By using Bodmin Jail, our websites (including our mobile site), our mobile app, our social media pages, our dedicated telephone reservations line, our helpdesk functions and any other Digitickets service, you are acknowledging that we are processing your personal information and, where necessary consenting to such practices, as outlined in this statement.
Personal information which we collect
We collect personal information about you (and others if their personal information is provided by you) when you:
(a) make or manage a booking either personally or as a guest of another guest;
(b) register or alter details;
(c) request a brochure;
(d) sign up for our newsletter and other marketing emails (in line with Marketing below);
(e) enquire about or apply for a Loyalty Card; engage with us to receive helpdesk services (such as by contacting our customer services department, through the “Contact Us” form on our website or by calling our telephone helpline (which may be recorded);
(f) post material to our website and / or social media page;
(g) complete customer feedback or surveys as part of your visit to the Jail;
(h) register at the reception;
(i) raise a complaint or dispute with us or are involved in a legally recordable incident at our premises (e.g. in relation to health and safety reporting);
(j) speak to one of our representatives, or members of our customer services or PR team;
(k) participate in competitions or promotions;
(l) and / or use our website and customer applications in any other way.
The personal information collected in the above manner may include the following about you (and others if their personal information is provided by you):
(a) full name;
(b) postal address;
(c) email address;
(d) telephone number;
(e) payment details;
(g) machine identifiers (such as IP addresses);
(h) dispute resolution information;
(i) disability and health information;
(j) supplementary information (dietary and other preferences and special requirements);
(k) image data;
(m) voice recordings; and
(n) identification information (such as passports, drivers’ licences or national identity cards).
Personal information provided by third parties
We may receive information about you from other sources (such as the Mail Preference Service), which we will add to the information we already hold about you in order to help us provide our products and services in accordance with your requirements and to ensure that the quality of data we have on your account(s) is maintained properly. We may also obtain information about you from social media providers such as Twitter and Facebook or from third party websites where you have left commentary or feedback about us (for example on TripAdvisor).
How we use your information
We will collect personal information:
1) in order to take the necessary steps in preparation of, or to fulfill our obligations under, a booking contract:
a) Bookings and payments – provide communications about bookings, products and services being provided to you (and others if their personal information is provided by you);
b) Bookings and account updates – send details of new, amended or cancelled – usually via email;
d) Website service communication – provide notifications of any changes to our website or to our services that may affect you (and others if their personal information is provided by you);
e) Customer service communication – provide you with requested information or correspondence, such as a response from us to an enquiry made by you;
f) To provide assistance in completing bookings – send reminder emails to continue with a booking which is in your “basket” on our websites or mobile app but is not paid and completed;
g) Maintain your Loyalty Card – create a profile about you in relation to your booking, to update our records, create and maintain your account.
2) with your consent:
a) Marketing communications – create a profile about you for marketing purposes to tailor our communications to you. We may use automated processes to do this;
b) Promotional offers – inform you about promotional offers and other products or services that may be of interest (in line with Marketing communications above);
c) Maintain records indicating your consent to status – to ensure we accurately reflect your wishes when communicating to you.
3) in our legitimate interest* improve our services:
a) Market research – to contact you (and others if their personal information is provided by you) to ask about the experience using our services as part of a continual programme of customer service improvement. This is not marketing communication and is separate to Marketing communications above. We may use third parties for example TripAdvisor to provide such market research communications to you on our behalf;
b) Website customisation – to customise our website and its content to your particular preferences in accordance with the Cookies and Tracking section below;
c) Customer support – monitor calls and help train staff in relation to our customer support and helpdesk function;
d) Product and service improvement – to improve our product and services;
e) Service analysis – to conduct research, statistical analysis and behavioral analysis. This may include providing aggregate statistical information relating to customers, sales, traffic patterns and related site information to reputable third parties.
4) in our legitimate interest* to protect against fraud:
a) Website improvement and fraud prevention – improve our websites, prevent or detect fraud or abuses of our websites and enable third parties to carry out technical, logistical or other functions on our behalf;
b) Security – carry out security checks when allowing you access to our services and to block fraudulent or suspected fraudulent activity.
5) in order to meet our legal obligations:
a) Taxation – ensure we meet our tax and other regulatory obligations;
b) Registration – ensure local jurisdiction regulations are complied with (where registration is necessary in such jurisdictions).
* any reliance on legitimate interest shall not prejudice your interest or fundamental rights and freedoms.
We may periodically send promotional material to you about new products, special offers or other information which we think you may find interesting based on the profile we have created about you to the email addresses and phone numbers which you have provided.
If these are similar to products, services and bookings previously supplied by us to you, we will assume, under our legitimate interests to promote similar goods and services, that you are willing to receive this information unless you tell us otherwise. Please note that we do not want to send you information that you do not want to receive, and you can opt out at any time (please see ‘The right to ask us to stop contacting you with direct marketing’ below for further information).
