The West Bay Country Club & Spa is committed to safeguarding privacy and in this policy we explain how we will handle and protect your personal data. Should we ask you to provide certain information by which you can be identified, then you can be assured that it will only be used in accordance with this privacy statement.
The West Bay Country Club & Spa may change this policy from time to time by updating this page. You should check this page from time to time to ensure that you are happy with any changes. This updated policy is effective from 10th May 2018.
The West Bay Country Club & Spa will never pass your details onto a third party for the purposes of direct marketing.
What we collect
We do not collect personally identifiable information about visitors to the website. The only time we might collect this information is if you decide to email us or fill in a contact form on the website, as part of the booking process, membership joining process, or when you are onsite with us. Your information will be treated in the strictest of confidence and will never be published or shared with third party for the purposes of direct marketing.
If you provide us with your contact details, we may contact you in response to your message or subsequently in the future. This may include sending promotional emails about new projects or other information, which we think you may find interesting, using the email address and/or postal address you have provided.
If you are a guest, we require your personal details to set you up with your Country Club membership. We also require your details so we can contact you with pre-arrival information about your stay via the post and email. We will also require your details for any Country Club bookings which include but are not limited to spa bookings, Health MOTs, exercise classes, 1-2-1 sessions, and appointments. If you join the Country Club as a member, we require your personal details to process your membership and provide you with our member news and update emails. We also require your details if you are a guest, member or non-member wishing to use our Island Wellness Spa. You don’t have to give us any of your personal information. If you choose not to, you are unlikely to receive our optimal overall customer experience. This is your choice – and we respect this.
We may process information contained in any enquiry you submit to us regarding products and/or services. The enquiry data may be processed for the purposes of offering, marketing and selling relevant products and/or services to you.
We may process information relating to transactions, including purchases of goods and services that you enter into with us. The transaction data may include your contact details, your card details and the transaction details. The transaction data may be processed for the purpose of supplying the purchased goods and services and keeping proper records of those transactions. The legal basis for this processing is the performance of a contract between you and us and/or taking steps, at your request, to enter into such a contract and our legitimate interests, namely our interest in the proper administration of our business.
We may process information contained in or relating to any communication that you send to us. The correspondence data may include the communication content and metadata associated with the communication. Our website will generate the metadata associated with communications made using the website contact forms. The correspondence data may be processed for the purposes of communicating with you and record-keeping.
We may process any of your personal data identified in the other provisions of this policy where necessary for the establishment, exercise or defence of legal claims, whether in court proceedings or in an administrative or out-of-court procedure. The legal basis for this processing is our legitimate interests, namely the protection and assertion of our legal rights, your legal rights and the legal rights of others.
You can prevent any subsequent communication and marketing messages from us at any time either by following the unsubscribe links in any of our emails or by contacting us and requesting that all such communication stops.
Sharing your information
We do not, and will not, sell any of your personal data to any third party – including your name, address, email address or credit card information. We want to earn and maintain your trust, and we believe this is absolutely essential in order to do that.
We do share your data with the following categories of companies as an essential part of being able to provide our services to you, as set out in this statement:
Companies that do things to get your services and purchases to you, such as payment service providers including PC Consultants, Sage accounting, Sage Payroll, RMS, and Premier.
MailChimp, our email marketing platform. Our e-marketing platform is situated in The United States. The European Commission has made an “adequacy decision” with respect to the data protection laws of each of this country. Transfers to each of these countries will be protected by appropriate safeguards, namely the use of standard data protection clauses adopted or approved by the European Commission.
We may disclose your personal data to our insurers and/or professional advisers insofar as reasonably necessary for the purposes of obtaining and maintaining insurance coverage, managing risks, obtaining professional advice and managing legal disputes.
Financial transactions are handled by our payment services providers Lloyds Cardnet, RMS, Premier, Sage Accounting and Sage Payroll. We will share transaction data with our payment services providers only to the extent necessary for the purposes of processing your payments, refunding such payments and dealing with complaints and queries relating to such payments and refunds.
We are committed to ensuring that your information is secure. In order to prevent unauthorised access or disclosure we have put in place suitable physical, electronic and managerial procedures to safeguard and secure the information we collect.
A cookie is a small file which is placed on your computer or device and can be used for a variety of purposes including enabling website functionality, analysing website usage or targeting advertising and tracking campaign performance. For background information on cookies we suggest the third party websites AllAboutCookies and AboutCookies.
A cookie in no way gives us access to your computer or any information about you, other than the data you choose to share with us if you fill in a contact form or email us.
You can choose to accept or decline cookies, and delete existing ones. Most web browsers automatically accept cookies, but you can usually modify your browser setting to decline cookies if you prefer. The help section of your chosen browser or its accompanying website will provide instructions on how to accept, decline and delete cookies.
Declining cookies may prevent you from taking full advantage of the website, however, as some functionality may not work.
Further resources about cookies:
- YourOnlineChoices – a guide to online behavioural advertising
- The NAI tool – allows you to opt out of many third party cookies
On The West Bay Country Club & Spa website, Google Analytics cookies are used to a) analyse how our website is used – for example the volume of visitors to the site or specific pages and b) analyse how visitors found the website – for example reviewing searches that led to a site visitor, and which traffic sources led to a contact form being completed or an email sent. We will access this information on your first visit to our website and may access it again on subsequent visits.
