COOKIES & PRIVACY

Barons Eden Limited (“Barons Eden”) understands that your privacy is important to you and that you care about how your personal data is used and shared online. We respect and value the privacy of everyone who visits this website, baronseden.com (“Our Site”), and will only collect and use personal data in ways that are described here, and in a manner consistent with Our obligations and your rights under the law.
Please read this Privacy Policy carefully and ensure that you understand it. You will be required to read and accept this Privacy Policy when signing up for an Account. If you do not accept and agree with this Privacy Policy, you must stop using Our Site immediately.

In this Policy, the following terms shall have the following meanings:

• “Account” | an account required to access and/or use certain areas and features of Our Site;
• “Cookie” | a small text file placed on your computer or device by Our Site when you visit certain parts of Our Site and/or use certain features of Our Site. Details of the Cookies used by Our Site are set out in section 13, below;
• “Cookie Law” | the relevant parts of the Privacy and Electronic Communications (EC Directive) Regulations 2003;
• “personal data” | any and all data that relates to an identifiable person who can be directly or indirectly identified from that data. This definition shall, where applicable, incorporate the definitions provided in the EU Regulation 2016/679 – the General Data Protection Regulation (“GDPR”) and the United Kingdom General Data Protection Regulation;
• “We/Us/Our” | means Barons Eden Limited, a limited company registered in England under company number 09121021, whose registered address is Barons Eden – Cotswold Business Village, Genesis House, Unit 7, Moreton-in-Marsh GL56 0JQ.

2.1 Our Site is owned and operated by Barons Eden, a limited company registered in England under company number 09121021, whose registered address is Barons Eden – Cotswold Business Village, Genesis House, Unit 7, Moreton-in-Marsh GL56 0JQ.
2.2 Our VAT number is 186912375.
2.3 Our Data Protection Officer can be contacted by email at gdpr.requests@baronseden.com, by telephone on 01608 670346, or by post at Barons Eden – Cotswold Business Village, Genesis House, Unit 7, Moreton-in-Marsh GL56 0JQ.

This Privacy Policy applies only to your use of Our Site. Our Site may contain links to other websites. Please note that We have no control over how your data is collected, stored, or used by other websites, and We advise you to check the privacy policies of any such websites before providing any data to them.

4.1 As a data subject, you have the following rights under the GDPR, which this Policy and Our use of personal data have been designed to uphold:

• 4.1.1 The right to be informed about Our collection and use of personal data;
• 4.1.2 The right of access to the personal data We hold about you (see section 12);
• 4.1.3 The right to rectification if any personal data We hold about you is inaccurate or incomplete (please contact Us using the details in section 14);
• 4.1.4 The right to be forgotten – i.e., the right to ask us to delete any personal data We hold about you (We only hold your personal data for a limited time, as explained in section 6.6, but if you would like Us to delete it sooner, please contact us using the details in section 14);
• 4.1.5 The right to restrict (i.e., prevent) the processing of your personal data;
• 4.1.6 The right to data portability (obtaining a copy of your personal data to re-use with another service or organisation);
• 4.1.7 The right to object to Us using your personal data for particular purposes, including marketing and profiling;
• 4.1.8 Rights with respect to automated decision-making and profiling;
• 4.1.9 If our processing of your data is based on consent, you have the right to withdraw that consent at any time. Withdrawal of consent will not affect the lawfulness of any processing we carried out prior to withdrawal.

4.2 If you have any cause for complaint about Our use of your personal data, please contact Us using the details provided in section 14, and We will do Our best to solve the problem for you. If We are unable to help, you also have the right to lodge a complaint with the UK’s supervisory authority, the Information Commissioner’s Office.
4.3 For further information about your rights, please contact the Information Commissioner’s Office or your local Citizens Advice Bureau.

Depending upon your use of Our Site, we may collect some or all of the following personal and non-personal data. Each type of data is listed with its lawful basis for collection and its intended use. (Please also see section 13 on Our use of Cookies and similar technologies.)

• Name

  • Lawful Basis: Performance of a contract
  • Purpose: To identify you for account setup, manage your bookings, and personalise communications.

• Date of Birth

  • Lawful Basis: Legitimate interests
  • Purpose: To tailor offers and communications, and verify age where required by law or site use policies.

• Gender

  • Lawful Basis: Legitimate interests
  • Purpose: To personalise marketing communications and for demographic analysis.

• Business/Company Name

  • Lawful Basis: Performance of a contract
  • Purpose: To facilitate B2B interactions, manage business accounts, and process bookings or agreements.

• Job Title

  • Lawful Basis: Legitimate interests
  • Purpose: To personalise interactions with business customers and improve our understanding of our user base.

