Privacy Policy

1 General Information

This Privacy Notice (the "Notice") explains how Bonjour Residences Limited (company number SC670505) and its group companies ("us", "our", "we") processes personal data in connection with (a) accommodation booking services we provide to our customers, (b) in operating our website (https://www.bonjour-residences.co.uk/) and (c) any related services, sales, marketing or events we provide. This Notice applies to (a) individuals whose details we receive from our customers in order to arrange accommodation or any other services we provide, and (b) individuals who interact with us directly as customer and/or who use our website or interact with us online.

When we collect and use your personal data in the ways described in this Notice, we are a controller for the purposes of data protection legislation.

This privacy notice has the purpose of making you are aware of how and why we are using such your personal data and what your rights are under data protection legislation.

We may provide you with additional information about our data processing activities from time to time. It is important that you read this Notice together with any other privacy notice we provide on specific occasions when we are collecting or processing personal data about you so that you are fully aware of how and why we are using your data. This Notice supplements other notices and/or privacy notices and is not intended to override them.

This Notice is aimed at data subjects who reside in the UK.

2 What Data We Collect

If you are interacting with us as a corporate body, then in most instances the data we collect from you will not be personal data and instead is data related to a business. If you are interacting with us as a consumer, a sole trader, or an unincorporated organisation, or you are an individual personnel member on behalf of a corporate body, we may collect some personal data about you.

We may collect and process the following personal data:

• Accommodation Booking

o Name

o Contact details (email, phone number)

o Residential or business address

o Date of birth or age

o Identification documents (e.g. passport, driving licence, where required to provide the service to our customers and ensure the security of the properties which we arrange accommodation at)

o Credit card information (where required)

• Customer details

o Payment information

o Transaction and booking history

• Website

o Information you provide via web forms (such as enquiries, signups or requests)

o Technical information such as IP address, browser type and usage data

o Information collected through cookies and similar tracking technologies

o Gathering demographic information about our user base as a whole

• Related Services

The personal data we collect depends on the context of your interactions with us, the choices you make and the products or services you express an interest in but may include:

o Name

o Contact information (address, email, phone number)

o Marketing preferences  

Please contact us soon as possible after there is any change to your personal data (including your contact details, name and title). We cannot be held responsible for any errors in your personal data unless you have notified us of a relevant change.

When we obtain personal data from indirect sources we take reasonable steps to ensure it is not incorrect or misleading as a matter of fact, but depending on the source of the personal data, it is not always reasonable to do this.

3 Legal Basis for Processing

Our legal bases for processing personal data include:

• Contract: processing necessary to perform our agreement with corporate customers.

• Legitimate interests: operating our business, fulfilling bookings, maintaining the website.

• Legal obligations: complying with law, including ID verification and record-keeping.

• Consent: for optional marketing emails and for the use of non-essential cookies.

4 How We Use Personal Data

We use personal data for the following purposes:

• Name: To arrange and manage accommodation bookings on behalf of our customers

• Contact details (email, phone number): To liaise with accommodation providers and booking platforms in relation to the services we are contractually obligated to provide to our customers

• Residential or business address: To liaise with accommodation providers and booking platforms in relation to the services we are contractually obligated to provide to our customers

• Date of birth or age: To verify identity, where required and to comply with legal and regulatory requirements

• Identification documents (e.g. passport, driving licence, where required to provide the service to our customers and ensure the security of the properties which we arrange accommodation at): To verify identity, where required and to comply with legal and regulatory requirements

• Credit card information (where required): To fulfil the terms of our contract to provide accommodation services

• Payment Information: To fulfil the terms of our contract to provide accommodation services

• Transaction and booking history: To fulfil the terms of our contract to provide accommodation services and to comply with our legal obligations

• Information you provide via web forms (such as enquiries, signups or requests): To respond to your enquiry and improve our website (where applicable)

• Technical information such as IP address, browser type and usage data: To manage and improve our website (where applicable)

• Information collected through cookies and similar tracking technologies: To manage and improve our website (where applicable) and to comply with our legal obligations

• Gathering demographic information about our user base as a whole: To manage and improve our website (where applicable)

• Marketing preferences: To provide marketing materials to you (where you have asked us to do so)

‍

Changes to purpose: We will only use your personal data for the purposes for which we collected it, unless we reasonably consider that we need to use it for another reason and that reason is compatible with the original purpose. If we need to use your personal data for an unrelated purpose, we will notify you and we will explain the legal basis which allows us to do so. Please note that we may process your personal data without your knowledge or consent where this is required or permitted by law or regulation.

