Privacy Policy

Welcome to Gleneagles Townhouse, we want to ensure your experience with us leaves you wanting to do it all over again! We both want to and need to be as clear and transparent as possible about how we handle your personal data.

A few legal bits and pieces about Gleneagles Townhouse and Ennismore:

• We are Gleneagles Townhouse Edinburgh Limited (CRN: SC568161) of 37-39 St Andrew Square, Edinburgh. This company employs the staff who look after you during your stay and handle all your queries and requests whilst you stay with us.
• The day to day operation of Gleneagles Townhouse and this website is managed by Ennismore International Management Limited (CRN: 08102206) of Third Floor, 20 Old Bailey, London, United Kingdom, EC4M 7AN.

What do those legal bits and pieces mean for you?

• When you come to visit in person or call our venues directly, Gleneagles Townhouse is responsible for handling your personal data.
•  If you interact with us online, then Ennismore is responsible for handling your personal data and may share your data with Gleneagles Townhouse if needed to complete your booking or answer your query.

We get that this is complicated. So if you’re looking for a quick and simple answer as to who the data controller is in a specific scenario you have in mind, please get in touch with us at privacy@gleneagles.com and we’ll come right back to you.

Scroll down for the detailed breakdown of how we use your data.

WHEN MAKING AN ENQUIRY WITH US OR WHEN USING OUR WEBSITE

Types of data we collect:

Name, email address, telephone number and postal address

• How, when and why do we collect it?

When you make an enquiry or booking by email, phone or our website. We collect these details to enter into a contract with you, or to perform the contract in place between us.

When we are contacted by a travel agent or tour operator. We collect these details under our legitimate interest to promote our business and progress any enquiries.

When you provide us with your preference to receive news updates from us. When we send you our news updates because you have opted-in to receive them, we rely on your consent to contact you. If you have not opted-in and we send you our news updates emails, we do this because of our legitimate interest to promote our business.

Where you enter one of our competitions. This is under our legitimate interest to confirm whether or not you are a winner of a prize.

Dietary Requirements

• How, when and why do we collect it?

When you make a booking or attend an event. This is to ensure the vital interests of our guests (health).

Social media handle, name and email address

• How, when and why do we collect it?

When you connect with us on social media including on Twitter, Facebook and LinkedIn. We do this under our legitimate interest to respond to your comments and queries promptly.

Technical information when you use our website

• How, when and why do we collect it?

When you consent, we collect information about how you use our website by using cookies. We use this information to improve our website and to better understand how people use it. More information is set out in our cookie policy.

WHEN YOU VISIT US

Types of data we collect:

Name, email address, telephone number, allergies (inc. dietary requirements), preferences and interests you mention to us, payment details and postal address

• How, when and why do we collect it?

When you arrive at our hotels to check-in into your room. We collect these details to enter into a contract with you, or to perform the contract in place between us.

Where you book or arrive at one of our restaurants to be seated at your table. We collect these details to enter into a contract with you, or to perform the contract in place between us.

Where you arrive at one of our leisure facilities. We collect these details to enter into a contract with you, or to perform the contract in place between us.

When you attend one of our events or an event at our premises. We collect these details to enter into a contract with you, or to perform the contract in place between us.

When requesting services on your behalf with third parties during your stay. We collect these details to enter into a contract with you, or to perform the contract in place between us.

In the event there is a COVID-19 infection at one of our bars or dining Venues at the time you attended the Venue we will share your information with the UK Government “Track and Trace” systems. We collect these details in order to comply with our legal obligations under current Government COVID-19 legislation.

Your car registration number

• How, when and why do we collect it?

When you check into our premises with a vehicle. We collect these details to enter into a contract with you, or to perform the contract in place between us.

Login information, time zone setting, browser plug-in types and versions, operating system, platform, IP addresses & MAC addresses.

• How, when and why do we collect it?

When you use our free WiFi. We collect this under our legitimate interest to ensure our WiFi is secure and being used effectively.

Photographic and video images

• How, when and why do we collect it?

Via CCTV at our premises. We collect this under our legitimate interest to ensure you and our staff are kept safe.

Guest preferences and typical orders

• How, when and why do we collect it?

When you visit us regularly and make repeat orders or express interest in certain entertainment sectors. We make a note of these preferences and typical orders under our legitimate interest to provide you with a service tailored to you and ensure that you enjoy your visit to one of our locations. We may also share this information across our group so that you receive the same level of service at whichever location you visit.

Sensitive personal information

• How, when and why do we collect it?

