Privacy Notice


Harrington Hall is committed to protecting and respecting your privacy. We adhere to the hospitality industry Code of Conduct on Privacy (the “Code”) and the Code and this Privacy Policy (the “Policy”) together with any disclaimers sets out the basis on which any personal data we collect from you or that you provide to us, or that is provided to us relating to you (“Data”) by any means will be processed. Please read the following carefully to understand our use of personal data. Please note that the Policy relates only to living individuals in relation to personal data relating directly to themselves, and not to persons in any other capacity. We are obliged under current data protection legislation and General Data Protection Regulations (from May 2018) to inform you of the following;

Information we may collect from you

We collect personal data from you which you volunteer when you provide such personal data to us, or via our services with which you interact. We may also be given other personal data relating to you by other persons, or we may obtain such other personal data about you as may be provided to us in the course of our legitimate business activities.

We may collect and process Data including the following in the course of providing services to you, which could contain your personal data:

your full name; your address; your various email addresses; your various phone numbers including mobile phone numbers; your nationality; your address; financial information about you, including your bank account details, credit card details, or other payment details; details of contracts you have entered with third parties for us to provide services to you; details of your relationship to other parties; details of your membership of professional or other organisations; your date of birth; details of your children and other relations; medical details, including details of allergies; details of your car registration number; details of your driving licence; details of your passport and all other Data which you ask us to process on your behalf, or which is necessary for us to process in order for us to fulfil our role as providing bedroom accommodation, food & beverage, gym, leisure, meeting room or other hospitality related services to you.

We may also process other data, which is not personal data.

When you access our website or wi-fi facilities, your device’s browser provides us with information such as your IP address, browser type, access time and referring URL which is collected and used to compile statistical data. This information may be used to help us to improve our website and the services we offer, and to offer services to you.

Security Statement

Harrington Hall uses the secure sockets layer protocol to protect your online transaction. Secure sockets layer is a security protocol that provides communications privacy over the internet. This allows your computer to communicate with our server in a way that is designed to prevent tampering or message forgery. Your credit card number is also "one-way" encrypted as it enters our databases. We will take all reasonable care to keep the details of your booking or reservation and credit card information secure unless we have been negligent, we will not be liable for any losses you may suffer as a result of unauthorised access by a third party to the information transmitted by you when making reservations at this website

Security and where we store your personal data

We are committed to protecting the security of your personal data. We use a variety of security technologies and procedures to help protect your personal data from unauthorised access and use. As effective as modern security practices are, no physical or electronic security system is entirely secure. We cannot guarantee the complete security of our databases, nor can we guarantee that information you supply will not be intercepted while being transmitted to us over the Internet. We do continue to revise policies and implement additional security features as new technologies become available.

The transmission of information via the Internet is not completely secure and may involve the transfer of data to countries outside of the European Economic Area (EEA). This occurs typically through use of cloud solutions for web hosting, email hosting or proprietary software solutions delivered to us through the Cloud. We do not however authorise any third party to use your personal data for their own purposes. Non-EEA countries may not provide an adequate level of protection in relation to processing your personal data. By submitting your data, you agree to this transfer, storing and processing. Although we do use our best endeavours to protect your personal data, we cannot guarantee the security of your personal data transmitted to us. Any transmission of data is at your own risk. Once we receive your personal data, we use appropriate security measures to seek to prevent unauthorised access.

Uses made of your personal data

personal data that we hold to:

In our legitimate interest of advertising our services, provide you with information, products or services that you request from us or which we feel may interest you, where you have consented to be contacted for such purposes (See our list of services below);

  • carry out our obligations arising from any contracts entered into between you and us;
  • in our legitimate interest of advertising our services, provide details of any loyalty scheme or promotion;
  • comply with legislation; and/or
  • notify you about changes to our services.

Storing of personal data by the human resources department

Please be aware that all personal data and CVs or resumés submitted to Harrington Hall are stored on a secure, dedicated server for a fixed period of six months only. After this, all data is deleted. This data will only be used for the purpose intended. Access to this data is strictly limited to authorised personnel from Harrington Hall human resources department.

List of services;

  • bedroom accommodation
  • food & beverage
  • gym
  • leisure
  • meeting rooms
  • or other hospitality related services to you

We may use your data to send you information relating to our services, events and products which may be of interest to you. If you do not want us to use your data in this way, please notify us to that effect.

