A Nurtur Group Company A Nurtur Group Company

Privacy policy

How we collect your personal information

This is information about you that you provide us, for example:

  • Visiting our website (city-studios.com);
  • Making a booking (hotels.cloudbeds.com);
  • Viewing or following our channels on any social networking platform;
  • Corresponding to us by phone, email or otherwise;
  • Make a reservation in person, by phone or through one of our designated agents

and it is provided by you voluntarily. This includes the information provided when registering to use our site, expressing your interest in making a reservation, making a reservation, subscribing to the services we provide through our websites and other channels, requesting additional information, material or associated services, manage your personal data (including access to documentation and participation in correspondence with us by phone, email or otherwise). If you complete any survey that we request for research purposes, we will also collect information in such circumstances. The information you provide will usually include your name, address, email address and phone number (s), age and date of birth, details of your specific inquiry, details of your employer and / or job function, and may include records of any correspondence and responses to marketing campaigns.

Personal information we collect about you:

We may collect the following information, either by request or automatically: your contact information, geographic and demographic information, preferences and interests and other information you provide through, among other things, the answers provided in surveys and visits to our site web and application, including information on the information and resources accessed. We can also automatically collect technical information, including anonymous data collected by the hosting server, the Internet Protocol (IP) address used to connect your computer or device to the Internet, the browser type and version, the time zone settings , the types of browser add-ons and Versions, operating system and platform. Please, check our Cookies Policy for more information. We may also collect any personal information that you allow to be shared that is part of your public profile (s) in third-party social networks, including, among others, the time zone settings, the types and versions of add-ons of the browser, the operating system and the platform., and their preferences, interests and other behaviours.

Personal information we can receive from other sources:

We may also obtain certain personal information about you from sources outside of our business, which may include both our Group companies (where you provided the details above) and other third-party companies where you previously provided your consent for the exchange. of personal information. In accordance with the privacy policies of said third parties. The personal information we receive from third party sources is usually your contact information, certain demographic information, and may also include information about the information you have previously requested and / or the preferences you have previously expressed about specific areas of interest.

Types of personal information we process on you

We can process a variety of personal information about you. To facilitate understanding of the information we use about you, we divide this information into categories in the list below and provide a brief explanation of the type of information generally covered by each category.

  • Behaviour like your activities, actions and behaviours.
  • Biographical As your workplace and job title, which can be used to address, send or communicate a message.
  • Geographical location information that contains or reveals the location of your electronic devices
  • Identification information contained in a formal identification document such as your passport
  • Bank / billing information used to collect from you or return the money owed.
  • Credit your application for credit terms and information related to the provision of credit for you.
  • Fraud Information regarding the occurrence, investigation or prevention of fraud.
  • Legal information related to legal claims made by you or against you or the claims process
  • Reservation transactions The information related to the accommodation reservations and the auxiliary services that are provided to you and
  • Correspondence information contained in our correspondence or other communications with you about our products, services or businesses

How we use your personal information

The purposes for which we use your information and the legal basis under the data protection laws on which we rely to do this are explained below.

Where there is a legal requirement

We will use your personal information to comply with our legal obligations, such as: (i) to assist any public authority, industry regulator or criminal investigation agency; (ii) to correctly identify you when you contact us and / or to verify the accuracy of the information we have about you.

Where it is required to complete or comply with a Contract

We may use and process your personal information when we sell you a product or products, provide (or continue to provide) any service, where we organise the supply of products or services from third parties as your designated agent. , or where you are in detailed conversations with us about the sale or purchase of a product or service. We will use this information to ensure that the terms of the relevant contracts are met or complied with. This may include circumstances in which we ourselves are not part of the contract, however, we have been designated to administer or provide services related to that contract. For the purposes of this description, a “contract” generally means an occupancy agreement, lease or administration service. See “Type of personal information we process” about you above for details about the types of personal information we process for these purposes.

