We are processing your Personal Data as the Data Controller, which means that we monitor the manner in which the Personal Data are processed and we decide the purpose for such. This also means that we give specific instructions to our subcontractors that may process your Personal Data on our behalf and to execute the Services for your benefit.

We, LOUVRE HOTELS GROUP, are a simplified joint-stock company with a registered capital of €117,624,016, Nanterre Companies and Trade Register number 309 071 942, with its main office located at Tour Voltaire 1 place des Degrés 92800 PUTEAUX France.

Please contact us with any questions, information requests or complaints as described in Article 5 herein.

Data that we collect directly from you

We mostly collect identification and contact data (first name, last name, email address, etc.), that allows us to know who you are in order to better manage your reservations and our commercial relationship, or in other words for better management of our Websites and your Guest Account. To provide you with customized offers, we also process data related to your interests based on your consumer data during your stay at our facilities.

This means that we collect data resulting from interactions with you on our Websites, by phone, via mobile applications, hotel comparison sites and search engines or directly during your stay.

The primary uses for your Personal Data are:

In general, failure to fill in the fields labeled with an asterisk (*) on the Website does not allow us to provide all or part of the Services that we offer and the functionality of the Website and your request may not be considered.

The other fields are optional and serve to improve the quality of the Services offered.

If the form (rating, contact, etc.) has an open field, we ask that you not provide and personal information and limit the information strictly necessary for processing your request. We reserve the right to delete all unnecessary information regarding your request.

We do not collect your Sensitive Data.

• Data collected automatically from use of Services

We collect the following information during use of the Services:

• Technical data: IP address, internet connection, type of web browser, information regarding the Device used;
• Data collected with cookies: see our Cookies Policy for more information Using cookies

If using one of our mobile phone applications, we may have access to information such as the phone model or its operating system.

If you access the Services via one of our mobile applications with a phone with your location activated, we may be able to locate your phone to optimize our Service and to personalize the content of our offers and Services. You can turn off your location at any time.

• Data collected indirectly

We may collect your Personal Data through some of our partners which register your reservation on their websites and may, as appropriate, collect payment on our behalf.

These partners include hotel comparison sites and search engines such as Booking.com, Expedia, Kayak, Google Ad Words, Google Hotels Ads, TripAdvisor, Skyscanner, Trivago

They may collect and send data necessary for your reservation. These partners may collect other data on their own behalf, to which we have no access.

These companies process the Personal Data you provide on their own behalf. As a result, we recommend you review their confidentiality policy to understand how and why they process the Data you provide.

We may process your Personal Data on several bases:

• the legal basis of fulfillment of a contract or pre-contractual measures made at your request, such as the registration and management of your reservations, billing or membership to a rewards program;
• on the basis of your consent;
• on the basis of the rightful interests of LOUVRE HOTELS GROUP The rightful interests of LOUVRE HOTELS GROUP may include:
  - managing your requests for information and your ratings online in order to improve user experience and our approach towards our guests;
  - Managing the Wi-Fi networks in our Hotels and restaurants;
  - Use of video surveillance for your security and the security of our hotels;
  - using information provided in your Guest Account and that which we collect during your stay in order to customize the Services offered;
  - offering you customized promotions and recommendations including those from our Hotels and partners;
  - sending you emails to the email address you have indicated;
  - sharing your Data with some of our partners: if you wish to refuse, we recommend you review Article 4
  - implementation of telemarketing sales tools and constant improvement of your buying experience;
  - management and administration of the Website;
• lastly, on the basis of a legal obligation, for example when we collect your information in order to respond to your request to exercise your rights

The reasons we process your Personal Data:
  > Necessary operation for implementing our Services:

• the management and administration of our various Websites;
  - managing registration and verification of the registration terms for a Guest Account;
  - managing access to your Guest Account;
  - managing cookies according to the terms defined in the Cookies Usage Policy ;

