We process your Personal Data as a data controller in connection with the Services offered on our websites: This means that we control the way in which this Personal Data is processed and that we decide on the purposes (i.e. the objectives of the data processing: booking, registration to the loyalty program, complaint etc.). It also means that we give precise instructions to our subcontractors, who may process your Personal Data on our behalf and to operate part of the Services you enjoy.
We, LOUVRE HOTELS GROUP, are a simplified joint-stock company with a registered capital of €117,624,016, Nanterre Companies and Trade Register number 309 071 942, with its main office located at 50 place de l'Ellipse Village 5, CS 70050, 92081 La Défense Cedex – France.
Please contact us with any questions, information requests or complaints as described in Article 5 herein.
As explained in the introduction, most of our hotels are franchised and their hotel activities are “managed” independently. They therefore assume responsibility for the processing the Personal Data necessary for your booking and stay, as soon as we send those data to them. Our network of franchised/managed hotels must comply with the principles of the applicable legislation designed to protect your Personal Data, including the proper management of your rights when you exercise them.
- Data that we collect directly from you
We mostly collect identification and contact data (first name, last name, email address, etc.), which allows us to identify you, in order to, among other things, better manage your bookings and the commercial relationship that we maintain with you, or more simply to be able to manage our Sites and your Guest Account. To provide you with customized offers, we also process data related to your interests based on your consumption data during your stay with us.
We therefore also collect data resulting from interactions with you on our Websites, by telephone, via hotel comparison sites and search engines or directly during your stay.
- The primary uses for your Personal Data are:
Why do we process your Personal Data? | What data do we collect? |
For hotel room bookings or creating a Guest Account or following up on your booking via our guest service | Your identification data such as: title, first name, last name, email address, postal address, date of birth, your cell phone and/or landline telephone number and possibly the recording of your telephone conversations when you make a booking by telephone. Your stay data: dates, number of nights, destination, presence of an adult/child. |
As a guarantee when you book a room online | Data relating to your bank card: card number, card validity date, card security code (only at the time of transaction), if applicable, cardholder name (for anti-fraud purposes). |
For the use of our mobile applications | Technical data about your device and its operating system. |
For the optimized use of some of our websites | Solely with your consent, your geolocation data for the “destination around me” feature. |
For the administration of our Websites | Data related to your device and connection, including: IP address, internet connection, type of browser, information about the device used. |
For registration to our emailing list via the registration form on our websites | Your email address, title, last name, first name, zip code, country, language for communication purposes |
When contacting us by filling out a form, by telephone or giving us a rating | Your identification data: name, first name, email address, subject of your message. |
In order to send you our promotional offers | Your contact information |
- To understand all of the reasons why we process your Personal Data:
- Operations necessary for the deployment of our Services:
- The management and administration of our various Sites and social media pages:
- managing Guest Account registration.
- managing access to your Guest Account.
- managing cookies, according to the terms defined in the Cookies Usage Policy.
- managing your online reviews and our online reputation.
- Managing your stay at the hotel:
- ensuring that the hotel registers you.
- in some cases (when we operate the network), you can use the Wi-Fi network at our hotels and restaurants.
- monitoring your consumption and requirements during your stay in order to tailor the service we offer you.
- managing our guest lists.
- Enabling you to benefit from the Services we offer:
- placement, monitoring and history of bookings.
- prepayment and payment by credit card: recording of credit card data to secure the booking, combating fraud and managing booking statistics.
- cancelation of a booking and, if necessary, reimbursement.
- processing your preferences (food preferences, for example) and personalizing our offers.
- tracking our business relationship (“pre-stay” and “post stay” email) and sending satisfaction feedback forms and surveys by email.
- enrolment in and management of loyalty programs, including: Pass for You, PassForYou Entreprise, Flavours, Ambassadors.
- registration for our special offers (private sales, for example).
- Operations necessary for marketing and sales prospecting:
- sending you our business offers, tailored to your profile, and displaying targeted advertisements, including on your social media pages (offers from LOUVRE HOTELS GROUP and concerning LHG, its affiliated and non-affiliated hotels (for all its brands).
- providing you with offers from companies with which we have commercial agreements, in order to offer you linked or personalized offers (such as EUROPCAR, which offers car rental services that may supplement your hotel booking), particularly as part of loyalty programs.
