PRIVACY POLICY
LES TROIS AILES
b. How we use the data we collect
c. Who has access to the data collected
d. The rights of the users of the site
e. The site's cookie policy
This privacy policy operates in conjunction
with our site's terms and conditions of use.
Applicable laws
In accordance with the General Data Protection Regulation (GDPR),
this privacy policy complies with the following regulations.
Personal data must be:
a. processed lawfully, fairly and transparently
with regard to the data subject (lawfulness, fairness, transparency) ;
b. collected for specified, explicit
and legitimate purposes and not further processed
in a way incompatible with those purposes;
further processing for archival purposes in the public interest,
for scientific or historical research purposes
or for statistical purposes shall not be considered,
in accordance with Article 89(1),
as incompatible with the original purpose (purpose limitation);
c. adequate, relevant and limited to what is necessary for the purposes
for which they are processed (data minimisation);
d. accurate and, where necessary, kept up to date;
every reasonable step must be taken to ensure that personal data
which are inaccurate, having regard to the purposes for which they are processed, are erased or rectified without delay (accuracy);
e. kept in a form which permits identification of data subjects
for no longer than is necessary for the purposes
for which they are processed; personal data may be kept for longer periods insofar as they are processed exclusively for archival purposes in the public interest, for scientific or historical research purposes or for statistical purposes
in accordance with Article 89(1), provided that appropriate technical and organisational measures required by the Regulation are implemented to safeguard the rights and freedoms of the data subject
(limitation of retention) ;
f. processed in such a way as to ensure appropriate security
of personal data, including protection against unauthorised or unlawful processing and against accidental loss, destruction or damage,
by means of appropriate technical or organisational measures
(integrity and confidentiality).
Processing shall be lawful only if and insofar as at least one
of the following conditions is met
a. the data subject has consented to the processing of his/her personal data
for one or more specific purposes
b. processing is necessary for the performance of a contract to which the data subject is party or for the performance of pre-contractual measures taken at the request of the data subject;
c. processing is necessary for compliance with a legal obligation
to which the controller is subject;
d. processing is necessary in order to protect the vital interests of the data subject or of another natural person;
e. processing is necessary for the performance of a task carried out in the public interest or in the exercise of official authority vested in the controller
f. processing is necessary for the purposes of the legitimate interests pursued by the controller or by a third party, unless the interests or fundamental rights and freedoms of the data subject which require the protection of personal data prevail, in particular where the data subject is a child.
For residents of the State of California, this privacy policy is intended to comply with the California Consumer Privacy Act (CCPA). If there are any inconsistencies between this document and the CCPA, state law will apply.
If we find any inconsistencies, we will modify our policy to comply
with the relevant law.
Consent
Users agree that by using our site, they consent to:
a. the terms and conditions set out in this Privacy Policy; and
b. the collection, use and retention of the data listed in this policy.
Personal data we collect
Data collected automatically
We do not collect any data automatically on our site.
Data collected non-automatically
We may also collect the following data when you perform
certain functions on our site:
a. First name and surname
b. Email
c. Autofill data
This data can be collected using the following methods:
Contact form
Please note that we only collect data that helps us achieve the purpose stated in this privacy policy. We will not collect any additional data without informing you first.
How we use personal data
Personal data collected on our site will only be used for the purposes specified in this policy or as indicated on the relevant pages of our site.
We will not use your data beyond what we disclose.
The data we collect when the user performs
certain functions may be used for the following purposes:
a. Communication
b. Booking
With whom we share personal data
Employees
We may disclose to any member of our organisation such user data as is reasonably necessary to fulfil the purposes set out in this policy.
Third Parties
We may share User Data with the following third parties:
a. emailing/newsletters
b. booking
Third parties will not be able to access user data beyond what is reasonably necessary to achieve the given purpose.
Other disclosures
We will not sell or share your data with third parties,
except in the following cases
a. if required by law
b. if it is required for any legal proceedings
c. to prove or protect our legal rights
d. to purchasers or potential purchasers of this company in the event that we seek to sell the company.
If you follow hyperlinks from our site to another site,
please note that we are not responsible for and have no control over their privacy policies and practices.
How long we store personal data
We do not retain user data beyond what is necessary to fulfill the purposes for which it is collected.
How we protect your personal data
To ensure your security is protected, we use transport layer security
protocol to transmit personal information through our system.
All data stored in our system is well secured and is only accessible to our employees. Our employees are bound by strict confidentiality agreements and a breach of this agreement would result in the dismissal of the employee.
While we take all reasonable precautions to ensure that our user data is secure and that users are protected, there is always a risk of harm. The internet as a whole can be, at times, insecure and therefore we are unable to guarantee the security of user data beyond what is reasonably practical.
Minors
The GDPR specifies that persons under the age of 15 are considered minors
for the purposes of data collection. Minors must have the consent of a legal representative for their data to be collected, processed and used.
Your rights as a user
Under the GDPR, users have the following rights as data subjects:
a. right of access
b. right of rectification
c. right to erasure
d. right to restrict processing
e. right to data portability
f. right to object
You can find more information on these rights in Chapter 3
(art 12-23) of the GDPR.
How to amend, delete or challenge the data collected
If you would like your information deleted or amended in any way, please ask us:
by e-mail:
direction@hotel-lesmessugues.com
by post :
Hotel Les Messugues
76, Impasse des Messugues - 06570 Saint-Paul-de-Vence
Cookie policy
A cookie is a small file, stored on a user's hard drive by the website.
Its purpose is to collect data about the user's browsing habits.
We use the following types of cookies on our site:
Functional cookies
We use them to remember any selections you make on our site so that they are saved for future visits.
You can choose to be notified each time a cookie is sent.
You can also choose to disable cookies entirely in your web browser, but this may reduce the quality of your user experience.
Changes
This privacy policy may be amended from time to time to maintain compliance with the law and to reflect any changes to our data collection process.
We recommend that our users check our policy from time to time to ensure that they are aware of any updates.
If necessary, we may notify users by email of changes to this policy.
Contact
If you have any questions for us,
Do not hesitate to contact us
by email :
direction@hotel-lesmessugues.com
by mail :
Hotel Les Messugues
76, Impasse des Messugues - 06570 Saint-Paul-de-Vence
Effective date:
August 9, 2021