This Privacy Policy outlines the types of personal data that The Beaumont Hotel ("we/us/our") may collect about you when you interact with us. It also explains how we store, handle, protect and otherwise process your data, and to ensure that you are fully informed of your rights. This Privacy Policy is applicable to The Beaumont Hotel, The Colony Grill Room and The Beaumont Spa.
The sections outlined below should answer any questions you may have. However if you do have further queries, then please do contact us at:
Data Protection Officer The Beaumont Hotel Limited, 8 Balderton Street, London, W1K 6TF
United Kingdom Email: [email protected]
Telephone: +44 (0)20 7499 1001.
In using our website and receiving our services, you consent to the collection, use, disclosure, transfer and other processing of your personal data as set out in this Privacy Policy, subject to your rights set out below and in particular your rights to withdraw or modify your consent as described in paragraph 10 of this Privacy Policy.
In this Privacy Policy, "personal data" means any information about an individual from which that person can be identified, such as your name and contact details. It does not include data from which it is not possible to identify the individual to which it relates (anonymous data).
We are The Beaumont Hotel Limited (referred to in this Privacy Policy as "The Beaumont", "we", "us" and "our"). The Beaumont Hotel Limited is a private limited company registered in England and Wales at Brown Hart Gardens, London W1K 6TF (Company No: 8031843), t/a The Beaumont and The Colony Grill Room.
The Beaumont Hotel Limited operates The Beaumont Hotel, The Colony Grill Room and The Beaumont Spa.
The Beaumont Hotel Limited is the "controller" of any personal data for the purposes of the Data Protection Act 2018 (the "Act"), UK GDPR (meaning the General Data Protection Regulation (EU) 2016/679 ("GDPR") as it forms part of the law of England and Wales, Scotland and Northern Ireland by virtue of section 3 of the European Union (Withdrawal) Act 2018 ) and to the extent applicable GDPR (together "Data Protection Law") that you provide to us in the course of purchasing products from us, using our services or otherwise interacting with us.
We are committed to protecting your privacy and processing your personal data in compliance with Data Protection Law.
We will only process your personal data where:
By processing, we mean the collection, storage, recording, use, disclosure and any other form of operations or dealings with your personal data.
We collect various personal data from you in order to process it for a number of different purposes, including to enable us to manage our business and operations, to provide goods and services to you, for our legitimate interests or to comply with our statutory obligations.
Some personal data is collected automatically as a result of your use of our website (see Cookie section below). In other circumstances, it will be at your discretion whether you provide us with your personal data or not and we may need to collect your personal data by law, or under the terms of a contract we have with you. If you do not provide that data when requested, we may not be able to maintain or provide services or products to you or to perform the contract we have or are trying to enter into with you (for example, to provide you with goods or services). In this case, we may have to cancel a product or service you have with us but we will notify you if this is the case at the time.
We do not generally collect special categories of personal data (as defined in Data Protection Law) unless it is volunteered by you or unless we are required to do so pursuant to applicable laws. "Special categories of personal data" includes details about your race or ethnicity, religious or philosophical beliefs, sex life, sexual orientation, political opinions, trade union membership, information about your health and genetic and biometric data. However, we may process) health data provided by you (either with your explicit consent or in the case of certain data e.g. about allergies, in order to protect your vital interests or to comply with our statutory obligations) to improve your stay or to safely provide you with our services, e.g. mobility information and information you provide us with in the course of booking a spa appointment.
