VALENTINE’S DAY

Privacy Policy

Edenhall Estate – Privacy Policy (UK GDPR / Hospitality & Events)

Last updated: May 2026

Edenhall Estate (“we”, “our”, “us”) respects your privacy and is committed to protecting your personal data.

This Privacy Policy explains how we collect, use, store, share, and protect your information when you:

  •     Visit our website
  •     Make enquiries
  •     Book accommodation, dining, events, or experiences
  •     Attend weddings or private events
  •     Contact us by phone, email, social media, or online forms
  •     Subscribe to marketing communications
  •     Visit the estate, book and stay in one of our properties, or use our guest services
  •     Apply for employment opportunities

This policy is intended to comply with the UK General Data Protection Regulation (UK GDPR), the Data Protection Act 2018, the Privacy and Electronic Communications Regulations (PECR), and other applicable data protection laws.

1. Who We Are

Edenhall Estate

Website: https://edenhallestate.com

Email: hello@edenhallestate.com

If you have any questions about this Privacy Policy or how we use your personal data, please contact us using the details above.

2. The Information We Collect

We may collect and process the following categories of personal information.

Information you provide directly

This may include:

  •     Name
  •     Date of birth
  •     Email address
  •     Telephone number
  •     Postal address
  •     Booking information
  •     Wedding and event details
  •     Guest information
  •     Payment and billing information
  •     Marketing preferences
  •     Any information you provide in forms, correspondence, emails, telephone calls, texts, in meetings, or in any other form of communication

Information collected automatically

When you use our website or digital services, we may automatically collect:

  •     IP address
  •     Device identifiers
  •     Browser type and version
  •     Operating system
  •     Website usage information
  •     Pages visited
  •     Time spent on pages
  •     Referral sources
  •     Cookie and analytics information

Sensitive personal data

In limited circumstances, you may provide information relating to:

  •     Dietary requirements
  •     Allergies
  •     Accessibility requirements
  •     Other health information relevant to a booking or event

We only process this information where necessary for the provision of services, to comply with our insurance requirements, and with appropriate safeguards.

3. How We Collect Information

We may collect information:

  •     Directly from you
  •     Through our website forms
  •     Through bookings and reservations
  •     Through wedding or event enquiries
  •     Through social media interactions
  •     Through email or telephone correspondence
  •     Through payment and booking systems
  •     Through captive portal 
  •     From referral or hospitality partners
  •     From publicly available sources where appropriate
  •     Through cookies and analytics technologies

4. How We Use Your Information

We use personal data for the following purposes:

  •     Responding to enquiries
  •     Managing bookings and reservations
  •     Administering weddings, events, accommodation, dining, and hospitality services
  •     Processing payments and invoices
  •     Managing guest relationships and customer service
  •     Personalising guest experiences and preferences
  •     Improving our website, services, and operations
  •     Sending service and operational communications
  •     Sending marketing communications where permitted
  •     Maintaining security and preventing fraud
  •     Complying with legal and regulatory obligations
  •     Managing recruitment and employment applications

5. Guest Preferences and Profiling

To improve guest experiences, we may maintain records of preferences and previous interactions, including:

  •     Dietary or accessibility requirements
  •     Accommodation preferences
  •     Previous bookings or events
  •     Communication preferences
  •     Customer service interactions

We use this information to provide a more personalised service and improve customer experiences.

6. Lawful Bases for Processing

Under UK GDPR, we rely on the following lawful bases depending on the activity involved.

Contract

We process personal data where necessary to:

  •     Manage bookings and reservations
  •     Deliver hospitality and event services
  •     Process payments
  •     Communicate about bookings and events

Legitimate Interests

We may process personal data for legitimate business interests, including:

  •     Improving our services and operations
  •     Website analytics and performance monitoring
  •     Fraud prevention and security
  •     Customer relationship management
  •     Maintaining estate and network security
  •     CCTV monitoring where applicable

We ensure our legitimate interests are balanced against your rights and freedoms.

Consent

We rely on consent for:

  •     Marketing communications where required
  •     Non-essential cookies and tracking technologies
  •     Optional guest services or communications

You may withdraw consent at any time.

Legal Obligations

We may process personal data where required to comply with:

  •     Tax obligations
  •     Financial reporting obligations
  •     Health and safety obligations
  •     Law enforcement requests
  •     Regulatory requirements

7. Marketing Communications

We may send you:

  •     Newsletters
  •     Event updates
  •     Hospitality offers
  •     Estate-related news
  •     Promotions and marketing communications

where:

  •     You have opted in, or
  •     We are otherwise permitted to contact you under applicable law.

