This notice applies to data that is held stored, used and shared by Databasics Hospitality Systems Limited t/a Hotel Perfect (we/our/us) and your rights in relation to personal information.
We are a provider of a software package, Hotel Perfect (Software), and enter into agreements for the use of the Software (Agreement(s)) with hotels (Hotel(s)) pursuant to which the Hotels provide services in relation to accommodation and bookings and other ancillary services (Services) to guests.
We receive personal information in relation to guests from each Hotel with whom we have an Agreement and in these circumstances the Hotel is the data controller and we are the data processor and process personal data in accordance with the respective Hotel’s directions.
We hold personal information that a representative of a Hotel provides to us for the purpose of entering into an Agreement with the Hotel in the capacity of data controller.
We may also hold other information that individuals or people other than guests may give to us which we hold as data controller.
The categories of data that we hold are names and addresses and dates of birth. We do not hold bank card details – these are inputted into a secure payment application within the Software.
We do not collect data from third party sources unless specifically requested in writing by the relevant Data Controller.
We as data processor pursuant to an Agreement(s) with a Hotel(s) will if directed by the Hotel(s) receive analytical data from booking engine providers which is anonymised.
We as data controller receive analytical data from Google in relation to people visiting/browsing our website which does not contain any personal data.
Basis of Processing
The processing of guest’s and hotel owner’s/representative’s personal data and any booking engine data is necessary for the performance of the Agreement and the provision of Services.
If we are going to process data that we hold in the capacity of data controller, e.g. for marketing purposes to a Hotel, then we will obtain prior consent from the relevant person at the Hotel and give the opportunity to withdraw consent at any time.
We process analytical data from Google in relation to our website on the basis of our legitimate interests seeking to develop our own business and we do not carry out any automatic profiling.
Who we share personal information with
We routinely share personal data with third party sub-processors (providers of software to us or whose software interfaces with our Software) as part of the provision of the Services. For a list of such sub-processors please see: Download Here. Some of those sub-processors may have systems that are outside of outside the EEA and data may be processed (e.g. back up) by such providers outside of the EEA. We need to share this data in order to provide the Services.
If a guest at a Hotel requests that the hotel as data controller provides certain marketing services then we as part of the provision of Services will provide that guest’s data to third parties for that purpose in accordance with the Hotel’s directions but not otherwise.
We will not share data with third parties for marketing purposes where we hold data in the capacity of data controller unless we are instructed to do so.
How long your information will be kept
We will store guest’s information for the period required for the provision of the Services and as directed by the relevant Hotel as data controller.
Where we hold data as data controller we will hold the data for the duration of the Agreement and any longer period required for us to comply with applicable law (e.g. audit) or in other cases for the duration of the period necessary for the purpose that you provided the data to us or to which you have consented (e.g. any marketing).
Transfer out of the EEA
Where your data is transferred out of the EEA as part of the provision of Services this will only be done if the Hotel as data controller has approved the use of the relevant sub-processor and we are satisfied that it has provided appropriate safe guards and enforceable data subject rights are available.
A data subject has certain rights including the following: to correct any mistakes in your information; to request the erasure of any information; to withdraw consent to processing for marketing (Rights).
If you are a guest at a Hotel for which we are providing Services then you must contact the Hotel in order to exercise any of your Rights and in general as we can only act in accordance with the Hotel’s instructions.
If you are a Hotel with whom we have an Agreement then we will not necessarily be able to perform the actions in relation to your Rights until the Agreement has ended and we are not required to retain the data by law other than the withdrawal of consent to any marketing to which you may have consented.
We have appropriate security measures in place to prevent personal information from being lost, used or accessed in an unauthorised way. Those processing your information will do so only in an authorised manner and are subject to a duty of confidentiality.
We have procedures in place to deal with any suspected data security breach. We will notify you and any applicable regulator of a suspected data security breach where we are legally required to do so.
When you use our website we may gather information about you through cookies. ‘Cookies’ are text files placed on your computer to collect internet log information and anonymous user behaviour information which are used to track website usage and monitor website activity. You may set your browser to not accept cookies. To find out more about the cookies we use and how to delete them please contact us.
Third Party Links
Our website may contain hyperlinks or references to third party websites. Any such hyperlinks or references are provided for your convenience only. We have no control over third party websites and accept no legal responsibility for any content, material or information contained in them. The display of any hyperlink and reference to any third party website does not mean that we endorse that third party’s website, products or services. Your use of a third party site may be governed by the terms and conditions of that third party site.
We hope that we can resolve any query or concern you raise about our use of your information.
The General Data Protection Regulation gives you the right to lodge a complaint with the supervisory authority which is the Information Commissioner who may be contacted at: ico.org.uk/concerns.
This privacy notice was published on 10 May 2018 and may be changed from time to time.
Databasics Hospitality Systems Limited is a company registered in England under number 03727106 whose registered office is at Tremough Innovation Centre Penryn Cornwall TR10 9TA.
Please write to this registered office address for the attention of Andrew Risely or Email: Andrew.email@example.com or Tel 0843 309 1601
Can you find out what information we hold about you? You are entitled to ask whether we hold personal information about you and, if so, to have access to this information and to require it to be corrected if it is inaccurate. You can do this using the contact addresses given above.
Juniors If you are aged 12 or under, please ensure that you get the consent of your parent or guardian before you submit any personal information through this website.
Changes Any amendment to this privacy statement will be published on this website.