Your personal data will be retained only for the period necessary to fulfil the purposes outlined in this notice unless a longer retention period is required or permitted by applicable law. Under law we are obliged to retain personal information collected to fulfil guest reservations for seven years after the stay is completed. We retain other personal information for shorter periods of time if possible and if permitted by law.

Cookie usage and storage

When you visit we collect information about your computer and assign you a ‘cookie’ (a small, unique identifier text file) which is sent by our website to your web browser and remains on your computer until deleted. You do not provide this information – it is collected automatically as a means of supporting your visit to our website. This cookie does not contain any information that can identify you. You can always choose to not receive a cookie file by enabling your Web browser to refuse cookies or prompt you before accepting a cookie. For more information on how to adjust your browser’s cookie settings, or to find out more information on specific cookies. Please note however that disabling cookies may restrict your use of the Harrington Hall website.

In addition, we create a unique Session ID for each visit to the Harrington Hall websites. Session ID cookies may be used by the Harrington Hall to track a user’s preferences while navigating the website. Session ID cookies last for the duration of your visit to our website and are deleted at the end of your session.

Disclosure of your information

We may disclose your Data to third parties who provide a service to us or in the event that we sell any business or assets, in which case we may disclose your Data to the prospective buyer of such business or assets or if we are under a duty to disclose or share your Data in order to comply with any legal obligation, or to protect our rights, property, or safety of staff or customers. Currently we disclose your Data to the following Providers. We endeavour to ensure that all Providers comply with the applicable data protection legislation. Some jurisdictions may not have adequate safeguards for the protection of personal data.

Provider State “EU” or alternatively state jurisdiction to which the Data is transferred
Google EU
Open Table EU
ResDiary EU
Book A Table EU
Accubook EU EU
Expedia EU
Trip Advisor EU
Facebook EU

Links to other sites

Our website may, from time to time, contain links to and from other websites. If you follow a link to any of those websites, please note that those websites have their own privacy policies and that we do not accept any responsibility or liability for those policies. Please check those policies before you submit any data to those websites.

Right to Object

Where we process your personal data on the basis of the public interest or a legitimate interest (i.e. points (e) or (f) of Article 6(1) of the GDPR) or where there is profiling based on these provisions, you have the right to object to the use of this data. We shall no longer process the personal data in the event of the objection, unless we can demonstrate compelling legitimate grounds for the processing which override the interests, rights and freedoms of you as data subject, or for the establishment, exercise or defence of legal claims.

If we process personal data for direct marketing purposes, you shall have the right to object at any time to processing of your personal data for such marketing. This applies to profiling to the extent that it is related to such direct marketing. If you object to us processing for direct marketing purposes, we will no longer process the personal data for these purposes. You have the right, on grounds relating to your particular situation, to object to processing of your personal data for scientific or historical research purposes, or for statistical purposes pursuant to Article 89(1) of the GDPR, unless the processing is necessary for the performance of a task carried out for reasons of public interest.

The process for making an objection is set out in Form 3a.

Your other rights

As an individual, under EU law you have certain rights to apply to us to provide information or make amendments to how we process data relating to you. These rights apply in certain circumstances and are set out below: -

  • The right to access data relating to you (‘access right’).
  • the right to rectify/correct data relating to you (‘right to rectification’).
  • The right to object to processing of data relating to you (‘right to object’).
  • The right to restrict the processing of data relating to you (‘right to restriction’).
  • The right to erase/delete data relating to you (i.e. the “right to erasure”).
  • The right to ‘port’ certain data relating to you from one organisation to another (‘right to data portability’).

The controller for the purposes of GDPR is Olema Consultants / Olema Property Holdings Ltd

Changes to this policy

We reserve the right to change this Policy from time to time in our sole discretion. If we make any changes, we will post those changes here so that you can see what information we gather, how we might use that information and in what circumstances we may disclose it. By continuing to use our site or our services or otherwise provide data after we post any such changes, you accept and agree to this Policy as modified.

Contact Us

Questions, comments, requests and complaints regarding this Policy and the information we hold are welcome and should be addressed to us

All requests will be dealt with promptly and efficiently.