Article 1 - Scope of this personal data protection policy
Article 1.1 - Types of data collected
The personal data collected on the www.valleesdegavarnie.com website are as follows:
- Personal information given by users in the contact or reservation forms allowing an exchange of information and the sending of elements by electronic or postal means. This information concerns data on the identity and identification of the person (eg surname, first name, address, postal code, email address, etc.).
- The technical characteristics of the means of connection to the website (browser, IP address, etc.),
- Information relating to the use and path of the user on the site (number of orders or reservations made, time spent on the site or per page, types of articles consulted, etc.).
Article 1.2 - Scenarios leading to the collection of data
Data collection takes place when the user performs one of the following operations: browsing the pages of the website, registering for the newsletter, entering a contact form or using the travel diary.
The data controller will keep all the data collected in its computer systems on the site and under reasonable security conditions for a period of: between 1 day and 5 years.
Article 1.3 - Purpose of data collection
The collection and processing of data meet the following purposes in particular:
Sending brochures and other documents requested by the customer by post or electronically,
The sending of marketing information or commercial offers or the sending of newsletters, if you have consented to this by ticking the corresponding box,
ordering products or services,
The exchange of tourist information,
The management of the customer relationship and commercial relations: opportunities, commercial, commercial offers, purchases, contracts, orders, invoices, ...
Statistical analyzes related to the audience and the frequentation of the site,
Optimal navigation on our site by adapting the content to the user's terminal to improve navigation,
Identify the needs and areas of interest of users and provide them with the most suitable products and/or services,
Facilitate exchanges between the user and the customer relations managers or with the partner service providers of the Agence Touristique des Vallées de Gavarnie.
The data collected and processed by the site are exclusively hosted and processed in France.
Article 2 - Data controller
Article 2.1 - Data controller
The data controller can be contacted by email.
He is responsible for determining the purposes and means used for the processing of personal data.
Article 2.2 - Obligations of the data controller
The data controller undertakes to protect the collected personal data, not to transmit it to third parties without the user having been informed and to respect the purposes for which the data was collected.
In addition, the data controller undertakes to notify the user in the event of rectification or deletion of the data. In the event that the integrity, confidentiality or security of the user's personal data is compromised, the manager undertakes to inform the user by any means.
Article 3 - Data collected
Article 3.1 - Personal Data
Personal data may include:
Last name ;
Email address ;
Postal code ;
Date of Birth ;
Note concerning visitors and users of the site
Certain functionalities and characteristics of the site can only be used if you provide the Agence Touristique des Vallées de Gavarnie with certain personal data when you visit or use the site. You are free to provide or not, all or part of your personal data. However, by choosing not to provide them, such a decision could be detrimental to the optimal achievement of the objectives and certain services linked to the site may not function correctly.
Article 3.2 - Cookies & tracers
Cookies and other trackers
When consulting our site, information relating to the navigation of your terminal (computer, tablet, smartphone, etc.) on our site may be saved in "Cookies" files installed on your terminal.
What is a cookie?
The cookie is the equivalent of a small text file stored on the Internet user's terminal. Existing for more than 20 years, they allow website developers to store user data in order to facilitate their navigation and allow certain functionalities.
What do we use them for?
Cookies allow us to establish statistics of visits to our site (examples: number of visits, pages viewed, sections consulted), to understand the activity of visitors and to improve the functionalities of the site as well as its ergonomics in order to to make your navigation more pleasant.
These cookies are installed by Google Analytics and are used to collect non-personal information on the use made by visitors to our Site. This information is used to generate reports explaining the use made of our Site to enable us to improve it. These cookies collect information in an anonymous form, including the number of visitors to our Site and the pages visited. Google has developed the “Opt-out Browser Add-on” which makes it possible to stop the flow of information transferred to Google Analytics even if cookies are activated on your browser. For more information, you can visit https://tools.google.com/dlpage/gaoptout
How to deactivate them?
You can oppose the recording of Cookies globally or on a case-by-case basis by configuring your internet browser or by disabling them directly with third-party issuers.
For more information, contact us by email.
Article 3.3 - Data retention
Civil status data (name, first name, postal address, etc.): 3 years max. ;
Connection data: 3 years max. ;
Location data = 48h;
We only keep the data for a period necessary and proportionate to the purpose for which they were collected, namely for a maximum period of 3 years from the last exchange you had with us and carried out on your initiative.
Beyond the aforementioned periods, your data will be purely deleted or anonymised.
Article 4 – User rights
In accordance with the regulations concerning the processing of personal data, the user has the rights listed below. In order for the data controller to comply with the request, the user is required to communicate to him: first and last name as well as an e-mail address. The data controller is required to respond to the user within a maximum of 30 (thirty) days.
Article 4.1 - Right of access, rectification and right to erasure
The user can read, update, modify or request the deletion of the data concerning him, by respecting the procedure set out below. The user must send an email to the personal data controller.
Article 4.2 - Right to data portability
The user has the right to request the portability of his personal data, held by the site, to another site, by complying with the procedure below: the user must request the portability of his personal data from the responsible for data processing, specifying the subject of his request and using the e-mail address.
Article 4.3 - Right to restriction and opposition of data processing
The user has the right to request the limitation or to oppose the processing of his data by the site, without the site being able to refuse, except to demonstrate the existence of legitimate and compelling reasons, which may prevail over the interests and the rights and freedoms of the user. In order to request the limitation of the processing of his data or to oppose the processing of his data, the user must follow the following procedure: the user must make a request for limitation of the processing of his personal data to the data controller data, specifying the subject of his request and using the e-mail address.
Article 4.4 - Right not to be the subject of a decision based exclusively on an automated process
In accordance with the provisions of the 2016 / 679 regulation, the user has the right not to be the subject of a decision based exclusively on an automated process if the decision has legal effects concerning him or affects him significantly similar way.
Article 4.5 - Right to determine the fate of data after death
The user is reminded that he can organize what should be the future of his data collected and processed if he dies, in accordance with Law No. 2016-1321 of October 7, 2016.
Article 4.6 - Right to refer to the competent supervisory authority
In the event that the data controller decides not to respond to the user's request, and the user wishes to contest this decision, or, if he thinks that one of the rights listed above, he is entitled to appeal to the CNIL (Commission Nationale de l'Informatique et des Libertés, https://www.cnil.fr) or any competent judge.