We are committed to protecting and safeguarding your personal data.
The cotswoldhotelbreaks.com website, and its partner websites offpeakluxury.com, countryhotelbreaks.com, luxuryhotelbreaks.com, lakelandluxury.com, are owned and managed by OPL Leisure Group Ltd, of Brook Leigh, Lee Mill Road, Hebden Bridge, West Yorkshire, HX7 7AB, England.
Information We Collect From You, & How We Use It
When you make a booking with us, we ask for information such as your name, email address, postal address, telephone or mobile numbers, the names of the people in your party and any preferences (e.g. dietary, room) for your stay. If we speak to you by phone, we may record the conversation and store it for no longer than one year. This is to help us with training and quality control internally and to provide a record of what was discussed and agreed.
When you visit our website(s), even if you do not make a booking, we may collect certain technical information such as your IP address (the numerical address on the internet of your computer or device), information about your computer's operating system, the web browser you are using, which pages you have viewed, and other technical information about how your device operates. We collect this anonymous information to enable us to ensure that our customers get the best possible online experience and that our website(s) work correctly for all our users.
When you call or email us, we collect information from you, such as email address and telephone number, to enable us to process your enquiry or question.
Following your stay at one of our member properties, we may email you to review your experience. This gives other guests the opportunity to see honest reviews of our partners' hotels. You have a choice whether to display your name in the review, to display only initials, our to remain anonymous.
Following your booking with us, our independent reviews partner Reviews.co.uk may ask you to complete a short review of the service you have received from us. Again, you have the choice whether to remain completely anonymous, or to display only your first name and first initial of your surname in the review. We ensure that this company maintains a level of data protection as robust as that of OPL Leisure Group Ltd.
We make an online account facility available on our websites, which allows you to save your details for future bookings, and to store details of your reservation. Passwords are encrypted and of OPL Leisure Group Ltd staff do not have access to them.
We also store your information to send you marketing materials in which we think you may be interested, with your permission. You may opt out of these marketing materials at any time by clicking the unsubscribe link in the email or by using this link on our website.
If you have opted in to receive marketing communications from us, we may also contact you by email from time to time for research purposes, to ask about your experience of our website and our booking process. This enables us to continuously improve the website and customer service. You are of course under no obligation to complete any research survey that we send.
If you have started a booking on our website but have failed to complete it, we may send you an email to remind you to continue with your booking, or to help us understand if there was a problem.
Confirmations by Email, Fax, Post
We may send you a booking confirmation by email or post if you have requested it. Your booking confirmation is also available in your online account.
Fraud Detection & Prevention
We may use your personal data for the detection and prevention of fraud and other illegal or unwanted activities.
Improving Our Services
We may also use anonymous data for analytical purposes, to understand how our customers use our site and to improve our service to you.
Social Media Policy
Who We Share Your Information With
In certain circumstances, we may share your personal information with third parties, as follows:
The hotel you have booked
In order to facilitate your reservation, we need to transfer your information to the hotel you have booked. This includes information such as your name and telephone number, how you have paid (but not your credit or debit card information), the names of the guests in your party, and any room or dietary preferences. This information is never used for marketing purposes by us or the hotel you have booked.
Third party service providers
We do make use of third party service providers to process your information on our behalf, for example when sending marketing material to you, for analytical support services, customer service, distribution of surveys, or credit card processing. We ensure that such data processors take your privacy as seriously as we do,are fully compliant with the provisions of the GDPR, and that they do not hold on to your personal data for longer than is strictly necessary. These service providers are also subject to stringent confidentiality clauses and may not use your personal information for their own, or anyone else's, purposes.
We disclose personal data to the police or other government authorities as required by law or is necessary for the prevention, detection or prosecution of criminal acts or fraud.
How You Can Access Your Information
You of course have the right to review any of the information we hold about you. Should you wish to do so, or should you wish to have us remove all the information we hold about you, please email firstname.lastname@example.org.
How We Protect Your Information
In accordance with the GDPR, we take reasonable steps to prevent unauthorised use of, and access to, your personal data. Any credit card data you send to our card processing partner is protected by industry standard encryption technologies, and there are physical and technical restrictions in place to prevent unauthorised access to our servers.
