image

imageSarova Hotels

Privacy Notice

Last updated on January 7th, 2022

The Abbey Hotel Limited

11 Thurloe Place
London
SW7 2RS
Company No. 3389220
ICO Reg. No. Z6713875

The Bull Hotel Limited

11 Thurloe Place
London
SW7 2RS
Company No. 3389217
ICO Reg. No. Z6713918

The Rembrandt Hotel Limited

11 Thurloe Place
London
SW7 2RS
Company No. 2815107
ICO Reg. No. Z5430746

The Sir Christopher Wren Hotel Limited

11 Thurloe Place
London
SW7 2RS
Company No. 7490297
ICO Reg. No. ZA265766

We share the data in this way to improve your experience when staying at these hotels.
This Privacy Notice applies to each of those companies and we reserve the right to freely pass the data between these companies. In particular we do so in order to give you a better service, including where you have elected to use our loyalty scheme “Sarova Select”.

Collection of personal data

Below is a list of the circumstances in which your personal data is collected by Sarova Hotels together with a brief explanation as to why we need that personal data. It is the kind of personal data that you would expect to provide in the normal process of making travel arrangements, or using a Spa / Health Club.

Read More…


The circumstances in which we collect your personal data

We have broken down the types of data we collect and process into the following circumstances:

  • Hotels: if you are a guest or a potential guest
  • Spa / Health Club: if you are a Spa / Health Club user or a potential Spa / Health Club user
  • Spa / Health Club: if you are an occasional user using our Spa / Health Club facilities with a trainer or teacher
  • If you are an individual experiencing our Hotel facilities (for example for a family celebration)
  • If you make a payment directly to us
  • If you use Sarova Hotels complimentary Wi-Fi
  • If you have joined our Customer Loyalty Programme: Sarova Select

In each case we have indicated below the major interactions where we collect data from you.

In addition to this data, when you visit our websites, we will also collect personal data from your computer. This may include the browser you are using, your language settings, the Internet Protocol address and other data pertaining to the computer or similar device which you are using.

Hotels: if you are a guest or a potential guest

A) When you make a reservation for accommodation or car parking, when you check-in and during your stay.

So we know who you are

  • Title, first name, family name
  • Postal address – (home, business or other)
  • Email address – (personal, business or other)
  • Phone number – (home, business, mobile or other)
  • Credit card details
  • Company affiliation (if relevant)
  • Car registration (if any)

Note: Where you only interact with us via our chatbot service, you will only be asked for minimal information, namely your name and email address and sometimes for your telephone number if it is considered necessary

So we can be ready to welcome you

  • Arrival date
  • Departure date
  • Occupancy details (number of adults / number of children)
  • Name of guest(s) sharing accommodation
  • Special requests / needs including:
    • about your food preferences: dietary requirements
    • about your needs and preferences: for example any allergies (such as to feather pillows)
    • about you: for example any disabilities
  • Membership personal data 
  • Sarova Store purchases


To meet internal reporting needs

  • Booking channel used
  • Date & time of reservation
  • Date & time of any amendments


For us both to confirm we have your requirements correct

  • Room number
  • Room rate (if paying own account)
  • Communication preference
  • Wake up call
  • Newspaper preference


In order to comply with The Immigration (Hotel Records) Order 1972

  • Nationality
  • Passport number
  • Where passport was issued
  • Next destination
  • Date of birth if we are required to do so under immigration regulations


In order to protect us both

  • Telephone call details – (made on bedroom phone)
  • Food & beverage consumed / ordered on property
  • Any entries / incidents in the Duty Manager’s log
  • Any entries in the accident / incident book
  • Any interaction with reception that necessitated entering alerts or comments to the booking
  • Room entry times as per door lock
  • CCTV imagery
  • Signature

Note: If you are booking on behalf of someone else, we collect much of the above information about you and about the third party on whose behalf you are making a booking.


