Lyaness respects your privacy and understands that protecting your personal data is paramount. We want you to be informed and empowered with respect to your privacy when you use our services.
For the purposes of data protection laws, Lyaness of 20 Upper Ground, South Bank, London SE19PD, UK is the controller of your personal data.
For any questions or concerns regarding this Privacy Statement or our data privacy practices, please contact us:
By email: [email protected]
Sea Containers Hotel Ltd
Attn: Privacy Office
20 Upper Ground, South Bank, London SE19PD, UK By phone: + 44 (0) 20 3747 1000
Who we are
Data Collected – What Information Do We Use and For What Purpose
Lyaness collects personal identifiable information in order to respond to the needs of guests and visitors of the bar. The majority of this information will be provided directly by you as the consumer in order to make reservations. Occasionally, in certain circumstances, data may be collected indirectly (such as when guests provide information on behalf of others). The types of information that we collect may include but are not limited to the following:
- Contact information: name, address, email address, telephone number,
- Payment information, including credit card number, expiry date and card holder’s name,
- Information contained in customer loyalty records, accounts, complaints, feedback,
- Any preferences related to the services we provide which are necessary to fulfil your requests such as room preferences, gender, lifestyle information, communication preferences, and any other information that you voluntarily provide.
- Personal data concerning use of and interaction with the website is collected via cookies employed on the site. Additional information on these cookies can be found in the Cookies Policy.
- When you use Sea Containers Hotel Ltd Wi-Fi, we may collect data about:
- The MAC address of your device;
- The volume of data which you use;
- Your usage by access time, duration and frequency;
- Name and room number.
We do not actively seek any sensitive personal data about you. Sensitive data refers to data that includes details about your race or ethnicity, religious or philosophical beliefs, sexual orientation, political opinions, trade union membership, information about your health and genetic and biometric data. We do not collect any information about criminal convictions and offences. Through our normal course of business, sensitive data may be provided through free text forms on the website through special requests and feedback.
Where we are required to collect data by law, or under the terms of the contract between us and you do not provide us with that data when requested, we may not be able to perform the contract (for example, to deliver goods or services to you). If you don’t provide us with the requested data, we may have to cancel a product or service you have ordered but if we do, we will notify you at the time.
Lyaness does not ask for personal identifiable information unless we need it, intend to use it, or when you voluntarily provide it. The primary purpose of collecting information is:
- Providing services, such as making a reservation, fulfilling a request for information, or completing a product/service order.
- Credit card / payment information is collected for processing payment for services provided. If any fraud checks take place, personal data will be used for these purposes.
Please note, credit card processing is managed by a third party PCI compliant service. (3C) for Pay by Link which we directly manage.
- Where you have consented to receive marketing materials, personal data will be used for marketing purposes such as communicating special offers, promotions or hotel news.
- Performing market research to improve the effectiveness of hotel services, websites and communications.
You can always opt-out from any communications by using the corresponding link at the bottom of our emails, or by contacting us directly via: [email protected]. You have the choice not to provide certain personal identifiable information. Doing this, however, may affect the services we deliver.
Legal Basis for Data Collection
We use the highest standard of care in our data collection processes and utilize the information for lawful purposes. The lawful bases we rely on for data collection and use include:
- Performance of a contract with the data subject – much of the personal data collected by Lyaness is necessary in order to provide the requested services or to receive payment.
- Legitimate Interests – Where it is necessary for our legitimate interests (or those of a third party) and your interests and fundamental rights do not override those interests. We rely on legitimate interests for conducting key marketing research and business analysis; however, we take into account risks of utilizing data and take steps to mitigate that risk.
- Consent – we utilize consent in order to properly allow guests to opt in and out of our loyalty program and for marketing distribution purposes and communication.
- Legal obligations – There may be circumstances in which we have a legal obligation to disclose information to authorities and/or third parties. At times, we may have an obligation above and beyond the GDPR, to control your data and share it with the police or relevant regulatory, government or legal enforcement bodies. These circumstances may include:
- CCTV recording for the protection and wellbeing of our customers and employees
- Personal Identification document checking for employment purposes o Transaction information for financial auditing purposes
- Prevention of fraudulent activity in our premises or within our systems
All of our websites have security measures in place to protect your personal identifiable information against unauthorized access, disclosure or alternation while under the control of Sea Containers Hotel. We safeguard your data through administrative protocols and security procedures. In addition, all our websites have a firewall in place to protect personal data from accidental unauthorized access.
While we take data protection and privacy seriously, we cannot guarantee that all information provided over the internet is secure, so please use caution when sending personal information. Please do not include any credit card information in your electronic communication unless it is required or requested by us in order to complete a reservation process.
