image

imageSarova Hotels

Privacy Notice

The Abbey Hotel Limited

11 Thurloe Place
London
SW7 2RS
Company No. 3389220
ICO Reg. No. Z6713875

The Bull Hotel Limited

11 Thurloe Place
London
SW7 2RS
Company No. 3389217
ICO Reg. No. Z6713918

The Rembrandt Hotel Limited

11 Thurloe Place
London
SW7 2RS
Company No. 2815107
ICO Reg. No. Z5430746

The Sir Christopher Wren Hotel Limited

11 Thurloe Place
London
SW7 2RS
Company No. 7490297
ICO Reg. No. ZA265766

We share the data in this way to improve your experience when staying at these hotels.

This Privacy Notice applies to each of those companies and we reserve the right to freely pass the data between these companies. In particular we do so in order to give you a better service, including where you have elected to use our loyalty scheme “Sarova Select”.

Collection of personal data

Below is a list of the circumstances in which your personal data is collected by Sarova Hotels together with a brief explanation as to why we need that personal data. It is the kind of personal data that you would expect to provide in the normal process of making travel arrangements, or using a spa.

Read More…


The circumstances in which we collect your personal data

We have broken down the types of data we collect and process into the following circumstances:

  • Hotels: if you are a guest or a potential guest
  • Spa: if you are a Spa user or a potential Spa user
  • Spa: if you are an occasional user using our Spa facilities with a trainer or teacher
  • If you are an individual experiencing our Hotel facilities (for example for a family celebration)
  • If you make a payment directly to us
  • If you use Sarova Hotels complimentary Wi-Fi
  • If you join our Customer Loyalty Programme: Sarova Select

In each case we have indicated below the major interactions where we collect data from you.

In addition to this data, when you visit our websites, we will also collect personal data from your computer. This may include the browser you are using, your language settings, the Internet Protocol address and other data pertaining to the computer or similar device which you are using.

Hotels: if you are a guest or a potential guest

A) When you make a reservation, when you check-in and during your stay.

So we know who you are

  • Title, first name, family name
  • Postal address – (home, business or other)
  • Email address – (personal, business or other)
  • Phone number – (home, business, mobile or other)
  • Credit card details
  • Gender
  • Company affiliation (if relevant)
  • Car registration (if any)
So we can be ready to welcome you

  • Arrival date
  • Departure date
  • Occupancy details (number of adults / number of children)
  • Name of guest(s) sharing accommodation
  • Special requests / needs including:
    • about your food preferences: dietary requirements
    • about your needs and preferences: for example any allergies (such as to feather pillows)
    • about you: for example any disabilities
  • Membership personal data – Sarova Select
  • Sarova Store purchases
To meet internal reporting needs

  • Booking channel used
  • Date & time of reservation
  • Date & time of any amendments
For us both to confirm we have your requirements correct

  • Room number
  • Room rate (if paying own account)
  • Communication preference
  • Wake up call
  • Newspaper preference
In order to comply with The Immigration (Hotel Records) Order 1972

  • Nationality
  • Passport number
  • Where passport issued
  • Next destination
  • Date of birth if we are required to do so under immigration regulations
In order to protect us both

  • Telephone call details – (made on bedroom phone)
  • Food & beverage consumed / ordered on property
  • Any entries / incidents in the Duty Manager’s log
  • Any entries in the accident / incident book
  • Any interaction with reception that necessitated entering alerts or comments to the booking
  • Room entry times as per door lock
  • CCTV imagery
  • Signature

Note: If you are booking on behalf of someone else, we collect much of the above information about you and about the third party on whose behalf you are making a booking.

To meet internal reporting needs

  • Arrival time
  • Departure time
B) After Check Out

So you can have your say and let us know how you enjoyed your experience

  • Post stay correspondence – comments and associated replies
  • Feedback on various review sites and associated replies and subsequent correspondence

Spa: if you are a Spa user or a potential Spa user

A) When visiting as a hotel guest or using a day pass

So we know that you have visited

  • Completing a sign in sheet with your name and time of arrival
  • Time of departure
B) When Becoming A Member or using the Spa for the first time

So we know who you are or we can record your visit

  • Title, first name, family name
  • Postal address – (home, business or other)
  • Email address – (personal, business or other)
  • Phone number – (home, business, mobile or other)
  • Credit card details
  • Date of birth
  • Occupation
  • Gender
  • Company affiliation (if relevant)
Where children are becoming members too

