Privacy Policy

1. Introduction

Hoppy Hotel ("we", "our", "us") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you visit our website hoppyhotel.co.uk and use our pet boarding services.

By using our website and services, you consent to the data practices described in this policy.

2. Information We Collect

2.1 Information You Provide

We collect information that you voluntarily provide to us when you:

• Contact Us: Name, email address, and message content
• Make a Booking:
  • Owner Information: Name, email address, postal address, contact number
  • Booking Details: Arrival date and time, departure date and time
  • Veterinary Information: Vet's name and address, vet's contact number
  • Pet Details (for each pet): Pet name, age and sex, description (breed/colour/size), vaccination dates (for rabbits: Myxo/VHD1 and VHD2 vaccine dates), dried food preferences, favourite vegetables and fruits, health problems or special requirements, drinking preference (bottle/bowl/both), neutered status, indoor/outdoor status

2.2 Automatically Collected Information

When you visit our website, we may automatically collect certain information about your device, including:

• IP address
• Browser type and version
• Pages you visit and time spent on pages
• Session cookies for security and functionality

2.3 Cookies and Tracking Technologies

We use cookies and similar tracking technologies to:

• Essential Cookies: Required for website functionality, security (CSRF protection), and admin login sessions
• Third-Party Cookies: Google reCAPTCHA (for spam protection) - only loaded with your consent

You can control cookie preferences through our cookie consent banner. Essential cookies cannot be disabled as they are necessary for the website to function.

3. How We Use Your Information

We use the information we collect for the following purposes:

• Service Provision: To process and manage your pet boarding bookings
• Communication: To respond to your enquiries and send booking confirmations
• Legal Compliance: To comply with legal obligations and maintain records
• Security: To protect against fraud, spam, and security threats
• Website Functionality: To ensure the website operates correctly and securely

4. Legal Basis for Processing

We process your personal data based on:

• Contract: To fulfill our booking contract with you
• Consent: When you provide explicit consent (e.g., cookie consent, form submissions)
• Legitimate Interest: For security, fraud prevention, and website functionality
• Legal Obligation: To comply with applicable laws and regulations

5. Data Sharing and Disclosure

We do not sell your personal data. We may share your information with:

• Service Providers: Third-party services that help us operate our website and business:
  • Google reCAPTCHA (for spam protection) - see Google's Privacy Policy
  • Email service providers (for sending booking confirmations and communications)
  • Web hosting and database providers
• Legal Requirements: When required by law, court order, or government regulation
• Business Transfers: In connection with a merger, acquisition, or sale of assets (with notice to users)

6. Data Retention

We retain your personal data for as long as necessary to fulfill the purposes outlined in this policy:

• Booking Data: Retained for 7 years after the last booking date (for legal and accounting purposes)
• Contact Form Submissions: Retained for 2 years or until you request deletion
• Session Data: Deleted when you log out or after 30 minutes of inactivity

After the retention period, we will securely delete or anonymize your data.

7. Your Rights Under GDPR

If you are located in the European Economic Area (EEA) or UK, you have the following rights:

• Right to Access: Request a copy of the personal data we hold about you
• Right to Rectification: Request correction of inaccurate or incomplete data
• Right to Erasure: Request deletion of your personal data (subject to legal obligations)
• Right to Restrict Processing: Request limitation of how we process your data
• Right to Data Portability: Receive your data in a structured, machine-readable format
• Right to Object: Object to processing based on legitimate interests
• Right to Withdraw Consent: Withdraw consent at any time (where processing is based on consent)

To exercise these rights, please contact us at liz@hoppyhotel.co.uk.

8. Data Security

We implement appropriate technical and organizational measures to protect your personal data, including:

• Secure HTTPS connections
• Encrypted database storage
• Secure session management
• CSRF protection
• Regular security updates

However, no method of transmission over the Internet is 100% secure. While we strive to protect your data, we cannot guarantee absolute security.

9. Children's Privacy

Our services are not directed to individuals under 16 years of age. We do not knowingly collect personal information from children. If you believe we have collected information from a child, please contact us immediately.

10. International Data Transfers

Your data may be processed and stored outside the EEA/UK (e.g., by Google reCAPTCHA in the USA). We ensure appropriate safeguards are in place, such as Standard Contractual Clauses or adequacy decisions.

11. Changes to This Privacy Policy

We may update this Privacy Policy from time to time. We will notify you of any changes by posting the new policy on this page and updating the "Last updated" date. You are advised to review this policy periodically.

12. Contact Us

If you have questions, concerns, or wish to exercise your rights regarding this Privacy Policy or our data practices, please contact us:

Hoppy Hotel
Email: liz@hoppyhotel.co.uk
Address: 14 Stratford Rd, Honeybourne, Evesham WR11 7PP, UK

You also have the right to lodge a complaint with the Information Commissioner's Office (ICO) if you believe we have not addressed your concerns adequately:

ICO
Website: ico.org.uk
Phone: 0303 123 1113