Privacy Policy

Last updated on 1^st March 2023

PREAMBLE

To facilitate the reading of our Personal Data Protection Policy (hereinafter the “Policy”), terms using capital letters, such as “Personal Data”, “Customer”, “Users” or “Network” refer to the definitions in article 15.

The Policy engages LHG EXPLOITATION (hereinafter “LHG EXPLOITATION”, “we”, “us”, “our”). and applies to all the processing of Personal Data that we implement via the website https://www.hosho-hostels.com/ (hereinafter the “Site”) and its associated sub-domains.

This Site allows you to read the offers of LHG EXPLOITATION, to be redirected to a website allowing you to make online reservations, in particular accommodation, with establishments operated under the HOSHO brand (hereinafter our “Hotels”) and to obtain additional information.

Be aware that some hotels you are going to stay in do not belong to LHG EXPLOITATION: they are operated, as a franchised/managed hotel, by a perfectly autonomous and independent entity. The Hotel is thus responsible for the processing of Personal Data that it carries out on its own behalf: monitoring your reservation, payment, invoicing... Our organization as a franchisees/managed network requires our Hotels to respect the principles of protection of your Personal Data in accordance with applicable legislation, in particular in order to ensure the management of your rights when you exercise them.

We offer Users and Customers (hereinafter: “you”) via the website accessible at https://hosho-paris-sud-porte-italie.premiereclasse.com/fr-fr/ an Online reservation service for hotel rooms and associated services.

As part of the Services, we collect and process Personal Data about you. Because respect for your privacy is essential for us and justifies the trust you place in us, we have put in place this Policy which, in a transparent manner, aims to inform you about:

the methods of collection and processing of your Personal Data by LHG EXPLOITATION and their transmission to Hotels in the event of a reservation;
the commitments made by LHG EXPLOITATION to ensure the security of your Personal Data;
the rights you have over the Personal Data processed by LHG EXPLOITATION;
the obligations of LHG EXPLOITATION but also yours, in order to ensure maximum protection for your data.

Your privacy is important, and that is why we have implemented the necessary measures to protect it and to minimize the Personal Data that we collect and process, in compliance with the General Data Protection Regulation^[1] (hereinafter “RGPD”) and the French Data Protection Act^[2].

As such, we implement the principles of privacy protection from the design of our projects and by default, and respect the principles of the RGPD and the Data Protection Act, in particular:

the security of your Personal Data,
respect for the secularity of the processing of your Data,
the processing of your Data for a specific and transparent purpose,
compliance with retention periods appropriate to these treatment objectives,
respect for the accuracy of your Data,
respect for your rights and loyalty in the processing of your Data,
compliance with appropriate guarantees with regard to transfers of your Data outside the European Economic Area.

IDENTITY AND CONTACT DETAILS OF THE DATA CONTROLLER

We, LHG EXPLOITATION, a simplified joint stock company with a capital of 1000 euros, whose head office is located in Tour Voltaire — 1 Place des Degrés, 92800 Puteaux/La Défense CEDEX, registered in the NANTERRE Trade and Companies Register under the number 844 183 434, process your Personal Data as a data controller as part of the Services offered on the Site.

‍In other words, we control how your Personal Data is processed and we determine the purposes, i.e. the purposes (reservation, complaint, etc.). This also means that we give specific instructions to subcontractors processing your Personal Data on our behalf and to operate part of the Services from which you benefit.

‍You can send us any question, request for information or complaint by referring to article 6.

WHAT PERSONAL DATA DO WE COLLECT AND WHY?

Data we collect directly from you

‍In particular, we collect identification and contact data (name, first name, email address, etc.), which allows us to know who you are, in order to better manage your reservations and the commercial relationship that we maintain with you, or more simply to be in a position to manage our Site.

‍We thus collect the data that results from your interactions with us, on the Site, by telephone, via hotel comparators or directly during your stay.

‍Namely: we collect certain data automatically through the use of the Services:

Technical data: IP address, internet connection, browser type, information concerning the Terminal used;
Data collected using cookies: for more information, see the Cookie Policy.

‍Namely: we also collect data indirectly.

The main Personal Data that we collect and their uses are presented to you below:

‍Why do we process your Personal Data?

What data do we collect?

For the reservation of a hotel room or the follow-up of your reservation via our customer service

Your identification data such as: title, last name, first name, first name, email address, email address, postal address, date of birth, your mobile and/or fixed telephone number and possibly the recording of your telephone conversations when you make a reservation by telephone.

