Established in accordance with Law No. 78-17 of January 6, 1978 on data processing, files, and freedoms, amended by European Regulation 2016/679 of April 27, 2016 on the protection of personal data, which came into force on May 25, 2018, CHATEAU DE THEOULE places the protection of personal data at the heart of the services offered to you.
By using the website www.chateau-theoule.com, you unreservedly accept the collection and use of your personal data as described in this Personal Data Protection Charter.
This charter sets out the principles and guidelines for the protection of your personal data and aims to inform you about: the personal data that CHATEAU DE THEOULE collects and the reasons for this collection, how this personal data is used, your rights regarding the personal data concerning you. This charter applies to all services provided by CHATEAU DE THEOULE, excluding those offered by partner sites;
Personal Data Controller
The data controller is the person responsible for one or more processing operations of personal data, determining their purposes and means. The website www.chateau-theoule.com is responsible for all processing of your personal data.
How does CHATEAU DE THEOULE take into account the protection of Personal Data?
CHATEAU DE THEOULE is committed to considering the protection of your personal data and your privacy from the outset of the services offered. In order to ensure security and guarantee respect for and the proper exercise of your rights, technical and organizational measures aimed at protecting your personal data are implemented.
What rights do you have over your personal data?
CHATEAU DE THEOULE undertakes to collect only the data strictly necessary for the provision of the subscribed services:
- Your first name
- Last name
- Address
- Phone number
- Password
- Your billing and/or delivery address
- Your financial information (e.g., credit card number)
- IP/Mac address
- Your connection and browsing data.
The mandatory nature of the data necessary for processing your requests is indicated to you during collection by an asterisk. Personal data is collected directly from you and is only used for the purposes that have been made known to you.
Why is your Personal Information collected and used by CHATEAU DE THEOULE?
For the following purposes, we request your consent: Online reservations (hotels, restaurants, various services), Mailing of information about events, evenings, concerts, Newsletter.
For the following purposes, your data is processed as part of the execution of the contract binding you to the website www.chateau-theoule.com: Management of your online reservations (hotels, restaurants, various services), Management and follow-up of customer relations, complaints, and requests, including the right of access, questioning, rectification, and opposition for legitimate reasons and opposition to commercial prospecting.
For the following purposes, your data is necessary for the legitimate interests pursued: To prevent and detect potential threats to the security of our visitors and our products or services, To prevent fraud or any other unlawful action and to comply with our legal obligations.
How is Personal Data collected?
During the online reservation process (hotels, restaurants, various services), this data may be collected directly on our website www.chateau-theoule.com.
This data can be collected through forms that you will be asked to complete or automatically.
How is the collection of Personal Data from minors handled?
Minors must obtain consent from their parents or legal guardians.
Can your Personal Data be transferred outside the European Union?
The company CHATEAU DE THEOULE carries out all processing of your Personal Data within the territory of the European Union (EU).
If, for certain specific services, the company CHATEAU DE THEOULE uses subcontractors established outside the EU, some Personal Data may be communicated to them for the strict needs of their missions. In this case, in accordance with the applicable regulations, CHATEAU DE THEOULE requires its subcontractors to provide the necessary guarantees for the supervision and security of these transfers, notably by signing standard contractual clauses of the European Commission.
For how long does CHATEAU DE THEOULE retain your Personal Data?
Your Personal Data is kept for the time necessary to achieve the objective pursued at the time of its collection. It will then be archived with restricted access for an additional period of time in line with the legal statute of limitations and retention periods for reasons that are strictly limited and authorised by law. It will then be deleted.
Is your Personal Data protected?
CHATEAU DE THEOULE commits to taking all technical and organizational measures to ensure the security and confidentiality of Personal Data, particularly to prevent them from being damaged, erased, or accessed by unauthorized third parties. In the event of a security incident affecting your Personal Data (destruction, loss, alteration, or disclosure), CHATEAU DE THEOULE commits to fulfilling the obligation to notify Personal Data Violations, particularly to the CNIL (French Data Protection Authority).
Management of your Personal Data
In accordance with the law n° 78-17 of January 6, 1978 relating to data processing, files, and freedoms, amended by the European Regulation 2016/679 of April 27, 2016 relating to the protection of Personal Data, you have several rights for the management of your data. You have the right at any time to exercise, with the company CHATEAU DE THEOULE, the rights provided by the applicable regulations on personal data, subject to fulfilling the conditions:
Right of access: you can request access to your Personal Data undergoing Processing by the company CHATEAU DE THEOULE.
Right to rectification: you can update or correct your Personal Data processed by the company CHATEAU DE THEOULE.
Right to object, particularly to receiving commercial communications: you can express your wish not to receive commercial communication from the company CHATEAU DE THEOULE anymore or request that your Personal Data no longer be Processed.
Right to erasure: you can request the deletion of your Personal Data.
Right to restriction of Processing: you can request the suspension of the Processing of your Personal Data.
