Evian Resort knows that you care how your personal data is used and we recognize the importance of protecting your privacy.
This Privacy Statement explains how Evian Resort collects and manages your personal data. It contains information on what data we collect, how we use it, why we need it and how it can benefit you.
Contact us firstname.lastname@example.org if you have any queries and comments, or if you want to make a request regarding any of your data subject rights.
For the requirements of this Policy, the following terms are defined as follows:
• “Service(s)”: all the services and products available online or via the customer service or Mobile Applications, etc., whether they are charged for or not;
• “Mobile application(s)”: refers to any software, application, widget or plug-in downloaded on a mobile device (smartphone, tablet, laptop computer as well as any device with an operating system enabling the download, installation, use and updating of the aforementioned applications). If the Mobile Application includes notification or localisation functions, please refer to articles 3.6 and 3.7 below.
• “Us” and “Our”: refers to any company owned or operated, directly or indirectly, by any company in which Evian Resort is a shareholder and can collect or process your personal data and cookies, as well as their respective service providers located in France or abroad.
• “You” and “Your”: refers to any Service user who accesses one of the fee-paying or free Services.
This policy was updated on 23 February 2018.
Basic principles and our privacy commitment
At Evian Resort we are committed to protecting your right to privacy. We aim to protect any personal data we hold, to manage your personal data in a responsible way and to be transparent in our practices. Your trust is important to us. We have therefore committed ourselves to the following basic principles:
• You have no obligation to provide any personal data requested by us. However, if you choose not to, we may not be able to provide you with some services or products;
• We only collect and process your data for the purposes set out in this Privacy Statement or for specific purposes that we share with you and/or that you have consented to;
• We aim to collect, process and use as little personal data as possible;
• When we do collect your personal data, we aim to keep it as accurate and up to date as possible.
• If the personal data we collect is no longer needed for any purposes and we are not required by law to retain it, we will do what we can to delete, destroy or permanently de-identify it.
• Your personal data will not be shared, sold, rented or disclosed other than as described in this Privacy Statement.
What personal data do we collect?
The personal data we collect varies depending upon the purpose of the collection and the product or service we are providing you.
Generally, we may collect the following types of personal data from you directly:
a) Personal contact data, such as your name, email address, physical address and telephone numbers;
b) Account login details, such as your user ID, e-mail username and password. This is necessary to create a personal user account on one of our online communities;
c) Communications with us, which may include details of our conversations via chat, care lines and/or customer service lines;
d) Demographic information, such as your age and gender and lifestyle preferences. Lifestyle preferences may include your preference for some of the products we offer, and your interests related to those products;
e) Browser history, such as pages accessed, date of access, location when accessed, and IP address;
f) Payment information for purchases made on one of our online shops. Payment information generally relates to your billing name, billing address and payment data, such as your credit card details or bank account number.
g) Information about people other than you, such as personal data about your family members, when you provide such information directly to us;
h) Social media profiles;
We may also collect personal data about you indirectly when:
a) You share content on social media pages, websites or applications related to our products or in response to our promotional material on social media.
Why do we collect and use your personal data?
We collect your personal data so we can provide you with the best online experience and to provide you with a high quality of customer service. In particular we may collect, hold, use and disclose your personal data for the following purposes:
a) To process your payments, if you purchase our products, to provide you with your order status, deal with your enquiries and requests, and assess and handle any complaints;
b) To process and answer your inquiries or to contact you in order to answer your questions and/or requests;
c) To develop and improve our products, services, communication methods and the functionality of our websites;
d) To communicate information to you and to manage your registration and/or subscription to our newsletter or other communications;
e) To provide personalized products and communications as well as product recommendations to you a customers;
We may also need your personal data to comply with legal obligations or in the context of a contractual relationship that we have with you.
When we collect and use your personal data for purposes mentioned above or for other purposes, we will inform you before or at the time of collection.
Where appropriate, we will ask for your consent to process the personal data. Where you have given consent for processing activities, you have the right to withdraw your consent at any time.
Where we process your personal data, you are entitled to a number of rights and can exercise these rights at any point. We have provided an overview of these rights below together with what this entails for you.
