Introduction and terms

Hillfield Village (“We “or “us”), a trading name of Yellow Bridge Developments LLP, are committed to protecting and respecting your personal data and privacy. This privacy and cookie policy relates to our use of any personal data we collect from you from any of our services. Whenever you provide such information, we are legally obliged to use your information in line with all applicable laws concerning the protection of personal data; including the Data Protection Act 1998 (DPA) and The General Data Protection Regulation 2016 (GDPR) together, and with other subsequent laws “Data Protection Laws”.

Who we are and how to contact us

For the purpose of the Data Protection Laws, the data controller is Hillfield Village and Yellow Bridge Developments LLP. If you want to request more information about our privacy policy or information regarding data protection you should contact us using the details provided below:

FAO: Privacy Officer

Hillfield Village

Email:              reception@hillfieldvillage.com

Your rights

Under the GDPR your rights are:

The data we collect about you

We process Personal data. Personal data we process may include name, address and email address. It also may include IP address and cookies (Website). Our collection methods are:

How your data will be used

We work closely with our holiday booking agency, Coast & Country Cottages (South West) Limited who only provide information to us as part of a Data Sharing Contract in order for us to provide you with the property you have booked and associated services.

In addition we will:

We also embrace the use of social media and may wish to process any comments made public by you.

Legitimate interest & marketing

Where we use Legitimate Interests we will record our decision and our method on making this decision. This can be requested by you at any time.

If you are an existing contact or customer we will only contact you by postal and electronic means (e-mail) with information about services or goods which you have previously purchased from us or enquired about. If you are a new customer, and where we permit selected third parties to use your data, we (or they) will contact you by post or electronic means only if you have consented to this. You can choose to not receive these types of communication by contacting us.

If you are required to provide medical information for the purposes of assessing a cancellation claim under the terms and conditions of booking, this sensitive personal data will only be processed with your explicit freely given, specific, informed and unambiguous consent.

Third parties

We will keep your information within the ‘organisation’ except where disclosure is required or permitted by law or when we use third party service providers (data processors) to supply and support our services to you. We have contracts in place with our data processors. This means that they cannot do anything with your personal data unless we have instructed them to do so. They will not share your personal data with any organisation apart from us. They will hold it securely and retain it for the period we instruct.

Please see below the list of services where we use third party data processors which sets out the categories of recipients of personal data.

SERVICE PROVIDED

IT Provider – Cloud Service – IT Support

Email Provider

Secure document disposal service

HR systems provider

Storage Facility

Accountants

Data retention

Our data retention policy is dictated by the Data Protection Laws and is available for inspection by submitting a written request using the contact details provided in this policy.

Data deletion

Under GDPR you have the right to erasure under specific circumstances. A request for your personal data to be deleted will be decided on a case by case basis and must be submitted in writing to the contact details provided in this policy.

Data correction

We will correct or update your data without delay provided you make the request in writing to the contact details provided in this policy, clearly specifying which data is incorrect or out of date.

Data inspection

We strive to be as open as we can be in terms of giving people access to their personal data. Individuals can find out if we hold any of their personal data by making a formal request under the Data Protection Laws. Such requests must be in writing to the contact details provided in this policy. If we do hold your personal data we will respond in writing within one calendar month of your request (where that request was submitted in accordance with this policy).

The information we supply will:

Please note that you may need to provide identification in order to prove who you are to access your data.

If you agree, we will try to deal with your request informally, for example by providing you with the specific information you need over the telephone.

In the instance that we do not hold information about you we will also confirm this in writing at the earliest opportunity.

Changes

We keep our privacy notice under regular review and you should check back regularly to ensure you are aware of changes to it. We may display this notice to you from time to time to help ensure you are aware of its contents.

Complaints

You have the right to complain about the processing of your personal data. Please contact us using the details provided above. If you are still unsatisfied you have the right to complain to the Information Commissioners Office.