  • We collect the above information about the parents of the child.  This data is then also associated with the child.  The only additional personal data concerning the child is the child’s name, date of birth, gender and a medical questionnaire in respect of the child: this is to inform us of the presence or absence of certain medical conditions which may affect the child’s ability to enjoy the Spa facilities.
C) When Making Reservations For Spa Treatments or Using the Spa

So we know that you have visited

  • Completing a sign in sheet with your name and time of arrival
  • Time of departure
To ensure your treatment is safe and appropriate for you

  • A medical questionnaire: this is to inform us of the presence or absence of certain medical conditions which may affect the child’s ability to enjoy the Spa facilities
  • Preference on massage pressure
  • The treatment you are having
In order to take your permission to keep you informed in the future

  • Permission to keep you informed about the club’s news, special offers and promotions
D) After Having A Treatment

We welcome your feedback and want to ensure you are satisfied

  • Post-treatment correspondence – comments and associated replies
  • Feedback on various review sites and associated replies and subsequent correspondence
Where children are taking a treatment

  • We collect the above information about the parents of the child.  The only extra personal data concerning the child is the child’s name, date of birth and a medical questionnaire in respect of the child: this is to inform us of the presence or absence of certain medical conditions which may affect the child’s ability to enjoy the Spa facilities

Spa: if you are an occasional user using our Spa facilities with a trainer or teacher

A) Information collected from the Trainer or Teacher

So we know who you are or we can record your visit

  • Title, first name, family name
  • Postal address – (home, business or other)
  • Email address – (personal, business or other)
  • Phone number – (home, business, mobile or other)
  • Credit card details
  • Date of birth
  • Occupation
  • Gender
So we know that you have visited

  • Completing a sign in sheet with your name and time of arrival
  • Time of departure
In order to take your permission to keep you informed in the future

  • Permission to keep you informed about the club’s news, special offers and promotions
B) Information collected from the Attendee

So we have a record of who is visiting

Events organised by third-party trainees or teachers using our Spa facilities – Parent’s and if relevant child’s name, instructor’s name and time of lesson which is signed by parents on arrival.  Normally these records are kept only temporarily for evacuation purposes.

If you are an individual using our Hotel facilities (for example for a family celebration)

A) When you make a reservation, when you check-in and during your stay.

So we know who you are

  • Title, first name, family name
  • Postal address – (home, business or other)
  • Email address – (personal, business or other)
  • Phone number – (home, business, mobile or other)
  • Credit card details
  • Gender
  • Company affiliation (if relevant)
  • Date of birth if we are required to do so under immigration regulations
  • Car registration (if any)
  • Facilities to be hired
So we can be ready to welcome you

  • Arrival date
  • Departure date
  • Name of guest(s) sharing accommodation
  • Special requests / needs including:
    • about you and your guests food preferences: dietary requirements
    • about you and your guests needs and preferences: for example any allergies
    • about you and your guests: for example any disabilities
  • Membership personal data – Sarova Select
  • Sarova Store purchases
To meet internal reporting needs

  • Booking channel used
  • Date & time of reservation
  • Date & time of any amendments
For us both to confirm we have your requirements correct

  • Facilities hired
  • Amount charged
  • Communication preference
In order to protect us both

  • Telephone call details – (made on your bedroom telephone)
  • Food & beverage consumed / ordered on property
  • Any entries / incidents in the Duty Manager’s log
  • Any entries in the accident / incident book
  • Any interaction with reception that necessitated entering alerts or comments to the booking
  • Entry times into facilities hired as per door lock
  • CCTV imagery
  • Signature

Note: If you are booking on behalf of someone else, we collect much of the above information about you and about the third party on whose behalf you are making a booking.

To meet internal reporting needs

  • Arrival time
  • Departure time
B) After Departure

So you can have your say and let us know how you enjoyed your experience

  • Post stay correspondence – comments and associated replies
  • Feedback on various review sites and associated replies and subsequent correspondence

If you make a payment directly to us

  • Where you are paying by direct debit (for example where you are a member of our Spa club), we collect the following additional details of the person paying (whether payment is a one-off payment or a direct debit arrangement): bank address, account number and sort code.  We keep this data for as long as you are a member.
  • Where you pay us by a credit or debit card, we have a secure payment portal to process the payment.  We keep credit card details for up to thirty days after departure, however, we do not store or hold the CCV number.

