Privacy Policy

 

1. Introduction

This privacy policy explains how we use your personal data, and the rights available to you under data protection law.  When we refer to ‘personal data’, we mean any information that relates to you as an identifiable individual. 

We may update this notice from time to time. If there is any significant change, we will let you know, but you’re welcome to come back and check it whenever you wish.

For your information this privacy policy was last updated on 6 October 2025.


2. Who are Warner Hotels?

Warner Hotels owns and operates country and coastal properties around the UK, offering short adult only breaks.

Throughout this notice, ‘we’ and ‘us’ refers to Bourne Holidays Limited, the company trading as Warner Hotels.  Bourne Holidays Limited is your ‘data controller’ and is located at Warner Hotels, 1 Park Lane, Hemel Hempstead, HP2 4YL. 

If you have any queries relating to this policy, “you may write to us at this address, or contact us here

 

3. How do we collect your personal data?

We collect your personal data when you:

  • book a stay with us, whether on our website or over the phone;
  • book activities before or during a stay, including by using My Warner Stay;
  • browse our website, including filling in any forms on our website;
  • submit an enquiry or complaint to us;
  • complete one of our customer feedback surveys;
  • enter a prize draw or competition. 

In most cases, you provide your data to us.  However, in some cases your personal data may be collected automatically, without any interaction from you.  For example, when you browse our website we use automatic tracking technologies such as cookies to collect information about your visit.  When you visit one of our hotels, your image may automatically be captured by one of our CCTV cameras.

 

4. How do we use your personal data?

We use your personal data for the purposes listed below.  For each purpose, we have also explained the types of personal data used, as well as the ‘legal basis’ we rely on under data protection law.  This is our justification for using your personal data for that purpose.  Where our legal basis is ‘performance of a contract’ then, unless otherwise stated, we are referring to the Warner Hotels full terms and conditions, available here.

 

How we use your personal data

Types of personal data

Our legal basis

Create a customer account

Contact information

Username and password

Performance of a contract

Book your break with us, including taking payment for the booking

Contact information

Payment information

Details of your stay (e.g., type of room booked)

Marketing preferences

Guest preferences and special requests (e.g., health or religion information)

Performance of a contract

Consent (to take account of any special categories of data relevant to a stay that are volunteered by you as part of a special request)

Book your leisure activities

Contact information

Payment information

Health data

Performance of a contract

Consent

 

Manage your booking using My Warner Stay

Contact information

Payment information

Details of your stay (e.g., type of room booked)

Performance of a contract

 

Our legitimate interest in providing a portal to allow guests to change details of their booking

Sell you a giftcard or redeem a purchased giftcard

Contact information

Payment information

Performance of a contract

Send you communications about a booking or about changes to our services or our terms and conditions (‘service communications’)

Contact information

Details of your stay (e.g., type of room booked)

Performance of a contract

Send you newsletters, marketing and other promotional communications (‘marketing communications’)

Contact information

Marketing preferences

Consent

Create marketing profiles to better tailor our marketing communications to you

Contact information

Marketing preferences

Express and implied preferences (e.g., the types of bookings you've made and what this tells us about your preferences)

Our legitimate interest in ensuring our marketing communications are relevant and of interest to you (note, as above we will only send marketing communications with your consent)

Administer customer satisfaction and feedback surveys

Contact information

Opinion data (your views on Warner Hotels and your break)

Legitimate interest

Run research panels

Contact information

Opinion data (your views on Warner Hotels)

Consent

Respond to your enquiry or complaint

Contact information

Details of your enquiry or complaint

Legitimate interest in resolving your complaint or answering your enquiry

Record telephone calls to customer services

Audio recording of you

Legitimate interest in (i) training our customer service staff; and (ii) having an accurate record of the call in case of challenges

Run competitions and prize draws

Contact information

Official ID document (if needed to verify date of birth or identity)

Performance of a contract

Taking promotional photos and videos at our hotels

Images of you

Legitimate interest in creating promotional content to advertise our hotels

Run CCTV and ANPR systems at our hotels

Images of you

Legitimate interests in safeguarding our property and our staff and in preventing and detecting crime

Capture information about health and safety incidents at our hotels

Facts of an incident involving you

Health data

Complying with our legal obligations including under health and safety at work laws

Create customer testimonials

Opinion data (your views on Warner Hotels and your break)

Legitimate interest in promoting our business by using real customer feedback

Deploy ‘strictly necessary’ cookies on our website

Online and device identifiers

Legitimate interest in making the website functional and secure

Analyse the use of the website

Online and device identifiers

Browsing history

Consent (given to us through your agreement to the use of cookies and similar technologies when you first visit our website)

Serve targeted online advertising to you and track your responses to those adverts

Online and device identifiers (e.g., IP address; email address)

Browsing history

Consent (given to us and / or third party websites and social media platforms through your agreement to the use of advertising related tracking technologies)

Resolve legal claims

Any data relevant to your legal claim

Legitimate interest

 

Certain types of personal data are given special protection under data protection laws.  These are known as ‘special categories of data’ and include health, race and religion data.  This data, and our lawful bases for processing it, are shown in italics. 

