Privacy Policy
Last update January 2023
We appreciate your interest in our website and in our company (hereafter Asco or we). We highly value your trust in us and recognize both the significance and the obligation to treat your data with care and protect that data from misuse or abuse.
We take the protection of your private data very seriously, and strictly adhere to relevant data protection legislation. In particular, as a Data Controller, we have taken all the measurements needed to be complied with the new EU GDPR 2016/679 Regulation (EU) 2016/679 on the protection of natural persons.
Personal data is collected on this website e during the exercise of our services only to the extent necessary.
This privacy statement will inform you how we handle your data.
By using our website and our services, you agree that the data you have provided may be stored, processed, or used by us within the scope of this privacy policy.
This policy forms part of the terms and conditions that govern our services.
By accepting these terms and conditions, you expressly accept the provisions of this charter.
DEFINITIONS
The following definitions of terms used in this policy are drawn from Article 4 of the GDPR.
Personal Data: Any information relating to an identified or identifiable natural person who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person.
Data Controller: The natural or legal person, public authority, agency or any other body, which alone or jointly with others, determines the purposes and means of the processing of personal data.
Data Processor: A natural or legal person, public authority, agency or any other body which processes personal data on behalf of a Data Controller.
Processing: An operation or set of operations which is performed on personal data or on sets of personal data, whether or not by automated means, such as collection, recording, organization, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure or destruction of the data
OUR SEVEN PRINCIPLES FOR PROTECTING YOUR PERSONAL DATA
The seven principles below are applicable in our business:
- Transparency: when collecting and processing your personal data, we will communicate all information to you and inform you of the purpose and recipients of the data.
- Legitimacy: we will collect and process your personal data only for the purposes described in this document.
- Relevance and accuracy: we will only collect personal data that is necessary for data processing. We will take all reasonable steps to ensure that the personal data we hold is accurate and up to date.
- Storage: we will hold your personal data for the period necessary for processing the same in compliance with the provisions of the law.
- Access, rectification, opposition: you may access, modify, correct or delete your personal data. You may also oppose the use of your personal data, particularly to avoid receiving sales and marketing information.
- Confidentiality and security: we will ensure reasonable technical and organizational measures are in place to protect your personal data against alteration or accidental or unlawful loss, or unauthorized use, disclosure or access.
- Sharing and international transfer: we may share your personal data within our partners or with third parties (such as commercial partners and/or service providers) for the purposes set out in this document. We will take appropriate measures to guarantee security when sharing or transferring such data.
COLLECTION, PROCESSING OR USE OF PERSONAL DATA
Personal data is collected, processed, or used by us only when you provide it to us voluntarily or with consent, and where it is within the scope of the law.
Our website collects and stores data and they will not be used to identify visitors to this website. You can, at any time, revoke consent to this processing of your data by our website.
As a matter of practice, we will only collect such data as required for the provision of services, for example the answering your questions or the execution of contracts between us. These information will be stored, encrypted on secure servers
WHAT PERSONAL DATA IS COLLECTED
At various times, we will be obliged to ask you for information about you such as:
- Contact details (for example, last name, first name, telephone number, email)
- Personal information (for example, date of birth, nationality)
- Other information relevant to customer surveys
- Your credit card number (for transaction and reservation purposes)
- Your preferences and interests
- Your questions/comments
The information collected in relation to persons under 18 years of age can only be supplied to us by an adult. We do not deliberately collect sensitive information, such as information concerning race, ethnicity, political opinions, religious and philosophical beliefs, union membership, or details of health or sexual orientation.
WHEN IS YOUR PERSONAL DATA COLLECTED
Personal data may be collected on a variety of occasions, including:
- Business activities
- Participation in marketing programs or events:
- Participation in customer surveys
- Subscription to newsletters, in order to receive offers and promotions via email.
- Transmission of information from third parties
- Tour operators, travel agencies, and others
- Connection to the website (IP address)
- Online forms (online reservation, our pages on social networks, network login devices such as Facebook login etc.).
FOR WHAT PURPOSES
We collect your personal data for the purposes of:
- Meeting our obligations to our partners.
