BEST Small Hotels Privacy Policy

It's very simple: we do not record any personally identifiable information when you use our website.

But let's expand a little bit, in case you're interested:

Secure Server Technology

Although we don't ask for any information from you, for extra security all communication between your computer and our server uses "Secure Sockets Layer" technology. This essentially means that everything is encrypted with a 256 bit code before it is transmitted through the internet. You should see the "https" prefix on our site name and the little padlock symbol. Our security certification is provided by AlphaSSL.

Our Partners

If you want to check availability and prices or make a booking, you will be transferred to one of our partners. We only work with them because we have checked that they maintain the same high standards of security that we do but we do recommend you check for the "https" and the padlock when you use their pages.


We do not carry any outside advertising on our websites.


We use a few cookies to make our website perform it's necessary functions. We don't use tracking cookies or anything underhand like that. See our cookies policy for more details.


We may send an occasional newsletter to e-mail addresses that have opted-in to our sister site, or via our own page. You can unsubscribe from the newsletter mailing list by clicking a link at the bottom of the newsletter. Then no more newsletters will be sent to that address. We never allow anyone else to use our mailing list.

General Data Protection Regulation (GDPR)

Under the new rules that come into force in May 2018, we are required to document certain points about the way we handle and process personal data. Most of the really relevant points are covered above, but below we include some extra things that are mandated by the GDPR.

Lawful Basis for Processing

Article 6 of the GDPR says that we must have one of the six lawful bases for processing personal data. The lawful base that we have selected as most appropriate is "Consent". This means that the individual has given clear consent for us to process their personal data for a specific purpose. At the moment we don't process and personally identifiable data but we are placing this note here just in case anything should change in the future.

Individual Rights

Under the GDPR you have the right to know what personal data we hold and what we do with it, and also ask us to delete the data. As we've already said, we don't record or process any personal data Obviously, being an EU Regulation, there are pages and pages of detail on this. If you want to see the full detail you will find it on the Information Commissioner's Office website. Meanwhile our aims are simple: to be fully open, transparent and helpful to you.