As well as making our own promotional films and photographs, we sometimes allow other companies (e.g., film/TV producers) to film or photograph at our hotels. If this happens during your stay, the third party company making the film or taking the photographs is required to display notices informing you of this.  You should contact them directly if you have any concerns. 

 

5. Direct marketing

As explained in section 4 above, if you provide us with your consent then we will send you information about special offers and promotions.  These are known as direct marketing communications.  We may send you direct marketing communications via email, text message, push notifications, in-app alerts, direct mail, and social media.

We want to bring you news and offers that are most relevant to your interests at particular times. To help us form a better, overall understanding of you as a customer, we may, where relevant, combine your personal data, for example your booking history and activities preferences. For this purpose, we may also combine the data that we collect directly from you with data that we obtain from third parties, to whom you have given your consent to share that data with us.

We may also use something called “custom audiences” to deliver advertisements to our website customers, based on Targeting Cookies that we collect from you.  

We also use something called "Lookalike Audiences" this tool enables us to create a lookalike audience of our customers with similar demographics. Facebook or Google finds users who have similar attributes to our customer base.

You can opt out of receiving all forms of marketing communication, and other forms of marketing activity (such as customer profiling), by following these steps: 

  • Click the ‘unsubscribe’ link in any email communication that we send you. We will then stop any further emails to you.
  • If you have an account with us you can log in into your account and change your marketing preferences.
  • In our apps, you can manage your preferences and opt out from one or all the different push notifications by selecting or deselecting the relevant options in the ‘Settings’ section.
  • If you do not wish to see advertising on social media, you can also manage this within your social media platform settings.
  • You can contact our Data Protection Team directly by clicking here.

Please note that you may continue to receive communications for a short period after changing your preferences while our systems are fully updated.

 

6. Use of Artificial Intelligence

Our website uses an AI chatbot to answer your questions.  Responses from this chatbot are artificially generated. 

 

7. Who do we share your personal data with?

We sometimes share your personal data with third parties. 

In most cases, these are third parties who support us in providing our services to you.  For example:

  • Third party suppliers of IT systems and applications (e.g., our reservation management system) on which your data is stored.
  • Third party service providers who carry out our user testing for us.
  • Technology solutions providers who help us show you online advertising.
  • Direct marketing companies who help us manage our electronic and postal communications with you.
  • Data insight and market research agencies, who may send surveys on our behalf.
  • Auditors and other professional advisors who help us manage our processes and improve accuracy of our data.
  • Third party providers of activities or events which you have booked.
  • Social media platforms to show you targeted advertisements that might interest you while you’re browsing the internet. This is based on either your marketing consent or your acceptance of cookies on our websites. See our Cookies Policy for details.
  • Payment service providers that enable us to securely process your payments.
  • Partnerships we work with to bring certain services or breaks to our guests.

 

The following are examples of third parties who aren’t acting as our service providers, but with whom we may need to share your personal data:

  • Companies within our corporate group (for example, if we re-organise the group and need to move data to a different legal entity within the group).
  • Law enforcement bodies such as the police – for example, if you are involved in suspected criminal activity at one of our sites.
  • Fraud databases and/or the police if we come across a suspicious transaction.
  • We may also be required to disclose your personal data where we are required or permitted to do so by law or to protect or enforce our rights or the rights of any third party.
  • Prospective purchasers of our business or assets and the professional advisors to those prospective purchasers.  If we sell our business, or any part of it, to a third party and in so doing they acquire your data, they will be required to notify you of this fact.
  • Where you are attending an event organised by a third party at our hotels, we may share booking details with them to allow the event to be planned effectively. .
  • If you take out holiday insurance as part of your break, we will pass on details of your booking to our insurers, and their underwriters. This will allow them to administer your policy and any claim.

 

9. Security at our hotels

Surveillance is operated in our hotels to assist with monitoring & maintaining hotel, guest and team safety, to prevent and detect crime and assist law enforcement (where necessary):

  • CCTV.
  • Automated Number Plate Recognition (ANPR).
  • Some sites may operate drowning prevention technology.

These systems are operated for the protection of our guests, team & premises from criminal activities.

If we discover any criminal activity or alleged criminal activity through our use of CCTV, we will process this data for the purposes of preventing or detecting unlawful acts.

