top of page

Privacy Policy

The Fortingall (We, Us, Our) is committed to preserving the privacy of all visitors to Our website and Our Clients.

This notice describes how we collect and use personal data about you, in accordance with the General Data Protection Regulation (GDPR) and any other national implementing laws, regulations and secondary legislation, as amended or updated from time to time, in the UK (Data Protection Legislation).

For the purpose of the Data Protection Legislation, We are the data controller. This means that we are responsible for deciding how we hold and use personal data about you.

Cookies:

  • Cookies help us deliver our services. By using our services, you agree to our use of cookies.

 

Information that we collect from you:

By sharing your personal data with us, You give us consent to process that data for the following lawful reasons:

  • Name, email address, telephone number, postal address

    • When you make an enquiry or booking by email, phone or our website. We collect these details to enter into a contract with you, process your payment, to share your booking confirmation, or to respond to your enquiry.

    • When you subscribe to one of our annual memberships. We collect these details to enter into a contract with you, or to perform the contract in place between us.

    • When you buy something from our online shop. We collect these details to enter into a contract with you, or to perform the contract in place between us.

    • When we are contacted by a travel agent or tour operator. We collect these details under our legitimate interest to promote our business and progress any enquiries.

    • When you provide us with your preference to receive news updates from us. When we send you our news updates because you have opted-in to receive them, we rely on your consent to contact you. 

    • Where you enter one of our competitions. This is under our legitimate interest to confirm whether or not you are a winner of a prize.

  • Dietary Requirements / allergies

    • When you make a booking or attend an event. This is to enable us to protect your health.

  • Social media handle, name and email address

    • When you connect with us on social media including on Twitter, Facebook, Instagram and LinkedIn. We do this under our legitimate interest to respond to your comments and queries promptly.

  • Technical information when you use our website

    • When you consent, we collect information about how you use our website by using cookies. We use this information to improve our website and to better understand how people use it.

  • Your car registration number

    • When you check into our premises with a vehicle. We collect these details to avoid car park congestion and blocking spaces which are not ours’.

  • Login information, time zone setting, browser plug-in types and versions, operating system, platform, IP addresses & MAC addresses.

    • When you use our free WiFi. We collect this under our legitimate interest to ensure our WiFi is secure and being used effectively.

  • Photographic and video images

    • Via CCTV at our premises, we collect this under our legitimate interest to ensure you and our staff are kept safe.

  • Guest preferences and typical orders

    • When you visit us regularly and make repeat orders or express interest in certain activities or events. We make a note of these preferences and typical orders under our legitimate interest to provide you with a service tailored to you and ensure that you enjoy your visit to one of our locations. We may also share this information across our group so that you receive the same level of service at whichever location you visit.

  • Sensitive personal information

    • When you visit us and we need to provide specific services to you safely or to comply with our legal obligations. We may from time-to-time require sensitive personal information (such as medical information). Where this is the case we will always inform you (and where required) ask for your explicit consent to record this information at the time.

Disclosure of your Information:

  • We will never pass or sell your personal data to any third parties for marketing purposes.

We may share your data with:

  • Where you have enquired about an activity or service that we do not provide in house, we may share your data with the supplier of that service.  We will never share more than is necessary.

  • Travel operators/agents where you booked via that agent and we are required to provide confirmation regarding your stay or visit.  Please note all personal data shared in this way will be subject to a contract ensuring it is kept confidential and in compliance with data protection laws. We will never share more than is necessary to provide such a confirmation.

  • Third Party Data Processors working on our behalf: we use software providers to process your personal information on our behalf for purposes such as payment processing or website personalisation.  When we use third party service providers, we disclose only the personal information that is necessary to deliver the service and we ensure appropriate safeguards are in place that requires them to keep your information secure, in accordance with data protection laws. Where we use a Third Party Data Processor we will ensure they uphold the same level of confidentiality and security that we maintain when handling your information, in accordance with data protection laws.

  • Regulators/ Authorities/ Enforcement Agencies if we are under a duty to disclose or share your personal data in order to comply with any legal obligation, or in order to enforce or apply our terms of use and other agreements; or to protect the rights, property, or safety of our clients or others. This includes exchanging information with other companies and organisations for the purposes of fraud protection.

  • Where you enquire about an event or enter a competition, the organiser of that event or competition.

  • Prospective buyers of our business under our legitimate interest to ensure our business can be continued by the buyer.

  • We may pass aggregate information on the usage of Our website to third parties but this will not include information that can be used to identify you.

  • Unless required to do so by law, We will not otherwise share, sell or distribute any of the information you provide to Us without your consent.

 

Security and Data Retention:

– We employ commercially reasonable and appropriate security measures to protect your information from access by unauthorised persons and against unlawful processing, accidental loss, destruction and damage.  In addition, where we share your personal data with a “data processor” for the purposes of the Data Protection Legislation, we limit access to your personal data to those employees, agents, contractors and other third parties which have a business need to know. They will only process your personal data on our instructions and they are subject to a duty of confidentiality.

  • We have put in place procedures to deal with any suspected personal data breach and will notify you and any applicable regulator of a breach where we are legally required to do so.

  • We will delete your enquiry data after three years, and retain your booking data on for an unlimited period (this is because you may wish to login to Our websites at any time to make another booking, update your personal data, or access your historic booking data) unless you request deletion in line with your Rights (see below).

 

 

Your Rights:

You have the right to 

  • object to Us processing or retaining your personal data for any purpose.  To do this, please email us. In this case, We will be unable to process any future bookings for you unless you re-enter your personal data.  On receiving Your instruction We will request any additional proof of identification then permanently delete your personal data from Our live systems within a maximum of 30 days.  Your diagnostics data which does not contain personal data will retained for up to two years in line with Our data retention policy.

  • request access information held about you. Any initial request is free of charge; any subsequent request may be subject to a fee of £10 to meet our costs in providing you with details of the information we hold about you.  Alternatively We may refuse to comply with the request in the circumstances where the request for access is unfounded or excessive.

  • request correction of the personal data We hold about you.

  • object to Us processing your personal information specifically for direct marketing purposes.

  • lodge a complaint with us or the Information Commissioner’s Office, the supervisory authority for data protection issues in the United Kingdom.

 

Children:

  • If You are booking on behalf of a child aged under 16, You must have permission of a person with parental responsibility for them to process their data.  We will not send direct marketing communications to children, but their rights under this notice are otherwise the same.

bottom of page