Website Privacy Policy - The Old Dairy B&B

General Data Protection Regulation (GDPR)
EC Regulation No 261/2004EU

In light of the new regulations regarding data protection we need to explain how and why we process and store your data.

If you disagree with this Privacy Statement, you should discontinue using our services.

Your rights under the GDPR:

  • The right to be informed
  • The right of access
  • The right to rectification
  • The right to erasure
  • The right to restrict processing
  • The right to data portability
  • The right to object
  • Rights in relation to automated decision making and profiling.

Legal basis for the use of your data:

Performance of a contract: The use of your information may be necessary to perform the contract that you have with us. For example, if you use our services to make an online reservation, we will use your information to carry out our obligation to complete and administer that reservation under the contract that we have with you.

Legitimate interests:

We may use your information for our legitimate interests, such as to provide you with the best suitable content of the website, emails and newsletters, to improve and promote our products and services and the content on our website, and for administrative, fraud detection and legal purposes. Any email marketing, we undertake is directly controlled by us via 3rd party provider mailchimp. If you wish to stop any email marketing from us you may unsubscribe at any time. We do not sell or barter your email address.


We may rely on your consent to use your personal information for certain direct marketing purposes. You may withdraw your consent at any time by contacting us at the addresses at the end of this Privacy Statement.


In order to create a secure environment for you and your fellow travellers @ The Old Dairy B&B, we may use personal data for the detection and prevention of fraud and other illegal or unwanted activities. Similarly, we may use personal data for risk assessment and security purposes, including the authentication of users and reservations.


When you make a booking with us @ The Old Dairy B&B Ystrad Fach we require your name / address / email / and phone number in order for us to accept a booking from you. This enables us to contact you with details of your booking and to enable us to forward any information you require such as directions to us, or places that might be of interest to you and copies of your booking and invoice. You might not simply be booking accommodation for yourself. You may be travelling with other guests whose details you provide as part of the reservation, or you may make a reservation on behalf of someone else, at this point we have to point out that it’s your responsibility to ensure that the person or people you have provided personal information about are aware that you’ve done so and have accepted how The Old Dairy B&B Ystrad Fach uses their information. When you visit our websites, we may automatically collect certain information. This includes your IP address, the date and time you accessed our services, the hardware, software or internet browser you use and information about your computer’s operating system, like application versions and your language settings. We might also collect information about clicks and which pages have been shown to you. If you are using a mobile device, we might also collect data that identifies your mobile device, device-specific settings and characteristics, location details, app crashes and other system activity. When you make a reservation, our system registers through which means and from which websites you have made your reservation.


We also require a credit/debit card number in order to hold a booking for you, this is kept on a secure server with our channel manager Freetobook. The access to your card details can only be made by ourselves and is password protected. The CV2 number is only available to us once after we have entered it onto your booking details. We are PCI compliant (payment card industry) and are assessed every 12 months.

Payment providers and financial institutions:

If a chargeback is requested for your reservation by either you or by the holder of the credit card used to make your reservation, we may need to share certain reservation details with the payment service provider and the relevant financial institution to handle the chargeback. This may also include a copy of your reservation confirmation or the IP address used to make your reservation.

3rd Party services:

We may with your permission use your email address to ask for feedback about your stay with us. If you have made a booking via or via our website which is handled by Freetobook they may themselves send an email requesting feedback. All 3rd party sites will have their own statements regarding their handling of your data. Please avail yourself of this information which should be available on the appropriate websites. You may withdraw your consent at any time by contacting us at the addresses at the end of this Privacy Statement.


We @ The Old Dairy B&B Ystrad Fach do not pass on any of your details with any other organisations, we do not sell, exchange, barter or in any other way share information other than laid out in this statement. Note, all communications sent or received by The Old Dairy B&B Ystrad Fach will be received and stored. Business partners through whose platform you made the reservation may choose to communicate with you directly via email or other channels that The Old Dairy B&B Ystrad Fach does not control.


