1. External data protection policy

External data protection policy

1.    Purpose

The Société Européenne d’Hôtellerie (hereinafter referred to as “SEH,” “we,” or the “Data Controller”), as the data controller, pays particular attention to the protection of personal data that you provide or that may be collected.

SEH undertakes to ensure the confidentiality and security of your personal data in accordance with Regulation (EU) 2016/679 of April 27, 2016 on data protection and French Law No. 78-17 of January 6, 1978 as amended on information technology, data files, and civil liberties (hereinafter referred to as the “Regulation”).

This privacy policy (hereinafter the “Privacy Policy”) is intended to inform you about how SEH processes your personal data.

You are invited to read this document before submitting your personal data to us.

2.    Definitions

  • Personal Data (hereinafter “Data”): Any information relating to an identified or identifiable natural person by reference to an identification number or to one or more elements specific to them.

  • Recipient: Any natural or legal person, public authority, agency, or other body entitled to receive communication of Data recorded in a file or processing operation due to their role.

  • Data Subject: A natural person who is identified or identifiable, directly or indirectly.

  • Data Controller: A natural or legal person, public authority, agency, or other body that, alone or jointly with others, determines the purposes and means of the processing.

  • Processor: A natural or legal person, public authority, agency, or other body which processes Data on behalf of the Data Controller.

  • Processing: Any operation or set of operations performed on Data or on sets of Data, whether or not by automated means, such as collection, recording, organization, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination, or otherwise making available, alignment or combination, restriction, erasure or destruction.

3.    Identity of the Data Controller

The Société Européenne d’Hôtellerie, a cooperative public limited company with a board of directors, registered with the Paris Trade and Companies Register under number 328 179 726, with its registered office at 22 rue Maurice Grimaud, 75018 PARIS, is the Data Controller of your Data.

When you provide us with Data while using SEH websites (accessible via the following URLs: https://www.theoriginalshotels.com/ and https://theoriginals.bonkdo.com/fr) (hereinafter the “Websites”), you are considered the Data Subject.

You may contact our Data Protection Officer (DPO) concerning the protection of your personal data at the following email address: dpo@theoriginalshotels.com

 

4.   Rights Related to Personal Data:
In accordance with applicable regulations on the protection of personal data, you have the following rights: the right of access, rectification, erasure, restriction of processing, objection on legitimate grounds, as well as the right to object to direct marketing.

You may also register free of charge on the BLOCTEL telephone solicitation opt-out list, available at the following address: www.bloctel.gouv.fr.

Finally, you have the right to issue specific or general instructions regarding the retention, erasure, and communication of your personal data after your death.

You may exercise any of these rights by contacting the hotel management at the address mentioned above. If you believe that your data protection rights are not being respected, you may also lodge a complaint with the CNIL (French Data Protection Authority).

5.    What Personal Data Is Collected and When?

We collect and process the following types of Data:

  • Identification Data: civil status, name, first name, postal address, email address, phone number, date of birth, billing address;

  • Economic and Financial Data: bank details and payment data;

  • Data related to your relationship with SEH: history of your contact or service requests;

  • Booking Data: stay details (hotels, dates, products and services purchased), family situation, personal situation, consumption habits. We may also collect and process “sensitive” Data when necessary to fulfill specific requests from you (e.g., health condition requiring special arrangements or food allergies), with your consent;

  • Loyalty Program Data: identification number, membership date, loyalty points balance, benefits used;

  • Social Media Data: social media account identifiers, profile photo, and other public or shared data when linking your accounts;

  • Traffic and Browsing History on the Websites: connection data (IP address, tracking data… See our Cookie Policy for more information).

We collect and process your Data particularly when:

  • You browse the Websites via cookies—small text files placed on your browser that save your preferences and track your activity. For more information, see our Cookie Policy;

  • You complete forms available on the Websites (booking, order, newsletter subscription, loyalty program, seminars, contact);

  • You agree to link your social media accounts with the Websites.