Where we have evaluated there is a legitimate interest

We may use and process your personal information when we deem it necessary for our legitimate business interests, your legitimate interests as a guest or potential guest, or the legitimate interests of a Group company, for the following purposes:

  • to correspond or communicate with you in general, for example, with the company or other relevant news;
  • for marketing activities (other than where we rely on your consent to contact you by email or text message with information about our products and services or share your details with third parties to do the same, as explained below);
  • for analysis to inform our future marketing strategy and / or to improve or personalise your customer experience (such as improving the quality or relevance of the information we provide in the future);
  • to verify the accuracy of the data we have about you and create a better understanding of you as a client or potential client;
  • for the security of the network and information, so that we can take measures to protect your information against loss or damage, theft or unauthorised access;
  • for the prevention of fraud and other criminal activities;
  • to comply with a request from you regarding the exercise of your rights (for example, when you requested that we not contact you for marketing purposes, we will keep a record of this on our deletion lists in order to comply with your request);
  • to review facts, evaluate and improve our service to clients through recordings of any call in our offices;
  • for the management of any query, complaint or claim presented;
  • for the establishment and defence of our legal rights.

Where you have provided the consent

We may use and process your personal information on the basis of your consent for us to do so, for the following purposes:

  • To contact you by email or SMS with marketing information about our products and services, predominantly accommodation and accommodation services.
  • To share your information with certain Group companies to communicate with you with marketing information about similar products and services.
  • We will never share or sell your data with unconnected third parties to obtain business benefits without your knowledge and consent.

You may withdraw your consent for us to use your information in any of these ways at any time. See Withdraw your consent for more details.

Others who can receive or have access to your personal information

Group companies

We may share your information with other Group companies. You may use your personal information in the ways that are detailed in the How we use your personal information above section, in relation to specific products and / or complementary or complementary services, for example, products and services that only they can provide for regulatory reasons. , or products and services that are similar to those we offer but that may be under the name of a different brand. Some of the companies in our Group can also be service providers for us, as explained in the next section.

See the beginning of this policy for a description of what we mean by the Group companies with which we can share your personal information in this way.

Our suppliers and service providers

We may disclose your information to certain service providers, agents, subcontractors and other selected organisations when necessary for the purpose of providing services to us or directly to you on our behalf. Such third parties may include cloud service providers (such as hosting and software service providers), online booking agents or aggregators, digital and marketing agencies, and administrative service providers.

When we use third party service providers in this way, we only disclose any personal information that is necessary for them to provide their services and we have a current contract that requires them to keep your information secure and not use it. in accordance with our specific instructions for the purposes foreseen and established in this Policy.

Payment processors for credit/debit cards

When you purchase certain products or services through our websites, by phone or at one of our residences or locations, a third-party payment processing agent who specialises in secure online capture can process a payment by credit card or debit with your instruction. Processing of credit / debit card transactions. If you have any questions regarding safe transactions, ask us at the time of making the payment or contact us using the details at the end of this policy.

We do not store or keep a record of your credit card details on our own websites or within our own systems.

Other ways we can share your personal information

We may transfer your personal information to a third party as part of a sale of some or all of our business and assets to a third party or as part of any restructuring or business reorganisation. We may also transfer your personal information if we have an obligation to disclose or share it to comply with any legal obligation, for example, to detect or report a crime, to enforce or enforce the terms of our contracts or to protect the Rights, property or security of other data subjects. If/when we do, we will always take steps to ensure that your privacy rights remain protected and your rights are respected.

Where we keep your personal information

The information you provide may be transferred to countries outside the EEA, for example, where any of the companies in our Group that need access to that information is incorporated in a country outside the EEA, or if any of our servers or ours Third Service providers are occasionally located in a country outside the EEA. These countries may not have data protection laws similar to those in the United Kingdom.

If we transfer your information outside the EEA in this way, we will take steps to ensure that appropriate security measures are taken with the aim of ensuring that your privacy rights continue to be protected as described in this policy. This is because some countries outside the EEA do not have the same adequate data protection laws equivalent to those in the EEA. These steps may include, for example, imposing contractual obligations on the recipient of your personal information or ensuring that recipients subscribe to other relevant regulatory regimes or best practices that aim to ensure adequate protection. Contact us using the details at the end of this policy to obtain more information about the protections we implement in these circumstances.

If you use our services, access our systems or view any of our content while you are outside the EEA, your information may be transferred outside the EEA to provide those services.

How long do we keep your personal information?

