Urban Hotels UK LLP - trading as and for this notice referred to as The Zetter Group
This privacy notice sets out how The Zetter Group collects, stores, uses and protects any information that you provide to The Zetter Group.
By registering with us you are consenting to The Zetter Group processing your personal data in accordance with this notice.
The Zetter Group will review and update this policy as and when required, therefore you should always check back to this notice to ensure that you are aware of any changes.
Collection of data
The Zetter Group collects information about you in the following ways:
A cookie is a small file which is placed on your computer/device when you access a website. Cookies allow a website to recognise your computer / device.
Session Cookies – these expire at the end of your browsing session.
Persistent Cookies – these reside on your computer device for a longer period of time.
In general, cookies help us provide you with a better website, by enabling us to monitor which pages you find useful and which you do not. A cookie in no way gives us access to your computer or any information about you, other than the data you choose to share with us. You can choose to accept or decline cookies. Most web browsers automatically accept cookies, but you can usually modify your browser setting to decline cookies if you prefer. This, however, may prevent you from taking full advantage of the website.
Links to other websites
Our website may contain links to the websites of our partners, regulators, affiliates or third party organisations. When using these links please be aware that you will leave our site and that we do not have any control over that other website. Therefore, we cannot be responsible for the protection and privacy of any information which you provide whilst visiting other sites and as such, these sites are not governed by this privacy statement.
We recommend that you exercise caution and look at the privacy statement applicable to the website in question before submitting any personal information.
What type of information we collect
Website: The personal information we collect might include your name, address, email address, ip address and information regarding what pages are accessed during browsing sessions. See also the section on cookies above.
Hotel Guests: Personal information including your name and address, email address, phone numbers, personal preferences as well as details including gender, location, purchase history and other demographic information. Note: Credit/debit card information is not retained beyond your stay at the hotel.
Suppliers/contractors: Relevant contact information name, address, email address, phone numbers in order to carry out legitimate business.
Job Applicants: All personal details submitted.
How we use information submitted
Our employees may access information about you to maintain our records, or to help improve our service. We use your personal data with your consent or where it is necessary to perform legitimate business. The information we collect is used to respond to enquiries or to process administration tasks within The Zetter Group such as;
For compliance with our legal, regulatory and corporate governance obligations and ensuring good practice and to protect your vital interests.
Personnel / HR
For compliance in relation to the gathering and processing of information relating to identifiable individuals such as job applicants, qualifications, training and development, health and attendance records and to the dissemination of information to employees of The Zetter Group.
Keeping your data secure
We will comply with all relevant legislation, including the Data Protection Act 1998 and GDPR regulations May 2018 and are committed to ensuring that your information is secure. In order to prevent unauthorised access or disclosure to this information we have put in place suitable procedures to safeguard and secure the information we collect.
Where we keep it:
We are based in the UK and we store our data within the EU. Some organisations which provide services to us may transfer personal data outside of the EU, but we will only allow them to do if your data is adequately protected.
For example, some of our systems use Microsoft products. As a US company, it may be that using their products result in personal data being transferred to or accessible from the US. However, we will allow this as we are certain personal data will still be adequately protected (as Microsoft is certified under the USA’s Privacy Shield scheme).
How long we keep it:
We will only use and store information for so long as it is required for the purposes it was collected for. How long information will be stored depends on the information in question and what it is being used for. For example, if you ask us not to send you marketing e-mails, we will stop storing your e-mails for marketing purposes (though we’ll keep a record of your preference not to be e-mailed).
Any unsolicited CV submitted on a speculative basis will be held on file for 6 months and then deleted.
We continually review what information we hold and delete what is no longer required. Credit/debit card information is not retained beyond your stay at the hotel. We will not retain your data for any longer than necessary and the longest time that we will hold your data will be six years from last point of contact, with the exception of data held for marketing where an annual purge of data is carried out to remove your details where the last point of contact is over one year old.
Controlling your personal information
For your protection, we will not sell, distribute or lease any personally identifiable information collected via the web to third parties without your permission unless under certain conditions. For example, we may be required to provide information to our regulators or if we are required by law to do so.
Third Party Websites
Under the GDPR, you have various rights with respect to our use of your personal data:
Right to Access
You have the right to request a copy of the personal data that we hold about you. You should include with your request information that will enable us to verify your identity. We will respond within 1 month of your request. Please note that there are exceptions to this right. We may be unable to make all information available to you if, for example, making the information available to you would reveal personal data about another person, if we are legally prevented from disclosing such information, or if there is no basis for your request, or if it is excessive. You can request a copy of the information we hold about you at any time by contacting us at [email protected]
Right to rectification
We aim to keep your personal data accurate and complete. We encourage you to contact us using the contact details provided below to let us know if any of your personal data is not accurate or changes, so that we can keep your personal data up-to-date. If we hold any inaccurate or incomplete information about you then please contact us at [email protected]
Right to erasure
You have the right to request the deletion of your personal data where, for example, the personal data are no longer necessary for the purposes for which they were collected, where you withdraw your consent to processing, where there is no overriding legitimate interest for us to continue to process your personal data, or your personal data has been unlawfully processed. If you would like to request that your personal data is erased, please contact us at [email protected]
Right to object
In certain circumstances, you have the right to object to the processing of your personal data where, for example, your personal data is being processed on the basis of legitimate interests and there is no overriding legitimate interest for us to continue to process your personal data, or if your data is being processed for direct marketing purposes. If you would like to object to the processing of your personal data, please contact us at [email protected]
Right to restrict processing
In certain circumstances, you have the right to request that we restrict the further processing of your personal data. This right arises where, for example, you have queried the accuracy of the personal data we hold about you and we are verifying the information, you have objected to processing based on legitimate interests and we are considering whether there are any overriding legitimate interests, or the processing is unlawful and you elect that processing is restricted rather than deleted. Please contact us at [email protected]
Right to data portability
In certain circumstances, you have the right to request that some of your personal data is provided to you, or to another data controller, in a commonly used, machine-readable format. This right arises where you have provided your personal data to us, the processing is based on consent or the performance of a contract, and processing is carried out by automated means. If you would like to request make such request, please contact us at [email protected]
Please note that the GDPR sets out exceptions to these rights. If we are unable to comply with your request due to an exception we will explain this to you in our response.
If you have previously agreed to us using your personal information e.g. when you have attended a Zetter Group event or completed any Zetter Group forms or surveys, you may change your mind at any time. If you wish to unsubscribe from any future marketing communications please either click the unsubscribe link on any of the newsletters or contact us at [email protected]
Any queries relating to this statement should be made to us at [email protected] or alternatively you can write to:
86-88 Clerkenwell Road