To meet internal reporting needs

  • Arrival time
  • Departure time


B) After check-out

So you can have your say and let us know how you enjoyed your experience

  • Post stay correspondence – comments and associated replies
  • Feedback on various review sites and associated replies and subsequent correspondence


Spa / Health Club: if you are a Spa / Health Club user or a potential Spa / Health Club user

A) When visiting as a hotel guest or using a day pass

So we know that you have visited

  • Completing a sign in sheet with your name and time of arrival
  • Time of departure


B) When becoming a member or using the Spa / Health Club for the first time

So we know who you are or we can record your visit

  • Title, first name, family name
  • Postal address – (home, business or other)
  • Email address – (personal, business or other)
  • Phone number – (home, business, mobile or other)
  • Credit card or bank account details
  • Date of birth
  • Occupation / Employer
  • Gender
  • Company affiliation (if relevant)
  • A medical questionnaire: this is to inform us of the presence or absence of certain medical conditions which may affect the member’s ability to enjoy the Spa / Health Club facilities

Where children are becoming members too

  • We collect the above information about the parents of the child.  This data is then also associated with the child.  The only additional personal data concerning the child is the child’s name, date of birth, gender and a medical questionnaire in respect of the child: this is to inform us of the presence or absence of certain medical conditions which may affect the guest’s ability to enjoy the Spa / Health Club facilities.


C) When making a reservations for Spa / Health Club treatments or using the Spa / Health Club

So we know that you have visited

  • Completing a sign in sheet with your name and time of arrival
  • Time of departure

To ensure your treatment is safe and appropriate for you

  • A medical questionnaire: this is to inform us of the presence or absence of certain medical conditions which may affect the child’s ability to enjoy the Spa / Health Club facilities
  • Preference on massage pressure
  • The treatment you are having

In order to take your permission to keep you informed in the future

  • Permission to keep you informed about the club’s news, special offers and promotions


D) After having a treatment

We welcome your feedback and want to ensure you are satisfied

  • Post-treatment correspondence – comments and associated replies
  • Feedback on various review sites and associated replies and subsequent correspondence

Where children are taking a treatment

  • We collect the above information about the parents of the child.  The only extra personal data concerning the child is the child’s name, date of birth and a medical questionnaire in respect of the child: this is to inform us of the presence or absence of certain medical conditions which may affect the child’s ability to enjoy the Spa / Health Club facilities

E) When hiring facilities within Spa / Health Club

For us both to confirm we have your requirements correct

  • Facilities hired
  • Amount charged
  • Communication preference

Spa / Health Club: if you are an occasional user using our Spa / Health Club facilities with a trainer or teacher

A) Information collected from the trainer or teacher

So we know who you are or we can record your visit

  • Title, first name, family name
  • Postal address – (home, business or other)
  • Email address – (personal, business or other)
  • Phone number – (home, business, mobile or other)
  • Credit card details
  • Date of birth
  • Occupation
  • Gender


So we know that you have visited

  • Completing a sign in sheet with your name and time of arrival
  • Time of departure

In order to take your permission to keep you informed in the future

  • Permission to keep you informed about the club’s news, special offers and promotions


B) Information collected from the attendee

So we have a record of who is visiting

Events organised by third-party trainees or teachers using our Spa / Health Club facilities – Parent’s and if relevant child’s name, instructor’s name and time of lesson which is signed by parents on arrival.  Normally these records are kept only temporarily for evacuation purposes.

If you are an individual using our Hotel facilities (for example for a family celebration)

A) When you make a reservation for a room or car parking, when you check-in and during your stay.

So we know who you are

  • Title, first name, family name
  • Postal address – (home, business or other)
  • Email address – (personal, business or other)
  • Phone number – (home, business, mobile or other)
  • Credit card details
  • Company affiliation (if relevant)
  • Date of birth if we are required to do so under immigration regulations
  • Car registration (if any)
  • Facilities to be hired


So we can be ready to welcome you

  • Arrival date
  • Departure date
  • Name of guest(s) sharing accommodation
  • Special requests / needs including:
    • about you and your guests’ food preferences: dietary requirements
    • about you and your guests’ needs and preferences: for example, any allergies
    • about you and your guests’: for example, any disabilities
  • Membership personal data 
  • Sarova Store purchases


To meet internal reporting needs

  • Booking channel used
  • Date & time of reservation
  • Date & time of any amendments


For us both to confirm we have your requirements correct

  • Facilities hired
  • Amount charged
  • Communication preference


In order to protect us both

  • Telephone call details – (made on your bedroom telephone)
  • Food & beverage consumed / ordered on property
  • Any entries / incidents in the Duty Manager’s log
  • Any entries in the accident / incident book
  • Any interaction with reception that necessitated entering alerts or comments to the booking
  • Entry times into facilities hired as per door lock
  • CCTV imagery
  • Signature


Note: If you are booking on behalf of someone else, we collect much of the above information about you and about the third party on whose behalf you are making a booking.

