At the Brook Hotels we take your privacy very seriously and we are committed to protecting your personal data.
Please read the following carefully to understand our views and practices regarding your personal data and how we will treat it.
ABOUT THE BROOK HOTELS GROUP
This privacy statement is issued by Brook Hotels, but applies to the handling of personal data by each member of the Brook Hotels. As updated from time to time and referred to in this privacy statement as the Brook Hotels / we / our or us.
The websites and applications of the Brook Hotels Group include:
There will typically be one member of the Brook Hotels Group to whom you have given your personal data. This entity would be a “data controller” in relation to your personal data. The term “data controller” broadly means the person who determines the purpose and means for which your data is processed. It is possible that you have given your data directly to more than one member of the Brook Hotels Group in which case each such member could be a data controller of your data in that context.
DISCLAIMER – BROOK HOTELS GROUP MEMBERS ARE NOT LIABLE TO YOU
NOTWITHSTANDING THAT THIS PRIVACY STATEMENT IS ISSUED ON BEHALF OF BROOK HOTELS, YOU ARE NOTIFIED THAT THE MEMBERS OF THE BROOK HOTELS GROUP ARE SEPARATE AND INDEPENDENT. YOUR USE OF THE RELEVANT WEBSITE IS SUBJECT TO THE RELEVANT TERMS AND CONDITIONS ISSUED BY THE RELEVANT BROOK HOTELS GROUP MEMBER IDENTIFIED AS TRANSACTING WITH YOU ON THE RELEVANT BROOK HOTELS GROUP WEBSITE. MEMBERS OF THE BROOK HOTELS GROUP SHALL NOT HAVE ANY LIABILITY WHATSOEVER FOR ANY LOSS OR DAMAGE HOWESOEVER CAUSED WHETHER TO YOU OR ANYONE ELSE BY REASON ONLY THAT THEY ARE MEMBERS OF THE BROOK HOTELS GROUP AND/OR THAT THEY ARE IDENTIFIED AS A MEMBER OF THE COMO GROUP IN THIS PRIVACY STATEMENT OR ELSEWHERE ON THE RELEVANT BROOK HOTELS GROUP WEBSITE.
DATA WE COLLECT FROM YOU OR ABOUT YOU AND OUR SOURCES OF THAT DATA
Your personal data includes any information that you provide to us, that we collect or that we are provided with by third parties and that identifies you, or from which you are identifiable, whether directly or indirectly. We may collect, use, store and transfer the following personal data about you:
- Data you give us
- when you place an order or make a booking on a BROOK HOTELS Group Website or otherwise;
- when you stay at one of our Brook Hotels
- by filling in forms on a BROOK HOTELS Group Website;
- when you use a BROOK HOTELS Group Website;
- when you sign up to receive email updates from us;
- when you ask us to provide you with marketing communications such as newsletters, updates or information about special events or promotions;
- if you ask us to keep in touch with you or provide you with personalised content (such as targeted advertising);
- if you contact us or correspond with us (for example, by phone, email or otherwise) for any reason; or
- when you provide us with comments, opinions and/or feedback about the BROOK HOTELS GROUP.
- Data we collect about you when you visit or use a BROOK HOTELS Group Website
- technical information, including the type of device (and its unique device identifier) you use to access the BROOK HOTELS Group Websites, the Internet protocol (IP) address used to connect your device to the Internet, your unique device identifier (UDID) or mobile equipment identifier (MEID) for your mobile device, your device and component serial numbers, your login information, browser type and version, time zone setting, browser plug in types and versions, operating systems, mobile network information and platform and details of any referring website or application; and
- information about your visit to the BROOK HOTELS Group Websites including full Uniform Resource Locators (URL), clickstream to, through and from the BROOK HOTELS Group Websites (including date and time), pages you viewed, page response time, download errors, length of visits to certain pages, page interaction information (such as scrolling, clicks, and mouse-overs), and methods used to browse away from the page.