- communicating your email address to our specialized sub-contractors (Facebook, Amazon) to help us find new prospects who have a similar profile to yours and that may be interested in our services. These companies, to which you have subscribed, do not send us any information about you, they only search for individuals with similar interests and profiles to yours and offer appropriate advertising on our behalf.
- using your data to create customized audiences with our partner Facebook and thus offer you targeted advertising.
- analyzing login and browsing data (collected via trackers/cookies or via your browser) for targeted advertising on the Sites’ Services. For more information, see our Cookies Policy.
Important: with respect to these operations, you have the option of exercising your right to object, particularly your specific right to object to commercial prospecting (by not ticking the opt-in box and/or by following the procedure described in Article 4) which, once taken into account, ensures that your Personal Data will no longer be processed for that purpose.
- processing your applications online.
- processing and documenting your requests to exercise your rights (access, rectification, objection, erasure, limitation, portability, etc.).
- the processing of your calls and requests by our guest service.
Namely: we automatically collect data through the use of our Services.
We collect the following information during use of the Services:
- technical data: IP address, internet connection, type of web browser, information regarding the Device used.
- data collected using cookies: for more information, see the COOKIES Policy.
Namely: we also collect data indirectly
- Online booking sites other than our Websites
We may collect your Personal Data from some of our partners who record your booking on their own websites and may or may not collect the booking fee.
These partners are online hotel comparison sites or search engines such as Booking.com, Expedia, Kayak, Google Hotels Ads, TripAdvisor, Skyscanner or Trivago.
They may collect and send us the data necessary for your booking.
These partners collect certain information on their own behalf and within their own databases, to which we do not have access. For this processing, our partners process the Personal Data that you provide to them as data controller. Consequently, we recommend that you consult their privacy policies in order to understand how and why they process the Data you provide to them and in particular to be able to exercise your rights with them.
- Social media: social connect
When you create a Guest Account or book a room, you have the option of providing us with the necessary Personal Data via your Facebook account or Google account.
In this case, we become a recipient and data controller of this Personal Data in respect of your booking or creation of a Guest Account. We will be able to carry out any request to exercise your rights.
However, Facebook and Google remain responsible for the processing of your Personal Data for the purposes they determine on their own behalf (e.g. managing your e-mail, managing your personal page, etc). To obtain effective exercise of your rights regarding this part of the processing of your Personal Data, please refer to their privacy policy and contact them directly.
We may process your Personal Data on several bases:
Legal Basis | Examples of processing |
Fulfillment of a contract or of pre-contractual measures taken at your request | For example, registering and managing your bookings, tracking your billing or your membership of a loyalty program. |
Your consent | For example, when we offer to geolocate you via our Mobile Applications so that you can find a hotel near you |
The legitimate interests of LOUVRE HOTELS GROUP | - managing your online requests for information and opinions in order to improve your User experience and our guest services approach.
- in certain cases, managing the WI-FI networks in our subsidiary hotels and restaurants.
- using information provided in your Guest Account and which we collect during your stay in order to customize the Services offered.
- enabling you to benefit from customized promotions and recommendations including those from our Hotels and partners.
- implementation and improvement of remote sales tools and constant improvement of your purchasing experience.
- management and administration of the Site.
|
A legal obligation | For example, when we collect your information in order to respond to your requests to exercise your rights (see Article 4). |
If the processing of your Personal Data is ever necessary to safeguard your vital interests or those of any other natural person | |
Right of access, rectification, erasure, limitation, objection and right of data portability (in accordance with the provisions of Articles 15 to 21 of the GDPR.
You also have the right to submit a complaint to the competent authority, for example in France, the CNIL (Commission Nationale de l’Informatique et des Libertés [French Data Protection Authority]).
If the processing of Personal Data that we carry out requires your consent, you may withdraw this consent at any time by contacting us.
You may exercise these rights at any time free of charge, except in the case of manifestly unfounded or excessive requests (in particular due to their repetitive nature). If this occurs, we reserve the right, in accordance with the GDPR, to demand reasonable payment of fees (based on the administrative costs of your request) or to refuse your request.
LOUVRE HOTELS GROUP hereby informs you that it has a Personal Data Protection Officer who can be contacted, either by email: dpo@groupedulouvre.com, or at the following address:
DPO
LOUVRE HOTELS GROUP
Tour Voltaire- 1 place des degrés
92700 PUTEAUX
You have an absolute right to object to commercial prospecting: so you can request, free of charge, at any time, to no longer receive marketing communications from us and our network.