When you visit us and we need to provide specific services to you safely or to comply with our legal obligations. We may from time-to-time require sensitive personal information (such as medical information). Where this is the case we will always inform you (and where required) ask for your explicit consent to record this information at the time.

WHAT ARE MY RIGHTS UNDER DATA PROTECTION LAWS?

You have various other rights under applicable data protection laws, including the right to:

• access your personal data (also known as a “subject access request”);
• correct incomplete or inaccurate data we hold about you;
• ask us to erase the personal data we hold about you;
• ask us to restrict our handling of your personal data;
• ask us to transfer your personal data to a third party;
• object to how we are using your personal data; and
• withdraw your consent to us handling your personal data.

You also have the right to lodge a complaint with us or the Information Commissioner’s Office, the supervisory authority for data protection issues in the United Kingdom. If you are based outside of the UK, you can find your relevant supervisory authority here.

Please keep in mind that privacy law is complicated, and these rights will not always be available to you all of the time.

WHERE IS MY DATA STORED?

Your personal data is always encrypted when being sent between our systems, this is shown by the lock icon in your web browser when booking online. Where possible your personal data is also encrypted at rest. Where we are storing information about you on physical media i.e. registration card, this is stored securely and access restricted to only those who need it to administer your stay.

Whenever we transfer your personal information outside of the UK and the EU, we ensure it receives additional protection as required by law. To keep this privacy policy short and easy to understand, we haven’t set out the specific circumstances when these protection measures are used. You can contact us at privacy@gleneagles.com for more detail on this.

HOW LONG DO WE KEEP YOUR DATA FOR?

We will only retain your personal information for as long as we need it and for the purposes we initially collected it for unless we are required to keep it for longer to comply with our legal, accounting or regulatory requirements. For further information about how long we keep your data for, please contact us at privacy@gleneagles.com.

In some circumstances we may carefully anonymise your personal data so that it can no longer be associated with you, and we may use this anonymised information indefinitely without notifying you.

WHO DO WE SHARE YOUR DATA WITH?

• Analytics and search engine providers to assist us with the improvement and optimisation of our site.
• Promotional events and marketing organisations, we do not sell data for marketing purposes, but may share your data with an event organiser. We will always tell you who we are sharing your personal data with before you enter a competition (usually on the event registration form) and you will be given the chance to opt-out if you don’t feel comfortable with this and would rather we kept your personal data to ourselves.
• Regulators/ Authorities/ Enforcement Agencies if we are under a duty to disclose or share your personal data in order to comply with any legal obligation, or in order to enforce or apply our terms of use and other agreements; or to protect the rights, property, or safety of our clients or others. This includes exchanging information with other companies and organisations for the purposes of fraud protection.
• Prospective buyers of our business under our legitimate interest to ensure our business can be continued by the buyer.
• Travel operators where we are required to provide confirmation about whether or not a guest who has booked via their platform, visited and stayed at one of our locations. We share this in order to fulfil our contractual obligations. Please note all personal data shared in this way will be subject to a contract ensuring it is kept confidential and in compliance with data protection laws. We will never share more than is necessary to provide such a confirmation – usually just your name, email and date of stay.
• Third Party Service Providers working on our behalf: we may pass your information to our third party service providers, agents, subcontractors and other associated organisations for the purposes of providing services to you on our behalf (for example to provide chauffeur and caddy services or to book third party activities on your behalf).
• Third Party Data Processors working on our behalf: we use software providers to process your personal information on our behalf. When we use third party service providers, we disclose only the personal information that is necessary to deliver the service and we ensure appropriate safeguards are in place that requires them to keep your information secure, in accordance with data protection laws. Where we use a Third Party Data Processor we will ensure they uphold the same level of confidentiality and security that we maintain when handling your information, in accordance with data protection laws.
• Third Party Online Service Providers working on our behalf: we may pass your information to third party online service providers, agents, subcontractors and other associated organisations (including Facebook, Google Ads, DoubleClick, LinkedIn, Trip Tease, Infinity, Hotjar and & Seven Rooms) for the purposes of providing digital marketing, advertising & website personalisation services. When we use third party service providers, we disclose only the personal information that is necessary to deliver the service and we ensure appropriate safeguards are in place that requires them to keep your information secure, in accordance with data protection laws. Where we use a Third Party Online Service Provider we will ensure they uphold the same level of confidentiality and security that we maintain when handling your information, in accordance with data protection laws.

QUESTIONS, COMMENTS AND MORE DETAIL

Your feedback and suggestions on this notice are welcome. We’ve worked hard to create a notice that’s easy to read and clear. But if you feel that we have overlooked an important perspective or used language which you think we could improve, please let us know by email at privacy@gleneagles.com.