Privacy Policy

1. Introduction

VeryChic SAS (hereinafter referred to as “VeryChic”) is an online travel agency that operates by means of a website, available at the following address: www.verychic.co.uk and its applications (hereinafter referred to as the “VeryChic Site” or the “Site”). By using the VeryChic Site and its services, you agree to accept the current terms of this Privacy Policy. We invite you to carefully read this Privacy Policy which sets out the use of data that is collected on our site and our Terms and Conditions, if you are, or are thinking about becoming, a VeryChic customer.

VeryChic acts as a Data Controller for the processing of data in accordance with Article 4.7 of Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of individuals with regard to the processing of personal data and the free movement of such data, and repealing Directive 95/46/EC (hereinafter referred to as "General Data Protection Regulation" or "GDPR"). VeryChic determines, alone or jointly with others, the purposes and means by which it processes personal data collected.

The contact details of VeryChic are as follows:

VERYCHIC SAS

23 rue d'Anjou

75008 PARIS

SIREN Nº 534 393 368 – TRAVEL OPERATOR Nº IM075130027

The e-mail address of our data protection officer is: dpo@verychic.com

Users and Customers of the Site may exercise their rights relating to the protection of their personal data by post or by email, in both cases it should be addressed to the data protection officer.

2. Definitions

"Customer” or “Client": any natural or legal person using the Site to reserve or purchase an Offer, and any ultimate beneficiary of an Offer reserved via the Site.

“Data Controller”: a natural or legal person, public authority, service or other body which, alone or jointly with others, determines the purposes and means of data treatment.

“Data Processor”: a natural or legal person, public authority, service or other body that processes personal data on behalf of the Data Controller.

"Data Recipient": the natural or legal person, public authority, service or any other body which receives personal data, whether from a third party or not.

“Member”: a natural person who registers on the Site, www.VeryChic.co.uk, by providing an e-mail and a password, in order to access VERYCHIC's private Offers.

“Personal Data”: all information relating to an identified natural person or identifiable natural person (a natural person who can be identified, directly or indirectly, notably by reference to an identifier, such as: a name, an identification number, location data, an online identifier, or to one or more specific physical, physiological, genetic, psychic, economic, cultural or social identifying elements).

“Profiling”: any form of automated processing of personal data consisting of the use of such personal data to evaluate certain personal aspects relating to a natural person, in particular, to analyse or predict personal aspects relating to job performance, economic situation, health, personal preferences, interests, reliability, behaviour, location or movements.

“Processing”: any operation or set of operations carried out, whether aided by automated processing or not, and applied to personal data or sets of personal data, such as collection, registration, organisation, structuring, preservation, adaptation or modification, extraction, consultation, use, communication by transmission, dissemination or any other form of provision, reconciliation or interconnection, limitation, deletion or destruction.

“VeryChic Site” or the “Site”: refers collectively to the website www.verychic.co.uk, the mobile website m2.verychic.co.uk, club-verychic.com, applications, and all other media operated by VeryChic (or any URL that could be substituted for or constitute an alias), as well as the Customer Service provided.

“User”: a natural person who navigates any of the VERYCHIC Sites to consult Offers but who does not buy any Services and is not a Member.

3. Changing of the Privacy Policy

VeryChic reserves the right to change and edit the content of the Privacy Policy at any time. VeryChic will communicate any changes to its Privacy Policy via the Site, immediately after they have been changed.

4. Categories of personal data processed by VeryChic

As soon as a User or a Customer consults the VeryChic Site, their personal data is susceptible to being processed. VeryChic processes your personal data in accordance with Article 4.1 of the GDPR. The following types of data are collected by VeryChic:

- For Members: information provided at the time of your registration to be become a Member of the Site in order to access our offers, including your name, postal code, e-mail address and IP address;

- For Customers: information provided at the time of booking, by filling in the booking form;

- For Members and Customers: information provided when changing your account information on the Site;

- For Users: while browsing the Site, the IP address from which Users access the Site;

- For Members and Customers: when browsing the site, information such as searches, pages visited, opening emails, clicks in emails, quote requests, favourite products and the support used to access the Site.

5. Purposes for which personal data is processed

The collection and processing of the personal data of Users, Customers and Members is limited to what is necessary to fulfil the following purposes:

• For commercial prospecting purposes: whereby VeryChic sends personalised newsletters and advertisements to Members and Customers. An unsubscribe link is present on all communications sent, to give you the freedom to stop solicitations at any time.