We store a paper copy of your booking which will have your name, address, email, phone number, and the date you stayed. These are kept secure for 6 years and are only kept as they may be required by HMRC in the event of a tax inspection, after this time they are cross cut shredded and then burnt by ourselves.

Electronic storage:

We store some electronic data on our computers I.E. name/address/booking details this data is password protected and only accessible by the owners of Ystrad Fach / The Old Dairy B&B. All data that is processed and stored by 3rd parties is password protected.

Deletion of data:

If and when we terminate any contract with any 3rd party booking agent or channel manager we will no longer have any access to any electronic information that we may have had in the past. All 3rd parties will have their own statements regarding their deletion of your data.


Members of staff @ The Old Dairy B&B Ystrad Fach have been trained in how to protect your data and privacy and are fully aware of the processes involved.

Law enforcement:

We disclose personal data to law enforcement insofar as it is required by law or is strictly necessary for the prevention, detection or prosecution of criminal acts and fraud. We may need to further disclose personal data to competent authorities to protect and defend our rights

Mobile devices:

We do not have any apps relating directly to and any apps you may use to book accommodation with us will have their own privacy statement on how your data is stored and processed. If accessing via a mobile device the following details regarding the use of cookies apply.


Cookies and other tracking technologies can be used on our websites and apps in various ways, such as making website work, to analyse traffic or for advertisement purposes. These technologies are used by us directly and including third party service providers we work with. If you want to learn more about what a cookie is, how they are used and what your choices are.

What Information Does a Cookie Store?

For the most part a cookie will contain a string of text that contains information about the browser. To work, a cookie does not need to know where you are from, it only needs to remember your browser. Some Web sites do use cookies to store more personal information about you. However, this can be done only if you yourself have provided the Web site with that personal information. Legitimate Web sites will encrypt this personal information stored in the cookie to prevent unauthorized usage by another party with access to your cookie folder.

Cookies have six parameters that can be passed to them:
The name of the cookie.
The value of the cookie.
The expiration date of the cookie - this determines how long the cookie will remain active in your browser.
The path the cookie is valid for - this sets the URL path the cookie us valid in. Web pages outside of that path cannot use the cookie.
The domain the cookie is valid for. This makes the cookie accessible to pages on any of the servers when a site uses multiple servers in a domain.
The need for a secure connection - this indicates that the cookie can only be used under a secure server condition, such as a site using SSL.

First and Third-Party Cookies:

When choosing a privacy setting in your browser, two terms you will see are "first-party cookies" and "third-party cookies". First party cookies are those cookies that originate from (or be sent to) the Web site you're currently viewing. These types of cookies usually will contain information about your preferences for that particular Web site. These cookies are usually Third-party cookies originate from (or will be sent to) a Web site that is not the site you are visiting. For example, if the Web site you are on using third-party advertising those third-party advertising Web sites may use a cookie to track your Web habits for marketing purposes.
While some may simply choose to block all cookies, it can make Web surfing difficult if you do this. For example, if you shop online, many e-commerce shopping carts that have been implemented with cookies will not work. Sites you frequently visit which enable you to personalize content also will not show your preferences when you visit if you delete or disable that cookie.
Most cookies, despite some misconceptions, are legitimate files and will not invade your privacy. Once you get in the habit of reviewing the cookies associated with your browser and manage them on your own by way of deleting malicious cookies or trying different browser privacy settings, you can still keep the good cookies that make surfing a breeze yet keep the bad cookies that may be tracking your surfing habits off your system.


You have the right to complain to the ICO if you think there is a problem with the way we are handling your data. You also have the right to access any of the data we hold about you, and we are required to provide it within 30 days of your request to us.

If you require any further information or clarification from us as to how we use your information please feel free to contact us.

Ian & Debbie Baker
Ystrad Fach
SA17 5NY
01269 861170