The purpose of this confidentiality policy (hereinafter the "Policy") is to explain the rules surrounding the different processing of personal data that can be implemented when you use our website accessible from the address URL: www.labosselle.com (hereinafter the "Site")
The processing of personal data carried out from the Site is the responsibility of two co-controllers.
Those responsible for processing your personal data are:
The company Wix.com LTD, 40 Namal Tel Aviv, 6350671 Israel - VAT number: EU442008451 - (hereinafter "Wix") which manages the website of Hotel La Bosselle
Wix supports hosting professionals by offering them a digital platform hosted in Saas mode allowing them to create a website for their hosting activity.
Hotel La Bosselle
This company is registered with the French administration of Nantes under number 839540382 (hereinafter “the Establishment”). Its head office is located at 12 rue du Port - 44310 - St Philbert de Grand Lieu
Email of the person in charge of data protection within the establishment: firstname.lastname@example.org
As Data Controller of your Personal Data, we make every effort to protect your privacy as much as possible when you visit the Site.
This Policy allows you to find out more about the origin and use of your Personal Data as well as your browsing information processed when consulting our Site.
In the context of this Policy, the expression "Personal Data" refers to any data that relates to you alone and allows you to be identified directly or indirectly, regardless of the Terminal you use.
The expression "Terminal" refers to the hardware equipment (computer, tablet, smartphone, telephone, etc.) that you use to consult and navigate on the Site.
The term "Regulations" refers to the regulations relating to personal data, and in particular to Regulation No. 2016/679 known as the General Data Protection Regulation, the French Data Protection Act No. 78-17 of 6 January 1978 as well as French law n ° 2018-493 relating to the protection of personal data.
By using our Site, you declare that you accept the terms of this Policy in their entirety.
If you disagree with any of these terms, you are free to stop using our Site.
1. Protection of your personal data
In accordance with the Regulations, we list all the processing operations carried out in a processing register that we leave at the disposal of the competent authorities.
All the information that you have been able to provide us during your visits to the Site is strictly confidential. This information is necessary for the purpose of their processing.
1.1. What Personal Data is collected and processed?
The information that may be collected and processed is as follows:
- Identification data and contact details: your first name, your last name, your gender, your postal address, your telephone number, your email address, your language and the country from which you interact with us;
- Financial and payment data: your bank details (in this regard we inform you that all payment transactions are encrypted by the receiving bank or the accredited storage center and that we do not keep any bank card number), information on your reservations, etc. ;
- Connection, geolocation (only with your consent) and navigation data; and
- Personal preferences: this includes your cookie preferences.
When we ask you to enter your personal data to access a feature, some data is mandatory fields since it is data that we need to allow you to access that feature (for example, to register your reservation we need your first and last name).
It is important that the personal information shared about you is correct and up to date.
We do not process any personal data that could be qualified as "sensitive" (information concerning racial or ethnic origin, political, philosophical or religious opinions, trade union membership, health or sex life) within the meaning of the Regulations relating to personal data.
In this regard, it is specified that our Site is not intended for children and that therefore we do not process any data relating to them.
We undertake not to transfer your personal data to third parties, except for the exceptions listed below in Article 1.3.
1.2. For what purposes are your Personal Data collected and processed?
The Personal Data listed above may be collected and processed for the following purposes:
Management of a reservation
The processing of your data is necessary to keep you informed of the status of your reservation, of the summary of your reservation, to accept your payment, etc.
Access to customer service
We process your Personal Data as part of our customer service in order to respond to your requests, in particular through the contact form.
Improvement of our services
We process your navigation and reservation data for analysis and statistical purposes. Indeed, this data allows us to analyze the way you use our Site and to improve its ergonomics and quality.
As part of your subscription to our newsletter, we process your data in order to manage your subscription and send you targeted information by email or SMS according to your preferences. We may also contact you via push notifications if you subscribe to this service.
Processing for marketing purposes requires your consent. You can therefore unsubscribe from our communications at any time.
In the event that you have given us your consent to receive our communications, whether via our newsletter or via push notifications, we may use the information you have provided us for the following purposes:
- Sharing of information on our events, products, services, current offers;
- Recommendations on certain products or services that may be of interest to you; and
- Customer study in order to better understand your expectations regarding the products and services offered by our Site.
1.3. Who are the recipients of your Personal Data?
As part of the use of our Site, you may receive information from third parties with whom we collaborate in order to offer you certain services. It could be :
- Financial institutions and accredited storage centers;
- Fraud detection and prevention entities; and
- Service providers related to marketing, communication and advertising.
The Personal Data collected from the Site is mainly processed by the internal services of the Data Controller.
However, we may share your information with the third parties listed above, in particular for the following reasons:
- make payment in the case of financial establishments and accredited storage centers;
- check your credit and your identity with regard to fraud detection and prevention entities; and
- optimize your journey on our Site and improve our services with regard to service providers related to marketing, communication and advertising.
We ask third-party recipients of your personal data to undertake to comply with the Regulations relating to personal data. The third parties listed above may only use your personal information on our instructions and not for their own use.
Your connection and browsing data may also be transferred to Google Analytics.