• Profession

  • Lawful Basis: Legitimate interests
  • Purpose: To better understand our customer demographics and improve service relevance.

• Contact Information (e.g., email addresses and telephone numbers)

  • Lawful Basis: Performance of a contract, Consent (for marketing communications)
  • Purpose: To communicate with you regarding bookings, provide customer support, and (with consent) send marketing materials.

• Demographic Information (e.g., postcode, preferences, and interests)

  • Lawful Basis: Legitimate interests, Consent (for personalised marketing)
  • Purpose: To analyse market trends, improve service offerings, and personalise marketing where consent is provided.

• Financial Information (e.g., credit/debit card numbers)

  • Lawful Basis: Performance of a contract
  • Purpose: To process payments for services and manage transactions securely.

• IP Address

  • Lawful Basis: Legitimate interests
  • Purpose: To ensure website security, monitor usage, and prevent fraud.

• Web Browser Type and Version

  • Lawful Basis: Legitimate interests
  • Purpose: To optimise the website experience for different browsers and support troubleshooting.

• Operating System

  • Lawful Basis: Legitimate interests
  • Purpose: To optimise the website for various operating systems and improve the user experience.

• A List of URLs (starting with a referring site, activity on Our Site, and exit site)

  • Lawful Basis: Legitimate interests
  • Purpose: To understand site navigation patterns, improve site structure, and enhance the user experience.

6.1 All personal data is processed and stored securely, for no longer than is necessary in light of the reason(s) for which it was first collected. We will comply with our obligations and safeguard your rights under the GDPR at all times. For more details on security, see section 7, below.

6.2 Our use of your personal data will always have a lawful basis, which may include one or more of the following:

• Performance of a contract: This includes the processing of data necessary for delivering services you have requested, such as managing your account, personalising experiences, and fulfilling your orders.
• Legitimate interests: Barons Eden’s legitimate interests include improving service quality, managing relationships with customers, conducting marketing and research activities, and securing our systems. Where we rely on legitimate interest, we ensure it does not override your rights or freedoms.
• Consent: Where consent is required, such as for marketing or processing sensitive personal data, we will obtain your explicit consent, which you can withdraw at any time as detailed in section 6.5.

6.3 Specifically, we may use your data for the following purposes:

• Providing and managing your Account;
• Providing and managing your access to Our Site;
• Personalising and tailoring your experience on Our Site;
• Supplying Our products and/or services to you (please note that We require your personal data to enter into a contract with you);
• Personalising and tailoring Our products and/or services for you;
• Replying to emails from you;
• Supplying you with emails that you have opted into (you may unsubscribe or opt-out at any time);
• Market research;
• Analysing your use of Our Site and gathering feedback to enable Us to continually improve Our Site and your user experience.

6.4 With your permission and/or where permitted by law, we may also use your data for marketing purposes.

6.5 You have the right to withdraw your consent to Us using your personal data at any time and to request that We delete it.

6.6 We do not keep your personal data for any longer than is necessary in light of the reason(s) for which it was first collected. Data will therefore be retained for the following periods (or its retention will be determined based on the following criteria):

• Your data will be held on our system for 12 months. Should you wish for your information to be removed at any point during this period, a request must be submitted.

6.7 Some personal data is essential to enable Us to fulfil our contractual obligations (e.g., account management, service provision). Failure to provide this required information may prevent Us from fulfilling these obligations. You will be informed if certain data is mandatory at the point of collection.

7.1 We only keep your personal data for as long as we need to in order to use it as described above in section 6, and/or for as long as we have your permission to keep it.
7.2 Your data will be held securely in a database that follows strict Data Protection Guidelines.
7.3 Data security is very important to Us, and to protect your data We have taken suitable measures to safeguard and secure data collected through Our Site.

8.1 We may share your data with other companies within our Group, including Hoar Cross Hall Limited and Eden Hall Day Spa Limited, for operational, marketing, and customer relationship management purposes.

8.2 We may also disclose data to professional advisors, service providers, or regulatory bodies, as required by law.

8.3 Analytics and Limited Data Sharing:

• For internal analytics purposes, we may share limited, non-personally identifiable data with third-party analytics providers such as Google and Meta (Facebook). This helps us understand user interaction with Our Site, improve functionality, and refine our services. Data shared with these providers is anonymised wherever possible and used solely for Barons Eden’s internal analysis.

8.4 International Transfers: Where data transfers outside the UK/EEA are necessary, we will ensure adequate safeguards are in place to protect your personal data in compliance with UK GDPR standards.

