Privacy Policy

Coldingham Loch Cottages Privacy Policy

1 About this Policy

a. This policy explains when and why we collect personal information about holiday guests or potential holiday guests at Coldingham Loch Cottages, how we use it and how we keep it secure and your rights in relation to it.

b. We may collect, use and store your personal data, as described in this Data Privacy Policy and as described when we collect data from you.

c. In the event that inaccurate data is recorded, such inaccuracies will be amended by us and any other relevant parties notified immediately.

d. We reserve the right to amend this Data Privacy Policy from time to time without prior notice. You are advised to check our website regularly for any amendments (but amendments will not be made retrospectively).

e. We will always use our best endeavours to comply with the General Data Protection Regulation (GDPR) when dealing with your personal data. Further details on the GDPR can be found at For the purposes of the GDPR, we will be the “controller” of all personal data we hold about you.

2 Who are we

We are Coldingham Loch Cottages & Fly Fishing (CLC) and under GDPR, CLC is the “Controller” of member data.

3 What information we collect and why


i. We collect the name, address, telephone number and email address of holiday guests to enable us to manage that guest’s holiday cottage booking. We will also need to collect information like the number in your party, whether or not any of your party will wish to use the Fly Fishing facility on site and any special booking requests.

ii. We may need to collect bank information if we are doing a refund to you by bank transfer. This would only be used for this purpose and would not be held by us once it had been used.

iii. Communications with us regarding your booking such as emails, letters or booking forms.

iv. Individuals have the right to access the details of any personal data we may be keeping. This can be requested either verbally or in writing and requests will be responded to within one month of the request. All requests should be directed through us. A record will be kept for management purposes of each request received.

iv. You have the right to have your personal data being erased and this request needs to be in writing.


Photos and videos are sometimes used on the Coldingham Loch Cottages website for the purpose of promoting its profile. We ask that guests let us know if they do not wish to have any photos of them to be taken or to be published on the websites or other promotional material. This request to opt out of being in any photos or videos can be made at any time by contacting us by email or letter. We will seek Parental consent for Members under 16 years of age prior to any photos or videos being recorded where children may appear. Consent relating to photos or videos may be withdrawn at any time by contacting us by email or letter.

Bank info.

i We do not store any bank information of holiday guests or other persons making payments to Coldingham Loch Cottages.

ii. PCI Compliance. In compliance with the new PCI regulations, we are un-able to capture bank card details over the phone, face to face or via post.

4 How we protect your data

a. We adopt best practices and implement appropriate technical and organisational measures to safe guard and secure data at all times.

b. No sensitive financial information (bank details, debit or credit card information etc) is ever seen, stored or transmitted by us. If using the online booking system, which is PCI compliant, payments are made through PayPal and any information you submit through them is handled and stored securely by them.

c. We will notify you promptly in the unlikely event of any breach of your personal data which might expose you to serious risk.

d. Where a holiday guest suspects a breach of data protection has arisen, they must immediately bring this to our attention.

e. You have the right to take any complaints about how we control your personal data to the Information Commissioner: For more information visit

5 Who else has access to the information you provide

We will never sell or rent your personal data. We will not share your personal data with any third parties without your prior consent (which you are free to withhold) except where we are required to do so by law or as set out above.

6 How long do we keep your information

We will only retain your personal data for as long as necessary to fulfil the purposes we collected it for, including for the purposes of satisfying any legal, accounting, or reporting requirements.

When deciding what the correct time is to keep the data for we look at its amount, nature and sensitivity, potential risk of harm from unauthorised use or disclosure, the processing purposes, if these can be achieved by other means and legal requirements.

For tax purposes the law requires us to keep basic information about our customers (including Contact, Identity, Financial and Transaction Data) for six years after they stop being customers.

In some circumstances we may anonymise your personal data for research or statistical purposes in which case we may use this information indefinitely without further notice to you as it will no longer be personal data.

Upon expiry of the applicable retention period we will securely destroy your personal data in accordance with applicable laws and regulations.

7. Third party links

This website may include links to third-party websites, plug-ins and applications. Clicking on those links or enabling those connections may allow third parties to collect or share data about you. We do not control these third-party websites and are not responsible for their privacy statements. When you leave our website, we encourage you to read the privacy notice of every website you visit.

8. Cookies

You can set your browser to refuse all or some browser cookies, or to alert you when websites set or access cookies. If you disable or refuse cookies, please note that some parts of this website may become inaccessible or not function properly.

Our website makes use of cookies to collect information about our visitors through Google Analytics. When you visit a website that uses cookies, a cookie file is saved to your PC, Mac, phone or tablet. It stores the website's name, and also a unique ID that represents you as a user. ... This means companies can tailor their websites to you, because they know some information about you already. Google Analytics is a simple, easy-to-use tool that helps website owners measure how users interact with website content. The data collected may be used to customise the content on our website to make for the best experience for users when visiting our website.