Crown Group of Hotels – Privacy Policy

Structure of This Policy

This privacy notice is provided in a layered format so you can see the specific areas that may be of interest or relevance to you:

1. Introduction
2. Data Controller
3. What Personal Data We Collect
4. How We Use Your Personal Data
5. Legal Basis for Processing
6. Loyalty Programme (Crown Rewards)
7. Cookies, Tracking, and Online Data
8. Data Retention
9. Sharing of Personal Data
10. International Transfers
11. Data Security
12. Your Rights
13. Children’s Privacy
14. Complaints
15. Updates to This Policy
16. Contact Us

1. Introduction

Crown Group of Hotels values your privacy and is committed to protecting your personal data. This Privacy Policy explains in detail how we collect, use, store, share, and protect the information that you provide when interacting with our hotels, websites, applications, loyalty programmes, and services. It also sets out your rights under applicable data protection laws, including the UK General Data Protection Regulation (UK GDPR), the EU General Data Protection Regulation (EU GDPR), and the Data Protection Act 2018.

2. Data Controller

The data controller responsible for the processing of your personal information is:

Crown Group of Hotels Limited
32 Woodstock Grove, London, W12 8LE
Email: Reservations@crowngroupofhotels.com

All references in this document to ‘we’, ‘us’ or ‘our’ refer to Crown Group of Hotels. References to ‘you’ or ‘your’ refer to guests, customers, members, or other individuals whose data is processed by us.

3. What Personal Data We Collect

We collect different categories of personal data depending on how you interact with Crown Group of Hotels:

– Identification and contact information (name, email, telephone, address, ID documents).
– Booking and reservation details (dates, preferences, payment details).
– Loyalty programme data (membership number, benefits, redemptions, preferences).
– Marketing and communication preferences.
– Technical and online identifiers (IP address, device type, browser, cookies, app usage, geolocation).
– Social media handles and information when interacting through third-party platforms.
– Feedback, survey responses, complaints, or correspondence with us.

4. How We Use Your Personal Data

We process your personal data for the following purposes:

– To manage bookings, reservations, and associated services.
– To operate and administer our Crown Rewards loyalty programme, including benefits, promotions, and communications.
– To provide personalised marketing communications, including emails, SMS, push notifications, and social media campaigns.
– To understand guest preferences and improve our services through analytics and profiling.
– To conduct business operations, including fraud prevention, internal reporting, audits, and compliance.
– To comply with legal obligations and respond to regulatory requests.

5. Legal Basis for Processing

We rely on the following legal bases under UK GDPR and EU GDPR:

– Performance of a Contract: to provide reservations, services, and loyalty benefits.
– Consent: for marketing communications, promotional activities, and cookies.
– Legitimate Interests: for business development, analytics, and direct marketing.
– Legal Obligation: to comply with statutory or regulatory requirements.

6. Loyalty Programme (Crown Rewards)

When you join Crown Rewards, we collect and use your personal data to:

– Register and manage your membership.
– Provide exclusive offers, discounts, and benefits.
– Track your participation, preferences, and redemption activity.
– Communicate updates, promotions, and service information.

Membership is optional, and participation requires acceptance of the programme’s terms and conditions. By enrolling, you consent to receiving loyalty-related marketing communications.

7. Cookies, Tracking, and Online Data

We use cookies, pixels, and other tracking technologies to:

– Enable core functionality of our websites and mobile apps.
– Analyse usage, measure performance, and improve services.
– Deliver targeted advertising and marketing campaigns across online platforms.

You can control cookies through your browser settings, but some services may not function properly if disabled.

8. Data Retention

Crown Group of Hotels retains personal data only for as long as necessary to fulfil the purposes outlined in this policy. Data is deleted or anonymised once no longer required, subject to legal or regulatory requirements.

Retention guidelines:
– Marketing data: retained for up to 3 years after the last meaningful interaction.
– Loyalty programme data: retained for up to 12 months after membership termination.
– Booking and payment data: retained for up to 7 years for accounting and tax purposes.

In all cases, data will not be kept longer than required for the specific lawful purpose.

9. Sharing of Personal Data

We may share your personal data with trusted third parties, including:

– Service providers (IT, cloud hosting, analytics, customer management, marketing).
– Payment processors and financial institutions.
– Advertising networks, social media platforms, and marketing partners.
– Business partners involved in promotions or loyalty benefits.
– Regulatory authorities, courts, or law enforcement where legally required.
– Successors in the event of a business sale, merger, or restructuring.

All third parties are required to handle your data securely and in compliance with applicable data protection laws.

10. International Transfers

Where personal data is transferred outside the UK or the European Economic Area (EEA), we ensure adequate safeguards such as Standard Contractual Clauses or equivalent mechanisms are implemented.

11. Data Security

We have implemented technical, organisational, and physical security measures to protect your personal data from unauthorised access, misuse, alteration, or destruction. Access is limited to authorised staff with a legitimate business need.

12. Your Rights

Under applicable data protection laws, you have the following rights:

– Right of access: to obtain a copy of your personal data.
– Right to rectification: to correct inaccurate or incomplete data.
– Right to erasure: to request deletion of your data when no longer necessary.
– Right to restrict processing: to limit how we use your data.
– Right to data portability: to request transfer of your data.
– Right to object: to processing based on legitimate interests or direct marketing.
– Right to withdraw consent: where processing is based on consent.

We may request verification of your identity when responding to rights requests. In certain circumstances, we may charge a reasonable fee for repetitive or manifestly unfounded requests.

13. Children’s Privacy

Crown Group of Hotels does not knowingly collect personal data from children under the age of 16. If we become aware that such data has been collected, we will delete it promptly. Parents or guardians who believe their child’s data has been collected should contact us immediately.

14. Complaints

If you have concerns about how we process your personal data, please contact us first at Reservations@crowngroupofhotels.com. You also have the right to lodge a complaint with the Information Commissioner’s Office (ICO) in the UK or your local data protection authority.

15. Updates to This Policy

We may update this Privacy Policy from time to time to reflect changes in practices, legal requirements, or business operations. Updated versions will be posted on our website with a revised effective date.

16. Contact Us

If you have any questions about this Privacy Policy or how your data is handled, please contact:

Data Protection Officer
Crown Group of Hotels Limited
32 Woodstock Grove, London, W12 8LE
Email: Reservations@crowngroupofhotels.com