Legal

Privacy Notice and Cookies Policy

Carden Park Hotel Ltd

Privacy Notice and Cookies Policy

1. Introduction
   1. Carden Park Hotel Ltd are committed to safeguarding the privacy of our clients, website visitors and staff; in this policy we explain how we will treat your personal information.
   2. We will ask you to consent to our use of cookies in accordance with the terms of this policy when you first visit our website.

2. Who are we
   1. Carden Park Hotel are registered in England and Wales under registration number 5936631 and our registered office is at Bridgemere House, Chester Road, Preston Brook, Cheshire WA7 3BD
   2. We are registered as a data controller with the UK Information Commissioner’s Office and our data protection registration number is ZA207289
   3. You can contact us by using our website contact form, by email to [email protected] or by telephone on 01829 731010. Our website is owned and operated by Carden Park Hotel Ltd.

3. What personal information we collect
   We may collect, store and use the following kinds of personal information:
   a. information that you provide to us when using our services, or that is generated in the course of the use of those services
   b. information relating to any purchases you make of our services
   c. information contained in or relating to any communications that you send to us or send through our website (including the communication content and meta data associated with the communication)
   d. information about your computer and about your visits to and use of this website
   e. any other personal information that you choose to provide to us
   f. information about staff employed by Carden Park Hotel Ltd to manage their employment

g. Name, Address and contact information for anyone entering our premises in line with government ‘Track and Trace’ regulations.

4. How we use your personal information
   1. We may use your personal information to:
      a. send statements, invoices and payment reminders to you, and collect payments from you
      b. send you non-marketing commercial communications
      c. send you email notifications that you have specifically requested
      d. send you marketing communications relating to our business which we think may be of interest to you, by post or, where you have specifically agreed to this, by email or similar technology (you can inform us at any time if you no longer require marketing communications)
      e. deal with enquiries and complaints made by or about you relating to our websiteor any other service provided to you by Carden Park Hotel Ltd
      f. to support your rights under Data Protection law in relation to our use of your personal information (see section 9 below)
      g. manage your employment (where you are a member of staff employed by Carden Park Hotel Ltd or working with Carden Park Hotel Ltd)
      h. administer our website and business including:
      i. personalising our website for you
      ii. enabling your use of the services available on our website
      iii. keeping our website secure and preventing fraud

i.‘Track and Trace’ information will be passed to UK Government if requested as per regulations.

2. Personal information submitted to us through our website will be used for the purposes specified in this policy or on the relevant pages of the website.
3. We will not, without your express consent, supply your personal information to any third party for the purpose of their or any other third party’s direct marketing.
4. The personal data we hold about you will only be used in line with the purposes detailed above and the legal basis for this will be either for the administration of a contract we have in place with you or in line with the legitimate interests of our business (ensuring that this does not impact on your rights or freedoms in relation to privacy) or disclosed as required by law (as detailed in section 5).
5. Carden Park Hotel Ltd have no reason to process sensitive information (special categories or criminal convictions data) unless a staff member.

5. Disclosing personal information
   1. We may disclose your personal information to any of our employees, officers, insurers, professional advisers, agents, suppliers or subcontractors insofar as reasonably necessary for the purposes set out in this policy.
   2. We may disclose your personal information with, Payment Processors for secure credit card payment transactions, Hosting services, Booking engine, Email service providers to send emails pertaining to your booking. Such providers may send emails of a marketing nature if you have agreed to receive such communications.
   3. We require all Third parties to respect the security of your personal data and to treat it in accordance with the law
   4. We may disclose your personal information:
      a. to the extent that we are required to do so by law
      b. in connection with any ongoing or prospective legal proceedings
      c. in order to establish, exercise or defend our legal rights (including providing information to others for the purposes of fraud prevention and reducing credit risk)
      d. to any person who we reasonably believe may apply to a court or other competent authority for disclosure of that personal information where, in our reasonable opinion, such court or authority would be reasonably likely to order disclosure of that personal information
   5. Except as provided in this policy, we will not provide your personal information to third parties

6. International data transfers
   1. Information that we collect will only be stored and processed within the UK and is protected by UK Data Protection laws.

7. Retaining personal information
   1. This section sets out our data retention policies and procedure, which are designed to help ensure that we comply with our legal obligations in relation to the retention and deletion of personal information.
   2. Personal information that we process for any purpose or purposes shall not be kept for longer than is necessary for that purpose or those purposes.
   3. Notwithstanding the other provisions of this section, we will retain documents (including electronic documents) containing personal data:
      a. to the extent that we are required to do so by law
      b. if we believe that the documents may be relevant to any ongoing or prospective legal proceedings
      c. in order to establish, exercise or defend our legal rights (including providing information to others for the purposes of fraud prevention and reducing credit risk)
      d. to support the ongoing business purposes of Carden Park Hotel Ltd as specified in section 4 (with due consideration for the rights and freedoms of individuals privacy)
   4. If you would like further details of how personal data is retained by our organisation, please contact us directly.
   5. ‘Track and Trace’ information will be kept for 21 days in line with Government regulations.

