close
Book nowBook now

Privacy Policy

St David Aparthotels – Privacy Policy
Effective Date: November 2024

1.Introduction & Who We Are
1.1 St David Aparthotels (collectively referred to as “St David Aparthotels”, “we”, “us” or “our”) respects your privacy and is committed to protecting your personal data.
1.2 This Privacy Policy explains how we collect, use, store, and share personal information when you interact with us, whether as a guest, a visitor to our website, or when communicating with us by phone, email, or in person.
1.3 By using our services or providing your personal information, you consent to the practices described in this Privacy Policy.
1.4 St David Aparthotels Ltd is the data controller for all reservations and guest interactions. Where third-party providers are involved (e.g. payment processors, booking platforms), those organisations act as separate data controllers, and their privacy policies will apply.

2.Legal Framework
This Privacy Policy ensures compliance with:

  • The UK Data Protection Act 2018
  • The UK General Data Protection Regulation (UK GDPR)
  • Relevant guidance issued by the Information Commissioner’s Office (ICO)

3.Personal Data We Collect
3.1 Personal information: We may collect - Name, title, gender, nationality, address, date of birth, telephone number, email address, payment card details, reservation purpose, special requests, and signature.
3.2 Identification information (for non-UK passport holders): Passport or national ID card details, including expiry dates, as required by the Immigration (Hotel Records) Order 1972.
3.3 Business information: Company name, business address, contact details, and billing information where bookings are made on behalf of a company.
3.4 Transactional information: Booking history, check-in/check-out dates, purchases, invoices, and services used.
3.5 Usage information: Preferences, feedback, communications, and interactions with our services.
3.6 Device & technical information: IP address, browser type, operating system, cookies, and usage analytics when interacting with our website.
3.7 Children’s data: We may collect limited data (such as age) to ensure appropriate room allocation.
We do not collect special category data (e.g. race, religion, political opinions, health data, or biometric data).

4.How We Collect Data

  • Direct interactions: Information you provide directly, such as when booking,
  • checking in, or contacting us.
  • Third-party suppliers: Data received via booking platforms, travel agencies,
  • or corporate clients.
  • Automated technologies: Data collected automatically through our website
  • (e.g. cookies, analytics).

5.How We Use Personal Data
We will only use your personal data where legally permitted. The main lawful bases under UK GDPR are:
5.1 Contractual necessity – To fulfil our obligations to you, including:

  • Processing reservations, payments, and check-ins.
  • Managing your stay and responding to requests or complaints.

5.2 Legitimate interests – Where necessary for our business, provided your rights do not override these, including:

  • Improving our services and tailoring guest experience.
  • Ensuring site security and fraud prevention.
  • Sending relevant service-related communications.

5.3 Legal obligations – To comply with laws and regulations, including immigration, tax, and public safety requirements.
5.4 Consent – For activities such as:

  • Marketing communications (only where explicit consent has been provided).
  • Processing optional guest preferences or accessibility requests.

6.How We Share Your Data
Your personal data may be shared with:
6.1 Service providers: IT, cloud storage, marketing, housekeeping, and administrative providers who support our operations.
6.2 Payment processors: To handle secure transactions (we do not store full payment card details on our systems).
6.3 Legal authorities: Where required to comply with legal obligations, enforce contracts, or protect the rights, property, or safety of St David Aparthotels, our staff, or guests.
6.4 Group companies: For internal administration, service improvement, and regulatory compliance.
6.5 Business transfers: In the event of a sale, merger, or restructuring, guest data may be transferred as part of the transaction.
All third parties are required to maintain the confidentiality and security of your data and to use it only as instructed.

7.Data Security
7.1 We have implemented appropriate organisational and technical measures to protect your personal data from unauthorised access, loss, misuse, or disclosure.
7.2 While we take every reasonable step to safeguard your information, no method of electronic transmission or storage is 100% secure.

8.Data Retention
8.1 Personal data will be retained only as long as necessary for the purposes outlined in this policy or to comply with legal, accounting, or reporting requirements.
8.2 Typical retention periods include:

  • Reservation and billing data: up to 7 years (for tax and audit compliance).
  • Passport/ID records (non-UK guests): retained as required by law.
  • Marketing data: until you withdraw consent or opt out.

8.3 Once data is no longer required, it will be securely deleted or anonymised.

9.Your Rights
Under UK GDPR, you have the right to:

  • Access your personal data.
  • Rectify inaccurate or incomplete data.
  • Erase data in certain circumstances (“right to be forgotten”).
  • Restrict processing of your data in certain cases.
  • Object to processing where legitimate interests are relied upon.
  • Withdraw consent at any time (e.g. for marketing communications).
  • Data portability: request your personal data in a structured format.

Requests should be made via the contact details below. We will respond within one month, unless the request is complex.

10.Cookies
We use cookies and similar technologies to enhance user experience and collect analytics.

11.Changes to This Policy
We may update this Privacy Policy periodically. The most recent version will always be available on our website. Material changes will be highlighted, and where required by law, we will seek your consent.

12.Contact Us
If you have questions, concerns, or wish to exercise your rights, please contact us:
Email: admin@stdavidaparthotels.com
Post:
St David Aparthotels – Data Protection Officer
Refuge House
33–37 Watergate Row South
Chester
CH1 2LE
We may request verification of identity to process data requests. In rare cases, a reasonable administrative fee may be charged where requests are unfounded, repetitive, or excessive.

Copyright © 2025 St David Aparthotels

Proudly designed by Furness Media

envelopephone-handsetsmartphonethumbs-upchevron-down