Privacy Policy

Goddard and Gibbs is part of Lore Group, which recognises the importance of and its obligation to treat your personal data with respect. This Privacy Policy describes the privacy practices of Lore Group.

Personal Data

We take the protection of your private data very seriously and adhere to relevant data protection legislation. Personal data is collected only to the extent necessary. In no case will the data be sold or made available to third parties other than for the provision of goods and services offered by Lore Group. This privacy statement will inform you as to how your data is handled.

Personal Data” are data that identify you as an individual or relate to an identifiable individual.

At touchpoints throughout your guest journey, we collect Personal Data in accordance with law, such as:

  • Contact information: name, gender, postal address, telephone number, email address.
  • Payment information: credit and debit card number or other payment data.
  • Financial information in limited circumstances.
  • Language preference.
  • Date and place of birth.
  • Nationality, passport, visa or other government-issued identification data.
  • Important dates, such as birthdays, anniversaries and special occasions.
  • Employer details.
  • Travel itinerary, tour group or activity data.
  • Interactions including prior guest visits, goods and services purchased, and special service and amenity requests.
  • Social media account ID, profile photo and other data publicly available.

In more limited circumstances, we also may collect:

  • Data about allergies, disabilities and medical conditions in order to meet any special requirements.
  • Data about family members and companions, such as names and ages of children.
  • Biometric data such as digital images and video and audio data via security cameras located in public areas, such as hallways and lobbies, in our properties.
  • Guest preferences and personalised data (“Personal Preferences”), such as your interests, activities, hobbies, food and beverage choices, services and amenities of which you advise us or which we learn about during your visit.

If you submit any Personal Data about other people to us or our Service Providers, such as making a reservation for another individual, you represent that you have the authority to do so and you permit us to use the data to fulfil your request for our Services.

Sensitive Data

Lore Group will only request Sensitive Personal Data to safeguard a guest’s or its own interests. Examples are a guest’s health when using the Spa, disabilities to allow appropriate provision of care and services, allergy information that the hotel should be made aware of, or identity information required for legal purposes or to prevent fraud.

The Processing Of Children’s Data

Lore Group Services are not directed to individuals under the age of sixteen (16).

A Parent of Legal Guardian must provide any Personal Data or Sensitive Personal Data to
Lore Group if they wish Lore Group to deliver tailored services to their Child; for example, remembering a birthday or catering for allergies.

How We Collect Personal Data

We collect Personal Data in a variety of ways:

  • Online Services: we collect Personal Data when you use our online services to make a reservation or purchase goods and services, to communicate with us, to post to our social media pages, to sign up for our newsletter(s) or participate in any offers or surveys.
  • Visiting Our Hotels: we collect Personal Data when you visit our hotels and use our services including accommodation, bars and restaurants, meeting and events facilities, gym and spa.
  • Contacting Our Hotels: We collect Personal Data when you make a reservation by telephone or communicate with us by email or facsimile. These communications may be recorded for purposes of quality assurance and training.
  • Internet-Connected Devices: We collect Personal Data from internet-connected devices used in our properties to fulfil our legal obligations e.g. compliance with anti-terrorism legislation.

Collection Of Other Data

Other Data” are data that generally do not reveal your specific identity or do not directly relate to an individual. To the extent Other Data reveal your specific identity or relate to an individual, we will treat Other Data as Personal Data. Other Data include:

  • Browser and device data
  • Data collected through cookies and other technologies
  • Demographic data and other data provided by you
  • Aggregated data

How We Collect Other Data

We collect Other Data in a variety of ways:

  • Your browser or device. We collect certain data through your browser or automatically through your device, such as your Media Access Control (MAC) address, computer type (Windows or Macintosh), screen resolution, operating system name and version, device manufacturer and model, language, internet browser type and version and the name and version of the Online Services (such as the Apps) you are using. We use this data to ensure that the Online Services function properly.
  • Cookies: We collect certain data from cookies, which are pieces of data stored directly on the computer or mobile device that you are using. Cookies allow us to collect data such as browser type, time spent on the Online Services, pages visited, referring URL, language preferences, and other aggregated traffic data. We use the data for security purposes, to facilitate navigation, to display data more effectively, to collect statistical data, to personalize your experience while using the Online Services and to recognize your computer to assist your use of the Online Services. We also gather statistical data about use of the Online Services to continually improve design and functionality, understand how they are used and assist us with resolving questions.

