Privacy Policy
1 Introduction
1.1 NEOS Hospitality (“we”, “us” or “our”) are committed to protecting and respecting your privacy.
1.2 This policy sets out the basis on which any personal data we collect from you, or that you provide to us, will be processed by us. Please read the following carefully to understand our views and practices regarding your personal data and how we will treat it. By visiting our “site” you are accepting and consenting to the practices described in this policy.
1.3 For the purpose of the Data Protection Act 2018 and the General Data Protection Regulation 2016/679 (“GDPR”) or any equivalent legislation which may replace the GDPR as a result of Brexit, the data controller is NEOS Hospitality of 42-43 St Mary Street, Cardiff, Wales, CF10 1AD (with registration number 13068585).
2 Information We May Collect From You
2.1 We may collect and process the following data about you:
2.1.1 Information you give us. You may give us information about you by filling in forms on our website or by corresponding with us by phone, e-mail, SMS, social media or otherwise, for example by allowing us to take copies of your identification document(s). This includes information you provide when you register to use our website, subscribe to our service, search for a product, place an order on our website, participate in discussion boards or other social media functions on our website, enter a competition, promotion or survey and when you report a problem with our website. The information you give us may include your name, address, e-mail address, mobile or fixed-line telephone number, date of birth, gender, financial information, personal appearance description and photograph (“Personal Information”).
2.1.2 Information we collect about you. With regard to each of your visits to our website we may automatically collect the following information (“Technical Information”):
2.2.1.1 technical information, including the Internet protocol (IP) address used to connect your computer to the Internet, your login information, browser type and version, time-zone setting, browser plug-in types and versions, operating system and platform;
2.2.1.2 information about your visit, including the full Uniform Resource Locators (URL), clickstream to, through and from our website (including date and time); products you viewed or searched for; page response times, download errors, length of visits to certain pages, page interaction information (such as scrolling, clicks, and mouse-overs), and methods used to browse away from the page and any phone number used to call our customer service number.
2.1.3 Information we receive from other sources. We may receive information about you if you use any of the other website we operate or the other services we provide. We are also working closely with third parties (including, for example, business partners, sub-contractors in technical, payment and delivery services, advertising networks, analytics providers, search information providers and credit reference agencies) and may receive information about you from them.
3. Cookies
3.1 Our website uses cookies to distinguish you from other users of our website. This helps us to provide you with a good experience when you browse our website and also allows us to improve our website. For detailed information on the cookies we use and the purposes for which we use them see our Cookie policy.
4. Uses Made Of The Information
4.1 We use information held about you in the following ways:
4.1.1 Information you give to us. We will use your Personal Information to:
4.1.1.1 carry out our obligations arising from any contracts entered into between you and us;
4.1.1.2 notify you about any changes in a particular order made by you;
4.1.1.3 carry out any other contractual obligations;
4.1.1.4 provide you with any information or products that you request from us;
4.1.1.5 provide you with information about other goods and services we offer that are similar to those that you have already purchased or enquired about;
4.1.1.6 provide you, or permit selected third parties to provide you, with information about goods or services we feel may interest you. If you are an existing customer, we will only contact you by electronic means (e-mail or SMS) with information about goods and services similar to those which were the subject of a previous sale or negotiations of a sale to you. If you are a new customer, and where we permit selected third parties to use your data, we (or they) will contact you by electronic means only if you have consented to this. If you do not want us to use your data in this way, or to pass your details on to third parties for marketing purposes, please tick the relevant box situated on the form on which we collect your data (the registration form);
4.1.1.7 notify you about changes to our service;
4.1.1.8 ensure that content from our website is presented in the most effective manner for you and for your computer.
4.1.2 Information we collect about you. We will use your Technical Information:
4.1.2.1 to administer our website and for internal operations, including troubleshooting, data analysis, testing, research, statistical and survey purposes;
4.1.2.2 to improve our website to ensure that content is presented in the most effective manner for you and for your computer;
4.1.2.3 to allow you to participate in interactive features of our service, when you choose to do so;
4.1.2.4 as part of our efforts to keep our website safe and secure; or
4.1.2.5 to measure or understand the effectiveness of advertising we serve to you and others, and to deliver relevant advertising to you.
5. Legal Grounds For Processing
5.1 We will only use your personal data where we have legal grounds to do so. We determine the legal grounds based on the purposes for which we have collected and used your personal data. In every case, the legal ground will be one of the following:
5.1.1 Performance of a contract with you (or in order to take steps prior to entering into a contract with you): for example, where you have made a booking with us and we need to use your contact details and payment information in order to process your booking.
5.1.2 Consent: for example, where you have provided your consent to receive marketing communications from us. You can withdraw your consent at any time. In the case of marketing emails, you can withdraw your consent by clicking on the “unsubscribe” link at the bottom of the email, for SMS, you can respond by entering the word STOP and for telephone marketing, you can request that the sales person change your telesales permissions. Alternatively, you can visit our website and change all your marketing preferences in the “Your Account” section.
