CUSTOMER DATA PROTECTION CHARTER
1. COMMITMENT BY SNC KARAIBES HOTEL TO THE PROTECTION OF PRIVACY
Because we consider you a valued customer, our top priority is to offer you exceptional stays and moments.
Your complete satisfaction and confidence in SNC KARAIBES HOTEL are essential to us.
That’s why, as part of our commitment to meeting your expectations, we have implemented a policy to protect your personal data. This charter embodies our commitments to you and describes the terms and conditions under which SNC KARAIBES HOTEL uses your personal data.
2. PRINCIPLES GOVERNING THE PROTECTION OF YOUR PERSONAL DATA
In accordance with current regulations, in particular the General Data Protection Regulation adopted in Europe, we have established the following 8 principles for processing your data:
- Licéité: nous n’utilisons des données personnelles que si :
- we have obtained the person’s consent, OR
- it is necessary for theperformance of a contract to which the person is a party, OR
- this is necessary to comply with a legal obligation, OR
- this is necessary to safeguard the person’s vital interests, OR
- we pursue a legitimate interest in using personal data and this use does not infringe on the freedoms and interests of the individual.
- Loyalty: we explain how the personal data we collect is useful to us
- Specified purposes and data minimization: we collect only the personal data we really need. If we can achieve the same result using less personal data, then we make sure to use only that data.
- Transparency: we inform data subjects about how we use their data.
- We make it easy for data subjects to exercise their rights: access to data, rectification and deletion of data, and opposition to data processing.
- Retention periods: we only keep personal data for limited periods.
- We ensure the security of personal data, i.e. its integrity and confidentiality.
- If personal data is to be used by a third party, we ensure that the third party is able to protect the personal data.
If you have any questions about the 8 principles of data protection, please contact the Personal Data Protection department, whose contact details are given in article 9 “Your rights”.
3. WHAT PERSONAL DATA IS COLLECTED?
At various times, we may collect information about you or the people accompanying you, in particular:
- contact details (e.g. surname, first name, telephone number, email);
- personal information (e.g. date of birth, nationality);
- your credit card number, (for transaction and reservation purposes) ;
- information contained on an identity document (e.g. identity card, passport or driving license);
- your arrival and departure dates ;
- your preferences and interests (e.g. ground floor or upper floor, front or back of the hotel, etc.);
- your questions/comments, during or after a stay;
- technical and location information generated in connection with the use of our website and applications.
4. WHEN IS YOUR PERSONAL DATA COLLECTED?
Personal data may be collected on various occasions, including :
- Activités hôtelières :
- Room reservation ;
- Registration and payment ;
- Hotel stay and services offered during the stay ;
- Consumption at the bar during a stay ;
- Inquiries, claims and/or disputes.
- Participation à des programmes ou animations marketing :
- Subscribe to newsletters, to receive offers and promotions by email.
- Transmission d’informations en provenance de tiers :
- Tour operators, travel agencies (online and offline), GDS reservation systems and others;
- Activités Internet :
- Connections to the www.karaibeshotel.com website (IP address, cookies, see banner at the top of the website);
- Online collection forms (online booking)
5. FOR WHAT PURPOSES IS YOUR DATA COLLECTED AND HOW LONG IS IT STORED?
The table below shows the purposes for which we process your data, the legal basis for this processing and the associated retention periods:
Purpose/Activity | Legal basis for processing, including legitimate interest pursued | Shelf life | |
Fulfilling our obligations to our customers. | Processing necessary for the performance of a contract to which you are a party. Processing necessary to comply with a legal obligation. Processing necessary for the pursuit of our legitimate interest in managing our business and providing you with the products and services you have requested. | 10 years from the date of reservation, in accordance with our legal obligations. | |
Manage room reservations and accommodation requests, in particular drawing up and keeping legal documents in compliance with accounting standards. | |||
Manage your stay at the hotel: Manage access to rooms Track your consumption (telephone, bar, etc.). | Processing necessary for the performance of a contract to which you are a party. Processing necessary for the pursuit of our legitimate interest in managing our business and providing you with the products and services you have requested. | For the duration of your stay. | |
Manage our relationship with our customers before, during and after your stay: Loyalty program management Send you newsletters, promotions and hotel or service offers, or contact you by telephone, in compliance with the obligations arising from the European ePrivacy Directive (2002/58/EC as amended in 2009). | Processing necessary for the performance of a contract to which you are a party and for the management of your loyalty program membership. Processing necessary for the pursuit of our legitimate interest in promoting and improving our services. Processing based on your consent for direct marketing purposes. | If you are not a member of the loyalty program, 3 years from the date you were last active with us in any way. If you are a member of the loyalty program, 6 years from the date you were last active with us in any way. | |
To improve our hotel service, in particular: Personalizing your welcome at the hotel, improving the quality of service and the customer experience Processing your personal data in our customer marketing program, in order to carry out marketing operations, promote brands and have a better understanding of your needs and wishes Adapting our products and services to best meet your requests Personalizing merchant offers and relational messages to your attention Informing you of special offers. | Processing necessary for the performance of a contract to which you are a party in connection with the management of your loyalty program membership. Processing necessary for the pursuit of our legitimate interest in promoting our services, carrying out direct marketing actions and improving our services. | If you are not a member of the loyalty program, 3 years from the date you were last active with us in any way. If you are a member of the loyalty program, 6 years from the date you were last active with us in any way. | |
