Close

Privacy Policy

Dalmahoy Hotel Limited trading as Dalmahoy Hotel & Country Club takes the privacy of our customers and their information very seriously. This policy (and any other documents referred to in it) explains in detail the types of personal data we may collect about you and how we use it. It also explains how we’ll store and handle your data to keep it safe and sets out, your rights to access and correct the personal information we hold about you.

This privacy policy is between Dalmahoy Hotel Limited trading as Dalmahoy Hotel & Country Club hereafter referred to as “Dalmahoy” and “you" as the user of our website and our services and facilities, who is 18 years old or older and capable of entering a contract, except in the case of the Youth Golf Membership.

We may update this notice from time to time. If there is any significant change, we will let you know, but you’re welcome to come back and check it whenever you wish.

For your information this privacy policy was last updated on 31 January 2025.

1. What personal information do we collect about you?

Dalmahoy collect personal data from you when you make an enquiry, a reservation, purchase a gift voucher, become a member of our Golf or Leisure Club, either in person, over the phone, or online.

Dalmahoy also collect data from you when you subscribe to any of our marketing communications, connect using our social media websites, enter our competitions or provide us with your feedback. These may be carried out online, by post, telephone, SMS, or in person.

Without limitation, any of the following personal data may be collected:

  • Your full name
  • Contact information such as email address, landline and/or mobile telephone numbers
  • Home address and postcode
  • Your credit or debit card details if you are making a payment
  • Preferences and interests
  • Date of birth
  • Dietary requirements, allergies and any physical or medical restrictions
  • Vehicle registration
  • Proof of identity e.g. passport details (only for guests who reside outside of the UK)
  • Online identifiers (e.g. IP address, cookies, and browser information)

If you provide Dalmahoy with any personal Data relating to any third party (e.g. information about your spouse, companion, employees, or colleagues) for particular purposes, by submitting such information to us, you do so at your own risk having ensured that you have obtained the consent of the third party to provide us with their personal Data for the respective purposes.

2. What do Dalmahoy use your Data for?

Dalmahoy use the information collected about you to:

  • Process your bookings, reservations, and purchases (see 2.1.)
  • Keep you updated on our latest news, offers and events (see 2.2.)
  • Monitor our website, social media, and email performance. See also our use of cookies in our cookie policy
  • Reply to your questions, enquiries and/or complaints
  • Gather and respond to your feedback
  • To ensure the health, safety, and security of our guests and teams

2.1. Bookings, reservations and purchases

We operate a reservation system through telephone, online, and via third parties. This means that any personal Data you have shared with us for booking related purposes can be accessed by Dalmahoy.

Any or all of the aforementioned Data may be required by us from time to time in order for us to fulfil our contract to you and to provide you with the best possible service and experience. Specifically, Data may also be used by us for the following reasons:

  • Internal record keeping
  • Providing you with confirmation of the services we have provided to you
  • Connecting you with third parties that offer services you may require (such as, but not limited to room upgrades via Upsell Guru)
  • Connecting you with third-party payment collection company for processing payments

2.2. Marketing

We will only contact you via our marketing channels (via email, phone, SMS, social media, or post) with news and offers relating to Dalmahoy where you have provided us with consent to do so.

Consent can be given by, but not limited to, signing up to our newsletter on the website, ticking the box to give your permission whilst making a booking, and additional purchase or making an enquiry. Our marketing communications are generally sent by email and include news, offers, and events.

You can stop marketing communications at any time by clicking the "UNSUBSCRIBE" link at the bottom of each marketing email. Alternatively, you can email marketing@dalmahoy.co.uk to request manual deletion from our mailing list by typing "UNSUBSCRIBE" in the subject.

Please note that due to the nature of our business, we may still be required to contact you from time to time regarding any past, present, or future bookings that you have made with us (see 2.1. for details).

If you choose to connect with us via social media websites, such as Facebook, Twitter, or Instagram, we may collect limited information about you i.e. your profile handle where (which may contain your name and surname).

