Privacy Policy and Data Protection Regulation documents (GDPR)

The historic Matfield House welcomes visitors (the "Service") and is the controller and responsible for your personal data.

This page provides an overview of how we collect, manage, use and protect the personal data we receive or obtain about you and your relationship with us.

We use your Personal Information for providing and improving the Service, and by using the Service, you agree to the collection and use of information in accordance with this policy.

Who are we?

Matfield House
Mr J.W.P. and Dr S.E. Garthwaite
Matfield House
The Green
Matfield
Tonbridge
TN12 7JT

What data do we collect about you?

We generally collect data that you provide to us directly, but we may also collect data from third parties such as:

The data we collect and for what purpose will depend on who you are, the nature of the relationship that you have with us and the legal requirements concerning public openings. This may include:

  • Other information that you provide to us voluntarily. This could include details such as special accommodation requirements.
  • For what purposes do we use data about you, and on what legal basis?

    Throughout the duration of our relationship with you, we may use data about you for the following purposes:

  • To communicate with you performance of a contract to which you are a party:
  • To send you marketing communications:
  • To create and manage records of your involvement with us:
  • To comply with our legal and regulatory obligations
  • To record the names and number of people visiting our property at any one time
  • To defend our legal rights in the event of a claim or dispute.
  • The data will generally be collected directly from you, although the means of collection will depend on the type of data that is being recorded.
  • We have a legitimate business interest to use your data where necessary to defend any claims that are made against us.
  • To share your data with relevant third parties
  • We may use data analytics to improve our website, products/services, marketing, customer relationships and experiences.
  • We will generally collect contact details directly from you. This may be, for instance, you sending us an email, letter or providing us with a business card.
  • A legitimate business interest that is not overridden by your interests, rights and freedoms which require protection.
  • It is our legitimate business interest to share your data with third parties who provide us with services relevant to our provision of the website and other services. Whenever we share your data with third parties then we look to put in place contractual protections to govern how your data is used.
  • Where we do not base our use of data about you on one of the above legal bases, we will ask for your consent before we process the data (these cases will be clear from the context). In these circumstances we will provide specific information to you about both the relevant processing activities and your rights in relation to them.

    In some instances, we may use data about you in ways that are not described above. Where this is the case, we will provide a supplemental privacy notice that explains such use. You should read any supplemental notice in conjunction with this notice.

    Where none of the above conditions apply, we will ask for your consent to process the data.

    Information we provide

  • We provide individuals with privacy information at the time we collect their personal data from them.
  • If we obtain personal data from a source other than the individual it relates to, we provide them with privacy information:
  • We provide the information in a way that is:
  • We regularly review and, where necessary, update our privacy information.
  • If we plan to use personal data for a new purpose, we update our privacy information and communicate the changes to individuals before starting any new processing.
  • We undertake an information audit to find out what personal data we hold and what we do with it.
  • We put ourselves in the position of the people we’re collecting information about.
  • We carry out user testing to evaluate how effective our privacy information is.
  • Best practice – when delivering our privacy information to individuals, we use a combination of appropriate techniques, such as:
  • Your individual rights as data subjects

  • Where applicable, the right to withdraw consent.
  • Right to the source of the personal data (if the personal data is not obtained from the individual it relates to).
  • Right of access: individuals have a right to know what information on you we are holding and why we are holding it, we will respond within 40 days stating:
  • Right to compensation: any individual who suffers damage or distress as a result of a contravention of the Act by us is entitled to seek compensation from us if we did not take reasonable care to comply.
  • Right to lodge a complaint with a supervisory authority.
  • Note: You will not have to pay a fee to access your personal data (or to exercise any of the other rights). However, we may charge a reasonable fee if your request is clearly unfounded, repetitive or excessive. Alternatively, we may refuse to comply with your request in these circumstances. We have the right to require reasonable proof of identity from a person asking to exercise these rights.

    Contact Us

    If you have any questions about this Privacy Policy, including any requests to exercise your legal rights, please contact us using the email address link on this website.

    You have the right to make a complaint at any time to the Information Commissioner's Office (ICO), the UK supervisory authority for data protection issues (www.ico.org.uk). We would, however, appreciate the chance to deal with your concerns before you approach the ICO so please contact us in the first instance.

    Last updated: 24 May 2018