Skip to content
Book Now

Privacy Policy

By using these Services, you agree to the terms and conditions of this Privacy Policy.

At Carnarvon Hotels Ltd (“we”, “us”, “our”), we are committed to protecting your privacy and handling your personal information with care, transparency, and respect.

This Privacy Policy explains how we collect, use, share, and protect your personal data when you use our websites, contact us, or stay with us at The Rathbone Hotel. It also outlines your rights under UK data protection law.

By using our website or services, you agree to the practices described in this Privacy Policy.

Who We Are (Controller Information)

Carnarvon Hotels Ltd is the data controller responsible for the processing of your personal information in connection with:

  • The Rathbone Hotel, Fitzrovia
  • Other businesses within the Carnarvon Hotels group

Our registered address:
Carnarvon Hotels Ltd,
49-51 Rathbone Street, London W1T 1NW

If you have any questions about this policy, contact us at: info@chlgroup.co.uk

What This Policy Covers

This policy describes how we collect and process your personal data when you:

  • browse our website
  • make a booking (directly or via third parties)
  • contact us by email or phone
  • check in or stay with us
  • use our services (bar, housekeeping, concierge, Wi-Fi, room service etc.)
  • interact with us on social media
  • apply for a job

This website is not intended for children. We do not knowingly collect children’s data online.

The Personal Data We Collect

We collect personal data only where necessary to deliver our services or meet legal requirements.

Identity & Demographic Data | Name, title, date of birth, nationality, gender, passport details (where required by law).

Contact Data | Email, phone number, postal address, business contact details (if relevant).

Reservation & Transaction Data | Booking details, room preferences, correspondence, services used, dates of stay, payments, billing information.

Profile & Preference Data | Special requests, dietary requirements, accessibility needs, pillow preferences, loyalty information, feedback and survey responses.

Technical & Usage Data | IP address, browser type, device information, browsing behaviour on our website.

CCTV & Security Data | Images captured in public areas for safety and security.

Job Applicant Data | CVs, employment history, right-to-work evidence, references.

We do not collect special category data (e.g., health, religious beliefs) unless you provide it voluntarily

How We Collect Personal Data

We collect your data through:

  • our website and booking engine
  • telephone or email enquiries
  • online and offline travel agents
  • during check-in or your stay
  • social media interactions
  • job applications

How We Use Your Personal Data (Lawful Bases)

We will only use your personal data when permitted by law. Most commonly, we process data under:

a) Contractual necessity

To:

  • manage bookings
  • process payments
  • provide hotel services
  • send stay-related emails (confirmation, pre-arrival, receipts

b) Legitimate interests

To:

  • improve our services and guest experience
  • personalise your stay
  • ensure hotel security and safety
  • manage business operations (analytics, reporting, service optimisation)

c) Legal obligations

To:

  • comply with local laws requiring guest registration
  • maintain financial records
  • assist law enforcement where required

d) Consent

For:

  • optional marketing communications
  • specific special requests that require sensitive data

You may withdraw consent at any time.

How We Share Your Personal Data

We only share your data when necessary and always securely. We may share it with:

  • companies within the Carnarvon Hotels group
  • trusted third-party service providers (IT, PMS systems, booking engine, payment processors, Wi-Fi provider, marketing systems)
  • travel agents or representatives who made your reservation
  • law enforcement or regulators if required
  • medical services in the event of an emergency
  • a buyer in the event of a business sale (rare and controlled)

We never sell your personal data.

International Transfers

We aim to keep all data within the UK or EEA.
If a trusted supplier transfers data outside the UK, we ensure it is protected by UK-approved safeguards such as Standard Contractual Clauses.

Data Security

We use technical and organisational measures to protect your data, including:

  • encrypted connections (SSL)
  • access restrictions for staff
  • secure payment processing
  • regular system monitoring
  • CCTV in public areas for safety

No transmission over the internet is guaranteed 100% secure, but we follow industry best practice to safeguard your information.

Data Retention

We only keep your personal data for as long as necessary, including:

  • to deliver services
  • to comply with legal, tax, and accounting requirements
  • for limited marketing retention (unless you opt out)

We may anonymise data for analytical use.

Your Rights

Under UK GDPR, you have the right to:

  • access your data
  • correct inaccuracies
  • request erasure
  • restrict or object to processing
  • request data portability
  • withdraw consent at any time

To exercise any right, contact: info@chlgroup.co.uk

Third-Party Links

Our website may link to third-party sites (e.g., restaurant partners, booking engines).
We are not responsible for their privacy practices.

Cookies

We use cookies to enhance your browsing experience.
For full details, please see our Cookie Policy.

Job Applicants

We process applicant data only for recruitment purposes and retain it for no longer than 12 months unless lawful retention requires otherwise (e.g., right-to-work documents).

Changes to This Policy

We may update this policy from time to time. The latest revision date will appear below.

Last updated: January 2026

 

 

 

 

Thoughtful touches, shaped around your stay.