- Data other BROOK HOTELS Group members collect about you. Any information you provide to a member of the BROOK HOTELS Group will be shared between us (for example, when you attend one of our BROOK HOTELS this information will be shared with the other BROOK HOTELS).
- Data we collect from or are provided with by third parties. We may be given information about you from third parties, such as social media platforms or anyone making a booking on your behalf at one of our BROOK HOTELS. We may also collect information that is publicly available, for example, when we interact with you through social media.
The provision of certain personal data by you to us (such as your name, email address, contact information, credit card and such other information as may be indicated by the BROOK HOTELS Group) will be compulsory or obligatory in order for the BROOK HOTELS Group to perform the relevant services for the identified purposes. The BROOK HOTELS Group may not be able to perform the relevant services for the identified purposes if you fail to supply the relevant personal data.
Where personal data of a minor is submitted by you, you confirm that you have authority to provide such data to us on behalf of that minor to enable us to process their personal data as described in this privacy statement.
HOW WE USE YOUR PERSONAL DATA AND THE LEGAL BASIS FOR PROCESSING YOUR PERSONAL DATA
TheBROOK HOTELS Group uses the personal data for relevant purposes where we have a legal basis to use your personal data without consent, this privacy statement fulfils our duty to process personal data fairly and lawfully and in a manner that you would expect given the nature of our relationship with you, by giving you appropriate notice and explanation of the way in which your personal data will be used.
Where consent is required for our use of your personal data as described above, we will request your consent. Typically, we would collect your consent by you performing an action such as ticking the appropriate consent box or otherwise communicating your consent to us (for example, by email or by you providing us with non-mandatory information), you consent to our use of that personal data as set out in this privacy statement. For example, we will only process your personal data for marketing purposes if we have your consent to do so.
MARKETING AND YOUR CHOICES
We will, if you have given us your consent and in line with your choices, provide you with information by post, telephone, email and SMS, which may be of interest to you in respect of the BROOK HOTELS Group. Where you have consented to receiving our direct marketing online this means that you could be presented with our advertisements while using the BROOK HOTELS Group Websites or the services of our online partners. For example, if you have given us this consent we may run a Facebook advertisement campaign, which could include our advertisements being presented to you while you are on Facebook. We may also personalize the content that you see using analytical or profiling tools. We will only provide you with marketing communications if you would like us to. You will have the opportunity to clearly set out whether you wish to receive marketing messages from us by ticking the relevant boxes.
HOW WE SHARE AND DISCLOSE YOUR PERSONAL DATA
We may share or disclose your personal data in connection with the purposes described in this privacy statement. This may include sharing your personal data with the following:
- all companies within the BROOK HOTELS Group for marketing, business, administrative and legal purposes (for example, payment, verification or membership awards and points);
- Facebook, Twitter or Instagram (if you use your account with them to sign up / in with us), if applicable;
- service providers, business partners, suppliers, subcontractors or agents (for example, fitness, medical and healthcare professionals providing assessments for treatments, IT services, travel planning, reservation, booking, rewards management, customer relationship management, business development and marketing support services) who perform functions such as marketing, payment, fulfilment and delivery of orders, administration and processing of payments, as well as bookings and reservations;
- professional advisers acting as processors or joint controllers including lawyers, bankers, auditors and insurers who provide consultancy, banking, legal, insurance and accounting services;
- vendors who provide services to us, such as fulfilling orders, providing data processing and other information technology services, managing promotions, carrying out research and analysis, and personalizing individual BROOK HOTELS Group customer experiences. We do not allow these vendors to use this information or to share it for any purpose other than to provide services on our behalf;
- government or other law enforcement agencies, in connection with the investigation of unlawful activities or for other legal reasons (this may include your location information;
- assist us in the improvement and optimization of the BROOK HOTELS Group Websites.
WHERE WE STORE YOUR PERSONAL DATA
All Personal Data you provide to us is stored on our secure servers in the European Economic Area. We will not transfer your Personal Data outside the European Economic Area without your express consent. We also work to protect the security of your information during transmission by using Secure Sockets Layer (SSL) software, which encrypts information you input.
