Privacy policy of Serre Chevalier & Briançon Tourist Office
ARTICLE 1: FOREWORD
The RGPD and you..
The protection of personal data is one of our major concerns. The privacy policy is part of a legal context marked by the European Data Protection Regulation (EU Regulation 2016/679 of April 27, 2016), applicable since May 25, 2018 and the Loi Informatique et Libertés n°78-17 of January 6, 1978 as amended relating to information technology, files and freedoms.
Accordingly, this data protection policy applies to all processing carried out by the Office de Tourisme de Serre Chevalier & Briançon, and aims to introduce you to:
... The person responsible for processing personal data ;
... How your data is collected and processed;
... Your rights concerning the use of your personal data;
... The recipients to whom your data is transmitted ;
... The site's cookie management policy.
ARTICLE 2: GLOSSARY
I promise, you'll understand!
Personal Data is any information relating to an identified or identifiable person, i.e. enabling that person to be identified directly (e.g. first and last name) or indirectly (e.g. cookies).
Processing of personal data is any operation or set of operations (whether automated or not) applied to personal data or sets of data, such as the collection, recording, organization, storage and transmission of data (...)
The Data Controller determines the purposes and means of processing.
The Processor processes personal data on behalf of the Controller and under his instructions.
ARTICLE 3: GENERAL PRINCIPLES
We have legal obligations!
In accordance with the provisions of Article 5 of the General Data Protection Regulation (GDPR), the collection and processing of your personal data complies with the following principles:
... Lawfulness, fairness and transparency: the collection and processing of personal data may only be based on a legal basis defined in advance (performance of a contract, legal obligation, consent, legitimate interest, preservation of vital interests)
... Limited purposes: personal data is collected and processed for one or more defined purposes
... Minimization of data collection and processing: only data that is strictly necessary for the proper execution of the objectives pursued is collected
... Data retention limited in time: the data controller is obliged to define retention periods for processed personal data
... Integrity and confidentiality of data collected and processed: the data controller undertakes to guarantee the integrity and confidentiality of the data collected
... Accuracy of data : the data controller undertakes to take all reasonable steps to keep the data it processes up to date, so as to update inaccurate data and delete obsolete data
ARTICLE 4: DATA CONTROLLER
We are responsible for the data entrusted to us!
As the data controller, the Serre Chevalier & Briançon Tourist Office undertakes to comply with the obligations arising from the Regulation and the amended Loi Informatique et Libertés, concerning the collection and processing of personal data. In accordance with Article 32 of the RGPD, we implement all technical and organizational measures to ensure the protection of your personal data.
ARTICLE 5: PERSONAL DATA COLLECTED AND PROCESSED: WHAT DATA?
What do we know about you?
In accordance with the principle of minimization, we only collect the data necessary to carry out our missions. Thus, as part of the management of our website, Serre Chevalier & Briançon Tourist Office is likely to collect and process the following information:
We do not collect any sensitive data such as religion, trade union membership, racial or ethnic origin, criminal convictions or health-related data.
ARTICLE 6: PERSONAL DATA COLLECTED AND PROCESSED: WHY?
We'd like to explain!
In all of these situations, the Serre Chevalier & Briançon Tourist Office acts as the " Data Controller " within the meaning of the RGPD and undertakes to process only data that is strictly necessary for the purposes of the processing operations mentioned below.
- Reception management;
- Improving the quality of service;
- Management of reservations and customer accounts;
- Financial management;
- Management of commercial relations;
- Communications management ;
- Commercial prospecting;
- Press management;
- Promotion of the region;
- Management of physical security of premises (video surveillance);
- Management of compliance, and in particular with the RGPD.
Your data is processed solely for the purpose of carrying out the aforementioned processing operations, on the basis of the legal grounds provided for by the RGPD, in particular legal obligation, performance of a contract, consent or legitimate interest, depending on the processing operations concerned.
Your data will not be kept beyond the period necessary to achieve the purposes for which they are collected. It may then be archived in compliance with the applicable rules, particularly in terms of legal prescription.
A table detailing retention periods by category of processing is currently being drawn up and will be included in this section as soon as it is finalized.
The Serre Chevalier & Briançon Tourist Office also processes data via its website. The processing operations carried out via the website are detailed below.
