Book on our website and enjoy the best rates on our rooms.

FRBook Now
Book NowFR

Réservez sur notre site et profitez de la meilleure tarification sur nos chambres.

Book Now
Privacy Policy

Privacy Policy

1. Preamble

 

The purpose of this Privacy Policy is to inform users about how their Personal Data is collected from the Site, how it is processed by the Publisher, and finally the rights available to users regarding these processing operations as defined below.

 

 

2. Definitions

 

The following terms, whether used in the singular or plural in this Privacy Policy, shall have the following meaning:

 

  • Intermediate Archiving: refers to the transfer of Personal Data that still has administrative value for the Publisher (for example in the event of a dispute and/or a legal obligation) to a separate database, logically or physically separated, and for which access is restricted in any case. This archive is an intermediate step before the deletion of the Personal Data concerned or its anonymization.
  • Privacy Policy: refers to this privacy and Personal Data protection policy for users implemented by the Publisher.
  • Personal Data: refers to the user’s personal data collected and processed by the Publisher and as defined in the Privacy Policy.
  • Specific Rights: refer to the rights granted by the Personal Data Regulations to users regarding the processing of their Personal Data.
  • Personal Data Regulations: refers to Law No. 78-17 of January 6, 1978 relating to information technology, files and freedoms, amended by Law No. 2018-493 of June 20, 2018 relating to the protection of personal data, pursuant to the Community Regulation of April 27, 2016 published in the Official Journal of the European Union on May 4, 2016 relating to the protection of natural persons with regard to the processing of personal data and the free movement of such data (known as the “GDPR” for General Data Protection Regulation).
  • Device(s): refers to the hardware equipment (computer, tablet, smartphone, telephone, etc.) used by the user to consult or view the Site and/or any other digital medium published by a third party.
  • User: refers to all Internet users and visitors to the Site.

 

 

3. The legal bases for processing carried out by the Publisher

 

In accordance with the Personal Data Regulations, the processing operations referred to in this Privacy Policy are supported by a specific legal basis.

 

Use of the website is necessarily governed by a contractual relationship between the user and the Publisher, serving in particular as the legal basis for the collection and processing of the user’s Personal Data for the proper functioning of the Site and the provision of the associated services.

 

The processing of Personal Data may also be necessary to comply with a legal obligation to which the Publisher may be subject.

 

The processing of the user’s Personal Data may finally be necessary for the purposes of the legitimate interests pursued by the Publisher or by a third party, unless the interests or fundamental rights and freedoms of the user, which require the protection of Personal Data, prevail, particularly when the user is a child.

 

The processing of the user’s Personal Data that is strictly necessary for fraud prevention purposes constitutes, for example, a legitimate interest of the Publisher.

 

In the event of processing based on the legitimate interest of the Publisher or of a third party, the Publisher ensures that the processing in question is necessary for the achievement of its legitimate interest and assesses the consequences of this processing for the user, in particular by taking into account the nature of the Personal Data processed and the way in which it is processed.

 

In any case, the Publisher ensures that it does not disregard the interest or fundamental rights and freedoms of the user by allowing the user, at any time, to object to all or part of the processing described in this Privacy Policy, as well as to exercise their Specific Rights, under the conditions of Article 9 below.

 

 

4. The purposes of the processing carried out by the Publisher

 

The user’s Personal Data is necessary to allow them to access the Site, use it and improve it, and to allow the Publisher to provide any services detailed on the Site.

The operations described below are not intended to establish profiles likely to reveal so-called sensitive Personal Data, such as racial or ethnic origins, philosophical, political, trade union or religious opinions, sexual life or health, nor are they intended to produce automated decisions by the Publisher.

 

 

5. Storage of Personal Data

 

The Site is hosted by the company OVH.

 

All precautions have been taken to store users’ Personal Data in a secure environment and to prevent it from being distorted, damaged, or accessed by unauthorized third parties. The information transmitted by the user will never be transmitted to third parties for commercial purposes, nor sold, nor exchanged.

 

 

6. Collection of Personal Data on the Site

 

The Publisher collects the Personal Data that the user voluntarily enters on the Site.

 

This Personal Data is kept by the Publisher for a period of two (2) years in the active database, from the time it is communicated through the Site.

 

The Personal Data concerned is then kept in Intermediate Archiving for an additional period of three (3) years in accordance with the standard limitation period.

 

Where applicable, the Publisher may decide to keep this Personal Data for a longer period in legal Intermediate Archiving, to comply with a legal obligation (for example Article L.123-22 of the French Commercial Code, which provides that “Accounting documents and supporting documents are kept for ten years”) or to allow it to establish proof of a right or a contract.

 

Only the Personal Data identified on the Site as mandatory is essential to benefit from the services provided by the Site.

