Menu
Gift Vouchers Book Now
Menu
Book Your Stay
contact

Privacy Policy


1. Important Information and Who We Are
Purpose of This Privacy Policy
Northern Touch Ltd respects your privacy and is committed to protecting your personal data. This privacy policy explains how we collect, use, store and protect your personal data when you interact with us, and informs you of your rights under UK data protection law and how the law protects you.

This policy applies to customers, website users, guests, event attendees, suppliers, business contacts and other individuals whose personal data we process.

Our website and services are not intended for children, and we do not knowingly collect personal data relating to children.

This privacy policy should be read alongside any other privacy notices we may provide on specific occasions, including notices on our hotel, spa or activity microsites, and our separate Employee and Worker Privacy Policy.

 
Controller
Northern Touch Ltd is a limited company that owns and operates a hotel in the United Kingdom. “Ashdale Hotels” is the trading name used for the operation of this hotel.

Northern Touch Ltd is the data controller and is responsible for your personal data (referred to as “we”, “us” or “our” in this policy).

 
Contact Details
If you have any questions about this privacy policy or wish to exercise your legal rights, please contact us:

Legal entity: Northern Touch Ltd
Contact person: Mr Martin Wicks
Email: martinwicks@ashdalehotels.com
Postal address: Hazlewood Castle, Paradise Lane, Hazlewood, Leeds, LS24 9NJ
Telephone: 01937 53 53 53

You have the right to make a complaint at any time to the Information Commissioner’s Office (ICO), the UK supervisory authority for data protection (www.ico.org.uk). We would appreciate the opportunity to address your concerns before you contact the ICO.

 
Changes to This Policy
This privacy policy was last updated on 20 January 2026.
We may update this policy from time to time. Any changes will be published on our website, and where appropriate we will notify you directly.

It is important that the personal data we hold about you is accurate and up to date. Please inform us if your personal data changes.

 
2. The Personal Data We Collect About You
Personal data means any information that identifies you as an individual. We may collect, use, store and transfer the following categories of personal data:

Categories of Personal Data
Identity Data: name, title, date of birth, gender, identification documents where required (e.g. passport details for booking or legal compliance).
Contact Data: postal address, email address, telephone numbers.
Financial Data: bank account details, payment card details.
Transaction Data: bookings, purchases, payments, special requests, preferences, voice recordings (e.g. customer service calls).
Technical Data: IP address, browser type and version, device information, operating system, time zone, location data.
Usage Data: information about how you use our website and services.
Profile Data: preferences, feedback, survey responses.
Marketing and Communications Data: your preferences for receiving marketing communications.
Health and Accessibility Data: information about allergies, medical conditions or accessibility requirements relevant to your stay, spa treatments, dining or events.
HR Data: where applicable, information collected during recruitment or employment (covered by a separate HR Privacy Policy).
 
Special Category Data
We may process special category personal data (such as health information) where it is necessary to:

  • fulfil your booking or service request,
  • protect your vital interests,
  • comply with legal obligations, or
  • provide appropriate care, accessibility or safety measures.We process special category data only where permitted by law and with appropriate safeguards in place.

 
If You Fail to Provide Personal Data
Where we need personal data to perform a contract with you or comply with legal obligations, and you do not provide that data, we may be unable to provide our services or may need to cancel a booking or arrangement. We will inform you if this is the case.

 
3. How We Collect Your Personal Data
We collect personal data through the following methods:

Direct Interactions
You may provide personal data when you:

  • make enquiries or bookings,
  • stay at our hotel or attend events,
  • use our spa, restaurant or facilities,
  • communicate with us by phone, email, post or online forms,
  • subscribe to marketing communications,
  • enter competitions or surveys,
  • provide feedback or make complaints.
  • Automated Technologies
  • When you use our website, we automatically collect technical and usage data through cookies and similar technologies. Please see our Cookie Policy for details.

Third Parties
We may receive personal data from:

booking platforms and travel agents (e.g. Expedia, Booking.com),
payment providers,
analytics and advertising providers,
suppliers and service partners,
public sources such as Companies House.
 
4. How We Use Your Personal Data and Lawful Bases
We only use your personal data where the law allows us to do so. The main lawful bases we rely on are:

Performance of a contract: to manage bookings, stays, events and payments.
Legitimate interests: to operate and improve our business, manage relationships, prevent fraud and ensure security.
Legal obligation: to comply with tax, accounting, health and safety and regulatory requirements.
Consent: for marketing communications and non-essential cookies.
Vital interests: to protect your health or safety in an emergency.
 
5. Marketing and Communications
We may send you marketing communications where:

you have consented, or
you are an existing customer and we are permitted to do so under electronic marketing laws.
You can opt out of marketing at any time by:

clicking the unsubscribe link in emails, or
contacting us at info@ashdalehotels.com.
We do not sell your personal data to third parties.

 
6. Cookies
We use cookies and similar technologies to operate our website and improve your experience.

Essential cookies are required for the website to function.
Non-essential cookies (such as analytics and marketing cookies) are only used with your consent.
You can manage your cookie preferences at any time via our cookie banner or browser settings. For more information, please see our Cookie Policy.

 
7. Disclosures of Your Personal Data
We may share your personal data with:

service providers acting on our instructions,
professional advisers (lawyers, accountants, insurers),
regulatory authorities and public bodies where required by law,
third parties involved in a business transfer or restructuring.
All third parties are required to protect your personal data and use it only for specified purposes.

 
8. International Transfers
Where personal data is transferred outside the UK, we ensure appropriate safeguards are in place, such as adequacy regulations or approved contractual clauses.

 
9. Data Security
We use appropriate technical and organisational measures to protect your personal data, including encryption, access controls and secure systems.

We have procedures in place to deal with suspected data breaches and will notify you and the ICO where legally required.

 
10. Data Retention
We retain personal data only for as long as necessary for the purposes for which it was collected, including legal, accounting and tax requirements.

Typical retention periods include:

Booking and transaction data: up to 7 years after your last interaction.
Marketing data: until you withdraw consent or opt out.
Health and accessibility data: deleted shortly after your stay unless legally required to retain it.
In some cases, we may anonymise data for statistical or research purposes.

 
11. Your Legal Rights
You have rights under UK data protection law, including the right to:

access your personal data,
request correction or erasure,
object to processing,
restrict processing,
request data portability,
withdraw consent at any time.
To exercise your rights, please contact us using the details above. We usually respond within one month.

 
12. Glossary
UK GDPR: United Kingdom General Data Protection Regulation.
Controller: The organisation that decides how and why personal data is processed.
Personal Data: Information that identifies an individual.

new-wedding
hitched
Top Rated Wedding venue in North Yorkshire
tripadvisor
Bridebook, Hazlewood Castle