Record maintenance: Your personal data may be included in our records (e.g., voicemails, correspondence, documents, and other work product and communications created, stored or transmitted using our networks, applications, devices, computers or communications equipment). We have this information as it is necessary for our business and therefore is in our legitimate interests.

Litigation: We require to use any or all types of your personal data for litigation purposes depending on the specific nature of the litigation. We rely on the legal basis of our legitimate Interests for this purpose, and the additional condition of legal claims.

Automated decision making: Automated decision-making takes place when an electronic system uses personal data to make a decision without human intervention. We do not envisage that any decisions will be taken about you using automated means, however we will notify you in writing if this position changes.

5 How We Collect Personal Data

We use different methods to collect personal data from and about you including through:

• Direct interactions. You may give us your personal data directly by filling in our forms or questionnaires, corresponding with us or speaking with us in person.

• Indirect interactions. We may also receive personal data about you indirectly from:

o third parties, such as our customers organising bookings on your behalf;  

o our systems (e.g. CCTV), websites and cookies; and

o publicly available sources and databases (e.g. Companies House, search engines and social media).

6 Consequences of failing to Provide Personal Data

When we rely on the legal basis of Contract and you fail to provide certain information when requested, we may not be able to perform the contract we have entered into with you (for example: we may not be able to perform our services, we may not be able to make payment to you).

When we rely on the legal basis of Legal Obligation, and you fail to provide certain information when requested we may be prevented from complying with our legal obligations.

In each of these instances, we may be required to suspend and/or terminate the contract or relationship that we have with you or to amend the terms of the contract or relationship, and we cannot be liable for any failure or delay.

7 Sharing and Transfers

Group structure: We are part of a group structure and we may share your data with holdings companies for supervisory purposes. We may share your personal data with our other group entities as we share IT systems and storage solutions or we have shared senior personnel.

Suppliers: We contract with third party service providers and suppliers to deliver certain services and they may have access to your personal data to enable them to deliver those services. Those third parties are acting as our processors. We currently use the following categories of service providers:

• Accommodation providers and booking platforms for the purposes of delivering our services to our customers

• IT and hosting providers supporting our website

• Professional advisors (such as our lawyers, accountants)

Legal and regulatory requirements: We will also provide your personal data to third parties where there is a legal or regulatory obligation to do so, for example to regulators, government departments, law enforcement, tax authorities and any relevant dispute resolution body or the courts.

Court orders: We will also provide your personal data where a court order mandates disclosure.

Corporate Transactions: We disclose your personal data as part of, in connection with, or during negotiations of, any merger, sale of our assets, financing or acquisition of all or a portion of our business to another company, or other corporate transactions.

Authorised third party: We will provide information about you to any other person who is sufficiently authorised to act on your behalf.

International transfers: We generally do not transfer your personal data out of the UK or European Economic Area (EEA). However, whenever we are required to transfer your personal data out of the UK or EEA (for example where a third party supplier is located outside of the UK/EEA or the accommodation which we have been asked to arrange is located outside of the UK/EEA), we ensure a similar degree of protection is afforded to it by ensuring that appropriate safeguards are implemented, including any of the following:

• We will only transfer your personal data to countries that have been deemed to provide an adequate level of protection for personal data by the UK.

• Where we use certain service providers, we may use specific contracts approved by either the UK government which give personal data the same protection as in the UK.

8 Cookies and Tracking Technologies

We use cookies and similar technologies on our website. These include:

• Essential cookies: required for site functionality

• Performance and analytics cookies: to help us understand how the site is used

• Marketing cookies: where you have consented, to deliver relevant content

We and our third-party partners may collect information using web beacons, cookies, pixel tags, or similar digital marker technologies. These technologies are used in analysing trends, administering the website, tracking users’ movements around the website, and gathering demographic information about our user base as a whole.

You can manage your cookie preferences via our cookie banner or through your browser settings.