To meet internal reporting needs

  • Arrival time
  • Departure time


B) After departure

So you can have your say and let us know how you enjoyed your experience

  • Post stay correspondence – comments and associated replies
  • Feedback on various review sites and associated replies and subsequent correspondence

If you make a payment directly to us

  • Where you are paying by direct debit (for example where you are a member of our Spa / Health Club), we collect the following additional details of the person paying (whether payment is a one-off payment or a direct debit arrangement): bank address, account number and sort code.  We keep this data for as long as you are a member.
  • Where you pay us by a credit or debit card, we have a secure payment portal to process the payment.  We keep credit card details for up to thirty days after departure, however, we do not store or hold the CCV number.


If you use Sarova Hotels’ complimentary Wi-Fi

When you connect to this service the third party with whom we use for the provision of the Wi-Fi service will record the following personal data about your connection:

  • Email address
  • Name
  • MAC address of your device
  • History of logons
  • Basic device capabilities
  • Guest name
  • Room number


If you have joined our customer loyalty programme (Sarova Select) or completed a guest comment card

A) Sarova Select – Customer loyalty programme

So we know who you are

  • Title, first name, family name
  • Email address – (personal, business or other)
  • Membership number
  • Company affiliation (if relevant)
  • Address & phone number details


To tailor your experience

  • Guest interests
  • Newsletter subscriptions
  • Communication preferences
  • Room location
  • Room type
  • Amenities
  • Booking preferences
  • If you so choose, name and birthday of your spouse or significant other and an anniversary date


B) Guest comment card

We invite you to complete a Feedback Form on many occasions when you use our Hotel, whether or not you are the party paying for the experience.  If you are a casual user of our Hotel and you complete a feedback form, we only keep data concerning your name, email address, company affiliation (if relevant) and the feedback provided.  In other circumstances, we may link the feedback to the reason for your use of the Hotel facilities.

In order to match your comments to your stay

  • Hotel stayed at
  • Feedback on various review sites and associated replies and subsequent correspondence
  • Post stay correspondence – comments and associated replies


To understand how your reservation was made

  • How booking was made (direct, online, travel agent)
  • Which website was used for bookings
  • Booking channel used


Enhance our knowledge about you

  • Type of traveller (business, couple, family, friends, single)
  • Were you, and if so how, were you recommended to the hotel?

Other uses of your Personal Data

In order to make our services more efficient for you, we, along with most hotels and businesses, use third party outsource service providers which have partial access to some of your data.  We use these suppliers in order to provide services such as booking the facilities available in the hotel; running reception; providing housekeeping; booking tables, rooms and other facilities.

Read More…


Our use of third party outsource service providers

In order to make our services more efficient for you, we, along with most hotels and businesses, use third party outsource service providers which have partial access to some of your data.  We use these suppliers in order to provide services such as booking the facilities available in the hotel; running reception; providing housekeeping; booking tables, rooms and other facilities.

Some suppliers, such as HotelRez (www.hotelrez.net) are subcontractors and we seek to ensure that they act in accordance with our wishes in respect of the data that we pass to them. All subcontractors have confirmed that they either retain our customer’s data with the UK or EU, or where this is not the case they use Standard Contractual Clauses (SCCs) in order to provide an equivalent level of protection to the data as would be the case within the UK or EU.

In circumstances where you choose to interact with an independent third party when booking a facility at our hotel. For example when you book a room at the hotel via Expedia (www.expedia.com), that third party is an independent data controller and responsible independently for compliance with the relevant data protection legislations. We recommend that in those circumstances you read the privacy policy of that third party.