Please note that by connecting with us via social media websites you are bound by their own Terms and Conditions and Privacy Policies.

2.3 Other

To administer prize draws and competitions you have entered.

To send you survey and feedback requests to help improve our services.

Ensuring Health and Safety by managing accidents or incidents.

To comply with our contractual or legal obligations and to comply with law enforcement. For example, when a court order is submitted to share data with Government functions and law enforcement agencies or a court of law e.g. HM Revenue or DWP.

3. The Legal bases we rely on

The law on data protection sets out a number of different reasons for which a company may collect and process personal data, including:

Consent
In certain circumstances, we can collect and process your data with your consent. For example, we may ask you if you would like to receive news and offers. When we ask you this, we will always give you the option to tick a box informing us of your preferences.

To fulfil our contract to you

In certain circumstances, we can collect and process your personal data to fulfil our contract to you.
For example, if you book a holiday with us, we’ll collect your personal information to enable us to book your holiday and communicate with you about all the details.

Legal Compliance

If the law requires us to, we may need to collect and process your data. For example, we may be legally obliged to provide certain data to government bodies.

Legitimate Interest

In certain situations, we may process your data to pursue our legitimate interests in a way which might reasonably be expected as part of running our business, and which does not materially impact your rights, freedom, or interests.

For example: ensuring network and information security, Fraud and Anti Money Laundering prevention and indicating possible criminal acts or threats to public safety, we may also send you surveys to ensure we understand your experience and to make improvements where necessary.

4. How do we look after your Personal Data?

We treat your information with the utmost care and take all appropriate steps to protect it. We secure access to all transactional areas of our websites and apps using ‘https’ technology.

Access to your personal information is password protected, and sensitive data is secured and tokenised to ensure it is protected.

We regularly monitor our system for possible vulnerabilities and attacks, and we carry out penetration testing to identify ways to further strengthen security.

4.1 It is our company policy to:

  • Ensure all our relevant employees have received training in how to correctly handle Data. Training includes educating them in the importance of the safe and secure handling of Data and cyber security risks and operating under appropriate procedures to ensure all Data is handled in this way.
  • Anonymise all data collected for third party clients save for payment details where we use third-party payment collecting companies.
  • Always adhere to the internal procedures and measures in place to keep any personal Data we hold safe and secure.

4.2 How do we store your personal information?

To ensure your data is stored safe and legally we use the following trusted third parties. Here is the policy we apply to those organisations to keep your data safe and protect your privacy:

  • We provide only the information they need to perform their specific services.
  • They may only use your data for the exact purposes we specify in our contract with them.
  • We ensure appropriate Due Diligence is undertaken to ensure the security of your data.
  • We work closely with them to ensure that your privacy is always respected and protected.
  • If we stop using their services, any of your data held by them will either be deleted, returned or rendered anonymous.

4.3 Examples of the kind of third parties we may work with are:

  • IT companies and service providers who support our website, applications and other business systems.
  • Direct marketing companies who help us manage our electronic and postal communications with you.
  • Data insights and market research agencies.
  • Social Media Channels to show you products that might interest you.
  • Payment service providers that enable us to fulfil transactions with you.
  • Partnerships we work with e.g. Reward Schemes and Newspapers.
  • For fraud management, we may share information about fraudulent or potentially fraudulent activity in our premises or systems. This may include sharing data about individuals with law enforcement bodies.
  • We may also be required to disclose your personal data to the police or other enforcement, regulatory or government body, in your country of origin or elsewhere, upon a valid request to do so. These requests are assessed on a case-by-case basis and take the privacy of our customers into consideration.
  • We may, from time to time, expand, reduce or sell our business and therefore may share data with prospective buyers of our business or assets. If this happens your personal data will, where relevant, be transferred to the new owner or controlling party, under the terms of this Privacy Policy.

5. Activity Providers

5.1 Accessing and amending your Data

You have certain rights in respect of the personal information that we hold about you.

