PREAMBULEThe company HOTEL VENDÔME undertakes to ensure that the collection and processing of your data is carried out in a lawful, fair and transparent manner, in accordance with the General Data Protection Regulation (RGPD) and Law No. 78-17 of 6 January 1978 relating to information technology, files and freedoms. The collection of personal data of its customers is limited to what is strictly necessary, in accordance with the principle of data minimisation, and indicates what purposes are pursued by the collection of this data, whether providing this data is optional or mandatory to manage requests and who will be able to see it.
I. About usThe company HOTEL VENDÔME is a SAS whose registered office is located at 17-19 Rue du Maroquin – BP 39, 67000 Strasbourg. Code APE 5510 Z The Company offers the following services:
- Hotel accommodation service (4 stars) and catering service
II. Definitions“Site” means the Company’s website, namely, hotel-vendome-nice.com “Cookies”: A cookie is a piece of information deposited on the hard disk of an Internet user by the server of the site he/she is visiting. It contains several pieces of data: the name of the server that deposited it, an identifier in the form of a unique number or a text and possibly an expiry date. This information is sometimes stored on the computer in a simple text file that a server accesses to read and record information. “Personal data” means any information relating to an identified natural person or a person who can be identified, directly or indirectly, by reference to an identification number or to one or more factors specific to that person. This is, for example, the User’s e-mail address. “Customer” means any natural or legal person who makes a reservation on the Site, with our partner service providers (e.g. Booking.com) or directly with the receptionist on duty at the establishment whose address is indicated in Article I ; “Reservation” means any reservation made by the User, Client, Professional, Consumer in order to benefit from the Company’s Services; “General Terms and Conditions of Sale and Use” or “GTC/UGU” means the general terms and conditions of sale and use of the Company; “Consumer” means the buyer who is a natural person who is not acting for professional purposes and/or outside of his professional activity; “Professional” means the buyer who is a legal or natural person acting in the course of his professional activity ; “Services” means all services and/or products offered to Customer and Professional Users by the Company through the Sites held by the Company; “Company” means the Company SAS HOTEL VENDÔME, more fully described in Article I hereof; “User” means any person who makes use of the Site. “Account” means the client’s personal space with the Company’s partner service providers. “Quote” means a quote produced by the Company for a specific, tailor-made service requested by the Client “RGPD” means the General Regulation on the Protection of Personal Data applicable from 25 May 2018. “Processing of personal data” means any operation or set of operations concerning such data, regardless of the process used (collection, recording, organisation, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, blocking, erasure or destruction…)
III. Protection of Personal DataIn accordance with the law known as “Informatique et Libertés” of 6 January 1978 and the General Data Protection Regulation 2016/679 (RGPD), the information concerning you is intended for the Company, which is responsible for processing. You have the right to access, rectify and delete data concerning you (details in article 7). You may exercise this right by sending an email to [email protected] By connecting to the Company’s hotel-vendome-nice.com website, you are accessing content protected by law, in particular by the provisions of the Intellectual Property Code. The Company only authorises strictly personal use of the information or content you access, limited to saving it on your computer for the purpose of displaying it on a single screen, as well as reproduction, where authorised (link or download button) for copying or printing on paper. Any other use is subject to our express prior authorization. By continuing your visit, you agree to respect the above restrictions. The Company commits its Clients, Users, Consumers and Professionals to respecting the laws in force and the ethical rules of practice necessary to establish a relationship of trust between the Company and its Clients, Users, Consumers and Professionals. The Company commits its Users to respecting a set of obligations through its GTC/GU. Any breach of these obligations may result in the cancellation without notice of a reservation made on the Company’s website or directly with the Hotel Le Champlain. PLEASE NOTE THAT THE COMPANY DOES NOT EXCHANGE OR RENT OUT ANY OF ITS CLIENT AND PROSPECT FILES. The Company’s website is not intended for minors. We do not knowingly collect or process personal data relating to minors. In the event that we become aware of the collection of personal data of minors without the prior authorisation of the holder of parental authoritý, we will take the appropriate measures to delete such personal data from our servers. 1. Controller. The person responsible for processing the personal data referred to herein is Sandra DELON, Director of hotel le Champlain whose company information is stipulated in Article 1 on this page. 2. Nature of the Data Collected User information and rights The company hereby clearly informs you about the processing of personal data that it implements in the context of its activity, how the data is collected, used and protected. Any User, Client, Consumer, Professional has the right to request from the controller, i.e. Sandra DELON Access to the personal data provided ;
- The rectification or deletion thereof;
- A limitation of the processing relating to her person;
- To object to the processing;
- To the portability of data;
- To lodge a complaint with the CNIL.
- Provide and facilitate our services, including conducting checks on you to do so;
- Resolve any problems to improve the use of our site and services;
- Customise, evaluate, improve our services, content and documentation;
- Analyze the volume and history of your use of the Company’s services;
- To inform you about the Company’s services;
- Prevent, detect and investigate any potentially prohibited and illegal or unethical activities, and ensure compliance with the Company’s T&Cs/GUA;
- Comply with our legal and regulatory obligations.
