Privacy policy and data protection

We place great importance on protecting your data and do everything possible to safeguard it. Below, you will find our commitment to the protection of personal data as well as our Personal Data Protection Policy. OUR COMMITMENT TO THE PROTECTION OF PERSONAL DATA

When we need to use external service providers for certain tasks, we select them rigorously and ensure that they are also committed to data protection. We respect your rights as customers, which is why we do everything possible to enable you to exercise them and thus best meet your requests. We respect your privacy and choices, which is why the communications you receive from us can be terminated or their frequency changed at any time

1. Identity of the data controller

Personal data is collected by SARL IRIS GESTION, registered with the Nanterre RCS under number 431621697, with share capital of €7,622 and headquartered at: 28 RUE PAUL VAILLANT COUTURIER 92240 MALAKOFF France. To provide its service, SARL IRIS GESTION collects personal data on individuals and companies. Data collection occurs via our website https://www.hotel-erasmus.com/, mobile applications, by telephone, during events (trade shows, conferences, exhibitions, webinars), and through the use of databases rented from third parties. We are committed to protecting the personal data entrusted to us. We undertake to provide the highest level of protection for your personal data in compliance with the GDPR (‘General Data Protection Regulation’) Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 and the French Data Protection Act, Law No. 2018-493 of 20 June 2018, promulgated on 21 June 2018, which amended the Data Protection Act of 6 January 1978. For any information on the protection of personal data, you can also consult the website of the Commission Nationale de l’Informatique et des Libertés at www.cnil.fr.

      2. Your rights

In accordance with the French Data Protection Act, Law 78-17 of 6 January 1978 as amended, and the General Data Protection Regulation, any natural person using the service has the right to exercise the following rights:A right of access: As a data subject, you can inquire about the nature of the personal data stored or processed concerning you by any entity in the group. Access to your personal data will be provided. A right to rectification: If personal information is inaccurate or incomplete, you can request that it be modified. A right to object: You have the right to object at any time to the processing of your personal data when SARL IRIS GESTION processes your data for reasons of legitimate interest or for marketing purposes. A right to erasure of your data: You can request the deletion of your personal data in cases provided for by law. A right to restriction of processing: You have the right to request restriction of the processing of your personal data when authorized by applicable laws and regulations. A right to data portability: If you meet the conditions defined by laws and regulations relating to personal data protection, you have the right to receive a subset of your personal data and transfer it to another data controller. Right to determine the fate of your personal data: The Company may hold personal data relating to a deceased person. We will respect the directives given by any natural person regarding the storage, erasure, or disclosure of their personal data after their death. In the absence of such directives, the Company will comply with requests from heirs as limitedly set out in the applicable provisions of the French Data Protection Act.

      2.1 How to exercise your rights

To exercise these rights, please send your request to SARL IRIS GESTION, 28 RUE PAUL VAILLANT COUTURIER 92240 MALAKOFF France, or by email to contact@erasmusresidence.fr. If you believe that one of your rights is not respected by the Company, you may lodge a complaint with the CNIL via its website: www.cnil.fr

      3. What information do we collect?

The provision of your personal data is in most cases voluntary. When your information is essential for processing your requests, we indicate this with an asterisk (*).Direct collection:From the website; By mail, whether electronic or paper; By telephone; During your participation in events organized by the company (trade shows, webinars, satisfaction surveys, etc.). Indirect collection:To organize certain events (webinars, email campaigns, etc.), we use marketing and automation tools provided by third-party companies. These tools allow us to obtain certain information as indicated on the dedicated registration forms. Some of your information may also reach us via social networks when you comment on our posts or send us a private message.

     4. Purposes for which we collect personal data

We process your personal data to provide the most suitable response to your needs. In the context of our relationship, we may process your personal data for:Managing the commercial relationship; Managing your contract (invoicing, monitoring, disputes, etc.); Preparing statistics, including commercial ones; Monitoring and statistics on the use of our website; Sending invitations to participate in certain events organized by the hotel (open days, etc.); Sending newsletters; Managing marketing campaigns. In accordance with current regulations on personal data protection, the Company has defined a legal basis for each personal data processing operation it carries out as follows:The performance of pre-contractual measures or a contract; The performance of a legal obligation; When it is in the legitimate interest of the Data Controller; When the User has given consent.