Details of your stay: dates, number of nights, destination, presence of an adult/child.

As a guarantee, when you book a room online

Data relating to your bank card: bank card number, bank card validity date, security code (only for the duration of the transaction), if applicable, name of the bank card holder (fight against fraud).

For the administration of the Site

Data related to your terminal and your connection, in particular: IP address, internet connection, type of browser, information concerning the Terminal used

When you want to contact us via a form or by phone or if you want to leave a review

Your identification data: name, first name, email address, subject of your message

Why we process your Personal Data

2.3.1 Operations required to deploy our Services:

The management and administration of the Site and our pages on social networks:

the management of cookies under the conditions defined by the Cookie Use Policy ;
The management of your online reviews and our e-reputation.

Managing your stay at the hotel:
ensure that the Hotel checks you in;
in some cases (when we operate the network), allow you to benefit from the Wi-fi network in our Hotels and restaurants;
monitor your consumption and expectations during the stay in order to adapt our service offers;
manage our customer lists.
Allow you to benefit from the Services we offer:
the placing, follow-up and history of reservations;
prepayment and payment by bank card: recording credit card data to secure the reservation, fight against fraud, operate reservation statistics;
the cancellation of a reservation and, where applicable, the refund;
processing your preferences;
monitoring our commercial relationship (sending “pre-stay” and “post-stay” emails) and sending satisfaction surveys and surveys by email.

2.3.2 Operations necessary for marketing and commercial prospecting:

Send you our commercial offers adapted to your profile and display targeted advertising, in particular on your social media pages (offers from LHG EXPLOITATION and concerning HOSHO);
The communication of your email address to our specialized subcontractors (Facebook, Amazon) in order to help us find new prospects, with a profile similar to yours, who may be interested in our Services. These companies, with which you have subscribed, do not send us information about you, they only search for people with interests and a profile similar to yours and offer advertising adapted to us on our behalf;
The use of your Data to create personalized audiences with our partner Facebook and thus offer you targeted advertising;
The analysis of connection and navigation data (collected via trackers/cookies or via your browser) for the purposes of targeted advertising on the Site Services;

For more information, see our Cookie Policy.

‍Important: with regard to these operations, you have the possibility of implementing your right of opposition and in particular your right of specific opposition to commercial prospecting (by refraining, on the one hand, from ticking the opt-in box and/or by following the procedure described in article 4) which assures you, once taken into account, that the processing of your Personal Data is stopped for this purpose.

2.3.3 Managing your various requests

processing your online applications;
the processing and documentation of your requests to exercise your rights (access, correction, correction, opposition, deletion, limitation, portability, etc.);
the processing of your calls and requests by our customer service.

ON WHAT BASIS DO WE COLLECT AND USE YOUR PERSONAL DATA?

We are likely to process your Personal Data on the basis of several bases:

Legal basis

Examples of treatments

The execution of a contract or pre-contractual measures taken at your request

The registration and management of your reservations, the follow-up of billing

Your consent

For example, when we send you emails or text messages containing news, special/commercial offers or satisfaction surveys

The legitimate interest of LOUVRE HOTELS GROUP

manage your requests for information and your online opinions in order in particular to improve your User experience and our customer approach;
in some cases, the management of a Wi-Fi network in our Hotels;
to make you benefit from our personalized promotions and recommendations and those from our Hotels;
the implementation and improvement of distance selling tools and the constant improvement of your shopping experience;
the management and administration of the Site.

A legal obligation

For example when we collect information about you in order to respond to your requests to exercise your rights (see article 6).

If the processing of your Personal Data is one day necessary to protect your vital interests or those of another natural person

WHAT ARE YOUR RIGHTS?

You have a right of access, rectification, deletion, deletion, limitation, limitation, opposition and right to portability (in accordance with the provisions of articles 15 to 21 of the RGPD).

You also have the right to file a complaint with the competent supervisory authority (in France, the Commission Nationale de l'Informatique et des Libertés, or “CNIL”).

You can exercise these rights at any time and at no cost, except in the case of requests that are clearly unfounded or excessive (in particular because of their repetitive nature). In this exceptional case we reserve the right, in accordance with the RGPD, to require the payment of reasonable fees (indexed to the administrative costs of your request) or to refuse your request.

