SV Croydon Ltd trading as Grand Sapphire Hotel takes the privacy of our customers and their information very seriously. This policy explains how we use any personal information we collect about you, your rights to access and correct the personal information we hold about you.This privacy policy is between Grand Sapphire Hotel hereafter referred to as Grand Sapphire Hotel and “you” the user of our website and our services and facilities, who is 18 years old or older and capable of entering a contract.By consenting (opting in) and agreeing to provide Grand Sapphire Hotel with your personal information “Data” (as defined below), whether through the website or in person, you consent, agree and accept that Grand Sapphire Hotel, as well as our respective representatives and/or third-party agents may collect, use, disclose and share your personal data as described in this Privacy Policy.By continuing to use the website or using our services you are confirming that you accept this Privacy Policy and our Terms and Conditions. If you do not accept this Privacy Policy or Terms and Conditions, you must leave the website and cease using Grand Sapphire Hotel services immediately.1. What personal information do we collect about you? Grand Sapphire Hotel collect personal data from you when you make an enquiry, a reservation, purchase a gift voucher, become a member, either in person, over the phone or online.Grand Sapphire Hotel also collect data from you when you subscribe to any of our marketing communications, connect using our social media websites, enter our competitions or provide feedback. These may be carried out online, by post, fax, telephone, SMS or in person.Without limitation, any of the following personal data may be collected:

• Your full name
• Contact information such as email address, landline and/or mobile telephone numbers
• Home address and postcode
• Your credit or debit card details if you are making a payment
• Preferences and interests
• Date of birth
• Dietary requirements, allergies and any physical or medical restrictions
• Vehicle registration
• Passport details (only for guests who reside outside of the UK)
• Your IP address
• Your web browser type and version
• Your operating system
• A list of URLS starting with your referring site, activity on our website, and the website you exit to
• Your cookie information

If you provide Grand Sapphire Hotel with any personal Data relating to any third party (e.g. information about your spouse, companion, employees or colleagues) for particular purposes, by submitting such information to us, you do so at your own risk having ensured that you have obtained the consent of the third party to provide us with their personal Data for the respective purposes.2.0 What do Grand Sapphire Hotel use your Data for? Grand Sapphire Hotel use the information collected about you to: 

• Reply to your questions and enquiries
• Gather and respond to your feedback
• Process your bookings, reservations and purchases (see 2.1.)
• Keep you updated on our latest news, offers and events (see 2.2)
• Monitor our website and email performance using Cookies (see 2.3)

2.1. Bookings, reservations and purchases We operate a reservation system through telephone, online and via third parties. This means that any personal Data you have shared with us for booking purposes is available in that system and can be accessed by Grand Sapphire Hotel.Any or all of the aforementioned Data may be required by us from time to time in order to provide you with the best possible service and experience. Specifically, Data may be used by us for the following reasons:

• Internal record keeping
• Providing you with confirmation of the services we have provided to you
• Connecting you with third parties that offer services you may require (such as, but not limited to room upgrades via Upsell Guru)
• Connecting you with third-party payment collection company for processing payments
• To pass on to the police and government authorities as requested by them, for example in cases of fraud and theft
• To comply with any applicable rules, laws, regulations, codes of practice or guidelines issued by any legal or regulatory body which are binding to the hospitality sector
• To notify you of any security or data breaches

2.2. Marketing We will only contact you via our marketing channels (via email, phone, SMS, social media or post) with news and offers relating to Grand Sapphire Hotel if you have given us your consent by “opting in” to marketing communications. Consent can be given by, but not limited to, signing up to our newsletter on the website, ticking the box to give your permission whilst making a booking, purchase, enquiry, or checking in to the hotel. Our marketing communications are generally sent by email and include news, offers and events. You can stop marketing communications at any time by clicking the “UNSUBSCRIBE” link at the bottom of each marketing email. Alternatively, you can email marketing@grandsapphirehotel.co.uk to request manual deletion from our mailing list by typing “UNSUBSCRIBE” in the subject.Please note that due to the nature of our business, we may still be required to contact you from time to time regarding any past, present or future bookings that you have made with us (see 2.1. for details).If you choose to connect with us via social media websites, such as Facebook, Twitter or Instagram, we may collect your username (which may contain your name and surname) by you “liking” or “following” our page.Please note that by connecting with us via social media websites you are bound by their own Terms and Conditions and Privacy Policies.2.3. Cookies We may set and access cookies on your ‘computer’ (meaning any computer, laptop, tablet, mobile, or other device that the website can be viewed on. For further details on this, please select the following link: https://www.grandsapphirehotel.co.uk/privacy-policy