 

 

7. Recipients or categories of recipients of Personal Data

 

The user’s Personal Data is communicated to the Publisher’s subcontractors, namely:

 

  • AYS (Klixi), a simplified joint-stock company with capital of 50,000 Euros, whose registered office is located at 18, rue de Londres 75009 Paris – France, registered with the Paris Trade and Companies Register under number 535 351 472.
    • Functionality: Developer and tool for the management and administration of the Site by the Publisher.
    • Transfer of data outside the EU and specific safeguards: No.
  • Amazon Web Services LLC (AWS), P.O. Box 81226 Seattle, WA 98108-1226.
    • Functionality: Site host.
    • Transfer of data outside the EU and specific safeguards: Yes – Privacy Shield.

 

If applicable:

 

  • Stripe Payments Europe, Ltd, 1 Grand Canal Street Lower, Grand Canal Dock, Dublin, Ireland.

    • Functionality: Payment module.
    • Transfer of data outside the EU and specific safeguards: No.

  • Mandrill, The Rocket Science Group, LLC, 675 Ponce de Leon Ave NE Suite 5000, Atlanta, GA 30308 USA.

    • Functionality: Allows the Publisher to send email campaigns to users who have entered their email address.
    • Transfer of data outside the EU and specific safeguards: Yes – Privacy Shield.

  • TextMagic, TEXTMAGIC LTD, Salisbury House Station Road, Cambridge CB1 2LA, United Kingdom, VAT Reg No: GB851556810, Company No: 05286521.

    • Functionality: Allows the Publisher to send SMS campaigns to users who have entered their telephone number.
    • Transfer of data outside the EU and specific safeguards: No.

  • Stuart, SRT GROUP, 8 avenue des Ternes, 75017 Paris.

    • Functionality: Allows the Publisher to use Stuart as a fast delivery method.
    • Transfer of data outside the EU and specific safeguards: Not Communicated.

  • TacTill, 8 Bis Chemin de la Justice, 91940 Gometz-le-Châtel.

    • Functionality: Allows the Publisher to receive e-commerce orders placed on the Website directly on its TacTill cash register.
    • Transfer of data outside the EU and specific safeguards: No.

  • Fülle, SARL FULLE, 85 Impasse Leydier, 38850 Saint-Chef.

    • Functionality: Allows the Publisher to benefit from Fülle services.
    • Transfer of data outside the EU and specific safeguards: No.

  • Snapshift, SNAPSHIFT SAS, 21 Rue La Boétie, 75008 Paris.

    • Functionality: Allows the Publisher to benefit from Snapshift services.
    • Transfer of data outside the EU and specific safeguards: No.

 

The Publisher regularly ensures that these recipients comply with the Personal Data Regulations. The Publisher undertakes not to disclose, transfer or transmit the user’s Personal Data without their prior consent and not to use it for reasons not provided for in this Privacy Policy.

 

 

8. User rights

 

In accordance with the Personal Data Regulations, the user has the Specific Rights listed below:

 

  • Right to object: The user may object at any time, on grounds relating to their particular situation, to the processing of Personal Data concerning them based on the legitimate interest of the Publisher. They may also object to the processing of Personal Data concerning them for prospecting purposes.
  • Right to withdraw consent: When the processing is based on the user’s consent, the user has the right to withdraw their consent at any time.
  • Right of access: The user has the right to obtain from the Publisher confirmation as to whether or not their Personal Data is being processed and, where it is, to obtain access to their Personal Data as well as certain information, in particular on the purposes of the processing, the categories of Personal Data concerned, etc.
  • Right to rectification: The user has the right to obtain from the Publisher, as soon as possible, the rectification of inaccurate Personal Data concerning them. The user also has the right to have incomplete Personal Data completed, including by providing an additional statement.
  • Right to erasure: In certain cases, the user has the right to obtain from the Publisher the erasure of their Personal Data, for example when the Personal Data is no longer necessary for the purposes for which it was collected.
  • Right to restriction of processing: In certain cases, the user has the right to obtain from the Publisher the restriction of the processing of their Personal Data.
  • Right to portability: The user has the right to receive the Personal Data concerning them that they have provided to the Publisher, in a structured, commonly used and machine-readable format, and they have the right to transmit this Personal Data to another controller (for example, another website) without the Publisher preventing them from doing so.

 

These Specific Rights may be exercised by the user by sending an email to info@chateaurepotel.com.

 

The user also has the right to provide general or specific instructions regarding the fate of their Personal Data after their death.

 

 

9. Security of Personal Data

 

The Publisher implements all necessary technical and organizational measures to protect users’ Personal Data against unauthorized access, alteration, disclosure or destruction.

 

These measures include, in particular, data encryption, restricted access management, and the archiving of Personal Data under high-security conditions.

 

 

10. Changes to the Privacy Policy

 

The Publisher reserves the right to modify this Privacy Policy in order to adapt it to legislative and regulatory developments, as well as to changes related to the processing of Personal Data carried out. Users are advised to consult this Privacy Policy regularly in order to be informed of any changes.