Peggy's Place

Privacy Policy – Peggy’s Place Killarney

 

Introduction

Peggy’s Place Killarney (“we”, “us”, or “our”) is committed to protecting your personal data and respecting your privacy. This Privacy Policy explains how we collect, use, and protect your personal information in accordance with applicable data protection laws, including the UK GDPR and EU GDPR where relevant.

Who We Are

• Business name – Peggy’s Place Killarney

• Website – www.peggysplacekillarney.com

• Email – peggykelly@live.ie

Peggy’s Place Killarney provides short-term holiday accommodation and related services.

​

What Personal Data We Collect

We may collect and process the following categories of personal data:

• Names and contact details

• Postal addresses

• Date of birth

• Purchase or booking history

• Payment details (including card or bank information via payment providers)

• Credit reference information (where applicable)

• Health information (e.g. dietary requirements, allergies)

• Health and safety information

• Account information

• Loyalty programme information (if applicable)

• Website user information (including cookies and user journeys)

• Identification documents

• Information relating to compliments or complaints

​

Why We Collect Personal Data

We collect and use personal information for the following purposes:

• To provide accommodation and related services

• To manage bookings and customer accounts

• To process payments and financial records

• To communicate with guests and provide service updates

• To prevent fraud, misuse, or unlawful activity

• To comply with legal and regulatory requirements

• To improve our services and customer experience

​

Lawful Bases for Processing

We rely on the following lawful bases:

• Contract – to fulfil booking and accommodation services

• Consent – where you have given permission (e.g. marketing or optional data)

• Legal obligation – to comply with tax, regulatory, or legal requirements

• Legitimate interests – to operate, secure, and improve our services

​

Legitimate Interests

We process personal data under legitimate interests to support the effective operation, security, and improvement of our services. This includes:

• Ensuring services function as intended

• Identifying and resolving technical or operational issues

• Preventing fraud or misuse

• Improving user experience through analysis and optimisation

​

The benefit of this processing is the ability to provide a reliable, secure, and efficient service while continuously improving based on real usage.

We limit data collection to what is necessary, implement appropriate safeguards, and ensure individuals’ rights are respected.

Where possible, data is minimised, anonymised, or aggregated. The benefits of maintaining service quality and security outweigh the minimal risks to individuals.

​

Where Personal Data Comes From

We collect personal data from:

• Individuals directly (e.g. bookings, enquiries)

• Publicly available sources (where relevant)

• Third-party providers, including booking platforms and service providers

​

Third-Party Sources

We may receive personal data from:

• Booking platforms such as Airbnb and Booking.com

• Payment processors

• Property management or communication tools

These providers only share data necessary for managing bookings and delivering services.

​

Sub-Processors and Systems

We use the following third-party service providers (data processors):

• Airbnb – booking management and guest communication

• Booking.com – booking management and guest details

• Stripe / PayPal – payment processing

• Gmail / Microsoft Outlook – email communications

• WhatsApp – guest communication (if used)

• Google Drive / Dropbox – document storage

• Xero / QuickBooks – accounting and financial management

• Wix (or website provider) – website hosting and enquiry forms

All processors are selected based on their compliance with data protection laws and only process data on our behalf.

​

Sharing Personal Data

We may share personal data where necessary with:

• Insurance providers

• Professional or legal advisors

• Financial or fraud investigation authorities

• Regulatory authorities

• Organisations we are legally required to share information with

• Emergency services (where necessary)

We do not sell personal data.

​

Data Retention

We retain personal data only for as long as necessary to fulfil the purposes for which it was collected, including legal, regulatory, and business requirements.

​

International Data Transfers

Personal data may be transferred to, stored, or processed outside of the UK and European Economic Area (EEA) by our third-party providers.

Where this occurs, we ensure appropriate safeguards are in place, including:

• UK or EU adequacy decisions

• Standard Contractual Clauses (SCCs)

• Other recognised legal transfer mechanisms

We only work with providers that maintain appropriate security and data protection standards.

​

Data Security

We implement appropriate technical and organisational measures to protect personal data, including secure systems, restricted access, and use of reputable service providers.

​

Your Rights

You have the right to:

• Access your personal data

• Request correction of inaccurate data

• Request deletion of your data (where applicable)

• Object to or restrict processing

• Withdraw consent at any time

• Lodge a complaint with a supervisory authority

​

Complaints

If you have concerns, please contact us first.

You also have the right to complain to:

• UK ICO – www.ico.org.uk

• Irish Data Protection Commission (if applicable) – www.dataprotection.ie

​

Policy Updates

We may update this Privacy Policy from time to time to reflect changes in legal or operational requirements.