You may also exercise your rights with respect to your personal data stored and processed by a hotel in its capacity as data controller. We encourage you to exercise your rights directly with this or these hotel(s) and to consult their privacy policy if necessary.
Your rights | Use |
Rights to access | The right to know if we hold Personal Data about you and to obtain a copy, in addition to the following information: the purpose for which it is being processed, the type of Personal Data processed, the types of recipients of the data, the retention period where possible (or other criteria for determining the duration), and your rights. |
Right to erasure (right to be forgotten) | The right to have your Personal Data deleted according to the terms of the GDPR (Article 17), primarily: once the data processed is no longer necessary; if you object to sales prospecting and request that your information is deleted in addition to the cessation of the processing; if the processing is unlawful. |
Right to objection Right to refuse sales prospecting | - This right is applicable when we process your data in order to pursue our legitimate interests, such as for example advertising on your social media accounts. In the event that you file an objection, we will review the reasons regarding your particular situation and investigate whether we have a legitimate and compelling reason to continue processing your data. If this is not the case, we will stop the processing in question.
- If you object to commercial prospecting, we will simply cease the processing of the Data concerned.
For example, you may object at any time from the moment your Data is collected up to the transfer of your Data to our partners. |
Withdrawal of consent | When processing your Personal Data requires your consent, we cannot continue to process said data once you withdraw your consent. |
Right to rectification and right to limitation | You may request the update or correction of any Personal Data that you deem inaccurate or out of date. You may request that we suspend processing the data, but not suspend retention of your Personal Data if: - you dispute the accuracy of the data (this limitation lasts for the time that we verify the inaccuracy). - the processing is unlawful and you prefer to limit the processing rather than have the data deleted. - we no longer need the data, but you believe that they are necessary to establish, or to exercise or defend your rights in court. - you have filed an objection due to your particular situation and the limitation lasts for the time it takes to consider our rightful interests and your rights and freedoms. When a processing has been limited, your Data may only be processed with your consent or for the exercise, establishment and defense of rights in Court. |
Right to portability | - You have the right to receive your Personal Data provided to us in a format that is structured, widely used and readable by machine.
- You also have the right to send this data or to request that we send it to another data controller.
This right applies only to processing based the person’s consent or upon execution of a contract, which is done with the aid of an automated process. |
What happens to the Data in the event of death?
In accordance with the provisions of Article 85 of the French Data Protection Act, we hereby inform you that as a natural person:
- you have the right to provide us with instructions related to the retention, erasure and communication of your Personal Data in the event of your death.
- you may at any time modify or cancel such instructions with us.
- you may designate a person to be responsible for executing these instructions, who will, in the event of your death, be informed of said instructions and request their implementation.
You are also hereby informed that if you do not send LOUVRE HOTELS GROUP specific instructions regarding your Personal Data, your heirs, upon your death, may exercise the right regarding the retention, erasure and communication of your Personal Data as required by the administration and regulation of your estate, as well as notify LOUVRE HOTELS GROUP of your death.
You can make a request to exercise one of the rights described in Article 4 in the following manner:
- by sending an email explaining the purpose of your request to the following address: relation@louvre-hotels.com.
- by sending a letter explaining the purpose of your request to the following address: LOUVRE HOTELS GROUP
- Guest services
- Tour Voltaire
- 1 place des degrés
- 92700 PUTEAUX
For security reasons, and because our Services involve sensitive issues in terms of confidentiality, any request for the right to access the Data must be signed and accompanied by a photocopy of an identity document, which must specify the address to which the response should be sent. In the light of the risk assessment for data subjects conducted by LOUVRE HOTELS GROUP, these security measures may also apply to other requests to exercise rights. Once the identity is proven, a response will then be sent to you within one (1) month following receipt of the request, which may be extended to two (2) months depending on the complexity of the request or number of requests.
For all requests for information regarding the processing of your Personal Data, you may contact us at dpo@groupedulouvre.com.
For all information regarding the protection of Personal Data, you may also visit the CNIL (Commission nationale de l'informatique et des libertés [French Data Protection Authority]) website.
The Personal Data collected is kept for the time necessary to achieve the purposes as described in Article “3. WHY DO WE COLLECT/USE YOUR PERSONAL DATA?”, and extended by the duration of legal requirements.