- For customers who have made a booking directly on the website, by telephone or via the Company’s partner service providers, we process their data for the performance of the service contract.
- For our newsletter, we process your personal data on the basis of the explicit consent you have given to this effect.
VII. Recipients of DataThe personal data concerning you collected on the site, at the establishment and at partner service providers are intended to be used by the Company and may be transmitted to subcontracting companies that the Company may call upon in the context of the performance of its services. The Company ensures compliance with data protection requirements for all its subcontractors. The Company does not sell or rent your personal data to third parties for marketing purposes. In keeping with our values, we do not enter into strategic partnerships to share your data by promoting a third party service or product. The Company does not disclose your personal data to third parties, except where:
- you request or authorise the disclosure;
- disclosure is required to process transactions or provide services you have requested (i.e., for purposes of verifying your good shipping practices or in connection with purchase card processing with credit card companies);
- the Company is compelled to do so by a governmental authority or regulatory body, in the event of a judicial requisition, subpoena or other similar governmental or judicial requirement, or to establish or defend a legal claim;
- the third party is acting as an agent or subcontractor of the Company in the performance of the Services.
- MIXIT7: Server outsourcing
- XXX: Operations related to bookkeeping
- Sandra DELON: Website editing
- D-EDGE: Payment management
- GOOGLE ANALYTICS: Statistics and technical analysis of the site
- Microsoft: Email exchange between the Company and its Users, Consumers, Customers, Professionals
- XXX: Wi-Fi service in the hotel available to clients, employees, consumers and professionals
- On your computer, open Chrome.
- On the top right, click Settings (the 3 little dots)
- Click on Advanced Settings and then Content Settings
- At the top of the page, disable “Allow sites to save and read cookie data”
- Choose the “Tool” menu then “Options”
- Click on the “Privacy”
- Find the “Cookie” menu and select the options that suit you
- Choose the “Tools” menu, then “Internet Options”.
- Click on the “Privacy” (or “Confidentiality”) tab.
- Select the desired level using the slider.
- Go to Settings
- Under Clear browsing data, select Choose items to clear.
- Check the boxes next to each type of data you want to delete, then select Delete.
- Choose the menu “File” > “Preferences” > Privacy
XII. SecurityWithin the framework of its services, the Company attaches the utmost importance to the security and integrity of the personal data of its clients, consumers, professionals and users. Thus, and in accordance with the RGPD, the Company undertakes to take all necessary precautions to preserve the security of the data and in particular to protect them against any accidental or illicit destruction, accidental loss, alteration, distribution or unauthorised access, as well as against any other form of illicit processing or communication to unauthorised persons. To this end, the Company implements industry standard security measures to protect personal data from unauthorised disclosure. By using the encryption methods recommended by the digital industry, the Company takes the necessary measures to protect payment information, bearing in mind that the Company does not offer on-site payment directly but uses an external service secured by our subcontractor D-EDGE and VEGA. In addition, in order to prevent unauthorised access and to guarantee the accuracy and proper use of data, the Company has implemented electronic and manual procedures to safeguard and preserve the data collected through its services. Nevertheless, no one can consider themselves completely safe from a hacker attack. That is why, in the event that a security breach affects you, the Company undertakes to inform you as soon as possible and to make its best efforts to take all possible measures to neutralise the intrusion and minimise its impact. In the event that you suffer damage as a result of the exploitation of a security breach by a third party, the Company undertakes to provide you with all necessary assistance so that you can assert your rights. You should bear in mind that any user, customer or hacker who discovers a security breach and exploits it may be subject to criminal sanctions and that the Company will take all measures, including filing a complaint and/or taking legal action, to preserve the data and rights of its users and its own and to limit the impact as much as possible. Informing the User in the event of a security breach We undertake to implement all appropriate technical and organisational measures through physical and logistical means of security in order to guarantee a level of security appropriate to the risks of accidental, unauthorised or illegal access, disclosure, alteration, loss or destruction of your personal data. In the event that we become aware of unlawful access to your personal data stored on our servers or those of our service providers, or unauthorised access resulting in the risks identified above, we undertake to:
- Notify you of the incident as soon as possible if this meets a legal requirement;
- Examine the causes of the incident;
- Take reasonable steps to mitigate the adverse effects and harm that may result from the incident;
- Limit liability
XVI. Transfer of Data to Countries with an Equivalent Level of ProtectionThe Company is committed to complying with applicable regulations regarding data transfers, although the Company does not currently transfer data to foreign countries for substantially all of its processing. Where necessary to provide our services, this is done in the following ways:
- The Company transfers the personal data of its Users, Clients, Consumers, Professionals to countries recognized as offering an equivalent level of protection and recognized by the CNIL as having a sufficient level of protection.
- The Company transfers the personal data of its Users, Clients, Consumers, Professionals to recipients that can present sufficient guarantees of RGPD compliance.
- The Company only transfers the personal data of its Users, Clients, Consumers, Professionals with regard to what is strictly necessary for the purpose of the processing concerned, i.e. booking a room at the Hotel VENDÔME
Téléphone : +33 (0) 4 93 62 00 77
Adresse électronique (Courriel) : [email protected]