Privacy Policy - Le Petit Mas Thym

Last update: August 11, 2023
As part of this website, the owners of Petit Mas Thym carry out processing of personal data.
These processing operations are carried out in accordance with the legislation in force, in particular Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016, General Data Protection Regulation (GDPR) and Law No. 78-17 of 6 January 1978, Data Protection Act (LIL), as amended.

Definitions

Personal data: any information that identifies, directly or indirectly, a natural person.

Processing: any operation or set of operations applied to personal data (examples: collection, registration, organization, consultation, extraction, erasure, destruction).

Controller: the natural or legal person, public authority, service or other body that determines the purposes and means of processing.

Data subject: person whose personal data are processed.

Obligation of the owners of Petit Mas Thym for www.lepetitmasthym.fr

Communication on the identity of the controller

The controllers are: contact details of the future owners.

Appointment of a Data Protection Officer (DDP)

The data protection officers of the lepetitmasthym.fr website are [contact details of future owners].
In particular, their mission is to inform and advise the controller. Any request relating to the protection of personal data can be sent by postal mail to [NAME and First Name] – [postal address] or by email to booking@lepetitmasthym.com or via the contact form.

Security measure

[owners of the Mas] put in place technical and organizational security measures to protect the personal data processed.
Any security breach detected can be reported to the Information Systems Security Officer (ISSI) by email at: booking@lepetitmasthym.com.

Information of persons whose data are processed

[owners of the Mas] inform you during the collection:

The purpose of the collection;
The mandatory or optional nature of the collection;
Recipients of the data: [owners of the Mas] and as well as all internal stakeholders who are authorized and need to know your request;
The retention period of data;
Possible transfer of data outside the EU;
Your rights over your data and the right to lodge a complaint with the CNIL.

Processing concerning the contact form

[owners of the Mas] collect information about you to respond to your contact request.
The data collected will be communicated only to the following recipients: [owners of the Mas] as well as all internal stakeholders who are authorized and need to know your request.
The data are kept for a period not exceeding 12 months, unless there is an early request for the deletion of the data.

Processing concerning the Guest Book form

[owners of the Mas] collect information about you to respond to your request to add a word to the Guest Book.
The data collected will be communicated only to the following recipients: [owners of the Mas] as well as all internal stakeholders who are authorized and need to know your request.
The data are kept for a period not exceeding 12 months, unless there is an early request for the deletion of the data.

Processing concerning the booking form

[owners of the Mas] collect information about you to respond to your reservation request.
The data collected will be communicated only to the following recipients: [owners of the Mas] as well as all internal stakeholders who are authorized and need to know your request.
The data are kept for a period not exceeding 12 months, unless there is an early request for the deletion of the data.

Rights of persons whose data are processed

In accordance with Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016, General Data Protection Regulation (GDPR) and Law No. 78-17 of 6 January 1978, Data Protection Act (LIL), as amended, you have the right of access, rectification, erasure, opposition, limitation of processing, data portability, to make a complaint to the CNIL and to define directives relating to the fate of your data after your death.

The right of access

You can request the communication of your personal data.
[owners of the Mas] may not follow up, especially when your request is unfounded or excessive or infringes the rights of third parties.

The right of rectification

You can request the correction of your personal data that is inaccurate or incomplete.

The right to erasure or the right to be forgotten

You can request the erasure of personal data concerning you, provided that you are in one of the following cases:

Your data is no longer necessary in view of the objectives of the processing initially established;
You withdraw your consent to the use of your data (in cases where the processing is based on your consent);
Your data was collected when you were a minor;
Your data is subject to unlawful processing;
Your data must be erased to comply with a legal obligation;
You object to the processing of your data and there is no compelling legitimate reason for the processing.

It is important to specify the data you are requesting to be deleted.

The right to opposition

You can request the erasure of personal data concerning you, provided that you are in one of the following cases:

Your data is no longer necessary in view of the objectives of the processing initially established;
You withdraw your consent to the use of your data (in cases where the processing is based on your consent);
Your data was collected when you were a minor;
Your data is subject to unlawful processing;
Your data must be erased to comply with a legal obligation;
You object to the processing of your data and there is no compelling legitimate reason for the processing.

It is important to specify the data you are requesting to be deleted.

The right to limitation of processing

You can request to temporarily freeze the use of some of your data.
If you dispute the accuracy of your data or object to your data being processed, the law authorizes us to verify or examine your request for a certain period of time.

The right to data portability

You can request to recover part of your data in a machine-readable format.
This right applies to:

The data you have provided;
The processing of which is based on your consent;
Whose processing is automated.

The exercise of this right must not infringe the rights and freedoms of third parties.

The right to complain to the CNIL

If you feel, after contacting us, that your rights are not respected, you can file a complaint with the CNIL.

The right to choose the fate of your data after your death

In accordance with Article 85 of the Data Protection Act, as amended: “any person may define directives relating to the retention, erasure and communication of his personal data after his death”.

The directives can be general or specific:

The general guidelines relate to all the personal data of the data subject.
They can be registered with a digital trusted third party certified by the CNIL.
The specific directives relate to the processing of personal data mentioned in these directives. They are registered with the data controllers concerned. The person concerned must give specific consent. The specific directives cannot result from the sole approval of general conditions of use.

Exercise of your rights

We provide you with the following means to exercise your rights:

Or by email to the address of the Data Protection Officer booking@lepetitmasthym.com;
Either via the site’s contact form;
Either by postal mail to [NAMES and Surnames + address of the owners of the Mas].

[Optowners of the Mas] will answer you, in principle, within 1 month of receipt of the request. But as an exception, this period will be extended to 3 months in the event of a complex request or if there are a large number of applications in progress. You will be informed during the 1-month period of the reasons for the possible extension of the deadline.

Do you have a question about the privacy policy of lepetitmasthym.com? Do not hesitate to contact us.