https://www.hotel-restaurant-au-soleil.fr is published by:
HOTEL SPA AU SOLEIL
20, route Sainte Gertrude
68920 Wettolsheim
Tel:+33 (0)3 89 80 62 66
Site created and hosted by NANCOMCY
Registered office:
81 rue Jeanne D’ Arc
F-54000 Nancy
Tel: +33 (0)3 54 12 23 11
Siret (company registration number): 800 525 602 00010
Intellectual property:
All information on this website is subject to French and international legislation on copyright and intellectual property. All reproduction rights are reserved for the texts and photographs on this site. Reproduction of all or part of this website in electronic or any other format is strictly prohibited without the publisher’s express permission, in accordance with Article L 122-4 of the French Intellectual Property Code.
Photos: all rights reserved
Created by NANCOMCY
Hyperlinks:
The hyperlinks placed on this website linking to other resources on the Internet, including to our partners, have received express prior written authorisation from the publisher.
Right of reply:
Any person cited on the website may exercise a right of reply by simply sending a request by post.
Confidentiality policy:
The data found on the website https://3nancomcy54 hotelspa.pf3002.wpserveur.net may not under any circumstances be transferred or sold to third parties. No email address may be forwarded to third parties, including to our partners, without the written consent of the persons concerned.
____________
PREAMBLE
In connection with its activities, NANCOMCY (a simplified joint-stock company (Société par Actions Simplifiée) whose registered office is located at 81 rue Jeanne D’Arc – 54000 Nancy, registered on the Nancy companies register (RSC) under number 800 525 602 and known by the business name ‘NANCOMCY’) is required to collect and process your personal data.
The processing of personal data is governed by:
– French Law No. 78-17 of 6 January 1978 on data protection and civil liberties (hereinafter, ‘IEL law’);
– Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016, which entered into force on 25 May 2018 (hereinafter, ‘GDPR’).
NANCOMCY undertakes to protect your privacy and your personal information by complying with the prevailing legislation. This policy informs you about our data processing practices and about how your personal information is protected.
DEFINITIONS
• Personal data: any information that directly or indirectly identifies an individual. Examples: name, registration number, telephone number, photograph, date of birth, town of residence, fingerprint…
• Processing: any operation or any set of operations applied to your personal data..
• Data controller: the entity that determines the means and purposes of processing personal data.
• Subcontractor: any person who processes personal data on behalf of the data controller.
• Terminal: all electronic devices enabling the exchange and processing of data (tablets, mobile phones, computers, etc.)
IDENTITY OF THE DATA CONTROLLER
Your personal data is collected and processed by the company NANCOMCY, SAS with a capital of €50,000, registered on Nancy companies register under number 800 525 602.
1. Which categories of personal data may be collected and processed?
NANCOMCY may collect and process several types of personal data:
• Identity data: title; surname; first name; date of birth; email; telephone number (landline and/or mobile); fax number; address; internal processing code for customer identification; professional activity; SIREN (French business registration) number; and where applicable a copy of the identity card, for the purposes of verifying the exercise of a right of access, of rectification or objection, or to respond to a legal obligation.
• Payment method information: postal or bank account details; payment identification.
• Information about the transaction, such as the transaction number, details of the purchase, goods or service subscribed;
• Information for commercial relationship monitoring: documentation requests, testing requests, product purchased, quantity, amount, frequency, delivery address, purchase history, product return, correspondence with the customer and after-sales service, discussions and comments with customers and prospects, customer relationship manager(s);
• Information concerning the payment of invoices: payment arrangements, remittances agreed, received, balances and unpaid amounts not entailing suspension of the person’s benefit from a right, service or contract. Where applicable, information about credit agreed (amount and duration, name of the lending body) may also be processed by the salesperson where the order is paid for by credit;
• Information required for loyalty, canvassing, research, surveying, product testing and promotion initiatives;
• Professional data such as education and professional experience, CV and cover letter and any information that the applicant wishes to send us in this regard.
• Data relating to the organisation and processing of competitions, lotteries and any promotional campaigns, such as the date of participation, the answers given in competitions and the nature of the prizes offered;
• Data relating to the contributions of people who submit opinions on products, services or content, including their pseudonyms;
• Login data: IP addresses, cookies, trackers (data/time/duration of visit to our website, pages consulted), computer ID, browser type.
When personal data is requested, you may refuse to supply it. However, if do you refuse to supply it, we may not be able to provide the product or service concerned.
Please note that we may also promote related third party products and we encourage you to read their personal data protection policies applicable to you.
