Privacy Policy (GDPR)

We like to keep things simple and transparent at Staying Cool. Hopefully we’ve done that with our updated GDPR privacy policy. GDPR came in to effect on 25 May 2018 and replaced the Data Protection Act of 1988.

The aim of this document is to:

  •     Set out what data we require from our guests
  •     Explain why we need the data and how it is used
  •     Let you know why we retain guest information after a stay.

Who are we?

We are an independently owned apartment hotel operator, based in Birmingham and Manchester, providing overnight accommodation to guests. Stayingcool Group Limited is registered in England and Wales. Our registered office is:

The Rotunda

150 New Street

Birmingham B2 4PA

Company No: 0983144

+44 (0)121 285 1250

 

What data do we store?

Legitimate Interest:

We store any data a guest (or a booking agent on a guest's behalf) gives us to respond fully to:

  • a reservation enquiry
  • make a booking
  • enhance the experience of a guest stay
  • send appropriate electronic marketing communications if a guest has 'opted in' to receive one of our (no more than) six emails a year.

Digital storage

We have a cloud-based Property Management System (PMS). A PMS is a database of all the reservations made with us.  It is our way of ensuring we have a record of guest bookings so that when you check-in we have an apartment ready for you.

The following information is stored on the PMS:

  •              Gender
  •              Salutation (Mr/Ms etc)
  •              First name
  •              Surname
  •              Date of birth (if supplied)
  •              Company name (if supplied)
  •              Home address
  •              Email address
  •              Mobile number
  •              Landline (if supplied)
  •              Encrypted credit/debit card details (we are fully PCI compliant).

 We may also take a copy of a recognised form of ID eg a passport or driving licence.

We may also store information about special requirements such as food preferences, a disability or medical conditions that may affect a guest’s stay with us (if supplied). Similarly, we may also hold a record of any special occasions that you are celebrating with us and the ages of your children so we can provide age-appropriate Cool for Kids gifts if relevant. All of this information is stored securely and electronically on our cloud-based PMS.

 

Why do we collect guest data?

(a) We are required by UK law to keep a record of the name and full postal address of everyone staying with us at any given time.  For overseas visitors we are also required to note a guest’s passport number and its place of issue. 

(b) We also need a guest’s name, address, contact and ID details to process a booking. We collect this information once, and for these reasons:

  • To better protect guests against identity theft if someone tries to use their details to make a booking.
  • To protect Staying Cool against credit card fraud and charge backs.
  • To speed up check in for returning guests. 
  • For security purposes. We need to know who is staying with us so we can provide that information to the authorities in case of any major incidents.
  • To supply to HMRC (Inland Revenue and VAT offices) if requested.
  • To provide guests with receipts for their company expenses claims/personal records.

(c) If a person has opted in to receiving communications we will send electronic marketing offers and updates (no more than six per year). Please note that our mailing list is kept separately (on MailChimp) to our PMS.

(d) We use anonymised data such as postcodes, gender and age to monitor who is staying with us and help improve our understanding of guests and our marketing efforts..

How is guest credit card information stored?

Guest credit card information is stored on a secure server in the UK . The card information is encrypted and we see only the last four digits of a card number once it has been entered and saved. We never store CVC numbers.

How long do we keep guest data?

We have retained all guest records since we opened in 2005 and have no plans at present to delete these or any future records for the reasons given in points (b), (c) and (d) above.

We are required to keep full records of all bookings for 13 months for credit card companies. We are also required to keep full records for accountancy purposes for seven years.

 

Third parties

We have never, nor plan to in the future, share guest data with third parties EXCEPT in the two scenarios below:

 

  • If we are subject to a change of ownership or corporate structure and need to pass over guest data from one company to another in order for the transaction to proceed.
  • Following an information request from the police, guest bank or credit card company about the dates of guest stay.

 

When we communicate with guests

Before, during and immediately after a stay we will need to contact guests about their stay eg send a booking confirmation, make sure they know how to get here, send a receipt for completing expenses forms etc.

Thereafter, we will only contact a guest if they have asked us to, (opted in to future mailings) and this will usually be by email. If a guest has opted-in and then changes their mind, opting out is easy. Either contact us directly by email to or use the unsubscribe button on the email communication from us.

Seeing the  data we store about you

Guests can log in to their guest account via our website:

  • Go to www.stayingcool.com
  • On the home page, click ‘Stayed before?’ and enter guest email and the password they set up.
  • If the guest has forgotten their password, they can click ‘I forgot my password’ and follow the instructions.

Guests  can remove any personal data they don’t want us to keep (although we will need to ask for this information again for any future bookings). Or email us at and we will remove the data. We cannot remove name or email address as these are used to login to the PMS to see the data but all other information eg credit card, address, notes and ID can be deleted.

Paper based data

The only paper documents we store are:

  •     Signed guest check-in sheets showing a guest’s name and the stay dates
  •     Guest credit card payment slips in case of a query from a card provider.

 These are kept securely for 13 months before being destroyed by a registered shredding company.

If a guest would like to know what details we hold about them offline, for what purpose and to whom they may have been disclosed they can request this information either by letter or e-mail. We will respond to within seven days of receiving a written request to

In very limited circumstances we may need to refuse a guest request (if this was the case, we would give you a detailed reason).

Tracking devices and 'cookies' on our websites

As part of GDPR we are required to let you know when we use any tracking devices or 'cookies' on our website.

A cookie is a small token or piece of software that lives on visitors to our website’s laptops or smart phones  so it can recognise them if they come back to the site again. At times Google and Bing - and possibly other companies - display our ads on other sites on the internet. Google uses cookies to serve ads based on a user's prior visits to our website.

Anyone can opt out of Google's use of cookies by visiting the Google advertising opt-out page.

  1. Open the Google settings app on your device (called Google Settings or Settings, depending on your device)
  2. Scroll down and tap Google.
  3. Tap Ads.
  4. Switch on Opt out of interest-based ads or Opt out of Ads Personalisation.

 We use three types of anonymised tracking software on our website to:

  1. See which forms of online advertising are working (Google Analytics, Lead Forensics)
  2. Tell us how many times a visitor may come to our site before booking (Google Analytics)
  3. See how visitors use our website so we can make improvements to help the customer journey (Google Analytics, Lead Forensics and Hotjar)

If you do not wish to have cookies enabled and would like to make a booking, simply give us a call on +44 (0)121 285 1250 or email .

Staying Cool is a controller of guest personal data

For the purposes of the GDPR (from 26 May 2018), Stayingcool Group Limited, is a data controller. 

How can you contact us?

If you have any questions or concerns about this Privacy Policy and/or our processing of guest personal data, you can get in touch with our Data Protection Officer by email at  

What if you have a complaint?

Guests can complain to the Information Commissioner's Office (ICO), which regulates data protection compliance in the UK, if they are unhappy with how we have processed their personal data. There are clear guidelines on how to do this on www.ico.org.uk/concerns

What our privacy policy covers

Our privacy statement covers only Stayingcool Group Limited. Links to other websites and any information collected by these sites are not covered by this privacy statement. We would encourage you to reread our privacy statement from time to time so that you are aware of any changes in how we gather and use personal information. Every time we make an update we will change the numbering.

What if this policy changes?

We may make changes to this Privacy Policy from time to time. Any changes we make will be posted on this page. 

Policy updated on 25 May 2018

Mini

Our Minis are chic 4* studio apartments. Great views, floor-to-ceiling windows and funky interiors make them stand out from the crowd. As T… Read more

Penthouse

The Roadster penthouse serviced apartments at the Rotunda Birmingham have the wow factor in spades. Drink in great views as the sun goes dow… Read more