9.1 We may, from time to time, expand or reduce Our business and this may involve the sale and/or the transfer of control of all or part of Our business. Any personal data that you have provided will, where it is relevant to any part of Our business that is being transferred, be transferred along with that part and the new owner or newly controlling party will, under the terms of this Privacy Policy, be permitted to use that data only for the same purposes for which it was originally collected by Us.

10.1 Under the GDPR, you have several rights regarding the control of your personal data. When you submit personal data via Our Site, you may be given options to restrict Our use of your data, and you are entitled to exercise the following rights:

• Right to Access: You may request access to any personal data we hold about you (see Section 12 for access instructions).
• Right to Rectification: You have the right to ask us to correct any inaccuracies or incomplete information in the personal data we hold about you.
• Right to Erasure (Right to Be Forgotten): You may request that we delete any personal data we hold about you, subject to certain exceptions (e.g., where retention is required by law or to fulfil contractual obligations).
• Right to Restrict Processing: You can request that we restrict how we process your data under certain circumstances, such as when you dispute data accuracy or object to processing.
• Right to Data Portability: You have the right to request a copy of your personal data in a structured, commonly used, and machine-readable format, and to have that data transferred to another data controller where feasible.
• Right to Object: You can object to our processing of your personal data where we rely on legitimate interests or where data is processed for direct marketing.
• Right to Withdraw Consent: If we rely on your consent to process your personal data, you may withdraw that consent at any time, which will not affect the lawfulness of processing carried out before withdrawal.
• Rights Related to Automated Decision-Making: You have rights concerning any automated decision-making and profiling, where applicable.

10.2 Making a Complaint: If you have concerns about how we handle your personal data, please contact us using the details provided in Section 14. If you are not satisfied with our response, you have the right to lodge a complaint with the UK’s supervisory authority, the Information Commissioner’s Office (ICO). For more information, please contact the ICO or visit their website at www.ico.org.uk.

10.3 You may also wish to sign up to one or more of the preference services operating in the UK: The Telephone Preference Service (“the TPS”), the Corporate Telephone Preference Service (“the CTPS”), and the Mailing Preference Service (“the MPS”). These may help to prevent you receiving unsolicited marketing. Please note, however, that these services will not prevent you from receiving marketing communications that you have consented to receive.

You may access [certain areas of] Our Site without providing any data at all. You may restrict Our use of Cookies. For more information, see section 13.

You have the right to ask for a copy of any of your personal data held by Us (where such data is held). Under the GDPR, no fee is payable, and we will provide any and all information in response to your request free of charge. To request access to your data, you may contact us:

• By Email: gdpr.requests@baronseden.com
• By Post: Data Protection Officer, Barons Eden, Cotswold Business Village, Genesis House, Unit 7, Moreton-in-Marsh GL56 0JQ

For more details, please see Section 14 for additional contact options.

Our Site may place and access certain first-party Cookies on your computer or device. First party Cookies are those placed directly by Us and are used only by Us. We use Cookies to facilitate and improve your experience of Our Site and to provide and improve Our products AND/OR services. By using Our Site, you may also receive certain third-party Cookies on your computer or device. Third-party Cookies are those placed by websites, services, and/or parties other than Us. Third-party Cookies are used on Our Site for e-commerce, managing your online account and how you use our website. In addition, Our Site uses analytics services provided by Google Analytics, which also use Cookies. Website analytics refers to a set of tools used to collect and analyse usage statistics, enabling us to better understand how people use Our Site. For more details, please refer to Our Cookie Policy.

How can I control cookies?

You have the right to decide whether to accept or reject cookies. You can exercise your cookie rights by setting your preferences in the Cookie Consent Manager. The Cookie Consent Manager allows you to select which categories of cookies you accept or reject. Essential cookies cannot be rejected as they are strictly necessary to provide you with services.

The Cookie Consent Manager can be found in the notification banner and on our website. If you choose to reject cookies, you may still use our website though your access to some functionality and areas of our website may be restricted. You may also set or amend your web browser controls to accept or refuse cookies.

The specific types of first- and third-party cookies served through our Website and the purposes they perform are described in the table below (please note that the specific cookies served may vary depending on the specific Online Properties you visit):

Essential website cookies:

These cookies are strictly necessary to provide you with services available through our Website and to use some of its features, such as access to secure areas.

Performance and functionality cookies:

These cookies are used to enhance the performance and functionality of our Website but are non-essential to their use. However, without these cookies, certain functionality (like videos) may become unavailable.

Analytics and customization cookies:

These cookies collect information that is used either in aggregate form to help us understand how our Website is being used or how effective our marketing campaigns are, or to help us customize our Website for you.

