Privacy Policy

This privacy policy sets out how Middleton Hall uses, stores and protects your data. You can contact us with any queries about this policy by emailing or find out more via the Information Commissioner’s Office (ICO).

Use of collected information
Generally, visitors are informed of the use of their personal information at the time of collection. Normally, personal information provided or collected is used to respond to inquiries or to process requests.

Security of collected information
Middleton Hall maintains strict physical, electronic and administrative safeguards to protect user’s personal information from unauthorised or inappropriate access. Workers, affiliates and business partners who misuse a user’s personal information are subject to legal or disciplinary actions.

How we collect your personal data
We collect personal data over the telephone, via the website and in writing.

What data we collect
We may collect the following information:
Personal details (name, gender, date of birth, email, address, telephone etc.)
Family and spouse/partner, or next of kin details
Financial information (such as credit/debit card or direct debit details, and whether your donations are gift-aided)
Details of the ways in which you wish to be contacted by us

Your activities and involvement with Middleton Hall will result in personal data being generated. This could include:
Your visits to our website
Your booking history
We do not normally collect or store special categories of personal data. However, there are some situations where we may need to do so. These may include, for example, if we need to know about any access, medical or dietary requirements you, or someone in your care, may have for a promotional event you may be attending etc.

Why we collect this data
We collect your data in order to make your interaction with Middleton Hall as positive and easy as possible. We only ever use your personal data with your consent, or where it is necessary in order to:
Enter into, or perform, a contract with you
Comply with a legal duty
Protect your vital interests
Carry out a task in the public interest
For our own (or for a third party’s) legitimate interests, provided your rights do not override these interests

We also only ever use your data for the purpose or purposes for which it was obtained.

We use website cookies for a number of different reasons as listed below. You can manage these small files yourself and learn more about them from
To enable a service to recognise your device so you don’t have to give the same information again
To recognise that you have already given a username and password so you don’t need to enter it for every web page requested.

To measure how many people are using our services, so they can be made easier to use and so that there is enough capacity to ensure a speedy service
We use AddThis on our website so that you can share our content across email and social networks. These cookies allow us to anonymously track how many users recommend our web pages on social media
We use Google Analytics to collect information about how people use our website. We do this to make sure it’s meeting its users’ needs and to understand how we could do it better. Google Analytics stores information about what pages you visit, how long you are on the site, how you got here and what you click on. We do not allow Google to use or share our analytics data. This is a list of data stored by Google Analytics cookies:
_utma stores each user’s number of visits, time of the first visit, the previous visit and the current visit
_utmb and _utmc checks how long a visitor stays on the site: when a visit starts and ends
_utmz tracks where a visitor came from (search engine, search keyword, link)
_utmv and _utmd track visitor journeys through the site and classifies them into groups
These cookies each last different amounts of times:
_utma expires two years after your last visit to this site
_utmb expires 30 minutes after your visit, or after 30 minutes of inactivity
_utmc expires at the end of a session (when you close your browser)
_utmz expires six months after it was last set
_utmv (not set) expires immediately
_utmd (not set) expires immediately

How we store this data
We are committed to ensuring that your information is secure. In order to prevent unauthorised access or disclosure we have put in place suitable physical, electronic and managerial procedures to safeguard and secure the information we collect.
Electronic data and databases are stored on secure computer systems and we control who has access to information (using both physical and electronic means). Staff receive data protection training and we maintain a set of data protection procedures which our staff are required to follow when handling personal data.
We only store your data for as long as we need to, and in order to carry out various services for you. We continually review what information we hold and will delete personal data which is no longer required.

Online Security
All electronic forms that ask you for your financial data will use the Secure Sockets Layer (SSL) protocol to encrypt the data between your browser and our servers.
If you use a payment card to shop online, we will pass your payment card details securely to our payment provider. We comply with the payment card industry data security standard (PCI-DSS) published by the PCI Security Standards Council.

Third Parties
We will never sell your personal data.
We may share your personal data where required to do so for prevention of crime or for taxation purposes (for example, with the police, HMRC) or where otherwise required to do so by other regulators or by law (e.g. Companies House).
Our websites contain links to other external websites. We are not responsible for the content or functionality of any such websites. Please let us know if a link is not working by contacting

If a third-party website requests personal data from you (e.g. in connection with an order for goods or services), the information you provide will not be covered by this privacy policy. We suggest you read the privacy notice of any other website before providing any personal information.

Your rights
We want to ensure you remain in control of your personal data and that you understand your legal rights. These are:
The right to know whether we hold your personal data and, if we do so, to be provided with a copy of this (a “subject access request”) within one month
The right to have your data erased (though this will not apply where it is necessary for us to continue to use the data for a lawful reason)
The right to have inaccurate personal data rectified
The right to object to your personal data being used for marketing or profiling
If you would like further information on your rights or wish to exercise them, please contact us at or by writing to Middleton Hall, Middleton, Belford, Northumberland. NE70 7LF. You can read more about your rights in details at

Updates to this policy
This policy was last updated on 06 June 2018. We may amend this privacy policy from time to time to ensure it remains up to date and continues to reflect how and why we use your personal data. The current version of our policy is always available on our website.