-readable format. If you wish to exercise this right, please send your request to [email protected].

Enforcement:

10.1 We regularly review our compliance with relevant data protection laws and regulations, and this Policy.

10.2 Where applicable, we will cooperate with the appropriate regulatory authorities, including data protection authorities, for example the UK Information Commissioners Office (“ICO”), to resolve any complaints regarding the collection, processing and disclosure of personal data that cannot be resolved between us and the individual.

Notices and provisions:

11.1 Please note that this Policy applies to the Crowne Plaza Sheffield Site only. If you as a user of this Site click on or follow any links from our Site to an external website or application, this Policy will no longer apply. Please ensure you check the privacy policies of any such external website before submitting any personal data as we cannot accept no responsibility or liability in relation to such websites.

11.2 We reserve the right to change this Policy at any time. These changes will take immediate effect unless you are notified otherwise. For this reason, we recommend that you refer to this Policy on an ongoing basis so that you understand our current practice at the time of using our service.

11.3 If you have a concern about this Policy or you would like to know more about how your personal data is collected, processed, stored or disclosed, please contact us.

11.4 If you wish to contact us with a complaint regarding the processing of your personal data, please ensure you include your full name, contact information and a detailed description of your complaint.

11.5 If you are not satisfied with our response to any of your data subject rights or a complaint that you have made, you may also contact your local data protection authority to lodge a complaint.

Contact information:

12.1 If you have any questions regarding this Policy or want to exercise any of your data subject rights, please email us on [email protected].

12.2 As outlined above in section 11.5, should you not be satisfied with the process, conduct or response to a request you have made you have the right to complain to the ICO. The contact information for the ICO can be found here (https://ico.org.uk/make-a-complaint/).

Cookie	Duration	Description
ak_bmsc	2 hours	This cookie is used by Akamai to optimize site security by distinguishing between humans and bots
cookielawinfo-checkbox-advertisement	1 year	Set by the GDPR Cookie Consent plugin, this cookie is used to record the user consent for the cookies in the "Advertisement" category .
cookielawinfo-checkbox-analytics	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Analytics".
cookielawinfo-checkbox-functional	11 months	The cookie is set by GDPR cookie consent to record the user consent for the cookies in the category "Functional".
cookielawinfo-checkbox-necessary	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookies is used to store the user consent for the cookies in the category "Necessary".
cookielawinfo-checkbox-others	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Other.
cookielawinfo-checkbox-performance	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Performance".
viewed_cookie_policy	11 months	The cookie is set by the GDPR Cookie Consent plugin and is used to store whether or not user has consented to the use of cookies. It does not store any personal data.

Cookie	Duration	Description
_ga	2 years	The _ga cookie, installed by Google Analytics, calculates visitor, session and campaign data and also keeps track of site usage for the site's analytics report. The cookie stores information anonymously and assigns a randomly generated number to recognize unique visitors.
_gat_gtag_UA_135674868_1	1 minute	Set by Google to distinguish users.
_gid	1 day	Installed by Google Analytics, _gid cookie stores information on how visitors use a website, while also creating an analytics report of the website's performance. Some of the data that are collected include the number of visitors, their source, and the pages they visit anonymously.
TADCID	10 years	Tripadvisor sets this cookie to store a unique ID for users, to help them view embedded content from Tripadvisor.

Cookie	Duration	Description
_fbp	3 months	This cookie is set by Facebook to display advertisements when either on Facebook or on a digital platform powered by Facebook advertising, after visiting the website.
fr	3 months	Facebook sets this cookie to show relevant advertisements to users by tracking user behaviour across the web, on sites that have Facebook pixel or Facebook social plugin.

Website Cookies