LHG EXPLOITATION informs you that it has a Personal Data Protection Officer who you can reach either by email: dpo@groupedulouvre.com, or at the following address:

DPO

LOUVRE HOTELS GROUP

Voltaire Tower — 1 Place des Degrés

92800 Puteaux

‍You have an absolute right to oppose commercial prospecting: you can thus request, free of charge and at any time, to no longer receive commercial communications from us.

‍You can also exercise your rights with respect to your Personal Data stored and processed by a Hotel in its capacity as data controller. We invite you to exercise your rights directly with this or these Hotels and to consult their privacy policy if necessary.

‍Summary of the rights you have:

‍Rights you have

Usefulness

Right of access

Right to know if we hold Personal Data concerning you and to obtain a copy of it, as well as, in particular, the following information: purpose of the processing, categories of Personal Data processed, categories of recipients of the Data, storage period when possible (or the criteria used to determine this duration), rights from which you benefit.

Right to erasure (right to be forgotten)

Right to obtain the deletion of your Personal Data in the cases provided for by the RGPD (article 17), in particular when the data we process is no longer necessary for us; when you oppose commercial prospecting and request the deletion in addition to stopping the processing; when the processing is unlawful.

Right to object

This right applies when we process your data in order to pursue one of our legitimate interests, such as advertising on your social media pages. In the event of an opposition request from you, we will analyze the reasons relating to your particular situation and find out if we have a legitimate and compelling reason to continue to process your Data. Otherwise, we will stop the processing in question.

Right to oppose commercial prospecting

In the event of opposition to commercial prospecting, we will simply stop the processing of the Data concerned.

Withdrawal of consent‍

When the processing of your Personal Data is based on your consent, withdrawing your consent prevents us from continuing to process the Data in question.

Right to correction and right to limitation

You may request the updating or correction of any Personal Data that you believe to be inaccurate or out of date.

You can also request that the processing be suspended, with the exception of the storage of Personal Data, when:

you contest the accuracy of the data (this limitation lasts while we verify this possible inaccuracy);
the processing is unlawful and you prefer to obtain the limitation of the processing rather than the deletion of the data;
we no longer need the data but you consider that it is still necessary for the establishment, exercise or defence of legal claims;
you have requested an objection due to your particular situation and this limitation is obtained while the balance of interests is verified between our legitimate interests and your rights and freedoms.

When processing has been restricted, your Data may only be processed with your consent or for the exercise, establishment and defense of legal claims.

Right to portability

You have the right to receive the Personal Data that you have provided to us directly, in a structured, commonly used and machine-readable format.

You also have the right to transmit this Data or to request that we transmit it to another data controller.

This right only applies to treatments based on the consent of the person, or on the execution of the contract and which are carried out using an automated process.

EXTINGUISHED DATA IN CASE OF DEATH

In accordance with the provisions of article 85 of the Data Protection Act, we inform you that, as a natural person:

You have the right to define with us instructions relating to the storage, deletion and communication of your Personal Data after your death;
You can change or revoke these instructions with us at any time;
You may designate a person responsible for the execution of these instructions, who will have authority after your death, to review these guidelines and to request their implementation from us.

You are also informed that in the absence of transmission to LHG EXPLOITATION of specific instructions on the fate of your Personal Data, your heirs may exercise after your death the rights relating to the conservation, deletion and communication of your Personal Data to the extent necessary for the organization and settlement of your succession as well as for LHG EXPLOITATION to take into account your death by LHG EXPLOITATION.

HOW DO YOU REACH US? HOW DO I FILE A CLAIM?

You can make a request to exercise one of the rights mentioned in article 4 in the following way:

by sending an email explaining the subject of your request to the following address: relation@louvre-hotels.com.
by sending a letter explaining the subject of your request to the following address: LHG EXPLOITATION - Customer service - Tour Voltaire, 1 Place des Degrés, 92800 Puteaux.

‍For security reasons and because our Services present sensitive confidentiality issues, any request for the right to access Data must be signed and specify the address at which the response is expected. A photocopy of an identity document will be requested if LHG EXPLOITATION has reasonable doubts about your identity. In this case, LHG EXPLOITATION will send you the procedure to follow in order to guarantee the security of this transmission. According to the risk assessment for the persons concerned conducted by LHG EXPLOITATION, these security measures could also apply to other requests to exercise law. A response will then be sent to you within one (1) month following receipt of the request, which may be extended by two (2) months taking into account the complexity or number of requests.

