Who We Are
Celtic Retreats are a local company based in Rathangan, Co. Wexford and operate under the umbrella of Guillemot Ventures Ltd with over 15 years in the tourism industry and hospitality sectors across the UK and Ireland. We are Fáilte Ireland registered.
The data controller for your personal information is Guillemot Ventures Ltd who operate through a number of brands who together make up the Guillemot Ventures Group.
Guillemot Ventures Ltd, a company registered in Ireland, with company number: 741672, referred to as “Celtic Retreats”, “Celtic Retreats.ie”, “we”, “us” or “our” in this privacy notice) is the primary data controller in relation to your personal data. This means that we are responsible for your personal data.
We sometimes use joint technology services to make data more secure, to make our technology better and quicker or to give you a better service. It doesn’t make a difference to the purposes we use your information for and our Group follow this privacy policy when looking after your data. Where we use these services we are joint data controllers with these companies and we have a binding agreement in place to operate to high standards of data protection.
Our Data Protection Officer is a staff member of Guillemot Ventures Ltd and its subsidiary companies and can be contacted using the details provided above.
When you are booking holidays through our website Guillemot Ventures Ltd is the data controller and you are a data subject
When you book a holiday through us you have a contract with us for booking services and a contract with the property owner in relation to the property rental. Our property owners are separate data controllers and we will share your details with them to facilitate this contract.
The Data We Collect From You
We collect your personal details including your name, address, email addresses, telephone numbers, title and country of residence. If you enter a competition or interact with us on social media we may collect your social media identifiers. We sometimes check this data using publicly accessible sources used to verify identity.
If you are part of a group of travellers we may collect personal details of members of your party. It is your responsibility as the lead booker to inform them of this privacy policy and that you have provided their data.
We have to collect some of this data from you to create and maintain an account for you on our systems. We manage our interactions with you using an account system and we will tell you when information is required for us to provide our services rather than voluntary.
We collect financial data including transactions we have made with you but we do not generally collect or retain payment card details as this processing is outsourced but we may (if you consent) retain an authorisation to charge a payment method.
We record some calls to or from our call centre. This will include the number dialled or called from as well as the recording itself. We use these recordings for training purposes, fact verification and to meet regulatory obligations in relation to selling insurance. In a similar way we retain transcripts of live chats, text messages and other social media direct messaging that we send to you or you send to us.
If you have booked with us through another website such as Airbnb or booking.com then we will receive data from them rather than collecting it from you directly. The data we receive depends on the relevant website and their own privacy policy.
We also collect data from you about other people who are in your travelling party. You are responsible for telling them you have given us their data our use of which is governed by this privacy policy. Where you provide us with information about children you are responsible for gaining the relevant consent from them or their parents/guardians.
We collect data for marketing and website management purposes including details of how you have used our website, your responses to surveys and feedback requests, your marketing preferences and your cookie consents.
We collect technical data including internet protocol (IP) addresses, your login data, browser type and version, time zone setting and location, browser plug-in types and versions, operating system and platform and other technology on the devices you use to access our website. Some of this data is used for website management and marketing purposes.
When things go wrong and we have to collect debts from you or take other legal action we may get information about other creditors you have and payments you make to them. We will receive this from IVA, bankruptcy or financial advisors as well as your legal representatives.
Special Category Data
We may rarely receive data from you about your health or about criminal convictions. You may also give us details of your relations such as spouses. We will only ever take this information from you with your consent or if there is an exemption in law such as the protection of public health in a pandemic.
What We Do With Your Data And Our Lawful Bases For Doing So
Providing Our Services To You
We use your personal data to fulfil our contract with you as a booking agent and to assist with fulfilling the contract between you and the property owner. We do this because it is necessary for the performance of the contract to which both you and the owner are a party for the rental agreement as well as the contract between you and us as the booking agent you have made your booking through.
