CLIFF Privacy Policy

CLIFF group is committed to protecting your privacy and data you provide us with. We would like to assure you; the data will be kept private and secure and will only be used to provide the service you request from us.

CLIFF privacy policy covers the following properties and all CLIFF group subsidiaries and affiliates – Cliff House Hotel in Ardmore, Cliff Townhouse in Dublin and Cliff at Lyons in Co. Kildare. Please note, information may be shared between the properties.

Under the current General Data Protection Regulations, we are obliged to inform you of the following:

Data you provide us with

When you complete a booking, send us an email, sign up to our newsletter or communicate with us in any way, you are voluntarily giving us information that we collect. Information may include your name, email address, job title, postal address, phone number, credit card information, IP address as well as other demographical information such as gender, location, purchase history, preferences and interests.

By giving is this information, you consent to this information being collected, used, transferred or stored by the property or our third-party providers. In the interest of your privacy, we only collect, use and retain information reasonably required for our legitimate business interests, such as processing bookings or providing you with marketing materials.

Data we collect

As you browse our web sites, online ad networks we work with may place anonymous cookies on your computer, and use similar technologies, to understand your interests based on your (anonymous) online activities, and thus to tailor more relevant ads to you.

If you do not wish to receive such tailored advertising, you can opt out of most companies that engage in such advertising. (This will not prevent you from seeing ads; the ads simply will not be delivered through these targeting methods.

Data we share with Third Party Providers

We may share your personally identifiable data with the service providers including payment processors to ensure secure credit card transactions, hosting services, email service providers (marketing emails and newsletters if you have agreed to receive such newsletters), advertising partners, our business partners, suppliers and sub-contractors who we engage with to improve our websites, legal authorities when we are lawfully required to do so.

On occasions, CCTV footage may be requested from us by an Garda Síochána for crime prevention and public safety.

Data Retention Period

Data Protection Act stipulates that personal information should not be kept longer than necessary for the purpose it was collected. The information you share with us when using our services, will be kept by the CLIFF group in alignment with this. We will store guest profiles for 2 years.

Ways we protect your data

Your personal information is contained behind secured networks and is only accessible by a limited number of persons who require to have special rights to such systems. Transactions and credit card information are processed through a gateway provider and are stored securely.

Privacy Policy

Third Party Websites

Communications, information or materials you submit to us via a social media platform is done on your own risk without any expectation of privacy. We are not able to control the actions of other users of these platforms or the actions of the platforms themselves. Your interaction with those features and platforms are governed by the privacy policy of the companies that provide them.

GDPR Lawfulness of Processing 

  1. Processing shall be lawful only if and to the extent that at least one of the following applies:
      1. the data subject has given consent to the processing of his or her personal data for one or more specific purposes;
      2. processing is necessary for the performance of a contract to which the data subject is party or in order to take steps at the request of the data subject prior to entering into a contract;
      3. processing is necessary for compliance with a legal obligation to which the controller is subject;
      4. processing is necessary in order to protect the vital interests of the data subject or of another natural person;
      5. processing is necessary for the performance of a task carried out in the public interest or in the exercise of official authority vested in the controller;
      6. processing is necessary for the purposes of the legitimate interests pursued by the controller or by a third party, except where such interests are overridden by the interests or fundamental rights and freedoms of the data subject which require protection of personal data, in particular where the data subject is a child.

    Point (f) of the first subparagraph shall not apply to processing carried out by public authorities in the performance of their tasks.

  2. Member States may maintain or introduce more specific provisions to adapt the application of the rules of this Regulation with regard to processing for compliance with points (c) and (e) of paragraph 1 by determining more precisely specific requirements for the processing and other measures to ensure lawful and fair processing including for other specific processing situations as provided for in Chapter IX.
  3. The basis for the processing referred to in point (c) and (e) of paragraph 1 shall be laid down by:
      1. Union law; or
      2. Member State law to which the controller is subject.

    The purpose of the processing shall be determined in that legal basis or, as regards the processing referred to in point (e) of paragraph 1, shall be necessary for the performance of a task carried out in the public interest or in the exercise of official authority vested in the controller. That legal basis may contain specific provisions to adapt the application of rules of this Regulation, inter alia: the general conditions governing the lawfulness of processing by the controller; the types of data which are subject to the processing; the data subjects concerned; the entities to, and the purposes for which, the personal data may be disclosed; the purpose limitation; storage periods; and processing operations and processing procedures, including measures to ensure lawful and fair processing such as those for other specific processing situations as provided for in Chapter IX4The Union or the Member State law shall meet an objective of public interest and be proportionate to the legitimate aim pursued.

  4. Where the processing for a purpose other than that for which the personal data have been collected is not based on the data subject’s consent or on a Union or Member State law which constitutes a necessary and proportionate measure in a democratic society to safeguard the objectives referred to in Article 23(1), the controller shall, in order to ascertain whether processing for another purpose is compatible with the purpose for which the personal data are initially collected, take into account, inter alia:
    1. any link between the purposes for which the personal data have been collected and the purposes of the intended further processing;
    2. the context in which the personal data have been collected, in particular regarding the relationship between data subjects and the controller;
    3. the nature of the personal data, in particular whether special categories of personal data are processed, pursuant to Article 9, or whether personal data related to criminal convictions and offences are processed, pursuant to Article 10;
    4. the possible consequences of the intended further processing for data subjects;
    5. the existence of appropriate safeguards, which may include encryption or pseudonymisation.

Subject Access Requests

To request your personally identifiable data to be removed, please contact us by emailing

If you wish to stop receiving email newsletters, click on the unsubscribe link on any of the newsletters. We will retain your information for as long as required to deliver your service, agreement or to resolve any issues. Please note that we cannot always delete records of all historical data, as we are required to retain certain records for financial and compliance reasons.

Lyons Tales


Discover More

Stay in touch for the latest offers and news with the Cliff newsletter

Thank you for your interest in subscribing to the Cliff at Lyons newsletter. Please complete the sign up process in the email we have sent to you. Back to home page