‍For any request for information on the processing of your Personal Data, you can contact us at the address: dpo@groupedulouvre.com.

‍For any information relating to the protection of Personal Data, you can also consult the CNIL website.

HOW LONG DO WE KEEP YOUR DATA?

The Personal Data collected is kept for the time necessary to achieve the purposes described in article 2 “WHAT PERSONAL DATA DO WE COLLECT AND FOR WHAT REASONS?” ”, increased by the duration of legal requirements.

‍The main storage periods are:

‍Purposes

Retention periods

Attendance data (internet)

One (1) year from the date of the connection in question

Data relating to Customers for promotional and commercial prospecting purposes

Three (3) years for animation and prospecting purposes from the end of your stay or the last time you came into contact with us

Data relating to prospects for promotional and commercial prospecting purposes

Three (3) years from the last incoming contact with LHG EXPLOITATION

Accounting documents and documents (e.g. invoice)

Ten (10) years, as accounting evidence

Data relating to transactions carried out and means of payment

Duration of the transaction (until the moment when the LHG EXPLOITATION account is credited);

In intermediate archiving, to meet administrative requirements such as the establishment, exercise and defense of our legal rights: up to thirteen (13) months from the date of the debit or fifteen (15) months for deferred debit cards

Data relating to your identity documents

In case of exercise of the right of access, deletion, portability, portability, limitation or correction: one (1) year

In case of exercise of the right of opposition: six (6) years

The possible recording of your telephone conversations when you make a reservation by telephone

Two (2) months

Personal Data collected via trackers (Cookies, SDK)

Thirteen (13) months

Unless otherwise directed by you (provided that this particular directive is reasonable and feasible by us), we will delete all your Personal Data, in the event of death, at the end of the applicable retention period and applicable requirements, or at the request of a entitled person and upon proof of his status as a beneficiary and on proof of his status as a beneficiary and of your death and in accordance with article 5 “FATE OF DATA IN CASE OF DEATH”.

WHO ARE WE LIKELY TO SEND YOUR DATA TO (THE RECIPIENTS)?

The Personal Data that we collect may be transmitted, in order to ensure the purposes listed in article 2:

to authorized LHG EXPLOITATION personnel;
to authorized staff of any Hotel;
to technical service providers providing services that contribute to the achievement of the purposes described in article “2. WHAT PERSONAL DATA DO WE COLLECT AND FOR WHAT REASONS? ”, who are our subcontractors and for whom we are legally responsible, and in particular the service providers in charge of:

the execution of the Services, reservations and orders, their management and their processing;
after-sales service;
payment processing and security measures concerning the transmission of payment data;

sending prospecting emails, invitations to register and any other informational email to your destination;

to companies with which we have commercial agreements intended to allow us to offer you coupled or personalized offers or as part of a Loyalty Program, unless you object;

to social networks acting as a subcontractor: we may communicate your email address or telephone number in order to identify if you are already a user of one of these social networks (such as Facebook) and to display advertisements that are tailored to you on your account page.

‍If you do not want your Personal Data to be transmitted to our Hotels or partners for commercial purposes or to social networks for targeted advertising, you can oppose it at the time of collection or to exercise your right of opposition referred to in article 4 “WHAT ARE YOUR RIGHTS?”.

‍You agree that we may also be required to disclose any information about you in order to comply with Applicable Regulations, or to respond to any judicial or administrative request.

HOW TO FILL IN THE FREE FIELDS AND HOW TO MANAGE YOUR SENSITIVE DATA?

In general, the failure to fill in the fields identified on the Sites by an asterisk (*) does not allow us to provide you with all or part of the Services we offer and the functionalities of the Site, and your requests may not be taken into account in an optimal manner.

‍The other fields are optional and are intended to improve the quality of the Services offered to you.

‍When a form (reviews, contacts) offers a free field, we ask you not to enter any personal information and to limit yourself to the information strictly necessary to process your request. We reserve the right to remove any information that is superfluous to your original request.

‍We do not collect Sensitive Data about you.

‍We remind you that Sensitive Data is data that reveals racial or ethnic origin, political opinions, religious or philosophical beliefs or trade union membership, as well as the processing of genetic data, biometric data in order to uniquely identify a natural person, data concerning a natural person, data concerning health or data concerning the sexual life or sexual orientation of a natural person.

‍If you voluntarily provide Sensitive Data to us, in particular as part of your special requests in connection with your reservation, you explicitly consent to us processing these particular categories of Personal Data.