You can unsubscribe at any time using the unsubscribe link in emails or by contacting us directly.

Please note that even if you opt out of marketing communications, we may still contact you regarding:

  •     Existing bookings
  •     Reservations
  •     Payments
  •     Event administration
  •     Any other operational or service-related communications relevant to your stay or your status as our guest or customer

8. Cookies and Tracking Technologies

Our website uses cookies and similar technologies to:

  •     Operate the website
  •     Improve functionality and performance
  •     Analyse website traffic
  •     Support marketing and advertising activity
  •     Remember user preferences

Cookies may include:

  •     Essential cookies
  •     Performance and analytics cookies
  •     Functional cookies
  •     Advertising and marketing cookies

Where legally required, we will request your consent before placing non-essential cookies.

You can manage cookies through your browser settings or cookie preferences.

Analytics and Advertising

We may use third-party services such as:

  •     Google Analytics
  •     Meta/Facebook advertising tools
  •     Email marketing platforms
  •     Advertising and remarketing technologies

These services may collect information about user interactions, browsing behaviour, and devices.

We recommend maintaining a separate Cookie Policy for additional detail.

9. Wi‑Fi and Network Usage

If guests access estate Wi‑Fi or digital networks, we may collect limited technical information including:

  •     IP addresses
  •     Device identifiers
  •     Connection timestamps
  •     Usage metadata

This information may be used for:

  •     Network administration
  •     Security monitoring
  •     Fraud prevention
  •     System maintenance

The lawful basis for this processing is our legitimate interest in maintaining secure systems and services.

10. CCTV and Security Monitoring

For safety, crime prevention, insurance purposes, and estate security purposes, CCTV systems may operate in certain areas of the estate.

Where CCTV is used:

  •     Recordings will be retained only as long as reasonably necessary
  •     Access will be restricted to authorised personnel

The lawful basis for this processing is our legitimate interest in maintaining safety and security.

11. Recruitment and Employment Applications

If you apply for employment opportunities with us, we may collect:

  •     CVs and application materials
  •     Employment history
  •     Qualifications
  •     Interview notes
  •     References

Recruitment information is used solely for recruitment and employment-related purposes and retained only as long as reasonably necessary.

12. Third-Party Services

We may share personal data with trusted third-party service providers who support our operations.

These may include, but are not limited to:

  •     Booking and reservation platforms
  •     Payment processors
  •     Email marketing providers
  •     Website hosting providers
  •     IT and cybersecurity providers
  •     Analytics providers
  •     Hospitality and event partners
  •     Professional advisers and accountants

We require third parties to process personal data securely and in accordance with applicable data protection laws.

13. International Transfers

Some service providers may process personal data outside the United Kingdom.

Where international transfers occur, we ensure appropriate safeguards are in place, including:

  •     Adequacy regulations
  •     Standard contractual clauses
  •     Other lawful transfer mechanisms

14. Data Retention

We retain personal data only for as long as reasonably necessary for the purposes outlined in this policy.

Retention periods may vary depending on the type of information involved.

Examples may include, but are not limited to:

  •     Booking and reservation records
  •     Accounting and tax records
  •     Customer enquiry records
  •     Recruitment applications
  •     Marketing suppression lists
  •     Security and CCTV records

We may retain certain information where required for legal, regulatory, accounting, fraud prevention, or dispute resolution purposes.

15. Your Rights

Under UK GDPR, you may have rights including the right to:

  •     Access your personal data
  •     Correct inaccurate information
  •     Request deletion of your data
  •     Restrict processing
  •     Object to processing
  •     Withdraw consent
  •     Request portability of your data
  •     Lodge a complaint with the Information Commissioner’s Office (ICO)

To exercise your rights, please contact us.

ICO website: https://ico.org.uk

16. Website Security

We implement appropriate technical and organisational measures designed to protect personal data against:

  •     Unauthorised access
  •     Loss
  •     Misuse
  •     Alteration
  •     Disclosure

However, no online system or method of transmission can be guaranteed to be completely secure.

17. Children’s Privacy

Our website and services are not directed toward children under the age of 13.

We do not knowingly collect personal information from children without appropriate consent.

18. External Links

Our website may contain links to third-party websites or services.

We are not responsible for the privacy practices, security, or content of external sites.

Users should review the privacy policies of any third-party websites they visit.

19. Changes to This Privacy Policy

We may update this Privacy Policy from time to time.

Any updates will be published on this page together with the revised “Last updated” date.

20. Contact Us

If you have any questions regarding this Privacy Policy or how we process personal data, please contact:

Edenhall Estate

Website: https://edenhallestate.com

Email: info@edenhallestate.com