We set out in the table below what personal data is required by us in order for us to make a reservation at our hotel, spa, restaurants or at a private dining room, for e-commerce or retail purposes and to provide you with our business services and for marketing and communications purposes (see also section 6 below):
Types of personal data which we may seek to collect and process | Services and products for which we are processing this data | Purposes for processing | Legal basis for processing (see section 3 above for more details) |
Customer name and contact details and those of the person making the reservation or purchase and of any recipient of any gifts/gift cards | Restaurant Reservations and Private Dining, Room Reservations, Spa Appointments, e-Commerce and Retail | To comply with our statutory obligations (e.g. identity verification), to provide our business services to you such as reserving a table or room for you, to provide exceptional customer service and to improve your staying experience, and for marketing our services and communicating with you in accordance with section 6 below | Consent, legitimate interests, to comply with our statutory obligations and performance of our contract with you |
Postal address (for gifts/gift cards billing and delivery addresses (if different)) | e-Commerce and Retail |
To provide our business services to you including credit card verification, to provide exceptional customer service and to improve your staying experience, and for marketing our services and communicating with you in accordance with section 6 below To send the recipient the products purchased |
Consent, legitimate interests and performance of our contract with you |
Telephone Number | Restaurant Reservations and Private Dining, Room Reservations, Spa Appointments, e-Commerce and Retail | To reserve a table or room for you, to provide our business services to you, to provide exceptional customer service and to improve your staying experience, and for marketing our services and communicating with you in accordance with section 6 below | Consent, legitimate interests and performance of our contract with you |
Email Address | Restaurant Reservations and Private Dining, Room Reservations, Spa Appointments, e-Commerce and Retail |
To reserve a table or room for you To provide our business services to you to provide exceptional customer service and to improve your staying experience, and for marketing our services and communicating with you in accordance with section 6 below |
Consent, legitimate interests and performance of our contract with you |
Date of birth | Room Reservations | To comply with our statutory obligations, to provide exceptional customer service and to improve your staying experience, and for marketing our services and communicating with you in accordance with section 6 below | Consent, legitimate interests and to comply with our statutory obligations |
Passport number | Room Reservations | To comply with our statutory obligations | Consent and to comply with our statutory obligations |
Arrival/departure date and time | Restaurant Reservations and Private Dining, Room Reservations, Spa Appointments | To provide our business services to you, to provide exceptional customer service and to improve your staying experience | Consent, legitimate interests and performance of our contract with you |
Relevant travel information | Room Reservations | To provide our business services to you to provide exceptional customer service and to improve your staying experience, and for marketing our services and communicating with you in accordance with section 6 below | Consent, legitimate interests and performance of our contract with you |
Occasion for visit and special occasions - birthdays, anniversaries and that of your guest(s) | Restaurant Reservations and Private Dining, Room Reservations | To provide exceptional customer service and to improve your dining/staying experience | Consent, legitimate interests and performance of our contract with you |
Seating preferences | Restaurant Reservations and Private Dining | To provide exceptional customer service and to improve your dining experience | Consent, legitimate interests and performance of our contract with you |
Stay history (that is, details as to whether you have stayed with us before) | Room Reservations | To provide exceptional customer service and to improve your staying experience | Consent, legitimate interests and performance of our contract with you |
Allergies or food intolerances | Restaurant Reservations and Private Dining, Room reservations | To comply with our statutory obligations or to protect your vital interests | Consent, legitimate interests, performance of our contract with you, statutory obligations and to protect your vital interests |
Food & beverage preferences | Restaurant Reservations and Private Dining, Room reservations | To provide exceptional customer service and to improve your dining experience | Consent, legitimate interests and performance of our contract with you |
Personal connections to other customers or staff | Restaurant Reservations and Private Dining, Room Reservations | To provide exceptional customer service and to improve your dining/staying experience | Consent and legitimate interests |
General preferences | Restaurant Reservations and Private Dining | To provide our business services to you, to provide exceptional customer service and to improve your dining and staying experience, and for marketing our services and communicating with you in accordance with section 6 below | Consent and legitimate interests |
Previous booking history | Restaurant Reservations and Private Dining, Room Reservations | To provide our business services to you, to provide exceptional customer service and to improve your dining and staying experience, and for marketing our services and communicating with you in accordance with section 6 below | Consent and legitimate interests |