Future designs of this website will be made inline with the Privacy and Electronic Communications Regulations 2011.
Review of Anonymous Data from Google Analytics
We have implemented Google Analytics demographics and interest-reporting features on this website. These tools allow us to review anonymous data regarding the gender, age and interests of website visitors. Although this information is collected through your Google Ad settings, it is not provided in a personally identifiable format.
Links to other websites
Our website may contain links to other websites of interest. However, once you have used these links to leave our site, you should note that we do not have any control over that other website. Therefore, we cannot be responsible for the protection and privacy of any information, which you provide whilst visiting such sites and this privacy statement does not govern such sites. You should exercise caution and look at the privacy statement applicable to the website in question.
Controlling your personal information
You may instruct us to provide you with any personal information we hold about you. If you would like a copy of the information held on you please contact us. Subject to the supply of appropriate evidence of your identity (for this purpose, we will usually accept a photocopy of your passport certified by a solicitor or bank plus an original copy of a utility bill showing your current address) we will release your requested information.
If you believe that any information we are holding on you is incorrect or incomplete, please write to or email us as soon as possible. We will promptly correct any information found to be incorrect.
You may instruct us at any time not to process your personal information for marketing purposes. You can prevent any subsequent communication and marketing messages from us at any time either by following the unsubscribe links in any of our emails or by contacting us and requesting that all such communication stops.
Keeping your information
We’ll hold on to your information for as long as is needed to be able to provide the services to you. If reasonably necessary or required to meet legal or regulatory requirements, resolve disputes, prevent fraud and abuse, or enforce our terms and conditions, we may also keep hold of some of your information as required, even after you have closed your account or it is no longer needed to provide the services to you.
In practice, you will usually either expressly agree in advance to our use of your personal information for marketing purposes, or we will provide you with an opportunity to opt out of the use of your personal information for marketing purposes.
Candidate Privacy Notice
Data controller: The West Bay Club (‘the Employer’)
As part of any recruitment process, the Employer collects and processes personal data relating to job applicants. The Employer is committed to being transparent about how it collects and uses that data and to meeting its data protection obligations.
What information does the Employer collect?
The Employer collects a range of information about you. This includes:
- your name, address and contact details, including email address and telephone number;
- details of your qualifications, skills, experience and employment history;
- information about your current level of remuneration, including benefit entitlements;
The Employer may collect this information in a variety of ways. For example, data might be contained in application forms, CVs or resumes, obtained from your passport or other identity documents, or collected through interviews or other forms of assessment.
The Employer may also collect personal data about you from third parties, such as references supplied by former employers The Employer will seek information from third parties only once a job offer to you has been made and will inform you that it is doing so.
Data will be stored in a range of different places, including on your application record, in HR management systems and on other IT systems (including email).
Why does the Employer process personal data?
The Employer needs to process data to take steps at your request prior to entering into a contract with you. It may also need to process your data to enter into a contract with you.
In some cases, the Employer needs to process data to ensure that it is complying with its legal obligations. For example, it is required to check a successful applicant’s eligibility to work in the UK before employment starts.
The Employer has a legitimate interest in processing personal data during the recruitment process and for keeping records of the process. Processing data from job applicants allows the Employer to manage the recruitment process, assess and confirm a candidate’s suitability for employment and decide to whom to offer a job. The Employer may also need to process data from job applicants to respond to and defend against legal claims.
The Employer may process special categories of data, such as information about ethnic origin, sexual orientation or religion or belief, to monitor recruitment statistics. It may also collect information about whether or not applicants are disabled to make reasonable adjustments for candidates who have a disability. The Employer processes such information to carry out its obligations and exercise specific rights in relation to employment.
The Employer will not use your data for any purpose other than the recruitment exercise for which you have applied.
Who has access to data?
Your information may be shared internally for the purposes of the recruitment exercise. This includes the Department Manager, General Manager and the HR Consultant.
The Employer will not share your data with third parties unless your application for employment is successful and it makes you an offer of employment. The Employer will then share your data with former employers to obtain references for you. The Employer will not transfer your data outside the European Economic Area.
How does the Employer protect data?
The Employer takes the security of your data seriously. It has internal policies and controls in place to ensure that your data is not lost, accidentally destroyed, misused or disclosed, and is not accessed except by our employees in the proper performance of their duties.
For how long does the Employer keep data?
If your application for employment is unsuccessful, the Employer will hold your data on file for a maximum of 6 months after the end of the relevant recruitment process.
If your application for employment is successful, personal data gathered during the recruitment process will be transferred to your personnel file and retained during your employment. The periods for which your data will be held will be provided to you in a new privacy notice.
As a data subject, you have several rights. You can:
- access and obtain a copy of your data on request;
- require the Employer to change incorrect or incomplete data;
- require the Employer to delete or stop processing your data, for example where the data is no longer necessary for the purposes of processing; and
- object to the processing of your data where the Employer is relying on its legitimate interests as the legal ground for processing.
If you believe that the Employer has not complied with your data protection rights, you can complain to the Information Commissioner.
What if you do not provide personal data?
You are under no statutory or contractual obligation to provide data to the Employer during the recruitment process. However, if you do not provide the information, the Employer may not be able to process your application properly or at all.
Recruitment processes are not based solely on automated decision-making.