Privacy Policy
Effective Date: 19 May 2026
Last Updated: 19 May 2026

Welcome to Donnini Apartments (“Donnini”, “we”, “us”, or “our”).

We are committed to protecting and respecting your privacy and handling your personal data transparently and securely.

This Privacy Policy explains how we collect, use, store, disclose, and protect your personal data when you:

  • visit our website;
  • make a booking or enquiry;
  • stay at one of our properties or hotels;
  • contact us;
  • use our services;
  • or interact with us online, by phone, or in person.

1. Who We Are
Donnini Apartments Limited is the data controller responsible for your personal data.

Registered Office:
Hartfield House
1 Racecourse View
Ayr
Scotland
KA7 2TS

Email: hello@donnini.co.uk
Telephone: 03300 130 882

2. The Information We Collect
We may collect and process the following categories of personal data:

Identity Information
Full name
Date of birth
Nationality
Government-issued identification where required

Contact Information
Email address
Telephone number
Home or billing address

Booking Information
Reservation details
Arrival and departure dates
Guest preferences
Property stay history
Special requests

Payment Information
Billing details
Payment transaction information

Please note that payment card information is processed securely through authorised third-party payment providers. We do not store full payment card details on our systems.

Technical Information
IP address
Browser type
Device information
Operating system
Website usage data
Cookies and analytics data

Communication Information
Emails
Telephone calls
Online chat enquiries
Feedback and reviews
Customer support interactions

CCTV Information
Where applicable, CCTV may operate at certain properties or facilities for security, crime prevention, guest safety, and operational purposes.

3. How We Collect Your Information

We collect personal data:

  • directly from you;
  • through our website;
  • during the booking process;
  • through third-party booking platforms;
  • when you contact us;
  • when you stay with us;
  • through cookies and analytics technologies;
  • and from trusted third-party partners and service providers.

4. How We Use Your Information

We use personal data for the following purposes:

  • managing reservations and guest stays;
  • processing payments;
  • communicating with guests;
  • providing customer support;
  • improving our services and guest experience;
  • maintaining property and guest security;
  • complying with legal and regulatory obligations;
  • preventing fraud and misuse;
  • managing business operations;
  • marketing and promotional communications
  • where permitted;
  • and analysing website usage and business performance.

5. Lawful Basis for Processing
We process personal data under one or more of the following lawful bases:

  • performance of a contract;
  • compliance with legal obligations;
  • legitimate business interests;
  • consent where required;
  • and protection of vital interests.

6. Sharing Your Information

We may share personal data with trusted third parties where necessary to operate our business and provide services.

These may include:

  • booking platform providers;
  • payment processors;
  • IT and cloud hosting providers;
  • customer relationship management systems;
  • marketing and communication platforms;
  • maintenance and operational contractors;
  • legal and professional advisers;
  • insurers;
  • security providers;
  • outsourced administrative and support teams;
  • and government authorities or regulators where legally required.

All third parties are required to process personal data securely and only in accordance with our instructions and applicable data protection laws.

7. International Data Transfers
Some of our third-party service providers, systems, software providers, and operational support teams may be located outside the United Kingdom (“UK”) or European Economic Area (“EEA”), including countries where data protection laws may differ from those in the UK.

This may include providers and support personnel located in:

the United States;
the Philippines; and
other international jurisdictions where our service providers operate.

Where personal data is transferred internationally, we take appropriate safeguards to protect your information, including:

International Data Transfer Agreements (“IDTAs”);
Standard Contractual Clauses (“SCCs”); and
contractual and technical security measures designed to protect personal data.

We take reasonable steps to ensure that all international data transfers comply with applicable UK data protection laws.

8. Data Security
We implement appropriate technical and organisational security measures to protect personal data against:

  • unauthorised access;
  • accidental loss;
  • misuse;
  • alteration;
  • disclosure;
  • and destruction.

Access to personal data is restricted to authorised personnel and trusted third parties who require access for legitimate business purposes.

9. Data Retention
We retain personal data only for as long as reasonably necessary for:

the purposes set out in this Privacy Policy;
legal, tax, accounting, or regulatory requirements;
dispute resolution; and
enforcement of our agreements.

Retention periods may vary depending on the nature of the information and legal obligations applicable to us.

10. Marketing Communications
We may send marketing communications where:

  • you have consented;
  • you have previously used our services;
  • or we are otherwise permitted by law.
  • You can unsubscribe from marketing communications at any time by:

clicking the unsubscribe link in emails; or
contacting us directly.

11. Cookies and Website Tracking

Our website uses cookies and similar technologies to:

  • improve website functionality;
  • analyse traffic and usage;
  • personalise user experience;
  • and support marketing and advertising activities.
  • You can manage cookie preferences through your browser settings.

For more information, please refer to our Cookie Policy.

12. Your Data Protection Rights

Under applicable data protection laws, you may have the right to:

  • access your personal data;
  • request correction of inaccurate information;
  • request deletion of your data;
  • restrict processing;
  • object to processing;
  • request transfer of your data;
  • withdraw consent where processing is based on consent;
  • and lodge a complaint with a supervisory authority.
  • To exercise your rights, please contact us using the details below.

13. Contacting Us
If you have any questions regarding this Privacy Policy or how we handle personal data, please contact:

Donnini Apartments Limited
Hartfield House
1 Racecourse View
Ayr
Scotland
KA7 2TS

Email: hello@donnini.co.uk
Telephone: 03300 130 882

14. Complaints
If you are unhappy with how we process your personal data, you have the right to complain to the UK Information Commissioner’s Office (“ICO”).

Information Commissioner’s Office (ICO)

15. Changes to This Policy
We may update this Privacy Policy from time to time to reflect:

  • legal changes;
  • operational changes;
  • technology updates;
  • or changes to our services.

Any updates will be published on this page with a revised effective date.