Privacy Policy

Throughout this policy when we say ‘we’ or ‘us’ or ‘our’, we refer to the Golden Jubilee Conference Hotel. 

The Golden Jubilee Conference Hotel is part of the Golden Jubilee Foundation.  The Foundation is a public organisation created in Scotland under the National Health Service (Scotland) Act 1978 (the 1978 Act).  It is one of the organisations which form NHS Scotland (NHSS).

We use personal information on different groups of individuals including:

• Staff
• Guests
• Contractors
• Suppliers
• Complainants, enquirers
• Survey Respondents
• Professional experts and consultants
• Individuals captured by CCTV

We currently collect your personal data through a number of sources, such as:

• When you contact us by phone, email, live chat and social media platforms, such as Facebook and Twitter
• When you complete forms on our website
• When you subscribe to receive our newsletter and receive information about our special offers and services
• When you book and register as a guest in our hotel
• When third party partners, booking sites or travel groups share your data with us in order to book accommodation on your behalf
• When you apply for membership of our Centre for Health and Wellbeing
• When you visit our bar or restaurant
• When you arrange a wedding, event or conference in our hotel
• When you make any complaints regarding our facilities or the service you have received
• Where you have been involved in any accidents or incidents in our premises
• When we call or visit you to progress any agreements or contracts to supply us with goods or services
• When we arrange a contract with you or when we agree to purchase products or services from each other
• In the administration of our relationship with you
• Through the fulfillment of our contractual obligations
• Through CCTV Visual Imaging in areas within our property, car park and outdoor areas.

The means of collecting data evolves along with our business and to ensure you are kept informed of our usage. This policy will be reviewed annually unless there is a change in legislation requiring us to review the policy sooner. We are committed to ensuring that the data we collect and process is accurate, is up to date, is appropriate, is not excessive, is not retained for longer than required and does not constitute an unwarranted invasion of your privacy.

The data we hold and process for you will depend on our relationship with you, the enquiries you have made with us, the bookings and services you have requested from us, along with the products or services we may request from you.

Typically, we may hold:

• Names, Addresses – personal or business
• Email address and telephone contact numbers – personal or business
• Your company name and nature of your business where applicable
• Details of the events, services, products or facilities you may have enquired about
• Details of any future and previous booking(s) you may have made with us
• Details of the events, services, products or facilities you may have taken part in or used when you visited us
• Details of any special requirements you have informed us of
• Details of the services and products you currently provide or have previously provided to us
• Details of any relevant health and ability information when applying for membership with our Centre for Health & Wellbeing
• Records of correspondence and communications with you
• Records and detail regarding any complaints or enquiries you make to us
• Your requests and preferences regarding marketing information and how you would wish to receive this information
• A record of marketing emails sent to you and whether you have opened, read or clicked through to our website from them.
• Information from other sources, such as publically available information, industry networking information, national industry portals and records
• Visual Imaging recorded on CCTV where you visit or access our property or grounds

We may collect and store personal data for a number of reasons:

• To fulfil our booking or contractual obligations and to meet agreements we have put in place with you
• To provide you with information about products or services you have requested from us
• To provide you with information about services, events and products we feel may be of interest to you
• To maintain customer and administration records
• To respond to your feedback and ideas
• To notify you of any changes to our services
• To verify identification where required
• To communicate with you by post, email or phone
• To plan and manage our property and facilities
• To investigate and respond to any complaints you may make
• To process financial transactions, invoicing and maintain group arrangements
• To prevent and detect crime, fraud or corruption
• To meet legal, regulatory, statutory and ethical responsibilities
• To visually monitor the safety and security of data subjects in and around our property and grounds
• For customer profiling, to help us understand what people want to do when they stay at our hotel and to keep our services as relevant as possible.

The Golden Jubilee Conference Hotel will only keep your personal data for as long as is necessary to fulfil the purposes for which it was collected, and in accordance with legal requirements under UK Company Law.