We will always ask your permission before sending you email marketing information. We do this by asking for your positive confirmation (e.g. by providing a tick or inserting your contact details in the relevant boxes) indicating that you wish to receive marketing and you can opt out at any time (please see ‘The right to ask us to stop contacting you with direct marketing’ below for further information). This ensures you only receive information that you have given us permission to send and are willing to receive.
We may use your information to create a profile about you in order to tailor, by automated means, our communication and marketing to you. You can object to such profiling, please see ‘The right to object to automated decision making / profiling’ below).
From time to time, we may also use your information to contact you for research purposes and / or to ask about your experience using our hotels and services as part of a continual programme of customer service improvement. We may contact you by email, telephone, text, social media and / or mail. We may also use the information to customise the website according to your interests.
How long we will keep your personal information
We retain your information for a range of purposes which determine the period of time for which we need to keep such information. For example (list is not exclusive):
Recorded telephone conversations
7 days from the day of call received
For the purposes of marketing
3 years from the point of last contact with you, this may include use of our websites, stays in our hotels or responses to communications with you
For compliance with legal obligations arising from contracts entered into with you, for example tax regulations
7 years from date of last transaction
We will remove your data from our systems at the end of the applicable data retention periods, unless we are required by current or future law to retain your personal information for a longer period.
Our approach to information security
To protect your information, Bodmin Jail Hotel Ltd has policies and procedures in place to make sure that only authorized personnel can access the information, that information is handled and stored in a secure and sensible manner and all systems that can access the information have proportionate and reasonable security measures in place. To achieve this, employees, contractors, sub-contractors and third-party suppliers have contracts, with defined roles and responsibilities.
While we take commercially reasonable measures to ensure the safety and security of your data, due to the inherent risks with the Internet, we are unable to warranty the absolute security of your data when using our services.
Transfers of your information out of the EEA
We may from time to time need to transfer your personal information to support partners which are located outside the European Economic Area, for the purpose of ensuring our websites are operating correctly or in relation to third parties to whom we share your data. Any transfer of your data will be subject to adequate levels of protection that will safeguard your privacy rights and give you remedies in the unlikely event of a security breach.
In order to process any of the requests listed below, we may need to verify your identity for your security. In such cases your response will be necessary for you to exercise this right.
The right to access information we hold about you
At any point you can contact us to request details concerning the information we hold about you, why we have that information, who has access to the information and where we got the information. In most cases you may be entitled to copies of the information we hold concerning you. Once we have received your request we will respond within 30 days.
The right to correct and update the information we hold about you
If the data we hold about you is out of date, incomplete or incorrect, you can inform us and we will ensure that it is updated.
The right to have your information erased
If you feel that we should no longer be using your data or that we are illegally using your data, you can request that we erase the data we hold. When we receive your request, we will confirm whether the data has been deleted or tell you the reason why it cannot be deleted.
The right to object to processing of your data
You have the right to request that Bodmin Jail Museum Ltd stops processing your data. Upon receiving the request, we will contact you to tell you if we are able to comply or if we have legitimate grounds to continue. If data is no longer processed, we may continue to hold your data to comply with your other rights.
The right to ask us to stop contacting you with direct marketing
You have the right to request that we stop contacting you with direct marketing. On promotional emails we provide an ‘unsubscribe’ link at the bottom of the email which will unsubscribe you from that service. If you wish to opt out with respect to more than one email address, you must complete a separate request for each email address.
Please note it is not possible to ‘opt-out’ of receiving communication from us which relates to your bookings or customer satisfaction surveys sent as part of the booking (which are not considered marketing for these purposes). This ensures that we can always contact you as a result of circumstances that may affect your stay with us and in order for us to improve our services going forward.
The right to data portability
You have the right to request that we transfer your data to another controller. Once we have received your request, we will comply where it is feasible to do so.
The right to object to automated decision making / profiling
You have the right to request that we stop profiling you in relation to our direct marketing practice. You can inform us and we will deal with your request accordingly.
The right to complain
You can make a complaint to us by contacting us via firstname.lastname@example.org or to the data protection supervisory authority – in the UK, this is the Information Commissioner’s Office, at https://ico.org.uk/.
Sharing your information
The information and data we collect is important for Bodmin Jail Museum Ltd and we understand that you care about the use and storage of your personal information we value your trust in allowing us to do this. We would not want to share this with anyone else unless we have your express consent, we will never disclose, rent, trade or sell your personal information to any third parties for their marketing purposes.
We may also provide aggregate statistics about our customers, sales, traffic patterns and related site information to reputable third parties in order to better understand our services, website and overall customer satisfaction which may include personally identifying information.
If you have any queries about this policy, need further information or wish to lodge a complaint you can use the details below to contact us.
Data Protection Officer
Bodmin Jail Museum Ltd
We may change this policy from time to time. You should check this policy occasionally to ensure that you are aware of the most recent version that will apply each time you access the website.