• managing your stay at the hotel;
  - registering you;
  - offering you a Wi-Fi network in our Hotels and restaurants;
  - tracking your purchases on site;
  - managing our guest lists;
  - ensuring the security of our Hotels and that of our guests;
  - complying with local legislation;

• providing you with the Services offered:
  - the handover, follow up (for sending reservation confirmation emails and guest services) and reservation history;
  - cancellation of a reservation and reimbursement, if necessary
  - executing and managing your orders and purchases;
  - processing your preferences and personalizing our offers;
  - ensuring the customer relationship;
  - enrollment in rewards programs and managing rewards programs, such as: Pass for You, PassForYou Entreprise, Flavours, Ambassadors;
  - registration for our special offers (ex. private sales);
  - processing your calls and requests through customer services.

> Operations necessary for marketing and sales prospecting:

• Conducting surveys or analyses for sales purposes implemented by LOUVRE HOTELS GROUP (and subsidiaries, sales network, partners);
• Informing you of promotional offers (LOUVRE HOTELS GROUP), as well as from companies with which we have sales agreements, allowing us to, with your consent, provide combined offers, such as EUROPCAR, which offers car rental services;
• Sharing your Data with our partners who may process your Data for analysis, segmentation, profiling and customizing content;
• sharing your data with our partners for sales prospecting, with your consent;
• correspondence by email;
• analysis of connection and browsing data for customized advertising of the Website’s services;
• providing sharing tools on social networks 

Important: for these operations, we hereby inform you that you may exercise your right to opt out of sales prospecting, which once processed in accordance with the terms of Article 4, ensures that your data will no longer be processed for this purpose.
> Managing your requests

• processing your applications online;
• processing your requests to exercise certain rights (access, correction, objection, deletion, limitation, portability and instructions regarding your Personal Data after death);

Rights to access, correction, deletion, limitation, objection and portability

In accordance with the provisions of Articles 15-21 of the GRDP and Articles 38-40 of the French Data Protection Act, you, as a person subject to the processing of Personal Data, have the right to access, correction, deletion, limitation and portability of your Personal Data processed.

You also have the right to submit a complaint to the competent authority, for example in France, the CNIL (Commission Nationale de l’Informatique et des Libertés [French Data Protection Authority]).

If the processing of Personal Data requires your consent, you may withdraw your consent at any time.

You may exercise these rights at any moment and at no cost, unless the request is unfounded or abusive (for example, if the request is repetitive). If this occurs, we reserve the right, in accordance with the GRDP to demand reasonable payment of fees (based on the administrative costs of your request) or to refuse your request.

LOUVRE HOTELS GROUP hereby informs you that it has a department responsible for matters related to protection of personal data that can be reached by: dpo@groupedulouvre.com

Tour Voltaire
1 place des Degrés
92800 PUTEAUX France 

What happens to the Data in the event of death?

In accordance with the provisions of Article 40-1 of the French Data Protection Act, we hereby inform you that as a natural person: - You have the right to provide us with instructions related to the conservation, deletion and communication of your Personal Data in the event of your death; - You may at any time modify or cancel such instructions with us; - You may designate a person to be responsible for executing these instructions, who will in the event of your death, be informed of said instructions and request their implementation. You are also hereby informed that if you do not send LOUVRE HOTELS GROUP specific instructions regarding your Personal Data, your heirs, upon your death may exercise the right regarding conservation, deletion and communication of your Personal Data as required by the administration and regulation of your estate, as well as notify LOUVRE HOTELS GROUP of your death.

You can exercise your rights as described in Article 4 in the following manner:

• by sending an email explaining the purpose of your request to the following address: dpo@groupedulouvre.com.en.
• by sending a letter explaining the purpose of your request to the following address: DPO,Tour Voltaire 1 place des Degrés 92800 PUTEAUX France

All requests must be signed and accompanied by a photocopy of an identity card and indicate a return address for the response. A response will be then sent within one (1) month following receipt of the request, which may be extended to two (2) months considering the complexity of the request or number of requests.

