Privacy Policy

This is the privacy policy of Nut Tree Limited ("Nut Tree") and associated website The Doghouse.

We respect your right to privacy and we aim to ensure your data is handled in accordance with the operative provisions of The Data Protection (Bailiwick of Guernsey) Law 2017, ("the Data Protection Law") introduced on 25 May 2018.

We use certain elements of your personal data to provide our services to you. In this privacy policy, we set out how we collect, store and use your personal data. We take every care to protect your personal data and your privacy during this process in accordance with the Data Protection Law. There are steps you can take to control what we do with your personal data and these steps are explained in the policy, which follows.

What constitutes Personal Data?

Examples of personal data include your: name; address; email; and car's registration number. Personal data may also include information about how you use our website(s) and other services.

Nut Tree is the data controller of the personal data which we collect from you, and so we are responsible for the ways in which your personal data is collected and the purposes for which your personal data is used.

Your data is stored either on our in-house computer systems; or, on our system backup hosted by a recognised third-party datacentre based on the island. Both systems have strong passwords and highly effective firewalls in place.

Depending on how you use our services, we may collect any, or all, of the following personal data from you in the way indicated below:

Your name and contact details (email address, telephone number, address).

When you make a booking or reservation for the restaurant, either directly or via a third-party agency.
When you make an enquiry, complete a form or download a brochure either directly or via a third-party agency.
When you register for our free Wi-Fi.
When you register for our marketing database.
When you purchase a gift voucher.
When you complete a feedback form.

Communication we have with you (emails, letters, telephone calls, messages sent to us, feedback).

When you get in touch with us.
When you respond to our requests for feedback.

Closed Circuit Television.

We use CCTV systems in and around our hotels. CCTV footage is monitored on-site only.

Payment card details.

When settling payment by debit or credit card.

Information about how you use our website and emails (including your IP address, browser type, geographical location, referring website or source, the duration of your visit, pages viewed and files downloaded)

When you use our website (e.g. to browse or to make a booking).

Information about your interests and preferences.

When you open our marketing emails.
When you interact with any online marketing.
When you make contact with us.
When you respond to our requests for feedback.

We may also collect limited amounts of sensitive personal data if you advise us of any medical conditions, disabilities, allergies, or other special requirements you have; or if you have an accident on one of our premises.

We will NEVER collect any "special category data" on you unless required to do so by a statutory body. Special category data includes but is not limited to: racial or ethnic origin; political opinion; religious beliefs or similar; trade union membership etc.

What are my rights?

You have the right to be informed about how we use your personal data.

You have the right to request us to update your personal data and rectify any mistakes found within our records: for example misspellings in your name or address, or a change in your marital status.

You have the right to ask us to delete or restrict the use of your personal data.

You can opt in and out of any marketing communications at any time.

You have the right to object to certain uses of your data.

Any requests as outlined above, should be submitted to dataprotection@nuttreeguernsey.com where your request will be dealt with within a month of its receipt, or, from the day any information requested to confirm the requester's identity is received.

In exceptional circumstances, when the request submitted is particularly complex or repetitive, our deadline may be extended by a further period not exceeding three months during which time the requesting party will be informed of the progress being made on a monthly basis.

We reserve the right to charge a fee for this rectification service where it is considered the request is manifestly unfounded or excessive.

Additionally, you can unsubscribe from marketing correspondence forwarded to you at any time by simply using the unsubscribe link found within the marketing email.

Please note, if you advise us you do not wish to receive marketing communications, you will continue to receive service emails which are directly related to your reservation in the restaurant; for example, booking confirmations.

How long will you keep my data?

We will only keep your data for as long as we need it but for a maximum of two years after your reservation.

We look to destroy any paper copies of your personal data as soon as they have served their purpose. Where we need to retain paper copies for a longer period of time, we ensure the information is stored securely with access limited to only those who have been duly authorised by Nut Tree's Senior Management Team.

Using and sharing of your data.

We DO NOT sell or share your personal data with any external third-party unless you have provided us with your express permission to do so.

We can only use your personal data if we have a valid reason, or legitimate interest, for doing so; or, if we are required to do so by law.

Examples of the various usage categories for your guidance are as follows:

KEY: (1) = Personal data uses | (2) = Legal basis | (3) = Our legitimate usage

(1) – To respond to any of your enquiries.
(2) – Legitimate interests.
(3) – We need to be able to respond to your enquiry.

(1) – To process any reservations or bookings made with us; before and during your visit.
(2) – To fulfil our contractual obligations with you.
(3) – N/A

(1) – To give you further information about any reservations or bookings.
(2) – Legitimate interests.
(3) – We want to provide you with the best service possible.

(1) – To send you requests for feedback on your experience with us in the restaurant.
(2) – Legitimate interests.
(3) – We continually strive to provide the best service and request your input to enable us to achieve that objective.

(1) – To inform you about our news and special offers we think might be of interest to you.
(2) – Consent. Legitimate interests.
(3) – We believe you will be interested in offers that are similar to those you have purchased previously, however you can opt-out at any time.

(1) – To meet our legal responsibilities, e.g. collection of registration data or cooperating with police enquiries.
(2) – Legal obligation.
(3) – N/A

(1) – To combat fraud and manage risk for both our customers and ourselves.
(2) – Legitimate interests.
(3) – We need to protect our business and our customers.

(1) – To respond to complaints received.
(2) – Legitimate interests.
(3) – Resolution of complaints is a priority to ensure we maintain the highest service levels possible.

(1) – To investigate accidents as and when they occur.
(2) – Legitimate interests.
(3) – We need to establish what caused the accident to remediate any causes found.

Third party co-operation.

There are a number of third-party sources utilised when collecting your data for the purposes outlined above.

These sources include; our website, which is developed and hosted by a third-party; our reservation systems; certain marketing systems, for example email systems; and our payment systems providers. We expect the third-parties to follow the same rigorous data protection standards we do as they are covered by the same or very similar data protection legislation.

In addition we collect personal data from third-party agents who process reservations; or other information on our behalf. Examples of which include online travel agents and our WI-FI provider(s).

GetSiteControl.

We incorporate the "GetSiteControl" widget tool from GetWebCraft Limited, Klimentos 41-43, Klimentos Tower, Flat/Office 25, 1061, Nicosia, Cyprus on our internet pages. This is a widget that allows us to show information as a "layover". The layover window can be shown according to certain rules (for example duration of site visit) meaning that placement of a cookie is necessary. When the layover is requested, data is therefore transferred to GetWebCraft's servers as though you are visiting their own website. You can find out more about data protection at GetWebCraft from the company's Privacy Policy: getsitecontrol.com/privacy

Further information

If you require any further information please do not hesitate to contact us at

Data Protection,
The Farmhouse Hotel,
Routes des Bas Courtils,
St Saviours,
Guernsey.
GY7 9YF

or, dataprotection@nuttreeguernsey.com

Alternatively you may visit the website of the Office of the Data Protection Authority which can be found at www.odpa.gg

Acceptance of this Policy.

By continuing to use our site(s), you signify your acceptance of our Privacy Policy. If you do not agree with this policy, please do not use our site(s). We reserve the right, at our sole discretion, to change, modify, add or remove portions of this policy at any time so visitors are encouraged to review this policy from time to time. Your continued use of our site(s) following the posting of such changes indicates your acceptance of the changes made.