Unclassified cookies:

These are cookies that have not yet been categorized. We are in the process of classifying these cookies with the help of their providers.

If you have any questions about Our Site or this Privacy Policy, please contact us by email at gdpr.requests@baronseden.com, by telephone on 01608 670346, or by post: Data Protection Officer, Barons Eden, Cotswold Business Village, Genesis House, Unit 7, Moreton-in-Marsh GL56 0JQ

We may change this Privacy Policy from time to time (for example, if the law changes). Any changes will be immediately posted on Our Site.

We often reach out to guests, both past and present, via our social media, to ask if we can feature their content on our own social media channels (the “Hoar Cross Hall social media channels”).  

By providing you with the opportunity to feature your content on our social media channels and by responding with the required hashtag (#YesHoarCrossHall, including variants for spelling mistakes, grammatical differences, or similar) or a similar response (such as “yes”, “thank you” or similar, or by ‘liking’ our comment asking for permission to feature your content) you agree: 

• We can use your content and username handle on any of the Hoar Cross Hall social media channels (including, but not limited to Facebook and Instagram) 

• We can edit, crop, adapt, or modify the content (that is respectful of and not derogatory of the content in relation to its original format) 

All posts and content tagged with #hoarcrosshall (the Hoar Cross Hall hashtag) and/or @hoarcrosshall (the Hoar Cross Hall handle), or used on the Hoar Cross Hall channels, including without limitation, your name, biographical information and all other names, usernames, pseudonyms, text, likenesses, graphics, logos, marks, images, photographs, code, videos, clips, GIFs, moving images and all other information and material shall be referred to in this policy as "UGC”. 

1. You hereby grant to Hoar Cross Hall (part of the Barons Eden group) a worldwide, perpetual, irrevocable (subject to your rights at paragraph 5), non-exclusive, assignable, royalty-free licence and all necessary permissions and/or consents required (with full right to sub-license) to use, reproduce, exploit, publish, modify and alter your UGC including, without limitation, the right to adapt, alter, amend or change your UGC. 

2. Any UGC you provide will be considered non-confidential and non-proprietary. 

3. You hereby warrant and represent that: 

1. you own all rights in the UGC; 

2. if your UGC contains any material that is not owned by or licensed to you or which is subject to third party rights, you are responsible for obtaining, prior to our use of your UGC, all releases, consents and/or licenses necessary to permit our use of your UGC. 

3. you have obtained permission from any person(s) identifiable in the UGC to grant the rights specified in this policy, or where those person(s) are aged 18 years or under, you either: 

1. are the parent or legal guardian of such identified person(s); or 

2. have obtained the express consent from a parent or legal guardian of such identified person(s) to their appearance in the UGC and to you submitting the UGC to the Hoar Cross Hall Channels; 

4. your UGC (including its use, publication and/or exploitation by us) shall not: 

1. infringe the copyrights or database rights, trademarks, rights of privacy, publicity or other intellectual property or other rights of any other person or entity; 

2. be abusive, offensive or contain otherwise inappropriate language; 

3. contain remarks that repeat criminal accusations, false, defamatory or misleading statements; 

4. contain profanity, blasphemy, spiteful, racist, sexually explicit, sexually gratuitous or discriminatory comments or content that might be considered to be harassment, abuse or threats against the personal safety or property of others; 

5. contain material which impersonates others or personal information about anyone, including yourself, such as phone numbers, postal addresses or credit card numbers; 

6. breach any legal or fiduciary duty owed to a third party, such as a contractual duty or a duty of confidence; 

7. contain any malicious code, such as viruses, worms, Trojan horses or other potentially harmful programmes, codes or material; and 

8. violate any other applicable law, statute, ordinance, rule or regulation. 

4. You hereby waive and shall procure the waiver of any moral rights in the UGC under Chapter IV of Part I of the Copyright Designs and Patents Act 1988 or any similar provisions of law in any jurisdiction. 

5. You reserve the right to reverse your decision to allow us to use your UGC at any time from the initial point of agreement. 

6. You give us the right to use the UGC on the Hoar Cross Hall channels at any time that we choose, for any purpose, including to advertise our brand, services, and products. Publication of your UGC will be at our sole discretion and we are entitled to make additions or deletions to your UGC prior to publication, after publication or to refuse publication. 

7. You are not entitled to any fee, financial reward or other incentives if we use your UGC on any of the Hoar Cross Hall channels or in-store advertising. 

8. You understand that the personal data that we collect from the UGC will be treated in accordance with our Privacy Policy (which can be found here) and the terms of this policy. 

