Privacy Statement

Your Data and Your Privacy.

In order to fulfil our contractual obligations to you (our guests or potential guests) we have to collect and keep secure certain information that identifies you, known as Personally Identifiable Information (PII).
We are committed to protecting and respecting your privacy.

Changes to the Data Protection laws with the introduction in May 2018 of the GDPR (General Data Protection Regulation) require us to provide the information below regarding the processing of your PII:

Who we are, what we do

We are Anne and Patrick Rochford t/a Green Barn Cottages providing holiday rental accommodation in properties that we own and manage and which are located at The Green, Ravenstonedale, Kirkby Stephen CA17 4NW.  We determine how and why your personal data is processed, and as such we are the data controller.

We are registered with the Information Commissioner’s Office.

What we collect:

Personal Information supplied by you on an enquiry or booking form, which may include your name, address, email address and phone number(s), passport details if you are not a UK resident, and other information specific to your booking including the number and age range of your party and whether you are bringing pets, and any other information that is relevant to our meeting your holiday requirements and providing you with the best service.

Your IP address is also classed as Personally IdentifiableInformation, and is included in any emails you send. IP addresses of website visitors are also logged for analytical purposes, and for the purposes of providing security against website attacks.

Financial Information: We do not collect any information about you that is financially sensitive. Card payments or refunds are processed online via a secure link between you and a secure third party payment gateway (Barclays Card Services).
We do not take card payments directly over the phone or in person and therefore we do not collect, store or process sensitive card data.

We are compliant with the Payment Card Industry Data Security Standard (PCI DSS)

Why we Collect it

There are a number of legal bases for collecting and storing data that are defined by different headings under GDPR. The headings that apply to our relationship with you are Contract, Legal Obligation, Legitimate Interest, andConsent.

Booking contracts: We collect the information we need to answer any enquiry you make regarding our holiday accommodation, and to process any resulting booking from initial booking through to your departure and any subsequent communication or feedback. The basis for this is defined under GDPR as Contract.
Accounting and Tax: We use information to enable us to produce figures to meet our legal obligations for accounting and tax. The basis for this is defined under GDPR as Legal Obligation.
Market research:We analyse information to enable us to assess trends in booking patterns, and how we have obtained bookings ( eg via a third party listing site, direct to our website, recommendations and others) and how many enquiries convert to bookings. This helps us to make best decisions on how we use our advertising budget. The basis for this is defined under GDPR as Legitimate Interest
Direct Marketing Mailshots and Newsletters: We send occasional newsletters and special offers via email to previous guests.  For this purpose we manage a list of names and email addresses. Your information will only be on the list if you have given your Consent to receive our mailshots and have not subsequently unsubscribed from the list. You will have the option to unsubscribe with each email we send, and at any time by means of an “Opt Out” check box on our website.
Your information will not be added to our mailing list unless you give specific clear consent by way of an “Opt In” check box. The basis for this is defined under GDPR as Consent.

How we store it

Data is stored on a password protected third party booking management platform on their secure server. We may download part or all of the data to our own password and firewall protected computer for research, accounting and tax, and marketing purposes as described above.

Copies of emails are stored on our own password and firewall protected computer, and on the secure server of the hosting service and email provider for our website domain.

How long we keep it

We are required to keep records of the information needed for accounting and tax purposes for 6 years.

Any data not required for the purposes of accounting and tax obligations is kept for 12 months

How we protect it

You might enter information on our website, so our website and domain has an SSL security certificate to provide a secure connection between you and the website. When you visit our website you should see the padlock symbol alongside our domain name as confirmation.

All data is on password and firewall protected computers or servers.

Your name and address information is required by our card processing gateway, Barclays Card Services, for security verification and we pass that information to them as encrypted data using the encryption standard defined by Barclays Card Services. The card transaction process is then handled directly between you and the payment gateway.

Other than for the payment gateway purpose described above, we do not share your data with any third party for any reason other than if legally required to do so for purposes of lawful investigation.

Your rights to see the information we hold about you

If you have concerns you can ask to see the information we hold about you and have it corrected or deleted; please contact us by email to or as described above. There is further information about your rights under GDPR on the website of the Information Commissioner’s Office, whom you should also contact if we are unable to reolve any complaint



Contact Us

Secure online payments

Facebook Page
Green Barn Cottages on Britain's Finest
Visit England Five Star rating
English Association of Self Catering Operators - Member

Members of the
English Association of
Self Catering Operators