INTRODUCTION
With respect to personal data protection, Collège Hôtel, SA NOUVELLE SOCIETE CELTIC HOTEL (registration number 327 612 602 00018) undertakes to practice full transparency with regard to the collection, analysis and purpose of the processing of its clients’ personal data.
“Personal Data” is information collected and recorded that may identify you as an individual either directly (e.g. name) or indirectly (e.g. telephone number). Before providing us with any such information, we suggest you familiarise yourself with the provisions of this document describing our client privacy policy.
This privacy policy is an integral part of the terms and conditions governing our hospitality services. By consenting to our terms and conditions, you expressly accept the provisions laid down herein.
SA NOUVELLE SOCIETE CELTIC HOTEL belongs to the èhotels-Lyon group (SAS MISE EN ŒUVRE) which may have occasion to centralise and process the data for the same purposes set out hereafter.
PERSONAL DATA COLLECTED
As a client of SA NOUVELLE SOCIETE CELTIC HOTEL, you will be asked to provide information about yourself and/or members of your family, including but not limited to:
• Contact information: name, postal address, telephone number, email address;
• Personal information: date of birth and nationality;
• Information about your children: first name, date of birth, age;
• Your credit card number for booking and billing purposes;
• Your date of arrival and departure;
• Preferences and interests (smoking/nonsmoking room, preferred floor, type of bedding, favourite newspapers, interest in sports or the arts);
• Your questions/feedback during or subsequent to a stay in our establishment.
The only information collected about persons under the age of 18 is their name, nationality and date of birth. Such information may only be provided by an adult. Please ensure that your children do not inadvertently share personal information with us without your consent, in particular online. Should such information come into our possession, you can contact the hotel directly to request deletion.
We intentionally refrain from collecting sensitive information such as racial or ethnic origins, political opinions, religious or philosophical beliefs, trade union membership, medical data or sexual orientation.
Personal data may be collected on various occasions such as:
• Hotel stays:
> Room reservation;
> Registration and payment;
> Purchases made at the bar or restaurant during your stay;
> Requests, complaints and/or disputes.
• Participation in marketing campaigns or events:
> Responding to satisfaction surveys;
> Subscribing to newsletters in order to receive email offers and promotions.
• Transmission of information from third parties:
> Channel managers, tour operators, travel agencies, OTAs, Metasearch, GDS booking systems etc.
• Online activities:
> Connection to the Collège Hotel website (IP address, cookies, web trackers);
> Forms (online booking, questionnaires, SA NOUVELLE SOCIETE CELTIC HOTEL pages on social media, log-in devices such as Facebook Login etc.).
PURPOSE OF THE PROCESSING OF PERSONAL DATA
We collect your personal data for the purpose of:
• Fulfilling our obligations to our clients.
• Managing room reservations and accommodation requests:
> Drawing up and storing legal documents in compliance with accounting standards.
• Handling your stay in the hotel:
> Monitoring purchases (telephone, bar, restaurant etc);
> Managing room access;
> Keeping a record of those guests exhibiting inappropriate behaviour during their stay (violence and antisocial behaviour, failure to comply with contractual obligations, failure to respect safety regulations, theft, damage to property and vandalism or outstanding payments).
• Improving our services, in particular:
> Processing your personal data in relation to customer marketing campaigns in order to perform marketing operations, brand promotions and gain a better understanding of your needs and desires;
> Adapting our products and services to better meet your expectations;
> Producing targeted commercial offers and messages;
> Keeping you informed about special offers and any new services available;
• Managing customer relations before, during and subsequent to the stay.
• Managing the loyalty programme:
> Qualifying the customer database;
> Performing segmentation operations on the basis of clients’ booking history and travel behaviour in order to send out targeted communications;
> Forecasting and anticipating future behaviour;
> Drawing up statistics and commercial scoring and producing reports;
> Supplying contextual data to the push notification tool when a client visits the hotel website or makes a booking;
> Discovering and managing the preferences of regular or other clients;
> Sending you newsletters, tourist, hospitality or service offerings from SA NOUVELLE SOCIETE CELTIC HOTEL or its partners or contacting you by telephone;
> Handling unsubscribe requests for newsletters, special offers, tourist promotions or satisfaction surveys;
> Responding to requests under the right of objection;
> Contacting people present in the hotel in the event of serious events impacting the site in question (natural catastrophes, terrorist attacks etc.) by means of a dedicated telephone service.
• Cross-referencing, analysing and combining the data collected during booking or a stay at the hotel via a trusted third party with a view to determining your interests and customer profile and sending you targeted offers.
• Improving the services offered by SA NOUVELLE SOCIETE CELTIC HOTEL in particular:
> Performing studies and analysing questionnaires and client feedback;
> Handling complaints;
> Unlocking the benefits of our loyalty programme.
• Securing and enhancing your use of the web sites belonging to SA NOUVELLE SOCIETE CELTIC HOTEL, in particular:
> Improving your browsing experience;
> Implementing security and fraud prevention measures.
• Complying with legal obligations under French law.
RETENTION OF PERSONAL DATA
We retain your personal data for the period necessary to fulfil the purpose for which that data was collected. The minimum retention period is one year.
CONDITIONS OF ACCESS BY THIRD PARTIES
In order to provide you with the best possible service, SA NOUVELLE SOCIETE CELTIC HOTEL may share your personal data and give access to authorised staff of our partners including but not limited to:
> Hotel staff;
> Booking clerks;
> IT departments;
> Sales and marketing partners;
> Medical departments, where appropriate;
> Legal departments, where appropriate;
> More generally, any appropriate person from the èhotels group, for certain specific categories of personal data.
Local authorities: in the event of a legal requirement or in relation to an investigation and in compliance with local regulations.
RIGHT OF ACCESS. CORRECTION, DELETION
We undertake to grant you right of access and correction should you wish to consult, modify or delete any personal information pertaining to you.
You can exercise this right by contacting the hotel directly.
Any such requests will be handled promptly and in compliance with applicable law.
RIGHT OF OBJECTION
We undertake to grant you right of objection to the processing of your personal information.
The right of objection refers to the possibility for clients to object to the use of their personal data for certain purposes for which they were collected.
You can exercise this right by contacting the hotel directly.
Any such requests will be handled promptly and in compliance with applicable law.
SECURITY
We undertake to apply appropriate security measures when processing our clients’ personal data in particular with a view to safeguarding them against unauthorized or unlawful use, loss, destruction, accidental alteration or disclosure to unauthorized persons.
We apply the following measures to safeguard personal data:
• Incremental IT backup on dedicated servers
+ additional backup copy on NAS
+ duplication of the NAS on a second NAS
• Physical firewall (Stormshield)
> Conditional access via Microsoft VPN according to the user/Active Directory for off-site data consultation
• Primary dedicated server for customer database/software database
> Use of Active Directory (a system granting file access rights depending on the users)
> Protel encrypted software with user-conditioned document access + journey tracking
• Backup server for the TSE system connected to the Active Directory
> Internal messaging connected to Active Directory.