Sharing Data with Our Partners
Sea Containers Hotel Ltd is not in the business of selling anyone’s data to third parties. We do however have partnerships that need certain information in order to deliver on our service promise and fulfil your requests. These service providers are prohibited from using your personal information for any purpose other than to help us deliver service and send and receive communications relating to our products and services.
This website may include links to third-party websites, plug-ins and applications. Clicking on those links or enabling those connections may allow third parties to collect or share data about you. We do not control these third-party websites and are not responsible for their privacy policies and statements. When you leave our website, we encourage you to read the privacy notice of every website you visit.
Sea Containers Hotel Ltd does not provide personal identifiable information to third parties for direct marketing purposes unless you have given your explicit consent to do so, such as opting-in for updates about promotions and offers. It is our intention to only send communications that are useful to you and that you want to receive.
Sea Containers Hotel Ltd will need to provide your personal data to third parties if it is obliged to do so on account of national or international laws or if we consider it necessary to do so in defense of our own rights. We work with the following parties and have referenced below links to their sites, where privacy statements can be reviewed.
Preferred Hotels & Resorts https://preferredhotels.com/policies – Hotel Affiliation
Sabre SynXis https://www.sabre.com/about/privacy/
TravelClick https://www.travelclick.com/privacy-policy.html – Online Marketing
In order to register consent to receive marketing related mails, TravelClick will capture IP addresses and User Agent Strings on behalf of Sea Containers Hotel. Aside from the above-mentioned partners, in some circumstances we may anonymize your personal data (so that it can no longer be associated with you) for research or statistical purposes in which case we may use this information without further notice to you.
Countries outside of the European Economic Area (EEA) do not always offer the same levels of protection to your personal data, so European law has prohibited transfers of personal data outside of the EEA unless the transfer meets certain criteria.
Many of our third parties service providers are based outside the European Economic Area (EEA) so their processing of your personal data will involve a transfer of data outside the EEA.
Whenever we transfer your personal data out of the EEA, we do our best to ensure a similar degree of security of data by ensuring at least one of the following safeguards is implemented:
- We will only transfer your personal data to countries that have been deemed to provide an adequate level of protection for personal data by the European Commission; or
- Where we use certain service providers, we may use specific contracts or codes of conduct or certification mechanisms approved by the European Commission which give personal data the same protection it has in Europe; or
- Where we use providers based in the United States, we may transfer data to them if they are part of the EU-US Privacy Shield which requires them to provide similar protection to personal data shared between the Europe and the US.
If none of the above safeguards is available, we may request your explicit consent to the specific transfer. You will have the right to withdraw this consent at any time.
Please email us at [email protected] if you want further information on the specific mechanism used by us when transferring your personal data out of the EEA.
We will only retain your personal data for as long as necessary. We would remove data if the customer decides to opt out of being sent marketing materials.
To determine the appropriate retention period for personal data, we consider the amount, nature, and sensitivity of the personal data, the potential risk of harm from unauthorized use or disclosure of your personal data, the purposes for which we process your personal data and whether we can achieve those purposes through other means, and the applicable legal requirements.
By law we must keep basic information about our customers (including Contact, Identity, Financial and Transaction Data) for six years after they cease being customers for tax purposes.
Your Privacy Rights
By law, you have a number of rights when it comes to your personal data. We have set these rights out below, and if you need any further information or wish to exercise any of these rights, please contact us at [email protected].
Alternatively, further information and advice about your rights can be obtained from the Information Commissioner at Wycliffe House, Water Lane, Wilmslow, Cheshire SK9 5AF. Tel: 0303 123 1113 or on its website at www.ico.gov.uk.
- The right to be informed You have the right to be provided with clear, transparent and easily understandable information about how we use your information and your rights. This is why we’re providing you with the information in this Privacy Notice.
- The right of access You have the right to obtain access to your information (if we’re processing it), and certain other information (similar to that provided in this Privacy Notice). This is so you’re aware and can check that we’re using your information in accordance with data protection law.
- The right to rectification You are entitled to have your information corrected if it’s inaccurate or incomplete.
- The right to erasure This is also known as ‘the right to be forgotten’ and, in simple terms, enables you to request the deletion or removal of your information where there’s no compelling reason for us to keep using it. This is not a general right to erasure; there are exceptions and we make decision whether to erase data on a case by case basis when we receive a request to exercise this right.
- The right to restrict processing You have rights to ‘block’ or suppress further use of your information. When processing is restricted, we can still store your information, but may not use it further. We keep lists of people who have asked for further use of their information to be ‘blocked’ to make sure the restriction is respected in future.