6.   What Are the Purposes and Data Retention Periods?

You will find below the legal bases and retention periods that we apply to the processing of your Data:

7.    Who Are the Recipients of Your Data?

Your Data may be shared with:

  • Internal recipients: Authorized SEH personnel and departments, only the data necessary for their duties;

  • External recipients: Authorized services of partner hotels, processors, service providers, vendors, or SEH partners, only the data necessary for specified purposes.

8.    What Safeguards Are in Place for Transfers Outside the EU?

Your Data may be transferred outside the European Union. SEH ensures that appropriate safeguards are in place, either by transferring data to countries recognized by the European Commission as having an adequate level of protection, or by using standard contractual clauses approved by the European Commission.

9.    What Are Your Rights?

In accordance with the Regulation, you have the following rights:

  • Access

  • Rectification

  • Erasure

  • Data portability

  • Restriction of processing

  • Objection to processing

  • Provide instructions regarding the retention, erasure, and communication of your data after death

When processing is based on your consent, you may withdraw it at any time without affecting the lawfulness of processing carried out before withdrawal.

You may also lodge a complaint with the CNIL (Commission Nationale de l’Informatique et des Libertés). For more information on your rights, visit cnil.fr.

You may exercise your rights:

You must verify your identity when exercising your rights. If in doubt, SEH may request additional information, such as a copy of your ID.

If, after contacting us, you believe your rights are not being respected, you may file a complaint with the CNIL.

9. Use of Cookies

9.1. What is a cookie?

A cookie is a small file stored by a server on your device (computer, phone, etc.) and associated with a web domain (i.e., in most cases, all pages of the same website). This file is automatically sent back during subsequent interactions with the same domain. There are:

  • “First-party” cookies, which are placed by the website itself, more precisely on the site’s domain. They may be used for the proper functioning of the website or to collect personal data to track your behavior and serve advertising purposes;

  • Session cookies, which are automatically deleted when you close your browser;

  • Persistent cookies, which remain stored until manually deleted and for a maximum duration of [fill in the cookie lifespan – CNIL recommends 13 months].

  • “Third-party” cookies, which are set on domains different from that of the main website, usually managed by third parties contacted by the site you visited rather than by you directly. These cookies can also be necessary for the proper functioning of the site but are mostly used to allow third parties to see which pages you visited on the site and collect information about you, particularly for advertising purposes.

9.2. What cookies do we use and why?

When you visit the website https://www.theoriginalshotels.com/ (hereinafter referred to as the “Site”), we may place the following cookies:

  • Strictly necessary cookies, which enable core functionalities of the Site such as user login and account management. The Site cannot function properly without these cookies. These cookies are always placed and do not require consent, as they are strictly necessary for the operation of the Site or are used exclusively to enable or facilitate communication via electronic means.

  • Performance cookies, which are used to understand how visitors interact with the Site, such as analytics cookies. These cookies cannot be used to directly identify a specific visitor. You may refuse the use of these cookies.

  • Targeting cookies, which are used to track visitors’ browsing habits across different websites, such as content partners and banner networks. These cookies may be used by companies to build a profile of visitors' interests or display relevant ads on other websites. You may refuse the use of these cookies.

  • Functionality cookies, which are used to remember visitor preferences on the Site, such as language, time zone, or enhanced content. You may refuse the use of these cookies.

The list of cookies used, along with their description and retention duration, is available through the cookie banner, accessible at any time via the “PRIVACY” link in the footer of the Site.

9.3. How to manage cookies

When you visit the Site, you are informed about the use of cookies and may express your preferences by accepting, refusing, or customizing your cookie settings.

With the exception of strictly necessary cookies for the proper functioning of the Site, your active consent will be required before any cookies are placed.

You may change your preferences at any time by clicking on the “PRIVACY” link in the footer of the Site.

Disabling cookies may affect the smoothness and quality of your browsing experience on the Site.

You can also manage your cookie preferences directly from your browser:

If you use another browser, please refer to its “Help” or “Settings” section.