2. What personal data collections methods are used?
Your personal data is only collected from you in the following instances:
– when you browse our website, provided you agree to web browsing cookies (for more information see Article 7 of this policy);
– from forms, for example contact and application forms;
– from the purchase and supply of our products;
– in the administrative and financial management of customer relationships;
– our verbal and written exchanges: the content of your messages, emails, letters or telephone calls;
– sending sales offers, satisfaction surveys, canvassing and/or newsletters or when participating in a competition, as applicable.
Where required by law, NANCOMCY undertakes, where applicable, to obtain your consent and/or to allow you to object to your data being used for specific purposes.
NANCOMCY may contact people for sales and marketing purposes.
If those people subsequently no longer wish to receive such contacts by email, they may freely and at any time send an email via the contact form on our website, without providing any other reason.
3. For what purposes is your personal data processed?
Your data may be collected by NANCOMCY for explicit, legitimate and specific purposes in the interests of:
➢ Customer relationship management: contracts, orders, deliveries, invoices, accounting and customer account management in particular, a loyalty programme, monitoring the customer relationship such as conducting satisfaction surveys, managing complaints and the after sales service where applicable, credit management;
➢ Managing unpaid sums and disputes;
➢ Improving our product and services offering: surveys, analyses and commercial statistics, where applicable;
➢ The smooth functioning and continuous improvement of our website;
➢ Business development-related operations;
➢ The updating of business development records by the body in charge of managing the list of telemarketing opt outs, pursuant to the provisions of the consumer code;
➢ The management of applications;
➢ The organisation of competitions, lotteries or any promotional campaign, where applicable;
➢ The management of requests for rights of access, rectification and objection, erasure, restriction or portability;
➢ Legal obligations to which we are generally subject, for example accounting and tax obligations.
In any event, and for each defined purpose, NANCOMCY will apply all means available to it to ensure the personal data entrusted to us is kept secure and confidential, in compliance with the prevailing laws and regulations.
4. What are the legal grounds for the processing of your personal data?
Depending on the circumstances, NANCOMCY will process your personal data based on the following legal grounds:
– the processing must be necessary to fulfil a contract to which you are party, or to fulfil your request (for example when making contact);
– the processing must respond to legitimate interests pursued by NANCOMCY (e.g. fraud prevention);
– in some cases we need to retain your data because the law requires us to do so (e.g. to ensure security in general, for tax reasons, etc.);
– and, if required, on the basis of your consent.
5. To whom is the personal data sent?
Authorised persons within our company are the recipients of your data.
We may also be required to share your personal data with partners and/or subcontractors for any of the purposes listed above. Our subcontractors and partners must comply with our personal data confidentiality and security rules and are not permitted to use them for any other purposes.
The body in charge of managing the list of telemarketing opt-outs may also be the recipient of personal data.
We may also be required to share your personal data with the following people:
➢ judicial, police or administrative authorities legally authorised to access such data;
➢ parties in legal proceedings, in order to defend or exercise our rights..
We undertake not to sell or rent your personal information to any third party without your permission.
6. How long is personal data retained for?
NANCOMCY undertakes to ensure that the data collected is not retained beyond the period necessary for the purposes for which the data is collected and processed.
Personal data may be retained to comply with contractual and legal obligations. Individuals are also advised that NANCOMCY will retain data transmitted according to the criteria and recommendations of the French data protection authority (CNIL), which are available in its reference standard: simplified standard No. 48.
Customer data will be retained for the duration of the commercial relationship and may be retained for business development purposes for a maximum of three years as from the end of the commercial relationship. Beyond that period, the data will be archived for the period in which our company may still be held liable.
Personal data relating to a non-customer prospect will be retained for a period of three years as from their collection or from the date of last contact from the prospect.
Applications will be retained for the period in which they are reviewed, and during the recruitment process for the position concerned. If an application is unsuccessful, NANCOMCY will retain the application records with the applicant’s consent. The applicant has the option of requesting its destruction under the arrangements laid down in Article 11 ‘How to exercise your rights’ below. If an applicant does not request destruction of their records, the data will be automatically destroyed two years after last contact. A longer retention period will only be permitted with the applicant’s formal approval.
For the management of requests for rights over your personal data: your data will be retained for a maximum of one year. If you forward a copy of an identity document to confirm your identity, we will retain it for one (1) year or three (3) years when this communication is made as part of exercising a right to object.
Where a person exercises their right to object to receiving marketing contacts, the information that enables their right of objection to be recorded will be retained for three years as from the exercise of the right to object.
