This website is operated by Sintillate (UK) Ltd (“we”, “us” or “Sintillate”) and we are a controller for the purposes of the Data Protection Act 1998 and the EU General Data Protection Regulation 2016/679. This means that we are responsible for, and control the processing of, the personal information you provide to us when using this website in accordance with this privacy policy.
Sintillate understands that customers care about the use and storage of their personal information and we value your trust in allowing us to do this in a careful and sensible manner. We have created this privacy policy statement in order to demonstrate our commitment to the privacy of our customers.
By using Sintillate services, our websites (including our mobile site), our social media pages, our telephone reservations line, our online chat function and any other Sintillate service, you are acknowledging that we are processing your personal information and, where necessary consenting to such practices, as outlined in this statement.
We collect personal information about you (and others if their personal information is provided by you) when you:
The personal information collected in the above manner may include the following about you (and others if their personal information is provided by you):
We may periodically send promotional material to you about new products, special offers or other information which we think you may find interesting based on the profile we have created about you to the email addresses and phone numbers which you have provided.
If these are similar to products, services and bookings previously supplied by us to you, we will assume, under our legitimate interests to promote similar goods and services, that you are willing to receive this information unless you tell us otherwise. Please note that we do not want to send you information that you do not want to receive and you can opt out at any time (please see ‘The right to ask us to stop contacting you with direct marketing’ below for further information).
We will always ask your permission before sending you email marketing information (unless you have already received similar services, products or bookings from us as mentioned above). We do this by asking for your positive confirmation (e.g. by providing a tick or inserting your contact details in the relevant boxes) indicating that you wish to receive marketing and you can opt out at any time (please see ‘The right to ask us to stop contacting you with direct marketing’ below for further information). This ensures you only receive information that you have given us permission to send and are willing to receive.
We may use your information to create a profile about you in order to tailor, by automated means, our communication and marketing to you. You can object to such profiling, please see ‘The right to object to automated decision making / profiling’ below).
From time to time, we may also use your information to contact you for research purposes and / or to ask about your experience using our services and services as part of a continual programme of customer service improvement. We may contact you by email, telephone, text, social media and / or mail. We may also use the information to customise the website according to your interests.
We use a third-party service, White Label Technologies Ltd, who provide our CRM, Apps and booking website. They act as a data-processor on behalf of SINTILLATE. All data collected via the SINTILLATE website or APP is stored in their secure encrypted database hosted by Amazon Web Services, a company located in the Republic of Ireland. All AWS services comply with the General Data Protection Regulation (GDPR).
AWS has a long list of internationally-recognized certifications and accreditations, demonstrating compliance with rigorous international standards, such as ISO 27001 for technical measures, ISO 27017 for cloud security, ISO 27018 for cloud privacy, SOC 1, SOC 2 and SOC 3, PCI DSS Level 1, and EU-specific certifications such as BSI’s Common Cloud Computing Controls Catalogue (C5)
We also use a third-party email service, Signupto.com, to manage our regular email communications to members and Sign-Up.to act as a data-processor on behalf of SINTILLATE. By submitting your personal data, you agree to this.
Sending information over the internet is generally not completely secure, and we can’t guarantee the security of your data while it’s in transit, however, to give users greater confidence the SINTILLATE website is protected via a HTTPS connection, verified by SSL certificate, which provides encryption for data entered on the site. However, no data transmitted over the internet can be guaranteed to be 100% safe and SINTILLATE do not accept liability for any data in transit and any data you send is at your own risk.
We take reasonable steps to secure your Personal Data and have operational procedures and security features in place to keep your data secure once we receive it.
We retain your information for a range of purposes and will not be kept longer than necessary for the purpose. Data will be retained for 6 years however you may ask for this to be deleted in accordance with the Rights of the GDPR (see Right to be forgotten) by contacting us via info@sintillate.com
To protect your information, Sintillate has policies and procedures in place to make sure that only authorised personnel can access the information, that information is handled and stored in a secure and sensible manner and all systems that can access the information have proportionate and reasonable security measures in place. To achieve this, employees, contractors, sub-contractors and third party suppliers have contracts, with defined roles and responsibilities. While we take commercially reasonable measures to ensure the safety and security of your data, due to the inherent risks with the Internet, we are unable to warranty the absolute security of your data when using our services.
