Posted on 15/09/2023
CARDIGEST may collect the personal data of any person visiting the Website who submits a question to CARDIGEST via the Contact section of the Website or who makes a booking online or who signs up to the Website newsletter. The collection and processing of personal data submitted by users to CARDIGEST are subject to the provisions of the General Data Protection Regulation (GDPR: 2016/679).
The Website makes a form available to users enabling them to exercise their rights to privacy protection. Click on the following link to access this form:
1 – Collection of personal data
CARDIGEST can collect and process personal data (see personal data types below), when filling out a contact form, or other forms, on our https://www.domainedecice.com/ Website.
• Last name
• First name
• E-mail address
• Landline/mobile number
• Curriculum Vitae
• Information about your use of the Website such as the browser type, software, hardware, location data and the web page you visited when you access the website.
In addition, CARDIGEST automatically collects anonymous information about the use you make of our Site and its services. For example, CARDIGEST will automatically record which parts of the Website you visit, which web browser you are using and which website you visited when you received access to the website. We cannot identify you based on these data, but they allow CARDIGEST to compile statistics about the use of the website, website traffic and enables more targeted communication with users. The personal data we collect is gathered using the means described below in section « 2 – How we collect your personal data ».
2 – How we collect your personal data
Your personal data is collected by the following means:
• A collaboration with CARDIGEST
• Website visit to https://www.domainedecice.com/
• When a user creates a customer account
• The contact form(s)
• The request forms
• The use you make of CARDIGEST
• Identity checks
• Registration for communications and newsletter (on the Website)
• Correspondence exchanged with and from CARDIGEST
• The exchange of business cards
• Reception and exchanges with the staff of the establishment
• Opinion polls
The personal data collected by CARDIGEST are therefore specifically and voluntarily provided by you.
3 – Use of personal data
https://www.domainedecice.com/ may process all or part of the data collected in order to:
• Allow Website navigation, management and traceability of services and services ordered by users.
• Optimize the user experience, quality, management, navigation and content of the CARDIGEST Website.
• Set up a customer account and confirm this.
• Track customer/prospect relationships when booking.
• Provide CARDIGEST goods and services.
• Improve customer service and your support needs.
• Contact you by email and/or by telephone.
• Conduct satisfaction surveys, studies, and optional surveys on the Website.
• Send targeted marketing campaigns and advertisements from CARDIGEST, updates and promotional offers based on your preferences and your communication consent.
• Provide personalised ad content.
• Send you quotes, receipts and invoices.
• Collect statistical elements.
• Develop an offer.
• Administer a contest.
• Perform a contract entered into with CARDIGEST.
• Prevent and fight against computer fraud (spamming, hacking,…).
4 – Confidentiality of personal data
CARDIGEST is the only owner of the information collected on the Website. Your personal data will not be sold, exchanged, transferred, or given to third parties for any reason, without your consent, apart from that required to respond to a request and / or transaction in the framework of our customer relationship management, the provisions of CARDIGEST services and the optimisation of such services.
5 – The data protection officer
The data protection officer in charge of collecting and processing users personal data upon setting up their account and when they browse on the Website is Gwénaëlle Lévêque.
As a data controller responsible for the processing of the personal data it collects, https://www.domainedecice.com/ undertakes to respect the framework of the current legal requirements. It is incumbent on it to establish the purposes of the data processing, to provide prospects and customers, from the time they provide their consent, with full information on the processing of their personal data and to maintain a record of processing that is consistent with the reality.
Whenever the Website processes personal data, CARDIGEST takes all reasonable measures to ensure the personal data is accurate and relevant with regard to the purposes for which the Site processes such data.
6 – Disclosure of personal data to third parties
https://www.domainedecice.com/ shall refrain from processing, hosting or transferring the data collected about its customers to a country located outside the European Union or recognised as unsuitable by the European Commission without first informing the customer. However, the Site remains free to choose its technical and commercial data processors on condition it presents sufficient guarantees with regard to the requirements of the General Data Protection Regulation (GDPR: 2016/679).
Notwithstanding the foregoing, however, it is possible that CARDIGEST may disclose your personal data:
• To the competent authorities when CARDIGEST is bound to do so by law or in the context of legal proceedings or future legal proceedings and to protect and defend our rights.
• When CARDIGEST or most of its assets are taken over by a third party, in which case your personal data, which CARDIGEST has collected, will be among the transferred assets.
The Website undertakes to take all necessary precautions to secure your data and in particular to ensure they are not communicated to unauthorised persons. However, if an incident affecting the integrity or confidentiality of the customer’s data is brought to the attention of https://www.domainedecice.com/, it will promptly inform the customer and indicate the corrective measures taken. In addition, the Website does not collect any « sensitive data ».
