Resapass

Privacy policy

www.resapass.com

CONTENTS

Article 1 : Preamble

Article 2 : Principles governing the collection and processing of personal data

Article 3 : Personal data collected and processed when browsing the resapass.com Platform.

Article 3.1 : Data collected and how it is used

Article 3.2 : Data collection method

Article 3.3 : Data hosting

Article 3.4 : Transmission of data to third parties

Article 3.5 : Cookies policy

Article 4 : Data controller and data protection officer

Article 5 : The user's rights regarding data collection and processing

Article 6 : Conditions for modifying the privacy policy

Article 1 : Preamble

The purpose of this privacy policy is to inform Users of the RESAPASS.COM Platform and any other mobile or tablet application of the RESAPASS TRAVEL company (hereinafter "RESAPASS"), about the following points:

The manner in which Users' personal data (here in after « personal data ») is collected, processed and protected. Personal data refers to any information that can be used to identify a User. Such personal data may include, but is not limited to, surnames, first names, age, postal or e-mail address, location and IP address.
The rights of Users with regard to their personal data, in particular the right of access, rectification, deletion and opposition.
The person responsible for processing the personal data collected and processed is specified in this privacy policy.
The recipients of personal data are listed in the section on transmission of data to third parties.
The policy of the Platform and of any other mobile or tablet application of RESAPASS TRAVEL with regard to cookies, in particular the way in which they are used and managed.

Please note that this Privacy Policy is complementary to the Legal Notice and General Terms of Use. We encourage Platform Users to consult the latter for additional information:

General Conditions

Legal notices

Article 2 : Principles governing the collection and processing of personal data

In accordance with Article 5 of European Regulation 2016/679, personal data is processed according to the following principles:

RESAPASS processes personal data in a lawful, fair and transparent manner in relation to its commercial activity.

Personal data is collected for specific, explicit and legitimate purposes, in accordance with article 3.1 of this privacy policy, and is not further processed in a manner incompatible with these purposes.

The personal data collected is adequate, relevant and limited to what is necessary for the purposes for which it is processed, in the context of the activities carried out by RESAPASS.

All reasonable measures are taken to ensure that personal data is accurate and, where necessary, kept up to date. Inaccurate data will be deleted or rectified without delay, within the framework of the activities carried out by RESAPASS.

Personal data is kept in a form that enables identification of the persons concerned for no longer than is necessary for the purposes for which it is processed, within the framework of the activities carried out by RESAPASS.

Personal data is processed in such a way as to guarantee appropriate security, including protection against unauthorized or unlawful processing, as well as against accidental loss, destruction or damage. Appropriate technical and organizational measures are put in place within the framework of the activities carried out by RESAPASS.

These principles ensure the protection of the personal data of Users of the internet Platform resapass.com and any other mobile or tablet application of the RESAPASS company, in accordance with the provisions of the European Regulation 2016/679 and in the context of the activities carried out by the RESAPASS company and its agent.

Processing is lawful only if, and insofar as, at least one of the following conditions is met:

The data subject has consented to the processing of his/her personal data for one or more specific purposes.

The processing is necessary for the performance of a contract to which the data subject is a party or for the performance of contractual measures taken at the data subject's request.

The processing is necessary to comply with a legal obligation to which RESAPASS and/or its legal representative is subject.

The processing is necessary to safeguard the vital interests of the data subject or of another natural person.

The processing is necessary for the performance of a mission in the public interest or in the exercise of public authority vested in RESAPASS and/or its legal representative.

Processing is necessary for the purposes of the legitimate interests pursued by RESAPASS and/or its legal representative, and/or a third party, unless the interests or fundamental rights and freedoms of the data subject require protection of personal data, in particular where the data subject is a minor.

Article 3 : Personal data collected and processed when browsing the resapass.com Platform.

Article 3.1 : Data collected and how it is used

The personal data collected in connection with the use of the resapass.com Platform and the activities of the RESAPASS company are as follows:

Last name, First name
E-mail address
IP address

Personal data is collected and processed for the following purposes:

Last name, First name and e-mail address: Nominative booking of a Solo, Duo or Friends & family annual pass, a hotel product or any other travel product offered on the resapass.com Platform and identified in the General Conditions of Use.

