Best Available Rate

Share

Scroll for more

Privacy and Data Policy FSCC Limited

General Data Protection Regulation

 

Four Seasons Country Club Limited – Company Number 14808993 

To enable us to discharge the services agreed under our agreement, and for other related purposes including updating and enhancing our records, analysis for management purposes and statutory returns, crime prevention and legal and regulatory compliance, we may obtain, use, process and disclose personal data about you. We confirm when processing data on your behalf that we will comply with the relevant provisions of applicable data protection legislation. You will also ensure that any disclosure of personal data to us complies with such legislation. If you supply us with any personal data or confidential information you shall ensure you have full informed consent to pass it to us and will fully indemnify and hold us harmless if you do not have such consent and that causes us loss. If you are supplying us with personal data on the basis of a power of attorney for anyone you must produce to us an original or certified copy of the power of attorney on demand.

Applicable data protection regulation places express obligations on you as a data controller where we as a data processor undertake the processing of personal data on your behalf. An example would be where we operate a members register. We therefore confirm that we will at all times use our reasonable endeavours to comply with the requirements of applicable data protection regulation when processing data on your behalf. In particular we confirm that we have adequate security measures in place and that we will aim to comply with any obligations equivalent to those placed on you as a data controller.

We will notify you within 10 working days if an individual makes a complaint about the processing of personal data or serves a notice from a relevant data protection authority. You and we will consult and cooperate with each other when responding to any such request, complaint or notice. If an individual whose data you have supplied to us or which we are processing on your behalf asks us to remove or cease processing that data we shall be entitled to do so where required to by law.

We may export personal data you supply to us outside the EU/EEA/UK for the purposes of storage and data processing. We will ensure all such data export is compliant with relevant data protection legislation. You consent to such data export. Where cloud based services are to be used these will fall under the same terms and conditions.

We will answer your reasonable enquiries to enable you to monitor compliance with this clause.

In this clause, the following definitions shall apply:

‘member personal data’ means any personal data provided to us by you, or on your behalf, for the purpose of providing our services to you, pursuant to our agreement with you;

‘data protection legislation’ means all applicable privacy and data protection legislation and regulations including PECR, the GDPR and any applicable national laws, regulations and secondary legislation in the UK relating to the processing of personal data and the privacy of electronic communications, as amended, replaced or updated from time to time;

‘controller’, ‘data subject’, ‘personal data’, and ‘process’ shall have the meanings given to them in the data protection legislation;

‘GDPR’ means the General Data Protection Regulation ((EU) 2016/679); and

‘PECR’ means the Privacy and Electronic Communications (EC Directive) Regulations 2003 (SI 2426/2003).

We shall each be considered an independent data controller in relation to the members personal data.

Each of us will comply with all requirements and obligations applicable to us under the data protection legislation in respect of the client personal data.

You shall only disclose personal data to us where: 

  • you have provided the necessary information to the relevant data subjects regarding its use and you may use or refer to our privacy notice enclosed. 
  • you have a lawful basis upon which to do so, which, in the absence of any other lawful basis, shall be with the relevant data subject’s consent; and 
  • you have complied with the necessary requirements under the data protection legislation to enable you to do so.

Should you require any further details regarding our treatment of personal data, please do not hesitate to write to us at: Four Seasons Country Club Limited, Preston Park House, Brighton, BN1 6SB.

We shall only process the members personal data:

  • in order to provide our services to you and perform any other obligations in accordance with our agreement with you;
  • in order to comply with our legal or regulatory obligations; and
  • where it is necessary for the purposes of our legitimate interests and those interests are not overridden by the data subjects’ own privacy rights. Our privacy notice contains further details as to how we may process client personal data.

We shall maintain commercially reasonable and appropriate security measures, including administrative, physical and technical safeguards, to protect against unauthorised or unlawful processing of the members personal data and      against accidental loss or destruction of, or damage to, the members personal data.

In respect of the members personal data, provided that we are legally permitted to do so, we shall promptly notify you in the event that: 

  • we receive a request, complaint or any adverse correspondence from or on behalf of a relevant data subject, to exercise their data subject rights under the data protection legislation or in respect of our processing of their personal data; 
  • we are served with an information, enforcement or assessment notice (or any similar notices), or receive any other material communication in respect of our processing of the members personal data from a supervisory authority as defined in the data protection legislation (for example in the UK, the Information Commissioner’s Officer); or 
  • we reasonably believe that there has been any incident which resulted in the accidental or unauthorised access to, or destruction, loss, unauthorised disclosure or alteration of, the members personal data. 