We will process all personal data in line with your rights, in each case to the extent required by and in accordance with applicable law only (including in accordance with any applicable time limits and any requirements regarding fees and charges). We will always respect your personal information rights. For more information on your rights and when they apply, please see: https://ico.org.uk/your-data-matters/

To exercise any of these rights, please submit a request to marketing@dalmahoy.co.uk. Please advise us or tell us in the subject line what right you are exercising, for example ‘Right of Access’, ‘Update my data’, ‘Delete my Data’ or ‘Object to Processing’ and then provide us with your details to enable us to verify you:

  • Full name
  • Address
  • Email address
  • Telephone number
  • Details of your previous or forthcoming stays with Dalmahoy or your Golf or Leisure membership

Upon receipt of your request, we will acknowledge your request within 2 business days and provide your data without undue delay and in any case within 30 days.

We want to make sure that your personal Data is kept accurate and up to date so you may need to modify or update your Data if your circumstances change. You are able to make amendments by contacting us by phone or via email at marketing@dalmahoy.co.uk with UPDATE in the subject line.

5.2 Retention of your Data

Whenever we collect or process your personal Data we’ll only keep it for as long as is necessary, for the purpose for which it was collected. This period will be determined based on any business and/or legal requirements.

At the end of that retention period, your data will either be deleted completely or anonymised, for example by aggregation with other data so that it can be used in a non-identifiable way for statistical analysis and business planning.

5.3 Transferring your personal information

The personal information that we collect from our website visitors and guests may be transferred to, and stored at, destinations outside the European Economic Area, (the "EEA”). To safeguard your personal information and to ensure that it is properly protected we have put in place contractual safeguards with our Data Processors.

Any transfer of your personal data will follow applicable laws, and we will treat the information under the guiding principles of this Privacy Notice.

5.4 CCTV

We have CCTV installed in various locations throughout the property. This is for the purposes of prevention and detection of crime and monitoring of staff. The images captured on the CCTV system are overwritten on a rolling 28-day basis.

Only appointed staff within the organisation have access to replay the CCTV footage, which is protected by lock and key.

We may disclose CCTV footage as permitted or required by law. For example, we may share the footage with the Police if requested for the purposes of prevention and detection of crime.

5.5 Wi-Fi

If you choose to use the complimentary guest Wi-Fi at our hotel you are not required to provide a login to access the service. Once logged onto the service you will automatically be diverted to the Dalmahoy website (www.dalmahoyhotelandcountryclub.co.uk) which uses cookies. Please see our cookies policy.

5.6 Links to other Websites

This Privacy Policy applies solely to Data collected by us.

Our website (www.dalmahoyhotelandcountryclub.co.uk) may contain links to external sites, operated by other owners and third parties, over which we have no control. For this reason, we encourage our visitors to be aware when they leave our website to read their privacy policy applicable. Any access to such other websites or pages is entirely at your own risk. We are not responsible for the privacy policies, content or security of any third-party websites linked to our website.

6. Changes to Our Privacy Policy

This Privacy Policy is regularly reviewed. Following any changes, the new version of the policy will be uploaded to our website and the old version removed. Please check back frequently to see any updates.

This was updated last 31 January 2025.

7. Any Questions?

Should you have any questions regarding this Privacy Policy, please contact us using the details below:

Dalmahoy Hotel Limited T/A Dalmahoy Hotel & Country Club
Trading address: Kirknewton, Edinburgh, EH27 8EB
Registered address: 171 Main Street, PO Box 4041, Road Town, Tortola, British Virgin Islands
UK establishment address: 1 Park Lane, Hemel Hempstead, Herts, HP2 4YL
Phone: 0131 333 1845
Email: marketing@dalmahoy.co.uk
Company number: BR008472

 

Book Now Gift Vouchers

Book Online, enquire by email or call on 0131 333 1845 to book a tee time

Book a table at The Pentland or Brasserie

Enquire or call on 0131 333 1845

Enquire or call on 0131 333 1845