This policy explains how Château des Bourdons collects, uses and protects your personal data when you use this website and when managing enquiries and reservations.
1. Data Controller
The data controller is Château des Bourdons, Varennes-Vauzelles. For any questions regarding your personal data, please contact us using the details provided on the Contact page.
2. Data Collected
Depending on how you use the site, we may collect:
- Identity and contact details (name, email address, phone number)
- Information related to your enquiry or reservation (dates, number of guests, preferences, messages)
- Technical data (IP address, browser type, pages visited) for security and operational purposes
- Cookies (see “Cookies” section below)
3. Purposes and Legal Basis
Your data is processed in order to:
- Respond to enquiries (legal basis: legitimate interest)
- Manage reservations and deliver the stay (legal basis: performance of a contract)
- Handle billing and accounting obligations (legal basis: legal obligation)
- Ensure website security and prevent fraud (legal basis: legitimate interest)
- Send information related to your stay (legal basis: contract / legitimate interest)
- Send marketing communications only with your consent (legal basis: consent)
4. Data Retention
Personal data is retained only for as long as necessary to fulfil the purposes described above, and in accordance with applicable legal requirements. Billing-related data may be retained for the legally required period.
5. Data Recipients
Your data is never sold or rented. It may be shared only with: (i) service providers necessary for website operation or booking/payment management, and (ii) competent authorities when legally required. All providers are bound by confidentiality obligations.
6. Data Security
We implement reasonable technical and organisational measures to protect your personal data against unauthorised access, loss, alteration or disclosure. However, no system can guarantee absolute security, and users are encouraged to exercise caution when transmitting information online.
7. Your Rights
In accordance with the GDPR, you have the right to access, rectify, erase, restrict or object to processing, as well as the right to data portability. Where processing is based on consent, you may withdraw it at any time.
To exercise your rights, please contact us via the details on the Contact page. Proof of identity may be requested if necessary.
8. Cookies
This website may use cookies strictly necessary for its operation and security. Analytics or preference cookies, if used, are placed only with your prior consent. You can manage cookie preferences via your browser settings or the cookie management tool, where applicable.
9. Transfers Outside the EU
In principle, your data is processed within the European Union. If a transfer outside the EU occurs through a service provider, appropriate safeguards (such as standard contractual clauses) will be implemented in accordance with regulations.
10. Complaints
If you believe your rights have not been respected, you may lodge a complaint with the relevant supervisory authority, such as the CNIL in France.
11. Policy Updates
We may update this policy at any time to reflect changes in our practices or legal requirements. The version in force is the one published on this page, with its date of last update.
Last updated:
to be completed