We may disclose your personal information to any third party to whom we may be considering selling or who may be considering buying the whole or part of our business or assets.

CCTV

In common with the majority of comparable hotel companies we use CCTV (Closed Circuit Television) recording equipment on our properties and the immediate environs.  We generally keep records from these cameras for up to hundred (100) days.  We use this equipment and these recordings for the reduction and investigation of crimes and unacceptable behaviour.

Use of Cookies

We will also use cookies to help tailor your experience on our websites and to help us track activity.  By visiting privacy.sarova.com you will have the ability to manage the cookies that you do and do not accept per website so that you can have the best level of control.

You can find more about how we use cookies and opting out of their use at:  cookies information.

Analytic Suppliers

In common with the majority of comparable hotel companies that use the internet we occasionally use your personal data to help Analytic Suppliers match relevant ads to you using the data analytics of those Analytic Suppliers.  However, we only use the data in that way where you are a subscriber to the services of Analytic Suppliers and have therefore agreed to this service by acceding to the relevant Agreements of those Analytic Suppliers.

We mean by Analytic Suppliers companies such as: Facebook; Google; Twitter and Microsoft. Analytic Suppliers supply us with statistical information on how users interact with our website to help us improve our user experience.

We do not control the countries outside the United Kingdom in which those Analytic Suppliers process data.  Your consent to our use of the data includes our permission to use the services of these Analytic Suppliers.

Transfer of Data

In conforming with British and European data protection laws, we endeavour to implement reasonable procedures to protect your personal data and to prevent any unauthorised access or misuse of it. Sarova Hotels’ servers, on which your personal data is kept, are located in the United Kingdom.

Read More…


Hotels

A)  Reservations made directly with the hotel

You may make a reservation directly with the Sarova Hotels, in which case the collection of your personal data is as described above.  The diagram below illustrates the way in which you may make a direct booking with Sarova Hotels.

Glossary
PMS – Property Management System
CRM – Customer Relationship Management System 

  • Reservations via Telephone/Fax or Walk-In – your personal data is entered directly into the hotel’s property management system located within the UK.
  • Reservations via Email – Emails for Sarova Hotels are delivered into a mail server located within the UK, and then entered into the hotel’s property management system located within UK.
  • Reservations made on Sarova Hotels’ websites – Sarova Hotels uses P3 Hotels (www.p3hotels.com) as supplier of booking engine software to power its websites.  This software solutions provider has its servers located within the EU.

B) Reservations with Third Party Booking Agents, Meeting & Event Agents, & Travel Supply Companies

Where you make your reservation with a third-party site, such as a travel company or any other third-party booking agent, this privacy notice does not apply to your personal data that is collected by that third-party site.  Sarova Hotels encourages you to enquire about the data privacy practices of these third-party sites directly with those sites.

These companies will deliver the data which they have collected from their customer to Sarova Hotels via one of the following routes:

Fax data is sent across the public telephone network directly to the hotel.

Emails are delivered to Sarova Hotels’ email server located within UK.

When you make a reservation via an independent third-party booking service, for example a Global Distribution System “GDS”, that third party will transmit certain data which they collect about you to us.  Typically, that information may include:

  • Title, first name, family name
  • Email address – (personal, business or other)
  • Gender
  • Date of birth
  • Postal address – (home, business or other)
  • Telephone number
  • Payment personal data
  • Passport details


C) Data export from Sarova websites

The organisations indicated in the following table have their servers located within the UK or EU and do not export data outside the UK or EU.

Glossary
PMS – Property Management System
CRM – Customer Relationship Management System 

Other Information Concerning your Personal Data

Why is personal data being collected? There are three legal bases upon which we collect, process and transfer your personal data as described in this privacy notice:

Read More…


Why is personal data being collected?

There are three legal bases upon which we collect, process and transfer your personal data as described in this privacy notice:

  • Contract – to consider potential or to fulfil actual contracts with you.  If you are not able to provide this data, it is possible that we will be unable properly to perform our side of any contract with you.
  • Legitimate Interest – In order to consider potential or to fulfil actual contracts with you, we need to collect and process personal data about you. We also have a legitimate interest in sending you news, special offers and promotions.
  • Consent – We may also rely on your consent to use your personal data in order to provide you with news, special offers and promotions.


