Skip to main content

Newsletter

Sign up to hear about events, news and updates from NOKO Retreats.

* indicates a required field
Thank you for subscribing!
Something went wrong while submitting the form.

Privacy Policy

Last updated: 1st May 2026

This Privacy Policy describes how NOKO Retreats (“we”, “us”, “our”), operated by Suffolk Spa Retreats Ltd, collects, uses, and protects your personal data when you visit or interact with our website:
https://nokoretreats.com/

1. Business Information

Suffolk Spa Retreats Ltd
Lake View, Church Rd
Ringsfield, Ringsfield Corner
Beccles NR34 8NT
United Kingdom

Email: info@nokoretreats.com

2. What Personal Data We Collect

We may collect the following personal data:

  • Full name
  • Email address
  • Phone number
  • Address (including city, postcode, and region)
  • Enquiry messages submitted via forms

We only collect personal data that is necessary to provide our services or respond to enquiries.

3. How We Collect Data

We collect data when you:

  • Submit an enquiry through our website
  • Make a booking or purchase services
  • Subscribe to marketing communications
  • Interact with our website (via cookies and analytics tools)

4. Lawful Bases for Processing

We process personal data under the following lawful bases:

Legitimate Interests
  • Responding to enquiries
  • Managing bookings and customer relationships
  • Improving our website and services through analytics
Consent
  • Sending marketing communications
  • Placing non-essential cookies (analytics and marketing)

You may withdraw consent at any time.

5. How We Use Your Data

We use your data to:

  • Respond to enquiries
  • Manage bookings and provide services
  • Communicate with you regarding your booking or enquiry
  • Send marketing communications (where you have consented)
  • Improve website performance and user experience
  • Deliver relevant advertising and remarketing

6. Payments and Bookings

Bookings and payments are processed through SuperControl.

We do not store your payment details directly.
For more information, please review their privacy policy:
https://www.supercontrol.co.uk/policies/privacy/

7. Marketing Communications

We use Mailchimp to send marketing emails.

  • You will only receive marketing emails if you opt in
  • You can unsubscribe at any time via the link in any email

8. Analytics and Advertising

We use the following services:

  • Google Analytics
  • Google Ads (remarketing)
  • Facebook (remarketing)

These services may collect information such as device data, browsing behaviour, and interactions with our website.

9. Cookies

We use cookies and similar technologies to:

  • Ensure the website functions properly
  • Analyse usage
  • Support marketing and remarketing efforts

Cookies used on our website fall into the following categories:

  • Necessary cookies – required for core functionality, including booking features
  • Analytics cookies – used to understand how visitors interact with our website
  • Marketing cookies – used for advertising and remarketing

Some cookies may be set by third-party services embedded on our website, including:

  • Elfsight (instagram & tripadvisor widgets)
  • SuperControl (booking functionality)

These services may place cookies or collect limited technical data (such as device or interaction data) when their features are used.

We use a GDPR-compliant consent tool to manage cookie preferences. You can accept or reject non-essential cookies and update your preferences at any time.

10. Data Sharing

We only share your personal data with trusted third parties where necessary:

  • SuperControl (booking and payments)
  • Mailchimp (email marketing)
  • Google (analytics and advertising)
  • Facebook (advertising and remarketing)
  • Webflow (website hosting and form processing)

Embedded tools such as Elfsight widgets and SuperControl booking components may also set cookies or process limited technical data when loaded on the website.

We do not sell your personal data.

11. International Data Transfers

Some of our service providers may process personal data outside the United Kingdom.

Where this occurs, we ensure that appropriate safeguards are in place to protect your personal data in accordance with UK data protection laws.

12. Data Retention

We retain personal data only for as long as necessary:

  • Enquiry data: up to 12 months after last contact
  • Booking and transaction data: up to 6 years to comply with legal and tax obligations
  • Marketing data: until you unsubscribe or withdraw consent

13. Your Data Protection Rights

Under UK GDPR, you have the right to:

  • Access your personal data
  • Request correction of inaccurate data
  • Request deletion of your data
  • Restrict or object to processing
  • Request data portability
  • Withdraw consent at any time

To exercise your rights, contact: info@nokoretreats.com

You also have the right to lodge a complaint with the UK Information Commissioner’s Office (ICO).

14. Children’s Privacy

Our services are intended for individuals aged 18 and over.
We do not knowingly collect personal data from children.

15. Data Security

We take appropriate technical and organisational measures to protect personal data, including secure hosting and controlled access to systems.

16. Contact Us

If you have any questions about this Privacy Policy or your data:

Email: info@nokoretreats.com

Post:
Lake View, Church Rd
Ringsfield, Ringsfield Corner
Beccles NR34 8NT
United Kingdom

17. Updates to This Policy

We may update this Privacy Policy from time to time.
Any changes will be posted on this page with an updated revision date.