The information stored in the user terminal (cookies) or any other element used to identify users and allowing users to be traced will be retained for a maximum of 13 months.
7. Cookies
This page explains more about how cookies work and how to adjust their settings.
7.1 – What is a cookie?
A cookie is a small data file, also called a tracking cookie, transmitted from a website to your computer’s hard drive, tablet or mobile. It is saved in your browser while you browse a website. Its purpose is to make your browsing easier, to offer you personalised services by collecting information as you visit this site, and for as long as the cookie remains valid.
Cookies are stored by a site or by third parties when you visit a website, but do not recognise you personally as an individual; they only recognise the device you are using. Cookies do not cause any damage of any kind to your device, but they do allow you to benefit from certain functionalities of a website. They also help the publisher to keep the website secure, to remember your preferences and personalise the content.
7.2 – The different categories of cookies used on our site
The types of cookies we use may be:
- Session cookies or persistent cookies:
- Session cookies only last for as long as your browsing session lasts and are deleted when you close your browser.
- Persistent cookies are installed for a set period.
- Internal or third-party cookies:
- Internal cookies required for a site’s correct functioning:
These cookies are necessary for the site’s correct functioning. They make it possible to adapt our site’s presentation to your terminal’s display preferences (language, display resolution, system). You may opt out and delete them using your browser settings (see paragraph 7-3 below ‘How to accept or reject cookies’), but your user experience may be adversely affected.
| Cookie name | Purpose(s) | Cookie retention period |
| phpsessid | Retains the configuration of user settings through page requests. |
Expires at the end of the session. |
| ms_consultationidPageAEnregistrer | ………………………………….. | Expires after 4,166 days |
| ms_consultationidProduitAEnregistrer | ………………………………….. | Expires after 4,166 days |
| ms_consultationidRubriqueAEnregistre | ………………………………….. | Expires after 4,166 days |
| ms_idPanier | ………………………………….. | Expires after 4,166 days |
| ms_timeConsultationAEnregistrer | ………………………………….. | Expires after 4,166 days |
| msv4_idCookieUser | ………………………………….. | Expires after 4166 days |
- Third-party preferences cookies
A third-party cookie is a cookie placed on the user’s computer by the server of a domain different to that of the site visited. Preferences cookies collect information about your choices and preferences and remember your language or other local settings.
| Cookie name | Purpose (s) | Cookie retention period |
| lang | This cookie makes it possible distinguish between users and is used to preserve and memorise the language the user browses in. Installed by LinkedIn when a web page contains a built-in ‘Follow us’ banner. | Expires at the end of the session. |
- Third-party statistics cookies (performance analysis, audience measurement)
These cookies are used to anonymously distinguish between users and establish statistics for visitor volumes and usage of the various elements making up our site (number of pages viewed, number of visits, return rates, etc.).
List of cookies and statistics
| Cookie name |
Cookie retention period |
Description – Categories of data collected |
| _ga | Expires after 24 months |
Google Analytics is a Google web analytics tool that allows website and app owners to better understand their users’ behaviour. This tool uses cookies to collect information and generate reports on website traffic (number of visits, time spent on the site, average number of pages viewed, device and browser used, geographical location), web traffic sources (sources and campaigns originating the visits) and browsing (pages consulted, performed actions). |
| _gid | Expires after 1 day. | |
| _gat | Expires after 1 day. |
- Third-party marketing cookies designed to improve the site’s interactivity
These cookies are used to track visitors through websites. Our site relies on a number of services offered by third-party sites. These include LinkedIn sharing buttons. These buttons improve the site’s user-friendliness and help promote it via sharing.
| Cookie name | Supplier(s) and Purpose(s) | Cookie retention period |
| Jsessionid | Cookie installed by LinkedIn. Retains the configuration of user settings through page requests. | Expires at the end of the session. |
| Bcookie | Browser identification cookie installed by LinkedIn. Used to identify visitors and enhances interactions. For example, it allows visitors to log into a website via their LinkedIn app. | Cookie requiring the user’s consent (13 months). |
| Bscookie | This is a cookie associated with LinkedIn. It is used to recognise a secure browser and track the use of integrated services. | Cookie requiring the user’s consent (13 months). |
| Lidc | Used by the LinkedIn social networking site. Used for routing from Share buttons. | Expires after 4166 days |
| R/collect | This cookie is used to send data to Google Analytics about the visitor’s device and behaviour. It tracks visitor access across devices and marketing channels. | Expires after 4166 days |
7.3 – How do I accept or reject cookies?