How do I opt out?

To opt out of receiving communications in respect of news, special offers and promotions from us please contact us as below:

In the UK and rest of the world outside of EU: 

By email at [email protected]
By post at Sarova Hotels Data Protection Manager, 11 Thurloe Place, London, SW7 2RS.

In the EU: 

By email at [email protected]
By post at Lutz Lambeck, EU Sarova Hotels Data Protection Manager, Eschersheimer Landstrasse 42, 60322 Frankfurt, Germany

Where you have opted out of communications in respect of news, special offers and promotions, you will continue to receive correspondence which relates to any future reservations or as part of our fulfilment of any potential or actual contract with you.

With whom will we share your personal data?

Where the personal data is collected for news, special offers and promotional purposes, Sarova Hotels does not share this data with any third-party.

We may share data with the relevant travel agency where your hotel accommodation at Sarova Hotels is provided as part of a tour package organised by that travel agency.  Where you chose to interact with a review site (such as TripAdvisor), we may share some of your data with that site when addressing or acknowledging your comments.

In the unlikely event that the hotel is unable to accommodate you for any reason, and has to transfer your reservation to an alternative hotel, we will share your details with that other hotel to ensure that your experience is as comfortable as possible under the circumstances.

We pass relevant details to the appropriate third party where you ask us to arrange further services for you which we do not ourselves supply, for example, laundry, excursions or taxis.  We share some of your data in this way in order to facilitate the efficient provision of our services, or for contractual reasons. Those contractual reasons may include for example the passing of payment or commission; provision of terms and conditions associated with the service provision or customer feedback.

For your protection and ours, we use an online tool provided by Shield Safety Group, to record health & safety related incidents. Shield Safety Group has confirmed to us that they hold all data within the European Union.  The information recorded is only stored for the use of Sarova Hotels, its agents and the relevant authorities. Shield Safety Group has confirmed that it will maintain all data is processed in a manner that ensures appropriate security, including protection against unauthorised or unlawful processing and against accidental loss, destruction or damage, using appropriate technical or organisational measures.

None of these third parties are agents for Sarova Hotels and Sarova Hotels is not the representative of those third parties and therefore we are not responsible for your personal data which is collected by these companies and passed to us.  We encourage you to check the privacy policy of whichever of these third parties you have used to make your booking with us.

For how long do we keep your personal data?

Your personal data will only be kept for as long as it is required in order to carry out the activities described in this privacy notice, or as required by Governmental authorities and relevant legislation.

Where we are no longer sending you news, special offers and promotions then, unless there are exceptional legal reasons for keeping your data for longer, we do not keep your personal data for more than seven (7) years.  This is to allow for the normal contract law limitation period and for tax purposes.

What are my rights?

The data protection legislation gives you a number of rights.  These rights include:

  • Right to make a “subject access request”, which is a request for a copy of the data which we hold about you.  In order to exercise this request please go to https://www.sarova.com/download/sar/ .
  • Right to be forgotten which is explained under the heading “How do I opt out” above.
  • Right to contact and make enquiries of our data protection manager
  • Right of correction via our data protection manager (or where appropriate erasure) of data which we hold about you where this is inaccurate.
  • Right to data portability from our data protection manager
  • Right to withdraw your future consent to our processing your personal data.
  • Right to complain to the Office of the Information Commissioner.

Our data protection manager can be contacted as follows:

By email at: [email protected]

By post 

In the UK and rest of the world outside of EU: Sarova Hotels Data Protection Manager, 11 Thurloe Place, London, SW7 2RS.

In the EU: Sarova Hotels Data Protection Manager, Eschersheimer Landstrasse 42, 60322 Frankfurt, Germany

Please be aware that if you exercise one of these rights, that in order to protect your privacy, we may require you to undergo some verification tests to ensure that we are dealing with you.

You have the right to be informed of the matters stated in this privacy notice.

Sarova Hotels’websites

This policy applies to the collection of data through the use of the following family of Sarova Hotels’ websites:



Print this page