If you use Sarova Hotels complimentary Wi-Fi

When you connect to this service the third party will record the following personal data about your connection:

  • Email address
  • Name
  • MAC address of your device
  • History of logons
  • Basic device capabilities
  • Guest name
  • Room number

If you join our Customer Loyalty Programme (Sarova Select) or Complete a Guest Comment Card

A) Sarova Select – Customer Loyalty Programme

So we know who you are

  • Title, first name, family name
  • Email address – (personal, business or other)
  • Membership number
  • Company affiliation (if relevant)
  • Address & phone number details
To tailor your experience

  • Guest interests
  • Newsletter subscriptions
  • Communication preferences
  • Room location
  • Room type
  • Amenities
B) Guest Comment Card

We invite you to complete a Feedback Form on many occasions when you use our Hotel, whether or not you are the party paying for the experience.  If you are a casual user of our Hotel and you complete a feedback form, we only keep data concerning your name, email address, company affiliation (if relevant) and the feedback provided.  In other circumstances, we may link the feedback to the reason for your use of the Hotel facilities.

In order to match your comments to your stay

  • Hotel stayed at
  • Feedback on various review sites and associated replies and subsequent correspondence
  • Post stay correspondence – comments and associated replies

To understand how your reservation was made

  • How booking was made (direct, online, travel agent)
  • Which website was used for bookings
  • Booking channel used

Enhance our knowledge about you

  • Type of traveller (business, couple, family, friends, single)
  • Were you and if so how were you recommend to the hotel?

Other uses of your Personal Data

In order to make our services more efficient for you, we, along with most hotels and businesses, use third party outsource service providers which have partial access to some of your data.  We use these suppliers in order to provide services such as booking the facilities available in the hotel; running reception; providing housekeeping; booking tables, rooms and other facilities.

Read More…


Our use of Third Party Outsource Service Providers

Some suppliers, such as Sabre Hospitality Solutions are subcontractors and we seek to ensure that they act in accordance with our wishes in respect of the data that we pass to them.

In circumstances where you interact with an independent third party when booking a facility at our hotel, for example when you book a table to dine at the hotel via Bookatable (www.bookatable.co.uk), that third party is an independent data controller and responsible independently for compliance with the relevant data protection legislations.  We recommend that in those circumstances you read the privacy policy of that third party.

CCTV

In common with the majority of comparable hotel companies we use CCTV (Closed Circuit Television) recording equipment on our properties and the immediate environs.  We generally keep records from these cameras for up to hundred (100) days.  We use this equipment and these recordings for the reduction and investigation of crimes and unacceptable behaviour.

Use of Cookies

We will also use cookies to help tailor your experience on our websites and to help us track activity.  By visiting privacy.sarova.com you will have the ability to manage the cookies that you do and do not accept per website so that you can have the best level of control.

You can find more about how we use cookies and opting out of their use at:  cookies information.

Analytic Suppliers

In common with the majority of comparable hotel companies that use the internet we occasionally use your personal data to help Analytic Suppliers match relevant ads to you using the data analytics of those Analytic Suppliers.  However, we only use the data in that way where you are a subscriber to the services of Analytic Suppliers and have therefore agreed to this service by acceding to the relevant Agreements of those Analytic Suppliers and have therefore agreed to this service by acceding to the relevant Agreements of those Analytic Suppliers.

We mean by Analytic Suppliers companies such as: Facebook; Google; Twitter and Microsoft.

We do not control the countries outside the United Kingdom in which those Analytic Suppliers process data.  Your consent to our use of the data includes our permission to use the services of these Analytic Suppliers.

Transfer of Data

In conforming with British and European data protection laws, we endeavour to implement reasonable procedures to protect your personal data and to prevent any unauthorised access or misuse of it. Sarova Hotels’ servers, on which your personal data is kept, are located in the United Kingdom.

Read More…


Hotels

A)  Reservations made directly with the hotel

You may make a reservation directly with the Sarova Hotels, in which case the collection of your personal data is as described above.  The diagram below illustrates the way in which you may make a direct booking with Sarova Hotels.

Glossary
PMS – Property Management System
  • Reservations via Telephone/Fax or Walk-In – your personal data is entered directly into the hotel’s property management system located within the UK.
  • Reservations via Email – Emails for Sarova Hotels are delivered into a mail server located within the UK, and then entered into the hotel’s property management system located within UK.
  • Reservations made on Sarova Hotels’ websites – Sarova Hotels uses Sabre Hospitality Solutions as supplier of booking engine software to power its websites.  This software solutions provider is located in Netherlands.  Sabre Hospitality Solutions uses the services and data centres in the United States.  That company has confirmed to us that it complies with European Union data protection legislation in its transfer of data to the United States.  That data transfer is secured by guarantees under standard contractual clauses between the Dutch company and its transferees in the United States.
B) Reservations with Third Party Booking Agents, Meeting & Event Agents, & Travel Supply Companies

Where you make your reservation with a third party site, such as a travel company or any other third party booking agent, this privacy notice does not apply to your personal data that is collected by that third party site.  Sarova Hotels encourages you to enquire about the data privacy practices of these third party sites directly with those sites.

