Privacy Policy
This privacy policy applies to all data processing carried out by the Casita restaurant (hereinafter “Casita”), an establishment member of the MOMA GROUP network.
This privacy policy covers data collections carried out online and offline, in particular information collected through the Casita website, reservation partner applications, reservations made by customers and Users (hereinafter the “Users”) or even events and events organized at the request of customers or directly by Casita.
This privacy policy is updated regularly and Casita recommends that each customer and user consult it regularly.
Casita attaches the greatest importance and the greatest care to the protection of the personal data (hereinafter the “Personal Data”) of its customers and Users.
PERSONAL DATA
WHAT IS PERSONAL DATA?
Personal Data refers to any information or set of information that makes it possible to identify a person directly (e.g. name, first name, email address, personal address, etc.) or indirectly (e.g.: using pseudonymized data such as a unique identification number, etc.). Unique identifiers can also be considered Personal Data such as, for example, the IP address of your computer.
This is therefore all the information concerning you as a natural person that you will provide to us voluntarily or that we will collect as part of your browsing on our website or during your reservations and/or the services that we will provide for you and which, regardless of its nature, will allow us directly or not to identify you.
DATA CONTROLLER
Casita is responsible for the processing of the Personal Data it collects, unless otherwise expressly stated.
Personal Data processed by Mimosa partners is the responsibility of these third parties. No Personal Data collected by Mimosa will be transmitted to a third party without information and/or your prior agreement depending on the purposes.
METHODS OF COLLECTING PERSONAL DATA
We collect your Personal Data by several means:
• directly from you when you use our website, our online reservation services and our reservation partner applications, when you apply for our job offers or when you subscribe to our newsletters, or when you interact with us (by completing various forms made available to you, by communicating directly with our teams, etc.);
• automatically when you access our website or one of our partner booking applications (technical data, IP address, information relating to your browsing, etc.).
CATEGORIES OF PERSONAL DATA COLLECTED
The categories of Personal Data that we collect include:
• Identification and contact information: namely, your name, surname, first name, email address, telephone number, information necessary for your identification when you interact with us;
• Information relating to applications: namely, your name, first name, email address, telephone number, your professional experience as well as all the information you provide to us when submitting your application and/or curriculum vitae: photo, skills, level of study, languages spoken, languages spoken, languages spoken, languages spoken, salary expectations, salary expectations, salary expectations, salary expectations, telephone number, telephone number, telephone number, your professional experience as well as all the information you provide to us when submitting your application and/or curriculum vitae: photo, skills, level of study, languages spoken, languages spoken, languages spoken, salary expectations, salary expectations, salary expectations, salary expectations, salary expectations, personal address, hobbies, family situation, etc. We collect and store this Personal Data only in the context of managing our own job offers and do not use them. for no other purpose, in particular for commercial purposes;
• Payment data: as part of the payment of the services offered, financial data relating to the user's bank account or credit card may be recorded;
• Technical data: we collect information about the device you use to connect to our website (such as the version of the operating system, the type of browser used, the use or not of a proxy, the IP address, the access times, the access times, the pages visited and the link that allowed you to access our website).
LEGAL BASIS FOR COLLECTING PERSONAL DATA
In accordance with the European and French regulations applicable to the protection of Personal Data, your Personal Data is collected either:
• based on your consent;
• in our legitimate interests;
• in order to fulfill our legal obligations.
PURPOSES OF COLLECTING PERSONAL DATA
We collect your Personal Data based on your consent for the following purposes:
• Manage your requests and questions: we use your Personal Data in order to send you the information you request;
• Send you newsletters to which you have wanted to subscribe;
• Manage applications for job offers that you send to us;
• Manage the reservations of tables/seats/events that you ask us to make and send you confirmations/information of these reservations;
• Send you commercial information about our establishment and our events.
We collect Personal Data based on our legitimate interest for the following purposes:
• Ensure the defense of our interests in the event of litigation or legal action;
• Manage the cybersecurity of our website;
• Prevent fraudulent actions in order to ensure the security of our assets and contents.
We may also need to keep your Personal Data when required to do so by law or in order to exercise the rights we have under the law.
ACCESSIBILITY OF YOUR PERSONAL DATA
Your Personal Data is processed for the purposes referred to above and is only accessible to Casita staff members who need to know it in order to perform their duties.
Your Personal Data may also be made accessible to third parties, namely:
• Our subcontractors and service providers intervening for technical and logistical reasons.
These may in particular be providers of hosting, security and maintenance of our website, providers of fraud management, technical service providers in charge of sending emails and newsletters, providers of anti-spam and anti-robot services, recruitment agencies, or even third-party banking and financial companies for your payments by bank card.