9. Hoar Cross Hall is not liable for any UGC or its use. You shall indemnify and hold us harmless and any person acting our behalf from any and all claims, demands, costs, liabilities, damages and expenses (including reasonable legal fees) which we may incur in connection with the use of your UGC. 

10. We reserve the right to amend and update this policy at any time, so please check back here when you tag or upload UGC. 

We often reach out to guests, both past and present, via our social media, to ask if we can feature their content on our own social media channels (the “Eden Hall social media channels”).  

By providing you with the opportunity to feature your content on our social media channels and by responding with the required hashtag (#YesEdenHall, including variants for spelling mistakes, grammatical differences, or similar) or a similar response (such as “yes”, “thank you” or similar, or by ‘liking’ our comment asking for permission to feature your content) you agree: 

• We can use your content and username handle on any of the Eden Hall social media channels (including, but not limited to Facebook and Instagram) 

• We can edit, crop, adapt, or modify the content (that is respectful of and not derogatory of the content in relation to its original format) 

All posts and content tagged with #edenhallspa (the Eden Hall hashtag) and/or @edenspanotts (the Eden Hall handle), or used on the Eden Hall channels, including without limitation, your name, biographical information and all other names, usernames, pseudonyms, text, likenesses, graphics, logos, marks, images, photographs, code, videos, clips, GIFs, moving images and all other information and material shall be referred to in this policy as "UGC”. 

1. You hereby grant to Eden Hall (part of the Barons Eden group) a worldwide, perpetual, irrevocable (subject to your rights at paragraph 5), non-exclusive, assignable, royalty-free licence and all necessary permissions and/or consents required (with full right to sub-license) to use, reproduce, exploit, publish, modify and alter your UGC including, without limitation, the right to adapt, alter, amend or change your UGC. 

2. Any UGC you provide will be considered non-confidential and non-proprietary. 

3. You hereby warrant and represent that: 

1. you own all rights in the UGC; 

2. if your UGC contains any material that is not owned by or licensed to you or which is subject to third party rights, you are responsible for obtaining, prior to our use of your UGC, all releases, consents and/or licenses necessary to permit our use of your UGC. 

3. you have obtained permission from any person(s) identifiable in the UGC to grant the rights specified in this policy, or where those person(s) are aged 18 years or under, you either: 

1. are the parent or legal guardian of such identified person(s); or 

2. have obtained the express consent from a parent or legal guardian of such identified person(s) to their appearance in the UGC and to you submitting the UGC to the Eden Hall Channels; 

4. your UGC (including its use, publication and/or exploitation by us) shall not: 

1. infringe the copyrights or database rights, trademarks, rights of privacy, publicity or other intellectual property or other rights of any other person or entity; 

2. be abusive, offensive or contain otherwise inappropriate language; 

3. contain remarks that repeat criminal accusations, false, defamatory or misleading statements; 

4. contain profanity, blasphemy, spiteful, racist, sexually explicit, sexually gratuitous or discriminatory comments or content that might be considered to be harassment, abuse or threats against the personal safety or property of others; 

5. contain material which impersonates others or personal information about anyone, including yourself, such as phone numbers, postal addresses or credit card numbers; 

6. breach any legal or fiduciary duty owed to a third party, such as a contractual duty or a duty of confidence; 

7. contain any malicious code, such as viruses, worms, Trojan horses or other potentially harmful programmes, codes or material; and 

8. violate any other applicable law, statute, ordinance, rule or regulation. 

4. You hereby waive and shall procure the waiver of any moral rights in the UGC under Chapter IV of Part I of the Copyright Designs and Patents Act 1988 or any similar provisions of law in any jurisdiction. 

5. You reserve the right to reverse your decision to allow us to use your UGC at any time from the initial point of agreement. 

6. You give us the right to use the UGC on the Eden Hall channels at any time that we choose, for any purpose, including to advertise our brand, services, and products. Publication of your UGC will be at our sole discretion and we are entitled to make additions or deletions to your UGC prior to publication, after publication or to refuse publication. 

7. You are not entitled to any fee, financial reward or other incentives if we use your UGC on any of the Eden Hall channels or in-store advertising. 

8. You understand that the personal data that we collect from the UGC will be treated in accordance with our Privacy Policy (which can be found here) and the terms of this policy. 

9. Eden Hall is not liable for any UGC or its use. You shall indemnify and hold us harmless and any person acting our behalf from any and all claims, demands, costs, liabilities, damages and expenses (including reasonable legal fees) which we may incur in connection with the use of your UGC. 

10. We reserve the right to amend and update this policy at any time, so please check back here when you tag or upload UGC.