DATA COLLECTED | REASONS FOR COLLECTION | LEGAL BASIS | RETENTION PERIODS |
WEBSITE CONSULTATION | |||
Identity Personal life Professional life Connection data Business information Internet | We use this data to : - Contact you when you fill in the contact form - Carry out audience analysis or statistics (if agreed) | Consent | Your browsing data will be kept for a maximum of 13 months
Data collected via the form is kept for 3 years from the date of collection or last contact with the prospect
|
- To monitor and improve our website - To secure our website and protect you and us against fraud. | Legitimate interest
| ||
NEWSLETTER REGISTRATION | |||
Identity Personal life Professional life
|
We use this data to : - Send you news and events | Consent | Prospect data is kept : - until consent is withdrawn or the right to object is exercised (via the unsubscribe link in newsletters) - up to 3 years from last contact or collection
Customer data is kept : - until consent is withdrawn or the right to object is exercised (via the unsubscribe link in newsletters) - up to 3 years from the end of the commercial relationship |
ARTICLE 7: PERSONAL DATA: WHO HAS ACCESS TO YOUR PERSONAL DATA?
We don't give it to just anyone!
The Office de Tourisme de Serre Chevalier & Briançon undertakes not to pass on your personal data to anyone other than those persons authorized internally within the strict limits of their duties, or to the legally competent administrative or judicial authorities when required or authorized by law (for example, in tax, social, security or legal matters).
Within the scope of its missions, the Serre Chevalier & Briançon Tourist Office may also transmit certain data to external recipients, in particular:
- Institutional partners and funders ;
- Public authorities ;
- Technical organizations;
- IT service providers acting as subcontractors (e.g. Google and Microsoft for messaging services, hosting or collaborative tools).
The use of these service providers is necessary for the proper provision of our services. We undertake to verify and guarantee their compliance with the RGPD and the amended Loi Informatique et Libertés.
Subcontractors act solely on the instructions of Office de Tourisme de Serre Chevalier & Briançon, may not use the data for their own purposes and are contractually bound by strict confidentiality and security obligations.
With the exception of the above-mentioned recipients, Serre Chevalier & Briançon Tourist Office undertakes not to pass on your personal data to third parties or external organizations without your express consent.
Serre Chevalier & Briançon Tourist Office does not and will not sell, transfer or communicate your personal data to unauthorized third parties.
Serre Chevalier & Briançon Tourist Office does not make any automated decisions based on your personal data. No profiling is carried out during processing, and the data we collect will never be used without human intervention.
ARTICLE 8: YOUR RIGHTS
You hold all the cards!
8.1 Your rights
In accordance with applicable regulations, you have the following rights regarding your personal data:
8.2 The DPO
The Serre Chevalier & Briançon Tourist Office has appointed a Data Protection Officer (DPO). Therefore, to exercise your rights, you may contact our Data Protection Officer (DPO) at the following address: dpo@serrechevalier.fr
Serre Chevalier & Briançon Tourist Office - P.O. Box 20 - 05240 La Salle les Alpes, France
8.3 Filing a Complaint with the CNIL
You may at any time file a complaint with the competent authority, namely the French Data Protection Authority (CNIL), by following this link: https://www.cnil.fr/fr/plaintes
8.4 How to opt out of marketing communications
You have the option to opt out of receiving further solicitations as follows:
… For email solicitations: Please click on the unsubscribe link provided for this purpose.
… For SMS solicitations: Please send “STOP” via SMS to the number provided in the message.
… For commercial solicitations by phone: Please register on the do-not-call list available at www.bloctel.gouv.fr
ARTICLE 9: SECURITY MEASURES
You entrust us with your data, we take care of it!
The Office de Tourisme de Serre Chevalier & Briançon is concerned about the security of personal data, which it undertakes to process securely and only for as long as is necessary to achieve the intended purpose.
The Serre Chevalier & Briançon Tourist Office has put in place technical and organizational measures to ensure a level of data protection appropriate to the nature and purpose of the processing.
However, the security obligation remains an obligation of means, i.e. we do our utmost to guarantee the confidentiality and integrity of your personal data.
All persons who have access to your personal data have been made aware of good data protection practices. They are bound by an obligation of confidentiality, and may be subject to disciplinary action in the event of non-compliance.
ARTICLE 10: DATA TRANSFERS OUTSIDE THE EUROPEAN UNION
A well-organized trip!
Should your personal data be transferred outside the European Union, we ensure that these countries guarantee a sufficient and appropriate level of data protection.
We undertake to inform you in advance of the possibility of transferring data outside the European Union, and to inform you of the guarantees put in place to ensure a sufficient and appropriate level of protection.
ARTICLE 11: COOKIES
You can choose to eat cookies or go on a diet
As with most websites, our website uses cookies, which can be divided into five categories:
If you wish to limit your traces, we recommend that you refuse them by default via the cookie management banner that we have set up on our website.
You will also find in our cookies policy the procedure to follow to accept, personalize or refuse cookies by expressing your choice using the banner that appears at the bottom of your screen.
ARTICLE 12: UPDATING THE DATA PROTECTION POLICY
You're on the right track - it's almost time to finish reading!
The present data protection policy may be updated from time to time.
It was last updated by Optimex Data on 23/04/2026.