655 avenue René Descartes
Parc de la Duranne - BP 412
13591 Aix-en-Provence CEDEX 3
© 2024 | All rights reserved | Legal notice  | Personal data  | Consent choices

Latest update – 31/03/22

Dear clients,

The General Data Protection Regulation, or GDPR, is applicable in the European Union from the 25th of May 2018.

The implementation of this regulation is an opportunity for the Odalys Group to confirm, via this Charter which is incorporated in the General Booking Conditions, the principles that guide the usage of your personal data.

This charter may be updated regularly, in particular to take account of any changes in the regulations or to incorporate new organizational methods within the Odalys Group.

DEFINITION OF PERSONAL DATA

Personal data is information in a format that identifies, directly (name, first name) or indirectly (login, telephone number, biometric data, etc.), an individual.

Examples: name, photograph, IP address, telephone number, computer login (account login / password), postal address, email.

PROCESSING OF PERSONAL DATA

The processing of personal data may consist of collecting, recording, organizing, storing, adapting, modifying, extracting, consulting, using or communicating personal data as defined above.

SCOPE OF THE CHARTER

This Charter applies to all processing of personal data implemented by all companies within the Odalys Group (the tourism holding company and all of its subsidiaries) in our establishments (tourist residences, business residences, student residences, campsites, …), on our booking websites and, in general, in the relationships between the Odalys Group and all of its customers.

PERSONAL DATA COLLECTED BY ODALYS

This could be :

WHEN ARE PERSONAL DATA COLLECTED?

Personal data are collected:

FOR WHAT PURPOSE DO WE COLLECT PERSONAL DATA?

Personal data are collected to:

ODALYS’ 10 DATA PROTECTION COMMITMENTS

    1. To collect no information that is not strictly necessary for the conduct of our activities, for the satisfaction of our customers and for the improvement of our products and services.
    2. To collect no so-called “sensitive” information relating to : the allegedly racial or ethnic origins; political, philosophical, religious opinions; union membership; sexual orientation; health conditions; genetic or biometric data; criminal offenses or conviction.
    3. To limit as much as possible the number of personnel within the Odalys Group having access to personal data by providing specific authorizations in the departments concerned (sales department, facility operators, accounting, IT department, marketing department, legal department). To initiate in-house awareness campaigns on a large scale on the protection of your privacy.
    4. To keep data only for a duration compatible with the purposes of the treatment or with our legal obligations: 13 months for cookies (from the last login), 5 years for other personal data (from the last transaction).
    5. To transfer no data outside the European Union.
    6. To guarantee at any time the right to exercise the rights held concerning your personal data:
      • Right to access.
      • Right of opposition.
      • Right of rectification.
      • Right to erasure.
      • Right to limitation.
      • Right to portability.

To exercise your rights, you can contact us at the following email address:

dpo@odalys-vacances.com

In this case, you will be asked to provide identification in order to exercise your rights.

The deadline for responding to a completed request is 2 months.

    1. Confidentiality and security

To make every effort at all times, online, physically and organisationally, to protect your personal data against any use that has not been authorized, as a result of intrusion, accidental or voluntary, into our information systems, including our payment systems.

For example: setting up firewalls, using Secure Socket Layer technology on credit card payments, setting up passwords on all computers with access to personal data.

    1. Transfers

To make sure that the providers (marketers, hosts, marketing providers,…) to which we transfer your personal data, strictly respect the regulations of the RGPD.

    1. Consent

To collect your clear and unambiguous consent to the use of your data.

To offer you at any time the opportunity to refuse to receive messages from us (via an unsubscribe link).

  1. Designation of a Data Protection Officer (DPO) – Responsible for the files

The Odalys Group has appointed a DPO (Delegate for Data Protection).

The company “Odalys Résidences” is the file manager.

The email address of the DPO is:

dpo@odalys-vacances.com

Délégué à la protection des données
Groupe Odalys
655, rue René Descartes,
Parc de la Duranne – BP 412
13591 AIX EN PROVENCE Cedex

×