GDPR

Being in the United States, we are not exempt from adhering to the new GDPR regulations. We ensure utmost access to customers in relation to their own information. We dispose of information securely and only ask for information when it is required.

We have started our GDPR journey by setting out a full implementation plan including the allocation of both internal and external resources. We have reviewed our policies and procedures and have updated our privacy notices, retention policies, subject access request and breach management procedures.

Our Eight Principles

  1. Obtain and process information fairly:                                                                    Guests give their information in booking a hotel room.
  2. Keep data only for the specified and lawful purposes:                                            The hotel’s privacy notice will advise our consumer of what their information is being used for and will state why and how long this is being held for.
  3. Use and disclose data only in ways compatible with these purposes:                  Taking CCTV footage may be necessary to share this information with the insurance company, Gardaí or other relevant company as stated in the privacy notice.
  4. Keep data safe and secure:                                                                                                  All information, on soft or hard copy is secure. We make sure to check with our IT departments to ensure the safety of their systems. Hard copy data is being secure.
  5. Keep data accurate, complete and up-to-date:                                                              We ensure that the data we hold is accurate and up-to-date. It is important for us that within spas and leisure centres, guest information is kept up to date, particularly in relation to health and safety.
  6. Ensure that information is adequate, relevant and not excessive:                   Additional information that can be requested is to help make our guests stay more enjoyable.
  7. Keep information for no longer than necessary:                                                               Revenue requires books and records to be held for six years and the current year and there are other legal requirements for HR and registration information. Other data, however, is held by our hotel for the length of time as stipulated within the privacy notice and within what is deemed necessary for the proper functioning of the business.
  8. Give a copy of personal data on request:                                                                          A consumer has the ‘right to seek’ their personal data from our hotel, within 30 days and free of charge.