These service providers have limited access to user data, in the context of the performance of these services, and have a contractual obligation to use them in accordance with the provisions of the applicable regulations on the protection of personal data. We impose on our service providers or subcontractors who have access to your Personal Data the same security and confidentiality conditions as those to which we are committed.
• Our partners in the context of specific events.
• Any authority, jurisdiction or other third party when such communication is required by law, regulatory provision or court order, or if such communication is necessary to ensure the protection and defense of our rights.
TRANSFER OF PERSONAL DATA OUTSIDE THE EUROPEAN UNION
The Personal Data that we collect is hosted by a service provider whose servers and backups are located within the European Union.
However, Casita may have to use certain service providers located abroad or who themselves use subcontractors located abroad, including outside the European Union in countries whose personal data protection regulations differ from those applicable within the EU.
Any transfer of Personal Data outside the European Union takes place with appropriate guarantees in accordance with applicable regulations on the protection of Personal Data (EU standard contractual clauses, BCR, etc.).
Each customer or User is informed of these possible transfers and authorizes Casita to transfer, store and process their Personal Data outside the European Union and in particular in the United States. The laws in force in this country may differ from the laws applicable in the user's place of residence, within the European Union.
PERSONAL DATA OF MINORS
Casita collects Personal Data from adults only. This is why we may ask you for your age or date of birth.
Please contact us if you think that we are processing the data of minors so that we can delete them, if necessary.
We may collect personal data from minors to the extent that it has been communicated by a legal representative of these minors, either to manage reservations, to provide specific services to these minors or to respond to a particular request on your part. By providing us with personal data about a minor, you guarantee that you are an adult, parent or legal representative of this minor.
SECURITY AND CONFIDENTIALITY
Casita implements organizational, technical, software, and physical security measures to protect the Personal Data collected from alteration, destruction, and unauthorized access. These measures ensure the security and confidentiality of your Personal Data.
Casita also requires its service providers, subcontractors and partners to present guarantees and implement sufficient security measures to ensure the protection of the Personal Data that they have undertaken to process, in accordance with the requirements of the applicable regulations on the protection of personal data.
However, each Customer and User acknowledges that the Internet is not a completely secure environment and our website cannot guarantee the security of the transmission or storage of information on the Internet.
LINKS TO THIRD PARTY SITES
Our website may offer links or features to other third party sites, which we do not own or control. If you click on any of these links or use these features, you do so at your own responsibility.
We are not responsible for the content or practices of any third party site, application, or functionality. Therefore, this privacy policy does not apply to these third party sites. This is why we invite you to consult the privacy and personal data protection policies of these third party sites.
PRESERVATION OF PERSONAL DATA
We store your Personal Data for a period that is proportionate and in accordance with the purpose of the processing announced, in order to meet European and French legal and regulatory requirements and in compliance with the limits imposed by them.
• In terms of commercial and marketing communication, your data is kept for a maximum of three years from the end of our commercial relationship if you are a Mimosa customer, or three years from the last contact on your part if you are not a customer but a simple User of our website or subscribed to our newsletters.
• The Personal Data that you send us to apply for our offers is kept for a period of two (2) years from the communication of your Personal Data or the last contact with you. At the end of this period of two (2) years, we may contact you to find out if you want us to keep your Personal Data in order to inform you later of any new opportunities corresponding to your professional aspirations and skills.
• Those collected during a specific request from you are kept for the time necessary to manage your requests and questions. Your Personal Data will then be destroyed or anonymized, unless we are required to keep it to fulfill our legal obligations for the applicable limitation period.
• The video recordings made in our establishment are kept for a period of one month, unless extended due to investigations related, in particular, to suspicions of fraud.
• The data concerning your bank card is deleted from our operational databases after the transaction has been carried out, but may be kept in archives to protect against possible disputes of the transaction for a period of 13 months after their collection.
• With the exception of technical cookies, the registration of cookies on your terminal (computer, tablet, mobile phone) is kept for a period of 13 months.
IMPLEMENTATION OF YOUR RIGHTS
In application of the applicable regulations, you have the following rights:
• the right to access the Personal Data that we hold about you;
• the right to ask us to update or correct any outdated or incorrect Personal Data about you;
• the right to oppose the receipt of commercial communications;
• the right to the erasure of your Personal Data when the conditions of article 17 of the RGPD are met;
• the right to limit the processing of your Personal Data when the conditions of article 18 of the RGPD are met;
• the right to the portability of your Personal Data insofar as the conditions of article 20 of the RGPD are met;
• the right to define guidelines relating to the fate of your Personal Data after your death;
• the right to object to the processing of your Personal Data, insofar as the conditions of article 21 of the RGPD are met; and
• the right to file a complaint with a regulatory authority, namely in France the CNIL (https://www.cnil.fr/fr/plaintes).