• The service provider in charge of the booking and payment system(s) in order to manage and validate your request.
• The service provider who develops and maintains the Website, Diadao Productive, a digital agency.
Within the limits of their respective attributions and for the purposes mentioned above, the principal persons likely to have access to data of https://www.domainedecice.com/ users are mainly the agents in our customer service.
In all other cases CARDIGEST will not sell, rent or transmit your personal data to third parties, except when it has obtained your authorisation to do so and has entered into a contract with the third party concerned, data processing, which contains the necessary guarantees regarding the confidentiality and compliance of your personal data with the protection of your private and professional life. If you do not wish your personal data to be shared with third parties, you may object to it when this data is collected or at any time thereafter, as mentioned in section « 8 – Rights relating to the protection of your privacy ».
7 – Storage of personal data
8 – Rights relating to the protection of your privacy
In accordance with the provisions of the General Data Protection Regulation (GDPR: 2016/679), users of the Website may exercise their rights relating to the protection of privacy, as stipulated below:
• Right to access (Article 15 GDPR) and rectify (Article 16 GDPR), update, complete user data, right to lock or delete users personal data (Article 17 GDPR) when such data are inaccurate, incomplete, equivocal, out of date, or whose collection, use, communication or retention is prohibited.
• Right to withdraw consent at any time (Article 13-2c GDPR).
• Right to restrict the processing of user data (Article 18 GDPR).
• Right to object to the processing of user data (Article 21 GDPR).
• Right to the portability of the data that the users have provided, when this data is the subject of automated processing based on their consent or on a contract (Article 20 GDPR).
• Right to define the fate of the user’s data after their death and to choose to whom https://www.domainedecice.com/ will have to communicate (or not) its data to the third party it will have first designated.
As soon as the Website becomes aware of the death of a user and in the absence of instructions from the said user, CARDIGEST undertakes to destroy this person’s data, unless these data must be retained for probative purposes or to comply with a legal obligation.
If a user wishes to exercise their rights on the Website, they can send us a notice telling us which rights they wish to exercise with respect to their personal data. This is free of charge and is performed by contacting Gwénaëlle Lévêque, as Director General, by e-mail at email@example.com, or by post CARDIGEST, Avenue de la Chaise, 35170 Bruz, France, specifying in the subject of the email or letter « Rights relating to the protection of your privacy » or by completing the application form located at the following address: https://www.domainedecice.com/en/gdpr-form.
In this case, the user must indicate the personal data he/she would like to correct, update or delete on https://www.domainedecice.com/. The user must provide proof of their identity by providing a copy of their identity papers (identity card or passport). Requests to delete personal data will be subject to the obligations imposed on CARDIGEST by law, particularly as regards the preservation or archiving of documents.
In addition, you can always update, modify and/or check, through your account, the personal data you had to submit when you set up your account. If you no longer wish to receive newsletters about our services or advertisements, you can unsubscribe at any time by clicking on the « unsubscribe » button provided in the lower part of any email from CARDIGEST.
9 – Protection of personal data
CARDIGEST undertakes to take reasonable, physical, technological and organisational precautions to prevent unauthorised access to your personal data, as well as the loss, misuse or alteration of your personal data. We use state-of-the-art encryption to protect sensitive information transmitted online. We also protect your offline information. Only employees who need to perform specific work (for example, billing or customer service) have access to personally identifiable information.
The data collected and stored via the Website is hosted by an external company, GROUPE QUATUHORE, which provides Software editor for hotels
QuatuHoRe is a company that provides the softwares called Vega et Soft’Inn for hotels and restaurants.
Despite our best efforts, no method of transmission over the Internet and no method of electronic storage is completely secure. We cannot, therefore, guarantee absolute security.
If we become aware of a security breach, we will notify the affected users so that they can take appropriate action. Our incident reporting procedures take into account our legal obligations, whether at the national or European level. We are committed to fully informing our customers on all matters relating to the security of their account and providing them with all the information they need to help them meet their own regulatory reporting requirements.
No personal data belonging to users of the Website are published without the knowledge of the user, nor are they exchanged, transferred, assigned or sold on any media whatsoever to third parties.
11 – Hyperlinks to other websites
12 – Consent
13 – Claims
If you have any complaints about the manner in which CARDIGEST collects, uses and/or processes your personal data, you can contact us, in the first place, to resolve the issue(s). If this is not sufficient, Website users may file a complaint with the supervisory authorities at the following link: https://edps.europa.eu
14 – Contact CARDIGEST