Personal Data Protection Policy
Hôtel Coeur Marin is committed to protecting your personal data and ensuring a high level of protection in accordance with European Regulation 2016/679 and the French Data Protection Act No. 78-17.
Below is our personal data protection policy, which explains what personal data we collect, how it is processed, on which basis, its retention, and your personal rights. We invite you to read it.
Our Data Protection Officer is available to answer all your questions, you can contact them at the following address: RGPD@madeho.fr
You can find the text of the applicable European Regulation here: https://eur-lex.europa.eu/legal-content/FR/TXT/?uri=CELEX%3A32016R0679 or consult the regulatory authority (CNIL) via its website www.CNIL.fr.
This version of the personal data policy may be modified by us if necessary and you will be informed.
Your Data Controller
Hôtel Coeur Marin is the data controller of your personal data, and you can find their contact details below: 8 Boulevard Franklin Roosevelt, 85100 Les Sables-d'Olonne, FRANCE; referred to by name or "We" herein.
Your Personal Data and Its Collection by Hôtel Coeur Marin
Your personal data may be collected during:
your visit to our site,
our communications,
our prospecting actions,
the formation or execution of our contracts.
We do not collect any data not necessary for the processing purpose mentioned during collection or data prohibited by law or regulation.
The collection of certain data may be mandatory or optional, and you are informed of the mandatory information. Your personal data may be collected by third-party providers or partners who commit to compliance with European and national data protection regulations.
Our policy is not to transfer your data outside the European Union; if we do so exceptionally, this transfer will only take place to a country or organization covered by an adequacy decision (art.45 GDPR) or providing sufficient appropriate safeguards (art.46 GDPR).
We do not make any automated decisions.
We may potentially collect the following personal data of yours:
Civil status, identity, contact details, images
Personal life
Professional life
Economic and financial personal data
Connection data
Unique national identification number
Health data
Criminal convictions or offenses
Our Processing of Your Personal Data
We process your personal data by entering it into databases; it is stored, retained, and may be corrected, deleted, archived, anonymized, or pseudonymized, transferred to trusted third parties.
We may process your personal data for the following processing purposes or for other purposes specified to you during collection:
Your information about our commercial (products, services...) and promotional offers – Communicating with you
We may use your personal data for commercial prospecting purposes, particularly to send you information on our products/services, our commercial and promotional offers, quotes and other pre-contractual documents, our news by email, mail, or phone.
Execution of your ongoing contracts and customer follow-up
We use your personal data to ensure the execution of ongoing contracts according to your requests. We may also send you all information on your order or your ongoing contracts, their execution, your invoices and contractual documents, advice, execution of our guarantees if applicable, and our legal obligations. We also use your personal data to manage our customer relationship, your requests or complaints, if applicable disputes, and track your customer history.
Improving the use of our services and enhancing our offers
We process your personal data to enable optimal use of our services, improve our offers and products/services, track your user journey, conduct satisfaction surveys, anonymous surveys and statistics.
Your payments
Your banking details may be collected either directly by us or by a dedicated and selected provider, who guarantees the complete confidentiality of your banking data, and these details are only retained for the time necessary for the duration of the contractual relationship or within legal limits.
Protection against fraudulent initiatives
The personal data collected may be used to combat fraud, particularly on payments or withdrawals made. As such, our payment security providers may be made recipients of this data.
Ensuring compliance with law and court decisions
Your Data may be used to:
Respond to a request from an administrative or judicial authority, a legal representative, a justice assistant, or comply with a court decision;
Ensure compliance with our general terms of sale/service;
Protect our rights and/or seek redress for damages we may suffer or limit the consequences;
Prevent any action contrary to laws in effect, particularly in the context of fraud risk prevention.
We may also process your personal data for the following purposes:
Business relationship:
Sending marketing campaigns by email, mail or phone (including via a service provider)Various:
Electronic signatureInternet:
Create and manage your user accountCookie management:
Performance cookies: to establish anonymous statistics and site traffic levels, and tracking and personalization collecting information on your site use, allowing for customization of our offers,
Third-party cookies: to target ads that may interest you based on identifiable interests. These cookies are governed by the policy applied by third parties, not by Hôtel Coeur Marin,
Analytics cookies: allowing us to understand and analyze your navigation on our site.
The Basis for Processing Your Personal Data
In accordance with regulation, our processing of your personal data is based if it relies on one of the following foundations:
Your consent to our processing of your data: you consent to the processing of your personal data through express consent. You may withdraw this consent at any time with our DPO; or
The existence of a contract between you and us: data processing is then justified by the needs of contract execution; or
Our legitimate interest in processing your personal data as long as this proportionate interest respects your fundamental rights and privacy; or
The Law or current regulation when it requires the processing and retention of your personal data.