The primary retention periods are:
Purposes | Conservation periods |
Internet traffic data | One (1) year from the connection date observed |
Data concerning Guests for the purposes of sales prospecting | Three years for facilitation and prospecting purposes from the end of your stay or your last contact with us |
Data concerning prospective guests for the purposes of sales prospecting | Three years from the last contact with LOUVRE HOTELS GROUP |
Documents and accounting documents (e.g. an invoice) | 10 years, as accounting evidence |
Data regarding transactions and methods of payment | Duration of the transaction (up to the point where the LOUVRE HOTELS GROUP account is credited). If you have consented to us retaining this Personal Data to facilitate your future bookings as part of a Guest account: until the expiration date of the credit card or withdrawal of your consent. In intermediate archiving, to meet administrative requirements such as the establishment, exercise and defense of our rights in court: up to 13 months from the date of the debit or 15 months for deferred debit cards. |
Data relating to your identity documents | In the case of exercising the right of access, erasure, portability, limitation or rectification: one (1) year In the case of exercising the right of opposition: six (6) years |
Possible recording of your phone conversations when making a booking by phone | Two months |
Personal Data retrieved via trackers (Cookies, SDKs) | 13 months |
Unless you give us a special instruction (provided that such special instruction is reasonable and practicable for us), we will delete all your Personal Data, in the event of your death, at the end of the applicable retention period and the applicable requirements, or upon request of a legal successor and upon proof of his or her legal capacity and of your death and in accordance with Article 5.
The Personal Data we collect may be sent on to achieve the purposes listed in Article 3:
- to authorized personnel of LOUVRE HOTELS GROUP.
- to authorized personnel of the subsidiaries of LOUVRE HOTELS GROUP or of any hotel within the LOUVRE HOTELS GROUP network.
- to technical service providers providing services participating in the execution of the purposes as described in Article "3. WHY DO WE COLLECT/USE YOUR PERSONAL DATA?", who are our subcontractors and for whom we are legally responsible, and in particular the service providers who are responsible for:
- the execution of the Services, bookings and orders, their management and processing.
- after-sales service.
- payment processing and security measures regarding the transmission of payment data.
- sending prospecting emails, invitations to register and any other information by email to you.
If you do not want your Personal Data to be sent to our hotels or partners for commercial purposes, or to social media platforms for targeted advertising purposes, you may object to it at the time of collection or exercise your right of objection discussed in Article “4. WHAT ARE YOUR RIGHTS?”.
You agree that we may also be obligated to disclose all of your information in order to comply with the Applicable Regulation or to respond to a legal or administrative proceeding.
In general, failure to complete the fields labeled with an asterisk (*) on the Sites does not allow us to provide you with all or part of the Services that we offer and the functionalities of the Site, and your requests may not be taken into account in an optimal manner.
The other fields are optional and serve to improve the quality of the Services offered.
If the form (rating, contact, etc.) has an open field, we ask that you not provide any personal information and that you limit yourself to information strictly necessary for processing your request. We reserve the right to delete all unnecessary information regarding your original request.
We do not collect Sensitive Data about you.
We remind you that Sensitive Data are personal data revealing racial or ethnic origin, political opinions, religious or philosophical beliefs, trade union membership, as well as genetic data and biometric data processed solely to identify a natural person, health-related data, and data concerning a person’s sex life or sexual orientation.
When you voluntarily communicate these Sensitive Data to us, particularly in the course of making special requests for your booking, you explicitly consent to us processing these particular categories of Personal Data.
We implement the appropriate technical and organizational techniques to protect your Personal Data from accidental or unlawful destruction, accidental loss, alteration and unauthorized disclosure or access.
However, we cannot foresee all of the risks associated with the function of the internet and we must underscore the potential for risks inherent to its function.
We also monitor the manner in which our service providers process your Personal Data so that they provide sufficient warranties regarding the implementation of appropriate data security measures.
In the event that you identify a security breach affecting the Site, you are required to notify us with the relevant information regarding this breach in a confidential manner.
In order to perform our Services, we are required to transmit your Personal Data to recipients, particularly hotels in our network, who may be located outside of the European Union.
In the event that Personal Data is transferred outside the European Union, we are committed to complying with the requirements of the Applicable Regulations and will implement the appropriate safeguards necessary for such a transfer.
As a User of the Site or Guest of LOUVRE HOTELS GROUP, you hereby declare that you have been informed of the importance of the accuracy of your Personal Data and that you have verified such on the Site or when communicating with us.