Cookies further allow us to select which advertisements or offers are most likely to appeal to you and display them while you are using the Online Services or to send marketing emails. We also use cookies to track responses to online advertisements and marketing emails. If you do not want data collected with cookies, you can learn more about controlling cookies at: http://www.allaboutcookies.org/manage-cookies/index.html.

You can choose whether to accept cookies by changing the settings on your browser. If, however, you do not accept cookies, you will experience inconvenience in your use of the Online Services. We will not be able to recognize your computer, and you will need to log in every time you visit. You also will not receive advertising or other offers from us that are relevant to your interests and needs. At this time, we do not respond to browser “Do-Not-Track” signals.

  • Pixel Tags and other similar technologies. We collect data from pixel tags (also known as web beacons and clear GIFs), which are used with some Online Services to, among other things, track the actions of users of the Online Services (including email recipients), measure the success of our marketing campaigns and compile statistics about usage of the Online Services.
  • Google AdWords: We may use Google AdWords, a web analytics and search engine advertising campaign management service. Google AdWords uses cookies, web beacons, and other means to help us analyse how users use the site. You may find Google’s Privacy Policy at: http://www.google.com/intl/en/privacypolicy.html.
  • Analytics. We collect data through Google Analytics, which use cookies and technologies to collect and analyse data about use of the Services. These services collect data regarding the use of other websites, apps and online resources. You can learn about Google’s practices by going to www.google.com/policies/privacy and opt out by downloading the Google Analytics opt out browser add-on, available at https://tools.google.com/dlpage/gaoptout.
  • Your IP Address. We collect your IP address, a number that is automatically assigned to the computer that you are using by your Internet Service Provider (ISP). An IP address is identified and logged automatically in our server log files when a user accesses the Online Services, along with the time of the visit and the pages that were visited. We use IP addresses to calculate usage levels, diagnose server problems and administer the Online Services. We also may derive your approximate location from your IP address.

Aggregated Data. We may aggregate data that we have collected, and this aggregated data will not personally identify you or any other user.

Use Of Personal Data And Other Data

We use Personal Data and Other Data to provide you with Services and to develop new services. In some instances, we will request that you provide Personal Data to assist us in delivering our services to you. If you do not provide the data that we request, or prohibit us from collecting such data, we may not be able to provide the requested Services.

We use Personal Data and Other Data for our legitimate business interests including delivering the Services you request such as hotel, restaurant, meetings and events and spa reservations: including the associated payment processing, administration, reservation confirmations, prearrival messages and delivery of services.

We will use Personal Data and Other Data to manage our contractual relationship with you, because we have a legitimate interest to do so and/or to comply with a legal obligation.

Personal Preferences: We will use your Personal and Other Data to deliver a personalised experience:

  • Customising your experience when you visit our hotels;
  • Sending you tailored marketing communications and offers;
  • Inviting you to participate in periodic surveys and customer satisfaction surveys.

Business Purposes: We use Personal Data and Other Data for:

  • Data analysis, audits, security and fraud monitoring and prevention. This includes the use of
    closed-circuit television, door access cards, and other security systems;
  • Enhancing, improving or modifying our Services, identifying usage trends, and developing new goods and services;
  • Determining the effectiveness of our promotional campaigns;
  • Operating and expanding our business activities.

Disclosure of Personal Data and Other Data

Lore Group aims to delivery exceptional service to you, and to do so we share Personal Data and Other Data with:

  • Business Partners who provide goods, services and offers that enhance your experience at our properties or that we believe will be of interest to you. By sharing data with these business partners, we are able to make personalised services available to you. For example, this sharing enables spa, concierge and other outlets at our properties to provide you with services.
  • Service Providers. We disclose Personal Data and Other Data to third-party service providers for the purposes described in this Privacy Statement. Examples of service providers include companies that provide website hosting, data analysis, payment processing, order fulfilment, information technology and related infrastructure provision, customer service, email delivery, marketing, auditing and other services.
  • Corporate Structure: we may disclose or transfer your Personal Data and Other Data to a third party in the event of any reorganisation, merger, sale, joint venture, assignment, transfer or other disposition of all or any portion of Lore Group.

