DATA PRIVACY AND RETENTION POLICY

 

The data collected during your registration or throughout your membership in the Program are processed by TELDAR TRAVEL, the data controller, whose registered office is located at 82 rue Henri Farman, 92130 Issy-les-Moulineaux, France.

The information that the User must compulsorily provide in order to benefit from Teldar Travel services is as follows:

  • Title
  • Last name
  • First name
  • Date of birth
  • Phone number
  • Mailing address
  • Email address
  • Employer's name

 

The personal data of Users collected are used by Teldar Travel. The data is used in a minimal and proportionate manner according to the needs of the following processing purposes:

 

Purpose of Processing Sub-purpose Legal Basis for Processing
Need for the execution of the terms and conditions of the Teldar contract

Account creation

Login and use of the website https://www.teldartravel.com/

Reservation management

Facilitating communication, managing complaint follow-ups

 Contract execution (in connection with the Teldar Terms and Conditions of Use and Privacy Policy)
Marketing Communication
  • Collection of personal information from users for the proper use and communication of the Teldar platform
  • Newsletter communication
 Consent

 

As part of the management of our booking platform and the application of loyalty benefits to our users, we collect certain personal data related to loyalty cards. This data is used to assign points, discounts, and other loyalty benefits during reservations made on our platform.

The data collected in relation to the loyalty cards of our partners may include:

  • Loyalty card information: Card number, type of loyalty program (discounts, accumulated points, exclusive benefits), specific conditions for using the card.
  • User personal information: Name, first name, contact details (email, phone), user account information on our platform, necessary for the assignment of loyalty benefits.
  • Reservation history: Details of past and current reservations made by the user, including information about hotels or services booked, and the total amount paid for each reservation.
  • History of applied benefits: Loyalty points used, discounts applied, and other benefits obtained through the use of loyalty cards within the scope of reservations.

 

Purpose of Processing Sub-purpose Legal Basis for Processing
Loyalty Program Management Assignment of loyalty points, discounts, and other benefits to users, based on the criteria and specific conditions of partner loyalty cards. Consent, Execution of a contract
Application of loyalty benefits Apply the benefits of loyalty cards during reservations made on our platform, such as discounts on room prices, accumulation of points, or other exclusive privileges reserved for cardholders. Consent, Execution of a contract
Tracking of benefits and transactions Record the history of loyalty benefits used by the user and points accumulated or redeemed in connection with their reservations, as well as track the transactions made on the platform. Consent, Execution of a contract

 

User data is shared with:

  • Authorized personnel of the entities within the Gekko group responsible for operating the Program, as well as their service providers.
  • Service providers during bookings (hotels, hotel groups, external providers).

Your personal data will be retained for the duration of your affiliation with Teldar or, in the case of account inactivity for more than 5 years, your data will be automatically anonymized.

We implement appropriate technical and organizational measures to protect your personal data against unauthorized access, disclosure, alteration, or accidental or unlawful destruction. These measures include, but are not limited to:

  • Encryption of sensitive data during transmission via our platforms and systems.
  • Strict access controls, limiting access to personal data only to authorized employees and service providers who need it to perform their tasks.
  • Regular security audits to detect and prevent potential vulnerabilities in our system.
  • Data backup to ensure availability in case of a major incident or loss.
  • Ongoing training for our teams on best practices in data security and privacy.

These measures aim to ensure a level of security appropriate to the risks, in compliance with GDPR requirements. However, while we take every effort to protect your data, no method of transmission or storage of data over the internet can be entirely secure. We commit to promptly notifying you in the event of a breach of your personal data security.

In accordance with applicable regulations, the User has various rights concerning the use of their personal data. These rights include:

Access Rectification Data Portability

The exercise of the right of access allows the User to control the accuracy of their data and, if necessary, to have it corrected or erased.

 The exercise of the right to rectification allows the User to update their data. The exercise of the right to data portability allows the User to transfer their data to a third party of their choice. This right is limited to the data actively provided by the user (e.g., account information, profile details, and booking history). Users may request a copy of their data in a structured, commonly used, and machine-readable format.
Erasure Objection Restriction

The exercise of the right to erasure allows the User to obtain the deletion of their data.

The exercise of the right to object allows the User to oppose the use of their data for a specific purpose.

 The exercise of the right to restriction allows the User to request an organization to temporarily freeze the use of certain of their data.

 

By writing to RGPD@gekko-holding.com, any customer has the right to request access to their personal data, its rectification, erasure, restriction or objection to processing, and data portability.

The User may also have additional rights under the national legislation to which they are subject, such as the definition of directives concerning the retention, deletion, and communication of personal data after their death.

In the absence of directives given by the User during their lifetime, a close relative may request the deletion of the personal data related to the Teldar authentication service by submitting a document proving their legitimacy along with a document confirming the User's death (such as a death certificate).

The User also has the right to contact the relevant supervisory authority to report any breach regarding the use of their personal data. For this, they can contact the CNIL (National Commission on Informatics and Liberty), 3 Place de Fontenoy, 75007 Paris, France, if they believe their rights have not been respected.

We reserve the right to update this privacy policy at any time to reflect changes in our practices regarding the collection and use of personal data or in case of legal or regulatory modifications. In the event of a substantial change, we will inform you via a visible notice on our site or by any other appropriate means of communication. We encourage you to regularly review this policy to stay informed about the latest updates.