- Internal record keeping
- Improving our service, especially:
- Processing your personal data in our customer marketing program in order to carry out marketing operations, promote brands and gain a better understanding of your requirements and wishes
- Adapting our products and services to better meet your requirements
- Customizing commercial offers and the promotional messages we send to you
- Informing you of special offers and any new services
- Carrying out surveys and analyses of questionnaires and customer comments
- Managing claims/complaints
- Managing our relationship with customers
- Providing details for the customer database
- Predicting and anticipating future behaviors
- Developing statistics and commercial scores, and carrying out reporting
- Knowing and managing the preferences of new or repeat customers
- Sending you promotions and tourist, hotel or service offers, or offers, or contacting you by telephone
- Managing requests to unsubscribe, promotions, tourist offers and satisfaction surveys
- Taking into account the right to object
- Improving navigation
- Implementing security and fraud prevention
- Securing and enhancing your use of our websites, especially:
- Conforming to local legislation
WHO WE SHARE INFORMATION WITH
As we work with many partners in many countries (Data Processors), we endeavor to provide you with the same services throughout the world. Thus, to guarantee that, we have to share your personal data with internal and external recipients subject to the following conditions:
- in order to offer you the best service, we can share your personal data and give access to authorized personnel, including:
- IT departments
- Commercial partners and marketing services
- Legal services if applicable
- Generally, any appropriate person for certain specific categories of personal data.
- With service providers and partners (Data Processors): your personal data may be sent to a third party for the purposes of supplying you with services and improving our service, for example:
- External service providers
- Commercial partners
- Social networking sites
- Local authorities: we may also be obliged to send your information to local authorities if this is required by law or as part of an inquiry and in accordance with local regulations.
For the reasons explained above, our website may contain links to other sites operated by third parties.
We will act to ensure that all of our partners are in compliance with the General Data Protection Regulation (GDPR) but in any ways, we are not responsible for the privacy practices or the content of such third-party web sites.
PROTECTION OF YOUR PERSONAL DATA DURING INTERNATIONAL TRANSFER
For the data collection purposes, we may transfer your personal data to internal or external recipients who may be in countries offering different levels of personal data protection.
Consequently, in addition to implementation of this policy, we employ appropriate measures to ensure secure transfer of your personal data to another entity or to an external recipient located in a country offering a different level of privacy from that proposed in the country where the personal data is collected.
DATA SECURITY
Asco takes appropriate technical and organizational measures, in accordance with applicable legal provisions, to protect your personal data against illicit or accidental destruction, accidental alteration or loss, and unauthorized access or disclosure. To this end, we have taken technical measures and organizational measures.
When you submit credit card data when making a reservation, encryption technology is used to guarantee a secure transaction.
STORAGE OF DATA
We retain your personal data only for the period necessary for the purposes set out in this document or in accordance with the provisions of applicable law.
PROTECTION OF MINORS
Children and adolescents with limited legal capacity are as a matter of principle not allowed to transfer any personal data to our website without prior consent of their parents or legal guardian. We will in no way knowingly collect personal data from children or adolescents with limited legal capacity, use these data in any form, or divulge these data to third parties without authorization.
DELETION OF COLLECTION DATA
Deletion of the collected data occurs when you revoke your agreement to the processing of such data, when the knowledge of your data will no longer be necessary for the fulfilment of the purpose that lead to the collection and processing of your data, or where the processing of your data is not permitted by law.
ACCESS AND MODIFICATION
You have the right to access your personal data collected by Asco, to be informed of how we are using it, to have any of your inaccurate or incomplete data rectified, to erasure it at any time for any reason (or for no reason), to restrict a certain type of processing, to retain and reuse the data for other purposes, to object to how your data is used and to limit its use by automated decision making and profiling.
In the event of difficulty exercising your rights, please contact the Data Privacy responsible directly by sending an email to legal@ascolotus.com
For the purposes of confidentiality and personal data protection, we will need to identify you in order to respond to your request. You will be asked to include a copy of an official piece of identification, such as a driver's license or passport, along with your request.
If your personal data is inaccurate, incomplete or not up to date, please send the appropriate amendments to the Data Privacy responsible as indicated above.
All requests will receive a response as swiftly as possible and in accordance with applicable law.
UPDATES
We may modify this policy from time to time. Consequently, we recommend that you consult it regularly, particularly when making further reservation on our website.