We may also communicate your Personal Data to respond to an injunction from the legal authorities.
1.4. How long are your Personal Data kept?
We will keep your data for a period of ten (10) years following your last reservation, in order to answer any questions, complaints or to maintain all the data necessary to meet legal, accounting or analysis requirements (article L .123-22 of the French Commercial Code).
We may also retain your data for research or statistical analysis; these will then be anonymized.
As part of a subscription to our newsletter, we will no longer contact you if you have not opened our newsletters for more than twelve (12) months.
Any modification of this Policy will be made on this page and will, in the event of a substantial modification, be notified to you by e-mail.
The Data Controller may also keep your data for research or statistical analysis. These being then anonymized, no retention period is imposed by the Regulations insofar as it is no longer possible to “re-identify” you afterwards.
1.5. Hosting of your Personal Data
The Data Controller has implemented appropriate technical measures to maintain the security of your Personal Data.
1.6. What are your rights ?
1.6.1. The consent
Your consent must be given clearly and unequivocally. This is why, when you agree to complete the Site contact form:
- it is explained to you the use that will be made of your Personal Data;
- you must tick a box validating your consent; and
- children under 13 cannot give their consent.
1.6.2. Other rights
In accordance with the Regulations, you have the following rights over your Personal Data:
- Right of access to data: this right allows you to receive a copy of the Personal Data that we hold about you;
- Right to rectification: this right gives you the possibility of requesting the correction of inaccurate or incomplete Personal Data concerning you;
- Right to the deletion of your Personal Data: this right gives you the possibility of asking us to delete your Personal Data if one of the legal reasons is met:
the Personal Data is no longer necessary for the purposes of the processing;
you have withdrawn your consent on which the processing is based;
you have objected to the processing by means of your right to object;
the processing of your Personal Data is unlawful; or
your Personal Data must be erased by virtue of a legal obligation.
- Right to limit the processing of your Personal Data; this limitation of processing can be achieved when:
you dispute the accuracy of your Personal Data;
you do not oppose the erasure of your Personal Data in the context of unlawful processing but demand that it be limited;
your Personal Data is no longer used by our services but that their retention is only necessary for the establishment, exercise or defense of legal claims; or
you object to our use of your Personal Data by means of your right to object.
- Right to portability of your Personal Data: you can contact us so that we can provide you, or directly to another data controller, your Personal Data in a structured, commonly used and machine-readable format;
- Right to object: you can contact us when
the processing is carried out to fulfill a mission of public interest or for the purposes of our legitimate interests; you can oppose it only for reasons relating to your situation; or
the processing is carried out for the purpose of commercial prospecting; you can oppose it at any time and without any explanation being given to us.
- Right to determine the fate of your Personal Data after your death (the e-Testament): one of the specificities of French regulations is that it allows you to send us your instructions concerning the way in which we will treat your Personal Data after your death. As such, you can choose to have them deleted or sent to one of your relatives.
Regardless of the purpose or the legal basis by virtue of which we process your data, you can therefore, at any time and at no cost, send us an email to benefit from your rights at the following address: hugues.vincendeau @ gmail.com
Or send us a letter to the following address:
12 rue du Port -44310 - St Philbert de Grand Lieu
Please note, however, that we are not always able to respond favorably to your request for legal reasons which we will bring to your attention, if applicable, after receiving your request.
In any case, we remind you that you have the right to lodge a complaint with the competent administrative authority.
1.7. What are the legal grounds for processing?
For the processing of your data, we rely on legal grounds which depend on how you interact with our Site.
When you purchase products from our Site, we collect and process your personal data to perform the contract between us and you. For example, we need your postal address to deliver your order or your bank details to proceed with payment.
We also rely on other legal grounds such as your legitimate interests. For example, we consider that it is in your interest that your identity cannot be used for fraudulent purposes, that our customer service people have access to your order information to serve you better or that we can better understand your use. of our Site in order to improve its ergonomics and the services we offer you.
Finally, when it comes to the processing of Personal Data for the purpose of prospecting, the legal basis for the processing is your consent (see Article 1.6.1 above).
2. Internet browsing safety
2.1. Integrity of your data on the Internet
The Site has appropriate security measures to prevent any loss, use or unauthorized access, modification or disclosure of your Personal Data.
All personal data collected is saved on secure servers. The Data Controller has also put in place procedures to manage any personal data breach.
2.2. Malicious uses
It is recommended that you only connect to secure networks, preferably private networks. Be aware of the risks involved on public wifi networks.
Regardless of the Data Controller to whom you have voluntarily transmitted your Personal Data and taking into account the nature of the Internet network, other operators, without any link with the Data Controller, are able to collect them without your consent, in particular while browsing the Internet. Therefore, we recommend that you install anti-virus and anti-spyware software on your computer and update them regularly.
2.3. Spoofing / Phishing / Phishing
The Data Controller will never solicit you by e-mail to obtain personal information.
If you receive an e-mail on behalf of the Data Controller asking you to provide sensitive personal information (banking data, relating to your private life, etc.), please do not respond and forward this email to us so that we can take action. required.
You will only need to communicate your account information after you have logged in to the Site directly through your browser.