      5 . Data retention period

Depending on whether you are a ‘Prospect’ or ‘Client’, IRIS GESTION has defined different retention periods. We ensure that retention periods are appropriate. Prospect: The starting point for the retention period is the last exchange we had or the last interaction you had with one of our programs. Your data will be retained for 36 months. Client: The starting point is the last purchase. All collected information is retained for the duration of the commercial relationship, then for 36 months after the last exchange with you. You can request the deletion of your information at any time. We may retain certain data beyond the periods announced above to fulfill legal or regulatory obligations.

1. To whom is your data transmitted?

To provide you with the best of our expertise, your personal data may be disclosed to: Our internal departments: marketing, accounting, human resources, communication, sales, customer service, quality service, etc. Our partners & subcontractors: partners of the company who may process personal data on their own behalf or subcontractors who process your personal data solely on behalf of the company and according to its instructions. Other entities in the group carrying out the same or complementary activities. When we use subcontracting, we ensure that contractual relationships are strictly framed in accordance with Article 28 of the GDPR. In the context of our services, we may use subcontractors for the following operations:

Debt collection;

Personalization of website content;

Performing maintenance and technical development operations on the website;

Collecting customer reviews;

Sending newsletters;

Collecting customer reviews;

             7 . Third-party websites and social networks

While browsing our sites, you may be tempted to visit the site of one of our subsidiaries, and we strongly encourage you to do so. We assure you that all our entities apply the same security and data protection rules. We also draw your attention to the social networks we use and with which you may interact to support us and/or share our publications. During your interaction, IRIS GESTION cannot be held responsible in case of issues. Please note that when you use these links, information about you may be collected or shared. We encourage you to review the privacy policies and settings of the social networks you interact with to understand what information may be collected, used, or shared by these sites.

Facebook: https://fr-fr.facebook.com/policies/cookies/

Twitter: https://help.twitter.com/fr/rules-and-policies/twitter-cookies

LinkedIn: https://www.linkedin.com/legal/cookie-policy?_l=fr_FR

     8 . Transfers outside the EU

The Company strives to keep your personal data within the European Union. However, marginally and for certain specific services, personal data collected by the Company may be transmitted to subcontractors established outside the European Union. In such cases, the Company will ensure that adequate measures are in place to guarantee the security of your personal data and respect for your rights in accordance with the French Data Protection Act and the General Data Protection Regulation.

       9 . Security measures we implement to protect your data

As Data Controller, IRIS GESTION takes all useful precautions to preserve the security and confidentiality of your data. This includes physical security of buildings housing our systems and IT system security to prevent external access to your data. Access to your data is limited to those persons who need to know it.

10 . Cookies & other trackers policy

10.1 What is a cookie ?

Cookies are small data files placed on your computer or mobile device by your browser when you visit a website. Typically, a cookie contains the name of the website that uses it and a text string or “unique identifier” that allows websites to recognize the cookie on each subsequent visit throughout its lifetime. Cookies can collect and store a wide range of information, such as browser type or operating system, language or other browser settings, or your interactions with the website. Usually, cookies are not used to collect data that identifies an individual. However, information collected with cookies may be linked to a natural person if combined with identifiable personal data such as a person’s email address. The placement of cookies is notified to you upon connection via a banner at the bottom of our site. Your consent for certain cookies is essential. You can accept or refuse cookies on your computer or mobile device. If you choose not to use cookies, you may be deprived of certain features on the site. In general, we use two different types of cookies on this site: Session cookies store information about your activities during your visit and are deleted when you close your browser. Persistent cookies are stored in one of your browser’s subfolders for one or more sessions. They expire after a certain period (defined in the file) or can be deleted manually. Web beacons, embedded scripts, and similar technologies: We and our third-party partners may also use similar technologies on this site, such as web beacons (also called pixel tags or GIFs) or scripts. Web beacons are small graphic images that can be embedded in websites or HTML emails, generally invisible to the user. They track user interaction with the site or our newsletters. For example, they help us understand if you have read our newsletter or clicked on links, so we can offer you tailored deals. An embedded script or pixel is code designed to collect information about your interactions with this site, such as clicked links. The code is temporarily downloaded to your device from our web server or a third-party provider. It is active only when connected to the site and is deactivated or deleted afterward. Although you cannot specifically reject or disable these technologies, they work in conjunction with certain cookies. Disabling cookies will prevent the aforementioned technologies from functioning. In accordance with Directive 2002/58/EC of 12 July 2002, we collect your prior consent for advertising cookies, audience measurement, and social network sharing.

