This page explains how we collect, use and protect your personal information in accordance with the General Data Protection Regulations (GDPR) and UK Data Protection Act 2018. Please be assured that your personal data will be treated as strictly confidential. We do not use any form of automated decision making in our business, nor do we operate any mailing lists.
For the purpose of Data Protection legislation regarding the Inverness & District B&B Association web sites, Mr. Daniel Mackenzie-Winters is the data controller and any enquiry regarding the collection, processing, storage or amendment of your information should be addressed directly to him at email@example.com (registered with the Information Commissioner's Office - reference ZA390571).
Contents of this policy:
The data we collect is provided to us by you when:
We collect this information when you subscribe to our newsletter, enter our competition, make an accommodation enquiry or request information about joining or working with the Association. This personal information may include the following:
We take all reasonable technical and organisational precautions to store your information in a secure manner and prevent its loss or misuse.
The personal information provided to us will only be used in connection with the services we are providing to you or the services you are offering to us. We may use your personal information to respond to your availability enquiry, other questions or comments via email or Facebook, and provide information that may be useful to you. We will only use your personal data when legally permitted to do so under the following lawful bases.
To process your personal data, we use the lawful basis of consent because you have asked us for information, signed up to our newsletter or entered our competition. You may withdraw your consent at any time. If using personal data to serve our legitimate interests, we will always balance your rights and interests in the protection of your information against our rights and interests.
We have appropriate security measures to prevent your personal data from being accidentally lost or accessed in an unauthorised way.
We will only retain your personal data for as long as necessary to fulfil the purposes we collected it for, including for the purposes of satisfying any legal, accounting, or reporting requirements.
Third Party Sites / Widgets
Our web sites may include links to third-party web sites and widgets such as Facebook and Freetobook. Clicking on those links or enabling those connections may allow third parties to collect data about you. We do not control these third-party web sites or widgets. Our newsletter is operated using MailChimp.
Cookies and Google Analytics
Cookies are small text files which are placed on your computer or mobile device when you visit a web site. This information is used by Google Analytics to track visitor use of our web site and to compile statistical reports on web site activity, such as what countries our visitors are browsing from, and which pages are the most popular. The data gathered is anonymous and cannot be used to identify individual users. This site also uses Facebook pixel.
Web site logs
Web site log files collect your IP address as well as the date/time you visited the site and the pages you visited. An IP address is a numeric code assigned to a device based on your geographical location. It does not provide us with any identity details.
We do not transfer any of your personal data outside the European Economic Area (EEA). However you should be aware that anonymous data from our web site statistics is collated and analysed by US-based Google Analytics software.
In accordance with UK and European law under the General Data Protection Regulation (GDPR), you may request that we provide you with a copy of the personal information we hold about you. Provision of such information will be subject to the supply of appropriate evidence of your identity. You also have the right to request that we delete and destroy your personal data. You can view full details about all of your rights under GDPR on this external web site: knowyourprivacyrights.org
Where we are using your personal data on the basis of your consent, you are entitled to withdraw that consent at any time subject to applicable law. Where we process your personal data based on our legitimate interest, you have the right to object at any time to that use of your personal data subject to applicable law.
If you are not happy with any aspect of how we collect and use your data, you have the right to complain to the Information Commissioner's Office (ICO), the UK regulatory authority for data protection issues (www.ico.org.uk). We would be grateful if you would contact us first if you do have a complaint so that we can try to resolve it for you.
It is very important that the information we hold about you is accurate and up-to-date. Please let us know if at any time your personal information changes.
If any breach of personal data occurs, we are obliged to notify the ICO within 72 hours of becoming aware of the breach.
Page last updated 17 August 2020