What we collect
We collect the following information:
We take the name of a ‘lead’ guest for identification.
- Home/ billing address
For the purposes of processing payment and returning lost property.
- Telephone number
So that we can contact you to discuss your stay with us, such as your arrival time.
- Email address
To provide you with confirmation of your reservation, a 7-day reminder prior to your arrival and any communication pertinent to your reservation.
- Credit/ debit card number, expiry date and card verification code (CVC)
To process payment for your stay and any additional services provided to you.
What we do with the information we gather
We need to collect, hold and process information about you to meet our business requirements and provide you with our services. This includes the following.
- Creating your reservation on our in-house reservation management system.
- Processing payment for your reservation.
- Communicating with you by phone, mail and email.
What we won’t do
- We will not sell, distribute or lease your personal information to anyone.
Who we share your information with
We do not share your personal information with anyone outside of My-Apartments except in circumstances where it may be required by a third party to deliver their service to you. For example, in arranging transportation on your behalf we may need to share your name, contact telephone number and destination.
Our intended purpose for processing your personal data is to meet our business requirements and provide you with our services. The legal basis for which is contractual, we need to process personal data to fulfill our contractual obligations with that individual.
We are committed to ensuring that your information is secure. To prevent unauthorised access or disclosure, we have put in place suitable physical, electronic and managerial procedures to safeguard and secure the information we collect.
We retain personal data for a period of up to 12 months at which point it is destroyed.
- The right to be informed – Individuals have the right to be informed about the collection and use of their personal data.
- The right of access – Individuals have the right to access their personal data.
- The right to rectification – Individuals have the right to have inaccurate personal data rectified or completed if it is incomplete.
- The right to erasure – Individuals have the right to have personal data erased.
- The right to restrict processing – Individuals have the right to request the restriction or suppression of their personal data.
- The right to data portability – The right to data portability allows individuals to obtain and reuse their personal data for their own purposes across different services.
- The right to object – Individuals have the right to object to the processing of their personal data in certain circumstances.
- Rights in relation to automated decision making and profiling. – The GDPR has provisions on automated individual decision-making (making a decision solely by automated means without any human involvement); and profiling (automated processing of personal data to evaluate certain things about an individual). Profiling can be part of an automated decision-making process. “The data subject shall have the right not to be subject to a decision based solely on automated processing, including profiling, which produces legal effects concerning him or her or similarly significantly affects him or her.” [Article 22(1)]
You also have the right to lodge a complaint with a supervisory authority if you consider the processing of your personal data infringes the General Data Protection Regulation. In the UK the supervisory authority is the Information Commissioners Office.
We may change this policy by updating this page. You should check this page from time to time to ensure that you are happy with any changes. This policy is effective from 25th May 2018.