The right to access your personal data and correction
You have the right to access, correct or update your personal data at any time. We understand the importance of this and should you want to exercise your rights, please contact us via our contact page.
For all claims regarding your personal data, please complete and return the form attached: link to the form strong>
The right to data portability
Your personal data is portable. This means it can be moved, copied or transmitted electronically. However, this right only applies where:
a) The processing is based on your consent;
b) The processing takes place for the performance of a contract;
c) The processing takes place by automated means;
If you wish to exercise your right to data portability, please contact us via our contact page.
The right to deletion of your personal data
You have right to request that we delete your data if:
a) your personal data is no longer necessary in relation to the purposes for which we collected it; or
b) you withdraw the consent that you had previously given us to process your personal data, and there is no other legal ground to process that personal data; or
c) you object to us processing your personal data for direct marketing purposes; or
d) you object to us processing your personal data for Danone’s legitimate interests (such as improving overall user experience on websites);
e) the personal data is not being processed lawfully; or
f) your personal data needs to be deleted to comply with the law.
If you wish to delete the personal data we hold about you, please let us know and we will take reasonable steps to respond to your request in accordance with legal requirements.
If the personal data we collect is no longer needed for any purposes and we are not required by law to retain it, we will do what we can to delete, destroy or permanently de-identify it.
The right to restriction of processing
You have the right to restrict the processing of your personal data if
a) you do not believe the personal data we have about you is accurate; or
b) the personal data is not being processed lawfully, but instead of deleting the personal data, you would prefer us to restrict processing instead; or
c) we no longer need your personal data for the purposes we collected it, but you require the data in order to establish, exercise or defend legal claims; or
d) you have objected to the processing of your personal data and are awaiting verification on whether your interests related to that objection outweigh the legitimate grounds for processing your data.
If you wish to restrict our processing of your personal data, please let us know and we will take reasonable steps to respond to your request in accordance with legal requirements.
The right to object
You have the right to object to the processing of your personal data at any time. Please contact us via our contact page.
The right to lodge a complaint with a supervisory authority
You have the right to lodge a complaint directly with supervisory authority about how we process personal data.
How we protect your personal data
We understand that the security of your personal data is important. We make our best efforts to protect your personal data from misuse, interference, loss, unauthorized access, modification or disclosure. We have implemented a number of security measures to help protect your personal data. For example, we implement access controls, use firewalls and secure servers, and we encrypt personal data.
Sharing of your personal data
When we share your personal data with affiliates and other organizations, we make sure we only do so with organizations that safeguard and protect your personal data and comply with applicable privacy laws in the same or similar way that we do.
Your personal data will not be shared, sold, rented or disclosed other than as described in this Privacy Statement. We may, however, share your data when required by law and/or government authorities.
Sharing data internationally
Personal data may be processed outside the European Economic Area (EEA). When processed outside the EEA, Evian Resort will make sure that this cross-border data processing is protected by adequate safeguards.
The safeguards that we use to protect cross-border data processing include:
a) Model Contractual Clauses approved by European Commission. These standardized contractual clauses provide sufficient safeguards to meet the adequacy and security requirements of the European General Data Protection Regulation; or
b) certifications which demonstrate that third parties outside of the EEA process personal data in a way that is consistent with the European General Data Protection Regulation. These certifications are approved either by the European Commission, a competent supervisory authority or a competent national accreditation body in terms of General Data Protection Regulation.
Automated decision-making and profiling
For some services and products we may process your personal data using automated means. Essentially this means that decisions are taken automatically without human intervention.
We may also process your personal data for profiling purposes to predict your behavior on our website or products that may be of interest to you
If we intend to make use of such methods, we will of course inform you and we will give you an opportunity to object to these processes in advance. You are also free to contact us mailto:email@example.com for further information on such processing.
Cookies and other technologies
a) Information about your device browser and operating system;
b) The IP address of the device you are using;
c) Web pages of ours that you view;
d) Links that you click while interactive with our services.
How to contact us
If you have any questions, comments or complaints regarding this Privacy Statement or the processing of your personal data, please contact us, mailto:firstname.lastname@example.org
For all claims regarding your personal data, please complete and return the form attached: link to the form strong>