5.3 Our legitimate interests: where it is necessary to understand our customers’ needs so we can improve the services we provide. For example, we will rely on our legitimate interest when we analyse what content has been viewed on our websites, so that we can understand how they are used. It is also in our legitimate interest to carry out marketing analysis to determine what services may be relevant to the interests of our customers.
5.4 Compliance with law: in some cases, we may have a legal obligation to use or keep your personal data. For example to allow us to comply with our licensing obligations or health and safety laws.
6. Disclosure Of Your Information
6.1 We may share your Personal Information with any member of our group, which means our subsidiaries, our ultimate holding company and its subsidiaries.
6.2 We may share your information with selected third parties including business partners, suppliers and sub-contractors for the performance of any contract we enter into with them or you.
6.3 When you sign into our website using your Facebook login details, you give permission to Facebook to share with us your email address and certain aspects of your Facebook profile if you have made these available through your Facebook privacy permissions. This may include your first and last name, age range, link to your Facebook profile and profile picture, if you have allowed this in your Facebook privacy settings. We do not, however, have access to updates on your Facebook profile. The same principles apply if you log in to our website using your Google login details.
6.4 We may disclose your Personal Information to third parties:
6.4.1 if we sell or buy any business or assets, in which case we may disclose your personal data to the prospective seller or buyer of such business or assets;
6.4.2 if NEOS Hospitality or substantially all of its assets are acquired by a third party, in which case personal data held by it about its customers will be one of the transferred assets;
6.4.3 if we are under a duty to disclose or share your personal data in order to comply with any legal obligation, or in order to enforce or apply our terms of use or terms and conditions of booking and other agreements; or to protect the rights, property, or safety of NEOS Hospitality, our customers, or others. This includes exchanging information with other companies and organisations for the purposes of fraud protection and credit risk reduction.
7. Where We Store Your Personal Data
7.1 The data that we collect from you may be transferred to, and stored at, a destination outside the European Economic Area (“EEA”). It may also be processed by staff operating outside the EEA who work for us or for one of our suppliers. Such staff may be engaged in, among other things, the fulfilment of your order, the processing of your payment details and the provision of support services. We will take all steps reasonably necessary to ensure that your data is treated securely, appropriate measures are taken to ensure that we are compliant and in accordance with this privacy policy.
7.2 Where we have given you (or where you have chosen) a password which enables you to access certain parts of our website, you are responsible for keeping this password confidential. We ask you not to share a password with anyone.
7.3 Unfortunately, the transmission of information via the internet is not completely secure. Although we will do our best to protect your personal data, we cannot guarantee the security of your data transmitted to our website; any transmission is at your own risk. Once we have received your information, we will use strict procedures and security features to try to prevent unauthorised access.
8 Your Rights
8.1 We will ask you if it is okay for us to process your Personal Information for marketing purposes.
8.2 The GDPR gives you the following rights:
8.2.1 Right to rectification. You have the right to rectification of inaccurate personal data.
8.2.2 The right to be forgotten. You have the right to obtain from us the erasure of your personal data where: (a) the personal data is no longer necessary in relation to the purposes for which it was collected or processed; (b) you withdraw your consent to processing for which we previously obtained your consent; (c) you object to the processing; (d) the personal data has been unlawfully processed; and (e) we are required to erase the personal data in order to comply with the law.
8.2.3 Right to restriction. You have the right to obtain from us the restriction of processing where: (a) you contest the accuracy of the personal data we hold about you; (b) the personal data has been unlawfully processed; (c) we no longer need the personal data but they are required in limited circumstances; and (d) you object to the processing.
8.2.4 Right to data portability. In certain circumstances, you have the right to receive personal data from us in a structured, commonly used and machine-readable format and the right to transmit it to a third-party organisation.
8.2.5 Right to object. You have the right to object to any of our processing. Please tell us if you object to any of this.
8.2.6 Right to object to marketing. If you do not want us to process your personal data for direct marketing, please tell us and we will ensure that we no longer do this.
8.2.7 Right to complain to the ICO. Whilst we prefer it if you approached us first about any complaints or queries you may have, you always have the right to lodge a complaint with the Information Commissioner’s Office.
8.2.8 Subject access right. You have the right to access personal data we hold about you. Your right of access can be exercised in accordance with the GDPR.
8.3 Our website may, from time to time, contain links to and from the websites of our partner networks, advertisers and affiliates. If you follow a link to any of these websites, please note that these websites have their own privacy policies and that we do not accept any responsibility or liability for these policies. Please check these policies before you submit any personal data to these websites.
8.4 We will not keep any personal data about you for any longer than is necessary for the purposes for which the personal data are processed. In any event, we will not keep your personal data for longer than 6 years after first obtaining it.
9. Changes To Our Privacy Policy
9.1 Any changes we may make to our privacy policy in the future will be posted on this page and, where appropriate, notified to you by e-mail. Please check back frequently to see any updates or changes to our privacy policy.
10. Contact
10.1 Questions, comments and requests regarding this privacy policy are welcomed and should be emailed to us here.