When we collect your personal information, the amount of time we retain it is determined by a number of factors including the purpose for which we use that information and our obligations under other laws. We do not keep personal information in an identifiable format for longer than we consider necessary.

The time during which we store your personal data may also vary according to the legal basis we use.

When you contact our offices by phone, these calls can be recorded. These call recordings are retained for no more than 90 days.

Where your personal information is required to complete or comply with a Contract

We may need your personal information to comply with our own legal and accounting responsibilities, and / or to establish, present or defend legal claims. For this purpose, we will always retain your personal information for 7 years after the date we no longer need it for any of the purposes listed in How we use your personal information mentioned above. When we are only required to retain part of your information for these purposes, we will make every reasonable effort to “minimise” that data and not to retain any information that we do not have to keep for 7 years.

The only exceptions to this are where:

  • The law requires us to keep your personal information for a longer period of time or to remove it beforehand;
  • Exercise your right to have the information erased (when applicable) and we do not need to keep it in relation to any of the reasons allowed or required by law (see more information How to delete your personal information or restrict its processing below); or
  • In limited cases, the law allows us to keep your personal information for longer, as long as we implement certain protections

Where we have evaluated there is a legitimate interest

If you are a citizen of an EEA country, we will not retain your personal data for more than 2 years after a Legitimate Interest Assessment has been performed or renewed, unless:

We identify the circumstances that, in our reasonable and professional judgment, indicate that there is a legitimate interest in progress; or

When the legitimate interest on which we have based has expired, first (or later) we have obtained your consent (see below)

If you are not a citizen of any EEA country, we can keep your personal data for more than 2 years when we consider it valuable and justifiable, subject at all times to defend your rights as a subject of the data.

Where you have provided the consent

We will retain your personal data as long as we consider it valuable and justifiable, subject at all times to defend your rights as subject of the data (including the right to have your consent withdrawn and the right to have your personal data deleted).

Even when you have given your consent and you have not withdrawn it, at any time we can make the decision not to keep your personal data when we consider that it is no longer worthwhile or justified.

Security of data and links to or from other organisations

We are committed to ensuring that your information is kept secure in systems that can be controlled and protected in accordance with best data security practices. To prevent unauthorised access or disclosure, we implement appropriate physical, electronic, and administrative procedures to safeguard and protect the information we collect from you. Wherever possible, we only store information in structured systems (databases) that can only be accessed with secure passwords.

Occasionally, it may be necessary to store or transfer some of your personal information in an unstructured form, such as paper or document formats that are necessary to allow us to collect and process that information in accordance with the purpose. In these cases, we will make every reasonable effort to ensure that procedures and controls are in place to maintain security and access to that information.

Unfortunately, the transmission of information through the internet is never completely secure. Although we will do our best to protect your personal information, we can not guarantee the security of your information transmitted to or from our website at all times and, therefore, any transmission is at your own risk. Once we have received your personal information, we implement reasonable and adequate controls to ensure that it remains secure against accidental or unlawful destruction, loss, alteration or unauthorised access.

Our websites may contain links to other websites managed by other organisations. In the same way, we may send it from time to time to other organisations that are not Group companies and to which you can also provide personal information. This policy does not apply to those other organisations where this happens, therefore, we recommend that you read their privacy statements separately. We can not be responsible for the privacy policies and practices of other websites or third parties, even if you access those websites or contact those organisations through links or contact information that we provide.

In addition, if you have linked to our website, a contact data form or any other material that we have published electronically from a third party website or an email sent by a third party, we are not responsible for the privacy policies and practices of The owners and operators of these third parties recommend that you also review their privacy statements.

When we collect and process any particularly sensitive personal information, for example, your banking information, we will apply additional security controls to protect that data.

When we have given you (or have chosen) a password that allows you to access certain information that we have in any of our systems, you are responsible for maintaining the confidentiality of this password. We ask you not to share your password with anyone and to inform us as soon as possible if you believe your password has been stolen, exposed or compromised in any way.

