Nor67 Ltd Privacy Policy

Effective Date: [14/09/2025]
Last Updated: [14/09/2025]

Nor67 Ltd (“we”, “us”, or “our”) is committed to protecting your privacy. This Privacy Policy explains how we collect, use, store, and protect your personal data when you visit our website, make a booking, or otherwise interact with us.

We are the data controller for the purposes of UK data protection law and operate in accordance with the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018.

1. Information We Collect

We may collect and process the following personal data:

a) Information you provide directly

  • Full name

  • Email address

  • Telephone number

  • Postal address

  • Booking details (dates, accommodation type, number of guests, special requests)

  • Payment information (processed securely via third-party providers such as Stripe or InnStyle — we do not store card details)

  • Communication preferences and correspondence with us

b) Information we collect automatically

  • IP address

  • Browser type and device information

  • Website usage data (pages visited, time on site, referral source)

  • Cookies and similar technologies (see our Cookies Policy)

2. How We Use Your Personal Data

We use your personal data to:

  • Manage and confirm bookings

  • Communicate with you before, during, and after your stay

  • Respond to enquiries and customer service requests

  • Process payments and security deposits

  • Send essential service and stay-related information

  • Improve our website, services, and guest experience

  • Comply with legal and regulatory obligations

3. Legal Basis for Processing

We only process personal data where we have a lawful basis to do so, including:

  • Contractual necessity – to fulfil a booking or respond to a pre-contractual request

  • Legal obligation – where required to comply with laws or regulations

  • Legitimate interests – for internal administration, fraud prevention, security, and customer service

  • Consent – where you have explicitly agreed (for example, to receive marketing communications)

4. Sharing Your Personal Data

We may share your data with:

  • Service providers (such as booking systems, payment processors, IT and email platforms) who help us operate our business

  • Third-party contractors who perform services on our behalf or where you have requested we share your information

  • Legal or regulatory authorities where required by law or to protect our legal rights

We never sell or rent your personal data to third parties.

All third parties are required to keep your data secure and confidential.

5. Data Storage and Security

We take appropriate technical and organisational measures to protect your personal data, including:

  • Encrypted payment processing via secure third-party platforms

  • Restricted access to personal data by authorised personnel only

  • Secure servers and up-to-date software

While we take reasonable steps to protect your data, no method of transmission or storage is completely secure. We encourage you to take appropriate precautions when sharing information online.

6. Data Retention

We retain personal data only for as long as necessary for the purposes for which it was collected, including:

  • Managing and fulfilling bookings

  • Meeting legal, accounting, and tax obligations

  • Handling enquiries or potential disputes

Records are typically retained for up to six years, after which data is securely deleted or anonymised.

7. Your Data Protection Rights

Under UK data protection law, you have the right to:

  • Access – request a copy of the personal data we hold about you

  • Rectification – request correction of inaccurate or incomplete data

  • Erasure – request deletion of your data (subject to legal requirements)

  • Restrict processing – request limits on how your data is used

  • Data portability – request transfer of your data to another provider

  • Object – to the use of your data for direct marketing or certain other purposes

  • Withdraw consent – where processing is based on your consent

To exercise any of these rights, please contact us at: hello@nor67.com

You also have the right to lodge a complaint with the Information Commissioner’s Office (ICO) at www.ico.org.uk.

8. Cookies

Our website uses cookies to improve functionality and user experience. For more information, please see our Cookies Policy.

9. Changes to This Policy

We may update this Privacy Policy from time to time. Any changes will be published on our website, and the “last updated” date will be revised accordingly.

10. Contact Us

If you have any questions about this Privacy Policy or how we handle your personal data, please contact: hello@nor67.com