top of page
Opli (1).png

Privacy Policy

1. Data Controller

 

The data controller is:

 

SOCIÉTÉ D’EXPLOITATION DE L’HÔTEL DE FRANCE, S.A.M.

6, rue de la Turbie – 98000 Monaco

N.I.S : 5510Z02651 – RCI : 68 S 01210 – VAT : 78000015445

 

(“the Hotel”, “we”, “us”).

 

This Privacy Policy explains how we collect, use, store and protect your personal data when:

  • you browse our website,

  • you make a booking (directly or through an OTA),

  • you stay at Hôtel de France,

  • you interact with us (email, phone, forms, etc.).

 

We comply with:

  • EU Regulation 2016/679 (GDPR),

  • Monaco Law n° 1.565 of 3 December 2024 on personal data protection,

  • and the rules of the Monaco Data Protection Authority (APDP).

2. Personal Data We Collect

 

We only collect data strictly necessary for booking management, your stay, and the customer relationship.

 

We may collect data from:

  • you directly (forms, emails, check-in),

  • our partners (OTAs, payment providers),

  • your browsing activity (cookies, logs).

 

Categories of data we may collect:

  1. Identity & civil status

Title, surname, first name, date of birth, nationality, ID/passport details

  1. Contact details

Postal address, email, phone numbers

  1. Booking & stay information

Dates, room type, number of guests, preferences, services consumed

  1. Payment data

Card details (processed through secure PCI-DSS compliant systems: Apaleo Pay)

Pre-authorisations, invoices, transaction history

(We never store full card numbers internally.)

  1. Technical & browsing data

IP address, logs, cookies, approximate geolocation (via browser language/region)

  1. Communications

Emails, requests, complaints, and interactions with the hotel

 

We do not collect sensitive data unless voluntarily disclosed to adapt the stay (e.g., allergy information).

3. Why We Use Your Data (Purposes & Legal Bases)

 

We process your data for the following purposes:

  1. Booking & stay management

Creating and managing reservations, check-in/out, billing

Legal basis: contract performance

  1. Payment & fraud prevention

Card verification, pre-authorisations, lawful payment processing

Legal basis: contract performance / legitimate interest / legal obligation

  1. Legal obligations

Police registration form, compliance with hospitality requirements

Legal basis: legal obligation

  1. Customer service & service improvement

Internal statistics, operational improvements

Legal basis: legitimate interest

  1. Marketing (with consent)

Sending offers or updates related to the Hotel

Legal basis: consent or legitimate interest (services analogous to stay)

 

You may withdraw consent or object at any time (see section 8).

4. Who Receives Your Data

 

Your data may be shared with:

  • Authorized Hôtel de France staff

  • Apaleo PMS (booking & stay management)

  • Apaleo Pay / payment acquirer (secure transactions)

  • Website host & technical providers

  • Online travel agencies (OTAs)

  • Administrative or judicial authorities when legally required

 

We do not sell personal data.

All partners are contractually bound to confidentiality and data protection obligations.

5. International Transfers

 

Our systems and main providers operate within Monaco and/or the European Economic Area (EEA).

 

Some technical providers may operate outside the EEA.

In such cases, we ensure:

  • an adequacy decision, or

  • appropriate safeguards such as Standard Contractual Clauses.

6. Data Retention

 

We keep personal data only as long as necessary.

 

Indicative durations:

  • Booking & stay data

→ contract duration + up to 3 years (customer relationship management)

  • Invoices & accounting data

→ 10 years (legal requirement)

  • Marketing data

→ up to 3 years after last contact or until consent withdrawal

  • Cookies & browsing data

→ maximum 13 months for non-essential cookies

  • Litigation-related data

→ kept for the duration necessary to protect the Hotel’s rights

7. Security Measures

 

We use appropriate technical and organizational measures:

  • Restricted-access systems

  • Secure servers

  • Encrypted payments via Apaleo Pay (PCI-DSS)

  • Controlled access to personal data

  • Regular monitoring and incident response procedures

 

In case of a high-risk data breach, we will notify the APDP and affected individuals.

8. Your Rights

 

You may exercise the following rights:

  • Right of access

  • Right to rectification

  • Right to erasure (within legal limits)

  • Right to restriction

  • Right to object (especially to marketing)

  • Right to data portability

  • Right to define instructions for data after death

 

To exercise your rights:

📩 reservations@hoteldefrance.mc

 

If unresolved, you may contact the APDP – Monaco or the relevant authority in your country.

9. Video Surveillance

 

For security purposes, common areas may be monitored by CCTV.

Images are kept for a limited and legally compliant duration unless a longer retention is requested by authorities.

Access is restricted to authorised personnel.

 

For questions or rights regarding CCTV, contact us at the email provided above.

10. Cookies

 

Our website uses:

  • Essential cookies (required for site operation)

  • Analytics cookies (with consent)

  • Marketing cookies where applicable (with consent)

 

You may manage your choices through our cookie banner.

Non-essential cookies expire after a maximum of 13 months.

11. Marketing Communications

 

With your consent or within the legal framework for similar services, we may send:

  • Newsletters

  • Offers related to Hôtel de France

  • Updates and service information

 

You may unsubscribe at any time.

12. Policy Updates

 

This Privacy Policy may be updated to reflect regulatory or operational changes.

The version displayed on our website is the one currently in force.

13. Contact

 

For any question:

 

Hôtel de France

6, rue de la Turbie

98000 Monaco

📩 Email: reservations@hoteldefrance.mc

bottom of page