This Policy (together with our Terms and Conditions and any other documents referred to on it) sets out:
- What information do we collect about you?
- How will we use your information?
- Sharing your information with others
- How long do we keep your information?
- Cookies and other technologies
- How do we protect your information?
- What are your rights?
- Where we store your information
- Payment processing
- Changes to this policy
- Contact us
Please read the following carefully to understand our views and practices regarding your personal data and how we will treat it.
By accepting our services, you acknowledge you have read and understood this Policy. For the purposes of UK and EU data protection law ("Data Protection Law"), we are the data controller of your information.
As an aparthotel and serviced apartment provider, we collect and process information about you so that we can manage your booking, deal with your booking enquiries, arrange and facilitate your stay with us, improve your experience when using our website and where relevant, deal with any issues that you may have (our "Services").
Information you give us
Where you or someone acting on your behalf book and stay at one of our aparthotels or serviced apartments, we may collect the following information from you:
- Your full name and title
- Your address
- Your telephone number
- Your email addresses
- Your date of birth
- Your gender
- Your nationality
- Company name
- Details of your previous stays or bookings with edyn
- Room preference
- The number of adults and children that will be staying in the apartment or aparthotel room with you
- Travel itinerary, including vehicle registration number (if applicable)
- Details of the payment card that you use to make the booking, including the type of card, expiry date and last four digits
- Any queries or special requests which are relevant to your booking
- Your marketing preferences
In some circumstances at check-in, we may also need you to provide original copies of identification documents (i.e. passport or driving licences) for verification checks purposes.
In managing our website, we also collect technical information about users regardless of whether you make a reservation. This includes your electronic identifiers such as your IP address, as well as data on how you interact with our site. For more information see the section on Cookies below.
Special category information
Where you are booking a stay with us, we may need to collect information about your health if relevant to your booking (for example whether you have a physical disability that would require you to have wheelchair access to an apartment or aparthotel room).
We will also collect information that you provide to us through a special request as part of your booking where you deem it relevant, for example which reveals or is likely to reveal your race or ethnicity, religious or philosophical beliefs, political views or data concerning your sexual orientation.
Information you give to us:
We will use this information to:
Enter into a booking contract and create an edyn account ("User Account"), including:
administering your User Account with us;
manage your booking and booking preferences and provide you with access to the apartment or aparthotel room you have booked;
verifying and carrying out payments that you make through our Site; and
notifying you about changes to our Services.
We also use third party apartment and hotel providers ("Hotel Partners") who supply serviced apartment services and hotel services to our customers where an apartment or hotel is required in areas where edyn does not currently operate or does not have availability. Where you book one of our Hotel Partner's serviced apartments or hotels, we will use your personal information to book the apartment or hotel for you and provide your personal data to the relevant Partner to allow them to prepare the apartment or hotel room for your arrival and to contact you if there are any issues.
Provide you with information about our Services we feel may interest you, if you have given your consent to receiving marketing material from us at the point we collected your information, where required by law or otherwise in our legitimate interests provided these interests do not override your right to object to such communications. You can object to further marketing at any time by checking and updating your contact details within your account, or selecting the "unsubscribe" link at the end of all our marketing and promotional update communications to you, or by sending us an email at firstname.lastname@example.org.
Ensure in our legitimate interest that:
content from our Site is easy for you to read and understand on your devices; and
we answer any questions you have and give you any information that you request.
Information we collect about you from your use of our Services:
We will use some information that we collect from your use of the Site, in our legitimate interest, to help us:
to run our Site and our services and to help us spot problems;
to understand how people use our Site so we can improve them and provide a better more personalised journey;
to keep our Site safe and secure; and
to make sure any advertising we send or show to you is relevant to you.
Please see our cookies section below for further information on our use of this data.
To provide our Services, we work with the following carefully selected third parties. To do this, we may share your information with these third parties:
our third-party payment processor to take payment for your booking;
our third-party services providers hired to provide essential services such as security of the buildings, housekeeping, catering services and feedback collection following your stay;
Our third-party marketing partners who help us provide relevant advertising to you, provided you’re on our marketing database
any group companies for business purposes; and
Hotel Partners (as described at section 2 above) to facilitate bookings with them on your behalf.
We will also disclose your information to third parties:
in the event that we sell or dispose of any part of our business or assets, in which case we will, to the extent necessary to ensure continuity of business operations, disclose your personal data to a purchaser of such business or assets subject to the terms of this Policy;
if edyn is acquired by a third party, in which case personal data held by it about its customers will come under the control of the purchaser; and
if we are under a duty to disclose or share your personal data in order to comply with any legal obligation, or to enforce or apply our terms of supply and other agreements with you; or to protect the rights, property, or safety of edyn, our customers, or others. This includes exchanging information with other companies and organisations for fraud protection and credit risk reduction and to prevent cybercrime.
We use CCTV in our aparthotels and serviced apartments to help ensure the security of those premises and our guests in general. Any use of CCTV by edyn or its affiliates is carried out in compliance with Data Protection Laws.
We do not record audio on the CCTV, so your conversations will not be recorded.
There are no CCTV cameras within any of the aparthotel rooms or apartments. We use CCTV to monitor entrances, exits, hallways and other common public spaces within the buildings.
The CCTV recordings can only be accessed by the edyn security team. We will only share the CCTV recordings as required to comply with our legal responsibilities or if we otherwise deem it necessary to ensure the safety and security of our staff, guests and visitors.
We retain the CCTV recordings for up to 90 days from the date of the recording to identify any issues and resolve any legal proceedings.