We do want to keep in touch with you, and will only do so if you have actively requested to receive information from us.  You are free to remove yourself from our lists at any time by using the unsubscribe option or by emailing hotel@goldenjubilee.scot.nhs.uk.

We may share your personal data with third parties or other organisations and individuals where:

• There is a legal obligation to do so
• Where it is requested by a public or regulatory authority and it is required by law – such as police or HMRC
• Where we are bound by any code of practice
• Relevant data may be shared with our booking partners or service providers in conjunction with the delivery of our services to you.
• Relevant data may be shared with our booking partners or service should a complaint be made by you.

We may require the services of third party service providers – such as trainers, consultants, auditors and accountants, banking services, administration or HR services, I.T systems maintenance. We will share your data with them in order to allow us to provide the services you have requested. In these circumstances we will have an appropriate contract in place which sets out requirements that the third party can only process your data on our instruction and that they will not use it for their own purposes. They will hold it securely and delete it or return it to us once the contract has ended.

We will also share your personal data within the Golden Jubilee Conference Hotel where it is in our legitimate interests to do so, for the fulfilment of your booking and our contract or agreement with you.

International transfers

If we intend to transfer your personal data to an international organisation, we will put measures in place to do so securely and with appropriate safeguards in place.

The Golden Jubilee Conference Hotel is serious about taking the appropriate measures to protect your personal data.

The transmission of information via the internet is not completely secure. Although we do our best to protect your personal data, we cannot guarantee the security of the data you transmit to our site and we need to make you aware that any transmission is at your own risk. Where passwords are required or chosen by you to access our site or secure platforms as part of the service we provide, it is your responsibility to keep these passwords secure and confidential.

Once we have received your data, we use strict procedures and security features to prevent unauthorised access to your data.

We limit access to our property and facilities to those who require access and have a right to be there – using passes, keys and other technology. We also have a risk framework in place including the appropriate policies and procedures required to keep your data secure. All information provided by you is held on secure servers and any payment transactions will be encrypted. We apply controls and access restrictions across all of our technology platforms and review and test these at regular intervals.

Through the contracts and security measures we put in place, any third parties that we may share your data with are obliged to keep your details secure and to use this data only to fulfil the service they provide to you on our behalf. When they no longer need your data to fulfil this service, they will dispose of the details in line with our procedures.

If we pass any special category personal data onto a third party we will only do so once we have obtained your explicit consent or for the fulfilment of a contract we hold with you, unless we are legally required to do otherwise.

Whilst we are processing your personal data at the Golden Jubilee Conference Hotel, as a ‘data subject’, you have the following rights:

• Right to be informed: You have the right to be informed about our data processing through this Privacy Notice.
• Right of Access: By submitting a ‘Subject Access Request’, you have the right to request information about and access to a copy of the personal data held by us as a Data Controller.
• Right of Rectification: Where you feel that the information we hold about you is inaccurate or incomplete, you have the right to request that we correct your personal data.
• Right to be forgotten: When you feel we no longer need your personal data for the purpose it was obtained for or where you have withdrawn your consent to us processing your data, you have the right to ask us to delete and erase your personal data. We can refuse to do this in certain circumstances.
• Right to restrict processing: Where you feel the personal data we are processing is inaccurate or where you feel your personal data is no longer needed but you want us to retain it for any possible future reference, you have the right to restrict our processing of your personal data.
• Right to data portability: Where we hold data electronically about you, in certain circumstances, you have the right to ask us to provide that data in an easy to read format and to transfer this data to another organisation.
• Right to object: You have the right to object to certain types of processing of personal data in certain circumstances although you have an absolute right to ask us to stop using your contact details to send you direct marketing.

