Privacy Policy

www.grotte-saintcezaire.com

ARTICLE 1: PREAMBLE

This privacy policy applies to the website: www.grotte-saintcezaire.com.

The purpose of this privacy policy is to inform users of the :

  • How their personal data is collected and processed. Personal data is any data that can be used to identify a user. This includes the first and last name, age, postal address, e-mail address, location of the user or his IP address;
  • What are the rights of the users regarding this data?
  • Who is responsible for processing the personal data collected and processed?
  • To whom these data are transmitted ;
  • Possibly, the site's policy on "cookies".

This privacy policy complements the legal notice and the General Conditions of Use which users can consult at the following address


ARTICLE 2: GENERAL PRINCIPLES ON DATA COLLECTION AND PROCESSING

In accordance with the provisions of Article 5 of the European Regulation 2016/679, the collection and processing of data of the users of the site respect the following principles:

  • Lawfulness, fairness and transparency: data can only be collected and processed with the consent of the user who owns the data. Whenever personal data is collected, the user will be informed that his or her data is being collected, and for what purpose the data is being collected;
  • Limited purposes: the collection and processing of data is carried out for one or more of the purposes set out in these general terms of use;
  • Minimisation of data collection and processing: only the data necessary for the proper execution of the objectives pursued by the site are collected;
  • Time-limited data retention: data is retained for a limited period of time, of which the user is informed. If the period of retention cannot be communicated to the user ;
  • Integrity and confidentiality of collected and processed data: the data controller undertakes to guarantee the integrity and confidentiality of the data collected.

In order to be lawful, and in accordance with the requirements of Article 6 of the European Regulation 2016/679, the collection and processing of personal data may only take place if they comply with at least one of the following conditions

  • The user has expressly consented to the processing;
  • The processing is necessary for the proper performance of a contract;
  • The processing is in response to a legal obligation;
  • The processing is necessary to protect the vital interests of the data subject or of another natural person;
  • The processing may be necessary for the performance of a task carried out in the public interest or in the exercise of official authority;
  • The processing and collection of personal data is necessary for the legitimate and private interests pursued by the controller or a third party.


ARTICLE 3: PERSONAL DATA COLLECTED AND PROCESSED WHEN BROWSING THE SITE

  1. DATA COLLECTED AND PROCESSED AND METHOD OF COLLECTION

The personal data collected on the www.grotte-saintcezaire.com website are the following:

Name
First name
E-mail address:
Telephone:
Chosen date of visit
Number of persons

This data is collected when the user performs any of the following operations on the site:

When the user wishes to obtain information about our site;
when the user wishes to make a reservation for the cave or the restaurant

The data controller will keep all the data collected in its computer systems on the site under reasonable security conditions for a period of : 1 year.

The data are collected and processed for the following purposes:

Be able to contact people who have made a reservation (to know, for example, how the reservation is evolving in terms of time or number of participants)

  1. TRANSMISSION OF DATA TO THIRD PARTIES

The personal data collected by the site are not transmitted to any third party and are only processed by the site editor.

  1. DATA HOSTING

The website www.grotte-saintcezaire.com is hosted by : 1&1 - INTERNET SARL, whose headquarters are located at the following address

INTERGEST SA, 7, Place de la Gare 57 201 SARREGUEMINES Cedex

The host can be contacted on the following telephone number: 0970 808 911

The data collected and processed by the site are exclusively hosted and processed in France.


ARTICLE 4: DATA CONTROLLER

  1. THE DATA CONTROLLER

The person responsible for processing personal data is: Mr Christophe CORLAY. He can be contacted in the following way:

The data controller can be reached from Monday to Friday at: 04 93 60 22 35 from 10:00 to 14:30

The data controller is responsible for determining the purposes and means of processing personal data.

  1. OBLIGATIONS OF THE DATA CONTROLLER

The data controller undertakes to protect the personal data collected, not to pass them on to third parties without the user's knowledge and to respect the purposes for which the data was collected.

The site has an SSL certificate to ensure that information and data transfer through the site is secure.

An SSL certificate ("Secure Socket Layer" Certificate) is intended to secure the data exchanged between the user and the site.

In addition, the data controller undertakes to notify the user of any rectification or deletion of data, unless this would entail disproportionate formalities, costs and steps for the user.

In the event that the integrity, confidentiality or security of the user's personal data is compromised, the controller undertakes to inform the user by any means.

ARTICLE 5: USER'S RIGHTS

In accordance with the regulations concerning the processing of personal data, the user has the following rights

In order for the data controller to comply with the request, the user is required to provide the following information: first and last name and e-mail address.

The data controller is obliged to respond to the user within a maximum of 30 (thirty) days.

  1. PRESENTATION OF THE USER'S RIGHTS REGARDING DATA COLLECTION AND PROCESSING

  1. Right of access, rectification and deletion

The user may view, update, modify or request the deletion of his or her data, in accordance with the procedure set out below:

The user should send an e-mail to the data controller, specifying the subject of the request, using the contact address provided above.

  1. Right to data portability

The user has the right to request the portability of his/her personal data, held by the site, to another site, by complying with the following procedure:

The user must request the portability of his/her personal data from the data controller by sending an e-mail to the above address

  1. Right to limit and object to data processing

The user has the right to request the limitation of or to oppose the processing of his/her data by the site, without the site being able to refuse, unless it can be shown that there are legitimate and compelling reasons, which can prevail over the interests and rights and freedoms of the user.

In order to request the limitation of the processing of his/her data or to formulate an objection to the processing of his/her data, the user must follow the following procedure:

The user must make a request to limit the processing of his/her personal data to the data controller, by sending an e-mail to the address provided above

  1. Right not to be subject to a decision based exclusively on an automated process

In accordance with the provisions of Regulation 2016/679, the user has the right not to be subject to a decision based exclusively on an automated process if the decision produces legal effects concerning him or her, or significantly affects him or her in a similar way.

  1. Right to determine the fate of data after death

The user is reminded that he/she can organise what should happen to his/her collected and processed data if he/she dies, in accordance with law n°2016-1321 of 7 October 2016.

  1. Right to refer to the competent supervisory authority

In the event that the data controller decides not to respond to the user's request, and the user wishes to contest this decision, or if he/she believes that one of the rights listed above has been infringed, he/she is entitled to refer the matter to the CNIL (Commission Nationale de l'Informatique et des Libertés, https://www.cnil.fr) or to any competent judge.

  1. PERSONAL DATA OF MINORS

In accordance with the provisions of Article 8 of the European Regulation 2016/679 and the French Data Protection Act, only minors aged 15 or over may consent to the processing of their personal data.

If the user is a minor under the age of 15, the consent of a legal representative will be required in order for personal data to be collected and processed.

The site editor reserves the right to verify by any means that the user is over 15 years of age, or that he has obtained the agreement of a legal representative before browsing the site.

ARTICLE 6: CONDITIONS FOR AMENDING THE PRIVACY POLICY

This privacy policy can be consulted at any time at the following address

Privacy Policy

The site editor reserves the right to modify it in order to ensure its conformity with the law in force.

Therefore, the user is invited to consult this privacy policy regularly in order to be informed of the latest changes.

The user is informed that this privacy policy was last updated on: 28/05/2018.


ARTICLE 7: ACCEPTANCE BY THE USER OF THE PRIVACY POLICY

By browsing the site, the user certifies that he/she has read and understood this privacy policy and accepts its conditions, particularly with regard to the collection and processing of his/her personal data.

Partner website Creation and realisation of the site
Terms & Conditions Terms and conditions of sale Domaine de la Grotte © 2024