Third party websites, plug-ins and apps: Our website may include links to third-party websites, plug-ins and applications. Clicking on those links or enabling those connections may allow third parties to collect or share data about you. We do not control these third-party websites and are not responsible for their privacy statements. When you leave our websites, we encourage you to read the privacy policy of every website you visit.

9 Data Security and Retention

Despite our safeguards and efforts to secure your information, no electronic transmission over the Internet or information storage technology can be guaranteed to be 100% secure, so we cannot promise or guarantee that hackers, cybercriminals, or other unauthorized third parties will not be able to defeat our security and improperly collect, access, steal, or modify your information.

To determine the appropriate retention period for personal data, we consider the amount, nature and sensitivity of the personal data, the potential risk of harm from unauthorised use or disclosure of your personal data, the purposes for which we process your personal data and whether we can achieve those purposes through other means, and the applicable legal, regulatory, tax, accounting or other requirements.

In general terms, we will only retain your personal data for as long as reasonably necessary to fulfil the purposes we collected it for, including for the purposes of satisfying any legal, regulatory, tax, accounting or reporting requirements. We may retain your personal data for a longer period in the event of a complaint or if we reasonably believe there is a prospect of litigation in respect to our relationship with you.

In some circumstances we will anonymise your personal data (so that it can no longer be associated with you) for research or statistical purposes, in which case we may use this information indefinitely without further notice to you.

We keep personal data only as long as necessary:

• Booking Data: typically 3 years after the booking, for legal/accounting reasons.

• Website Data: typically 2 years.

• Marketing Data: until you unsubscribe (and we will retain some basic data for suppression list purposes).

10 Your Rights

             You have the following rights under data protection law:

• Right of access – you have the right to request a copy of your personal information that we process and you are entitled to receive confirmation about whether your personal information is being processed by us;

• Right to rectification – you have the right to request that your personal information is updated where you consider it is inaccurate or incomplete;

• Right to object – you have the right to object to us handling your personal information where we are handling your personal information in certain circumstances;

• Right of erasure – you have the right to ask us to erase your personal information in certain circumstances;

• Right to restriction of processing – you have the right to ask us to restrict the processing of your personal information in certain circumstances; and

• Right to data portability – you have the right to ask that we transfer the personal information to another organisation, or to you, only where we are processing your personal information because you have consented to us using it or where there is a contract in place between us.

For more information on each of those rights, including the circumstances in which they apply, please contact us (see ‘Contact Information' below) or see the Guidance from the UK Information Commissioner’s Office (ICO) on individuals’ rights.

You will not usually have to pay a fee to access your personal data (or to exercise any of the other rights). However, we may charge a reasonable fee if your request is clearly unfounded, repetitive or excessive. Alternatively, we may refuse to comply with your request in these circumstances.

We may need to request specific information from you to help us confirm your identity and ensure your right to access your personal data (or to exercise any of your other rights). This is a security measure to ensure that personal data is not disclosed to any person who has no right to receive it. We may also contact you to ask you for further information in relation to your request to speed up our response.

We may not always be able to comply with your request to exercise your rights for specific legal reasons which will be notified to you, if applicable, at the time of your request.

11 Contact Information

If you have any questions or comments about this policy, the ways in which we collect and use your information described here, your choices and rights regarding such use, or wish to exercise your rights under the applicable law, please do not hesitate to contact us at:

Email: reservations@bonjour-residences.co.uk

Address: 5 South Charlotte Street, EH2 4AN, Edinburgh

12 Information Commissioner's Office

Please contact us if you have any queries or concerns about our use of your personal information (see above ‘Contact Information). We hope we will be able to resolve any issues you may have.

If an individual is not happy with our reply to any complaint or thinks our processing of their personal information doesn’t comply with data protection law, a complaint can be made to the Information Commissioner’s Office (ICO). Just use these details:

Address: Information Commissioner’s Office Wycliffe House Water Lane Wilmslow Cheshire SK9 5AF

Telephone number: 0303 123 1113

Web: Information Commissioner’s Office (ICO): https://ico.org.uk/

13 Updates to this Privacy Notice

This Notice is not contractual and can be updated at any time. If there are any substantial changes to the way we use personal information, we will update this Notice on our website. This Notice was last updated in August 2025.