These companies will deliver the data which they have collected from their customer to Sarova Hotels via one of the following routes:

Fax data is sent across the public telephone network directly to the hotel.

Emails are delivered to Sarova Hotels’ email server located within UK, which is managed under the data safety policies of Data Protection Act and General Data Protection Regulation.

When you make a reservation via an independent third party booking service, for example a Global Distribution System “GDS”, that third party will transmit certain data which they collect about you to us.  Typically, that information may include:

  • Title, first name, family name
  • Email address – (personal, business or other)
  • Gender
  • Date of birth
  • Postal address – (home, business or other)
  • Telephone number
  • Payment personal data
  • Passport details
C) Data export from Sarova Websites

The organisations indicated in the following table have their servers located within the European Union too and accordingly do not export data outside the European Union.

Glossary
PMS – Property Management System
CRM – Customer Relationship Management System 

Other Information Concerning your Personal Data

Why is personal data being collected? There are three legal bases upon which we collect, process and transfer your personal data as described in this privacy notice: Contract – to consider potential or to fulfil actual contracts with you.  If you are not able to provide this data, it is possible that we will be

Read More…


Why is personal data being collected?

There are three legal bases upon which we collect, process and transfer your personal data as described in this privacy notice:

  • Contract – to consider potential or to fulfil actual contracts with you.  If you are not able to provide this data, it is possible that we will be unable properly to perform our side of any contract with you.
  • Legitimate Interest – In order to consider potential or to fulfil actual contracts with you, we need to collect and process personal data about you.
  • Consent – We will rely on your consent to use your personal data in order to provide you with news, special offers and promotions.

To opt out of receiving communications in respect of news, special offers and promotions from us please contact us as below:

  • by email at optout@sarova.com
  • by post to Data Protection Manager, 11 Thurloe Place, London, SW7 2RS.

With whom will we share your personal data?

Where the personal data is collected for news, special offers and promotional purposes, Sarova Hotels does not share this data with any third party.

We may share data with the relevant travel agency where your hotel accommodation at Sarova Hotels is provided as part of a tour package organised by that travel agency.  Where you chose to interact with a review site (such as TripAdvisor), we may share some of your data with that site when addressing or acknowledging your comments. We pass relevant details to the appropriate third party where you ask us to arrange further services for you which we do not ourselves supply, for example excursions or taxis.  We share some of your data in this way in order to facilitate the efficient provision of our services, or for contractual reasons. Those contractual reasons may include for example the passing of payment or commission; provision of terms and conditions associated with the service provision or customer feedback.

None of these third parties are agents for Sarova Hotels and Sarova Hotels is not the representative of those third parties and therefore we are not responsible for your personal data which is collected by these companies and passed to us.  We encourage you to check the privacy policy of whichever of these third parties you have used to make your booking with us.

For how long do we keep your personal data?

Your personal data will only be kept for as long as it is required in order to carry out the activities described in this privacy notice, or as required by Governmental authorities and relevant legislation.

Where we are no longer sending you news, special offers and promotions then, unless there are exceptional legal reasons for keeping your data for longer, we do not keep your personal data for more than seven (7) years.  This is to allow for the normal contract law limitation period and for tax purposes.

What are my rights?

The data protection legislation gives you a number of rights.  These rights include:

  • Right to be forgotten which is explained under the heading “How do I opt out” above.
  • Right to make a “subject access request”, which is a request for a copy of the data which we hold about you.  In order to exercise this request please go to https://www.sarova.com/download/sar/ .
  • Right of correction (or where appropriate erasure) of data which we hold about you where this is inaccurate.
  • Right to data portability
  • Right to withdraw your future consent to our processing your personal data.
  • Right to complain to the Office of the Information Commissioner.

Please be aware that if you exercise one of these rights, that in order to protect your privacy, we may require you to undergo some verification tests to ensure that we are dealing with you.

You have the right to be informed of the matters stated in this privacy notice.

Sarova Hotels’ websites

This policy applies to the collection of data through the use of the following family of Sarova Hotels’ websites:



Print this page