Privacy Policy for Plasse Resort
Plasse Resort (“we,” “us,” or “our”) is committed to protecting your privacy and ensuring that your personal data is handled in a safe and responsible manner. This Privacy Policy outlines the types of personal data we collect, how it is used and shared, and your rights with respect to that data, in strict adherence to the General Data Protection Regulation (GDPR), the California Consumer Privacy Act (CCPA), and other applicable data protection laws.
By using our website, plasseresort.com (the “Website”), or interacting with us through other means, you acknowledge that you have read and understood this Privacy Policy.
1. Commitment to Privacy and Data Protection
We recognize the importance of privacy and are dedicated to maintaining the confidentiality, integrity, and security of the personal data we collect from guests, visitors, and Website users. All data is processed in compliance with applicable privacy laws, using secure methods, and only for specific, lawful purposes.
2. Scope of Policy and Data Controller Role
This Privacy Policy applies to personal data collected through plasseresort.com, by telephone, email communications, messaging services, and during stays at our physical resort premises. Plasse Resort, operating in the capacity of Data Controller, determines the purposes and means of processing your personal data.
3. Categories of Data Processed
We may collect and process the following categories of information:
a. Usage Data
Includes information about how you use our Website, such as your browser type, IP address, pages visited, access times, referring URL, and session duration.
b. Account Data
Comprises information supplied upon registration or booking, including your full name, postal address, email address, and phone number.
c. Profile Data
Encompasses preferences, stay history, room selections, loyalty program participation, feedback, and survey responses used to personalize your experience.
d. Communication Data
Covers information exchanged in your interactions with us, including support requests, inquiry details, and contact history.
e. Technical Data
Pertains to device characteristics, operating system, screen resolution, language settings, and system configurations you use to access our Website.
f. Transaction Data
Includes booking details, payment method, billing information, transaction history, and delivery of services.
g. Preference Data
Comprises marketing and communication preferences, as well as interests regarding accommodation or special offers.
4. Legal Bases for Processing
Plasse Resort only processes your personal data when lawfully permitted. Legal bases include:
– Contractual necessity: where processing is essential to provide services you have requested.
– Legitimate interest: where use is necessary for business purposes and does not infringe upon your rights or freedoms.
– Consent: where you have explicitly provided authorization for specific uses.
– Legal obligation: where the law requires processing for compliance purposes.
5. Your Rights
Consistent with GDPR and CCPA, you retain the following rights regarding your personal data:
– Right of Access: Request a copy of your personal data we hold.
– Right of Rectification: Request corrections to inaccurate or incomplete data.
– Right to Erasure: Request that we delete your data, subject to certain conditions.
– Right to Restriction: Request that we limit the processing of your data.
– Right to Data Portability: Receive your data in a structured, machine-readable format for transmission to another controller.
– Right to Object: Object to certain processing, including for direct marketing.
– Right Not to Be Subject to Automated Decision-Making: Where applicable.
To exercise these rights, send a request to [email protected]. Verification measures may apply to ensure security.
6. Security Measures
We employ robust technical and organizational safeguards to secure your data:
– Secure Sockets Layer (SSL) encryption protocols across transactions and communications.
– Access restricted on a need-to-know basis using secure authentication methods.
– Regular data backups and secure storage solutions.
– Mandatory staff training on privacy and data security protocols.
While we are diligent, no system can guarantee absolute security. We encourage you to take appropriate steps to protect your own information.
7. International Transfers
Data we collect may be processed in jurisdictions outside your country of residence. Where international transfers occur, we ensure appropriate safeguards in accordance with GDPR, such as Standard Contractual Clauses or regional adequacy determinations, to maintain equivalent protection.
8. Data Retention
We retain your personal data only as long as necessary to fulfill the purposes we collected it for, including satisfying legal, contractual, accounting, or reporting obligations:
– Usage and Technical Data: up to 180 days
– Account Data and Profile Data: retained for 6 years post last user activity
– Communication Data: for 3 years post-resolution
– Transaction Data: retained for 7 years in accordance with financial record-keeping obligations
– Preference Data: retained for 2 years, or until consent is withdrawn
After retention periods lapse, data is securely deleted or anonymized.
9. Cookie Policy
Our Website uses cookies to:
– Essential Cookies: enable core functionality such as security, authentication, and accessibility.
– Functional Cookies: remember user choices and enhance features.
– Analytics Cookies: measure user behavior and Website performance using aggregated statistics.
– Performance Cookies: monitor loading times, responsiveness, and technical efficiency.
10. Cookie Management and Compliance
Upon your first visit to plasseresort.com, you are presented with a cookie consent banner, allowing you to accept, reject, or customize your cookie preferences. You may also change your consent settings at any time through the Cookie Preferences Center or your browser settings.
In accordance with GDPR, we do not set non-essential cookies without prior consent. For California residents, the CCPA grants the right to opt-out of the sale or sharing of personal data. Though we do not sell data, you may manage your preferences using the “Do Not Sell My Personal Information” link.
11. Children’s Privacy
Our Website is not directed to individuals under the age of 13. We do not knowingly collect personal data from children. If we learn that a child has provided us with information, we will promptly delete it. Parents or guardians concerned about their child’s data can contact us at [email protected].
12. Policy Updates
This Privacy Policy may be updated to reflect changes in legal requirements or our service offerings. Revisions will be posted to plasseresort.com, and material changes may be communicated via email or on-site notification. Continued use of our services implies acceptance of the updated terms.
13. Contact
If you have any questions, concerns, or requests regarding this Privacy Policy or the handling of your personal data, please contact:
Plasse Resort
Email: [email protected]
Website: https://plasseresort.com
We are fully committed to upholding your privacy rights and maintaining compliance with relevant data protection legislation. Please do not hesitate to reach out with any concerns.