The business of Pinecroft Lodges changed ownership as of 10/12/19. Therefore, we ask that you read this website privacy policy carefully as it contains important revised information on who we are, how and why we collect, store, use and share personal information, your rights in relation to your personal information and on how to contact us and supervisory authorities in the event you have a complaint. 

This privacy policy is divided into the following sections: 

• Who we are 
• Our collection and use of your personal information 
• Transfer of your information out of the EEA 
• Cookies and similar technologies 
• Marketing 
• Your rights 
• Keeping your personal information secure 
• How to complain 
• Changes to this website privacy policy 
• How to contact us 
• Do you need extra help? 

1. Who we are

Pinecroft Lodges Ltd offer lodges as holiday accommodation on a single site in Ingleton, North Yorkshire for groups, individuals or families looking to holiday in the Yorkshire Dales. This website is hosted by Creative Theory Limited on our behalf.   

We collect, use and are responsible for certain personal information about you. When we do so we are regulated under the General Data Protection Regulation (EU) 2016/679 (GDPR) which applies across the European Union and in the United Kingdom, and the Data Protection Act 2018 (DPA) which applies in the UK and we are responsible as ‘controller’ of that personal information for the purposes of those laws. 

2. Our collection and use of your personal information 

We collect personal information about you when you access our website, register with us, contact us via the website or by phone, send us feedback, request information including our newsletter from us online or by phone, and complete customer surveys or participate in competitions via our website.  

We collect this personal information from you either directly, such as when you register with us or contact us via our website, or indirectly, such as your browsing activity while on our website (see ‘Cookies’ below). We also collect this information when you make a booking by telephone, in person or by post. 

The personal information we collect about you includes: 

• Your name, address and contact details, including email address 
• Bank account and payment details 
• Details of any feedback you give us by phone, email, post, or via social media 

We use this personal information to: 

• create, process and manage your booking 
• verify your identity 
• customise our website and its content to your particular preferences 
• notify you of any changes to our website or to our services that may affect you 
• provide you with details of future promotions, competitions, offers or marketing initiatives including newsletters and brochures provided that we shall not send your personal information to any third parties 

This website is not intended for use by children and we do not knowingly collect or use personal information relating to children. 

3. Our legal basis for processing your personal information 

When we use your personal information we are required to have a legal basis for doing so. There are various different legal bases on which we may rely, depending on what personal information we process and why. 

The legal bases we may rely on include: 

• consent: where you have given us clear consent for us to process your personal information for a specific purpose; 

• contract: where our use of your personal information is necessary for a contract we have with you, or because you have asked us to take specific steps before entering into a contract; 
• legal obligation: where our use of your personal information is necessary for us to comply with the law (not including contractual obligations); 
• legitimate interests: where our use of your personal information is necessary for our legitimate interests or the legitimate interests of a third party (unless there is a good reason to protect your personal information which overrides our legitimate interests

4. Further information—the personal information we collect, when and how we use it 

For further details on when we collect personal information, what we collect as well as how we use it, please read the following sections: 

When information is collected	What information we ask for	How and why we use your information
When you contact us through the website, by telephone or by email	Contact details (your name, postal and  email addresses, and phone number)	We ask for this:   to administer current/ future bookings  to support the preparation of accounts or to support tax returns or any enquiries from tax authorities  to provide you with any relevant promotions or marketing material including  newsletters  We rely on the GDPR and DPA as the lawful basis for collecting and using your personal information. We will keep this information  for a period of 5 years in order to respond to any enquiries from HMRC.
When you make a payment by Credit / Debit Card to us	Surname, address, 16 digit card number, card expiry date, card security code	To administer current/future bookings  to support the preparation of accounts or to support tax returns or any enquiries from tax authorities

5. Who we share your personal information with 

Our website hosting provider, Creative Theory Limited who hosts our website has access to your personal data solely for the purpose of operating and hosting the website. We also share your contact details and bank account/payment details with our bank and payment processing provider, in this instance Barclaycard. We also share your contact details with our email marketing platform, Sendinblue, with the express purpose of aiding us in contacting you with digital marketing material and promotions. Our customer booking database is hosted by Gemapark, an operating name of Netguides Ltd. We share your information with them solely for the purpose of managing the customer booking and lodge availability processes.

If you wish to know any further details regarding our suppliers and/or bank then these can be provided to you on request.

