Privacy policy

UPDATED October 4, 2023

This Privacy Policy explains Sacrebleu Paris’ policy regarding the privacy of information supplied by users or collected by us from users of this Sacrebleu Paris’ website (hereinafter referred to as the “Website”). Because we want to build users trust and confidence in this Website, we want to disclose our privacy practices.

This website is not intended for children and we do not knowingly collect data relating to children.

1. DATA CONTROLLER

The data controller is Sacrebleu Paris, a company registered under number B 802 951 947 at the Trade and Companies Registry of Nanterre, with a share capital of 43,322€, whose registered office is located at 35 Boulevard Paul Emile Victor – 92200 Neuilly Sur Seine, France (hereinafter referred to as “Sacrebleu Paris!”, “us” or “we”).

2. MODIFICATIONS

Since this policy may change over time as we modify or expand our services, we suggest that you check back from time to time in order to understand how we treat your information.

3. WHAT PERSONALLY IDENTIFIABLE INFORMATION IS COLLECTED

This Website's various registration forms require users to give us contact information (such as name, address, email address). Certain other information, such as demographic information and responses to market surveys may be collected by us during the registration process. In addition, when purchasing products or services through this Website, we will collect financial information, such as credit card information. Not all information is required to be provided (required items will be clearly noted), but if you should choose to withhold any requested information, you may not be eligible to participate in or receive full benefit from all products and services on the Website. In addition, when you purchase products or services, we may collect financial information from you (such as credit card numbers).

We also use your internet protocol ("IP") address to help diagnose problems with our server, and to administer our Website. Your IP address is also used to help identify you and your shopping card and to gather broad demographic information.

4. HOW INFORMATION IS USED AND WITH WHOM IT IS SHARED

We use your personally identifiable information to enhance this Website and to personalize your experience. We use customer contact information from various registration forms to send the user information about our products and services. The customer's contact information is also used to contact the visitor when necessary.

We also may run contests on our Website in which we ask visitors for contact information (like their email address), and demographic information (like their zip code, age, or income level). We use contact data from our contests to send users information about our company. The customer's contact information is also used to contact the visitor when necessary.

Financial information that is collected from our users may be used to check users' qualifications for registration and bill the user for products and services. We will not sell your financial information to third parties.

We also collect, use and share Aggregated Data such as statistical or demographic data for any purpose. Aggregated Data may be derived from your personal data but is not considered personal data in law as this data does not directly or indirectly reveal your identity. For example, we may aggregate your Usage Data to calculate the percentage of users accessing a specific website feature.

However, if we combine or connect Aggregated Data with your personal data so that it can directly or indirectly identify you, we treat the combined data as personal data which will be used in accordance with this privacy policy.

We do not ordinarily collect any Special Categories of Personal Data about you (this includes details about your race or ethnicity, religious or philosophical beliefs, sexual orientation, political opinions, trade union membership, information about your health and genetic and biometric data). Nor do we collect any information about criminal convictions and offences. The only exceptions to this are: (i) if you provide health data to us as part of a spa booking, we will use this to perform our contract with you, and we need your explicit consent to use your health data as part of that; or (ii) you have made the special category data obviously public.

Remember, if you choose not to share personal data with us, or refuse certain contact permissions, we might not be able to provide the products and services you’ve asked for.

You will have the possibility to choose, at any time to stop receiving marketing material from us.

You could see our adverts in lots of different places, but it doesn’t always mean they’re using your personal data, because we also buy advertising space in the real world, on websites and on social media. If you see one of our adverts on a website and in social media, it may not be directed specifically at you and may simply be there because we’ve bid for the space.

To understand what we think you want, need or would be interested in, we may use your Identity, Contact, Technical, Tracking, Usage and Profile Data to form a picture. This is how we tell you about the services and events, and any special offers or promotions, we think you might be interested in.

To share our news, offers and services, we may use direct marketing by email, phone, text and post. Your direct marketing preferences are made clear on our website, and you can ask us about these any time via our contact page.

You may choose to opt in to receive our newsletter on our website. We may also be able to send you relevant direct marketing about our services and events unless you choose to opt out when making a booking with us.

Here are some examples of our direct marketing activities which may be directed specifically at you:

  • our newsletter via email;

  • invitations and promotions by post, to tell you about special events ; and/or

  • phone calls, to tell you something that might be relevant to you or your business.

You can opt out of direct marketing at any time. The easiest way to do this is to click the unsubscribe link at the bottom of your email or contact unsubscribe. stephanie@sacrebleu-paris.com

If a third party outside Sacrebleu Paris wants to use your personal data for their own direct marketing, we will always get your express opt-in consent first.