1. How do we look after your Personal Data? To ensure that we treat your data with the highest regard and comply with legal requirements, it is our company policy to: 

• Ensure all our relevant employees have received training in how to correctly handle Data. Training includes educating them in the importance of the safe and secure handling of Data, and the procedures in place to ensure all Data is handled in this way.
• Anonymise all data collected for third party clients save for payment details where we use third-party payment collecting companies.
• Evaluate our database every 36 months and securely delete any contacts that are either no longer engaged or no longer required by us to meet with the reasoning outlined in 2.1.
• Always adhere to the internal procedures and measures in place to keep any personal Data we hold safe and secure.

4.How do we store your personal information? To ensure your data is stored safe and legally we use the following trusted third parties:Property Management System (PMS) Our properties use the ‘Oracle’ third-party PMS to store all reservation history. Details of Oracle’s policies can be found at: https://www.oracle.com/uk/legal/privacy/index.htmlGrand Sapphire Hotel does not collect or store information regarding children in the process of bookings or reservations for accommodation.Internet Booking Engine Our properties use the ‘Eviivo’ third-party online Booking Engine (OBE) to take hotel reservations on our website (www.Grand Sa.co.uk). Details of Eviivo’s policies can be found at  https://eviivo.com/privacy-policy/Content Management System (CMS) Grand Sapphire Hotel use a bespoke CMS to manage the website (www.grandsapphirehotel.co.uk)Gift Vouchers Grand Sapphire Hotel uses the third-party system to facilitate all gift voucher purchases. Further details will be updated in policy after the upcoming upgrade.Email Marketing Application Grand Sapphire Hotel use the ‘MailChimp’ application for all email marketing activity. Details of their policies can be found at:  https://mailchimp.com/legal/privacy/ Online Payments and Credit Card storage We store credit and debit card details for pre-authorisation and payment when bookings are taken online. These are facilitated via a third-party payment processor whose details will be added to this policy after the upcoming upgrade.

5. Data Sharing Grand Sapphire Hotel will never sell your data to a third party for marketing purposes.

If required or deemed necessary, we may on occasions share your data with other organisations in the following way/s:5.1. To facilitate services and offers Where we use contracted and trusted third parties to facilitate services and offers, we will share your Data with those parties for that purpose, and that purpose only. This includes the processing and delivery of marketing communications, and any other third-party services engaged to perform payment, business support, operational or administrative function. Third parties are subject to confidentiality obligations. (See 4.0)5.2 The sale of a property In the event of the sale of Grand Sapphire Hotel, where the original remit for the Data remains the same and is relevant, Data provided by you will be transferred to the new owner or controlling party. Should this situation arise, your data will only be shared if the new owner or controlling party strictly adhere to this policy for the permitted use of the Data and the purposes for which it was supplied to you.5.3. Legal requirement We may also disclose personal Data as permitted or required by law. For instance, if asked by the police, we may share your personal Data with them for the purposes of prevention and detection of crime.6.Transaction and Data Security We are committed to protecting the confidentiality and security of the information that you provide to us. To do this, technical, physical and organisational security measures are put in place to protect against any unauthorized access, disclosure, damage or loss of your information. The collection, transmission and storage of information can never be guaranteed to be completely secure, however, we take steps to ensure that appropriate security safeguards are in place to protect your information.

1. Accessing and amending your Data You have a right to access a copy of the Data we hold about you. If you would like to do this, please write to us at the address at the bottom of this document and enclose a stamped self-addressed envelope. We will also require the following details in order to verify your identity before we can release the data:

• Full name
• Address
• Email address
• Telephone number
• Details of your previous or forthcoming stays with Grand Sapphire Hotel or your golf and leisure membership details

Upon receipt of your written request and all the details above, we will confirm your request within ten (10) working days and we will endeavour to provide the Data within thirty (30) days.We want to make sure that your personal Data is kept accurate and up-to-date so you may need to modify or update your Data if your circumstances change. Additional Data as to your marketing preferences may also be stored and changed. You are able to make amendments by contacting us via email at marketing@grandsapphirehotel.co.uk with UPDATE in the subject line.8.Retention of your Data Your personal Data will be retained for as long as it is necessary to fulfil the purpose for which it is collected; for business or legal purposes, or in accordance with applicable laws.Should you choose to unsubscribe from our marketing list (see 2.2) please note that your personal Data may still be retained on our database for a minimum of 36 months or to the extent required by UK / EU law.