This data sharing allows us to process payment for the goods and services that you purchase, and allows us to distribute digital marketing materials such as email newsletters. 

Some of those third party recipients may be based outside the European Economic Area — for further information including on how we safeguard your personal data when this occurs, see ‘Transfer of your information out of the EEA’. 

We will share personal information with law enforcement or other authorities if required by applicable law. 

We reserve the right to share your personal data in connection with, or during negotiations of, any merger, sale of business assets, financing or acquisition of all or a portion of our business by another company, or any change of management of the website where the services are provided, where we have legitimate business interests to do so.  

We will not share your personal information with any other third party.

6. Cookies and other tracking technologies 

A cookie is a small text file which is placed onto your device (eg computer, smartphone or other electronic device) when you use our website. We use cookies on our website. These help us recognise you and your device, and store some information about your preferences and past actions. 

7. Marketing  

We would like to send you information about future promotion, offers, special events (including our newsletter) or competitions, which may be of interest to you. Where we have your consent or it is in our legitimate interests to do so, we may do this by post, email, telephone, or text message (SMS). 

We will ask whether you would like us to send you marketing messages if you call us. 

You can unsubscribe from marketing communications at any time by: 

—contacting us at lodges@pinecroft.co.uk,  

or by post at Pinecroft Lodges Ltd, Pinecroft, New Road, Ingleton, North Yorkshire, LA6 3DP 

—using the ‘unsubscribe’ link in emails  

For more information on your rights in relation to marketing, see ‘Your rights’ below. 

8. Your rights 

Under the GDPR you have a number of important rights free of charge. In summary, those include rights to: 

• Fair processing of information and transparency over how we use your personal information 
• access to your personal information and to certain other supplementary information that this Privacy Notice is already designed to address; 
• require us to correct any mistakes in your information which we hold; 
• require the erasure of personal information concerning you in certain situations; 
• receive the personal information concerning you which you have provided to us, in a structured, commonly used and machine-readable format and have the right to transmit those data to a third party in certain situations; 
• object at any time to processing of personal information concerning you for direct marketing; 
• object to decisions being taken by automated means which produce legal effects concerning you or similarly significantly affect you; 
• object in certain other situations to our continued processing of your personal information; 
• otherwise restrict our processing of your personal information in certain circumstances; 

For further information on each of those rights, including the circumstances in which they apply, see the Guidance from the UK Information Commissioner’s Office (ICO) on individual’s rights under the GDPR (ico.org.uk/for-organisations/guide-to-data-protection/guide-to-the-general-data-protection-regulation-gdpr/individual-rights). 

If you would like to exercise any of those rights, please email, or write to us at the below addresses: 

Lodges@pinecroft.co.uk 

Pinecroft Lodges Ltd, Pinecroft, New Road, Ingleton, North Yorkshire, LA6 3DP 

9. Keeping your personal information secure 

We have appropriate security measures in place to prevent personal information from being accidentally lost, or used or accessed in an unauthorised way. We limit access to your personal information to those who have a genuine business need to know it. Those processing your information will do so only in an authorised manner and are subject to a duty of confidentiality. 

We also have procedures in place to deal with any suspected data security breach. We will notify you and any applicable regulator of a suspected data security breach where we are legally required to do so. 

If you would like detailed information from Get Safe Online on how to protect your information and your computers and devices against fraud, identity theft, viruses and many other online problems, please visit www.getsafeonline.org. Get Safe Online is supported by HM Government and leading businesses. 

10. How to complain 

We hope that we can resolve any query or concern you raise about our use of your information. 

The GDPR also gives you the right to lodge a complaint with a supervisory authority, in particular in the European Union (or European Economic Area) state where you work, normally live or where any alleged infringement of data protection laws occurred. The supervisory authority in the UK is the Information Commissioner who may be contacted at www.ico.org.uk/concerns or telephone: 0303 123 1113. 

11. Changes to this website privacy policy 

This website privacy policy was published on 13/12/19 and last updated on 30/04/20.  We may change this website privacy policy at any time, therefore please check this privacy policy from time to time. 

12. How to contact us 

Please contact us if you have any questions about this privacy notice or the information we hold about you. 

If you wish to contact please send an email to lodges@pinecroft.co.uk, or call 01524 241462. 

 13. Do you need extra help? 

If you would like this website privacy policy in another format (for example: audio, large print, braille) please contact us (see ‘How to contact us’ above).