We do not store your credit card details, even if you have set up an online account with us. You enter your credit card information only via our card processing partner. We simply receive notification of the success or failure of your card transaction.
Our services are not intended for, or directed at, children less than 18 years of age. The use of our services by children is only allowed with the consent of a parent or guardian. If we knowingly receive information from a child under 18, we reserve the right to remove it from our systems.
What Are Cookies?
Cookies are small files of information that are stored on your computer or device when you visit almost any modern website. Indeed, most websites, particularly websites where you make a transaction, or where information is stored between different pages you view, would not work without cookies. Cookies are text files - they are not computer programs - and are not harmful to your computer or mobile device. We use them to improve and enhance your experience of our website.
We also make use of third party cookies through our marketing and advertising partners. These 'third party cookies' enable relevant advertising to be shown to you on our website(s) or on other website(s).
Types of Cookies We Use
We use a number of types of cookies on our website(s). Some cookies (called 'session cookies') are immediately removed when you leave. Some cookies (called 'persistent cookies') remain on your computer or device for a period of time, even after you have left our website(s). They enable us to recognise your computer or device when you return.
These cookies, which, for example, remember your device as you browse through the pages on the site, are essential as our website(s) would not work without them.
Performance & Analysis Cookies
To ensure we understand how you use our website(s), and to make your experience as positive as possible, we use performance and analysis cookies. These cookies are set by our analytics partner, Google. These cookies do not personally identify you, and they only provide us with anonymous, aggregated information about how our visitors use our website(s).
Advertising, including third party cookies, help to make the advertisements you see on our website(s) and other websites as relevant as possible. This is called 'retargeting', or sometimes 'remarketing', and is based on you previous browsing activity. For example, if you have been searching for a hotel in the Cotswolds on our website(s), you may see advertisements for similar hotels on our or other website(s).
Social Networking Cookies
Social networking cookies are set by the social media provider when you share or like a page on our website.
You can also change the settings in your web browser to delete or disable cookies from our website(s), other websites, or all websites. However, some of the functionality on our website(s) may not work as intended, and you may not be able to login to your online account.
The website http://www.abouttcookies.org provides clear information about how you can manage cookies on the most popular types of web browsers.
We may also use web beacons on our website, or via a third party data processor we use to distribute our email marketing materials. They enable us to understand how our emails have been read, and how our customers interact with them and to enhance our message and service. Web beacons do not allow us or any third party to access your personal information.
Delete All Cookies
If you wish to permanently remove all cookies set by our website(s), you may use the following link to purge all cookies. However, unless you change your cookie preferences in your web browser, cookies will be set again when you return to our website(s).
Our Data Security
We have appropriate security measures in place to prevent personal information from being accidentally lost, used or accessed in an unauthorised way.
The following security procedures, and technical and organisational measures to safeguard your personal information have been put in place:
Our web site platform is hosted in ISO 27001 & PCI DSS certified secure data centres in the UK.
Firewalls, intrusion detection and prevention, anti-virus and anti-malware and backup and disaster recovery is in place to prevent data loss or deletion.
24/7 security guard, closed circuit television and a door access control system to authorized personnel secures our offices and data centres.
Our applications are engineered by following industry standards to minimise security vulnerabilities, and updated on a regular basis.
Intrusion detection and prevention secures the network traffic to the servers and applications.
Anti-malware and anti-virus software is deployed to all of our servers and regularly scan and update with the latest anti-malware and virus signatures.
We regularly apply critical, security patches and firmware updates to operating systems and physical hardware to minimise the risk of vulnerabilities.
We use a restricted list of employees having access to secure areas of the applications, databases and physical infrastructure. Access to the secure areas are logged and auditable.
We will use all reasonable efforts to safeguard your personal information. However, you should be aware that the use of the Internet is not entirely secure and for this reason we cannot guarantee the security or integrity of any personal information which is transferred from you or to you via the Internet.
We limit access to your personal information to those who have a genuine business need to know it. Those processing your information will do so only in an authorised manner and are subject to a duty of confidentiality.
We also have procedures in place to deal with any suspected data security breach. We will notify you and any applicable regulator of a suspected data security breach where we are legally required to do so.