If you use a third party service to make a reservation at Sacrebleu Paris such as your own travel agency, we may receive your marketing preferences from them. We may record these preferences, so when using these services please make sure you choose your marketing preferences correctly. As we have no control over the preferences which third party booking websites present to you, you should read their privacy policy.

We want to give you the best Sacrebleu Paris' experience online. Tracking Data, and in particular cookies, help us to do this by telling us which adverts will be most relevant to you and potential new guests on websites and social media. The cookies used for this purpose are often placed on our website by specialist organisations – and this is also why when you’ve been on the Sacrebleu Paris website, you might see content from our website again. This includes retargeting.

Cookies can also tell us if you’ve seen a specific advert, and how long it’s been since you have seen it. This is helpful, because it means we can control the effectiveness of our adverts and control the number of times people might be shown our adverts. Cookies also help us understand if you’ve opened a marketing email because we don’t want to send you things you won’t find interesting.

For more information about Tracking Data, in particular cookies, see Cookies below.

Almost all the cookies that relate to advertising are part of third party online advertising networks. If you’d like to read about how you can control which adverts you see online, see opt-out programs established by the Digital Advertising Alliance (United States) and the European Interactive Digital Advertising Alliance. We do not control cookies which are set by advertising networks.

5. COOKIES

Our website uses cookies to distinguish you from other users of our website. A cookie is a small file of letters and numbers that we store via your device. We explain below how we use cookies and how you can use controls on your device (e.g. your browser settings) to set your cookie preferences.

Cookies help us to provide you with a good experience when you use our website and also allows us to improve our website and services. We use the following categories of cookies:

Strictly necessary cookies. These are cookies which are needed to make the website work properly.

Functionality cookies. These are used to recognise you when you return to our website. This helps us to personalise our content for you and remember your preferences.

Analytical/performance cookies. These allow us to recognise and count the number of visitors and to see how visitors move around our website when they are using it. This helps us to improve the way our website works, for example, by ensuring that users are finding what they are looking for easily.

Targeting cookies. These cookies record your visit to our website, the pages you have visited and the links you have followed. This forms part of Tacking Data and we may also share this information with third parties for this purpose.

Please note that third parties (including, for example, advertising networks and providers of external services like web traffic analysis services) may also use cookies, and we have no control over this. These cookies are likely to be analytical/performance cookies or targeting cookies.

We can use strictly necessary and functional cookies without consent. We gain your consent for other cookies via the banner that you see the first time you visit our website. You can choose not to consent. You can also block cookies by activating the setting on your browser that allows you to refuse the setting of all or some cookies.

However, if you do not consent, or use your browser settings to block all cookies (including essential cookies), you may not be able to access all or parts of our site.

Please be aware that if you delete your cookies we will no longer know that you’ve opted out of online behavioural advertising, so our adverts can still appear to you on other websites.

6. SHARING YOUR DATA

We may share your personal data with the third parties set out below for the purposes set out in this privacy policy. We may also share your personal data if the law otherwise permits or requires it.

We may share personal data with the following categories of third parties:

suppliers and service providers, technology and media services providers, payment processing and fraud prevention providers;

auditors and professional advisers like bankers, lawyers, accountants and insurers; and

government, regulators and law enforcement.

We share personal data with the following specific third parties:

Mailchimp: to send our direct marketing campaigns to prospective and current customers

We also share data with third parties connected to retargeting and analytics.

If we choose to sell, transfer or merge parts of our business or assets with a third party, we may share your data with them. Alternatively, we may seek to acquire other businesses or merge with them. If a change happens to our business, then the new owners may use your personal data in the same way as set out in this privacy policy.

We require all third parties to respect the security of your personal data and to treat it in accordance with the law. We do not allow our third-party service providers to use your personal data for their own purposes and only permit them to process your personal data for specified purposes and in accordance with our instructions.

7. INTERNATIONAL DATA TRANSFERS

We share your personal data within Google, Squarespace, Paypal and Stripe, which involves transferring your data outside Europe

Many of our external third parties are based outside Europe, so your data will be transferred outside Europe when they process it.

Whenever we transfer your personal data outside Europe, we make sure it receives a similar degree of protection. To do this, we may implement one of the following safeguards:

We will only transfer your personal data to countries that have been deemed to provide an adequate level of protection for personal data by the European Commission.

Where we use certain service providers, we may use specific contracts approved by the European Commission which give personal data the same protection it has in Europe.

Where we use providers based in the US, we may transfer data to them if they are part of the Privacy Shield which requires them to provide similar protection to personal data shared between the Europe and the US.

8. DATA SECURITY

We want to keep your personal data safe, which is why we’ve put in place appropriate security measures to prevent it being accidentally lost, used or accessed in an unauthorised way, altered or shared. We also make sure that only people with a business need to know are able to access your data, including employees, agents, contractors and other third parties. They will only process your personal data on our instructions and they are subject to a duty of confidentiality.