Email address: Correspondence between RESAPASS and the user, newsletter subscription, confirmation of reservation or purchase of a Solo, Duo or Friends & family annual pass, a hotel product or any other travel product offered on the resapass.com Platform and identified in the General Terms of Use.

IP address and cookie consent: RGPD logbook. In order to comply with RGPD laws, a cookie attesting to consent is also written on the temporary data of the device used by the User to browse the resapass.com Platform. Trackers such as Facebook Pixel and Google ID are also used to analyze and record User behavior on the majority of the resapass.com Platform. User behaviour and the use of personal data when filling in the Calendly form are not recorded, as they are independent of the resapass.com Platform.

Article 3.2 : Data collection method

When you use our resapass.com Platform, the following data is automatically collected:

Browsing behavior on the Platform.

Once you have given your consent to the use of your personal data, the following information is automatically collected:

IP address
Proof of RGPD consent by the User

Other personal data is collected when the User performs the following operations on our resapass.com Platform:

Surname, First name, Email address: For the purposes of communication, booking confirmation for the purchase of a Solo, Duo or Friends & family annual pass, a hotel product or any other travel product offered on the resapass.com Platform and identified in the General Terms of Use.

This personal data is kept by RESAPASS under reasonable security conditions for a period of 6 months.

RESAPASS reserves the right to retain certain personal data beyond this period in order to meet its legal or regulatory obligations.

Article 3.3 : Data hosting

The www.resapass.com Platform is hosted on Amazon's European servers. Web Services Inc, PO Box 81226, Seattle, WA 981808-1226 - USA.

https://aws.amazon.com/fr/compliance/eu-data-protection/ .

Amazon Web Services Inc provides a secure infrastructure for storing and managing data on the resapass.com Internet Platform, guaranteeing the confidentiality and integrity of the information collected.

As a hosting provider, Amazon Web Services Inc. implements robust security measures to protect hosted data. These measures include the implementation of encryption protocols for data in transit and at rest, the use of firewalls to prevent unauthorized access, and continuous monitoring of suspicious activity. These measures are designed to ensure the security of user data and prevent any unauthorized access, disclosure or alteration.

By choosing Amazon Web Services Inc as its hosting partner, RESAPASS is committed to providing its users with a reliable and secure environment for their personal data. However, despite the efforts of RESAPASS and its agent to maintain security, no method of electronic transmission or storage is completely secure. Consequently, RESAPASS and/or its agent cannot guarantee absolute security of the data collected, so users must also take precautions to protect their personal information.

For more information about the security and privacy practices of Amazon Web Services Inc, the user may visit their website at https://aws.amazon.com/fr/compliance/eu-data-protection/ .

Please note that RESAPASS's responsibility for data protection is limited to its own resapass.com Platform and its use of Amazon Web Services Inc. services. When browsing third-party sites or interacting with other services, please consult their privacy and security policies to understand how your data is handled and protected.

By the term "third-party sites" we mean all websites that are independent of RESAPASS, in particular the websites, platforms and mobile or tablet applications of hotel and travel service providers that offer their services via our resapass.com Platform.

Article 3.4 : Transmission of data to third parties

In the course of RESAPASS's business and in order to provide our services efficiently, it may be necessary to share certain personal data with trusted partners. The third parties mentioned below are entities with whom we collaborate and who help us to improve our site and our services. We ensure that these partners process our Users' personal data in accordance with applicable data protection laws and for specific purposes.

Here are our partners to whom Users' personal data may be transmitted:

Google Analytics: Tools for analyzing web traffic and other user data. We use Google Analytics to collect information about the use of our resapass.com Platform, such as the number of visitors, pages visited and interactions. This allows us to better understand usage trends and optimize our resapass.com Platform for a better user experience.
Vendor partners offering their services on our platform.

Please note that these third parties have their own privacy and data protection policies, which we encourage you to learn more about. RESAPASS and its legal representative are not responsible for the privacy and data protection practices of such third parties.

RESAPASS and its agent undertake to take the necessary measures to ensure that your personal data is treated securely and confidentially, in accordance with applicable data protection laws.

If you have any questions concerning the sharing of your personal data with our partners mentioned above, we recommend that you contact our support department here.

