1. Definitions The terms listed below are defined as follows: Account: the personal account created by a User on the Site to benefit from private offers or via the Site's online store; Personal data: any information that directly or indirectly identifies an individual as defined by applicable regulations; DPO: the Data Protection Officer, tasked with advising the (Data) Controller and ensuring due compliance with rules governing the processing of personal data; Partouche Group: a public limited company with executive and supervisory boards, listed in the Trade & Companies Register of Paris under number 588 801 464, having its registered office at 141 bis, rue de Saussure, 75017 Paris; Service: a booking, a request for a quotation, a purchase of a product or service, or lodging a complaint with the Controller or the Partouche Group via the relevant customer service on the Site; Controller: the legal entity, which alone or jointly with others determines the purpose and methods of the processing, in this instance SAS CDTH au capital de 152000€, Whose head office is in 1 Avenue Ambroise Thomas 83400 HYÈRES registered in the Register of companies of Toulon under the number 382 201 226, represented by Bernard LEAUX in his managing director's quality; Site: the web site at www.Hotelcasinohyeres.com; User: any individual over 18 years old using the Services offered by the Site, whether or not (s)he has an Account; Visitor: any individual consulting the Site.
1. When and why data is collected The Controller collects personal when Visitors and Users use the Site to create an Account or use its Services (reserving a room, enrolling for an event, signing up to a loyalty programme, subscribing to a newsletter, visiting premises, etc.). The Controller observes the principles of minimal data collection and data protection at design time and protection by default. Accordingly, only limited relevant information is processed with regard to the purpose of the processing.
2. Purpose of data collection The collected information is stored by the Controller in one or more computer files for the following purposes: - Providing content and Services on the Site; - Monitoring the Site's audience; - Managing Users' Accounts and their activity; - Managing the communication and marketing campaigns of the publishing company and the Partouche Group, irrespective of the means of communication (telephone, SMS, postal correspondence, e-mail); - Managing enquiries made to the Site's customer service. The personal data of Users who have subscribed with the Controller or the Partouche Group for the purpose of purchasing products or services (booking, payment, etc.) is processed and stored to meet legal or regulatory requirements. For all other purposes, personal data is processed and stored subject to the consent of the Users and Visitors. If a User is required to fill in a personal data collection form, required fields are marked “*”, and if such fields are left blank or if the data subjects subsequently withdraw their consent, the Controller and the Partouche Group cannot accede to the request. Whenever data is processed with the consent of the data subjects, the latter may withdraw their consent at any time by sending their request to [firstname.lastname@example.org].
3. Storage period In accordance with current regulations, the Controller stores personal data only for as long as required by the purposes of the processing; unless the User has consented to it being stored for subsequent use. The personal data storage period varies according to the purpose for which it is processed. In particular, the following storage periods apply for the main categories of personal data: For contacts from Users relating to the Services (requests for quotations, bookings, accessing the customer service, etc.): the information is stored for no more than three (3) years after the User's last contact. For User Accounts management: as long as the User is active, and for no more than three (3) years after the User's last contact. For transactions involving a flow of funds: the information is stored for the period of limitation or for any period stipulated by another regulatory requirement. Managing the communication and marketing campaigns of the publishing company or the Partouche Group: the information is stored for three (3) years from the time of collection or the prospective customer's last contact.
4. Communication of personal data Information held by the Controller concerning Users and Visitors may be communicated to the following persons: - The Controller's staff or the staff of sister companies or subsidiaries whose duties authorize them to manage it; - Bodies having a control or inspection remit in accordance with applicable regulations; - Third-party providers tasked with processing the personal data on behalf of the Controller, who are contractually bound by a security and privacy obligation in respect of the said personal data (for instance, securing online payments, fighting fraud, site maintenance, gathering customers' opinions) All persons having access to your personal data are bound by a strict non-disclosure obligation.
5. Transfers of personal data outside the European Union All your personal data is processed exclusively within the European Union. The Controller does not transfer your personal data outside the European territory, either to companies controlled or owned by the Partouche Group or to third-party providers. If providers based outside the European Union are used, the Controller ensures first and foremost that appropriate measures are in place to ensure that personal data is transferred within a contractual framework that guarantees its inherent confidentiality.
6. Your rights to your personal data In accordance with current regulations, you are entitled to object to and restrict the processing of your personal data, and you have the right of access, rectification, portability and erasure of the said data. You also have the right to give the Controller instructions regarding the fate of your personal data after your death. Users and Visitors are hereby informed that their rights to object, erasure and portability of their data and to restrict its processing are subject to conditions and may be refused by the Controller if such requests do not correspond to situations specified by personal data regulations. You can exercise your rights by e-mailing your request to email@example.com together with a copy of your identity papers. Or you can post it to 1 avenue Ambroise Thomas, 83400 Hyéres. All such requests will be processed as soon as possible, and within no more than three months, depending on the complexity of the request or the number of requests received. Lastly, if the Controller does not accede to your request, you have the right to lodge a complaint with the personal data protection authority, namely CNIL (the French data protection authority). In accordance with applicable requirements, the Controller and the Partouche Group have appointed a shared DPO. You can contact the DPO in connection with any question concerning the Controller's commitments to personal data protection at the following address: firstname.lastname@example.org DPO Partouche Group/DPO 1 avenue Ambroise Thomas, 83400 Hyéres 141 bis rue de Saussure 75017 Paris
i. What are cookies? A cookie is a piece of information stored on the hard drive of a web user by the server of the visited site. It contains several pieces of data: the name of the server that stored it, an identifier in the form of a unique number, and possibly an expiry date. This information is sometimes stored as a simple text file that the server accesses to read and write the information.
ii. What purpose do cookies serve? Cookies are essential to the smooth running of the Site. More specifically they are used to: - Memorize text you have already entered, such as your user name or certain details you have entered on a form; - Memorize certain preferences such as your language or the region where you live; - Monitor your browsing on the Site with Google Analytics. If you object to the Controller placing cookies on your device, you should either change the relevant settings in your browser (which may affect optimal use of the Site or Services) or leave the Site. Functional cookies: These cookies enable to site to function and are automatically activated when you use the site. Without them, the services cannot be provided. “BIGipServerpool_htb-clusterX”: cookies relating to Travelclick servers. “toolboxBarPosition”: cookies concerning the user's current session and preferences. “CONDORSESSIONID”: cookies concerning the user's current session. “useCookies”: cookies banner. “useCookiesCounter”: cookies banner. Cookies concerning Google Analytics: These cookies are used to analyse Site usage. They help us understand how Users use and interact with the Site. Google Analytics (_ga, _gid, _gat, _gac, __utmX): - “o _ga”: identifies Users, expires in 2 years. - “o _gid”: identifies Users, expires in 24 hours. - “o _gat”: accelerates queries, expires in 1 minute. - “o _gac_<property-id>”: contains information on the User. - “o _utma”: identifies Users and sessions, expires in 2 years. - “o _utmt”: accelerates queries, expires in 10 minutes. - “_utmb”: determines whether this is a new User session or visit. - “__utmz”: identifies how the User reached the Site, expires in 6 months. - “__utmv”: customizes the customer experience, expires in 2 years. - “Hotjar” - “Piwik” For more details on the cookies used by Google, see the Google's official documentation at the following address: https://developers.google.com/analytics/devguides/collection/analyticsjs/cookie-usage Advertising cookies and third-party cookies: These cookies are used by Travelclick and third parties to display content relevant to Users' interests and to measure the effectiveness of online campaigns on the Site. The third parties concerned including but not limited to Google DoubleClick, Google Maps, AddThis, Triptease and SaleCycle.