1. Opting Out You have a right to withdraw your consent of use. If you wish for your data records to be amended, please email: marketing@grandsapphirehotel.co.uk with OPT OUT in the subject line. We will no longer send you marketing information, however we will still send you operational information.

9.1. Deleting your Data You have a right to deletion of your Data. If you wish for your entire data records to be deleted, please email: marketing@grandsapphirehotel.co.uk with ERASURE in the subject line.If you withdraw your consent to any or all use of your personal Data, depending upon the nature of your request, we may not be able to provide or continue providing our products and services to you, or administer any contractual relationship already in place.Once your erasure request has been processed, Grand Sapphire Hotel does not have the ability to record that you have been a past customer or contact of the property and therefore there is potential that you could be contacted as part of a promotional campaign.You understand and agree that in such instances where we require your personal Data to fulfil a contractual obligation to you and you withdraw your consent to collect, use or disclose the relevant personal Data for those purposes, we cannot be held liable for breach of that agreement. Our legal rights and remedies in such event are expressly reserved. We can only delete your data in accordance with applicable laws.9.2. Transferring your Data In the case of memberships if you request the transfer of data to other business systems Grand Sapphire Hotel will work with providers that have systems that will receive electronic transfer of data. In the event that the receiving company is unable to translate the data Grand Sapphire Hotel cannot be held responsible.Grand Sapphire Hotel can only provide a transfer of data with a signed request and proof of identity from you.This does not apply to the booking of hotel rooms due to the operational nature of the business.

1. CCTV We have CCTV installed in various locations throughout the property. This is for the purposes of prevention and detection of crime and monitoring of staff. The images captured on the CCTV system are overwritten on a rolling 28-day basis.

Only appointed staff within the organisation have access to replay the CCTV footage, which is protected by lock and key.We may disclose CCTV footage as permitted or required by law. For example, we may share the footage with the Police if requested for the purposes of prevention and detection of crime.

1. WiFi If you choose to use the complimentary guest WiFi at our hotel you are not required to provide a login to access the service. Once logged onto the service you will automatically be diverted to the Grand Sapphire Hotel website (www.grandsapphirehotel.co.uk) which uses cookies (see https://www. www.grandsapphirehotel.co.uk/privacy-cookies/). The cookies used on our website do not contain personal information and cannot be used to identify you. 
2. Phishing Phishing is the practice of tricking someone into giving confidential information. Examples include falsely claiming to be a legitimate company when sending an e-mail to a user in an attempt to get the user to send private information that will be used for criminal activities such as identity theft and fraud.

We will never ask you to confirm any account or credit card details via email. If you receive an email claiming to be from us asking you to do so, please ignore it and do not respond. If you are unsure whether an email from us is legitimate, please forward it to marketing@grandsapphirehotel.co.uk  with your message and the subject line ‘FRAUD’. We will then reply to advise you on the situation.We will take bookings over the phone. We will give our name and name of our company when we do this. If you are anxious about the phone call, revealing your payment details or do not believe that the person on the other end of the phone is us, we suggest you put the phone down and ring us directly using the telephone number on our website asking for the person you spoke to.

1. Links to other websites This Privacy Policy applies solely to Data collected by us. Our website (www.grandsapphirehotel.co.uk) may contain links to external sites, operated by other owners and third parties, over which we have no control. For this reason, we encourage our visitors to be aware when they leave our website to read their privacy policy applicable. Any access to such other websites or pages is entirely at your own risk. We are not responsible for the privacy policies, content or security of any third-party websites linked to our website.
2. Changes to our Privacy Policy This Privacy Policy is regularly reviewed. Following any changes, the new version of the policy will be uploaded to our website and the old version removed. Please check back frequently to see any updates. This was updated last in March 2019.
3. Any Questions? Should you have any questions regarding this Privacy Policy please contact us using the details below:

All requests should be made to GDPR@ grandsapphire.co.uk or by phoning 02086862905 or writing to us at the address further below.ComplaintsIn the event that you wish to make a compliant about how your personal data is being processed by Grand Sapphire Hotel (Hoteliers) or its partners, you have the right to complain to us. If you do not get a response within 30 days, you can complain to the Data Protection Regulator.The details for each of these contacts are:Grand Sapphire Hotel (Hoteliers), attention of:Director ComplianceGrand Sapphire Hotel45 Imperial Way,CroydonCR0 4RRGDPR@ grandsapphire.co.uk or by phoning 02086862905