Menu

Privacy Policy

Who are we?

DUKES Hotel Limited is a limited company registered in England and Wales whose registered office is 35 St James Place, London SW1A 1NY. We operate as Data Controller for the information you provide to us.

DUKES Hotel is committed to protecting your privacy and maintaining the security of any personal information received from you. We strictly adhere to the requirements of the General Data Protection Regulations (GDPR) in the UK.

The purpose of this statement is to explain to you what personal information we collect, and how we may use it under the new General Data protection Regulations (EU) 2016 / 679 (GDPR). We have reviewed and updated our policies, processes and procedures to comply with the GDPR and have updated this Privacy Notice accordingly.

If you have any questions about the protection of your data, please email our Data Protection Officer: [email protected].

Click this link to report a concern to the ICO

Personal information we collect when you interact with us:

The personal information we collect includes:

When you make a booking, we need to know your name, address, username, password, telephone number, email address and card details. This allows us to process and fulfill your booking. You have the option to withhold personal information that is not required for the booking process.

We do not sell, rent or exchange your personal information with any third party for commercial reasons, beyond the essential requirement for credit/debit card validation during purchase. We may be required to give information to third parties such as expert witnesses, law enforcement agencies, courts and other professional advisers.

DUKES Hotel never sends emails asking you to provide personal or credit card information. DUKES Hotel does not disclose buyers’ information to third parties.

Web browser cookies:

Our site uses “cookies” to enhance your user experience. Cookies are small text files that the browser places on your hard drive. These are for record-keeping purposes, with shopping carts to keep track of the contents of your shopping cart, to store delivery addresses if the address book is used, and to store your details if you use the ‘Remember Me’ option. You may choose to set your web browser to refuse cookies, or to alert you when cookies are being sent. You can turn off cookies within your browser by going to ‘Tools | Internet Options | Privacy’ and selecting to block cookies. If you turn off cookies, you will be unable to place bookings or benefit from the other features that use cookies.

Google analytics:

This website uses Google Analytics, a web analytics service provided by Google, Inc. (“Google”). Google Analytics uses “cookies”, which are text files placed on your computer, to help the website analyze how users use the site. The information generated by the cookie about your use of the website (including your IP address) will be transmitted to and stored by Google on servers outside of the EEA.

Google will use this information for the purpose of evaluating your use of the website, compiling reports on website activity for website operators and providing other services relating to website activity and internet usage. Google may also transfer this information to third parties where required to do so by law, or where such third parties process the information on Google’s behalf. Google will not associate your IP address with any other data held by Google. You may refuse the use of cookies by selecting the appropriate settings on your browser, however please note that if you do this you may not be able to use the full functionality of this website. By using this website, you consent to the processing of data about you by Google in the manner and for the purposes set out above.

Data collection:

Data collected by our corporate website(s), as listed in our Privacy Policy, is used to:

  • Take and fulfill customer bookings
  • Administer and enhance the site and service
  • Only disclose information to third-parties for goods delivery purposes
  • Any information stored by DUKES Hotel is encrypted for your protection

Your personal identification information is used in a variety of ways, including, but not limited to, when you visit our website, place a booking, subscribe to our newsletter and in connection with other activities, services, features or resources we make available on this site. You may be asked for, as appropriate, name, email address, mailing address, phone number etc. You may, however, visit our site anonymously. We will collect personal identification information from you only if you voluntarily submit such information to us.

Credit Card Information:

Our payment processes are PCI DSS compliant. In booking, to process credit and debit card transactions, the bank or card processing agency may require to verify your personal details for authorisation. We do not store credit card information which is passed through directly to our payment service provider. Your information will not be transferred outside of the EU for any other purpose.

We follow strict security procedures in the storage and disclosure of information which you have given us, to prevent unauthorised access in accordance with the GDPR regulations.

Emails:

We will send emails to you, for the purpose of informing you of new products, offers and services. You may have consented to us sending you newsletters from time to time as part of the registration process.

If you no longer wish to be contacted, and wish to be unsubscribed from our Newsletter or email communications, please email us on [email protected]

You may also opt out of this notification service by replying to the email that was sent with the word “unsubscribe” (without the quotes) in the subject line.

How we use your information:

We will use your personal information to manage bookings, provision of services, offers, surveys and newsletters you have requested. Specifically:

  • To keep you informed of any special offers, company news, updates, product information or events that we believe might be of particular interest to you
  • To administer and operate your account and to fulfill bookings placed through our website
  • For payment processing associated with the fulfillment of bookings
  • To respond to your customer service requests
  • To track activity on our website
  • For record-keeping purposes
  • For market research
  • To confirm your identification when you contact us

Automated decision making:

We do not undertake any automated decision, excluding Google Analytics, making using your data, nor do we use your data for profiling or any other investigative purposes.

Security of your data:

We have taken all reasonable steps to ensure that we and our Data Processors adapt industry standard security protection systems to ensure the security of your data.

We have security procedures in place to ensure that we can effectively identify report, manage and resolve any personal data breaches.

We have procedures to deal with key data subject rights, like subject access requests and the right to request deletion.

We are reviewing our key third-party vendor arrangements to make sure we have the appropriate contractual protections in place to satisfy GDPR requirements.

We have an internal GDPR training program running across key areas of the business to increase awareness of how the legislation impacts their day-to-day roles.

We regularly review our data security procedures to ensure they are kept up-to-date.

Your rights under GDPR:

The GDPR provides the following rights for individuals, and please click here for further information:

  • The right to be informed
  • The right of access
  • The right to rectification
  • The right to erasure – complete deletion of your personal data
  • The right to restrict processing
  • The right to data portability
  • The right to object

You exercise your rights by submitting a Subject Access Request. If you would like to exercise any of your rights under GDPR and need assistance, please email our Data Protection Officer on [email protected]

Subject Access Request:

Under GDPR, individuals are entitled, subject to certain exceptions, to request access to information held about them. This is called a Subject Access Request.

Subject Access Requests should be made by email or in writing addressed to the Data Protection Officer (DPO) at [email protected] The DPO can supply a standard request form, although you do not have to use this.

The information that you are entitled to is:

  • What information the company holds about you and why
  • How you can gain access to it.
  • How to keep it up to date
  • How the company is meeting its data protection obligations

The DPO will always verify the identity of anyone making a subject access request before handing over any personal information. The DPO will require photo ID and/or proof of address. Our aim is to provide the relevant information to you within 30 days.

Your right to complain about us:

If you are dissatisfied with our handling of your requests about the protection of your data you have the right to complain to the Information Commissioners Office (ICO). To report a concern to the ICO click this link

Changes to this privacy policy:

We may update this Privacy Policy from time to time, to ensure full compliance with the current and any future GDPR regulations.

Contacting us:

Any questions regarding this Privacy Policy should be directed to our Data Protection Officer as follows:

By email: [email protected]

By letter: Data Protection Officer, DUKES Hotel Limited, 35 St James’s Place, London SW1A 1NY.

Top