Privacy Notice

Four Seasons Country Club Limited – Company Number 14808993

This policy applies to the following business:

Four Seasons Country Club Limited – Registered Office: Preston Park House, South Road, Brighton, East Sussex BN1 6SB. Registered in England and Wales: Company Number 14808993

The privacy policy explains how we use any personal information we collect about you when you become a member.

What is personal data?

Personal data relates to any information about a natural person that makes you identifiable which may include (but is not limited to):

Names and contact information i.e. emails and telephone numbers (both mobile and landline)

National Insurance Numbers

Employment History

Employee Numbers

Credit History

Personal Tax

Payroll and Accounting Data

What is sensitive personal data?

Sensitive personal data refers to the above but includes genetic data and biometric data.  For example:

Medical Conditions

Religious or Philosophical Beliefs and Political Opinions

Racial or Ethnic Origin

Convictions

Biometric Data (e.g. photo in an electronic passport or driving licence)

What is a Data Controller?

For general data protection regulation purposes, the “data controller” means the person or organisation who decides the purposes for which and the way in which any personal data is processed.

The data controller is Four Seasons Country Club Limited, Preston Park House, South Road, Brighton, East Sussex BN1 6SB.

What is a Data Processor?

A “data processor” is a person or organisation which processes personal data for the controller.

What is Data Processing

Data processing is any operation or set of operations performed upon personal data, or sets of it, be it by automated systems or not. Examples of data processing explicitly listed in the text of the GDPR are: collection, recording, organising, structuring, storing, adapting, altering, retrieving, consulting, using, disclosing by transmission, disseminating or making available, aligning or combining, restricting, erasure or destruction.

What do we mean by Business to Business

PLC, LTD, LLP incorporated partnerships, trusts and foundations, local authorities and government institutions.

What do we mean by Business to Consumer?

Members.

What information do we collect about you and how?

Four Seasons Country Club Limited, as a Data Controller, is bound by the requirements of the General Data Protection Regulations (GDPR).

You agree that we are entitled to obtain, use and process the information you provide to us to enable us to discharge the Services (as defined in our agreement) and for other related purposes including;

Updating and enhancing member records

Analysis for management purposes

Carrying out credit checks

Statutory returns

Legal and regulatory compliance

Crime prevention

We collect information about you when you become a member and fill in any of the forms sent to you for this purpose i.e. sending an enquiry, signing up for an event, filling in a survey, giving feedback etc.

How will we use the information about you and why?

At Four Seasons Country Club Limited we take your privacy seriously and will only use your personal information to provide the Services you have requested from us, detailed in our agreement and as we have identified above.  We will only use this information subject to your instructions, data protection law and our duty of confidentiality.

For Business to Business Contacts our lawful reason for processing your personal information will be “legitimate interests”.  Under “legitimate interests” we can process your personal information if:

  • we have a genuine and legitimate reason and;
  • we are not harming any of your rights and interests.

For Business to Members our lawful reason for processing your personal information will be “A contract with the individual” e.g. to supply goods and services you have requested, or to fulfil obligations under an agreement.  This also includes steps taken at your request before entering into an agreement.

We may receive personal data from you for the purposes of our personal checks, such as a copy of your passport, driving licence or data provided on an email.  This data will only be processed for the purposes of obtaining confirmation of identification, or as otherwise permitted by law or with your express consent and will be destroyed via our secure shredding on completion.

Our work for you may require us to pass your information to our third-party service providers, agents and other associated organisations for the purposes of completing tasks and providing the Services to you on our behalf.  However, when we use third party service providers, we disclose only the personal information that is necessary to deliver the Services and we have contracts in place that requires them to keep your information secure and not to use it for their own direct marketing purposes.

We will not share your information for marketing purposes with companies so that they may offer you their products and services.

Transferring your information outside of Europe

As part of the services offered to you, the information which you give to us may be transferred to countries outside the European Union (“EU”). For example, some of our third-party providers may be located outside of the EU.  Where this is the case we will take steps to make sure the right security measures are taken so that your privacy rights continue to be protected as outlined in this policy.  By submitting your personal data, you’re agreeing to this transfer, storing or processing.  Where our third-party suppliers are in the US we have ensured that their services fall under the “Privacy Shield” whereby participating companies are deemed to have adequate protection and therefore facilitate the transfer of information from the EU to the US.

If you use our services while you are outside the EU, your information may be transferred outside the EU to give you those services.

