Privacy Notice

The Abbey Hotel Limited

11 Thurloe Place
Company No. 3389220
ICO Reg. No. Z6713875

The Bull Hotel Limited

11 Thurloe Place
Company No. 3389217
ICO Reg. No. Z6713918

The Rembrandt Hotel Limited

11 Thurloe Place
Company No. 2815107
ICO Reg. No. Z5430746

The Sir Christopher Wren Hotel Limited

11 Thurloe Place
Company No. 7490297
ICO Reg. No. ZA265766

What information is being collected?

In order to fulfil our contract with our customers, Sarova Hotels will collect personal data when you interact with our various services. Most of this information is that which you would expect to provide in the normal process of making travel arrangements, or using a spa. In addition to this data, when you visit our websites, a list of which is towards the end of the document, we will also collect information from your computer. This may include the browser you are using, your language settings, the IP address and other information pertaining to the computer itself. We will also use cookies to help tailor your experience on our websites and to help us track activity.

Through Sarova Hotels’ websites the following services may collect user’s personal information

  • Online advertising, remarketing and interaction through Google, Bing, Facebook, Instagram & Twitter (personal data, cookies and usage data)
  • Collection of analytics data through Google Analytics and Google Tag Manager (cookies and usage data). This may include the browser you are using, your language settings, the IP address and other information pertaining to the computer itself.
  • Through the services of third party software and service providers who may collect amongst other information, personal data, cookies and usage data. The main third parties are:
  • Display of content from third party services such as BBC weather, Google Maps (personal data, cookies and usage data)
  • Submitted user contact forms stored in WordPress (personal data, cookies and usage data)

Use of Sarova Hotels Complimentary Wi-Fi

Sarova Hotels uses the services of a third party specialist internet provider to facilitate the provision of our complimentary Wi-Fi for customer use.

When you connect to this service the 3rd party will record the following information about your connection

  • email address
  • name
  • MAC addresses
  • history of logons
  • basic device capabilities

This data is transferred to Amazon Web Services (Ireland). Amazon deals with a host of security aspects For this application our third party provider uses two factor authentication in combination with multi-tiered user access to ensure users can only access information they are entitled to view.

Forms Completed on Sarova Websites

All Sarova Hotels’ websites are located in the UK and are managed under the data safety policies of Data Protection Act.

How is personal data collected?

Information will only be collected from the customer. Either through their use of service partners, (e.g. travel agents, booking websites, etc.) where these service providers will be required to forward the customers information to Sarova Hotels in order for the requested service to be provided; or by the customer providing it directly to Sarova Hotels when they are communicating with us, or using one of our websites, a list of which can be found towards the end of this document.

Why is personal data being collected?

There are three legal bases upon which we would collect and transfer your personal information as described above:

  • Contract – As part of fulfilling our side of the contract to provide our customers and visitors with hospitality and spa services. If you are not able to provide this data, it is possible that we will be unable to complete our side of any contract for the provision of goods and services.
  • Legitimate Interest – In order to communicate information that relates to these services Sarova Hotels will be required to collect and process personal data about its customers.
  • Consent – We will rely on your consent to use your personal information in order to provide you with news, special offers and promotions.

How will personal data be used?

For information that is collected purely in the act of providing the goods and services requested by the customer, this will be used by Sarova Hotels’ employees in order to ensure that they provide what the customer has asked for and in the manner they expect it. In this scenario, the information will only be collected and kept for as long as it is required in order to carry out these activities, or as required by Governmental authorities and related legislation.

Information that is obtained from the customer for news or marketing purposes will be added into Sarova Hotels’ customer relationship management software. This information will only be collected with the explicit consent of the customer, and in accordance with the Data Protection Act 1998 and EU General Data Protection Regulation.

Who will personal data be shared with?

Where the information is collected for news or marketing purposes, Sarova Hotels confirms that it will not share this data with 3rd parties for marketing purposes. The only time the customer’s data will be shared with a 3rd party is when it relates to the provision of a good or service which forms part of a package, or where we are using third-party service providers to communicate with you on our behalf. In all news and marketing correspondence from Sarova Hotels the user will have the ability to unsubscribe from these lists unless it is required for the provision of a requested good or service, or it is required to be retained by law.

Where the information is collected solely for the purpose of providing the requested goods or services, or where the customer has utilised the services of a 3rd party in order to make their reservation, such as; social media platforms (e.g. Facebook), travel agencies (e.g. Expedia) , review sites (e.g. TripAdvisor), price comparison sites (e.g. Trivago) or an installed 3rd party application from one of these service providers; the customer should understand that we will be required to share some of their data with these 3rd parties in order to facilitate the efficient provision of these services, or for contractual reasons. For example the passing of payment or commission information, provision of terms and conditions associated with the service provision, customer feedback, etc.

How long will my data be kept for?

Data will be kept for no longer than is necessary for the purposes for which the personal data are processed; personal data may be stored for longer periods insofar as the personal data will be processed solely for compliance with various laws required by United Kingdom government or European Union, for example 7 years for laws relating to tax.

We will endeavour to ensure that all data that is not required after these periods will be deleted/destroyed in a safe and secure manner. Any subscription to Sarova Hotels’ emarketing services will be kept until you request for it to be removed by exercising your rights in the sections below.

Who is retaining this information?

Whilst Sarova Hotels cannot comment or vouch for how any of the above 3rd party services may retain or use customer’s personal data, in all circumstances where Sarova Hotels is retaining this information, it will act as the data controller, and it will endeavour to keep all customer information in a secure and private manner. Any enquiries related to this privacy policy or any other data protection concerns should be sent to

What are my rights?

Please be aware that in order to ensure privacy we may require you to undergo some verification tests to ensure that we are dealing with the correct identity’s data.

Right to know what is being kept

You have a right to know what information is kept about you by Sarova Hotels in order to obtain this we would require you to complete a Subject Access Request. This form can be found by clicking on the here.

Right to correct inaccuracy

If you believe any of the information being held about you to be in accurate you are invited to let us know and we will amend the records accordingly in a timely manner.

Right to portability

You are also welcome to request your data to be provided to you electronically. This will typically be provided in .csv (comma separated values) format.

Right to be forgotten

At any time you may request that we delete all the information we hold about you. Please be aware that we may need to keep some, if not all, of this data in order to comply with laws related to:

  • Immigration
  • Taxation and Anti-money laundering
  • Contract
Right to withdraw consent

Whilst we always gain your consent to hold data that is not required in order for us to carry out our contractual obligations, you are free to withdraw this consent at any time. This can be done by emailing, advising one of our colleagues during your stay, or using the link that will be present on all emarketing correspondence.

Right to lodge a complaint to ICO

You have a right to complain to the Information Commissioner’s Office if you think that there is a problem with the way Sarova Hotels are handling your data. The following page gives you all the information you require about how to go about raising this complaint, including links to complaint letter templates,

Sarova Hotels’ websites

This policy also applies to the collection of data through the use of the following family of Sarova Hotels’ websites:

Print this page