We may use your personal data to sell you insurance from our insurance partner where you want this to happen. We do this because it is necessary as a step for you to form a contract with the insurance partner in the future.
We may provide you with access to a customer portal on our website and you can also access your data through our app. This uses your personal data to provide you with information about your bookings and the feedback you have given and to provide you with on site offers that are personalised to you. We do this either because it is necessary for the performance of our contract with you or because it is in our legitimate interests of providing an excellent service to give you information you want in a way that enables us to be a successful business.
We will also communicate with you by any means (including email) about changes to our terms and conditions, your contract with us or with the property owner or changes to our privacy or other policies that may affect you. This is on the basis of compliance with a legal obligation or because it is necessary to perform the contracts with you.
Sending You Information And Advertising Our Services And Performance
Marketing and sales materials
We will use your personal data to personalise our advertising and marketing in relation to future bookings or related products including insurance. We do this on the basis of your consent for text, email and telephone calls if you are registered on the TPS. You can withdraw this consent at any time through unsubscribe links, during a telephone conversation, by changing your preferences in your customer portal or by emailing info@guillemotventures.ie For some postal communications and telephone calls where you are not registered with the TPS we rely on our legitimate interests as a growing business.
You may also be eligible to enter competitions or to take part in loyalty schemes. We will process your personal data to check your eligibility and to provide these services on the basis of it being in our legitimate interests as a company seeking to increase repeat custom through providing a service that customers want to use.
Marketing and sales materials for customers of businesses that we acquire
We rely on our legitimate interests as the acquirer of the business to process your personal data in line with the privacy policy of the company you have a contract with.
Our Legal Obligations
We are subject to legal obligations under the laws of the UK, Ireland, the EU and other countries. We may need to process your personal data to comply with these legal obligations from specific reporting that may be required from time to time to more general obligations in law. This may involve co-operating with public sector organisations such as government agencies, local government and regulators. This may include the Competition and Markets Authority, the UK Information Commissioner’s Office, HMRC and other tax authorities, the Irish Data Protection Commission, the Police or local councils.
Financial Information
We will process your personal data to manage payments, collections, fees and charges and debt recovery. This may involve third parties particularly where debt recovery is involved. We do this because it is necessary for the performance of our contract with you.
General Business Purposes
We may process your personal data for security purposes (including cyber security) and to generally administer our business including for group reorganisations, system maintenance and reporting, preparation of our accounts, the generation of aggregated information for public disclosure, training our staff, auditing of our accounts and processes, verification of compliance with laws and regulations and other internal administration. We do all of this on the basis of our legitimate interests as a business that wishes to grow and develop and also on the basis of legal obligations to which we are subject.
Behaviour Analysis
As a company using technology we have a strong legitimate interest in understanding consumer behaviour and we use various technologies to do so. This will not generally involve use of directly identifiable information such as your name or email address but may include use of IP addresses or cookie information (where you have not declined the use of cookies). We do this because it is in our legitimate interests both to improve the user experience but also to maintain the security of our systems.
Customer Service
Where you make a complaint or have a query, or where an owner raises issues with your behaviour during a rental period we will need to process your personal data to mediate between you and them. We do this because it is necessary to fulfil our booking conditions which are part of the contracts between us and you and you and the owner. Where you make queries we will also need to process your personal data to answer. We may use our call recordings for fact verification in customer service queries.
User Experience Research
We may use your personal data to select people for user experience or market research related to our services, websites or customer services. We will generally provide you with further information about use of your data relating to the particular study we are carrying out at the time. We will not use your information for direct marketing purposes when we perform research. We do this on the basis of our legitimate interests in having robust information about our performance and future trends in the market.
Who We Share Your Data With
Property Owners
Some of your information (usually contact information) will be shared with property owners on the basis that it is necessary to fulfil your contract with them. We will also share some of your personal data with people who provide services to the property such as housekeepers or maintenance personnel.