We will only retain your personal data for as long as necessary to fulfil the purposes we collected it for, including for the purposes of satisfying any legal, accounting, or reporting requirements. With the exception of CCTV and Cookies (see relevant sections of this policy), we have deemed this period to be 7 years from the date of your last stay with us, or such longer period as necessary for any investigations or claims that arise. After this period, it will be deleted or irreversibly anonymised.
If you have any questions regarding the retention of your personal data then please contact us using the details in section 12.
A number of cookies and similar technologies we use last only for the duration of your web or app session and expire when you close your browser or exit the Site. Others are used to remember you when you return to the Site and will last for longer.
We use strictly necessary cookies if they are necessary for the performance of a contract with you, or because using them is in our legitimate interests (where we have considered that these are not overridden by your rights). We use all other cookies with your consent.
We use the following types of cookies on our Site:
Strictly necessary cookies
These are cookies that are required for the operation of our Site and under our terms with you. They include, for example, cookies that enable you to log into secure areas of our Site or (on other sites) use a shopping cart or make use of e-billing services.
These may be used to recognise you when you return to our Site. This enables us, subject to your choices and preferences, to personalise our content, greet you by name and remember your preferences (for example, choice of language or region). The typical duration is 1-5 years.
These allow us to recognise and count the number of visitors and to see how visitors move around our Site when they are using it. This helps us improve the way our Site works, for example, by ensuring that users are finding what they are looking for easily. The typical duration is 90 days.
These cookies allow us to count visits and identify traffic sources, so we can measure and improve the performance of our Site. They collect aggregate, anonymous data to help us know which pages are the most and least popular, and see how visitors move around the Site. If you block these cookies, we won’t know when you have visited our site, and will not be able to monitor its performance as effectively. The typical duration is 3-12 months.
These cookies record your visit to our Site, the pages you have visited and the links you have followed. We will use this information subject to your choices and preferences to make our Site and the advertising displayed on it more relevant to your interests. We may also share this information with third parties for this purpose. The typical duration is 1 year.
Social media cookies
These cookies help us manage our social media, including enabling you to share content and enabling us to understand how you interact with us. We will use this information subject to your choices and preferences to improve our Site and services. We may also share this information with third parties for this purpose. The typical duration is 1 year.
We may also work with advertising networks that gather information about the content on our Site you visit and on information on other websites and services you visit. This may result in you seeing advertisements through our Site or our advertisements when you visit other websites and services of third parties. For more information about how to turn this feature off see below.
The effect of disabling cookies depends on which cookies you disable but, in general, the Site may not operate properly if all cookies are switched off.
If you want to disable cookies on our Site, you need to change your website browser settings to reject cookies. How you can do this will depend on the browser you use and you can find more information here: https://www.allaboutcookies.org/
All information you provide to us is stored either on our secure servers or on third party servers. All customer data is held within secure data centres using industry standard protection and encrypted where applicable. All data access is segmented by role and user rights.
Where we have given you (or where you have chosen) a password which enables you to access certain parts of our Site, you are responsible for keeping this password confidential. We ask you not to share a password with anyone.
Unfortunately, the transmission of information via the internet is not completely secure. Although we will do our best to protect your personal data, we cannot guarantee the security of your data transmitted to our Site; any transmission is at your own risk. Once we have received your information, we will use strict procedures and security features to try to prevent unauthorised access.
Our Site may, from time to time, contain links to external sites. We are not responsible for the privacy policies or the content of such sites.
You have the right under certain circumstances:
to be provided with a copy of any personal data we have about you (for example, your name and address);
to request the correction or erasure of incorrect personal data held by us;
to request that we restrict the processing of your personal data (e.g. while we verify or investigate your concerns with this information);
to object to the further processing of your personal data, including the right to object to marketing (as mentioned in 'Our promotional updates and communications' section); and
to request that your provided personal data be moved to a third party.
Your right to withdraw consent:
If we are processing your personal data because you have given us permission, you have the right to withdraw that consent without detriment at any time via https://privacyportal-uk.onetrust.com/webform/96766660-1554-4b5e-9b1d-66a63e3b8a9f/0c8ca365-2d66-497f-bac6-1db56dd88054 or by emailing us at the email in the 'contact us' section 12 below.
You can also change your marketing preferences at any time by following the unsubscribe link on all email communications or by emailing email@example.com
If your request or concern is not satisfactorily resolved by us, you can speak to your local data protection authority: https://edpb.europa.eu/about-edpb/about-edpb/members_en#member-ie. The Information Commissioner is in charge of personal data protection in the UK and can give you more information about your rights and what you can expect from us: https://ico.org.uk/global/contact-us/.
The data that we collect from you may be transferred to, and stored at, a destination outside the UK or European Economic Area ("EEA") that may not be subject to equivalent Data Protection Law.
Where your information is transferred outside the UK or EEA, we will take all steps reasonably necessary to ensure that your data is subject to appropriate safeguards, such as relying on a recognised legal adequacy mechanism, and that it is treated securely and in accordance with this Policy.
Trust Payments - https://www.trustpayments.com/privacy/
Adyen - https://www.adyen.com/policies-and-disclaimer/privacy-policy
Stripe - https://stripe.com/gb/privacy
If we make any changes to this Policy, a new version will be posted on this page and you will be notified via email of the substantive changes. This policy was last updated on 18th June 2021.
We welcome your feedback and questions. If you would like to contact us, please contact us by email at firstname.lastname@example.org.
This Policy was last updated on 17th May 2022.