Bryn Hyfryd (Snowdonia Getaway) - Privacy PolicyPrivacy Policy

Privacy Policy
Privacy Policy Last Updated: May 2026 We operate Snowdonia Getaway ("we", "our", "us"). We are committed to protecting and respecting your privacy. This policy explains how we collect, use, and look after your personal data when you visit our website, enquire about a stay, or book our holiday cottage. For the purpose of the UK General Data Protection Regulation (UK GDPR), we are the Data Controller. 1. The Data We Collect About You We may collect, use, and store different kinds of personal data about you, including: Identity Data: First name, last name, and the names of any guests staying with you. Contact Data: Billing address, email address, and telephone numbers. Financial Data: Bank account details (if paying by bank transfer) or transaction history. Note: Credit/debit card payments are securely processed by our third-party payment provider, and we do not store your card details. Booking Data: Dates of your stay, guest numbers, and any specific requests or accessibility requirements you share with us. 2. How We Collect Your Data We collect data from you when you: Use the booking system or contact form on our website. Communicate with us via email, phone, or messaging apps. Book our cottage via third-party booking platforms Sign up for our newsletter or marketing updates. 3. How and Why We Use Your Personal Data Under the UK GDPR, we must have a legal basis to use your data. We use it for the following reasons: To Perform Our Contract With You: To process your booking, manage your stay, take payments, and communicate essential arrival details. To Comply With Legal Obligations: To maintain accurate financial records for UK tax purposes (HMRC) and to comply with health and safety laws. For Our Legitimate Interests: To operate closed-circuit television (CCTV) in the external parking area for property security and crime prevention. To respond to enquiries, improve our website, and manage guest relations. Based on Your Consent: To send you promotional emails about special offers or seasonal discounts (you can opt out at any time). 4. Data Sharing and Third Parties We never sell your personal data. We only share your data with trusted third parties necessary to run our business, including: Our booking system and channel manager providers Bookalet Payment gateway providers e.g., Stripe to process your payments securely. Our professional cleaning, maintenance, or key-holding team (limited strictly to your name, arrival date, and any specific requirements). The police, local authorities, or regulatory bodies (such as the ICO) if required by law. 5. International Data Transfers [Select Option A or Option B] We do not transfer your personal data outside the UK. 6. Data Security We have put in place appropriate security measures to prevent your personal data from being accidentally lost, altered, disclosed, or accessed without authorisation. Access to your data is strictly limited to those who have a business need to know. 7. How Long We Keep Your Data We will only keep your personal data for as long as necessary to fulfil the purposes we collected it for. Booking and Financial Data: We retain this for 6 years following the end of the financial year of your stay, to comply with UK HMRC tax regulations. CCTV Footage: External parking area footage is automatically overwritten and deleted after 30 days, unless required for an ongoing legal or security investigation. Enquiry Data: If you do not book, we delete your enquiry data after 12 months 8. Your Legal Rights Under UK data protection laws, you have the right to: Request access to your personal data (a "Subject Access Request"). Request correction of any inaccurate personal data we hold about you. Request erasure of your personal data (where there is no overriding legal reason for us to keep it). Object to or restrict the processing of your data. Withdraw your consent for marketing at any time. To exercise any of these rights, please contact us using the details below. You also have the right to lodge a complaint at any time with the Information Commissioner's Office (ICO). 9. Cookies Our website uses cookies to distinguish you from other users and improve your browsing experience. You can set your browser to refuse all or some cookies, but please note that some parts of our booking system may not function properly if cookies are disabled. 10. Security and CCTV 1. Presence of CCTV For the safety, security, and protection of our guests, staff, and property, closed-circuit television (CCTV) is in operation at Bryn Hyfryd (Snowdonia Getaway) 2. Camera Location and Scope Recording is strictly limited to the external designated vehicle parking area. The cameras do not monitor, view, or record any internal areas of the property, nor do they intentionally overlook private neighbouring properties or public spaces. 3. Purpose of Recording The system is operated under the legal basis of "Legitimate Interests." Images are captured solely for: The prevention, deterrence, and detection of crime. The safety and security of guests, vehicles, and the property. Verifying compliance with maximum occupancy and house rules (e.g., unauthorised events). 4. Data Storage and Retention All recorded footage is stored securely on an encrypted cloud system with restricted password access. Footage is automatically overwritten and permanently deleted after 30 days, unless required for an ongoing security investigation, legal claim, or police inquiry. 5. Your Rights (Subject Access Requests) As a data subject, you have the right to request access to any recorded footage featuring yourself. To make a Subject Access Request (SAR), or for any privacy-related queries, please contact the Data Controller: Data Controller Name: Snowdonia Getaway Contact Email: hello@snowdoniagetaway.co.uk Contact Phone: 07808 768108

Last Updated: May 2026

We operate Snowdonia Getaway ("we", "our", "us"). We are committed to protecting and respecting your privacy. This policy explains how we collect, use, and look after your personal data when you visit our website, enquire about a stay, or book our holiday cottage.