It is in the legitimate interest of VeryChic to carry out this type of commercial prospection in order to develop its business and increase and diversify its clientele.

• For the purpose of processing a booking of touristic services by our Customers, by:

1) Verifying the Customer's identity,

2) Confirming the Customer's reservation with the Customer,

3) Confirmation the Customer's reservation with our service providers.

The legal basis of this type of processing is the execution of a contract between the Customer and VeryChic.

• For statistical purposes: Customer booking data is used by VeryChic to establish statistical analyses to better guide business activity.

The basis of this type of data processing is in VeryChic's legitimate interest for the carrying out of its marketing activity, improve its offers and services, and better understand the preferences of its Customers.

• For the purposes of personalisation and optimisation of navigation for Users, Members and Clients on the Site. VeryChic sends personalised emails and advertising messages regarding proposed tourist services to Members and Customers. To do this, VeryChic analyses the data obtained in relation to navigation on the Site.

These operations are in conformance with Article 22 of the GDPR, which specifies the requirements for profiling.

6. Data retention

• For Members and Customers: in accordance with the principle of limitation of data retention, VeryChic keeps your personal data until the deletion of your Member’s account, without prejudice to the obligations of conservation or limitation periods.

• Data used for statistical purposes may be retained for longer periods, provided that VeryChic implements appropriate technical and organisational measures to ensure the rights and freedoms of Customers and Users.

7. Data Recipients

- Who are data recipients?

VeryChic only communicates your personal data to specific authorised Data Recipients.

The communication of personal data is strictly regulated and limited to the following:

• As part of our legal obligations.

• In the context of relations with our service suppliers for the execution of tourist services offered on the Site, noteably, hotels, restaurants, tour operators, destination travel agencies and leisure or recreational service providers. transport and insurance companies. In this case, certain data may be transferred to states outside the European Union, under the conditions defined in Article 8 of this Privacy Policy.

•       In the context of relations with our service providers:
- IT partners for the Site and applications,
- Partners for the sending of e-mails,
- Partners for database management,
- Partner for the execution of payment by credit card and gift card,
- Partners for accounting and legal treatments,
- Partners for the security and the good technical functioning of computer applications.

- Obligation of Data Processors:

Whenever a service provider or supplier processes personal data on behalf of VeryChic, he acts as a Data Processor as defined by the General Data Protection Regulation.

VeryChic and each of its eventual Data Processors have set up an active policy:

- To respect their obligations at all times;

- To take the necessary measures to protect both the security and confidentiality of personal data, including in case of international transfer of such data.

8. Transfer of personal data outside the European Union

As part of the execution of a Booking contract between the Customer and VeryChic, some personal data may be transferred to third countries outside the European Union. This is the case when the data required to process a reservation is transmitted by VeryChic to service suppliers who are not based within the territory of the European Union.

In this case:

- VeryChic will transmit to the suppliers in question only the data necessary and sufficient for the performance of the service, and therefore, the completion of the booking;

- VeryChic will take all necessary measures to guarantee the protection of the personal data of its Customers and Users in connection with the transfer;

- The transfer of data to third countries outside the European Union complies with the provisions of Articles 44 to 50 of the General Data Protection Regulations. This is the case when VeryChic collaborates with service providers established on the territory of third countries to the European Union, in order to manage the reservation of Customers.

Some VeryChic Partners may process personal data from VeryChic for their own purposes. VeryChic is not responsible for the activity of its Partners, who are subject to the same obligations to comply with the General Data Protection Regulation. However, as indicated above, VeryChic ensures contractually that its partners undertake to respect the provisions of the General Data Protection Regulation.

9. Personalised solicitation and informational mail

As part of the processing of the personal data of its Members and Customers and for the purposes of commercial prospecting, VeryChic may send Members emails containing new Offers as well as personalised advertisements.

- If you no longer wish to receive emails from VeryChic, you may contact our Customer Service at contact@verychic.com

- If you are a Member of VeryChic and wish to unsubscribe, you must click on the link at the bottom of the emails you receive.

10. Rights of Users, Members and Customers

In accordance with Articles 15 to 21 of the General Data Protection Regulations, Users, Members and Customers are entitled to the rights listed below at any time:

- The right to access your personal data. It is possible to either request access from VeryChic, as described in section 1 of this Privacy Policy, or for Members and Customers to exercise this right directly by logging into the VeryChic Site.

