Privacy policy

Privacy Statement (EU)
Last updated: 13th August 2025

This Privacy Statement applies to citizens and legal permanent residents of the European Economic Area and Switzerland and outlines how Connemara Holiday Lettings collects, uses, stores, and shares your personal data in accordance with the General Data Protection Regulation (GDPR).

1. Introduction

At Connemara Holiday Lettings, we value your privacy and are committed to protecting your personal data. This statement explains how we collect, use, and safeguard your data when you interact with us, including when you use our website https://connemaralettings.ie.

In our processing, we comply with the requirements of privacy legislation. That means:

• We clearly state the purposes for which we process personal data;

• We limit our collection of personal data to only that which is necessary for legitimate purposes.

• We request your explicit consent when required.

• We take appropriate security measures to protect your data.

• We respect your right to access, correct, or delete your data.

2. What Personal Data We Collect

We may collect and process the following types of personal data:

• Name, address, email address, and phone number

• Booking details and payment information

• Identity verification documents (passport, driver’s license, or other government-issued photo ID)

• IP address, browser user agent, and location data

• User-generated content (comments, feedback)

• Newsletter subscription preferences

• Website usage data via cookies and analytics tools

3. Why We Collect Your Data (Legal Basis)

We collect and process your personal data for the following purposes:

• To manage and confirm holiday bookings (Contractual necessity)

• To verify guest identity prior to property access (Legitimate interest and safety)

• To collect damage/security deposits or process damage waivers (Contractual necessity)

• To communicate with you about your reservation and stay

• To comply with legal obligations (e.g., fraud prevention, tax compliance)

• To send you marketing emails (with your explicit consent)

• To improve our services, website functionality, and customer experience

4. ID Verification Requirement

To ensure the safety and security of our properties and comply with our operational procedures, all guests are required to upload valid photo identification before receiving key collection details. This process is completed via our secure third-party platform, Enso Connect. Your ID is used solely for identity verification and is deleted shortly after check-in, unless legally required otherwise.

5. Damage Deposit and Waiver

As part of the booking process, guests are required to either:

• Provide a refundable damage/security deposit, or

• Opt for a non-refundable damage waiver.

This is handled securely via Enso Connect. The specific amount and method are detailed at the time of booking. Personal and payment data used for this purpose is stored securely and handled in line with GDPR compliance requirements.

6. Retention Period

We retain personal data only as long as necessary for the purpose for which it was collected or to comply with legal obligations. Examples:

• Guest ID verification documents: deleted within 48 hours after check-in unless required for legal purposes

• Booking records: retained for up to 7 years for tax and legal reasons

• Newsletter subscription data: until you unsubscribe

• Contact form messages: retained for 12 months unless relevant to a longer-term service need

7. Cookies

We use cookies on our website to improve user experience and for analytics purposes. For detailed information, please refer to our [Cookie Policy].

8. Third-Party Data Sharing

We may share your personal data with the following categories of third parties:

• Enso Connect (guest communication and verification)

• Payment processors (e.g., SysPay)

• Email service providers (e.g., Mailchimp, MailerLite)

• Website analytics providers (e.g., Google Analytics)

• Hosting providers

Data is only shared where necessary and under strict agreements ensuring GDPR compliance. Some third parties may be located outside the EU; in such cases, we ensure Standard Contractual Clauses or equivalent safeguards are in place.

9. Website Plugins and Data Collection

We use several WordPress plugins that may collect and process data:

• WP Mail Logging: Logs email activity for administration

• WP Smush: Sends images to WPMU DEV servers for optimisation; EXIF data may be transferred but is not stored

• Akismet: Collects commenter IP address, browser agent, and submitted data to prevent spam

• Popup Maker: May store subscriber preferences and uses cookies to manage popup displays. Data is retained unless unsubscribed or removed by request

10. Security

We are committed to protecting your data. Security measures include:

• Encrypted connections (SSL)

• Password-protected account access

• DKIM, SPF, DMARC email authentication

• Restricted access to personal data

• Regular security reviews

11. Third-Party Websites

Our website may contain links to other websites. This privacy statement does not apply to third-party sites. We recommend reviewing the privacy policies of any external websites you visit.

12. Your Rights Under GDPR

You have the following rights:

• Access – to request access to the personal data we hold about you

• Rectification – to correct inaccurate or incomplete data

• Erasure – to have your data deleted, subject to legal or contractual restrictions

• Withdraw Consent – where applicable, to withdraw consent for marketing or processing

• Data Portability – to request the transfer of your data to another controller

• Object to Processing – to object where the processing is based on legitimate interest

To exercise any of these rights, please contact us using the information below. We may ask for identification to verify your request.

13. Complaints

If you are dissatisfied with how we process your data, you have the right to lodge a complaint with the Data Protection Commission in Ireland or your local supervisory authority.

14. Data Protection Officer

Our Data Protection Officer is: Yvonne Flaherty
Email: info@connemaralettings.ie
Phone: +353 95 22669

15. Contact Details

Capolla Hill Limited
Connemara Holiday Lettings
Clifden, Co. Galway, Ireland
Website: https://connemaralettings.ie
Email: info@connemaralettings.ie
Phone: +353 95 22669

Disclaimer: This privacy statement is provided for informational purposes only and does not constitute legal advice. We recommend reviewing it regularly and consulting with a data protection advisor to ensure ongoing compliance.