The processing of personal data implemented from the Site is the responsibility of two joint processing managers.
The controllers of your personal data are:
The company Wix.com LTD, 40 Namal Tel Aviv, 6350671 Israel - VAT number: EU442008451 - (hereinafter "Wix") which manages the Hotel La Bosselle website
Wix supports hosting professionals by offering them a digital platform hosted in Saas mode allowing them to create a website for their hosting activity.
Hotel La Bosselle
This company is registered with the Nantes France administration under number 839540382 (hereinafter “the Establishment”). Its head office is located at 12 rue du Port - 44310 - St Philbert de Grand Lieu
Email of the data protection officer within the establishment: email@example.com
As Data Controller of your Personal Data, we make every effort to best protect your privacy during your visits to the Site.
This Policy allows you to learn more about the origin and use of your Personal Data as well as your browsing information processed when consulting our Site.
In the context of this Policy, the expression "Personal Data" means any data that relates to you alone and allows you to be identified directly or indirectly, regardless of the Terminal you are using.
The expression “Terminal” designates the material equipment (computer, tablet, smartphone, telephone, etc.) that you use to consult and browse the Site.
The term "Regulation" refers to the regulations relating to personal data, and in particular to regulation n ° 2016/679 known as the General Data Protection Regulation, the French Data Protection Act n ° 78-17 of January 6, 1978 as well as French law n°2018-493 relating to the protection of personal data.
By using our Site, you declare that you accept the terms of this Policy in their entirety.
If you disagree with any of these terms, you are free to stop using our Site.
1. Protection of your personal data
In accordance with the Regulations, we list all the processing carried out in a processing register that we leave available to the competent authorities.
All the information that you may have provided to us during your visits to the Site is strictly confidential. This information is necessary for the purpose of their processing.
1.1. What Personal Data is collected and processed?
The information likely to be collected and processed is as follows:
- Identification data and contact details: your first name, your last name, your gender, your postal address, your telephone number, your email address, your language and the country from which you interact with us;
- Financial and payment data: your bank details (in this respect we inform you that all payment transactions are encrypted by the receiving bank or the accredited storage center and that we do not keep any bank card number), information on your reservations, etc. ;
- Connection, geolocation (only with your consent) and browsing data; and
- Personal preferences: this includes your cookie preferences.
When we ask you to enter your personal data to access a feature, some data is required fields since it is data that we need to allow you to access this feature (for example, to register your reservation we need your first and last name).
It is important that the personal information shared about you is correct and up to date.
We do not process any personal data which could be qualified as "sensitive" (information concerning racial or ethnic origin, political, philosophical or religious opinions, trade union membership, health or sex life) within the meaning of the Regulations relating to personal data.
In this respect, it is specified that our Site is not intended for children and that therefore we do not process any data relating to them.
We undertake not to transfer your personal data to third parties except for the exceptions listed below in Article 1.3.
1.2. For what purposes are your Personal Data collected and processed?
The Personal Data listed above may be collected and processed for the following purposes:
Management of a reservation
The processing of your data is necessary to keep you informed of the status of your reservation, the summary of your reservation, to accept your payment, etc.
Access to customer service
We process your Personal Data as part of our customer service in order to respond to your requests, in particular through the contact form.
Improvement of our services
We process your browsing and reservation data for analysis and statistical purposes. Indeed, this data allows us to analyze the way you use our Site and to improve its ergonomics and quality.
As part of your subscription to our newsletter, we process your data in order to manage your subscription and send you targeted information by email or SMS according to your preferences. We may also contact you via push notifications if you subscribe to this service.
Processing for marketing purposes requires your consent. Thus, you can unsubscribe from our communications at any time.
In the event that you have given us your consent to receive our communications, whether via our newsletter or via push notifications, we may use the information you have provided to us for the following purposes:
- Sharing information about our events, products, services, current offers;
- Recommendations on certain products or services that may be of interest to you; and
- Customer research to better understand your expectations regarding the products and services offered by our Site.
1.3. Who are the recipients of your Personal Data?
As part of the use of our Site, you may be required to receive information from third parties with whom we collaborate in order to offer you certain services. It could be :
- Accredited financial institutions and storage centers;
- Fraud detection and prevention entities; and
- Service providers related to marketing, communication and advertising.
The Personal Data collected from the Site is mainly processed by the internal departments of the Data Controller.
However, we may share your information with the third parties listed above, in particular for the following reasons:
- proceed to payment with regard to financial establishments and accredited storage centres;
- check your credit and identity with fraud detection and prevention entities; and
- optimize your visit to our Site and improve our services with regard to service providers related to marketing, communication and advertising.
We ask third party recipients of your personal data to undertake to comply with the Regulations relating to personal data. The third parties listed above may only use your personal information on our instructions and not for their own use.
Your login and browsing data may also be transferred to Google Analytics.
We may also communicate your Personal Data to respond to an order from the legal authorities.