LINKS TO THIRD PARTY WEBSITE
The BROOK HOTELS Group Websites may contain links to other third party websites and microsites, whose privacy practices may differ from those of the BROOK HOTELS Group. If you submit personal data to any of those sites, your personal data is not subject to this privacy statement.
RETENTION OF PERSONAL DATA
Your personal data will only be retained for as long as it is necessary to fulfil the purposes for which it was collected as outlined in this privacy statement and for the purpose of satisfying our business (accounting and reporting) or legal requirements, but also to properly resolve disputes or to troubleshoot problems.
To determine the appropriate retention period for personal data, we consider the amount, nature, and sensitivity of the personal data, the potential risk of harm from unauthorized use or disclosure of your personal data, the purposes for which we process your personal data and whether we can achieve those purposes through other means, and the applicable legal requirements. In addition, certain information may be stored indefinitely due to technical constraints, and will be blocked from further processing for purposes which are not mandatory by law.
Details of retention periods for different aspects of your personal data are available in the BROOK HOTELS Group Data Retention Policy, which you can request from us by contacting us using the contact details set out below.
If you choose to unsubscribe from our mailing list or should your access to any of your BROOK HOTELS Group memberships expire, your personal data will still be retained on our database to the extent permitted by law and in accordance with the BROOK HOTELS Group Data Retention Policy.
HOW WE STORE AND SECURE YOUR PERSONAL DATA
We are committed to taking appropriate measures designed to keep your personal data secure. Our technical and organizational procedures are designed to protect your personal data from accidental, unlawful or unauthorized loss, access, disclosure, use, alteration, or destruction. While we make efforts to protect our information systems, no website, mobile application, computer system, or transmission of information over the Internet or any other public network can be guaranteed to be 100% secure. Once we have received your personal data, we will use strict procedures and security features to try to prevent unauthorized access or inadvertent disclosure.
The personal data that we hold about you will be stored either on our servers or using third party data storage providers or if elsewhere, in compliance with applicable data protection laws. We may post a notice on the relevant BROOK HOTELS Group Website, notify you by email or contact you otherwise if a security breach occurs and such breach presents a high risk to your rights and freedoms.
YOUR LEGAL RIGHTS
You have the following rights with regard to your personal data:
Access. You have the right to access data we hold about you. This enables you to receive a copy of the personal data we hold about you and to check that we are lawfully processing it.
- Rectification or erasure. You have the right to request that we rectify or delete any personal data that we hold about you (unless we have the legal right to retain it). This right does not extend to non-personal data. Please note that your rights to request erasure may be limited by applicable law.
- Restriction. You also have the right to restrict us from processing your personal data if the data is inaccurate, the processing is unlawful or we no longer need to your personal data for the purposes for which we hold it.
- Data portability. You have the right to obtain personal data we hold about you, in a structured, electronic format, and to transmit such data to another data controller if the legal basis for processing such personal data is consent.
- Object /change of preferences. You have a right to request that we stop processing your personal data where we are relying on a legitimate interest (or those of a third party). You have the right to object where we are processing your personal data for direct marketing purposes. For example, if you have given your consent to receive updates or other marketing communications, but have changed your mind, you have the ability to opt out from receiving such communications going forward by contacting us using the details provided or by clicking the relevant link in any communications you receive.
- Complaints. If for any reason you are not happy with the way that we have handled your personal data, please see for further information and contact us. If you are still not happy, you have the right to make a complaint to the Information Commissioner’s Office. To exercise any of the rights mentioned above, please contact us using the contact details. Where available, you may also be able to access, rectify, request the erasure, export and restrict the use of your personal data, as well as update your preferences by signing into your account and selecting “Update Profile”.
We will comply with your request to exercise the above mentioned rights, to the extent required by applicable law. However, if you ask us to stop processing your personal data in certain ways or erase your personal data, and this type of processing or data is needed to facilitate your use of the BROOK HOTELS Group Website or is required for us to provide you with a service (such as to manage your account), you may not be able to use the BROOK HOTELS Group Website or the service as you did before.
