PRIVACY POLICY

This comprehensive Privacy Policy is structured to be compliant with major global regulations, such as the General Data Protection Regulation (GDPR), as it covers key principles like lawful basis for processing, transparency, and data subject rights.

Disclaimer: This is a template and is not legal advice. You must replace all bracketed placeholders with your specific business details. We strongly recommend having a legal professional review and adapt this policy to ensure full compliance with the laws applicable in your jurisdiction.

Privacy Policy

Effective Date: 01-11-2025

Craigpark Residences ("we," "us," or "our") is committed to protecting your privacy and personal data. This Privacy Policy explains how we collect, use, disclose, and safeguard your personal information when you book a serviced apartment, use our website, or interact with our services.

1. Who We Are (Data Controller)

Name: Timenys Properties LTD/ Craigpark Residences

Address: 6 Craigpark G31 2NA Glasgow

Email: contact@craigparkresidence.co.uk

Telephone: 

We are the Data Controller responsible for the personal data collected under this policy.

2. The Information We Collect

We collect and process various types of personal data to manage your booking and provide our services.

​

| Category of Data | Examples of Data Collected | Purpose of Collection (Why we need it) | Lawful Basis for Processing (GDPR) 

​

| Identity & Contact Data | Full Name, Address, Email Address, Phone Number, Nationality, Job Title (if corporate booking). | To manage your reservation, communicate pre-arrival and during your stay, and verify identity. | Contract (Performance of the Booking Agreement) |

| Booking & Transaction Data | Arrival/Departure Dates, Apartment Unit, Total Cost, Payment Status, Booking Source (e.g., website, booking agent). | To process your booking, manage billing, and maintain our financial records. | Contract and Legal Obligation (Tax/Accounting laws) |

| Payment Data | Credit/Debit Card Details (collected securely by our payment processor, we do not store full card numbers). | To process payments, take a security deposit, and refund overcharges. | Contract and Legitimate Interest (Preventing fraud) |

| Security & Safety Data | CCTV footage (in public areas), ID/Passport details (where required by local law), Car registration (if parking provided). | To ensure the safety and security of guests, staff, and the property. | Legal Obligation (Local regulations) and Legitimate Interest (Safety and crime prevention) |

| Usage & Technical Data | IP Address, browser type, operating system, pages viewed on our website, booking system activity. | To improve our website, manage our systems, and understand market trends. | Legitimate Interest (Business development and system security) |

​

​

3. How We Collect Your Information

We collect your information from the following sources:

 * Directly from you: When you book through our website, communicate via email or phone, or sign a registration form upon check-in.

 * From Third Parties: Online Travel Agents (OTAs) like Booking.com or Airbnb, corporate booking platforms, or travel agents who book on your behalf.

 * Automatically: Through our website cookies and tracking technologies, and through CCTV systems operating in the common areas of the Building.

4. Disclosure of Your Personal Data

We will only share your personal data with the following third parties and for the stated purposes:

 * Payment Processors: To securely handle payment transactions and security deposits.

 * Booking Agents: To confirm booking details and manage payments where you booked through a third party.

 * Maintenance and Cleaning Contractors: To grant necessary access to your apartment for scheduled services or repairs.

 * IT System Providers: Including our Property Management System (PMS) and cloud storage providers, to manage and store your data securely.

 * Legal Authorities: When we are under a legal obligation to do so, such as police, immigration, or tax authorities, to comply with applicable law.

We require all third parties to respect the security of your personal data and to treat it in accordance with the law.

5. Data Security

We have implemented appropriate technical and organisational measures to prevent your personal data from being accidentally lost, used, accessed, altered, or disclosed in an unauthorised way. This includes secure systems, encrypted data transfer (SSL), and restricted access to personal data.

6. Data Retention (How Long We Keep Your Data)

We will only retain your personal data for as long as necessary to fulfil the purposes we collected it for, including for the purposes of satisfying any legal, accounting, or reporting requirements.

 * Booking Data: Generally retained for a period of [Insert Period, e.g., 6 years] after your departure to satisfy tax, accounting, and legal requirements.

 * CCTV Footage: Typically retained for 30 days, unless required for a specific investigation.

 * Marketing Consent: Retained until you unsubscribe or withdraw your consent.

7. Your Legal Rights

Under data protection laws, you have the following rights concerning your personal data:

 * Right of Access: You can request a copy of the personal data we hold about you.

 * Right to Rectification: You can ask us to correct inaccurate or incomplete data we hold about you.

 * Right to Erasure (Right to be Forgotten): You can ask us to delete your personal data when there is no good reason for us to continue processing it (subject to legal retention requirements).

 * Right to Restrict Processing: You can ask us to suspend the processing of your personal data in certain scenarios.

 * Right to Object to Processing: You can object to the processing of your data where we are relying on a legitimate interest.

 * Right to Data Portability: You can request that we transfer your data to you or another party in a structured, commonly used, machine-readable format.

 * Right to Withdraw Consent: Where we rely on your consent to process your data, you can withdraw that consent at any time.

If you wish to exercise any of these rights, please contact us using the details in Section 1.

8. Changes to This Privacy Policy

We may update this policy from time to time. Any changes will be posted on our website and will take effect immediately upon posting. We encourage you to review this policy periodically.

9. Contact Us and Complaints

If you have any questions about this Privacy Policy or our data protection practices, please contact us at contact@craigparkresidence.co.uk

You have the right to make a complaint at any time to the relevant supervisory authority for data protection in your jurisdiction. In the UK, this is the Information Commissioner's Office (ICO).