Privacy Policy

Updated on 01/06/2026

1. Data Controller

Data is collected by Rodolphe Héraud (hereinafter 'The Controller'), acting on behalf of the 'Villa Harmonie Nîmes' rental.

Website : https://villa-harmonie-nimes.com/

DPO Contact : moc.liamg@semin.alliv.tcatnoc

2. Collected Data

A. Data provided directly by the user

Identity : Last name, first name, postal address, phone number, email address.

Official documents (KYC) : Copy of ID (National Identity Card or Passport) of the main tenant and adult occupants.

Justification: This collection is a legal requirement for the 'Individual Police Form' (Article R. 611-42 of the Code on the Entry and Residence of Foreigners and the Right of Asylum).

B. Payment data (Via Stripe)

We do not collect, store, or process any raw banking data (card numbers, CVC) on our own servers. Transactions are entirely delegated to Stripe, a PCI-DSS certified provider.

C. Technical and browsing data

IP address, browser type, language, visited pages (via Google Analytics cookies).

3. Purposes of Processing

  • Performance of the contract : Reservation management, sending access codes, billing, and customer relations.
  • Legitimate interest : Security of property and persons, management of the security deposit, fraud prevention.
  • Legal obligations : Accounting, tourist tax declaration, police form for authorities.
  • Consent : Audience analysis and website improvement via Google Analytics.

4. Data Recipients

Your data is confidential and is never sold to third parties. It is shared only with:

  • Stripe : For secure payment processing and security deposit holds.
  • Google : For visit statistics (anonymized technical data).
  • The operational team : Cleaning or reception staff only receive logistical information.
  • Authorities : Police/Gendarmerie services (upon requisition) and tax administration.

5. Retention Period

  • Contractual and billing data : 10 years (accounting obligation).
  • Copies of ID documents : Deleted 1 month after departure, except in the event of a dispute.
  • Credit card hold (Security deposit) : Automatically deleted by Stripe after the release of the security deposit (7 to 14 days after departure).
  • Analytical Cookies : 13 months maximum.

6. Security

The site uses the HTTPS protocol (TLS/SSL) to encrypt all exchanges. Access to data management interfaces (Back-office, Stripe Dashboard) is protected by two-factor authentication (2FA).

7. Cookies and Trackers

Functional Cookies (Strictly necessary)

Essential for the website operation (session, security). They do not require consent.

Analytical Cookies (Google Analytics)

These cookies help us measure the website audience. In accordance with Google Consent Mode v2, these trackers are blocked by default until you click 'Accept' in the cookie banner. You can withdraw your consent at any time via your browser settings.

8. Your Rights (GDPR)

In accordance with current regulations, you have the following rights regarding your data:

  • Right of access, rectification, and portability.
  • Right to erasure ('Right to be forgotten'), subject to legal retention obligations.
  • Right to restriction of processing.

To exercise these rights, please contact us at : moc.liamg@semin.alliv.tcatnoc

You also have the right to lodge a complaint with the CNIL.