For the purpose of the UK General Data Protection Regulation (UK GDPR), we are the Data Controller.

1. The Data We Collect About You

We may collect, use, and store different kinds of personal data about you, including:

Identity Data: First name, last name, and the names of any guests staying with you.
Contact Data: Billing address, email address, and telephone numbers.
Financial Data: Bank account details (if paying by bank transfer) or transaction history. Note: Credit/debit card payments are securely processed by our third-party payment provider, and we do not store your card details.
Booking Data: Dates of your stay, guest numbers, and any specific requests or accessibility requirements you share with us.

2. How We Collect Your Data

We collect data from you when you:

Use the booking system or contact form on our website.
Communicate with us via email, phone, or messaging apps.
Book our cottage via third-party booking platforms
Sign up for our newsletter or marketing updates.

3. How and Why We Use Your Personal Data

Under the UK GDPR, we must have a legal basis to use your data. We use it for the following reasons:

To Perform Our Contract With You: To process your booking, manage your stay, take payments, and communicate essential arrival details.
To Comply With Legal Obligations: To maintain accurate financial records for UK tax purposes (HMRC) and to comply with health and safety laws.
For Our Legitimate Interests:
- To operate closed-circuit television (CCTV) in the external parking area for property security and crime prevention.
- To respond to enquiries, improve our website, and manage guest relations.
Based on Your Consent: To send you promotional emails about special offers or seasonal discounts (you can opt out at any time).

4. Data Sharing and Third Parties

We never sell your personal data. We only share your data with trusted third parties necessary to run our business, including:

Our booking system and channel manager providers Bookalet
Payment gateway providers e.g., Stripe to process your payments securely.
Our professional cleaning, maintenance, or key-holding team (limited strictly to your name, arrival date, and any specific requirements).
The police, local authorities, or regulatory bodies (such as the ICO) if required by law.

5. International Data Transfers

[Select Option A or Option B]

We do not transfer your personal data outside the UK.

6. Data Security

We have put in place appropriate security measures to prevent your personal data from being accidentally lost, altered, disclosed, or accessed without authorisation. Access to your data is strictly limited to those who have a business need to know.

7. How Long We Keep Your Data

We will only keep your personal data for as long as necessary to fulfil the purposes we collected it for.

Booking and Financial Data: We retain this for 6 years following the end of the financial year of your stay, to comply with UK HMRC tax regulations.
CCTV Footage: External parking area footage is automatically overwritten and deleted after 30 days, unless required for an ongoing legal or security investigation.
Enquiry Data: If you do not book, we delete your enquiry data after 12 months

8. Your Legal Rights

Under UK data protection laws, you have the right to:

Request access to your personal data (a "Subject Access Request").
Request correction of any inaccurate personal data we hold about you.
Request erasure of your personal data (where there is no overriding legal reason for us to keep it).
Object to or restrict the processing of your data.
Withdraw your consent for marketing at any time.

To exercise any of these rights, please contact us using the details below. You also have the right to lodge a complaint at any time with the Information Commissioner's Office (ICO).

9. Cookies

Our website uses cookies to distinguish you from other users and improve your browsing experience. You can set your browser to refuse all or some cookies, but please note that some parts of our booking system may not function properly if cookies are disabled.

10. Security and CCTV

1. Presence of CCTV
For the safety, security, and protection of our guests, staff, and property, closed-circuit television (CCTV) is in operation at Bryn Hyfryd (Snowdonia Getaway)

2. Camera Location and Scope
Recording is strictly limited to the external designated vehicle parking area. The cameras do not monitor, view, or record any internal areas of the property, nor do they intentionally overlook private neighbouring properties or public spaces.

3. Purpose of Recording
The system is operated under the legal basis of "Legitimate Interests." Images are captured solely for:

The prevention, deterrence, and detection of crime.
The safety and security of guests, vehicles, and the property.
Verifying compliance with maximum occupancy and house rules (e.g., unauthorised events).

4. Data Storage and Retention
All recorded footage is stored securely on an encrypted cloud system with restricted password access. Footage is automatically overwritten and permanently deleted after 30 days, unless required for an ongoing security investigation, legal claim, or police inquiry.

5. Your Rights (Subject Access Requests)
As a data subject, you have the right to request access to any recorded footage featuring yourself. To make a Subject Access Request (SAR), or for any privacy-related queries, please contact the Data Controller:

Data Controller Name: Snowdonia Getaway
Contact Email: hello@snowdoniagetaway.co.uk
Contact Phone: 07808 768108