Right to data portability: you can request the company CHATEAU DE THEOULE to retrieve your Personal Data in order to dispose of it.
The right to define directives regarding the fate of your Personal Data after death: without any directive from you, after a certain period of inactivity, your Personal Data is deleted. However, your heirs can exercise rights over your data after your death.
The right to lodge a complaint with the CNIL (French Data Protection Authority). You can lodge a complaint if you consider that the Processing of personal data concerning you constitutes a violation of the regulations. If you wish to have additional information about your rights, especially regarding this last right, please visit the website of the Commission Nationale de l’Informatique et des Libertés (CNIL) (www.cnil.fr).
Contact for the exercise of your rights
For any questions regarding this Charter or for the exercise of your rights, you can send us, in accordance with regulations, a request accompanied by a valid proof of identity:
Either to the company CHATEAU DE THEOULE – 22 rue de Téhéran, 75008 Paris, France, indicating your name, first name, email, and address.
Or to the postal and/or email address provided to you when subscribing to a service or when collecting your Personal Data.
Any request must be accompanied by a proof of identity. CHATEAU DE THEOULE undertakes to respond to your requests to exercise your rights as soon as possible and in any case within the legal deadlines.
Cookies
The user of the website www.chateau-theoule.com is informed about the use of trackers or “Cookies” designed to be used by CHATEAU DE THEOULE. Upon each connection, Cookies allow, for example, the recording of the following information: the user’s browser type and version, dates and times of visits, the history and content of orders including in case of unfinished purchases. Thus, during their next connections, the user no longer needs to enter certain information again. The user can oppose the registration of all or part of these Cookies. Indeed, most Internet browsers allow you to configure Internet and security options or user preferences to refuse or disable Cookies, or to receive a message informing the User about the sending of Cookies. Cookies necessary for the functioning of the websites: they allow you to use the main features of the sites (for example, use of the shopping cart, access to personal and reserved areas). Without these Cookies, you will not be able to use the Site normally. These are cookies that only concern the operation of the Site.
Analytical Cookies:
These are Cookies that allow CHATEAU DE THEOULE to establish statistics and volumes of attendance and use of the various elements making up the Site (sections and contents visited, navigation paths) in order to improve the interest and ergonomics of its services.
Functional Cookies:
These are Cookies that allow CHATEAU DE THEOULE to:
(i) Adapt the presentation of their sites, spaces, and advertising content to the display preferences of your terminal (language used, display resolution, operating system used, etc.), where applicable, based on the location data transmitted by your terminal with your prior agreement and your personal data;
(ii) Personalize your experience on the sites (for example, remind you of previous sections and/or last products viewed, remember the items in your cart before continuing your purchases.).
Cookies and social media plug-ins (social buttons)
CHATEAU DE THEOULE may include on its site computer applications from third parties, which allow you to share site content with other people or to make known to these other people your consultation or your opinion concerning content of the Site. This is notably the case with “Share,” “Like” buttons from social networks such as Facebook, Twitter, etc.
The social network providing such an application button may identify you through this button, even if you have not used this button during your visit to the Site. Indeed, this type of application button can allow the concerned social network to track your navigation on the Site, simply because your account on the concerned social network is activated on your terminal (open session) during your navigation on the site. If you do not wish the social networks to publish your actions resulting from the plug-ins in your social network accounts, you must log out of your social networks before visiting the Site.
CHATEAU DE THEOULE has no control over the process used by social networks to collect information about your browsing on the site and associated with the personal data they have.
We invite you to consult the privacy protection policies of these social networks in order to become aware of the purposes of use, including advertising, of the browsing information they may collect through these application buttons. These protection policies must in particular allow you to exercise your choices with these social networks, including by setting your user accounts for each of these networks.
POLICY RELATED TO TELEPHONE SOLICITATION:
We inform you of your right to register on the telephone solicitation opposition list and suggest that you register on Bloctel. Bloctel is the opposition list for telephone solicitation on which any consumer can register for free in order not to be solicited by telephone by a professional with whom he does not have an ongoing contractual relationship, in accordance with law n°2014-344 of March 17, 2014, concerning consumption. The law specifies that it is prohibited for any professional, directly or through a third party acting on its behalf, to make telephone solicitations to a consumer registered on this list, except for the cases listed by law. For more information: http://www.bloctel.gouv.fr/
GLOSSARY
Each term in the Charter beginning with a capital letter has the following meaning:
“Privacy and Personal Data Protection Charter”: refers to this Charter describing the measures taken for the processing, exploitation, and management of your Personal Data and your rights as a data subject.
“Personal Data”: refers to any information relating to you and allowing you to be identified directly or indirectly.
“Processing”: refers to any operation or set of operations applied to your Personal Data.
“Personal Data Breach”: refers to a breach of security resulting, accidentally or unlawfully, in the destruction, loss, alteration, unauthorized disclosure, or access to your Personal Data.
“Recipient”: refers to the service or company that receives communication and can access your Personal Data.