Privacy and Cookies Policy

New Steine Hotel, Bar & Bistro Privacy & Cookies Policy

New Steine Hotel, Bar & Bistro is committed to protecting and respecting your privacy whenever and wherever possible.

The policy as laid out below (along with our ‘General Terms and Conditions’ and our ‘Best Rate Guarantee Policy’ and any other documents referred to on our sites or published literature) sets out the basis on which any personal data we collect from you, or that you provide to us, will be processed by us. Please read the following carefully to fully understand our views and best working practices regarding the handling of your personal data. Please note that for the purpose of the Data Protection Act 1998 (the Act) and the new GDPR, we are referred to as the ‘data controller’, and where it states ‘we’ relates to the New Steine Hotel, Bar & Bistro.

Please note that from 25 May 2018 the new GDPR (General Data Protection Regulations) come into force. Changes that affect the current regulations have been added/amended within this document, on our General Terms and Conditions, and other locations where it has been deemed necessary, and have been highlighted in this document for your convenience.


The GDPR will give the customer more control over how organisations, such as ourselves, use your personal information, or data. It aims to create identical data privacy laws across all EU countries, which will remain in force as UK Law after the UK leaves the EU. The GDPR says that customers need to actively opt in. Individuals will be able to request information about how a company might be using their data, what data it collects, and why.

The GDPR applies to all personal data. That means any information that could identify a living person, directly or indirectly. This could include their name, location or their phone number. Some personal information is classed as sensitive by the GDPR, and needs more protection, but please note that ‘we’ do not collect such sensitive data, and only maintain the basic data, as listed above, in line with the law and current regulations.


We may collect and process the following data about you:

  • Information that you provide by filling in enquiry or booking form on our site;
  • This includes information provided at the time of registering to use our site, subscribing to our service (including the booking of accommodation) or requesting further services. We may also ask you for information when you report a problem with our site;
  • Information collected via our comment cards and online booking system database, as provided by guest’s directly or via a 3rd party booking source;
  • Information and correspondence between yourself and us, in relation to enquiries, bookings and general information;
  • Details of your visits to our site including, but not limited to, traffic data, location data, weblogs and other communication data, whether this is required for our own billing purposes or otherwise and the resources that you access;
  • Information that you provide to us or that we ascertain during a visit to one of our hotels or whilst utilising our events company’s services.


Information collected may include Names, Locations (including addresses with postcode), Contact Telephone or Email details, as well as preference details (such as previous stay requests, room type preferences, etc…). Such information may be collected on our behalf by third party organisations (such as booking sites). We do not request or store any ‘sensitive’ data, and financial data (such as credit/debit card details) are only held for as long as reasonably expected, in line with PCI compliance.


Created by certain websites when you visit them, a cookie is a small data file containing information about your visit and preferences on the website, and stored on your hard drive. Those help us to offer you a better consultation of our website and to enhance its performances. The cookies cannot obtain personal information from your hard drive or other cookies.

We use a visitor tracking software and cookies provide information:

– to speed up your searches;
– to recognise you when you return to our website;
– to estimate the audience of our website;
– to store your preferences.

You can refuse cookies by modifying the settings of your browser. However, if you do so, the navigation of our website may be slower but the navigation will not be affected otherwise.

The GDPR regulations do not make much mention of cookies, and there is already EU legislation in respect to cookies that was introduced in 2011. In brief, if a cookie can be used to identify an individual then they should have provided explicit consent for it to be used, however the tools ‘we’ and our marketing companies utilise use anonymised data and are therefore unaffected by GDPR. For Google Analytics, which ‘we’ may use to use to track visitors through the use of cookies, it is not possible to single out an individual. Therefore, no changes under GDPR are necessary. Similarly, for advertising via Google AdWords, the data at our disposal is again anonymised and so no changes are needed to be GDPR-compliant.


The data that we collect from you may be transferred to, and stored at, a destination outside the European Economic Area (“EEA”). It may also be processed by staff operating outside the EEA who work for us or for one of our suppliers. Such staff may be engaged in, among other things, the fulfilment of your order, the processing of your payment details and the provision of support services. By submitting your personal data, you agree to this transfer, storing or processing. We will take all steps reasonably necessary to ensure that your data is treated securely and in accordance with this privacy policy.

Where we have given you (or where you have chosen) a password or access code which enables you to access certain parts of our site, you are responsible for keeping this password or access code confidential. We ask you not to share a password or access code with anyone.

The transmission of information via the internet is not completely secure. Although we will do our best to protect your personal data, we cannot guarantee the security of your data transmitted to our site; any transmission is at your own risk. Once we have received your information, we will use strict procedures and security features to try to prevent unauthorised access.


We use information held about you in the following ways:

  • To ensure that content from our site is presented in the most effective manner for you and for your computer;
  • To provide you with information, products or services that you request from us or which we feel may interest you, where you have consented to be contacted for such purposes;
  • To carry out our obligations arising from any contracts entered into between you and us;
  • To notify you about changes to our service.

We may also use your data, or permit selected third parties to use your data, to provide you with information about goods and services which may be of interest to you and we or they may contact you about these by post or telephone.

If you are an existing customer, we will only contact you by electronic means with information about services similar to those which were the subject of a previous sale to you. If you are a new customer, and where we permit selected third parties to use your data, we (or they) will contact you by electronic means only if you have consented to this.

If you do not want us to use your data in this way, or to pass your details on to third parties for marketing purposes, please ensure you do not choose the ‘opt-in’ section on relevant documentation / online forms. Alternatively you can opt-out at any time, having originally opted-in, by clicking the link on such emails to unsubscribe. Alternatively, to have yourself removed from such databases, please contact us directly on


We may disclose your personal information internally between our three businesses, as defined in section 1159 of the UK Companies Act 2006.

We may disclose your personal information to third parties:

  • In the event that we sell or buy any business or assets, in which case we may disclose your personal data to the prospective seller or buyer of such business or assets;
  • If any one of our businesses or parts of our business assets are acquired by a third party, in which case personal data held by it about its customers will be one of the transferred assets;
  • If we are under a duty to disclose or share your personal data in order to comply with any legal obligation, or in order to enforce or apply our General Terms and Conditionsor terms and conditions of supply and other agreements; or to protect the rights, property, or safety of our businesses, our customers, or others. This includes exchanging information with other companies and organisations for the purposes of fraud protection and credit risk reduction.


You have the right to ask us not to process your personal data for marketing purposes. We will always inform you (before collecting your data) if we intend to use your data for such purposes or if we intend to disclose your information to any third party for such purposes. You can exercise your right to prevent such processing, at any time, by contacting us at

Our site may, from time to time, contain links to and from the websites of our partner networks, advertisers and affiliates. If you follow a link to any of these websites, please note that these websites have their own privacy policies and that we do not accept any responsibility or liability for these policies. Please check these policies before you submit any personal data to these websites.


The Act gives you the right to access information held about you. Your right of access can be exercised in accordance with the Act and GDPR and is free of charge. This includes data we hold about you, how it is collected, why it is stored and the right to remove your data, which can include asking for data to be corrected if it is not accurate.


People can also ask for their personal data to be deleted at any time – if it’s no longer relevant. This is known as the right to be forgotten. Please note this will only apply to data collected that is not required to be maintained by alternative current laws, such as requirements for HMRC data for financial transactions, and basic stay data in line with UK Border Control requirements, including Name, Dates of Stay, Nationality and Next Destination (along with passport/ID details for non-UK residents).


Any changes we may make to our privacy policy in the future will be posted on this page and, where appropriate, notified to you by e-mail.


Questions, comments and requests regarding this privacy policy are welcomed and should be addressed to