Set in the shadows of Ripon Cathedral, the Old Deanery.
Room with a View

© 2021 – The Old Deanery – All rights reserved

Our Privacy Policy

Who is the data controller?

Deanery Hotels Limited is the data controller.

Registered address:

Deanery Hotels Limited

The Old Deanery Hotel & Restaurant

Minster Road




A Data Protection Officer has not been appointed due to the minimal amount of data stored by the company. Should you have any questions or queries on this privacy policy, please contact Chris Brown (General Manager & Executive Director). T: 01765 600 003 E: chris@theolddeanery.co.uk.


For what purposes are personal data being processed and what is the legal basis for it?

We have a legal obligation to process your data related to payments made to or from the company and for those customers who stay in The Old Deanery Hotel overnight.

We have a legitimate interest for processing your data where our commercial interests are concerned and we are not doing anything you wouldn’t expect or likely to cause you harm. For example, we do not store or process your date of birth.

If none of the above applies to you we will rely on your consent in order to process your data. We will only rely on your consent when processing your data for carrying out direct marketing activities.

We only collect and process the data we need. In all areas of the company, only the minimum amount of data is collected and stored as set out by different UK governing bodies and our internal protocol.


Who is the personal data going to be shared with?

We may share your personal data with the following categories of organisation, or they may have access to your data through:

– Cloud software programs (including, but not limited to: MailChimp & Billetto).

– Analytics & Research Software (including, but not limited to: Google Analytics).

– Companies providing us with professional services, such as web development or consultancy.


Will my data be transferred out of the EU, and if so will it be safe?

We may store and process your data in the United States of America and your data may be processed by Sub processors who may be located anywhere in the World. This includes, but is not limited to: MailChimp, who we operate our email mailing list with. Our processors are all certified under the EU-U.S. Privacy Shield framework to ensure the security of your personal data.


How long is my data going to be held?

If you opt-in to marketing communications via email, we will hold your data indefinitely until you opt-out, after which we will delete your data unless one of the following also applies:

– If you make a purchase with us we will store your data for 6 years after the last sale for tax purposes.

– By visiting the website we will store anonymous data for 50 months before deleting it.


Will I be subject to automatic decision making?

No automatic decision making currently takes place.


What rights do I have in respect of the personal data you hold about me?

Your rights are as follows:

– To have your personal data corrected, restricted or erased.

– To port (transfer) your personal data to another controller.

– To withdraw consent, where consent is our legal basis for processing your personal data.

– To access the personal data held about you.

– To object to processing.


  • Where we have a legal obligation to process your personal data (for example, accounting purposes) you do not have the right to erasure, portability or objection to processing.
  • Where we have a contractual basis for processing your personal data (for example you have booked a wedding at The Old Deanery Hotel) you do not have the right to object, but you do have the right to erasure and portability.
  • Where we have a legitimate interest for processing your data (for example, where our commercial interests are concerned and we are not doing any processing you wouldn’t reasonably expect), you have the right to erasure and to object, but not to portability.
  • Where we have obtained your consent to process your data you do not have the right to object, but you can withdraw your consent at any time and you do have the right to erasure and portability.
  • You always have the right to object to the processing of your personal data for direct marketing, whatever the lawful basis applies.


What happens if I don’t provide my information?

For occasions whereby your information is required due to a legal obligation or on a contractual basis, our services available to you may be restricted. You are able to contact us by phone or email and we will do our best to answer any questions you may have, but we do encourage you to allow us to use your data to better serve you as a customer.


Who can I complain to if I feel my rights are being violated?

We ask that you first please give us the chance to rectify the situation by contacting Chris Brown (General Manager & Executive Director). Of course you are well within your rights to complain to the ICO in the UK should you wish.

Chris Brown

Deanery Hotels Limited

The Old Deanery Hotel & Restaurant

Minster Road



T: 01765 600 003

E: chris@theolddeanery.co.uk


What information do we store and process about you?

We store and process the following information, which varies based upon how you interact with the company:

– Restaurant booking: Name, contact number.

– Hotel booking: Name, (company name), address, email address, contact number.

– Event/wedding booking: Name, (address), email address, contact number.

– Conference booking: Name, (company name), email address, contact number.

– Sales to the company: Company name, address, email address, contact number.

Payment details:

– No significant customer card details are stored internally by the company.

– On our internal hotel booking platform, only the last 4 digits of a customer card and card type used for payment are stored to safeguard against fraudulent transactions.

– When a guest inputs credit card details via an online booking platform for The Old Deanery Hotel, these are stored securely by our booking platform and our staff are only provided with the name on card used, last 4 digits of the card and the card type – no further details are available to our staff, with the sensitive information stored by Eviivo, our hotel booking platform. Eviivo, which is the platform/company that collects this information, enabling us to pre-authorise customer’s cards when applicable, as is standard practice in our industry, is GDPR compliant.


I didn’t give you my personal data, so what is its source and what type of personal data are you processing?

We may have got your data from one of the following sources:

– You previously contacted us via email in regards to a booking or enquiry.

– You have previously visited us in the hotel or restaurant.

Typically we are just processing your name, email address, phone number and occasionally, postal address.

If none of the above apply to you then there is a good chance we have made a mistake, in which case we apologise unreservedly. Please contact Chris Brown at your first convenience who will be happy to rectify this error.


What cookies do you store on my device?

By using this website you are agreeing to the placing of cookies on your computer. Currently we store Google Analytics cookies which is aggregated to provide us with a top level view of our website’s performance and to identify issues, no personal data is stored. We also store cookies which are essential for the operating of this website.


Effective Date: 24/05/18