8. Security of your personal information
   1. We will take all reasonable technical and organisational precautions to prevent the loss, misuse or alteration of your personal information.
   2. We will store all the personal information you provide on our secure servers.
   3. You acknowledge that the transmission of information over the internet is inherently insecure, and we cannot guarantee the security of data sent to us over the internet.

9. Your rights
   1. You have a number of rights under the Data Protection Act including:
      a. The right to be informed about the collection and use of your personal data e.g. via this privacy notice
      b. The right to access your personal data
      c. The right to have any inaccurate personal data rectified, or completed if it is incomplete
      d. The right to have your personal data erased in certain circumstances
      e. The right to request the restriction or suppression of their personal data in certain circumstances
      f. The right to data portability – to obtain and reuse your personal data for your own purposes across different services
      g. The right to object to our use of your information in certain circumstances e.g. for marketing or profiling purposes
   2. If you would like to access your own personal information or exercise any of the rights detailed above please contact us by email to [email protected] or by telephone on 01829 731010
   3. In the majority of cases, we will respond to your request within 30 days after receiving the necessary information required to deal with your request
   4. We may ask you to supply appropriate evidence of your identity (for this purpose, we will usually accept a photocopy of your passport plus an original copy of a utility bill showing your current address) and any additional information to help us to deal with your request effectively.
   5. There may be some exemptions to dealing with your rights as specified in Data Protection law, but Carden Park Hotel Ltd will ensure you are fully informed of this within 30 days of receiving your request.
   6. We do not carry out any profiling or automated decision making based on your personal data
   7. Full information on your rights under the Data Protection Act can be found from the following link: https://ico.org.uk/for-organisations/guide-to-the-general-data-protection-regulation-gdpr/individual-rights/

10. Third party websites
    1. Our website includes hyperlinks to, and details of, third party websites.
    2. We have no control over, and are not responsible for, the privacy policies and practices of third parties.

11. Cookies
    1. Our website uses cookies. A list of the cookies used on our website can be found below:

2. A cookie is a file containing an identifier (a string of letters and numbers) that is sent by a web server to a web browser and is stored by the browser. The identifier is then sent back to the server each time the browser requests a page from the server.
3. Cookies do not typically contain any information that personally identifies a user, but personal information that we store about you may be linked to the information stored in and obtained from cookies.
4. We use both first party, session and persistent cookies on our website. First party cookies are set by the website you are visiting and they can only be read by that site. Session cookies are stored only temporarily during a browsing session and are deleted from the user’s device when the browser is closed. Persistent cookies are a type of cookie that is saved on your computer for a fixed period (usually a year or longer) and is not deleted when the browser is closed. Persistent cookies are used where we need to know who you are for more than one browsing session. For example, we use this type of cookie to store your preferences, so that they are remembered for the next visit.
5. Most browsers allow you to refuse to accept cookies; for example:
   a. in Internet Explorer (version 10) you can block cookies using the cookie handling override settings available by clicking “Tools”, “Internet Options”, “Privacy” and then “Advanced”;
   b. in Firefox (version 24) you can block all cookies by clicking “Tools”, “Options”, “Privacy”, selecting “Use custom settings for history” from the drop-down menu, and unticking “Accept cookies from sites”; and
   c. in Chrome (version 29), you can block all cookies by accessing the “Customise and control” menu, and clicking “Settings”, “Show advanced settings” and “Content settings”, and then selecting “Block sites from setting any data” under the “Cookies” heading.
6. Blocking all cookies will have a negative impact upon the usability of many websites.
7. If you block cookies, you will not be able to use all the features on our website.
8. You can delete cookies already stored on your computer; for example:
   1. in Internet Explorer (version 10), you must manually delete cookie files (you can find instructions for doing so at http://support.microsoft.com/kb/278835);
   2. in Firefox (version 24), you can delete cookies by clicking “Tools”, “Options” and “Privacy”, then selecting “Use custom settings for history”, clicking “Show Cookies”, and then clicking “Remove All Cookies”; and
   3. in Chrome (version 29), you can delete all cookies by accessing the “Customise and control” menu, and clicking “Settings”, “Show advanced settings” and “Clear browsing data”, and then selecting “Delete cookies and other site and plug-in data” before clicking “Clear browsing data”.
9. Deleting cookies will have a negative impact on the usability of many websites.

12. Amendments
    1. We may update this policy from time to time by publishing a new version on our website.
    2. You should check this page occasionally to ensure you are happy with any changes to this policy.