When you visit our site for the first time, a banner informs you about the use of cookies and prompts you to accept or reject them. The banner will stay active until you have indicated your choice. You can adjust the cookie settings via the banner displayed when you first browse the site or via your web browser (see below).
You can choose to delete or deactivate cookies at any time in your browser. Each browser offers the ability to change your settings in order to:
- inform you about which cookies are stored on your computer,
- allow you to accept or reject them, on a case-by-case or systematic basis.
Each browser is configured differently. We encourage you to read your browser’s help menu to configure the settings according to your preferences.
- For Microsoft Internet Explorer
cookies are managed via Internet Explorer - For Mozilla Firefox
managing cookies on Mozilla Firefox - For Google Chrome
managing cookies on Google Chrome - For Safari
managing cookies on Safari - For Opera
managing cookies on Opera
For further information, you can visit the pages of the French data protection authority’s (CNIL) website dedicated to this subject, and particularly Cookies and how to manage them.
8. How exactly is your personal data kept secure?
NANCOMCY and its partners/subcontractors undertake to implement all technical and organisational measures to ensure personal data is processed securely and your data is kept confidential, pursuant to the EU General Data Protection Regulation (GDPR) and French Law No. 2018-133 of 26 February 2018 ‘laying down various provisions for adaptation to European Union law in the area of security’.
To this end, NANCOMCY will take all necessary precautions, depending on the nature of your data and the risks posed by its processing, to preserve the security of the data and to prevent it from being tampered with or damaged, and to prevent access by unauthorised third parties (physical protection of premises, logging connections, encryption of certain data, etc.). We regularly review the technical and organisational measures put in place to protect our information and communication systems.
However, the security and confidentiality of personal data rely on good practices being applied by everyone, and we encourage you to be vigilant. Furthermore, NANCOMCY does not control all the risks associated with use of the Internet and we draw your attention to the existence of potential risks inherent to its use and operation. We disclaim all liability for any damage caused by access to or use of our site, including viruses infecting your computer or any other material damage.
9. Do we transfer personal data outside the EU?
NANCOMCY undertakes not to transfer your personal data outside the European Union. In the event that NANCOMCY is required to do this, it will adhere to its duty of disclosure by indicating the measures taken to manage this transfer and ensure the confidentiality of the data is respected.
10. What are your rights?
You have the following rights:
- Right of access: you have the right to know which of your personal data we hold and to request a copy of it, as well as information about the purpose of its processing. However, if these requests are manifestly unfounded or excessive, for example because they are repetitive in nature, NANCOMCY is not required to respond to them;
- Right to rectification: you have the right to seek rectification of your personal data if it is inaccurate, and in certain cases to have it erased or its processing restricted;
- Right to erasure: you may request that we erase your personal data under certain conditions (for example when the data is inaccurate, incomplete, ambiguous, outdated, or where collection, use, communication or retention is prohibited);
- Right to object: you have the right to object to the processing of your personal data, for example if it is used for marketing contacts.
- Right to restrict processing: you have the right to ask us to suspend use of your data in certain cases;
- Right to data portability: where applicable, you have the right to receive a copy of the personal data you have sent us (in a machine-readable format) or to forward this data to another company;
- Right to withdraw your consent: you may withdraw your consent to the use of your personal data at any time when required.
- Right to file a complaint to the French data protection authority (CNIL) by going to their website.
- Right to determine what happens to your data after your death, and to choose whether or not we disclose your data to a third party that you have designated in advance. In the event of your death, if we have not received instructions from you we will undertake to destroy your data, unless its retention is necessary for probative purposes or to comply with a legal obligation.
- How can you exercise your rights?
The above rights can be exercised by sending a simple request by email or by post to: NANCOMCY – 81 RUE JEANNE D’ARC – F-54000 NANCY indicating your contact information (full name and address), specifying your request, confirming your identity and stating a legitimate reason as to why it is required by law (for example objecting to processing).
To find out more about your rights, you can also consult the French data protection authority’s website via the following address: http://cnil.fr..
- Use of data in the event of a change of company control
The personal data collected by NANCOMCY may be transferred to third parties in connection with a change of control of the company, an acquisition, collective proceedings or sale of the company’s assets.
- Updates to the personal data policy
Our policy may be amended at any time, for example to reflect changes in technologies used or the release of new services and new regulations, in which case the new version will be published on our website and in store. We therefore advise you to check this page regularly for any changes.