The legal basis for our use of this information is in our legitimate interest in ensuring the safety of guests and employees at our hotels and to assist with law enforcement. We may also use the footage to exercise and defend our legal rights.

 

10. International transfers of your personal data

We are a UK headquartered business and, in most cases, your data will remain within either the UK or the European Economic Area (EEA).  The EEA is considered to provide the same level of data protection as the UK.

In some cases, IT service providers that we use to manage your data may have servers or support teams outside of the UK and the EEA, for example in the United States or in India.  In these cases, we implement contractual safeguards with those service providers to ensure that your data receives an adequate level of protection when it is processed overseas.  You have a right to ask for a copy of those safeguards.

 

11. How long will we keep your personal data?

Whenever we collect or process your personal data we’ll only keep it for as long as is necessary, for the purpose for which it was collected. This period will be determined based on any business and/or legal requirements.  For example, we have a legal obligation to maintain hotel reservation information for at least 12 months, and we may need to keep this information for a longer period of time so that the company can defend itself against potential legal claims brought by guests or third parties. 

At the end of that retention period, your data will either be deleted completely or anonymised, for example by aggregation with other data so that it can be used in a non-identifiable way for statistical analysis and business planning.

If you need further information, please contact us here.

 

12. Your rights

You have rights in relation to your personal data.  Not all of these rights are applicable in all circumstances, and some are subject to exemptions.  If you contact us, we will be happy to help you understand which rights are applicable in your circumstances, or you can visit the ICO’s website for an explanation: https://ico.org.uk/your-data-matters/

The full list of rights is:

  • To access personal data
  • To rectify / erase personal data
  • To restrict the processing of your personal data
  • To transfer your personal data to another controller (‘data portability’)
  • To object to the processing of personal data
  • To object to how we use your personal data for direct marketing purposes
  • To obtain a copy of personal data safeguards used for transfers outside the UK
  • To lodge a complaint with your local supervisory authority

We may ask you for additional information to confirm your identity and for security purposes, before disclosing the personal data requested to you. We reserve the right to charge a fee where permitted by law, for instance if your request is manifestly unfounded or excessive.

You can exercise your rights by contacting us here. Subject to legal and other permissible considerations, we will make every reasonable effort to honour your request promptly or inform you if we require further information in order to fulfil your request.

We may not always be able to fully address your request, for example if it would impact the duty of confidentiality we owe to others, or if we are legally entitled to deal with the request in a different way.

 

14. Cookies and other tracking technology

Our website uses “cookies” and similar tracking technologies. These are used for various purposes, including distinguishing you from other website visitors. You can manage all cookies using the pop-up consent management platform on our website, through your browser settings or using a service such as https://www.aboutcookies.org.uk/managing-cookies. You can manage your preferences for the Facebook pixel through Facebook settings.  See our Cookie Policy for more information.

 

15. How do we protect your personal data?

We treat your personal data with care and take appropriate steps to protect it. We secure access to all transactional areas of our websites and apps using ‘https’ technology.

We take reasonable measures to protect personal data from unauthorised access, disclosure, alteration, or destruction and keep personal information accurate and up to date as appropriate. 

Sensitive data such as payment card information is processed securely and tokenised to ensure it is protected.  Warner Hotels maintains a payment card industry (“PCI”) compliance program which helps ensure the security of card transactions. To ensure compliance we have to meet a number of operational and technical requirements to protect your card data. 

We will never ask you to send us confidential information or payment card information via email or text message.

We require third parties with whom we share personal information to exercise reasonable efforts to maintain the confidentiality of personal information.

In the event of a security incident, Warner Hotels will notify regulators and/or consumers as required by applicable laws and regulations.

 

16. Changes to Our Privacy Policy

We reserve the right to modify this privacy policy from time to time. Any changes we make in the future will be posted on https://www.warnerhotels.co.uk.

If you have any complaints regarding this privacy policy please contact us here or write to the Data Protection Officer, Warner Hotels, 1 Park Lane, Hemel Hempstead, HP2 4YL.  You can also contact the UK Information Commissioner at telephone number 0303 123 1113 or https://ico.org.uk/make-a-complaint.

 

17. Any questions?

We hope this Privacy Notice has been helpful in setting out the way we handle your personal data and your rights to control it. If you have any questions that haven’t been covered, please contact our Data Protection Officer who will be pleased to help you: Questions, concerns, comments, requests or complaints regarding this privacy policy, our website and/or our use of your personal information, please submit your query here.

If you have any complaints regarding this privacy policy, you may also contact the UK Information Commissioner at telephone number 0303 123 1113 or https://ico.org.uk/make-a-complaint.