USER PRIVACY POLICY
Privacy Policy
The processing of personal data covered by this Privacy Policy is subject to French law, including the Data Protection Act of January 6, 1978 as amended, and EU Regulation 2016/679 of April 27, 2016 on the protection of individuals with regard to the processing of personal data and on the free movement of such data (GDPR), hereinafter referred to as the “Personal Data Regulation.”
We first present the principles of collecting User Data from the site and then our commitment regarding the security and protection policy of this data.
By using our Services, the User acknowledges knowing and understanding this Privacy Policy and the Personal Data Regulation, our practices for collecting and processing information.
This Privacy Policy was last updated on 01/01/2024. We may amend this Privacy Policy. We advise the User to regularly consult this document, especially with each new use of the Services.
The use of our Services implies the unconditional acceptance of this Privacy Policy and the understanding of the Personal Data Regulation by any User wishing to benefit from the Services provided by the latter, with the latest version in force.
Data Controller
In the context of our activity, we collect and process User Data and Personal Data on behalf of our Partners as well as for our own account. In this context and for processing as mentioned in this Privacy Policy, we jointly determine the purposes and means of the Data Processing. In accordance with Article 26 of the Personal Data Regulation (EU Regulation 2016/679 of the European Parliament and of the Council of April 27, 2016), we, together with our Partners, obtain the status of “joint controllers” of these Processing operations. We jointly define with our Partners the roles, commitments, and responsibilities of each party to comply with our obligations under the Personal Data Regulation. This Privacy Policy outlines the main terms of this agreement for the User.
Who is our Data protection policy for?
This Privacy Policy applies to Users to accurately describe our practices and obligations regarding the collection, use, and disclosure of Data. To enable the User to navigate and use our Services with confidence, we undertake to process Data in accordance with the Personal Data Regulation.
Source of collected Personal Data
In using our Services, we collect and process only Personal Data that the User provides to us.
Categories of processed Data
The Personal Data we collect may include:
- Email address;
- Phone number;
- Address.
In accordance with Article 5 of the Personal Data Regulation (EU Regulation 2016/679 of the European Parliament and of the Council of April 27, 2016), we undertake to process appropriate, relevant, and limited Personal Data to what is necessary for the purposes for which they are processed. This Personal Data will be collected for specific, explicit, and legitimate purposes. In accordance with Article 13 of the Personal Data Regulation, we undertake to provide the User with all the collection and processing information. This is done via a hyperlink referring to this Privacy Policy.
User Data we collect automatically when the User uses our Services
We collect User Data to analyze and understand behavior and interactions (audience measurement, bounce rate analysis, number of pages viewed, for example). This usage is intended to refine our approach, define and understand needs, expectations, and target our efforts. All this information is processed anonymously using cookies placed on the various interfaces.
Data Use and Legal Bases
Data Processing based on the consent of the data subject (Article 6 a. of the GDPR)
We process Data to allow the use of Services, provided the User consents, for the following purposes:
- Receive personalized travel itineraries;
- Be alerted about new deals, new activities during the stay;
- Subscribe to the Partner’s newsletter.
Data Processing based on compliance with our legal obligations (Article 6 c. of the GDPR)
In cases where the law requires us to do so, we may be able to transmit some of your Personal Data to competent authorities.
Data Processing based on our legitimate interest (Article 6 f. of the GDPR)
When we have a legitimate interest, either in the context of our marketing activities or in the context of the concrete realization of our economic activities, we collect and process Data for the following purposes:
- Conduct studies, tests, and analyses (including Partner studies) to improve our solutions, internal procedures, and overall service;
- Management of any disputes;
- Prevent and combat potential fraud and abuse.
Information regarding minors
The use of our Services is intended for the general public. The processing of Personal Data covered by this Personal Data Regulation is subject to French law, including the “Informatique et Libertés” law which requires, for those under 15, the joint consent of the child and the holder of parental authority. In the event of receiving Personal Data from a person under the age of 15, we delete or destroy this information as soon as reasonably possible.
Data Retention Period
Data is retained for a strictly necessary period for the purposes pursued. The retention period may vary depending on the purpose of the processing.
| Data Categories | Active Base Retention Periods |
|---|---|
| User’s Email, phone number, address | In accordance with CNIL, we delete all personal data of inactive persons for 3 years. They will then be anonymized, kept, and valued for statistical purposes. |
| Cookies | Every 13 months, we will ask for your consent again for cookie processing. (See Cookie Policy point II) |
| Data subject to judicial requisition (Connection data, identity, contact details) | 12 months from the date of collection. |
Data may also be retained for longer periods for other purposes, including compliance with our legal obligations (e.g., accounting and tax obligations). Access to archived data is limited and restricted to competent persons. For any further questions or if the User wishes to exercise the right to delete Data, the User can contact us at the following address: nicolas@feelcity.fr
Security and Data Storage and External Links
Physical, logical, administrative, and organizational measures, adapted to the sensitivity of the Data, are implemented to ensure the integrity and confidentiality of the Data and to protect them against any malicious intrusion, loss, alteration, or disclosure to unauthorized third parties.
User Rights
Exercising your rights
You can send a written request to prevent us and the Partner from disclosing your Data to third parties.
Your right to access and rectify
In accordance with the Personal Data Regulation, you have the right to obtain confirmation that your Data is being processed (or not) and the right to access it, if applicable, and to request a copy from us.
You also have the right to request completion and/or rectification of information about you.
Your right to object to and erase your Data
This is your right to object at any time and without justification to the processing of your Data.
Your right to limit processing
In case of dispute regarding the processing of your Data, you can request that the processing of your Data be suspended pending resolution of the dispute.
Your right to data portability
You can request to transfer the Data you have communicated to another data controller in a structured, commonly used, and machine-readable format, within the limits provided by the Personal Data Regulation.
Your right not to be subject to a decision based solely on automated processing
In the context of our activities, we may implement automated processing of your Data. You have the right not to be subject to a decision based solely on automated processing producing legal effects concerning you or significantly affecting you, except when this decision is necessary for the conclusion or performance of a contract, or is legally authorized.
Your right to lodge a complaint with the CNIL
You can lodge your complaint with the French supervisory authority, the CNIL (Commission Nationale de l’Informatique et des Libertés) by filing an action.
Your right to give instructions in the event of death
You have the right to give instructions regarding the fate of your Data after your death.
No fees will be charged for using your rights mentioned above and thus accessing your Personal Data. However, any unjustified, repeated, or excessive request will be subject to thorough examination, and we may charge you a reasonable fee.