At Litua House (trading under LITUA Ltd), we are committed to protecting and respecting your privacy. This policy explains when and why we collect personal information about our guests and visitors, how we use it, the conditions under which we may disclose it to others, and how we keep it secure.

1. Who we are
   LITUA Ltd Litua House, a self-catering holiday accommodation in Arisaig, Scotland. Our registered address is:
   Litua, Back of Keppoch, Arisaig 
2.  You can contact us at: lituaholidays@gmail.com | 07780197772

1. What information we collect
   We may collect the following personal data when you make a booking or contact us:
   
   

• Name
  
  
• Address
  
  
• Email address
  
  
• Telephone number
  
  
• Payment details (processed securely via [payment processor e.g., Stripe/Bank Transfer — we do not store card details])
  
  
• Details of your booking (dates of stay, number of guests)
  
  
• Special requirements (e.g., dietary, accessibility, or pet-related)
  
  

1. How we use your information
   We collect and use your personal data to:
   
   

• Process and manage your booking
  
  
• Communicate with you before, during and after your stay
  
  
• Comply with legal obligations (e.g., record-keeping)
  
  
• Improve our services and guest experience
  
  

1. Lawful basis for processing
   We process your data under the following lawful bases:
   
   

• Contract: To fulfil our contract with you (managing your booking)
  
  
• Legal obligation: To comply with relevant laws (e.g., accounting)
  
  
• Legitimate interests: To provide customer service and improve our services
  
  

1. Sharing your information
   We do not sell or share your personal data with third parties for marketing purposes. We may share your information with:
   
   

• Service providers (e.g., payment processors, cleaners or maintenance personnel if relevant to your stay)
  
  
• Legal authorities if required by law
  
  

1. How long we retain your data
   We retain your personal data only as long as necessary to:
   
   

• Fulfil your booking
  
  
• Comply with legal, accounting, or reporting obligations (typically up to 6 years)
  
  

1. Your rights
   You have rights under UK GDPR, including:
   
   

• Right to access the personal data we hold about you
  
  
• Right to rectify inaccurate data
  
  
• Right to erase data (where applicable)
  
  
• Right to restrict or object to processing (where applicable)
  
  
• Right to data portability (in certain circumstances)
  
  

To exercise any of these rights, please contact us at [Insert Email].

1. Security
   We take appropriate measures to safeguard your data, including secure servers, encrypted communications, and restricted access to personal information.
   
   
2. Cookies and website usage (if you have a website)
   Our website [insert website URL] may collect anonymised usage data (e.g., via cookies or Google Analytics) to help us improve our site. You can control cookies through your browser settings.
   
   
3. Changes to this policy
   We may update this policy occasionally. The latest version will always be available on our website or upon request.
   
   

Complaints
If you are unhappy with how we handle your data, you have the right to lodge a complaint with the Information Commissioner’s Office (ICO) at www.ico.org.uk.