This does not include your right to object to the processing of your personal data for the purposes of direct marketing. You can exercise this right at any time without restrictions. Please allow at least 3 working days for your request to be actioned.
To protect your confidentiality and to comply with applicable data protection laws, we may need to confirm your identity before we can action your request (for example, we will respond to a request as long as the email address is identical to that you have registered with us or otherwise provided to us, we may ask for a scanned copy of your photo ID or for you to confirm details of your transaction history with us). When contacting the Data Privacy Office (details of which you can find below) please state your name and provide valid contact details. As mentioned above, protecting your confidentiality and complying with applicable data protection laws is important to us, the COMO Group may therefore refuse to comply with any request unless it is supplied with such information as it may reasonably require to verify your identity. We will respond to your requests within a reasonable time and in accordance with the applicable data protection laws.
A “cookie” is a small text file that is placed onto an Internet user’s web browser or device and is used to remember and/or obtain information about the user and a “web beacon” is a small object or image that is embedded into a web page, application, or email and is used to track activity, which are also sometimes referred to as pixels and tags.
We use the following cookies:
- Strictly necessary cookies. These are cookies that are required for the operation of the BROOK HOTELS Group Websites. They include, for example, cookies that enable you to log into the BROOK HOTELS Group Websites.
- Analytical/performance cookies. They allow us to recognise and count the number of visitors and to see how visitors move around the BROOK HOTELS Group Websites when they are using it. They also enable us to see how users use the BROOK HOTELS Group Websites. This helps us to improve the way the BROOK HOTELS Group Websites work.
- Functionality cookies. These are used to recognize you when you return to the BROOK HOTELS Group Websites. This enables us to personalize our content for you, greet you by name and remember your preferences (for example, your choice of language or region).
- Targeting cookies. These cookies record your visit to the BROOK HOTELS Group Websites, the pages you have visited and the links you have followed. We will use this information to make the website and the advertising displayed on it more relevant to your interests.
By clicking “agree” on the cookie consent box when you first access a BROOK HOTELS Group Website and by continuing to access and use such BROOK HOTELS Group Website you accept our use of the cookies. You can block cookies by activating the setting on your browser that allows you to refuse the setting of all or some cookies. However, if you use your browser settings to block all cookies (including essential cookies) you may not be able to access all or parts of the BROOK HOTELS Group Website.
For more detailed information about cookies and how they can be managed and deleted, please visit www.allaboutcookies.org.
CHANGES TO THE PRIVACY STATEMENT
This privacy statement is in effect as of the date noted at the top of the statement. We may change our privacy statement from time to time. Any changes we may make to our privacy statement in the future will be posted on this page and, where appropriate, notified to you by e-mail.
Please check back frequently to see any updates or changes to our privacy statement. By continuing to use a BROOK HOTELS Group Website or continuing to allow us to retain or process your personal data following any such changes to our privacy statement, you are deemed to have accepted such changes unless you expressly notify us otherwise in writing (except to the extent we are required to make such changes in accordance with applicable law).
Where we need to seek updated, additional or different consents from you, we will, of course, do so.
QUERIES, COMMENTS, REQUESTS AND COMPLAINTS
If you have any questions, comments, requests or complaints about our collection, use or disclosure of personal data, or regarding this privacy statement, please contact us using the details below. Please also contact us if you would like to update or amend any of your personal data, which you have provided to us or if you believe our records relating to your personal data are incorrect. When contacting us please provide as much detail as possible in relation to your question, comment, request or complaint. We would like to reassure you that we will take any privacy complaint seriously and such complaint will be assessed by an appropriate person with the aim of resolving any issue in a timely and efficient manner. We request that you cooperate with us during this process and provide us with any relevant information that we may need (for example, your name and valid contact details, as well as proof of identity such as a scanned copy of your photo ID or details about your transactions with us). If we cannot reasonably satisfy ourselves of your identity, we may not be able to deal with your query, comment, request or complaint.
Kingston Hill, Kingston Upon Thames, Surrey KT2 7NP