Methods and Duration of Retention of Your Personal Data
We manage your personal data in three phases:
An active phase where data is retained for the time stated below in the "active" database: your personal data is then accessible only to individuals with an operational need to access it to perform authorized processing
An archiving phase (for additional time to retention in the "active" database) when a legitimate reason justifies it: your personal data is then archived with restricted access for a limited time.
A deletion or anonymization phase: at the end of the additional archiving period below, your personal data is deleted or anonymized (so that it can no longer constitute personal data identifying you).
Your personal data is retained for the time necessary for their processing, our customer relationship if applicable, and contract execution within regulatory specific limits; we may retain your personal data in archives for the needs of retaining accounting, tax, or evidential documents as long as applicable statutory periods. As an example, below are retention periods applicable to the following treatments (subject to regulation imposing different retention periods):
Processing purpose | Processing basis | Retention of personal data in "active" database | Additional archiving |
Prospecting | Your consent | 3 years if you have not actively responded to any solicitation. The period restarts in case of active solicitation on your part. | X |
Execution of our contractual obligations to you / services | Contract | The time necessary for contract execution and 3 years from the end of the business relationship (last activity such as end of contract execution (purchase, service...), login on the site as a registered user) | 5 years after the contractual relationship |
Customer relationship | Contract | 3 years from the end of the business relationship (last activity on your part with us) | 5 years after the contractual relationship |
Withdrawal of Your Consent for the Collection or Processing of Your Personal Data
You may withdraw your consent given for the collection of your personal data by writing to our DPO by email or mail at the addresses listed above, mentioning your first and last name, email, and address with the nature and specific purpose of your withdrawal request.
You can also send any comments on your personal data to Hôtel Coeur Marin, 8 Boulevard Franklin Roosevelt, 85100 Les Sables-d'Olonne, FRANCE.
Exercising Your Rights on Your Personal Data
You have:
A right of access, allowing you to obtain:
Confirmation that data concerning you is or is not being processed;
A copy of all personal data held by the data controller.
A right to request the portability of certain data: it allows you to retrieve your personal data in a structured, commonly used, and machine-readable format.
A right to object: it allows you to no longer be subject to commercial prospecting from us or our partners, or, for reasons related to your particular situation, cease the processing of your data for research and development, fraud prevention, and prevention purposes.
A right to rectification: it allows you to rectify information about you that is outdated or incorrect. It also allows you to complete incomplete information about you.
A right to erasure: it allows you to obtain the deletion of your personal data subject to legal retention periods. It may specifically apply if your data is no longer necessary for processing.
A right to restrict processing: it allows you to limit the processing of your data in the following cases:
In case of illicit use of your data;
If you dispute their accuracy;
If you need the data to note, exercise, or defend your rights.
They will then no longer be subject to active processing and cannot be modified during the duration of the exercise of this right.
A right to obtain human intervention: data controllers may use automated decision-making for subscription or management of your contract. In this case, you may ask what the determining criteria of the decision were from the Data Protection Officer.
You can exercise these rights by email: RGPD@madeho.fr or by letter to the following address: 8 Boulevard Franklin Roosevelt, 85100 Les Sables-d'Olonne, FRANCE, indicating your first and last name, home address, and email (if applicable your customer references) and the purpose of your request in clear and legible terms. Hôtel Coeur Marin commits to responding to your verified request within one month from its receipt.
In case of difficulty, you can address our Data Protection Officer directly by email: RGPD@madeho.fr or contact the Commission Nationale de l'Informatique et des Libertés (CNIL).
Our Subcontractors and Partners
Hôtel Coeur Marin may transmit your personal data to subcontractors performing services involving processing of your data in compliance with the purposes set out herein; these subcontractors must confer the same level of confidentiality to your personal data as Hôtel Coeur Marin and have committed to full compliance with data protection regulations, notably GDPR.
We do not trade your personal data; if you wish to know more and specifically identify the providers or partners to whom your personal data has been transmitted, you can contact our DPO at the following address: RGPD@madeho.fr.
Providers or partners who may access your personal data can include:
Providers potentially managing outsourced services for the execution of our services and contracts,
Providers helping us improve our services, perform data analyses, and optimize our offers, conduct surveys and statistics,
Auditors, accountants, consultants, lawyers, auditing firms, IT and outsourcing service providers, security providers,
Investors and buyers.
We may also be required to transmit your personal data to French authorities, administrations, and courts notably in legal proceedings or formalities requiring such communication.