In order to process any of the requests listed below, we may need to verify your identity for your security. In such cases your response will be necessary for you to exercise this right.
At any point you can contact us to request details concerning the information we hold about you, why we have that information, who has access to the information and where we got the information. In most cases you may be entitled to copies of the information we hold concerning you. Once we have received your request we will respond within 30 days. Please submit a request via info@sintillate.com
If the data we hold about you is out of date, incomplete or incorrect, you can inform us and we will ensure that it is updated. Please submit a request via info@sintillate.com
If you feel that we should no longer be using your data or that we are illegally using your data, you can request that we erase the data we hold. When we receive your request, we will confirm whether the data has been deleted or tell you the reason why it cannot be deleted. Please submit a request via info@sintillate.com
You have the right to request that Sintillate stops processing your data. Upon receiving the request, we will contact you to tell you if we are able to comply or if we have legitimate grounds to continue. If data is no longer processed, we may continue to hold your data to comply with your other rights.
You have the right to request that we stop contacting you with direct marketing. On promotional emails we provide an ‘unsubscribe’ link at the top and bottom of the email which will unsubscribe you from that service. You can also unsubscribe by updating your subscriptions on your account on our website or via our unsubscribe link. If you wish to opt out with respect to more than one email address, you must complete a separate request for each email address.
You have the right to request that we stop profiling you in relation to our direct marketing practice. You can inform us and we will deal with your request accordingly.
You can make a complaint to us by contacting us via info@sintillate.com or to the data protection supervisory authority – in the UK, this is the Information Commissioner’s Office, at https://ico.org.uk/.
You have the right to request that we transfer your data to you in a machine readable format. Once we have received your request, we will need to verify your identity and comply where it is feasible to do so.
We will always take appropriate technical and organisational measures to protect personal information against accidental or unlawful destruction or accidental loss, alteration, unauthorised disclosure or access, in particular where the processing involves the transmission of data over a network, and against all other unlawful forms of processing (including taking reasonable steps to ensure the reliability of employees who have access to personal information).
We protect user information by employing secure servers, firewalls, SSL encryption (where appropriate) and other technology. Our employees may only process personal information in accordance with this privacy policy, and any employee who breaches this privacy policy may be subject to disciplinary action, up to and including dismissal.
We have put in place internal procedures to deal with any suspected data security breach and will notify you and any applicable regulator of a suspected breach where we are legally required to do so.
Sintillate websites and mobile app use cookies and tags. A cookie is a small text file that can be stored by your browser on the device you use to access internet and allows the browser to pass small amounts of information about user behavior on the given website to a web server. Tags are pieces of code that exist on web pages and collect information about usage of the web pages.
At Sintillate we use our own cookies and tags as well as those from third parties to enable the smooth operation of the websites, such as the use of the basket function or to automatically log you in when you visit (with your permission). We also use cookies/tags to monitor visits to our website and continuously look for places to improve your website experience.
The first time you access a Sintillate website, you will be informed about our use of cookies to improve your site experience. By continuing to browse our website you consent to our use of cookies.
These cookies give us critical information about various pages on the websites and how our users interact with them. We use this information to improve the performance of our website and the information presented to users.
Authentication (Sintillate):When you create an account with Sintillate, these cookies allow the website to remember you in order present you with information that is directly relevant to you.
Functional (Sintillate):A set of cookies designed to deliver a smooth booking journey for you. We use these cookies to remember selected hotels, anything you may have already added to the basket etc. so you do not have to enter information more than once. We also use these cookies to identify areas of improvement in the browsing experience.
Should you wish to reject or block the use of cookies, you can do so at any time, usually by clicking ‘Help’ on your browser. Cookies are specific to individual browsers so if you use more than one browser, you will need to delete cookies on each browser. Please be aware though that by rejecting cookies you may not receive the optimum website experience.
To find out more about cookies, including how to see what cookies have been set and how to manage and delete them, visit www.allaboutcookies.org.
We may change this policy from time to time. You should check this policy occasionally to ensure that you are aware of the most recent version that will apply each time you access the website.
It is also important that the personal information we hold about you is accurate and current. Please keep us informed if your personal information changes during your relationship with us.
If you have any queries about this policy, need further information or wish to lodge a complaint you can use the details below to contact us.
DATA PROTECTION OFFICER