Any publicly available information - e.g. job title, company where you work, name of spouse, photograph | Restaurant Reservations and Private Dining, Room reservations | To provide exceptional customer service and to improve your dining/staying experience | Consent and legitimate interests |
Credit/Debit Card information (which will be encrypted) | Restaurant Reservations and Private Dining, Room Reservations, Spa Appointments, e-Commerce and Retail | To enable us to be paid for the services and products we supply to you | Consent, legitimate interests and performance of our contract with you |
Mobility requirements | Restaurant Reservations and Private Dining, Room Reservations, Spa Appointments | To comply with our statutory obligations or to protect your vital interests | Consent, legitimate interests, performance of our contract with you, statutory obligations and to protect your vital interests |
Health information (see note 3 below) | Spa Appointments | To comply with our statutory obligations or to protect your vital interests | Explicit consent, statutory obligations and to protect your vital interests |
Images and sound captured by CCTV | Restaurant, Hotel and Spa Services | To comply with our statutory obligations including for the security of our customers and guests or to protect your vital interests | Legitimate interests, performance of our contract with you, statutory obligations and to protect your vital interests |
Please note:
We usually collect personal data from the information you submit during the course of your relationship with us. We use different methods to collect data from and about you, including through:
Direct Interactions:
You may give us your identity, contact and financial data by filling in forms or by communicating with us by post, phone, email, social media or otherwise. This includes personal data you provide when you make reservations, bookings or order at the hotel, restaurant, and spa whether made online, by telephone, by email, in person via a third party such as a travel agent or through social media.
You may also give us your personal data when you request marketing to be sent to you, enter a competition, promotion or survey, or give us feedback or contact us.
Third Parties or Publicly Available Sources
We may also use, collect and process publicly available information that we believe could be relevant to your reservations, bookings, orders or other interactions with us. We typically search engines like Google or Social Media (eg LinkedIn) to collect this information.
We do not knowingly collect personal data from children under the age of 13. If we learn that we have collected personal data from a child under the age of 13 without parental consent, we will take steps to delete that personal data as soon as possible.
We will only use your personal data for purposes for which the law allows us. We have set out the purposes for which we use your personal data in the table above. By way of further explanation, we will process your personal data in our legitimate interests for the following purposes:
Management and Administration of our Business Services
We process the personal data you have provided us in order to:
We use personal data so that our employees can familiarise themselves with you and your guests in order to provide better services to you. The data you provide allows us to ensure that this can be achieved in the best possible way.
Marketing and communications
Where we have provided services to you as our customer, we would like to send you marketing communications from time to time to check the quality of our services to you or to inform you about our restaurants, spas and hotels; including new openings, developments, events and partnerships, and other services we think may be of interest to you. Such communications may be sent to you by post, by email or via social media.
We will send you such communications either because you are a recent customer of ours or because we have obtained your express consent to do so. You have the right to unsubscribe from these marketing communications from us at any time by clicking on the unsubscribe link which will be made available to you in each communication, or by emailing us at any time at [email protected] and indicating that you do not in future wish to receive such communications. In such case, we may store your contact details in order to ensure you do not receive such communications y accident.
We work with a number of trusted and contracted third parties in order to be able to provide our goods and services to you. These third parties include (but are not limited to) those who provide services to us for the delivery of goods, restaurant, hotel and spa hotel bookings and business systems providers such as payment processing providers.
We do not share, rent, trade or sell your personal data to third parties for marketing purposes or for any purposes other than those explained in this Privacy Policy, without your prior consent. We do not purchase personal data from or sell it to third parties.
We may transfer your personal data in the ways set out in this Privacy Policy, and, in particular, to the following third parties:
We require all third parties with whom we share your personal data to implement appropriate technical and organisational measures for the security of your personal data and to respect its confidentiality and to treat it in accordance with the law (including Data Protection Law). We do not allow our third party service providers to process your personal data for their own purposes and we only permit them to process your personal data for specified purposes and in accordance with our written instructions.