Article 3.5 : Cookies policy

Our resapass.com Platform uses cookies to enhance your browsing experience and provide you with personalized content. A cookie is a small text file that is stored on your device when you visit our reapass.com Platform. It enables us to collect information such as your IP address, your browser type, your preferences and your activity on the Platform.

The cookies we use can be divided into two categories:

Essential cookies that are necessary for the operation of our resapass.com Platform and cannot be disabled. They include cookies that enable you to log in to your account and navigate our resapass.com Platform securely.
Non-essential cookies are used for analysis, personalization and advertising purposes. They help us to understand how you use our resapass.com Platform, to personalize your user experience according to your preferences and to display relevant advertising.

Here is the list of cookies used by our Platform:

Cookies necessary for the operation of the Site :

Cookie name	Who sets the cookie	Purpose	Shelf life
nuxt-session	Resapass	Remember login information	1 day

Personalization cookies:These cookies enable us to remember the choices and preferences entered by the User when browsing the Site.

Cookie name	Who sets the cookie	Purpose	Shelf life
resapass_i18n_redirected	Resapass	Remember user-selected language	365 days

The data collected via cookies, including browsing data, is stored for a maximum of 25 months, depending on the purpose for which it was collected.

The installation of cookies not strictly necessary for the operation of the Site is subject to your consent. On your first visit to the Site, an information banner will appear, informing you that if you continue to browse the site, the aforementioned cookies will be installed on your equipment.

RESAPASS and its representatives are committed to respecting your privacy and protecting your personal data, even when sharing cookies with our partners.

We may share cookies with our trusted partners, in compliance with applicable data protection laws and regulations. In this context, we implement appropriate measures to protect your personal data and ensure that it is used in accordance with our privacy policy.

We inform you that you have the right to refuse or delete cookies by modifying your browser settings. However, we draw your attention to the fact that deactivating cookies may limit certain functionalities of our resapass.com Platform and impair the quality of your user experience.

To find out more about the use of cookies and how we process your personal data, please refer to the content of article 3 of this privacy policy.

Article 4 : Data controller and data protection officer

In application of the regulations applicable to personal data, each User has the rights set out in article 5 hereof. Users may ask the data controller to rectify, complete, clarify, update or delete their personal data.

These rights may be exercised by writing to the Data Protection Officer at :contact@resapass.com enclosing a copy of your identity card with your request.

In order for the data controller to process the User's request, the User may be required to provide certain information, such as the User's first and last names, e-mail address and account number, the identifier for the User's personal space or for the Solo, Duo or Friends & family annual pass, for a hotel product or for any other travel product offered on the resapass.com Platform and identified in the general conditions of use.

Please note that for reasons of confidentiality and security, we recommend that you do not share sensitive information by e-mail. We encourage you to use secure means of communication for all correspondence concerning your personal data.

If, after contacting us, you feel that your "Data Protection" rights have not been respected, you can send information to the CNIL (Commission Nationale de l'Informatique et des Libertés).

Article 5 : Users' rights regarding data collection and processing

Any User of our Platform resapass.com concerned by the processing of personal data may avail themselves of the following rights, pursuant to European Regulation 2016/679 and the French Data Protection Act no. 78-17 of January 6, 1978:

Rights of access, rectification and right to erasure of data (laid down respectively in Articles 15, 16 and 17 of the RGPD).
Right to data portability (Article 20 of the RGPD).
Right to limit (Article 18 of the RGPD) and object to data processing (Article 21 of the RGPD)
Right not to be subject to a decision based exclusively on an automated process.
Right to determine the fate of data after death.
Right to refer the matter to the competent supervisory authority (Article 77 of the RGPD).

To exercise your rights, please send an e-mail to contact@resapass.com.

Visit www.cnil.fr for more information on your rights.

Article 6 : Conditions for modifying the privacy policy

The publisher of the www.resapass.com Platform reserves the right to modify this privacy policy at any time in order to ensure that Platform Users comply with current legislation.

Any changes will not affect purchases and subscriptions previously made on the resapass.com Site, which remain subject to the privacy policy in effect at the time of purchase or subscription and as accepted by the User at the time of validation of said purchase and/or subscription.

The User is invited to familiarize himself/herself with this privacy policy each time he/she uses our resapass.com Platform and our services, without it being necessary to formally notify him/her of this.