Security precautions in place about data collected

When you give us personal information, we take steps to make sure that it’s treated securely. Any sensitive information (such as credit or debit card details) will comply with Payment Card Industry Data Security Standards (PCI DSS) and any card transactions are required to be processed via a Secure Socket Layer (SSL) and Transport Layer Security (TLS) and we complete an annual certification to ensure this is adhered too.

Non-sensitive details (your email address etc.) are sent normally over the Internet, and this can never be guaranteed to be 100% secure. As a result, while we strive to protect your personal information, we cannot guarantee the security of any information you transmit to us, and you do so at your own risk. Once we receive your information, we make our best effort to ensure its security on our systems. Where we have given (or where you have chosen) a password which enables you to access certain parts of our member site, you are responsible for keeping this password confidential. We ask you not to share your password with anyone.

Profiling

We may analyse your personal information to create a profile of your interests and preferences so that we can contact you with information relevant to you. We may make use of extra information about you when it is available from external sources to help us do this effectively. We may also use your personal information to detect and cut fraud and credit risk.

How long will we hold your data for?

Contracted Services: We will hold your data for 7 years in line with our regulatory requirements. 

Access to your information, correction, portability and deletion

What is a Subject Access Request?

This is your right to request a copy of the information that we hold about you.  If you would like a copy of some or all your personal information that we hold, please email or write to us at the following address: Four Seasons Country Club Limited, Preston Park House, South Road, Brighton, East Sussex BN1 6SB.  We will respond to your request within one month of receipt of the request.

We want to make sure your personal information is accurate and up to date.  You may ask us to correct or remove information you think is inaccurate by writing to the above address.

Objections to processing of personal data

It is your right to lodge an objection to the processing of your personal data if you feel the “ground relating to your particular situation” apply.  The only reasons we will be able to deny your request is if we can show compelling legitimate grounds for the processing, which override your interest, rights and freedoms, or the processing is for the establishment, exercise or defence of a legal claims.

Data Portability

It is also your right to receive the personal data which you have given to us, in a structured, commonly used and machine-readable format and have the right to transmit that data to another controller without delay from the current controller if:

(a)    The processing is based on consent or on a contract, and

(b)    The processing is carried out by automated means.

Sending Documents to you

We will use our members portal to send documents to you.

Your Right to be Forgotten

Should you wish for us to completely delete all information that we hold about you please contact us In Writing to: Four Seasons Country Club Limited, Preston Park House, South Road, Brighton, East Sussex BN1 6SB

Your Data

What we collect:

Information provided by Members when completing forms including but not limited to the agreement and registration form.

Using your data

We may process your data because:

we are legally obliged to e.g. to confirm your identity.

the processing is necessary for the performance of the contract with you to provide our services; or

it is in ours or a third party’s legitimate interests to do so.

In some instances, we will rely on your consent to process personal data and when we do this, it will be flagged to you at the time.

Retention

We keep your personal information for as long as we need to for the purposes for which it was collected or (if longer) for any period for which we are required to keep personal information to comply with our legal and regulatory requirements.

Your data protection rights

Four Seasons Country Club Limited would like to make sure you are fully aware of all of your data protection rights. Every user is entitled to the following:

The right to access – You have the right to request copies of your personal data. We may charge you a small fee for this service.

The right to rectification – You have the right to request that Four Seasons Country Club Limited correct any information you believe is inaccurate. You also have the right to request Four Seasons Country Club Limited to complete the information you believe is incomplete.

The right to erasure – You have the right to request that Four Seasons Country Club Limited erase your personal data, under certain conditions.

The right to restrict processing – You have the right to request that Four Seasons Country Club Limited restrict the processing of your personal data, under certain conditions.

The right to object to processing – You have the right to object to Four Seasons Country Club Limited processing of your personal data, under certain conditions.

The right to data portability – You have the right to request that Four Seasons Country Club Limited transfer the data that we have collected to another organization, or directly to you, under certain conditions.

If you make a request, we have one month to respond to you. If you would like to exercise any of these rights, please do not hesitate to write to us at: Four Seasons Country Club Limited, Preston Park House, Brighton, BN1 6SB.

Children

We do not knowingly collect personal data from anyone under the age of 13. If you are a parent or guardian of a child under the age of 13 and believe he or she has disclosed personal information to us, please contact us at Four Seasons Country Club Limited, Preston Park House, Brighton, BN1 6SB.

