Terms and Conditions and Privacy Notice

Terms and Conditions

Cancellation Policy - Please inform us 48 hours before your reservation should you wish to cancel or change the number of guests within your party. There is a fixed charge of £75 per person for any dinner reservation and £42 per person for any Sunday lunch reservation.. The relevant charge will be debited from your credit/debit card within 48 hours should you fail to inform us of a cancellation or change. If we re-sell your table to another party, a full refund will be given. We respectfully advise our customers that in most cases we will no longer accept Covid-19 as a valid reason for cancelling.

The cancellation policy for special menus, events and the festive season is seven days and fixed charges will be the price of the respective menu.

Health and Safety - We have taken enhanced health and safety measures to protect you, our team and all guests of Linthwaite House Hotel. However, as with any public area, there is an inherent risk of exposure to Covid-19, and there may be instances where you, other guests or staff may not be able to adhere to social distancing guidelines. During these times we ask you to please use your discretion to ensure everyone’s safety. Please note that we reserve the right to refuse service or admission to any guest/s who are not adhering to safety measures as set out by the UK legislator or ourselves and any guest/s that we deem are increasing the risk of exposure by their actions. Linthwaite House Hotel will take every necessary precaution to minimise the risk of exposure or transmission. The guest/s agree that neither the hotel operator, its owner, its agents or its employees shall be liable for any illness or damages suffered by the guest/s due to COVID-19 and/or the act or omission (gross or otherwise) by the hotel operator, its owner, its agents or its employees or due to any reason out of the control of the hotel operator, its owner, its agents or its employees relating to Covid-19. Furthermore, the guest/s indemnify the hotel operator, its owners, its agents and its employees against any claim instituted against these parties by any third party arising out of any form of exposure or transmission at Linthwaite House Hotel.

Damage - Whilst you and/or your guests are occupying the property of Linthwaite House, you should make every effort to safeguard the existing fixtures, fittings and decorations. Any damage caused shall be restored by The Hotel, and the cost incurred will be recharged to you. In the case of damage by bio-hazardous materials, any damage caused by your pets, or if professional cleaning is unsatisfactory, the client will be liable for replacement of the item damaged.

Privacy Notice

This Privacy Notice explains in detail the types of personal data we may collect about you when you interact with us. It also explains how we’ll store and handle that data, and keep it safe.

We know that there’s a lot of information here but we want you to be fully informed about your rights, and how the UMBEL Restaurant Group use your data.

We hope the following sections will answer any questions you have but if not, please do get in touch with us.

It’s likely that we’ll need to update this Privacy Notice from time to time. We’ll notify you of any significant changes, but you are welcome to come back and check it whenever you wish.

1. Who are the UMBEL Restaurant Group?

The UMBEL Restaurant Group own, partner and manage restaurants across the UK. The Group comprises of the following operating companies:

L’Enclume

L’Enclume House

Aulis

Aulis London

Henrock

Rogan & Co

Roganic

Our Farm

The Shop

The business is based at Cavendish Street, Cartmel, Cumbria, LA11 6PZ

2. Explaining the legal basis we rely on

The law on data protection sets out six ways which a company may collect and process your personal data, having analysed our customer database and business model we have assessed that Legitimate Interest is the primary basis. The UMBEL Restaurant Group uses Legitimate Interest as the primary legal basis for processing personal data.

3. When do we collect your personal data?

Personal data is collected for the following business activities:

Making table bookings in any of the restaurants Registering on a waiting list Making room bookings Purchasing gift vouchers. Sales in the shop In the recruitment process

4. What sort of personal data do we collect?

The personal data we collect is limited to the level we need to deliver our services and is made up of the following across the group:

Name Email address Phone number Postal address

5. How and why do we use your personal data?

Your personal data is used to book a table, reserve a room, purchase a gift voucher or plan a break and any data collected is only used to administer and deliver the services.

To manage table bookings To manage room bookings To process gift voucher sales To process sales in the shop To manage the recruitment process across the group To respond to your queries and complaints To keep you updated on news and offers To send you communications required by law or which are necessary to inform you about our changes to the services we provide you. For example, updates to this Privacy Notice To comply with our contractual or legal obligations to share data with law enforcement Of course, you are free to opt out at any time.

6. How we protect your personal data

We use well established software to support our business and all software companies used have provided us with their GDPR Privacy Policy

An example would be our communications which is managed using the Microsoft Office 365 which has an updated Privacy Amendment which can be viewed here

The other main systems in use by the group include the following:

Res Diary – Privacy Notice

I Hotel / Vertical Booking – Privacy Notice

Fourth People Systems – Privacy Notice

Paperchase accountants – Privacy Notice

Stripe payment gateway – Privacy Notice

In addition, we have internal processes for any employees or associates which clearly states their terms of reference and how personal data will be used.

7. How long will we keep your personal data?

Whenever we collect or process your personal data, we’ll only keep it for as long as is necessary for the purpose for which it was collected.

At the end of that retention period, your data will either be deleted completely or anonymised, for example by aggregation with other data so that it can be used in a non-identifiable way for statistical analysis and business planning.

8. Who do we share your personal data with?

Your personal data is only used to deliver the services described in section 5.

9. Where your personal data may be processed

The systems in place with the group are primarily UK based so data stays within the EEA.

Protecting your data outside the EEA

The EEA includes all EU Member countries as well as Iceland, Liechtenstein and Norway.

We may transfer personal data that we collect from you to third-party data processors in countries that are outside the EEA such as Australia or the USA. This will only be done using the technology solutions highlighted in section 6.

If we do this, we have procedures in place to ensure your data receives the same protection as if it were being processed inside the EEA. For example, our contracts with third parties stipulate the standards they must follow at all times. Any transfer of your personal data will follow applicable laws and we will treat the information under the guiding principles of this Privacy Notice.

10. What are your rights over your personal data?

The GDPR provides the following rights for individuals:

The right to be informed The right of access The right to rectification The right to erasure The right to restrict processing The right to data portability The right to object Rights in relation to automated decision making and profiling Where any subject access request is made there is a requirement to prove identity before any information is divulged. This may involve physical presence with accompanying ID.

Where a request to “Be forgotten “is made that can only be complied with if there are no other legal frameworks that overrule GDPR. Examples would be HMRC, FCA, etc.

11. Links to other websites

This privacy notice does not cover the links within this site linking to other websites. We encourage you to read the privacy statements on the other websites you visit.

12. Regulation changes and remedial actions

The GDPR is live on 25th May 2108 and the UK Data Privacy Bill gained Royal Ascent on 23rd May 2108. Therefore, this Notice is based on the regulations as they exist with a review process set up to make any adjustments required to become and stay compliant.

In the event of any changes or processes which need remedial action the review procedure will capture those issues and remedy them.

13. Contacting the Regulator

If you feel that your data has not been handled correctly, or you are unhappy with our response to any requests you have made to us regarding the use of your personal data, you have the right to lodge a complaint with the Information Commissioner’s Office.

You can contact them by calling 0303 123 1113.

Or go online to www.ico.org.uk/concerns (opens in a new window; please note we can't be responsible for the content of external websites)

If you are based outside the UK, you have the right to lodge your complaint with the relevant data protection regulator in your country of residence. Details can be found in Section 16.