top of page

Privacy Policy

Last updated: March 24, 2026

1) Who is the data controller?
The controller for personal data collected via the site is:

Nathalie Debon & Catherine

Based in France

Email: 4c43d6666c@emailax.pro

2) What data do we collect?
Depending on your use of the site, we may collect:

A. Bookings (for cottages in Granville and Folligny)

  • Identity: last name, first name

  • Contact details: email, phone number, address (if necessary)

  • Stay information: dates, number of travelers, special requests, messages

  • Booking-related data: status, communication history, billing

B. Additional services (breakfast, bike rental, singing lessons, massage)

  • Information required for organization: desired time slots, chosen options, logistical information

  • Exchanges/messages related to the service

C. "Local PDF guide" form / newsletter / auto-responder

  • Email address (and possibly first name if you provide it)

  • Consent records (date, form used)

  • Basic campaign statistics (opens/clicks) if your email tool enables them

D. Technical data (browsing)

  • IP address, cookie/tracker identifiers, technical logs, pages viewed (depending on settings)

  • This data is partly processed via Wix tools and/or third-party tools (analytics, security, etc.).

3) Why do we use your data (purposes) and on what legal basis?
We process your data only for specific purposes, with an appropriate legal basis:

A. To manage your bookings and your stay

  • Purpose: To process the booking, communicate with you, organize your welcome, and manage options and requests.

  • Legal basis: Performance of a contract (booking). (cnil.fr)

B. To manage additional services

  • Purpose: To plan and provide the services (breakfast, bikes, lessons, massage).

  • Legal basis: Performance of a contract (requested service).

C. Billing, accounting, legal obligations

  • Purpose: To create and retain invoices, manage accounting, and comply with legal obligations.

  • Legal basis: Legal obligation. The CNIL notably requires billing data to be kept for 10 years (French Commercial Code). (cnil.fr)

D. Sending the local PDF guide + informational / marketing emails (if you consent)

  • Purpose: To send you the requested guide and, if you consent, emails (news, offers, availability).

  • Legal basis: Consent (prospecting individuals by email requires prior consent). (cnil.fr)

E. Site security, fraud prevention, technical improvement

  • Purpose: To maintain the security and proper functioning of the site.

  • Legal basis: Legitimate interest (site security/administration), in respect of your rights.

4) Is the data mandatory?
For a booking, certain data is necessary (e.g., identity + contact details). Without it, we cannot process the booking.

To receive the PDF guide, only your email address (and consent to receive the guide) is necessary. Marketing emails remain optional.

5) Who can access your data (recipients)?
Your data may be accessible to:

  • Authorized persons of the maisondecharme-granville.com website (for managing bookings and services).

  • Our service providers (processors) strictly for the purpose of providing the service:

    • Wix (site hosting, forms, features); Wix provides a DPA (Data Processing Agreement) and publishes a list of its sub-processors. (support.wix.com)

    • Payment provider (e.g., Stripe/PayPal/Wix Payments): card details are generally processed directly by the payment provider (we do not have plain text access to them).

    • Emailing / auto-responder tool: Wix Forms (if used).

    • Statistics / audience measurement tools: none.

6) Transfers outside the EU
Wix indicates that data may be processed in the EU, Israel, or other countries, with appropriate legal mechanisms (e.g., Standard Contractual Clauses - SCCs) in accordance with its DPA, and Wix publishes information on its sub-processors and transfer mechanisms. (support.wix.com)

7) Data retention periods
We retain your data for a proportionate period:

  • Booking / customer relationship data: for the duration of the relationship, then deleted/anonymized as necessary. The CNIL recommends planning for deletion in case of prolonged customer inactivity (e.g., 3 years from the end of the commercial relationship, excluding legal obligations). (cnil.fr)

  • Prospects (PDF guide / newsletter, without a booking): in principle, for up to 3 years from the date of collection or the last contact from the prospect, unless otherwise required by law or with renewed consent. (cnil.fr)

  • Invoices / accounting: 10 years (legal archiving). (cnil.fr)

  • Technical logs: limited duration, as needed for security/diagnostic purposes.

8) Cookies and trackers
The site may use cookies/trackers:

  • Necessary for operation (e.g., security, session).

  • Non-essential (e.g., audience measurement, marketing): placed only after you have given your consent, where required.

You can accept/refuse cookies via the banner and/or your settings. The CNIL notably states that refusing must be as simple as accepting. (cnil.fr)

Our site may contain links to third-party partner sites, such as Booking.com or Airbnb. We are not responsible for the content, privacy policies, or terms and conditions of sale of these sites. When you click on an external link to make a reservation, you are subject to the policies of the destination site. We encourage you to read their terms carefully before finalizing your transaction.

9) Your rights
In accordance with the GDPR, you have the following rights: access, rectification, erasure, opposition, restriction of processing, and data portability (subject to conditions).

You can exercise your rights by writing to: [GDPR email address]
We may request proof of identity in case of reasonable doubt.

You can also file a complaint with the CNIL.

10) Unsubscribing from emails
Each marketing email contains an unsubscribe link. You can also contact us at [contact email]. Consent for email marketing must be free, specific, informed, and unambiguous. (cnil.fr)

11) Security
We implement reasonable technical and organizational measures to protect your data (access control, updates, passwords, etc.). As no system is infallible, we invite you to report any anomalies to us.

12) Changes
We may modify this policy. The online version is the applicable version on the date of consultation.

bottom of page