Shoreline Mumbles Hotel uses accommodation software called Freetobook. Freetobook is booking software used by accommodation providers to enable their customers to make online bookings and manage those bookings. Our policy is that in all cases, your personal details will only be stored in the Freetobook system, we do not download your invoices to our local systems and printed copies of reservation summaries must be taken away by you or will be destroyed within 30 days. The only exception to this is the signed registration cards which are kept on file, these never leave the site. This document applies to the processing by freetobook of personal data collected by Shoreline Mumbles using freetobook online booking system in relation to the provision of accommodation by Shoreline Mumbles.
Your Personal Data
Properties using freetobook as their booking engine, collect and store information that you give when you make a booking. You are asked for your name, address, telephone number and email along with payment information and the names of any guests travelling with you. This may also include your IP address. This information is stored in the freetobook System in order to process your booking. You may be contacted by Shoreline Mumbles in relation to your booking. Your data is also stored after you have stayed but will be kept no longer than necessary in order to comply with legal obligations and for Shoreline Mumbles to welcome your repeat business.
Data processed directly by third party
When you provide payment information, this will be processed directly by secure PCI Level 1 compliant payment gateway providers. Our Payment Service Provider is Sage Pay the largest independent payment service provider (PSP) in the UK and Ireland. Sage Pay provides a secure payment gateway (Level 1 PCI DSS), processing payments for thousands of online businesses, including ours. It is Sage Pays utmost priority to ensure that transaction data is handled in a safe and secure way. Sage Pay uses a range secure methods such as fraud screening, I.P address blocking and 3D secure. Once on the Sage Pay systems, all sensitive data is secured using the same internationally recognised 256- bit encryption standards. Sage Pay is PCI DSS (Payment Card Industry Data Security Standard) compliant to the highest level and maintains regular security audits. They are also regularly audited by the banks and banking authorities to ensure that their systems are impenetrable. Sage Pay is an active member of the PCI Security Standards Council (PCI SSC) that defines card industry global regulation. In addition, you know that your session is in a secure encrypted environment when you see https:// in the web address, and/or when you see the locked padlock symbol alongside the URL. So when buying through our site, you can be sure that you are completely protected.
In the context of providing booking software to accommodation providers to facilitate online booking, freetobook and Shoreline Mumbles shall together operate as joint data controllers for the processing of your personal data.
In accordance with General Data Protection Regulation (GDPR), freetobook observes reasonable procedures to prevent unauthorised access and misuse of personal informa- tion. We use appropriate business systems and procedures to protect and safeguard any personal information given to us. We also use security procedures and technical and phys- ical restrictions for accessing and using the personal information on our servers. Only authorised personnel are permitted to access personal information in the course of their work.
Control of your Personal Data
You have the right to access data that is stored on behalf of Shoreline Mumbles taking bookings via freetobook system. You need to email or write to Shoreline Mumbles to request an overview of your personal data. You can also contact Shoreline Mumbles on freetobook System if you believe that the personal information they have for you is incorrect, if you believe that they are no longer entitled to use your personal data or if you have any other questions about how your personal information is used or about the Privacy Statement. You need to email or write to Shoreline Mumbles.
You may also be asked to send feedback after your stay in order for Shoreline Mumbles to further improve their service. Your email address will be used for this purpose. If you complete a review it may be posted on the property website, facebook page, twitter or google plus. However, no identifying details will ever be attached to a public review posting, however, your booking reference number will be supplied.
To Process your information as described above, we rely on the following legal bases:
Performance of a contract: The storage of your information may be necessary to perform the contract that you have with Shoreline Mumbles
We use information for our legitimate interests, such as for administrative, fraud detection and legal purposes.