We have put in place procedures to deal with any suspected personal data breach and will notify you and any applicable regulator of a breach where we are legally required to do so.

Unfortunately, sending information over the internet is not completely secure. Although we will do our best to protect your personal data, we cannot completely guarantee the security of your data transmitted to our site.

9. HOW LONG DO WE KEEP PERSONAL DATA

By law we have to keep basic information about our guests and customers (including Contact, Identity, Financial and Transaction Data) for six years after they cease being customers for tax purposes.

In some circumstances we may remove your identity from your personal data (so that it can no longer be associated with you) for statistical purposes, in which case we may use this information indefinitely without further notice to you.

10. YOUR LEGAL RIGHTS

Under certain circumstances, you have rights under data protection laws in relation to your personal data.

Request access to your personal data

This enables you to receive a copy of the personal data we hold about you and to check that we are lawfully processing it.

Request correction of your personal data

This enables you to have any incomplete or inaccurate data we hold about you corrected, though we may need to verify the accuracy of the new data you provide to us.

Request erasure of your personal data

This enables you to ask us to delete or remove personal data where there is no good reason for us continuing to process it. You also have the right to ask us to delete or remove your personal data where you have successfully exercised your right to object to processing , where we may have processed your information unlawfully or where we are required to erase your personal data to comply with local law. Note, however, that we may not always be able to comply with your request of erasure for specific legal reasons which will be notified to you, if applicable, at the time of your request.

Object to processing of your personal data

This enables you to object to processing of your personal data where we are relying on a legitimate interest (or those of a third party) and there is something about your particular situation which makes you want to object to processing on this ground as you feel it impacts on your fundamental rights and freedoms. You also have the right to object where we are processing your personal data for direct marketing purposes. In some cases, we may demonstrate that we have compelling legitimate grounds to process your information which override your rights and freedoms.

Request restriction of processing your personal data

This enables you to ask us to suspend the processing of your personal data in the following scenarios: (a) if you want us to establish the data’s accuracy; (b) where our use of the data is unlawful but you do not want us to erase it; (c) where you need us to hold the data even if we no longer require it as you need it to establish, exercise or defend legal claims; or (d) you have objected to our use of your data but we need to verify whether we have overriding legitimate grounds to use it.

Request transfer of your personal data

We will provide to you, or a third party you have chosen, your personal data in a structured, commonly used, machine-readable format. Note that this right only applies to automated information which you initially provided consent for us to use or where we used the information to perform a contract with you.

Right to withdraw consent

Withdraw consent at any time where we are relying on consent to process your personal data. However, this will not affect the lawfulness of any processing carried out before you withdraw your consent. If you withdraw your consent, we may not be able to provide certain products or services to you. We will advise you if this is the case at the time you withdraw your consent.

If you wish to exercise any of the rights set out above, please see How to contact Sacrebleu Paris about privacy below.

You will not have to pay a fee to access your personal data (or to exercise any of the other rights). However, we may charge a reasonable fee if your request is clearly unfounded, repetitive or excessive. Alternatively, we may refuse to comply with your request in these circumstances.

We may need to request specific information from you to help us confirm your identity and ensure your right to access your personal data (or to exercise any of your other rights). This is a security measure to ensure that personal data is not shared with anyone who doesn’t have the right to receive it. We may also contact you to ask you for more information in relation to your request to speed up our response.

We try to respond to all legitimate requests within one month. Occasionally it may take us longer than a month if your request is particularly complex or you’ve made a number of requests. In this case, we will let you know and keep you updated.

11. HOW TO CONTACT US

If you have any questions about this privacy policy, or would like to exercise any of your rights, please don’t hesitate to email us at stephanie@sacrebleu-paris.com or send a letter addressed to: SACREBLEU PARIS 35 BOULEVARD PAUL EMILE VICTOR 92200 NEUILLY SUR SEINE, FRANCE.

12. IF YOU CHOOSE NOT TO GIVE US YOUR PERSONAL DATA

When you make a booking with us for accommodation, hospitality, spa treatments or other services, we may need to collect some of your personal data by law, or under the terms of a contract we have with you. This means that if you decide not to give us your data, we might not be able to provide the service, and may have to cancel your booking. We will let you know if this is the case at the time, so you can decide what you’d like to do.

13. CHANGE OF PURPOSE

We will only use your personal data for the purposes for which we collected it, unless we reasonably consider that we need to use it for another reason and that reason is compatible with the original purpose.

If we need to use your personal data for an unrelated purpose, we will let you know and explain how the law allows us to do this.

Please note that we may process your personal data without your knowledge or consent, in compliance with the above rules, where this is required or permitted by law.