        10.2. What types of cookies do we use and for what purpose ?

Strictly necessary cookies These cookies are necessary for the operations of the services provided on our websites. They provide basic functionalities, such as remembering information entered in a form. If you prevent these cookies, you will no longer be able to use these features, and the website may not function effectively.Performance cookies These cookies collect anonymous data for statistical purposes. They measure site audience and analyze how visitors navigate (number of visitors, visits per page, time spent, click locations, ad effectiveness, etc.). They also detect navigation issues. These cookies help improve our site and your navigation.

Personalization or functionality cookies

These cookies remember your choices, settings, and content preferences (language, personalization, etc.) to offer a personalized experience by adapting site content. If refused, certain features may not be available, and some pages may not function correctly.Specificity of sharing cookies These are linked to social network sharing buttons (Facebook, Twitter, LinkedIn, etc.). Clicking a sharing button deposits one or more cookies on your device by the social network. We have no access or control over these third-party cookies, which may be analytical, performance, or targeting. Consult their websites for more information:

Facebook : https://fr-fr.facebook.com/policies/cookies/
Twitter : https://help.twitter.com/fr/rules-and-policies/twitter-cookies
LinkedIn : https://www.linkedin.com/legal/cookie-policy?_l=fr_FR
YouTube : https://www.youtube.com/static?template=terms&gl=FR .

        10 .3 Setting and blocking cookies via our cookie manager

The list of cookies we use is available via our management tool. You can disable them at any time.Specifically for Matomo tracking (exempt from consent due to a privacy-respecting measurement protocol):You can opt out of tracking on this website. This will protect your privacy but prevent the owner from learning from your actions and improving the experience for you and others.You are not opted out. Uncheck this box to opt out

       10.3.1.Setting and blocking cookies via browser settings

You can control cookies through your browser settings. Most browsers accept cookies by default, but you can choose to accept all, reject systematically, or select by issuer. You can also set your browser to accept/refuse cookies case-by-case or delete them regularly. Third-party sites’ use of cookies is subject to their own policies. The CNIL offers a free cookie management tool at https://www.cnil.fr/vos-droits/vos-traces/les-cookies/. Browser configurations differ; check your browser’s help menu. Examples:

Pour Internet Explorer™ : https://windows.microsoft.com/fr-FR/windows-vista/Block-or-allow-cookies
Pour Safari™ : https://support.apple.com/fr-fr/guide/safari/sfri11471/mac
Pour Chrome™: https://support.google.com/chrome/bin/answer.py?hl=fr&hlrm=en&answer=95647
Pour Firefox™ : https://support.mozilla.org/fr/kb/Activer%20et%20d%C3%A9sactiver%20les%20cookies

10.3.2 Operating system settings on your smartphone

You can control cookie deposits on your smartphone via OS rules. iOS: https://support.apple.com/fr-fr/HT201265 Android: https://support.google.com/chrome/topic/3434352 You can also opt out at http://www.youronlinechoices.com/fr/controler-ses-cookies/

11.Policy modifications

The Company may modify the Policy at any time. We will inform you by any means of changes. The Company invites Users to regularly review the Policy to stay fully informed. Date of publication: 15 November 2022