Other Group Companies
Other companies in the Group may receive your personal data either when necessary. Some of these companies may not be based in the EEA.
IT Service Providers
Our technology is often hosted in the cloud and we use a number of service providers such as Amazon, Microsoft and Salesforce to support our websites and other technology stacks. Generally speaking these companies will be data processors acting entirely on our instructions. Some of these companies will not be in the EEA.
Professional Advisors
We use external auditors, legal advisors, insurers and banks among others who will sometimes receive your personal information. The services they provide may be based outside the EEA.
Public Authorities
This may include law enforcement bodies, the courts, regulators, government and local government bodies and agencies, Revenue and other public bodies.
Payment Services Providers
We use specialist companies to process payment card details. Currently these include
PayPal UK Ltd. Whittaker House, Whittaker Avenue, Richmond-Upon-Thames, Surrey, United Kingdom, TW9 1EH
SumUp
Lock 8, Harcourt Centre DUBLIN 2 CO DUBLIN
Syntec Ltd, 18 The Avenue, London W13 8PH
Apple Inc., One Apple Park Way, Cupertino, CA 95014, USA.
Google LLC, 1600 Amphitheatre Parkway, Mountain View, California 94043, USA.
Marketing Partners
We use many service providers to assist in our marketing efforts or to leave reviews. These include:
TripAdvisor LLC, 400 1st Avenue, Needham, MA 02494, USA,
Trustpilot A/S, Pilestraede 58, 5th floor, DK-1112 Copenhagen K.
Insurance Providers And Compliance Partners
Where we sell you insurance we will disclose your details to our insurance partner and may need to disclose it to our compliance partner or any organisation (such as the FOS or the FCA) that you may later complain to:
Third Party Booking Platforms
These include but are not limited to AirBnB, Vrbo, Booking.com, TripAdvisor, Expedia and similar companies. They may pass the information on to other advertising partners.
Purchasers Or Potential Purchasers Of Our Business
Third parties whom we may choose to sell, transfer, or merge parts of our business or our assets. If a change of ownership happens to our business, then the new owners may use your personal data in the same way as set out in this Privacy Policy.
How Long We Keep Your Data
We keep different categories of data for different periods of time depending on what they are used for and we seek to get rid of what we do not need as early as possible. We are required to keep some information for longer periods by law and we keep some because it is in our legitimate interests.
As a guide, you can expect us to retain enough data to identify you for six years after you last interacted with us or we had a commercial relationship with you. This is mainly because that is when records relating to corporate taxation can be removed.
Because holiday letting is a long term proposition and can involve large periods of time between booking with a particular company we will continue to send you marketing promoting our services for up to four years after your last response although the frequency of communications will decrease with time and you can ask us to stop at any time.
While we have a commercial relationship with you we retain full records, including data from more than six years ago and if we reasonably contemplate there may be litigation or there has been a complaint in relation to your property we may retain information beyond the six year standard.
Your Statutory Rights
Right Of Access (Subject Access Requests)
You have the right to ask us for a copy of the data we hold about you or any part of that data along with some further information about how we process it and keep it safe. We are allowed to ask you for more information about your identity and to ask you to narrow down your request to help us find your data. This right always applies but there are exemptions that mean you may not always receive all of the information we process and if you are a corporate owner (a company owns your property) the corporate owner cannot make an Access request. You cannot make an access request for someone else’s data without their written authorisation.
Right Of Erasure (Right To Be Forgotten)
This is not a simple right and does not always apply. We have to erase your data if it is no longer needed for the purposes we collected it for or if you withdraw your consent where the processing is based on consent.
For people who have booked a rental through us we will not erase your data at all while the contract is still valid or if money is owed by us or by you. We will also not erase all of your data for six years because of the rules around corporate financial records. We will also not delete your data if there is an ongoing complaint, if there has been a complaint in the last year, or if we reasonably believe there may be legal action taken in relation to the contract by us, you or a third party.