Your rights

If you are a citizen of an EEA country, you have several rights in relation to your personal information under the data protection law, which are summarised below. Not all of these rights may be applicable to citizens of countries outside the EEA. In connection with certain rights, we may request information to confirm your identity and, when appropriate, to help us locate your personal information. Except in exceptional cases, we will respond within one month from (i) the date we confirm your identity or (ii) when it is not necessary to do so because we already have this information, from the date we received your request.

Accessing your personal information.

  • You have the right to make a reasonable request to obtain a copy of the information we have about you by sending us an email or by writing to the address at the end of this policy. We may not provide you with a copy of your personal information if it concerns other people or if we have another legal reason to retain that information. In limited circumstances, you may have a right to data portability (that is, to ask us to create a file to transfer you or a different service provider) from the personal data electronically processed about you.
  • Correcting and updating your personal information.
  • The accuracy of your information is important to us and we are always willing to make sure that we can review and correct regularly and easily the information we have about you. If you change any personal information, in particular your name, address, email address and contact telephone numbers, or if you discover that any of the other information we have is inaccurate or outdated, please let us know as soon as possible. using any of the details described at the end of this policy.

Withdrawing your consent

  • When we rely solely on your consent as the legal basis for processing your personal information, as set forth in How we use your personal information, you may withdraw your consent at any time by contacting us using the details at the end of this policy. If you wish to withdraw your consent to receive any direct marketing to which you have previously accepted, you may do so through our unsubscribe links included in such marketing that we send you electronically. If you withdraw your consent, our use of your personal information before you leave is still legal.
  • Objecting to our use of your personal information and the automated decisions made about you. When we depend on a legitimate interest identified as the legal basis for processing your personal information for any purpose, as explained in How We Use Your Personal Information, you may object to the use of your personal information for these purposes by email or in writing. To us in the address at the end of this policy. Except for the purposes for which we are certain that we may continue to process your personal information, we will stop processing your personal information temporarily in line with your objection until we have investigated the matter. If we accept that your objection is justified in accordance with your rights under the data protection laws, we will stop using your information permanently for those purposes.
  • Otherwise, we will provide you with our justification about why we need to continue using your data.
  • You may object that we use your personal information for direct marketing purposes and we will automatically comply with your request. If you wish to do so, use our unsubscribe links in any type of marketing that we send electronically.
  • Delete your personal information or restrict its processing
  • In certain circumstances, you may request that your personal information be removed from our systems by sending us an email or by writing to the address at the end of this policy. Unless there is a reason why the law allows us to use your personal information for a longer period of time, we will make every reasonable effort to comply with your request.
  • You may also ask us to limit the processing of your personal information when you believe it is illegal for us to do so, that you have opposed its use and that our investigation is pending or requires us to keep it in relation to legal proceedings. In these situations, we can only process your personal information while your processing is restricted if we have your consent or are legally authorised to do so, for example, for storage purposes, to protect the rights of another person or company or in connection with legal proceedings.

Complaining to the UK data protection regulator

  • You have the right to file a complaint with the Office of Information Commissioners (ICO) if you are concerned about the way we have processed your personal information. Visit the ICO website¬†www.ico.org.uk¬†for more information.

Changes to this policy

We may revise this policy from time to time and any changes will be notified to you by posting an updated version on our website (s). In some circumstances, we may also notify you or contact you, for example, by email, to inform you of the changes. Any change of this type will become effective 7 days after the date on which we publish the modified terms on our website. We recommend that you regularly check the changes and review this policy each time you visit our websites. If you do not agree with some aspect of the updated policy, you must notify us immediately to ensure that we comply with our obligations to ensure that you can exercise your rights.

Contact us to get more information

Address any questions about this policy or about the way we process your personal information to our team responsible for legal issues and compliance using the contact details below.
If you wish to write to us, write to City Studios Ltd, 102 Fenay Bridge Road, Huddersfield, HD8 0AY, United Kingdom.
The email address for data protection enquiries is enquiries@city-studios.com
If you prefer to talk to us by phone, call 01484 429438 or +44 1484 429438 from outside the UK.

Schedule 1

Group Companies

Nurtur Group Holdings Ltd, registered company number 14304591

Fraser Morgan Limited, registered company number 09434321

Nurtur Student Living Limited, registered company number 11652544

Warehouse Students Limited, registered company number 14632033