Reopening with a few little safety changes
Here’s what you need to know about our new normal…
Our pub is owned and operated by Cirrus Inns Limited. Please click here for our contact details, our company information and details of our data protection registration.
We are committed to protecting and respecting your privacy.
About this policy
Please read the following carefully to understand our views and practices regarding your personal data and how we will treat it.
This policy is split into the following sections:
We are not responsible for any websites referred to or linked from our website; please refer to the individual websites for their privacy policies. We use Bookatable to fulfil dining reservations and Ibex to fulfil accommodation booking reservations. We are not responsible for their websites; please refer to their privacy policies and terms and conditions.
By visiting, www.thelionwinchcombe.co.uk, using our site (including signing up to our email database, or making an enquiry or booking through our site), you are accepting and consenting to the practices described in this policy.
Your data – what, how, why and who
We collect data that enables us to provide services and benefits to our guests (for example to allow for booking of rooms or tables, or to communicate with guests about matters relating to their stay) and to better understand our guests to improve these services and benefits.
We do not share any personally identifiable data with third parties without your specific consent.
We may, however, aggregate our guests’ data and provide this analysis to our group companies and our partners. For example, we may look at how many guests we have in different age brackets, their rough geographic spread, frequency of visits to our inns and pubs and rough spending habits. None of our guests will be identifiable from this data however.
We only collect and process data where we either have your consent, where it is necessary for the performance of a contract between us (e.g. fulfilment of your membership or completion of an Experience booked with us), where we need to process your data for compliance with a legal obligation, where the processing is necessary to protect the interest(s) of individuals or where we have a legitimate interest in processing the data where to do so is both necessary for us and to would not impact upon your interests or fundamental rights.
|What do we collect?||How do we collect it?||Why do we collect it?||Who do we share it with?|
Bookings (online, by telephone, by email)
Sign-up when joining our email database
To allow us to identify you and to process your booking
To allow us to personalise your emails
|Nobody, unless you consent|
Bookings (online, by telephone, by email)
Sign-up form when joining our email database
Sign-up form to use the WiFi provided by The Epicurean Club
To enable us to correspond with you about your booking (including send you a confirmation email, information about your stay and requesting feedback)
If you agree, to enable us to stay in touch with you and to send you information on the latest news, events and special offers at our inn or pub
|Nobody, unless you consent|
|Mobile telephone number||Bookings (online, by telephone, by email)||To enable us to contact you about your booking (including confirming your booking, contacting you in case of any problems)||Nobody, unless you consent|
|Residential address||Bookings (online, by telephone, by email)||
To process your deposit and any cancellation fees, breakages and further payments in accordance with our terms and conditions
To understand where guests may be travelling from in exceptional circumstances (e.g. during adverse weather to understand the likelihood of guests having to cancel)
To better understand our guests (on an aggregated basis) to help make our offering more appropriate to all our guests
Generally, nobody unless you consent
Analysis of the place of residence of our guests (on an aggregated, non-personal basis) with selected group companies and third parties
|Cookies||If you agree, when you use our website, whether on mobile or desktop||To enable us to analyse website usage||Nobody, unless you consent|
|Email and website analytics||Through emails and website usage||To understand what you are clicking on in our emails and website so that we can tailor our content to make it more relevant to you||Nobody, unless you consent|
How long do we hold your data for?
The length of time that we hold your data will depend on the type of data. We will not hold your personally identifiable data longer than is necessary and we will delete your data on request. The only exception to this is in accordance with our legal obligations and responsibilities and in fulfilment of our legitimate commercial interests (i.e. to process bookings, cancellations etc.).
Your personal data provided in relation to bookings only will be held and used by us (as set out above) for up to 6 months following completion of your last stay, at which point:
You may request the deletion of your data immediately on completion of your last stay should you wish – please contact us at firstname.lastname@example.org or by writing to us at the address below at the time to request this. We will only be able to do this once all outstanding payments have been made and to the extent that we are not required to retain any details by law or in relation to any disputes.
We will retain certain of your data as part of aggregated data sets or forming part of analysis of our guests. You will not be personally identifiable from this data.
Transfer of data outside of the European Economic Area (“EEA”)
We do not ordinarily transfer your data outside of the EEA.
The only exception to this is that our servers, or those of our website or mobile application hosts and developers, or those of those with whom we share your data, may be located outside of the EEA.
Where any such arrangements are in place, we have in place with our server, website, mobile application or third parties binding agreements in place requiring them to comply with the requirements of the GDPR and, in particular, maintain your data securely and comply with any requests that you may make in respect of it.
What rights do you have in respect of your data?
When you made a booking, signed up to our email database, or when you participate in any promotions, prize draws or update your interests, you were, or will be, asked to give your consent regarding communications from us, data sharing with third parties and how your data is processed.
You may request a copy of the personal information we hold about you and to have any inaccuracies corrected or have the records deleted at any time by contacting us at email@example.com or writing to us at the address below.
We only charge for any such requests if we reasonably believe a request to be manifestly unfounded or excessive, including if it is repetitive or requests are made for further copies of the same information. Any fee will be based on the administrative cost of providing the information. Please send requests to firstname.lastname@example.org.
We understand that, despite our best efforts, sometimes our initial efforts may not be entirely satisfactory. If this happens, we would hope that this is merely a technical issue or an administrative oversight (we are only human). If this is the case, we want to correct this and ensure that you are entirely satisfied.
Please therefore let us know as soon as possible using the contact details below and we will use our best efforts to remedy any issues as soon as possible.
If you do not feel that we have been able to rectify any problems to your reasonable satisfaction following an initial conversation with us, please let us know and we will elevate any problems to our senior management team.
If you still remain unsatisfied with how we have handled this, you have the right to complain to the Information Commissioner’s Office. Please see www.ico.org.uk for further details.
Who we are
Cirrus Inns Limited, a company registered in England with company number 07680497. Our registered office is at 81 Mallinson Road, London SW11 1BW.
You can contact us:
For the purpose of the Data Protection Act 1998 and the General Data Protection Regulation, the data controller is Cirrus Inns Limited.
Cirrus Inns Limited is registered as a data controller with the Information Commissioner’s Office with registration number ZA153066. Details of our notification to the data protection regulator may be found in the Information Commissioner’s Office Public Register of Data Controllers at www.ico.gov.uk.
Other important terms