We will not generally erase your data if you have booked a rental through us in the last 12 months.
We will erase your data if we have processed it unlawfully, if you have successfully objected to the processing of your data or if we have a legal obligation to do so.
If your main concern is about marketing communications you may want to tell us to stop sending you marketing communications instead and where this seems to be the reason for an erasure request we will always cease marketing while we discuss this with you.
Right To Rectification
You always have the right to require us to make sure that the data we hold about you is accurate. Please let us know if it is not and we will fix it. Where we disagree that it is wrong we will tell you why and give you the opportunity to provide evidence that we have made a mistake.
Right To Restriction
Where you have objected to our data processing and we are still in discussions or there is a dispute over the accuracy of the data or we have agreed our processing is unlawful but you wish to preserve evidence or you require the data for a legal claim you can ask us to restrict processing such that we can only continue to store it.
Right To Data Portability
Where our basis for processing your data is for the performance of a contract or based on your consent you can ask us to provide your data in a machine readable format for transmission to another data controller.
General Right To Object
Where our basis for processing your data is based on legitimate interests you can object at any time and the Data Protection Officer will consider whether the company has an overriding legitimate interest that would mean we would continue to process your data or whether we should stop. You should note that legal claims would generally be regarded as an overriding interest.
Right To Object To Direct Marketing
This is an absolute right and you can exercise it at any time by getting in touch with us.
Right To Appeal An Automated Decision
If we have made a decision purely by automated means, generally meaning a computer made the decision, you can ask us to have that decision reviewed by a human. We will tell you when a decision has been made by purely automated means.
Right To Withdraw Consent
Where our processing is based on your consent then that consent can be withdrawn at any time. We will tell you when our processing is based on your consent.
Exercising Your Rights
You can ask our customer or owner services teams on the phone to exercise your rights, send an email to info@guillemotventures.ie or drop us a letter to our postal address at Guillemot Ventures Ltd, McCall’s Business Hub, Rathangan, County Wexford, Ireland, Y35 YH92.
Your request may be dealt with by our customer or owner teams initially or by another member of the Legal Team at Guillemot Ventures Ltd but you can ask for it to be looked at by the Data Protection Officer if you wish.
Normally we will deal with your requests within one calendar month but particularly complex requests may take longer. We will let you know when that happens.
Making A Complaint
Any complaint about our data processing should be sent to the Data Protection Officer in the first instance who will investigate and respond to you directly. The Data Protection Officer acts independently of the management of the company in considering complaints about Data Protection.
You always have the right to complain to the regulator and for customers in the UK this would be the Information Commissioner’s Office whose details can be found at www.ico.org.uk or if you are in the EU you can complain to the Irish Data Protection Commission whose details can be found at www.dataprotection.ie
Both organisations will expect you to have complained to us first and to have given us an opportunity to respond and will generally refer you back to us if you have not. We would also really appreciate the opportunity to try and resolve your complaint first because we would prefer to resolve matters amicably where we can.
Automated Profiling
For marketing and recommendations purposes we may process your data in ways that tell us what you are likely to want to see from us and products that may interest you. We may also make certain offers available to you on this basis. This profiling is automated and may use Machine Learning or Artificial Intelligence tools to give us the results.
Changes To This Privacy Policy
We always record the data on which the privacy policy has been changed at the top of this page. You can ask us for copies of previous privacy policies and when they were effective from at any time. When we change our purposes for processing your data we will let you know either through this privacy policy or by sending you a direct communication if we think it has a large impact on you. Regular communications may indicate when we have updated this policy and ask you to take a look at it.
Links To Other Websites Or Social Media
Our website may include links to and from third-party websites, social media, plug-ins and applications. By clicking on these links or enabling connections you may be allowing third parties to collect or share your personal data. We have no control over these third-party websites, plug-ins or applications and are not responsible for their privacy policies, therefore you should also read their privacy policies to understand what personal data they collect about you and how they use it.