I. Personal data
a. What personal data do we collect?
Within the framework of its activity as a ski area manager, ALTISERVICE undertakes to ensure the protection, confidentiality and security of the personal data of the users of its services and to respect their privacy, in accordance with the law currently in force.
You may be required to provide us with personal information when using our site, particularly for information requests. Under no circumstances will personal information about you be collected by ALTISERVICE without your prior consent. The information requested in the forms may be mandatory in order to process your request or to receive an offer of services from ALTISERVICE or its partners: in this case, it is indicated by an asterisk. The collection of this information is essential for the processing of your request.
We may collect, process and use some or all of the following categories of data:
- Identification data: Surname, first name, customer number...
- Personal data: age / date of birth, photo...
- Contact data (postal or electronic address, telephone...)
- Usage data (web pages visited, routes taken)
- Connection data (IP address, connection logs)
- Financial data (method and history of payment)
- Commercial data (list of products and services from which you benefit, receipts)
The processing of personal data collected on this site is carried out by the company ALTISERVICE, registered under SIREN number 380 373 480 and whose head office is located at 16 rue de Sébastopol, 31000 TOULOUSE.
b. What are the grounds and purposes of the processing carried out on your data?
Personal information is collected by ALTISERVICE in compliance with the regulations in force, and more specifically with the GDPR and the amended Data Protection Act of 6 January 1978, in complete confidentiality. They allow ALTISERVICE staff or its partners to process your request, to offer you personalised services and to inform you about our products and services.
c. Who has access to my data?
Personal data are collected and processed by ALTISERVICE's operational data processors (data processors) in compliance with the GDPR. The departments and employees in charge of processing (ticketing, sales, communication, accounting, control, IT, line managers) are duly authorised to handle your data and only within the framework of their functions. Customer data is only used for the strict purpose of implementing the processes. They are regularly trained in good practices related to the handling of your data and are aware of the confidentiality commitments.
We may, in certain cases, communicate your personal data to third parties (subcontractors, group companies and customer partners), subject to compliance with the applicable regulations in this area.
Personal data are not transferred to a country outside the European Union.
d. Is my personal data kept secure?
We aim to store your personal data in the safest and most secure manner in compliance with the GDPR and only for as long as is necessary for the purpose of the processing.
To this end, we take appropriate technical measures to prevent as far as possible any alteration, loss or unauthorised access to your data.
e. How long will my data be kept?
ALTISERVICE undertakes to keep your personal data for a period not exceeding that necessary for the purposes for which they are collected and processed, i.e. a maximum of 36 months.
f. What are my rights?
In accordance with the regulations in force, you have a right of access to the information that concerns you. To find out more, consult your rights on the CNIL website.
The General Data Protection Regulation provides that any person whose personal data is handled has the following rights:
- Right of access
- Right to rectification
- Right to restriction
- Right to erasure or right to be forgotten
- Right to object
- Right to portability
In accordance with the applicable regulations, you may request access to and rectification of your data and exercise all your rights by sending us a request by email accompanied by proof of identity to: dpo@altiservice.com
ALTISERVICE undertakes to reply to your request for access, rectification or opposition or any other additional request for information within a reasonable period of time which may not exceed 2 months from receipt of your request.
If your exchanges with ALTISERVICE have not been satisfactory, you have the option to file a complaint.
If your exchanges with ALTISERVICE have not been satisfactory, you have the option of filing a complaint with the Commission Nationale de l'Informatique et des Libertés (CNIL), the supervisory authority responsible for compliance with obligations in terms of personal data in France
On the CNIL website:
- in certain specific cases, through the online complaint teleservice;
- in other cases not covered by the teleservice, through the "Need help" service.
ALTISERVICE has appointed a data protection officer with the CNIL, who can be contacted by email: dpo@altiservice.com .
II. Cookie management
When you click on the "Accept" button in the cookie banner, you consent to the installation of the cookies described below.
a. What is a cookie (or tracker)?
Cookies are small data files that are downloaded to your device by the website you visit. When you return to the site in question, your device will be recognised thanks to the cookies.
Cookies have many uses: they can be used to memorise your customer ID with a merchant site, the current contents of your shopping basket, the language in which the web page is displayed, an identifier that enables your browsing to be tracked for statistical or advertising purposes, etc.
This information may include your IP address, the device you are using and the clicks you make, such as which web pages you visit and how you navigate the website. We use session cookies that are deleted when you close your browser, as well as persistent cookies that remain on your device for a predefined period of time. Some cookies are placed by us, while others are placed by third parties. Third party cookies may also collect data outside our website.
b. What are the applicable regulations?
(Source: CNIL).
Under the ePrivacy Directive, Internet users must be informed and give their consent prior to the deposit and reading of certain cookies, while others are exempt from consent.
The terms "cookie" or "tracker" encompass, for example
- HTTP cookies,
- "flash" cookies,
- the result of the calculation of a unique fingerprint of the terminal in the case of "fingerprinting",
- invisible pixels or "web bugs",
- any other identifier generated by a software or an operating system (serial number, MAC address, unique terminal identifier (UTI), or any set of
data that is used to calculate a unique fingerprint of the terminal (for example via a "fingerprinting" method).
As far as we are concerned, they can be deposited and/or read when consulting the site or the mobile application.
Article 5(3) of Directive 2002/58/EC as amended in 2009 sets out the principle:
- prior consent of the user before storing information on his terminal or accessing information already stored on it;
- unless these actions are strictly necessary for the provision of an online communication service expressly requested by the user or have the sole purpose of enabling or facilitating a communication by electronic means.
Article 82 of the Data Protection Act transposes these provisions into French law.
The CNIL recalls that the consent provided for by these provisions refers to the definition and conditions provided for in Articles 4(11) and 7 of the GDPR. It must therefore be free, specific, informed and unambiguous, and the user must be able to withdraw it at any time with the same ease with which he or she gave it.
All cookies that do not have the exclusive purpose of enabling or facilitating electronic communication or that are not strictly necessary for the provision of an online communication service at the express request of the user require the prior consent of the Internet user.
Among the cookies requiring prior information and prior consent of the user, we can mention in particular:
- cookies linked to operations relating to personalised advertising;
- cookies from social networks, particularly those generated by their sharing buttons.
With regard to trackers not subject to consent, the following can be mentioned
- trackers storing the choice expressed by users on the deposit of tracers;
- trackers intended for authentication to a service, including those intended to ensure the security of the authentication mechanism, for example by limiting robotic or unexpected access attempts;
- trackers intended to keep track of the contents of a shopping basket on a merchant site or to invoice the user for the product(s) and/or service(s) purchased;
- trackers for personalising the user interface (for example, for the choice of language or the presentation of a service), when such personalisation constitutes an intrinsic and expected element of the service;
- trackers allowing the balancing of the load of the equipment contributing to a communication service;
- certain trackers for measuring the audience, provided that they comply with certain conditions
For more information, please consult the CNIL website.
c. What kind of cookies/trackers does Altiservice use?
By using this site, you consent to the installation of functional and analytical cookies on your browser. Marketing cookies are optional. You can change your cookie preferences or withdraw your consent at any time by selecting the "Cookie Management" option on any page of the site. The data collected and the related processing are described above.
d. How do I delete cookies or adjust cookie settings?
You can change your cookie settings or withdraw your consent at any time by selecting the "Cookie Management" link on any page of the website. As a reminder, cookies that you have previously accepted may remain stored in your browser.
If you wish to delete these cookies, you must delete them in your browser settings.
You can also adjust your browser settings to prevent websites from setting cookies or block third-party cookies. In this case, some features of our website may not be available or may not function properly.