- The right to rectify your personal data. Customers and Members have the possibility to modify any data concerning them directly by logging into the VeryChic Site. In order for personal data to be updated and for better management of accounts, it is recommended to communicate to VeryChic any modification of personal data.

- The right to delete your personal data. As of the time that personal date is no longer necessary for the purposes for which VeryChic has processed them, Users, Members and Clients may request the deletion of the personal data by following the procedures described in article 1 of this Privacy Policy.

- The right to limit the processing of your personal data. In the event that this right is exercised by the Users, Members and Customers, VeryChic will suspend either temporarily or permanently the processing of their personal data, or will limit the processing of their personal data, in accordance with the terms and conditions authorised by the Users, Members or Clients.

- The right to oppose processing of your personal data in the event that the processing is based on the legitimate interests of VeryChic. Users, Members and Client may exercise their right to oppose their data being processed in relation to VeryChic's commercial prospecting activity or for statistical purposes.

- The right to portability of your data.

- The right to withdraw consent. Users, Members and Customers have the right to withdraw their consent to VeryChic's processing of their personal data in whole or in part at any time.

- The right to submit a complaint to the competent supervisory authority.
(In France, this authority is the Commission Nationale de l’Informatique et Libertés (CNIL), whose postal address is: 3 Place Fontenoy - TSA 80715 - 75334 PARIS CEDEX 07.

11. How to exercise rights or request the deletion of a member account

In order to exercise the aforementioned rights, A User, Customer or Member can contact VeryChic at any time under the conditions defined in Article 1. If a Member wishes to delete their account, they must send a request by e-mail. A copy of a valid ID must be included.

12. Security for Data Processing

In its role as Data Controller, VeryChic puts in place the appropriate technical and organisational measures to ensure the safety of personal data. The personal data shared or entered on the Site, including banking details provided during a purchase, are secured by systems set up by VeryChic to prevent misuse or unauthorized access.

13. Hyperlinks to third party websites

When being redirected to third party sites via hyperlinks present on the VeryChic Site, VeryChic is in no way responsible for the practices performed and dictated by the Privacy Policies of said websites. We urge you to review the privacy policies of all the sites you visit and contact the specialist advisers from those same companies if you have concerns. By the same token, if you are redirected to our Site via a link contained on a page from third party sites, we are again not responsible for the practices employed by the privacy policy of those sites.

14. Contacting us for more information or to exercise rights

For more information about our Privacy Policy, Security or the sharing your personal data, you can contact us by telephone on 0826 10 82 82 (Call cost: 0.15 € / min), by email at contact@verychic.com or by post at 23 rue d'Anjou - 75008 Paris

The contact email for our data protection officer is dpo@verychic.com

15. Notification and communication in case of violation of personal data

In the case of a violation of the personal data of Clients and Members which is likely to infringe on their rights and freedoms, VeryChic agrees to notify the relevant supervisory authority within at least 72 hours after having discovered the violation.

In addition, VeryChic undertakes to notify its Clients and Members of the violation as soon as possible.

16. Cookies

What is a cookie?

• A cookie is a file that a website stores on a computer, tablet or other device, in order to collect data related to navigation on the site. Cookies do not cause any damage to your computer.

• Cookies, containing certain information may be stored on your computer when you browse the VeryChic website.

Why are cookies used?

• Cookies are mainly used to remember your choices and preferences when navigating the VeryChic Site in order to optimize your browsing experience and provide a higher quality, personalised service.

• VeryChic will under no circumstances store sensitive personal information in cookies, such as your address, your password, or your bank details.

What types of cookies are used by VeryChic?

• Technical cookies which are essential to ensure the proper functioning of our service.

• Functional cookies which allow the site to remember your preferences. While not essential, they allow VeryChic to improve and adapt its content according to your expectations.

• Analytical cookies which are useful to observe how you use and navigate the Site, the data collected is completely anonymous and does not reveal your identity.

• Advertising cookies are used to display VeryChic or third parties’ advertisements.

How to manage your choices regarding cookies?

• If you do not wish to use cookies, simply disable the use of cookies in your browser and delete cookies saved on your browser which are associated with the VeryChic Site.

• You can also restrict, block or delete cookies from the VeryChic Site by modifying the configuration of your browser.

• You can perform these operations at any time.