WHAT SECURITY MEASURES DO WE APPLY TO YOUR PERSONAL DATA?

We implement appropriate technical and organizational measures to protect your Personal Data against accidental or unlawful destruction, accidental loss, alteration, dissemination or unauthorized access to this Data.

‍However, we do not control all the risks associated with the functioning of the Internet and draw your attention to the existence of possible risks inherent in its operation.

‍We also control how our service providers process your Personal Data, so that they provide sufficient guarantees that appropriate data security measures are implemented.

‍In the event that you identify a security breach affecting the Site, you undertake to provide us with the relevant information on this vulnerability, in a confidential manner.

HOW DO WE TRANSFER YOUR PERSONAL DATA OUTSIDE OF THE EU?

As part of the execution of our Services, your personal data is not likely to be transferred outside the European Economic Area.

‍However, in the event of transfer of Personal Data outside the European Union, we undertake to comply with the requirements of the Applicable Regulations, to update this Policy and we will put in place the appropriate guarantees necessary for such transfer.

ACCURACY OF THE DATA

As a User of the Site or Customer of LHG EXPLOITATION, you declare yourself informed of the importance of the accuracy of the Personal Data concerning you and that you provide through the Site or as part of your exchanges with us.

‍You therefore undertake to provide only accurate Personal Data during your exchanges, contracts with us, requests for Services and throughout the duration of the use of the Site and to update them immediately if one or more of these Personal Data changes during the said period of use of the Site or the Contract between you and us.

‍In this respect, you can in particular make a request for access and correction, as well as for opposition or deletion as provided for (among others) in article 4 “WHAT ARE YOUR RIGHTS? ” of this Policy.

CHANGES

This Policy is subject to updates that will be posted online. The previous Policy will then be automatically replaced by the new version which will be immediately enforceable against you. Use of the Site is subject to the Policy in force at the time of use. In order to stay informed of these possible changes and updates, it is recommended that you consult the Policy regularly.

GENERALITIES

In the event that one of the clauses of this Policy is void, in particular due to a change in legislation, the Applicable Regulations or by a court decision, this cannot in any way affect the validity of the other clauses of the Policy.

‍This Policy and the documents to which it refers are governed by French law.

DEFINITIONS

For the proper understanding of this document, the terms defined below beginning with capital letters and used in the singular as well as in the plural, will have the following meaning:

‍“Customer”: natural person, holder of an Account, residing in France and/or abroad who uses the Site.

‍“Personal Data” or “Data”: This is “any information relating to an identified or identifiable natural person (hereinafter referred to as “data subject”); is deemed to be an “identifiable natural person” a natural person who can be identified, directly or indirectly, in particular by reference to an identifier, in particular by reference to an identifier, such as a name, an identification number, an identification number, location data, an online identifier, or to one or more elements specific to his physical identity, physiological, genetic, psychological, economic, cultural or social” according to article 4 of the European Regulation on the protection of personal data.

For example, data allowing your identification such as title, surname, first name and email address are Personal Data.

‍“Applicable Regulation”: this refers to all existing or future regulations and standards applicable to Users and to the Site and in particular: the legislation and regulations applicable to Internet platforms such as the Site and concerning the protection of Personal Data, including the Data Protection Act and the European Regulation on the protection of personal data, including the Data Protection Act and the European Regulation on the protection of personal data.

‍“Our Hotels” or our “Network”: any entity franchised by LHG EXPLOITATION or managed by LHG EXPLOITATION, or any subsidiary of LHG EXPLOITATION, which operates under one of the LHG EXPLOITATION brands.

‍“Service (s)”: hotel and related services offered to Customers by LHG EXPLOITATION via the Site and face to face in our Hotels.

‍“Site”: any website or mobile application published by LOUVRE HOTELS GROUP, presented under the domain name LOUVRE HOTELS GROUP or presented under the domain name of its brands.

‍“Terminal”: any technical means allowing Users to access the Site. The Terminals may in particular be Smartphones, Apple or Android tablets, microcomputers via the Internet and any object connected/connectable to another object as well as to the Internet.

‍“User”: any natural person accessing the Site, on his behalf or on behalf of a legal person and therefore having the capacity to and/or the power to contract through the Site, whether he is a simple visitor, or a Customer.

^[1] Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (General Data Protection Regulation)

^[2] Law No. 78-17 of 6 January 1978 relating to information technology, files and freedoms

‍