When the processing of your Personal Data is based on your consent, you can withdraw it at any time, without justification. This right can be exercised by changing your options relating to subscriptions to our newsletters by clicking on the link provided for this purpose on our website.
In order to respond to your requests, we may ask you to provide us with proof of identity. We may also ask you to provide us with additional information or supporting documents.
Please also note that despite exercising your right to delete your Personal Data or to limit processing, we will keep some of your Personal Data when required by law or in order to exercise or defend our rights.
HOW TO EXERCISE YOUR RIGHTS IN TERMS OF THE PROTECTION OF YOUR PERSONAL DATA
You can exercise your rights in terms of the protection of your Personal Data in the following ways:
By mail to the following address:
Mimosa — For the attention of Charline POSTIC/Colombe DE MONCUIT
Royal Street, Paris
By email to the following address:
contact@casita-amor.com
By phone:
+33 4 94 79 75 76
COOKIE MANAGEMENT POLICY
WHAT IS A COOKIE?
Your Internet browser has a function called “cookies.” A cookie is the equivalent of a small text file stored on your terminal. It makes it possible to keep status information while the cookie in question is valid, when a browser accesses the various pages of a website or when this browser returns to this website at a later time.
WHAT COOKIES DO WE USE?
The cookies that we issue on our website and social networks are used for the purposes described below, subject to your choices expressed during your visits and whose settings you can change at any time.
Technical cookies
These cookies are necessary for navigation. Without them, our site would not function properly. These cookies allow us, for example, to adapt the presentation of the site to the display preferences of your terminal (language used, display resolution), memorize passwords and other information relating to a form that you have completed on the site.
Statistical cookies
These cookies make it possible to establish statistics and volumes of visits and use of the various elements that make up our site (sections and content visited, routes, visit times), allowing us to improve the interest and ergonomics of our services.
Social media cookies
These cookies make it possible to promote or share our content with other people on social networks such as Facebook, Instagram, LinkedIn, etc. Even if you have not used these sharing buttons or applications, it is possible that social networks will follow your navigation if your account or session is activated on your terminal at that time. If you do not want the social network to link the information collected through our site to your user account, you must first log out of the social network.
Advertising cookies
These are cookies used to present you with advertisements or send you information adapted to your interests on our site or outside while browsing the Internet. In particular, they are used to limit the number of times you see an advertisement and to help measure the effectiveness of an advertising campaign. These cookies mainly depend on advertising agencies.
PURPOSES OF USING COOKIES
When you visit our website and our social networks, depending on your choices expressed by the settings of your browser, we may or may not install cookies on the hard drive of your computer, tablet or phone.
We can read the cookies we have set for as long as each cookie is valid or until you delete the cookie.
We use cookies for the following purposes:
• Facilitate your navigation and allow the correct display of our web pages (session cookies);
• Remember your preferences, display or configuration choices, or linguistic choices;
• Identify whether you come from another site in the MOMA GROUP network or from a partner site;
• Analyze the performance of our site based on anonymous information about your browsing (for example: page views, number of visits...). For this purpose, we use the “Google Analytics” analysis tool.
The cookies we use do not allow us to identify you personally and are designed to be used only by Mimosa.
MANAGEMENT OF CONSENT TO THE COLLECTION OF COOKIES
Article 5 (3) of Directive 2002/58/EC amended in 2009 and transposed into French law to article 82 of the Data Protection Act establishes the principle:
• the prior consent of the user before storing information on his terminal or accessing information already stored on it;
• unless these actions are strictly necessary for the provision of an online communication service expressly requested by the user or have the exclusive purpose of allowing or facilitating electronic communication.
We respect these provisions. This is why, when you first browse our website and our social networks, you are asked to give your prior consent to the collections that we propose to carry out for our cookies related to operations relating to personalized advertising or cookies from our social networks, in particular generated by their sharing buttons.
Afterwards, you can choose to deactivate these cookies at any time.
However, you will note that we do not need your prior consent to collect the following cookies:
• tracers maintaining the choice expressed by users on the deposit of tracers;
• trackers intended for authentication to a service, including those aimed at ensuring the security of the authentication mechanism, for example by limiting robotic or unexpected access attempts;
• trackers for customizing the user interface (for example, for choosing the language or presentation of a service), when such personalization is an intrinsic and expected element of the service;
• tracers allowing the load to be balanced on equipment contributing to a communication service.
Your browser can be set to notify you of the cookies that are placed on your computer, tablet and/or mobile phone and ask you to accept them or not.
You can also accept or refuse cookies on our website and social networks, on a case-by-case basis or refuse them systematically once and for all. You can also choose which ones you accept and which ones you don't want.
You can change your mind at any time by clicking on the “cookie preferences” button available directly on our website and social networks.
