This privacy policy notice is for this website; and served by The Mill, Hall Mill house, Hall Street, Long Melford, Suffolk CO10 9DY and governs the privacy of those who use it.

The Mill is committed to protecting your privacy. Under the GDPR (General Data Protection Regulation) we control and / or process any personal information about you electronically and we are registered with the ICO under the Data Protection Register.

The purpose of this policy is to explain to you how we control, process, handle and protect your personal information while browsing or using this website and booking with us including your rights under current laws and regulations. If you do not agree to the following policy you may wish to cease viewing / using this website.

We would like to inform you that you have the right to complain to the Information Commissioners office if you think there is a problem with the way The Mill has handled your data via

Policy key definitions:

“I”, “our”, “us”, or “we” refer to the business, The Mill.

“you”, “the user” refer to the person(s) using this website.

GDPR means General Data Protection Regulation.

ICO means Information Commissioner’s Office.

Cookies mean small files stored on a user’s computer or device.

Personal data you are legally obliged to provide:

You are not under a legal obligation to provide us with any of your personal data but please note that if you elect not to provide us with your personal data we will not be able to offer you accomodation. This is because the Immigration Order 1972 (Hotels) requires us by law to note guest names on our system.

What types of data does The Mill collect?

The Mill collects credit card information & bank details so we can take payment for your stay.

The Mill collects marketing information, such as whether you have said you are happy to receive marketing information / emails from us about additional services and /or promotions from The Mill. Also, information as to whether you have told The Mill you wish to opt out, i.e. telling us that you do not wish to receive certain types of contact from us.

We may collect personal data when you come to stay with us and look at our website, telephone us or communicate directly with us.

Information from different types of social media for example, The Mill uses Twitter and Facebook.

We may collect personal data when you enquire about or book a stay at The Mill.

Information specific to you, for example, any special requirements you may have for your stay, and of course, your name, address, email address and phone number when you have chosen to provide it.

How do we use personal data?

We use personal data where it is necessary to provide the services you request.

We use personal data to communicate with you, for example sending booking confirmations, discussing your requirements, providing customer support and invoicing.

Using personal data where required by law.

We use personal data to comply with the requirements of law and as required in other exceptional circumstances.

Under exceptional circumstances, we may be required by law to provide personal data, such as to the police for example.

How long does The Mill keep your personal data?

We will retain your data for a period of seven years, as required by law.

How we keep your personal data safe:

We take every care to ensure that your personal data is kept secure. The security measures we take include:

Ensuring your online payment with us is secure & encrypted;

Keeping paper records to a minimum and ensuring that those we do have are stored in locked filing cabinets on our office premises;

Maintaining up to date firewalls and anti-virus software to minimise the risk of unauthorised access to our systems.

How is personal data shared?

We would like to make it clear that The Mill will not sell your information to anyone.

However, your personal information may be shared with and processed by third parties below in certain circumstances such as:

When it is required by law;

When it is required to comply with a judicial proceeding, court order or legal process; or

To prevent or detect crime (including fraud).

The Mill’s use of social media:

Currently, The Mill uses Facebook, Instagram & Twitter to create an online presence and raise awareness of what we do and who we are.

We will never ask for personal or sensitive information through these platforms.

If you send us a private or direct message via social media the message will be stored on each platform and will not be shared with any other organisations.


We collect information directly from you in a number of ways. One way is through our use of ‘cookies’. Most websites use cookies in order to make them work, or to work more efficiently, as well as to provide information to the owners of the website. They help us to understand how our customers and potential customers use our website so we can develop and improve the design, layout, content and function of the site. Cookies are small text files that are placed on your computer’s hard drive by websites that you visit.

They save and retrieve pieces of information about your visit to the website – for example, how you entered the site, how you navigated through the site and what information and documentation was of interest to you. This means that when you go back to a website, it can give you tailored options based on the information it has stored about you on your last visit.

Some of our cookies are used to simply collect information about how visitors use our website and these types of cookies collect the information in an anonymous form.

Where there is a login process relating to buying products or services from us we also use cookies to store personal registration information so that you do not have to provide it to us again on subsequent visits.

The rules about cookies on websites have recently changed. If you are uncomfortable with the use of cookies, you can disable cookies on your computer by changing the settings in the preferences or options menu in your browser. You can set your browser to reject or block cookies or to tell you when a website tries to put a cookie on your computer. You can also delete any cookies that are already stored on your computer’s hard drive. However, please be aware that if you do delete and block all cookies from our website, parts of the site will not then work. This is because some of the cookies we use are essential for parts of our website to operate. Likewise, you may not be able to use some products and services on other websites without cookies.

Your rights and choices.

You have a number of rights in accordance with the data collected regards you, all requests for such data should be made to in writing to The Mill. Some of these rights are listed below.

Your right to be informed

Your right to access

Your right to rectification

Your right to erasure

Your right to be forgotten

Your right for data portability

Your right to object

You also have rights to:

Prevent your personal data being used for marketing purposes.

Have inaccurate personal data corrected, blocked or erased;

Object to The Mill using your personal data in ways that are likely to cause you damage or distress;

In certain circumstances you may have the right to restrict our use of your personal data;

Require that we delete your personal data; and

Require that we provide you, or anyone that you nominate, with a copy of any personal data you have given us in a structured electronic form (this may incur a reasonable charge).

You can find full details of your personal data rights on the Information Commissioner’s Office website at


Paul Jarrett / Clare Livens – The Mill

Paul Jarrett / Clare Livens – The Mill 

This policy was updated & reviewed in September 2022.