Privacy Policy

Who we are

Our website address is:

What personal data we collect and why we collect it



When visitors leave comments on the site we collect the data shown in the comments form, and also the visitor’s IP address and browser user agent string to help spam detection.

An anonymised string created from your e-mail address (also called a hash) may be provided to the Gravatar service to see if you are using it. The Gravatar service Privacy Policy is available here: After approval of your comment, your profile picture is visible to the public in the context of your comment.


If you upload images to the website, you should avoid uploading images with embedded location data (EXIF GPS) included. Visitors to the website can download and extract any location data from images on the website.


Contact forms

If filling in a contact form on our website, we collect the data shown in the form as well as the visitor’s IP address and browser user agent string to help spam detection



If you leave a comment on our site you may opt in to saving your name, e-mail address and website in cookies. These are for your convenience so that you do not have to fill in your details again when you leave another comment. These cookies will last for one year.

If you have an account and you log in to this site, we will set a temporary cookie to determine if your browser accepts cookies. This cookie contains no personal data and is discarded when you close your browser.

When you log in, we will also set up several cookies to save your login information and your screen display choices. Login cookies last for two days, and screen options cookies last for a year. If you select “Remember Me”, your login will persist for two weeks. If you log out of your account, the login cookies will be removed.

Cookies that we use

A number of our pages use cookies to remember:

  • Your display preferences, such as contrast colour settings or font size
  • If you have already replied to a survey pop-up that asks you if the content
    was helpful or not (so you won’t be asked again)
  • If you have agreed (or not) to our use of cookies on this site
  • Also, some videos embedded in our pages use a cookie to anonymously gather
    statistics on how you got there and what videos you visited.


Embedded content from other websites

Articles on this site may include embedded content (e.g. videos, images, articles, etc.). Embedded content from other websites behaves in the exact same way as if the visitor has visited the other website.

These websites may collect data about you, use cookies, embed additional third-party tracking, and monitor your interaction with that embedded content, including tracking your interaction with the embedded content if you have an account and are logged in to that website.



Who we share your data with

Below is a list of all the Third-Party Service Providers used by Swinfen Hall Hotel, with links to the third-party software providers current Privacy Policies :



MailChimp :





Where we send your data

Visitor comments may be checked through an automated spam detection service.



Our service providers use cookies which may be stored on your computer when you visit their websites(s). We are not responsible for the cookies used by these providers, however each provider will have their own cookie policy available to view on their website.


How long we retain your data

If you leave a comment, the comment and its metadata are retained indefinitely. This is so we can recognise and approve any follow-up comments automatically instead of holding them in a moderation queue.

For users that register on our website (if any), we also store the personal information they provide in their user profile. All users can see, edit, or delete their personal information at any time (except they cannot change their username). Website administrators can also see and edit that information.


What rights you have over your data

If you have an account on this site, or have left comments, you can request to receive an exported file of the personal data we hold about you, including any data you have provided to us. You can also request that we erase any personal data we hold about you. This does not include any data we are obliged to keep for administrative, legal, or security purposes.


The right to be informed
This privacy notice informs you of who is obtaining and using your personal information, how this information will be retained, shared and secured and what lawful grounds will be used to obtain and use your personal identifiable information.


The right of access
You have the right to obtain a copy of the personal information we hold about you. This is known as a “subject access request” (SAR). SARs need to be made in writing. We ask that your request is accompanied by proof of your address and identity. In accordance with the Data Protection Act (DPA) we must provide you with the information pertaining to your request within 30 days. If you are seeking to obtain specific information, it helps if you clarify the details of what you would like to receive in your request.

If someone is requesting information on your behalf, they will need written confirmation from you to evidence your consent in order for us to release this and in some circumstances proof of ID.


The right to rectification
You can ask us to rectify your personal data if it is inaccurate or incomplete. Please help us to keep our records accurate by keeping us informed if your details change.

The right to erasure
The right to erasure is also known as “the right to be forgotten”. In some circumstances, you can ask us to delete or remove personal data where there is no compelling reason to continue to hold it. This is not an absolute right, and we will need to consider the circumstances of any such request and balance this against our need to continue processing the data, and any legal/regulatory requirements for the data.

The right to restrict processing
You can object and ask us to restrict processing if you feel that we are using your personal information unlawfully and/or holding inaccurate, inadequate or irrelevant personal identifiable information which if used may have a detrimental impact on you and/or has an impact on your rights.

The right to object
You have the right to object to how we use your personal identifiable information in certain circumstances as well as the right to obtain a copy of the personal identifiable information we hold about you.

The right to data portability
It is also your right to receive the personal data which you have given to us, in a structured, commonly used and machine-readable format and have the right to transmit that data to another controller without delay from the current controller if:

The processing is based on consent or on a contract, and the processing is carried out by automated means.
Rights in relation to automated decision making and profiling.

You can ask us o review any decisions that are determined by automated means, and object to our use of your personal data for profiling activities.



How we protect your data

When you give us personal information, we take steps to make sure that it’s treated securely. Non-sensitive details (your email address etc.) are sent normally over the Internet, and this can never be guaranteed to be 100% secure. As a result, while we strive to protect your personal information, we cannot guarantee the security of any information you transmit to us, and you do so at your own risk. Once we receive your information, we make our best effort to ensure its security on our systems

We will only retain your personal data for as long as necessary to fulfill the purposes we collected it for, including for the purposes of satisfying any legal, accounting, or reporting requirements.


What data breach procedures we have in place



What third parties we receive data from



What automated decision making and/or profiling we do with user data



Industry regulatory disclosure requirements