top of page

Privacy Policy

1. Introduction

Sherborne Lodge (“we”, “us”, “our”) is a luxury self‑catering holiday cottage located on the Compton Castle estate in Somerset/Dorset. We respect your privacy and comply with UK GDPR when you visit our website, make a booking, or contact us.

2. Data Controller & Contact

Sherborne Lodge
Compton Castle Estate, near Sherborne, Dorset/Somerset border 
 

3. Personal Data Collected

  • Booking & enquiry forms: name, email, telephone, guest details, dates of stay, and any optional special requests (e.g. importance of views, access needs)

  • Communications: via email, phone, or message through the booking platform

  • Website analytics: anonymised IP address, browser/device type, pages viewed, session length—tracked only using essential and performance cookies (no advertising or profiling cookies are active)

4. How We Use Your Data

We use your data to:

  • Process enquiries and secure bookings

  • Send booking confirmations, invoice details, access instructions, and follow‑up acknowledgements

  • Maintain essential booking records for financial, legal, and insurance purposes

  • Analyse and improve the website using anonymised analytics

5. Legal Basis for Processing

  • Contractual necessity: to manage your booking and stay

  • Legitimate interests: to operate and enhance our site and guest experience

  • Consent: for optional follow‑up or promotional contact

  • Legal obligation: to retain records for compliance, insurance, and accounting

6. Data Sharing

We do not sell or rent your data. We may share it with:

  • Service providers (booking platform / email / hosting) under GDPR‑compliant agreements

  • Insurance or regulatory authorities, only if legally required

7. Cookies & Tracking

  • Essential cookies: for site functionality (forms, booking)

  • Performance cookies: anonymised analytics (e.g., Google Analytics) only
    No advertising, profiling, or cross‑site tracking cookies are used

8. Data Retention

  • Booking & guest records: retained for up to 7 years to meet legal and accounting requirements

  • Analytics data: anonymised session logs deleted after 24 months; aggregated metrics retained as needed

9. Your Rights

Under UK GDPR, you have the right to:

  • Access, correct, erase, restrict, or port your personal data

  • Withdraw consent or object to processing
    Contact us via the platform or email for any requests. You also have the right to lodge a complaint with the ICO

10. Security

We rely on SSL encryption, secure UK‑based hosting, and limited staff access. While no system is infallible, we follow industry best practices to protect your data.

11. International Transfers

All data is processed and stored within the UK—no overseas transfers occur.

12. Policy Updates

We may make occasional updates; the Effective Date above will reflect the latest version. Continued use of our website implies acceptance of any updates.

bottom of page