This privacy statement describes the use Nadler Hotels Limited, The Nadler Kensington Limited, The Nadler Soho Limited, The Nadler Victoria Limited, and The Nadler Liverpool LLP makes of information relating to users of this site. Nadler Hotels are data controllers under data protection law. Our address is Nadler Hotels, 112 Jermyn Street (5th Floor), London, SW1Y 6LS, United Kingdom, and we are registered with the Information Commissioner (reg no. Z2445762). References to “you” or “your” means the user of this website. This privacy statement forms part of the companies’ website terms and conditions.
This privacy statement relates to information which identifies particular individual users. Additional terms & conditions regarding the collection and use of information may also be provided to guests staying in our hotels.
What information is collected?
User-supplied information: when you register with us, the company may ask you for your name, e-mail address, and other similar information. Any information supplied by the user is supplied with your consent unless otherwise stated. We will state at the time of requesting your information the purpose for which we are asking for your information, the way it will be used and how long it will be kept by the company.
If you have provided the company with your consent to directly contact you to inform you of our services, you can inform us at any time if you no longer wish to receive these marketing communications. We always provide links to automatically opt out in all of our email communications to you, however you can contact us directly to advise us that you wish to withdraw your consent by emailing firstname.lastname@example.org.
How and when information is used:
The company and its affiliates may use information described in different ways, for example:
- To market to users and/or permit third parties to do so, where the user has given their consent by opting in to receive marketing information and for it to be shared with selected third parties. Marketing may be via post, phone, email, SMS, automated phone call or other electronic means, according to the user’s opt-in selections.
- To provide services that users have requested;
- For system administration and to monitor website use; and otherwise as reasonably required to operate our business or as required by law.
- As list of our affiliates and third parties who we may share your information can be found listed at appendix 1 of this policy.
How the company protects user information:
The company endeavours to protect users’ information in accordance with applicable law, but the company cannot ensure the security of any information a user transmits to the company. Users transmit such information at their own risk. Security breaches involving personal data which is likely to cause a risk to the rights and freedoms of an individual will be reported to the Information Commissioner’s Office no later than 72 hours after the breach is identified, where feasible. Justification for the delay will be provided for any report not made within 72 hours. Individuals affected by a breach will be notified without undue delay, if the breach poses a high risk to the rights and freedoms of the individual. Security breaches unlikely to result in a risk for the rights and freedoms of data subjects may not be reported.
Who has access to the information:
The company may disclose personal information for the above purposes where it has a legal obligation to do so or there is a legitimate interest in processing the information. The company will share user information with its affiliates, third parties’ business parties and service suppliers for the above purposes, which may include international transfers but only to countries which have equivalent data protection laws. Any transfer of personal data by the company or one of its appointed data processors shall take place only if certain conditions are complied with:
- Transfers on the basis of adequacy of data protection.
- Transfers subject to the appropriate data protection safeguards through technical and organisational measures.
- If binding corporate rules apply (agreements governing transfers made between organisations within a corporate group).
How to correct inaccuracies:
You can request access to or correction of information held by the company relating to you by emailing email@example.com, by phone on +44(0)2037503600, or by writing to Nadler Hotels, (FAO Data Protection), 112 Jermyn Street (5th Floor), London, SW1Y 6LS, United Kingdom.
Under data protection law, you have the right to access the personal information that we are processing which identifies you. You are also entitled to request information which we are processing about you through automated means to be transferred to you or a third party. You are also entitled, in certain circumstances, to request that we stop processing information we hold on you, to object to any processing that we are undertaking on your information or to have the data erased.
a) You have the right to request access to your personal data and know more specifically, why and how we hold it.
b) You have the right to rectification of inaccurate personal data, and we will ensure that inaccurate or incomplete data is erased, amended or rectified.
c) You have the right to have your personal data erased if: i. the data is no longer needed for its original purpose and no new lawful purpose exists; ii. the lawful basis for the processing is your consent, you withdraw that consent, and no other lawful ground exists; iii. you exercise the right to object, and we have no overriding grounds for continuing the processing; iv. the data has been processed unlawfully; or v. erasure is necessary for compliance with EU law or specified British law
d) Nadler Hotels have the right to decline your request for erasure of personal data to the extent that data processing is necessary: i. for exercising the right of freedom of expression and information; ii. for compliance with a legal obligation which requires processing by EU or British law to which Nadler Hotels are subject, or for the performance of a task carried out in the public interest, like public health, archiving and scientific, historical research or statistical purposes; or iii. for the establishment of, exercise of or defence against legal claims.
e) You have the right to restrict the processing of your personal data if: i. the accuracy of the data is contested (and only for as long as it takes to verify that accuracy); ii. the processing is unlawful, and you request restriction (as opposed to exercising the right to erasure); iii. Nadler Hotels no longer needs the data for their original purpose, but the data is still required by Nadler Hotels to establish, exercise or defend legal rights; or iv. verification of overriding grounds is pending in the context of an erasure request.
f) You have the right to receive your own personal data, which you have provided to Nadler Hotels, in a structured, commonly used and machine-readable format. You also have the right to transmit the data to another data controller without hindrance from Nadler Hotels unless this is technically unfeasible.
g) Whenever Nadler Hotels justify in writing to you via privacy notice that the data processing we carry out of your personal data is on the basis of its legitimate interests, you can object to such processing. As a consequence, Nadler Hotels would no longer be allowed to process your personal data unless it can demonstrate compelling, legitimate grounds for the processing. These grounds must be sufficiently compelling to override your interests, rights and freedoms, such as to establish, exercise or defend against legal claims.
h) You have the right not to be evaluated on the basis of automated processing. The right not to be subject to automated decision-making applies only if such a decision is based solely on automated processing and produces legal effects concerning you or similarly significantly affects you. The underlying processing of personal data is allowed if it is authorised by law, necessary for the preparation and execution of a contract, or done with your explicit consent, provided that Nadler Hotels has put sufficient safeguards in place. Such safeguards might include the right to obtain human intervention on the part of Nadler Hotels or another equally effective opportunity to express your point of view to contest the decision.
Should you wish to exercise any of your rights under data protection law, please email firstname.lastname@example.org.
If you have any issues about the way in which the company is using your information, please email email@example.com who will be able to consider the matter for you. Should you be dissatisfied with the company’s response, you have the right to raise your concerns with the Information Commissioner’s Office.
This site is created and controlled by the company and subject to the laws of England & Wales and subject to the jurisdiction of the English court. The company reserves the right to make changes to the site and this privacy statement from time to time. By using the site or supplying information to us, you are agreeing and consenting to the use of information relating to you (including international transfer) as described in this privacy statement.