1.4. How long are your Personal Data kept?
We will keep your data for a period of ten (10) years following your last reservation, in order to answer any questions, complaints or to maintain all the data necessary to meet legal, accounting or analysis requirements (article L .123-22 of the Commercial Code).
We may also retain your data for research or statistical analysis; these will then be anonymized.
As part of a subscription to our newsletter, we will not contact you again if you have not opened our newsletters for more than twelve (12) months.
Any modification of this Policy will be made on this page and you will, in the event of a substantial modification, be notified by e-mail.
The Data Controller may also keep your data for research or statistical analysis. As these are then anonymized, no retention period is imposed by the Regulations insofar as it is no longer possible to "re-identify" you afterwards.
1.5. Hosting of your Personal Data
The Data Controller has implemented appropriate technical measures to maintain the security of your Personal Data.
1.6. What are your rights ?
1.6.1. The consent
Your consent must be given clearly and unequivocally. This is why, when you agree to fill in the contact form on the Site:
- the use that will be made of your Personal Data is explained to you;
- you must tick a box validating your consent; and
- children under 13 cannot give their consent.
1.6.2. Other rights
In accordance with the Regulations, you have the following rights over your Personal Data:
- Right of access to data: this right allows you to receive a copy of the Personal Data that we hold about you;
- Right to rectification: this right allows you to request the correction of inaccurate or incomplete Personal Data concerning you;
- Right to the deletion of your Personal Data: this right gives you the possibility to ask us to delete your Personal Data if one of the legal grounds is met:
the Personal Data is no longer necessary for the purposes of the processing;
you have withdrawn your consent on which the processing is based;
you have objected to the processing through your right to object;
the processing of your Personal Data is unlawful; Where
your Personal Data must be erased under a legal obligation.
- Right to limit the processing of your Personal Data; this restriction of processing can be carried out when:
you dispute the accuracy of your Personal Data;
you do not oppose the erasure of your Personal Data in the context of unlawful processing but demand that it be limited;
your Personal Data is no longer used by our services but that their retention is only necessary for the recognition, exercise or defense of a legal right; Where
you object to us using your Personal Data through your right to object.
- Right to the portability of your Personal Data: you can contact us so that we provide you, or directly to another controller, your Personal Data in a structured, commonly used and machine-readable format;
- Right of opposition: you can contact us when
the processing is carried out to fulfill a task in the public interest or for the purposes of our legitimate interests; you can oppose it only for reasons relating to your situation; Where
the processing is carried out for the purpose of commercial prospecting; you can oppose it at any time and without any explanation being given to us.
- Right to determine the fate of your Personal Data after your death (the e-Testament): one of the specificities of French regulations is that it allows you to send us your instructions concerning the way in which we will process your Personal Data after your death. As such, you can choose that they be deleted or transmitted to one of your relatives.
Regardless of the purpose or legal basis under which we process your data, you can therefore, at any time and at no cost, send us an email to benefit from your rights at the following address: firstname.lastname@example.org
Or send us a letter to the following address:
12 rue du Port -44310 - St Philbert de Grand Lieu
Please note, however, that we are not always able to respond favorably to your request for legal reasons which we will bring to your attention, if necessary, after having received your request.
In any event, we remind you that you have the right to lodge a complaint with the competent administrative authority.
1.7. What are the legal grounds for processing?
For the processing of your data, we rely on legal bases which depend on the way you interact with our Site.
When you purchase products from our Site, we collect and process your personal data to perform the contract between us and you. For example, we need your postal details to deliver your order or your bank details to make payment.
We also rely on other legal grounds such as your legitimate interests. For example, we consider that it is in your interest that your identity cannot be used for fraudulent purposes, that our customer service people have access to your order information to serve you better or that we can better understand your use. of our Site in order to improve its ergonomics and the services we offer you.
Finally, when it comes to the processing of Personal Data for the purpose of canvassing, the legal basis of the processing is your consent (see above Article 1.6.1.).
2. Internet Browsing Security
2.1. Integrity of your data on the Internet
The Site has appropriate security measures in place to prevent any loss, unauthorized use or access, modification or disclosure of your Personal Data.
All personal data collected is stored on secure servers. The Data Controller has also implemented procedures to manage any breach of personal data.
2.2. Malicious uses
It is recommended that you connect only to secure networks, preferably private networks. Be aware of the risks incurred on public wifi networks.
Independently of the Data Controller to whom you have voluntarily transmitted your Personal Data and taking into account the nature of the Internet network, other operators, unrelated to the Data Controller, are able to capture them without your consent, in particular when browsing the Internet. Consequently, we recommend that you install anti-virus and "anti-spyware" software on your computer and update them regularly.
2.3. Spoofing/ Phishing/ Phishing
The Data Controller will never solicit you by e-mail to obtain personal information.
If you receive an e-mail on behalf of the Data Controller asking you to provide sensitive personal information (banking data, relating to your private life, etc.), please do not reply to it and forward this e-mail to us so that we can take action.
You will only need to provide your account information after logging into the site directly through your browser.