TheLoyaltyCo Data Privacy Policy

Introduction
TheLoyaltyCo (“we”,”us”,or “our”) is committed to protecting the privacy and security
of the information we collect, manage, and analyse on behalf of our clients in the hospitality
industry. Our services aim to empower hotels, restaurants, and travel agencies with data-
driven insights to enhance their operations and customer service. This Data Privacy Policy
outlines our practices regarding the collection, use, and safeguarding of your information
under General Data Protection Regulation (GDPR).

 

Scope and Application
This policy applies to all information we handle about our clients and their customers,
specifically within the scope of GDPR. It pertains to data collected through our services,
including our website, software applications, and directly from our clients.

 

Information Collection
Under GDPR, we collect personal data based on the consent provided by data subjects or
under legitimate business interests, which are detailed as follows:
 Client Information: Contact details, business information, and client preferences.
 Customer Data: Information about our clients' customers, provided by our clients.
 Usage Data: Information on how our services are accessed and used.

 

Use of Information
We use the information we collect, as laid out in GDPR, for several purposes:
 To fulfill our contractual obligations to our clients.
 To improve service offerings and performance, adhering to our legitimate business
interests.
 To communicate with clients regarding service updates and promotional offers, based
on their consent or our legitimate interests.

 

Data Sharing and Disclosure
Data sharing under GDPR is conducted with the necessary safeguards and compliance,
including:
 Service Providers: We engage with service providers to perform functions on our
behalf, such as hosting, data analysis, and customer service.
 Legal Compliance: We may disclose information when required by law or to respond
to legal processes.

 

Data Security

In compliance with GDPR, we prioritize the security of your information and employ a range
of physical, administrative, and technical safeguards, to protect against unauthorized
access, alteration, disclosure, or destruction of data.

Data Retention
TLC retains personal information for as long as necessary to provide our services, comply
with legal obligations, resolve disputes, and enforce our agreements. The retention period
for specific information depends on the nature of the information and the purposes for which
it is processed.

Rights of Data Subjects
Under GDPR, individuals have rights over their personal data, including the right to access,
correct, delete, or restrict its use. To exercise these rights, please contact us at the details
provided below.

Changes to the Privacy Policy
We may update this policy from time to time. We will notify our clients of any significant
changes by email or through a notice on our website. Continued use of our services after
such changes constitutes acceptance of the new terms.

Contact Information
For questions or concerns regarding our Data Privacy Policy, please contact us at:
Email: [email protected]
Address: St John’s House, Queen Street, Manchester, England, M2 5JB