Privacy & GDPR Policy
The new law, General Data Protection Regulation (GDPR), comes into force on 25 May 2018 and this replaces the Data Protection Act. This is a European wide law and affects how we use and store information we receive from guests and enquirers. It covers all data, whether electronic or paper based.
What information we collect from you.
When a booking is made with us we will collect names of all the guests staying and for the person making the booking their email address, phone number, home address, date of birth and passport number.
How we use the information you give us.
We will use your email address to contact you, send you a booking form and confirmation and answer any queries you have. We may contact you after your visit to thank you and ask you for a review. You can also contact us via social media
We will not use your telephone number unless we need to contact you and cannot reach you by email.
We use Instagram, Twitter and Facebook to market our property and our website. We never pass your details to any third party.
Access to your Information
You have the right to request a copy of the information we hold on you. If you would like a copy of this please email us at firstname.lastname@example.org
Right to be Forgotten
All guests have the right to ask for their details to be removed from our records. However, this does not override any legislative requirements (eg the Fiche Identite Individuelle form – see below).
Legally, we have to ask the information on our booking form concerning name, address, date of birth and passport number for the French authorities and we have to legally keep this for 6 months from date of arrival. Only the local police can ask for the details on this form. This form and the information contained on it are then destroyed by us.
By law we have to retain financial records for 7 years, so guests cannot ask to be erased from these financial records.
If you book direct with us and complete a booking form, we will store your details securely on our system via password controlled entry and won’t be used for any other purpose or shared with any other person or business. We need your email address to send through booking forms, answer any queries you have or to send you terms & conditions, booking confirmation etc. We may contact you after your stay to say thank you and to ask you to complete a review however we don’t need explicit consent for this. We will NOT add you to a marketing mailing list.
If you book via one of our booking partners, for example Chalet’s Direct, Airbnb, Booking.com, Home and Away or any other sites, they have also to comply with GDPR regulations and have their own safeguards and policies.
Similarly, if you choose to follow us on social media, Facebook, Twitter or Instagram, we don’t need consent as you have already accepted the terms & conditions on that platform. Again, we will not ask you for your email address in order to send you newsletters etc.
Notification of Data Breaches
The GDPR will require us to notify the Information Commissioner’s’ Office within 72 hours of first having become aware of the breach where that breach is likely to “result in a risk for the rights and freedoms of individuals”. For any breach, we are required to notify the customers “without undue delay” after first becoming aware of a data breach.