Secure and improve your use of the website, in particular: Improving navigation Assistance and maintenance, and Implementing security and fraud prevention measures. | Processing necessary for the pursuit of our legitimate interest in managing our business, providing IT, administration and network security services in order to prevent fraud. | 13 months from the date of collection. | |
Internal management of a list of customers who have behaved inappropriately during their stay at the hotel (aggression and incivilities, failure to comply with the hotel contract, failure to comply with security rules, theft, damage and vandalism or payment incidents). | Processing necessary for the pursuit of our legitimate interest in managing our business, providing IT, administration and network security services in order to prevent fraud. | Up to 122 days from event registration. | |
Secure payment operations by determining the level of fraud risk associated with each transaction. | Processing necessary for the pursuit of our legitimate interest in managing our business and preventing the risk of fraud. | 90 days for analysis and control purposes, then 2 years in a separate database for system improvement purposes. In the event of registration in the incident file, 2 years from registration or until the situation is regularized, whichever comes first. | |
Securing property and people, and combating non-payment and inappropriate customer behavior in the following categories: aggression and incivility, non-compliance with the hotel contract, non-compliance with safety regulations, theft, damage and vandalism, and payment incidents. The “inoperative” status may lead the hotel to refuse the customer a reservation when he or she returns to the same hotel. | Processing necessary for the pursuit of our legitimate interest in managing our business, securing property and persons and combating non-payment. | 122 days from registration. | |
Use the necessary services to trace the identity of people present in the event of serious events affecting the facility (natural disasters, terrorist attacks, etc.). | Processing necessary to protect the vital interests of customers. | For the duration of the event. | |
Compliance with all applicable legislation (e.g. retention of accounting documents), including: Management of requests to unsubscribe from newsletters, promotions, and satisfaction surveys Management of requests from data subjects for protection of their personal data. | Processing required to comply with a legal obligation. | For the duration specified in the applicable local legislation. | |
6. CONDITIONS OF ACCESS BY THIRD PARTIES TO YOUR PERSONAL DATA
- Nous partageons vos données avec un nombre limité de personnes et de services autorisés, afin de vous offrir la meilleure expérience possible dans notre hôtel. Les équipes suivantes peuvent accéder à vos données :
- Hotel staff ;
- Sales partners and marketing services ;
- Medical services if required ;
- Generally, any person appropriate for certain specific categories of personal data.
- Avec des fournisseurs prestataires de services et partenaires : vos données personnelles peuvent être transmises à un tiers dans le but de vous fournir des services et d’améliorer votre séjour, notamment :
- External service providers: banks, accountants.
- Local authorities: we may also pass on your information to local authorities, if required by law or as part of an investigation and in accordance with local regulations.
7. DATA SECURITY
SNC KARAIBES HOTEL takes appropriate technical and organizational measures, in accordance with applicable legal provisions (in particular Article 32 of the RGPD), to protect your personal data against destruction, loss or alteration, misuse and unauthorized access, modification or disclosure, whether such actions are unlawful or accidental. To this end, we have put in place technical measures (such as firewalls) and organizational measures (such as a login/password system, physical safeguards, etc.) to ensure the ongoing confidentiality, integrity, availability and resilience of processing systems and services. When you transmit your credit card information when booking, SSL (Secure Socket Layer) encryption technology is used to secure your transactions. Organizational measures ensure the security of processing.
8. COOKIES AND OTHER TRACKERS
SNC KARAIBES HOTEL uses cookies and other tracking devices on its website. To find out more about SNC KARAIBES HOTEL’s use of these cookies and how to configure them, please consult our cookies policy via the “Cookies” link at the top of our website.
9. YOUR RIGHTS
You have the right to obtain information and access to your personal data collected by SNC KARAIBES HOTEL, subject to applicable legal provisions.
You also have the right to have your data corrected, deleted or to restrict its processing. In addition, you have the right to data portability and the right to define instructions for the processing of your data after your death (as late as possible!). You may also object to the processing of your data.
If you wish to exercise these rights, please contact the department in charge of personal data directly by mail at the following address
Karaibes hotel – Route des hotels – Pointe de la verdure- 97190 LE GOSIER
In the interests of confidentiality and the protection of your personal data, we will need to identify you in order to respond to your request. If you have reasonable doubts about your identity, you may be asked to enclose a copy of an official identity document, such as an ID card or passport, in support of your request. In this case, a black-and-white copy of one of these documents will suffice.
All requests will be processed as quickly as possible and in accordance with applicable law.
10. UPDATES
We may change this Privacy Policy from time to time. We therefore invite you to consult it regularly.