GDPR Policy

Effective Date: 01/01/2023
Last Updated: 01/01/2025

1. Introduction
   We Stay (“we”, “us”, or “our”) is committed to protecting and respecting your privacy. This policy outlines how we collect, use, store, and disclose your personal data in accordance with the General Data Protection Regulation (GDPR) (EU) 2016/679.
2.  Data Controller
   The data controller responsible for your personal data is:
   We Stay
   8b, Quorn Business Quarter
   Loughborough Rd, Leicester Rd
   Mountsorrel, Loughborough
   LE12 7XF
   Website: https://westaygroup.com
   Email: info@westaygroup.com
   Phone: 0116 296 3186
3. Personal Data We Collect
   We may collect and process the following categories of personal data:
   • Identity Data – such as your full name and date of birth
   • Contact Data – including your address, email, and phone number
   • Technical Data – such as IP address, browser type, and device information
   • Usage Data – including website usage patterns and interaction history
   • Marketing and Communication Data – including preferences for receiving information from us
4. How We Collect Your Data
   We collect data through:
   • Direct interactions – such as booking forms, account sign-ups, or email inquiries
   • Automated technologies – such as cookies and tracking scripts on our website
   • Third-party sources – such as booking platforms or service partners
5. Legal Basis for Processing
   We rely on one or more of the following legal bases to process your personal data:
   • Your explicit consent
   • The performance of a contract with you
   • Compliance with a legal obligation
   • Our legitimate interests, provided your rights do not override them
6. How We Use Your Personal Data
   Your data is used to:
   • Process bookings and deliver accommodation services
   • Communicate with you regarding your stay or account
   • Improve our services, website, and customer experience
   • Send you relevant marketing content, with your consent
   • Comply with our legal and regulatory obligations
7. Data Sharing
   We may share your data with:
   • Service providers such as IT support, payment processors, and property managers
   • Law enforcement or government bodies, if required by law
   • Third parties involved in business transactions (e.g., mergers or acquisitions)
   All data sharing is conducted under appropriate data protection agreements.
8. International Data Transfers
   If your data is transferred outside the European Economic Area (EEA), we ensure it is protected through:
   • Adequacy decisions by the European Commission
   • Standard Contractual Clauses (SCCs)
   • Other lawful transfer mechanisms
9. Data Retention
   We retain your personal data only for as long as necessary, including to satisfy legal, accounting, or reporting requirements. Once your data is no longer needed, it will be securely deleted or anonymised.