Privacy Policy for CanaryHolidays Website

This website privacy policy describes how use and protect data collected by us in relation to an email enquiry via the Contact page or when you provide us your booking details using the booking form

We (the owners of Canaryholidays) are the Data Controller and are committed to protecting the rights of individuals in line with the Data Protection Act 1998 (DPA) and the General Data Protection Regulation (GDPR).

You can contact us regarding anything in this privacy policy by email to [email protected]

When you make a booking enquiry

We will collect information such as your name, telephone number and email address. We will normally keep this information for around two months before we delete it or longer if required by law to do so or a booking follows. We will use this information to respond to your enquiry.

When you book with us

If you book with us we send you a link to our booking form where we will collect information such as your name, telephone number, email address, home address and the names of other guests in the party. We will normally keep this information for 12 months or longer if required by law to do so. We will use this information as part of a contract between us and to fulfil legal obligations.

We will keep records of financial transactions between us (i.e. payment of booking fees etc). We will keep this information for six years or longer if required by law to do so. We will use this information as part of a contract between us and due to legal obligations.

If you book using a credit card or debit card via the Stripe Payments Gateway on the Canaryholidays website, we do not have access to your payment details (card number and Security CVV) or collect any information other than receiving an email from Stripe that your payment was successful or not.

Bank Transfer or Cheque payments are shown in bank statements like any other bank transactions

When we return your security bond, we do ask for your sort code and account number to make an electronic refund.
Once the refund transaction is successful we delete your bank details – bank statements will still show the transaction.

Feedback, guest book and reviews

Occasionally we may ask a customer to fill out an apartment Survey with an option of giving a review via Monkey Survey ( The review with your permission may be published on our website with just first name/s, nearest largest town / city and month/year of stay.

Who receives your information

We share information we collect about you in the ways discussed below. We will not sell information about you to advertisers or other third parties.

Visitors to our website or people who read our Review Page

Will be able to see feedback you leave.

Service providers

We share your name, date of booking, length of stay and a mobile contact number if you use our Airport Transfer service to our apartment manager in Tenerife.
This ensures that the apartment is ready for your holiday.


We may disclose your personal information to regulatory, law enforcement or governmental bodies if we believe that it is necessary to comply with a law, regulation, legal process, or governmental request; to protect the safety of any person; to address fraud or to protect our rights or property.

Your Data Rights

To access your data

Upon your request, we will provide you with the personal data we hold on you. We will do this within 30 days of your request. There will be no charge unless the requests you make are unfounded or excessive.

To rectify incorrect data

You also have the right to have personal data we hold on you corrected or adjusted, please contact us as above and we will correct or adjust our records on you within one month.

To erase your data

If we hold any personal data that you want to delete contact us and we will do it for you (if it is lawful for us to do so). Please note, however, that we may need to retain certain information for record keeping purposes, to complete transactions or to comply with our legal obligations.

To restrict processing or object to processing

In some cases, you may object to our processing of your information or ask us to stop processing your information where you believe we don't have the appropriate rights to do so. When you make such requests, we may need time to investigate and facilitate your request. If there is a delay or dispute as to whether we have the right to continue using your information or if you ask us to do so, we will restrict any further use of your information until the request is honoured or the dispute is resolved.

To data portability

Data portability is the ability to obtain some of your information in a format you can move from one service provider to another. Depending on the context, this only applies to some of your information, but not to all your information. Should you request it, we will provide you with the personal data we store that we have to provide under data processing regulations.

Further processing

If we intend to further process your personal information for a purpose other than it was originally collected, we shall provide you before the further processing takes place with information on the purpose of the further processing and you are also able to object to or restrict the further processing of your information.

Withdraw consent and prior processing

If you have consented to our use of information about you for a specific purpose, you have the right to change your mind at any time, but this will not affect any processing that has already taken place.

Withdraw consent, object to processing or restrict processing

If you withdraw consent, object to processing or restrict the processing of your information in some cases this may mean you will no longer be able to use book our cottage or we may need to cancel any booking you have made.


We will always hold your information securely.
Our website also uses HTTPS encrypted protocol hosted by Krystal Hosting Ltd and further protection is offered by our Content Network Delivery provider – Cloudflare. To prevent unauthorised disclosure or access to your information, we have implemented strong physical and electronic security safeguards. We also follow stringent procedures to ensure we work with all personal data in line with the Data Protection Act 1998.

Links from our site:

Our website contains links to other websites. Please note that we have no control of websites outside the domain. If you provide information to a website to which we link, we are not responsible for its protection and privacy.

To complain:

You may lodge a complaint with the UK Information Commissioners Office (ICO). regarding the processing of your personal information with us. The Information Commissioner’s website contains further useful information and advice: Website