For all requests on information regarding the processing of your Personal Data, you may contact us at dpo@groupedulouvre.com. Additionally, in accordance with the GDPR, you have the right to file a complaint with the CNIL (French Data Protection Authority).

For all information regarding the protection of Personal Data, you may also visit CNIL’s website.

Personal Data collected are maintained for the duration necessary for executing the purposes as described in Article 3, and extended by the duration of legal requirements.

The primary conservation periods are:

The Personal Data collected is deleted following the occurrence of one the following events, and subject to compliance with the applicable legal requirements and legal conservation periods:

• the end date of the conservation period;
• exercise of the right to deletion, in accordance with the French Data Protection Act and method described in paragraph 4, this Personal Data Policy;
• the Website of LOUVRE HOTELS GROUP is no longer available for whatever reason.

Unless otherwise requested by you (subject to the particular instructions being reasonable and feasible), we will delete all of your Personal Data due to death upon request from a right holder and upon proof of having such a right and proof of your death and in accordance with Article 5 and the applicable conservation periods and applicable requirements”.

The Personal Data that we collect may be sent to:

• authorized personnel of LOUVRE HOTELS GROUP;
• subsidiaries of LOUVRE HOTELS GROUP or a company within the LOUVRE HOTELS GROUP Network;
• technical service providers participating in executing the purposes as described in Article 3, responsible for:
  - the execution of Services, reservations and orders, their management and processing.
  - after-sales service;
  - payment processing and security measures regarding the transmission of payment data;
  - market research emails, invitations to register and all other information sent to you by email.
• our partners and companies with whom we have sales agreements that allow us to offer combination packages, if you do not object to such;
• Social networks, based on the websites visited: Facebook, Linkedin, Instagram, Youtube and Twitter. We invite you to review the confidentiality policy of the various social networks to be informed of the collection and processing of your Data.

If you do not wish for your Personal Data to be transmitted you may exercise your rights as described in Article 4. 

You agree that we may also be obligated to disclose all of your information in order to comply with the Applicable Regulation or to respond to a legal or administrative proceeding.

We implement the appropriate technical and organizational techniques to protect your Personal Data from accidental or unlawful destruction, accidental loss, alteration and unauthorized disclosure or access.

However, we cannot foresee all of the risks associated with the function of the internet and we must underscore the potential for risks inherent to its function.

We also monitor the manner in which our service providers process your Personal Data to the extent that they have provided the sufficient warranties regarding the implementation of appropriate data security measures.

In the event that you identify a security breach affecting the Website, you are required to notify us with the relevant information regarding this breach in a confidential manner.

For execution of our Services, we are required to transmit your Personal Data to recipients (LOUVRE HOTELS GROUPS, service providers, partners) located outside of the European Economic Area (EU, Norway, Iceland and Lichtenstein), primarily to the United States.

In this case, the processing of your Personal Data will be subject to the guarantees offered by the basis of adequacy decision established for the European Commission, incorporating the required “Privacy Shield”. The Privacy Shield is a mechanism for self-certification for business established in the United States. This mechanism has been recognized by the European Commission as offering an adequate level of protection for Personal Data transferred from a European company to a company established in the United States. CNIL also considers this mechanism as sufficient for the legal warranties for the transfer of such data. For more information on the Privacy Shield, you can visit the CNIL website: https://www.cnil.fr/fr/le-privacy-shield.

In any case, all transfer of Personal Data outside of the European Economic Area complies with the requirements of the Applicable Regulation and due to the implementation by LOUVRE HOTELS GROUP of appropriate warranties such as the signature of Standard Contractual Clauses of the European Commission (available here: https://www.cnil.fr/fr/les-clauses-contractuelles-types-de-la-commision-europeenne) with the recipient of the data or by use of the binding corporate rules.

As a User of the Website or Guest of LOUVRE HOTELS GROUP, you hereby acknowledge to be informed of the importance of the accuracy of your Personal Data and that you have verified such on the Website or when communicating with us.