Other Uses And Disclosures

We will use and disclose Personal Data as we believe to be necessary or appropriate:

  1. to comply with applicable law, including laws outside your country of residence;
  2. to comply with legal process;
  3. to respond to requests from public and government authorities, including authorities outside your country of residence and to meet national security or law enforcement requirements;
  4. to enforce our terms and conditions;
  5. to protect our operations;
  6. to protect the rights, privacy, safety or property of Lore Group, you or others; and
  7. to allow us to pursue available remedies or limit the damages that we may sustain.

Third Parties

This Privacy Statement does not address, and Lore Group is are not responsible for the privacy, data or other practices of any Business Partners or any third party operating any site or service to which the Services link. The inclusion of a link on the Online Services does not imply endorsement of the linked site or service by us. We have no control over, and are not responsible for, any third party’s collection, use and disclosure of your Personal Data.

We are not responsible for the data collection, use, disclosure or security policies or practices of other organizations, such as Facebook, Apple, Google, Microsoft, RIM or any other app developer, app provider, social media platform provider, operating system provider, wireless service provider or device manufacturer, including with respect to any Personal Data you disclose to other organizations through our Social Media Pages.

Choices, Access And Retention

You have choices when it comes to how we use your data and we want to ensure you have the information to make the choices that are right for you.

If you no longer want to receive marketing-related emails, you may opt out by:

  • Click unsubscribe in any marketing-related email or
  • By contacting the Data Management Office unsubscribe@LoreGroup.com or
  • By following the instructions in any email that you receive from us.

Your Rights In Relation To Your Personal Data

You have the right at any time:

  • to enquire about the personal data stored, their provenance, and recipients thereof, as well as the scope and purpose of the data processing;
  • to have any incorrect data corrected;
  • to object to the processing of your data;
  • to have Personal Data erased provided that the data is not required by Lore Group to fulfil a contract for goods and services or has to be retained for legal reasons;
  • to have a copy of your data in electronic format for purposes of transmitting it to another company.

If you wish to exercise any of your rights, please contact us stating which of your rights you wish to exercise at Privacy@OneHundredShoreditch.com, or by mail:

One Hundred Shoreditch,
100 Shoreditch High Street,
Shoreditch,
London, E1 6JQ

For your protection, we only fulfil requests for the Personal Data associated with the particular email address that you use to send us your request, and we may need to verify your identity before fulfilling your request. We will comply with your request as soon as reasonably practicable.

Retention

We will retain your Personal Data for the period necessary to fulfil the purposes outlined in this Privacy Policy unless a longer retention period is required or permitted by law.

The criteria used to determine our retention periods include:

  • The length of time we have an ongoing relationship with you and provide the Services to you (for example, for as long as you have an account with us or keep using the Services)
  • Whether there is a legal obligation to which we are subject (for example, certain laws require us to keep records of your transactions for a certain period of time before we can delete them)
  • Whether retention is advisable considering our legal position (such as, for statutes of limitations, litigation or regulatory investigations)

Cross-Border Transfer

Lore Group operates hotels in The Netherlands, the United Kingdom and the United States of America. Sharing data cross-border allows us to deliver you an exceptional service in whichever hotel you visit. As a result, we will, subject to law, transfer Personal Data and Other Data collected in connection with the Services between NL, UK and USA where data protection standards may differ from those in the country where you reside. By making a reservation or visiting or staying at a Lore Group you understand that we transfer your Personal Data between the NL, UK and USA.

In certain circumstances, courts, law enforcement agencies, regulatory agencies or security authorities will be entitled to access your Personal Data.

Updates To This Privacy Statement

The “Published” date at the top of this page indicates when this Privacy Policy was last revised. Any changes become effective from this date. Your use of our Services following these changes indicates that you accept the revised Privacy Policy. If you wish to review the version of the Privacy Policy effective immediately prior to this version, please contact us at Privacy@LoreGroup.com

Contacting Us

If you have any questions about this Privacy Statement, please contact us at Privacy@LoreGroup.com, or by mail:

Lore Group Data Management Office
Portman House 7th Floor
2 Portman Street
London, W1H 6DU
United Kingdom

Email communications are not always secure, so please do not include any credit card or Sensitive Data in your emails to us.

Supervisory Authorities

Should you wish to lodge a complaint with regard to an alleged infringement of the data protection laws:

The Supervisory Authority for the United Kingdom is:
Information Commissioner’s Office
Helpline: +44 (0) 303 123 1113
https://ico.org.uk/concerns/