13. If you have a concern about how your data is being handled
    1. If you are unhappy about the use of your personal data, then please contact us directly and we will try to resolve your concern. You can also raise a concern directly with the Information Commissioner’s Office and more detail on how to do this can be found from the following link:https://ico.org.uk/concerns/

14. Further Information
    1. If you have any questions which you feel have not been answered by this Privacy Notice and Cookies Policy you can contact us by using our website contact form, by email to [email protected] or by telephone on 01829 731010

Consent to the use of cookies.

For our website to function properly we use cookies. To obtain your valid consent for the use and storage of cookies in the browser you use to access our website and to properly document this we use a consent management platform: CookieFirst. This technology is provided by Digital Data Solutions BV, Plantage Middenlaan 42a, 1018 DH, Amsterdam, The Netherlands. Website: https://cookiefirst.com referred to as CookieFirst.

When you access our website, a connection is established with CookieFirst’s server to give us the possibility to obtain valid consent from you to the use of certain cookies. CookieFirst then stores a cookie in your browser in order to be able to activate only those cookies to which you have consented and to properly document this. The data processed is stored until the predefined storage period expires or you request to delete the data. Certain mandatory legal storage periods may apply notwithstanding the aforementioned.

CookieFirst is used to obtain the legally required consent for the use of cookies. The legal basis for this is article 6(1)(c) of the General Data Protection Regulation (GDPR).

Data processing agreement

We have concluded a data processing agreement with CookieFirst. This is a contract required by data protection law, which ensures that data of our website visitors is only processed in accordance with our instructions and in compliance with the GDPR.

Server log files

Our website and CookieFirst automatically collect and store information in so-called server log files, which your browser automatically transmits to us. The following data is collected:

• Your consent status or the withdrawal of consent
• Your anonymised IP address
• Information about your Browser
• Information about your Device
• The date and time you have visited our website
• The webpage url where you saved or updated your consent preferences
• The approximate location of the user that saved their consent preference
• A universally unique identifier (UUID) of the website visitor that clicked the cookie banner

Anti-Slavery and Human Trafficking Statement

Carden Park Hotel Ltd

Carden Park Hotel is publishing this statement in compliance with Section 54 of the Modern Slavery Act 2015.

Modern Slavery is a term used to encapsulate two offences in the Modern Slavery Act 2015:

• Slavery, servitude and forced or compulsory labour
• Human trafficking

We have a responsibility to ensure that workers are not being exploited, that they are safe and that relevant employment, health and safety, human rights laws and international standards are adhered to, including freedom of movement and communications. We are committed to improving our practices to combat slavery and human trafficking.

1. Organisational Structure

The Company is a subsidiary undertaking of Bridgemere UK plc. We actively carry out business in the UK.
The company employees approximately 240 permanent employees. We provide full hotel services that include Bedrooms, Spa, Golf and Food and Beverage.

The expected turnover for this year is £24million.

2. Responsibility

The Company acknowledges its responsibility to ensure compliance with the Modern Slavery Act 2015 and will ensure transparency within the organisation and with suppliers of good and services to the organisation.
The Company recognises that slavery and human trafficking remains a hidden blight on our global society. The Company’s aim to identify our responsibility by alterting staff to the risks in our business and in our wider supply chain.

3. Our supply chain

We are committed to ensuring that there is no modern slavery or human trafficking in our supply chains or in any part of our business. We are committed to acting ethically and with integrity in all our business relationships and to implementing and enforcing effective systems and controls to ensure slavery and human trafficking is not taking place in our supply chains. The company has a dedicated procurement department who makes sure that our suppliers comply with the Act. The vast majority of suppliers are UK based.

4. Risk Monitoring and Compliance

A review of the risk of potential slavery and human trafficking has been undertaken and the business will ensure a high level of understanding of the risks of modern slavery and human trafficking within our operations and the supply chain, by providing training to the relevant members of staff as well as briefing all Directors on the subject.

4. Due diligence process for slavery and human trafficking.

As part of our initiative to identify and mitigate risk we carry out the following:

• undertakes rigorous checks on each individual including; eligibility to work, reference checking, qualifications, proof of national insurance, and bank details to ensure each person is acting in their own right.
• For the majority of our supply chain companies, our contact is a UK contact and we expect these bodies to have suitable anti-slavery and human trafficking policies and processes, where applicable. It is not practical for us to have a direct relationship and influence all levels in the supply chain.
• Encouraging the reporting of any concerns of human trafficking and protecting whistle blowers
• Having zero tolerance to slavery and human trafficking
• Continually audit and review our practices and processes

6. Review

Our Financial year runs from April to March, with the end of this Financial Year being 31st March 2025.
This statement was reviewed end of March 2024 and will be reviewed annually
Next review scheduled March 2025.

7. Board Approval

This statement has been approved by the Board of Directors of the Company.

Signed by:

Hamish Ferguson
Director

Date: 1st April 2024

Gender Paygap Report

Carden Park Hotel Ltd

I confirm the data reported is accurate 

Paul Roe – Financial Controller

https://gender-pay-gap.service.gov.uk/EmployerReport/ucnnOQa9/2023