If you submit a Subject Access Request, the Golden Jubilee Conference Hotel can confirm the data and information held about you and how we process it. If we process your personal data, you can request the following information from us:

• Who is the person or organisation that decided how and why to process your data
• Where applicable, the contact details of their Data Protection Officer
• The contact details of our Data Protection Officer
• The legal basis for processing and the purpose of the data processing
• Where personal data is being processed based on our legitimate interests or the legitimate interests of a third party, we need to be able to confirm what these interests are
• Which categories of personal data are collected and processed
• Who we share your data with or disclose your data to
• If we intend to transfer your personal data to an international organisation
• How long we will store your data
• Confirmation of your Data Subject Rights to ask us to correct, erase, restrict, transfer or object to processing your personal data
• Details regarding your right to withdraw your consent at any time
• The process to lodge a complaint with the ICO as the UK’s data protection supervisory authority
• We will clarify if the provision of your personal data is due to a statutory or a contractual requirement
• Where it is required to enter into a contract between us, if you are obliged to provide the personal data and any consequences possible if you fail to provide the personal data required
• Where your data was not collected directly from you, confirmation of where your personal data was sourced from

We will normally respond to your request to access your personal data within one month from the date it is received. However, in some cases, we may need to extend this to three months. We will always write to you within one month of receiving your original request to tell you if this is the case.

A copy of your personal data is usually provided free of charge. However, we can charge a ‘reasonable fee’ where we find that the data requested is manifestly excessive or manifestly unfounded and in particular if the request is a repetitive one. We can also charge for additional copies of the personal data.

If you wish to speak to us or question anything in this notice relating to how we collect, store or process your personal data, please email us at hotel@goldenjubilee.scot.nhs.uk or write to our Data Protection Officer at the Golden Jubilee Conference Hotel, Beardmore Street, Clydebank, G81 4SA.

We hope you don’t need to make a complaint about how we process your personal data or how a complaint has been handled. If you feel you do wish to complain, you have the right to complain through our Data Protection Officer as detailed above and the supervisory authority at the contact details below:

UK Data Protection Regulator, The Information Commissioner’s Office (‘ICO’), Wycliffe House, Water Lane, Wilmslow, Cheshire, SK9 5AF or email ico.org.uk/concerns/

This policy was last updated on 20 July 2018.

Cookies are small text files that are placed on your computer by websites you visit. They are widely used to make websites work more efficiently; as well as provide information to the owners of the site you are visiting.

We use Cookies when you arrive at our site, unless you have adjusted your browser to refuse them. We may collect information about your computer, including where available your operating system and browser type, for system administration. This is statistical data about our users’ browsing actions and patterns, and does not identify any individual. For the same reason, we may obtain information about your use of our site by using a cookie file which is stored on the hard drive of your computer. Cookie files help us to improve our site and to deliver a better and more personalised service.

We use the following cookies:

Google Analytics – These cookies are used to collect information about how our visitors use our website. We use the information to compile reports and to help us improve the site. The cookies collect information in an anonymous form, including the number of visitors to the site, where visitors have come to this site from and the pages they have visited.

Juicer – These cookies are used to display an image feed from Instagram in the ‘GJCH Food’ feature.

Most web browsers allow you to control most cookies. You may refuse to accept cookies by activating the setting on your browser which allows you to refuse the setting of cookies. However, if you select this setting you may be unable to access certain parts of our site. Unless you have adjusted your browser setting so that it will refuse cookies, our system will issue cookies when you log on to our site.

To find out more about cookies, including how to see what cookies have been set and how to manage and delete them, visitallaboutcookies.org

To opt out of being tracked by Google Analytics across all websites visit tools.google.com/dlpage/gaoptout

We use display ads based on Google Analytics remarketing features. You can opt-out of these ads and change your preferences with the Ads Preferences Manager.

Our site may, from time to time, contain links to and from the websites of our partner networks, advertisers and affiliates. If you follow a link to any of these websites, please note that these websites have their own privacy policies and that we do not accept any responsibility or liability for these policies. Please check these policies before you submit any personal data to these websites.