POLITIQUE DE CONFIDENTIALITÉ

Last updated on 04/30/2021 (Version 1.0.0)

The purpose of this privacy policy is to inform users of the :

• How their personal data is collected and processed. All data that can identify a user must be considered as personal data. This includes the first and last name, age, postal address, e-mail address, location of the user or his IP address;
• What are the rights of the users regarding this data?
• Who is responsible for processing the personal data collected and processed?
• To whom this data is transmitted ;
• The site's policy on cookies.

This privacy policy complements the legal notice and the cookie policy, which users can consult at the following addresses

https://domaine-masderey.com/mentions-legales-domaine-mas-de-rey/
https://domaine-masderey.com/politique-de-cookies-ue/

Article 2: General principles on data collection and processing

In accordance with the provisions of Article 5 of the European Regulation 2016/679, the collection and processing of data of the users of the site respect the following principles:

• Legality, fairness and transparency: data can only be collected and processed with the consent of the user who owns the data. Whenever personal data is collected, the user will be informed that his/her data is being collected and for what purpose his/her data is being collected;
• Limited purposes: the collection and processing of data is carried out to meet one or more of the purposes set out in these general terms of use;
• Minimization of data collection and processing: only the data necessary for the proper execution of the objectives pursued by the site are collected;
• Conservation of data reduced in time: the data is kept for a limited period of time, of which the user is informed. Where this information cannot be provided, the user is informed of the criteria used to determine the retention period;
• Integrity and confidentiality of collected and processed data: the data controller undertakes to guarantee the integrity and confidentiality of the data collected.

In order to be lawful, and in accordance with the requirements of Article 6 of the European Regulation 2016/679, the collection and processing of personal data may only take place if it complies with at least one of the conditions listed below:

• The user has expressly consented to the processing;
• The processing is necessary for the proper performance of a contract;
• The processing is in response to a legal obligation;
• The processing is necessary to protect the vital interests of the data subject or of another natural person;
• The processing may be necessary for the performance of a task carried out in the public interest or in the exercise of official authority;
• The processing and collection of personal data is necessary for the purposes of the legitimate and private interests pursued by the controller or by a third party.

Article 3: Personal data collected and processed in the context of navigation on the site

DATA COLLECTED AND PROCESSED AND METHOD OF COLLECTION

The collection and processing of data is for the following purposes:

• Customer Relationship Management
• order processing
• processing of customer service requests
• Analysis of the ergonomics of the site by means of cookies or similar technologies allowing the collection of information on the online navigation of users, for example the type of browser, the country code corresponding to their location, the pages of the site consulted, or the possible Products searched for on the site. This data is statistical and anonymous, and does not allow the identification of a User.

TRANSMISSION OF DATA TO THIRD PARTIES

The data may be passed on to the following third party or parties:

Some of the data collected may be transferred:

• to Google, when the user displays the contact page or an event

HÉBERGEMENT DES DONNÉES
Hébergeur : OVH, 2 rue Kellermann, 59100 Roubaix, France

Données personnelles traitées: Données communiquées lors de l’utilisation du service.
Lieu de traitement : France

OVH Privacy Policy

Article 4: Data controller

The person responsible for processing personal data is: Domaine du Mas de Rey, on its own behalf. You can contact the Domaine du Mas de Rey in the following way:

• by phone at 04 90 96 11 84, Monday to Friday from 10am to 6pm
• Par mail : contact@domaine-masderey.com

The data controller is responsible for determining the purposes and means of processing personal data.

OBLIGATIONS OF THE DATA CONTROLLER

The data controller undertakes to protect the personal data collected, not to transmit them to third parties without the user's knowledge and to respect the purposes for which the data were collected.

The site has an SSL certificate to ensure that information and data transfer through the site is secure.

An SSL certificate ("Secure Socket Layer" Certificate) is intended to secure the data exchanged between the user and the site.

Furthermore, the data controller undertakes to notify the user in the event of rectification or deletion of the data, unless this would entail disproportionate formalities, costs and steps for him.

In the event that the integrity, confidentiality or security of the user's personal data is compromised, the data controller undertakes to inform the user by any means.

Article 5: User's rights

In accordance with the regulations concerning the processing of personal data, the user has the following rights

In order for the data controller to comply with the request, the user is required to provide the following information: first and last name, e-mail address and, if relevant, account number or personal or subscriber number.

The data controller is obliged to respond to the user within a maximum of 30 (thirty) days.

Presentation of the user's rights regarding data collection and processing

Right of access, rectification and deletion

The user may view, update, modify or request the deletion of data concerning him/her, by following the procedure set out below:

The user must send an e-mail to the person responsible for processing personal data, specifying the subject of the request and using the contact e-mail address provided above.

If he/she has one, the user has the right to request the deletion of his/her personal space by following the procedure below:

The user must send an e-mail to the data controller, specifying his personal space number. The request for deletion of data will be processed within 10 working days.

Right to data portability

The user has the right to request the portability of his personal data, held by the site, to another site, by complying with the following procedure:

The user must request the portability of his personal data from the data controller, by sending an e-mail to the address provided above.

Right to limit and object to data processing

The user has the right to request the limitation of or to oppose the processing of his/her data by the site, without the site being able to refuse, except in the case of demonstrating the existence of legitimate and compelling reasons, which may prevail over the interests and rights and freedoms of the user.

In order to request the limitation of the processing of his/her data or to formulate an objection to the processing of his/her data, the user must follow the following procedure:

The user must make a request to limit the processing of his/her personal data to the data controller, by sending an e-mail to the address provided above.

Right not to be subject to a decision based exclusively on an automated process

In accordance with the provisions of Regulation 2016/679, the user has the right not to be subject to a decision based exclusively on an automated process if the decision produces legal effects concerning him or her, or significantly affects him or her in a similar way.

Right to determine the fate of data after death

The user is reminded that he/she can organize what should be the fate of his/her collected and processed data if he/she dies, in accordance with the law n°2016-1321 of 7 October 2016.

Right to refer to the competent supervisory authority

Dans le cas où le responsable du traitement des données décide de ne pas répondre à la demande de l’utilisateur, et que l’utilisateur souhaite contester cette décision, ou, s’il pense qu’il est porté atteinte à l’un des droits énumérés ci-dessus, il est en droit de saisir la CNIL (Commission Nationale de l’Informatique et des Libertés, https://www.cnil.fr) ou tout juge compétent.

Personal data of minors

In accordance with the provisions of Article 8 of the European Regulation 2016/679 and the French Data Protection Act, only minors aged 15 or over may consent to the processing of their personal data.

If the user is a minor under the age of 15, the consent of a legal representative will be required in order for personal data to be collected and processed.

The site editor reserves the right to verify by any means that the user is over 15 years of age, or that he has obtained the agreement of a legal representative before browsing the site.

Article 6: Use of "cookies" files

The site uses "cookie" techniques.

We have a page dedicated to the functioning of cookies and we invite you to consult it:

https://domaine-masderey.com/politique-de-cookies-ue/

Article 7: Conditions for changing the privacy policy

This privacy policy can be consulted at any time at the following address

https://domaine-masderey.com/politique-de-confidentialite/

The site editor reserves the right to modify it in order to ensure its conformity with the law in force.

Therefore, the user is invited to consult this privacy policy regularly in order to be informed of the latest changes.

However, in the event of a substantial change to this policy, the user will be informed in the following manner:

By push notification when the user visits the site again.

The user is informed that this privacy policy was last updated on: 30/04/2021.