Le Chat de Pierre Privacy & GDPR Policy May 2018
Introduction
The European regulation No. 2016/679 of 27 April 2016, or General Data Protection Regulation (GDPR), came  into force on 25 May 2018 replacing  the Data Protection Act.  This is a Europe- wide law and as such affects how we use and store information we receive from guests and enquirers.  It covers all data, whether electronic or paper based.  We are committed to protecting  your personal information.
Definitions
In this policy the following words have the following meanings :
Us/we – Charles Martin Peace and Carolynn Jane Peace trading as Le Chat de Pierre
You – you or any member of your party
What data we collect and how
If you make an enquiry  through our website, by telephone or through social media we will collect such information as we need to communicate with you to resolve your enquiry.  This will include your name, email address, telephone number and the  number in your party.   If you indicate that you do not wish to make a booking we will destroy your personal data.  If you do not state that you do not wish to make a booking we may retain your data for follow-up communications.  We will not retain data collected in this way for these purposes for more than twelve months from the date of your enquiry.
If you make an enquiry through Home Away or one of its sub-brands such as Owners Direct or Abritel we will correspond with you through the site’s secure messaging system and will not see your personal details including your e-mail address until you have made a reservation.
If you make a reservation by any means or through any platform we will collect your name, address, telephone number and  email address. 
We do not collect any financial information from you.  Any payments due from you are made through Home Away’s secure payment platform or  direct to our bank account.  Small expenses you ask us to incur on your behalf such as grocery shopping are paid for in cash during your stay.
Your details are kept secure on our computerised system via password controlled entry.  We also keep a paper diary as a back-up with the communication details we need during your stay.
We use cookies on our website.  Cookies are text files placed on your computer to collect standard internet log information and visitor behaviour information.  This information is used to track visitors’ use of the website and to compile statistical reports on website activity.  You can set your browser not to accept cookies (see www.aboutcookies.org for more information).
Our website  may contain links to third parties' websites. We are not responsible for the privacy practices or the content of those websites.
We may   use Google Analytics to gather statistics on site usage. There are more details in Google’s own privacy policy.  Google may aggregate data they collect from their various services including Google Analytics, Google Translate, Google Maps and YouTube.  You acknowledge and accept that we have  no control over Google’s data collection.  We strongly advise you to look at Google’s privacy policy for details of their data collection practices. You can find more information about how Google uses data here: https://www.google.com/policies/privacy/partners/. If you want to opt out from Google Analytics, please check here  https://tools.google.com/dlpage/gaoptout.
 We market our property through Home Away and you can find out about their privacy policy here https://help.ownersdirect.co.uk/articles/How-does-HomeAway-protect-my-payment-and-personal-information.
We also market our property through our own website www.lechatdepierre.com and Facebook https://www.facebook.com/LeChatdePierre/.  We may use other social media platforms.  Data processed through social media is subject to their privacy policies.
Why the data we collect is processed 

1. We process  your name, address,  telephone number and email address because it is  necessary to do so  for the performance of the contract between us  or to take steps at your request prior to entering into the  contract.  
2. We retain your name, address and the number in your party after your stay for the purpose of auditing  our marketing activities and for business analysis.  Unless you have given your consent we will not contact you  using these details.  
3.   We retain your  name, address, date of birth  and a record of the  period of your stay  to comply with a legal obligation.  Under French Law (article R611-42 of Code of Entry and Stay of Aliens and of the Right of Asylum). 

4.   If you consent to this we retain your name, address and email address  on a mailing list so that we can keep in touch with you by post or email and let you know about special offers which we believe will be of interest to you.  You can ask for your details to be removed from our mailing list by emailing  a request to Bonjour@lechatdepierre.com, responding to an email you receive with the word ‘unsubscribe’ or by writing to Carolynn Peace at 1 La Boix Nord 33790 Pellegrue Nouvelle-Aquitaine France.

How long the data will be retained

 The date of destruction of data depends on the type of data collected 
Lapsed enquiries -  Will be destroyed the later of 3 months after enquiry was made or 31 December in the year enquiry was made
Opted-in to mailing list - Request to re-subscribe sent later of 3 years after opt-in or 31 December 3 years after opt-in
Opted-out of mailing list - Will be destroyed earlier  of 4th anniversary after data collected or 31 December up to 4 years after data collected
 Sharing data
We never share your data unless compelled to do so by law. 
Data controller
Our data controller is Carolynn Peace  1 La Boix Nord 33790 Pellegrue Nouvelle-Aquitaine France Bonjour@lechatdepierre.com.
Access to your data
You have the right to request a copy of the information we hold about you.  If you would like a copy of this please email us at bonjour@lechatdepierre.com or write to us at 1 La Boix Nord 33790 Pellegrue France.
Notification of Data Breaches
The GDPR will require us to notify the Information Commissioners’ Office within 72 hours of first having become aware of the breach where that breach is likely to “result in a risk for the rights and freedoms of individuals”. For any breach, we are required to notify the customers “without undue delay” after first becoming aware of a data breach and we undertake to do so.