Where processing of personal data is based on consent, if we learn that this data belongs to someone under the age of 13, we will cease processing and will take reasonable measures to delete the applicable information from our records, unless the consent is provided by a parent or guardian.

Changes to our privacy policy

If we decide to change our privacy policy, we will post those changes on the Members page so our members are always aware of the information we collect and how we use it.

How to contact us

If you have any questions about our company’s privacy policy, please do not hesitate to write to us at Four Seasons Country Club Limited, Preston Park House, Brighton, BN1 6SB.

Complaints

If you feel that your personal data has been processed in a way that does not meet the GDPR, you have a specific right to lodge a complaint with the relevant supervisory authority.   The supervisory authority will then tell you of the progress and outcome of your complaint.  The supervisory authority in the UK is the Information Commissioner’s Office.

Changes to our Privacy Policy

We keep our privacy policy under regular review.

How to contact us

Please contact us if you have any questions about our privacy policy or information we hold about you by writing to us at Four Seasons Country Club Limited, Preston Park House, South Road, Brighton, East Sussex BN1 6SB

Contacting appropriate authorities

Should you wish to report a complaint or if you feel that our Company has not addressed your concern in a satisfactory manner, you may contact the Information Commissioner’s Office. Details are available here https://ico.org.uk/global/contact-us.

We use first-party and third-party cookies for analytical purposes and to show you advertising related to your preferences, based on your browsing habits and profile. You can configure or block cookies by clicking on “Cookies settings”. You can also accept all cookies by clicking on “Accept all cookies”. For more information, please consult our Cookie Policy.

Cookies Settings:

Cookies and other similar technologies are an essential part of how our Platform works. The main goal of cookies is to make your browsing experience easier and more efficient and to improve our services and the Platform itself. Likewise, we use cookies to show you targeted advertising when you visit third-party websites and apps. Here, you will find all the information on the cookies we use. Furthermore, you will be able to activate and/or deactivate them according to your preferences, except for any cookies that are strictly necessary for the functioning of the Platform. Keep in mind that blocking certain cookies may affect your experience on the Platform, as well as its functioning. By clicking “Confirm preferences”, the cookies selection you have made will be saved. If you have not selected any options, clicking this button will be the same as blocking all cookies. For more information, please consult our Cookie Policy.

These cookies are necessary for the correct functioning of the Platform, and they cannot be deactivated on our systems. Generally speaking, they are configured to respond to actions made by you when requesting services, such as adjusting your privacy preferences, logging in to your account or filling out forms. You can configure your browser to block these cookies or alert you when they are present; however, some parts of the platform will not work without them.

Cookies List:

Name Provider Purpose Expiry
PHPSESSID Guestcentric Used to manage user sessions Session

These cookies allow us to count the number of visits and sources of traffic in order to measure and improve the performance of our Platform. They help us to know which pages are the most and least popular, and how many people visit the website. If you do not allow these cookies, we will not know when you visited our Platform.

Cookies List:

Name Provider Purpose Expiry
_ga Google Used to distinguish users 2 years
_gid Google Used to distinguish users 24 hours
_gat_gcTracker Google Throttle Request Rate 1 minute

These cookies enhance the functionality and personalisation of the Platform. They can be put in place by us or by third parties whose services we have incorporated into our pages. If you do not allow these cookies, some of our services will not function properly.

Cookies List:

Name Provider Purpose Expiry
GCShoppingActivations_<GCID>_BEST_RATE_GUARANTEED Guestcentric Popup display control. Stores a true/false flag that indicates if the popup was already displayed. 10 minutes
GCShoppingActivations_<GCID>_LAST_RESERVATION Guestcentric Popup display control. Stores a true/false flag that indicates if the popup was already displayed. 10 minutes
GCShoppingActivations_<GCID>_LAST_RESERVATIONS Guestcentric Popup display control. Stores a true/false flag that indicates if the popup was already displayed. 10 minutes
GCShoppingActivations_<GCID>_LAST_WEEK_STAYS Guestcentric Popup display control. Stores a true/false flag that indicates if the popup was already displayed. 10 minutes
GCShoppingActivations_<GCID>TODAY_BEST_OFFER Guestcentric Popup display control. Stores a true/false flag that indicates if the popup was already displayed. 10 minutes
GCShoppingVisits_<GCID> Guestcentric Count visits to control popup display 1 Month
GCShoppingRecovery_<GCID>_EXIT Guestcentric Display shopping recovery 1 Month
Cookies Settings
Accept all Cookies