The Publisher strives to use appropriate administrative, technical, and organisational means to protect Personal Data. To this end, it complies with the requirements of EU Regulation 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of individuals with regard to the processing of personal data and the free movement of data, as well as the provisions still in force of French Data Protection Act no. 78-17 of 6 January 1978.
As the purposes and the means of the processing are defined jointly by the Publisher within the context of the booking of the Hotel Services on the Website and by the Hotelier as part of the invoicing, payment and provision of the Hotel Services, they are considered to be jointly responsible for the processing.
The User must tick the specific box provided for this purpose, in order to agree to the collection and processing of his personal data. Failing this, he will be refused access to the website service.
If the User has reason to believe that his interactions on the Website are no longer secure, he must contact the Publisher by means of the details provided under the “Contact” heading.
a. Collection of personal data
The Publisher collects personal data relating to Users of the Website, that are strictly necessary for providing the Website Services, namely:
Identification data: Title, first name, last name, postal address (with post code, city, country), e-mail, telephone number, billing address, and, if applicable, age of children.
Usage history data: loyalty scheme membership, key dates, previous User stays or interactions, products and/or website services used, service requests and/or special arrangements:
- Membership or loyalty scheme data;
- Key dates;
- Stays or prior interactions as a guest, products and services purchased, service requests and special arrangements;
- Guest preferences and personalised data;
- Social network account identifiers, profile photo and other publicly available data, or information made available by linking to social network and loyalty accounts.
Personal data is collected:
- By means of online questionnaires that the User completes as part of the various requests for information put to him (Booking, Questionnaires, Guest Account Preferences, etc.);
- By incorporating data from the User’s account(s) into the Social Networks. To be implemented, this data integration must be expressly authorised by the User by validating the proposal made to this effect;
In addition to the collection of personal data defined above, data may also be collected during browsing on the Website via a cookie placed in the User’s and/or Visitor’s computer.
The cookie is a block of data that does not identify the User/Visitor but is used to record information relating to his browsing on the Website (pages viewed, date and time of viewing, etc.). Information that may be read by the Website during subsequent connections.
The User and/or the Visitor have the option to accept or oppose the storage of “cookies” by ticking the box provided for this purpose. The consent given is valid for 13 months.
The Publisher undertakes never to disclose the content of these “cookies” to third parties, unless by legal order.
b. Purpose of the collection and processing of personal data
Personal data are collected and processed by the Publisher in order to:
- Enable the User to book Hotel Services,
- Facilitate the execution by the Hotelier of the Hotel Services booked by the User,
- Optimise the management of the User’s satisfaction questions:
- Transfer and collect questionnaires pre- and post-stay,
- Access contact forms,
- Enable the offer to be adapted to the User’s preferences:
- Create an account,
- Request an estimate and other points of contact of the guest experience,
- Customer service,
- Facilitate the management of the loyalty scheme and Guest Management System
- Ensure that the Website content is presented in the most efficient way (display, browsing, etc.);
- Enable the User to participate interactively in the Website’s services, subject to his express and prior agreement;
- Inform the User of any change in the Website’s offer;
- Organise marketing operations, subject to the User’s express and prior agreement.
c. Storage of personal data
The collected personal data are stored in a secure database on the Publisher’s and/or Processor’s servers.
The Users’ personal data are stored:
- When a Hotel Service has been booked, for a period of five years, corresponding to the common law limitation period in contractual matters (Article 2224 of the French Civil Code);
- When no Hotel Service has been booked, for a period of three years, for commercial offers
- Credit card details are not saved or stored on the Website’s databases.
d. Transfer of personal data
In order to fulfil the purposes referred to in paragraph “b” of this article, the collected personal data may be transferred to third parties, in particular:
- Hoteliers, for the provision of the Website Service,
- the banking platform, to create online fingerprints,
- online hotel booking platforms, including TravelClick,
- commercial partners (travel agencies, all operators, etc.)
The User is informed that as part of the transfer of data required to provide the Website Service, Personal Data may be communicated to persons located outside the European Union (hereinafter “EU”) and/or the European Economic Area (hereinafter “EEA”).
The confirmation of these GTCU includes the User’s express authorisation for the transfer of his data outside the EU and EEA, for the sole purpose of providing the Website Service. In this case, the Publisher will ensure that the User’s personal data is transferred as part of a data transfer agreement drawn up on the basis of the standard contractual clauses adopted by the European Commission or by a supervisory authority with approval from the European Commission.
e. User’s rights
The User has all the rights provided by the French Data Protection Act of 6 January 1978 and the General Data Protection Regulation (EU Regulation 2016/679 of 27 April 2017), right of access, rectification, opposition, right to be forgotten, right to limit processing, right to portability, information and communication.
The User exercises all of his rights with the Data Controller, at the addresses listed in point 1.
Within the context of the right to information and communication, any communication of a copy of the collected data, beyond the first one which is free, will be billed at €200.
f. Hypertext links