Some of our external service providers are based outside the UK so their processing of your personal data will involve a transfer of data outside the UK (and where such data is transferred it may be accessed in or stored in those countries). Whenever we transfer your personal data out of the UK, we shall do so in accordance with Data Protection Law including by ensuring by contractual means a similar degree of protection to that required by Data Protection Law is afforded to it by the use of specific personal data export clauses in the form of contracts approved by the European Commission or the UK's Information Commissioner.
The security of your personal data is as important to us as it is to you. With this in mind we will treat your data with the utmost care and take all appropriate steps to protect it. We will implement and maintain appropriate technical and organisational measures to ensure a level of security commensurate with the risks involved and appropriate to protect any personal data provided to us from accidental or unlawful destruction, loss, alteration, unauthorised disclosure of, or access to personal data transmitted, stored or otherwise processed. We will also check that any third party service providers to whom we transfer your personal data also adopt such technical and organisational measures.
Our websites use encrypted 'https' technology and access to your personal data is password protected, and sensitive data (such as payment card information) is secured by SSL encryption and tokenisation.
We and our security service providers carry out vulnerabilities assessments and penetration testing to identify ways to further strengthen our information security.
We will only retain your personal data for as long as necessary to fulfil the purposes we collected it for, including for the purposes of satisfying any legal, taxation, accounting, or reporting requirements.
To determine the appropriate retention period for personal data, we consider the amount, nature, and sensitivity of the personal data, the potential risk of harm from unauthorised use or disclosure of your personal data, the purposes for which we process your personal data and whether we can achieve those purposes through other means, and the applicable legal requirements.
Any Health Assessment Form you provide will be kept by us in hard copy only at the reception of the Spa, for a period of 6 months after the treatment to which the form relates. After that the hard copy form will be retained in a locked file for a further 3 year archival period, and then it will be securely disposed of.
In some circumstances you can ask us to delete your data (see the section "Your Rights" below for further information) and in some circumstances we may anonymise your personal data (so that it can no longer be associated with you) for research or statistical purposes, in which case we may use this information indefinitely without further Policy to you.
In accordance with Data Protection Law, you have the right to:
In the event you contact us to exercise your rights under Data Protection Law, we will endeavour to respond to such requests within a month or less, although we reserve the right to extend this period for complex requests.
In any of the situations listed above, we may request that you prove your identity by providing us with a copy of a valid means of identification in order for us to comply with our security obligations and to prevent unauthorised disclosure of data.
We reserve the right to charge you a reasonable administrative fee for any manifestly unfounded or excessive requests concerning your access to your personal data, and for any additional copies of the personal data you request from us.
You also have the right to make a complaint at any time to the Information Commissioner's Office (ICO), which is the UK's supervisory authority for data protection issues (www.ico.org.uk). We would, however, appreciate the chance to deal with your concerns before you approach the ICO so please contact us in the first instance. Please email [email protected].
As you interact with our website, we will automatically collect certain data about your equipment, browsing actions and patterns by using cookies.
We use cookies on our site, inter alia, in order to preserve the information stored as you add items to your order, to maintain your order history and to measure the site activity, so we can identify which pages are visited most frequently. We use this information to ensure we guarantee you the most efficient and enjoyable website visiting experience.
You can set your browser to stop cookies or to let you know when cookies are being sent, however this may disable some or all of the functions of the site and may prevent you from being able to use it as you would like.
You can view our full Cookie Policy here.
Our website may include links to third-party websites, plug-ins and applications. Clicking on those links or enabling those connections may allow third parties to collect or share data about you. We do not control these third-party websites and are not responsible for their privacy statements. When you leave our website, we encourage you to read the privacy Policy of every website you visit.
We may change or update parts of this Privacy Policy at any time in order to maintain our compliance with applicable law and regulation or following an update to our internal practices. When we do this we will update this Privacy Policy on this website. You will not necessarily be directly notified of such a change. Therefore, please ensure that you regularly check this Privacy Policy when you use our products and services to ensure that you are fully aware of any changes or updates.
Last Updated: 14 January 2022