You are also required to only verify Personal Data when communicating with us, entering into an agreement with us, requesting Services and for the period the Website is used, as well as to update the Data immediately if one or more elements of such changes during the duration of the Website or Agreement between us.

You may also request access and correction, as well as oppose or delete said Data as set out in Article 4, among others.

You are obligated to be aware of the General Terms of Sale of the Website (hereinafter, “Terms”) and other contractual documents signed with LOUVRE HOTELS GROUP for use of the Website and Services, which together with this Personal Data Policy constitute the enforceable contractual documents.

You are required to strictly comply with the terms herein the Personal Data Policy and the Terms of the Website upon use of the latter.

LOUVRE HOTELS GROUP shall not be liable in the event that: (i) use of your data, such as identification by a third party due to negligence or fault attributed to you; (ii) the Personal Data is incorrect or have not been updated by you; (iii) non-compliance with your obligations regarding the Applicable Regulation, this Personal Data Policy or the Terms and/or other contractual documents applicable to you.

You will be liable for all pecuniary sanctions that may be ordered against LOUVRE HOTELS GROUP for all rulings issued by a French jurisdiction, administrative or judiciary, or issued by an independent administrative authority, such as the CNIL (French Data Protection Authority), following non-compliance of your obligations pertaining to this Personal Data Policy.

In the event that one or more of the clauses herein the Personal Data Policy is declared null and void due to a change in legislation, Applicable Regulation or by a court decision, the validity and obligation to compliance with the other clauses of the Personal Data Policy shall not be affected.

This Personal Data Policy and documents referenced herein are governed by French law.

To ensure that this document is properly understood, the terms defined below beginning with capital letters and used in the singular or plural shall have the following meanings:

“Guest”
Means a natural person, Account holder, residing in France and/or overseas who uses the Website.

“Guest Account”
Means the space provides for a Guest on the Website upon registration, according to the terms established by the Terms of Sale and Terms of Use. This Account is strictly personal, individual and non-transferable to a third party. The Account is accessible using the identifier and password of the Guest.

“Sensitive Data”:
personal data that discloses one’s racial or ethnic origin, political opinions, religious or philosophical beliefs or affiliation to a union, as well as the processing of genetic information and biometric information in order to identify a natural person in a unique manner.

“Personal Data or Data”
Means “any information relating to an identified or identifiable natural person (hereinafter, ‘data subject’); an identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more factors specific to his or her physical, physiological, genetic, mental, economic, cultural or social identity.” according to Article 4 of the EU GDPR.

For example, data that identifies you such as your title, first name, last name and email address are Personal Data.

“European Economic Area”:
territorial zone including the Member States of the European Union, Norway, Lichtenstein and Iceland.

“Applicable Regulation”:
Means the existing or future regulations and standards applicable to User and the Website, namely: legislation and regulation applicable to internet platforms such as the Website and regarding the protection of Personal Data, in addition to the French Data Protection Act and the EU GRDP.

“Our Hotels” or our “Network”:
all franchised entities of LOUVRE HOTELS GROUP or managed by LOUVRE HOTELS GROUP, or any subsidiary of LOUVRE HOTELS GROUP that operates a business under a trademark of the LOUVRE HOTELS GROUP.

“Service”:
Means the hotel services and related services offered to Guests by LOUVRE HOTELS GROUP via the Website as defined in the General Terms of Sale and in person at our Hotels.

“Website”:
all websites published by LOUVRE HOTELS GROUP presented under the domain name of LOUVRE HOTELS GROUP or presented under the domain name of one of its trademarks.

“Device”
Means the various technical means allowing the User to access the Website. The Devices may be Smartphones, tablets (Apple or Android), microcomputers via the internet and all objects connected or able to connect to another object, in addition to the internet.

“User”:
Means all natural persons accessing the Website personally or on behalf of a legal entity and having the capacity to enter into agreements on the Website, as a Visitor or Guest.

“Visitor”:
Means any internet user, natural person, viewing the Website using a Device, who is not necessarily a Guest.