Privacy Policy
DATA PROTECTION POLICY
1. Introduction
Within the framework of its activity, NOCTIS EVENT is led to collect and process personal data relating to the visitors of the gigi-restaurant.com website.
The main objective of this document is to gather in a concise, transparent, comprehensible and easily accessible format information concerning the data processing implemented to enable you to understand the conditions under which your data are processed.
2. Fair and transparent collection of your data
In the interests of fairness and transparency vis-à-vis its visitors, NOCTIS EVENT takes care to inform the persons concerned of each processing operation that it implements by means of information notices.
These data are collected loyally. No collection is carried out without the knowledge of the persons and without them being informed.
3. A legitimate and proportionate use of your data
When NOCTIS EVENT is led to process data, it does so for specific purposes: each data processing implemented pursues a legitimate, determined and explicit purpose.
For each of the processing operations implemented, it undertakes to collect and use only data that are adequate, relevant and limited to what is necessary with regard to the purposes for which they are processed.
NOCTIS EVENT ensures that the data are, if necessary, updated and implements procedures to allow the deletion or rectification of inaccurate data.
4. The personal data we process
Within the framework of the processing of personal data whose purposes will be presented to you hereafter, NOCTIS EVENT collects and processes the following categories of data :
Category of data | Main data of the category |
Identification data | First name, last name |
Contact information | E-mail, phone number |
Personal information | Company Events enquiries : nature of event, event date, number of people, other details |
Information relating to professional life | Company Events enquiries : nature of event, event date, number of people, other details |
Economic and financial information | |
Connection data | IP (not stored but appears in server logs) User agent of the device (IOS or Android + OS version) |
Cookies and Pixel | Click here to access the cookie management policy |
5. Legal bases and purposes of our data processing
The data processing implemented by NOCTIS EVENT pursues the purposes identified below and is founded on the following legal bases:
Legal basis of the processing | Purposes |
Consent | To collect subscriptions to the newsletter |
Legitimate interest of the company | Highlighting of services, locations and news Collect enquiries and club enquiries with an email address Access portal to the Sevenrooms site for restaurant reservations Collect event enquiries with a dedicated form Collect press enquiries with an email adress Access portal to the paris-society.com website Access portal to Google map, Instagram, Facebook, WhatsApp |
6. The recipients of your data
The following are recipients of your data, each for what concerns them:
– the subcontractors of NOCTIS EVENT, the suppliers and providers of the website,
– Google, Facebook, Litespeed, Vimeo, Microsoft,
– Restaurant and clubs management,
– Directions of communication / marketing,
– Information systems department,
– others, as appropriate.
We ensure that only authorized persons can access this data.
7. Transfers of your data
In the context of the use of Google’s services for audience measurement and authentication (Google connect), data (click here for more information) is transferred outside the European Union to the United States, a country that does not provide an equivalent level of data protection to that applied at the European level.
As part of the use of the Facebook pixel and Facebook connect, personal data is transferred outside the European Union to the United States, a country that does not provide a level of data protection equivalent to that applied to the European level.
The European Commission’s standard contractual clauses have been signed to govern this transfer of data.
8. The periods for which we keep your data
NOCTIS EVENT ensures that data is only kept in a form that allows identification of the data subjects for as long as is necessary for the purposes for which it is processed.
The retention periods we apply to your personal data are proportionate to the purposes for which they were collected.
More specifically, we organize our data retention policy as follows:
Data and purposes | Retention period |
Contact and customer relationship management | 3 years from the last incoming contact
|
Analysis and audience marketing campaigns and site | 25 months |
Request for the exercise of rights | Duration of the processing of the request increased by a conservation in archives for the duration of prescription and mandatory conservation |
Cookies | Maximum 13 months for validity, consent 6 months, and data from cookies 25 months |
9. Security of personal data
NOCTIS EVENT has put in place technical and organizational measures adapted to the degree of sensitivity of the personal data, in order to ensure the integrity and confidentiality of the data and to protect them against any malicious intrusion, any loss, alteration or disclosure to unauthorized third parties.
Nevertheless, the security and confidentiality of personal data depend on the good practices of each individual, so the person concerned is invited to remain vigilant on this issue.