- The right to data portability You may have the right to obtain information you have provided to us in a structured, commonly used and machine readable format.
- The right to lodge a complaint You have the right to lodge a complaint about the way we handle or process your personal data with your national data protection regulator, in particular in the country where you live, work or where an alleged infringement of data protection law occurred.
- The right to withdraw consent If you have given your consent to anything we do with your personal data, you have the right to withdraw your consent at any time (although if you do so, it does not mean that anything we have done with your personal data with your consent up to that point is unlawful).
- The right to object to processing You have the right to object to any processing which is carried out because of our legitimate interests.
If we can show compelling legitimate grounds for processing your personal information which override your interests, rights and freedoms, or we need your personal information to establish, exercise or defend legal claims, we can continue to process it.
You have the lawful right under the GDPR to access any personal information about you that is held by Sea Containers Hotel. To obtain a copy of this information, please email us via: [email protected]. You also have the right to be forgotten and if you wish to exercise this right, please let us know and we will erase your personal data from our systems. We will respond to your request within a month. You also have the option to opt-out (unsubscribe) from our promotional mailings every time you receive one.
You will not have to pay a fee to access your personal data (or to exercise any of the other rights). However, we may charge a reasonable fee if your request is clearly unfounded, repetitive or excessive. Alternatively, we may refuse to comply with your request in these circumstances.
We may need to request specific information from you to help us confirm your identity and ensure your right to access your personal data (or to exercise any of your other rights). This is a security measure to ensure that personal data is not disclosed to any person who has no right to receive it. We may also contact you to ask you for further information in relation to your request to speed up our response.
We do not seek to collect personal information from minors. However, we cannot always determine the age of users of our websites. If a minor provides us with personal identifiable information without a parent’s consent, we request the parent to contact us directly to have the information erased from our database.
Updated: January 14, 2019
We will ask you to identify yourself by showing us your passport or identity card in order to make sure we can verify your identity in relation to the hotel transaction.
Cookies are encrypted text files that are sent to your browser and stored on your computer. This technique assigns your computer with a unique identifier and helps us recognize you whenever you return to our websites.
You may configure your browser to treat cookies differently or block them completely if you so choose. However, doing so may adversely affect your ability to perform certain transactions and access certain information on our website.
Cookies can be first party or third-party cookies.
First party cookies are cookies that are located on our website. Third party cookies are cookies placed on your computer through a website but by third parties, such as Google.
We use the following types of cookies:
- Payments Engine
- Identity Service
• Google Analytics: We use Google Analytics to understand how visitors use our site. Google, Inc. (“Google”) will use this information on our behalf to evaluate your use of the site, understand site activity and similar data relating to consumer use. To learn how Google uses data, visit https:// policies.google.com/privacy/partners?hl=en-GB&gl=uk. Learn more on the individual cookies and their expiration at: https://developers.google.com/ analytics/devguides/collection/analyticsjs/cookie-usage. To opt out of Google Analytics, you can download and install the Google Analytics Opt- out Browser Add-on for your current web browser at the following link: https://tools.google.com/dlpage/gaoptout?hl=en
Functionality; Persistent: we use persistent cookies to retain user preferences, settings and information for future visits. Persistent cookies provide convenient and rapid access to familiar objects, to enhance your experience. You can block or delete cookies by changing your browser settings.
• YouTube: Some of our websites embed videos or include links from YouTube. When visiting any of our pages with content from YouTube these cookies may be presented. Expiration of these cookies depends on the cookies used (generally, between 6 months – 2 years). Learn more here: https://policies.google.com/technologies/types
• Open Table: We use OpenTable to give you the ability to make bookings online at our restaurants. The cookies from OpenTable allow us to provide this functionality. Learn more here https://www.opentable.com/legal/privacy- policy
• Instagram: Opt Out: You can block or delete cookies by changing the browser settings as explained under the “Your Choices” section below. The providers listed below also offer direct opt-out functionalities:
Session Cookies: We use session cookies to help our site remember what you have selected on previous pages, avoiding the need to re-enter information. These cookies are temporary and expire when the browser is closed. Session cookies include:
• Identity Session
Your Cookie Options: Please note that if you limit the ability of websites to set cookies, you may be unable to access certain parts of the site and you may not be able to benefit from the full functionality of the site. Most browsers accept cookies automatically, but you can alter the settings of your browser to erase cookies or prevent automatic acceptance. Most advertising networks offer you a way to opt out of targeted advertising. If you would like to find out more information, please visit http://www.aboutads.info/choices/ or http://www.youronlinechoices.com.
If you have any questions or concerns, please contact us at [email protected].