B&B Hotels is fully committed to ensuring that the processing of personal data complies with the requirements of the GDPR.
Respecting your privacy and your personal data is a priority for us, which is why we are committed to treating them in strict compliance with the Regulations and applicable national laws.
Client: means any person who reserves a room and stays in a B&B hotel in France
B&B Hotels group: means the holding company Casper BidCo, its subsidiaries
Platform:means the central online reservation system operated by Casper BidCo on the Site and the Applications
Data controller:means the company B&B Hotels SAS and the company B&B DREAMLAND HOTEL in its capacity as the main data controller
Site:refers to the website accessible at the URL address https://www.hotel-bb.com/
B&B Hotels SAS and B&B DREAMLAND HOTEL belonging to the B&B Hotels Group, whose legal notices can be accessed by clicking here are jointly responsible for the processing carried out during your reservation and your stay in our B&B hotels in France.
B&B Hotels SAS operates a telephone reservation centre common to the hotels (hereafter the “Booking Centre”) operated under the B&B Hotels brand in France.
As part of the processing of reservations made through the reservation centre and directly with hotels, B&B Hotels SAS is responsible for processing your personal data.
The majority of B&B hotels in France are operated under a franchise or management contract agreed between B&B Hotels SAS and the franchise company or the hotel management company.
When you stay in one of these hotels, your personal data is processed both by B&B Hotels SAS, and the companies that operate the hotels under the B&B Hotels brand in France.
The companies in the list accessible by clicking here jointly manage the B&B Hotels Club loyalty programme. The joint managers of the B&B Hotels Club loyalty programme are the companies in the list accessible by clicking here.
Information relating to independent processing carried out as a follow-up to reservations made through the Platform, with the Booking Centre and directly with hotels is provided below.
By contacting the reservation centre or the Hotel, you are required to send us data and information, some of which may identify you and therefore constitute personal data (hereafter the Data).
This is particularly the case when you make a room reservation, when you stay in our hotels or when you sign up for our loyalty programme.
In all cases, you are informed of the purposes for which your data is collected by us via various data collection forms and the emails that may be sent to you.
When necessary, we undertake, depending on the circumstances, to obtain your consent and/or to allow you to object to the use of your data for certain purposes, such as, for example, sending you commercial offers.
When collecting the Data, you will be informed whether certain Data is mandatory or if it is optional and the possible consequences of a failure to respond are indicated during data collection(s) on the associated forms.
Data subject to processing is as follows:
Data relating to your identity: title, surname, first name(s), address, telephone number, email addresses, date of birth, age, customer or partner code, postal address, country, gender, nationality, language spoken, loyalty number, invoice details (reason, amount)
Data relating to your occupation: business, location, role
Data relating to your reservation:arrival and departure dates, data on other occupants of reserved rooms such as names and ages, preferences (pets, preferred floor, etc.)
Data relating to transactions: number and expiry date of the bank card in the context of guaranteed reservations data relating to means of payment, details of the purchase, subscription, goods or services subscribed, data relating to the payment of invoices such as the terms of payment, discounts granted, receipts, balances and outstanding balances
Data relating to the history of reservations in B&B hotels
The processing carried out by B&B Hotels responds to an explicit, legitimate and determined purpose, which is based on the performance of a contract, compliance with a legal or regulatory obligation, your consent or other legitimate interest.
When the legal basis used for the processing operations is based on the pursuit of a legitimate interest, you have the right, on request, to obtain information relating to the balancing of interests.
Your various data is collected and processed for the following main purposes:
|Our business relationship|
Your Data is kept for periods not exceeding those necessary for the purposes for which they are processed and within the limitation periods applicable in law. The retention periods are, in particular, determined in accordance with the legal and/or regulatory provisions in force, as well as on the basis of the recommendations and suggestions of the CNIL.
The use of Customer Data is exclusively reserved for the services in charge of the processing implemented by B&B Hotels.
B&B Hotels may use ‘subcontractors’, within the meaning of the regulations in force, who will act on their behalf and on its sole instructions, for example IT service providers for the hosting of databases, maintenance of the company's information system or the supply of software.
Finally we draw your attention to the fact that we may be required to transmit certain information about you at the request of an administrative or judicial authority on the basis of the powers conferred on it by law and within this limit only, and in particular within the framework of the investigation, the establishment and the prosecution of criminal offences.
The summary is set out below:
|Data categories||Retention periods|
|The personal data required to manage your reservation||Throughout the duration of the accommodation contract or the partnership contract plus 5 years|
|Credit card data and expiry dates|
|The data necessary for the management and collection of outstanding balances|
|Data categories||Retention periods|
|The personal data necessary for the management of your stay (your requests in connection with your stay and the associated services as well as any disputes)||Throughout the duration of the accommodation contract or the partnership contract plus 5 years|
|Police records for any person of foreign nationality who stays in one of our Hotels||For 6 months from the establishment of the individual police record|
|Accounting documents and supporting information such as invoices and supporting documents||For 10 years from the end of the financial year during which these documents were drawn up|
|Traffic data relating to the use of WIFI in order to be able to make them available to the competent authority in the context of the investigation, observation and prosecution of infractions||For a period of one year from their registration|
|Images of anyone entering the premises using video surveillance systems|
|Data categories||Retention periods|
|Your personal data relating to your stay||Throughout the limitation period applicable to the action or throughout the proceedings until the end of all avenues for appeal|
|Documents and/or items relating to the facts in connection with the dispute or your complaints||Throughout the limitation period applicable to the action or throughout the proceedings until the end of all avenues for appeal|
|The data necessary to send you personalised commercial communications informing you of special offers and any new stay available in our hotels||For 3 years from the last contact with the data subject, or until the exercise of the right to object or withdraw consent|
|The data necessary for the management of the relationship with customers (satisfaction questionnaires, opinions and comments, games)||For 3 years from the last contact with the data subject, or until the exercise of the right to object or withdraw consent|
|Data necessary for the management of our loyalty programme and, if applicable, for the administration of the linked customer account||During the subscription period to the loyalty programme and then for a period of 5 years from the end of the contract|
|Recordings of conversations made via the help line kept for the purpose of improving the quality of this service||For a period of 1 month from their registration|
|The description of requests to exercise rights under the protection of personal data as well as the follow-up to these||For 3 years from the exercise by the data subject of one of their rights|
In accordance with the Data Protection Act and the GDPR, you have the following rights (find out more):
You can exercise your rights:
Finally, you can also lodge a complaint with the supervisory authorities and in particular the CNIL or any other competent authority.
B&B Hotels respects the GDPR and the Data Protection Act in terms of security and confidentiality of your data.
We implement all the technical and organisational measures necessary to ensure the security of our processing of personal data and the confidentiality of the data we collect.
As such, we take all the necessary precautions with regard to the nature of the data and the risks presented by its processing to preserve its security and, in particular, to prevent the data from being distorted, damaged, or accessed by unauthorised third parties. These include physical protection of premises, authentication procedures for persons accessing data with personal and secure access via confidential usernames and passwords, secure https protocol, logging and traceability of connections, encryption of certain data and PCI-DSS (Payment Card Industry Data Security Standards).
In principle, your Data is processed and stored within the European Union. However, we may need to transmit some of your personal data to recipients located outside the European Union, whether or not belonging to the B&B Hotels group. When they occur, these transfers of personal data to countries outside the European Union are supervised in order to ensure an appropriate level of protection, either by a decision of the European Commission (adequacy decision), or through legal instruments such as data transfer contracts.
In particular, B&B Hotels uses a service provider located outside the European Union with whom standard contractual clauses have been signed, a copy of which is available by contacting us at the above address.