10. Subcontracting
When NOCTIS EVENT uses a service provider, it will only disclose personal data to the service provider after obtaining a commitment and guarantees from the service provider on its ability to meet these security and confidentiality requirements.
We conclude contracts with our subcontractors in compliance with our legal and regulatory obligations, which define precisely the terms and conditions for the processing of personal data by the latter.
11. Cookies
Cookies are subject to a Cookies policy. Please click here to access the cookie policy.
12. Your Rights
NOCTIS EVENT is particularly concerned about respecting the rights granted to you in the context of the data processing that it implements, in order to guarantee fair and transparent processing, taking into account the particular circumstances and context in which your personal data is processed.
12.1 Your right of access
Under this heading, you have confirmation as to whether or not your personal data is being processed and where it is, you have the right to request a copy of your data and information concerning:
– the purposes of the processing ;
– the categories of personal data concerned;
– the recipients or categories of recipients as well as, if applicable, if such communication is to be made, the international organizations to which the personal data has been or will be communicated, in particular the recipients who are established in third countries;
– where possible, the period for which the personal data will be kept or, where this is not possible, the criteria used to determine this period;
– the existence of the right to ask the data controller to rectify or erase your personal data, the right to request a limitation of the processing of your personal data, the right to object to such processing;
– the right to lodge a complaint with a supervisory authority;
– information about the source of the data when it is not collected directly from the data subjects;
– the existence of automated decision-making, including profiling, and in the latter case, relevant information about the underlying logic and the significance and intended consequences of such processing for the data subjects.
12.2 Your right to rectify your data
You can ask us to rectify or complete your personal data if it is inaccurate, incomplete, ambiguous or out of date.
12.3 Your right to erasure of your data
You can ask us to delete your personal data in the cases provided for by the legislation and regulations.
Please note that the right to the deletion of data is not a general right and can only be exercised if one of the reasons provided for in the applicable regulations is present.
12.4 Your right to limit data processing
You may request the limitation of the processing of your personal data in the cases provided for by the legislation and regulations.
12.5 Your right to object to data processing
You have the right to object at any time, on grounds relating to your particular situation, to the processing of your personal data where the legal basis is the legitimate interest pursued by the data controller (see article above on the legal basis for processing).
If you exercise such a right to object, we will ensure that we no longer process your personal data in connection with the processing concerned unless we can demonstrate compelling legitimate grounds for continuing such processing. These grounds will have to outweigh your interests and rights and freedoms, or the processing will be justified for the establishment, exercise or defence of legal claims. You have the right to object to personalized solicitation.
12.6 Your right to the portability of your data
You have the right to the portability of your personal data. Please note that this is not a general right. Indeed, not all data from all processing operations are portable and this right only concerns automated processing operations to the exclusion of manual or paper processing operations.
This right is limited to processing whose legal basis is your consent or the execution of pre-contractual measures or a contract.
This right does not include derived or inferred data, which are personal data created by NOCTIS EVENT.
12.7 Your right to withdraw consent
Where our data processing is based on your consent, you may withdraw it at any time. We will then stop processing your personal data without affecting the previous operations to which you have consented.
12.8 Your right to appeal
You have the right to lodge a complaint to the GDPR supervisory authority of the country in which you are located, without prejudice to any other administrative or legal recourse.
On French territory, the authority is CNIL (3 place de Fontenoy 75007 Paris).
12.9 Your Right to Set Post-Mortem Instructions
You have the right to set up specific instructions regarding the retention, deletion and disclosure of your personal data after your death in the manner set out below. These special instructions will only apply to the processing carried out by us and will be limited to that scope.
You will also have, when this person will have been designated by the executive power, to define general directives for the same purposes.
12.10 How to exercise your rights
All the rights listed above can be exercised at the following e-mail address donnees.privees@paris-society.com or by mail by addressing to NOCTIS EVENT 38 avenue des Champs-Elysées 75008 PARIS FRANCE, by proving your identity by any means.
13. Modification of this document
We invite you to consult this policy regularly on our website. It may be updated.
Updated on 11/10/2023.