You are also required to provide only accurate Personal Data when communicating with us, entering into an agreement with us, requesting Services and for the period the Site is used, as well as to update the Data immediately if one or more elements of such changes during the duration of the use of the Site or Agreement between us.
You may also request access and correction, as well as oppose or delete said Data as provided for (among others) in Article 4 herein, “WHAT ARE YOUR RIGHTS? “under this Personal Data Policy.
This Personal Data Policy may be subject to updates which will be published online. The previous Personal Data Policy will then be automatically replaced by the new version which will be immediately enforceable against you. Use of the Site is subject to the Personal Data Policy in effect at the time of use.
In order to remain informed about these possible future modifications and updates, we recommend that you review the Personal Data Policy regularly. Notification regarding the updates may be provided by LOUVRE HOTELS GROUP by posting a notice on the Site, but is not required.
You are obligated to take note of General Terms and Conditions of Sale of the Site (hereinafter, the “GTC”) and other contractual documents signed with LOUVRE HOTELS GROUP for use of the Site and Services, which together with this Personal Data Policy constitute the enforceable contractual documents.
You are required to strictly comply with the terms of this Personal Data Policy and the GTC of the Site when using the latter.
LOUVRE HOTELS GROUP may not be held responsible in the event that: (i) use of your data, such as identification by a third party due to negligence or fault attributed to you; (ii) the Personal Data is incorrect or have not been updated by you; (iii) non-compliance with your obligations under the Applicable Regulation, this Personal Data Policy or the GTC and/or other contractual documents applicable to you.
You will be liable for all pecuniary sanctions that may be ordered against LOUVRE HOTELS GROUP for all rulings issued by a French jurisdiction, administrative or judiciary, or issued by an independent administrative authority, such as the CNIL (French Data Protection Authority), following non-compliance with your obligations pertaining to this Personal Data Policy.
In the event that one of the clauses in this Personal Data Policy is declared null and void due to a change in legislation, Applicable Regulation or by a court decision, the validity and obligation to comply with the other clauses of the Personal Data Policy shall not be affected.
This Personal Data Policy and documents referenced herein are governed by French law.
To ensure that this document is properly understood, the terms defined below beginning with capital letters and used in the singular or plural shall have the following meanings:
“Guest”:
This means a natural person, Account holder, residing in France and/or overseas who uses the Site.
“Guest Account”:
This means the space provided for a Guest on the Site following registration, according to the terms established by the GTC and GTU. This Account is strictly personal, individual and non-transferable to a third party. The Account is accessible using the Guest’s username and password.
"Sensitive Data”: This means Personal Data revealing racial or ethnic origin, political opinions, religious or philosophical beliefs, trade union membership, as well as genetic data and biometric data processed solely to identify a natural person, health-related data, and data concerning a person’s sex life or sexual orientation.
"Personal Data” or “Data":
This means “any information relating to an identified or identifiable natural person (hereinafter, ‘data subject’); an identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more factors specific to his or her physical, physiological, genetic, mental, economic, cultural or social identity.” according to Article 4 of the EU GDPR.
For example, data that identify you such as your title, first name, last name and email address are Personal Data.
“Applicable Regulation”: This refers to all existing or future regulations and standards applicable to Users and the Site, including: the legislation and regulations applicable to Internet platforms such as the Site and concerning the protection of Personal Data, including the French Data Protection Act and the European Regulation on the Protection of Personal Data.
"Our Hotels" or our " Network": These refer to any franchised entity of LOUVRE HOTELS GROUP or any entity managed by LOUVRE HOTELS GROUP, or any subsidiary of LOUVRE HOTELS GROUP that operates a business under a brand of LOUVRE HOTELS GROUP.
“Service”: These are the hotel and related services offered to Guests by LOUVRE HOTELS GROUP via the Site defined in the General Terms and Conditions of Sale and face to face in our hotels.
“Site”: all websites published by LOUVRE HOTELS GROUP presented under the domain name of LOUVRE HOTELS GROUP or presented under the domain name of one of its brands.
“Device”: This refers tothe various technical means allowing the User to access the Site. The Devices may be smartphones, tablets (Apple or Android), microcomputers via the internet and all objects connected or able to connect to another object, in addition to the internet.
“User”: This refers to all natural persons accessing the Site personally or on behalf of a legal entity and, as such having the capacity and/or authority to enter into agreements on the Site, as a visitor or Guest.