+33 (0)1 42 74 23 45
Data-privacy policy
Préambule
The MIJE association is concerned about the protection and confidentiality of personal data and is committed to ensuring the highest level of protection for your personal data in compliance with current regulations on the protection of personal data, applicable in Europe (RGPD) and in France.
The purpose of this privacy policy is to inform you about the practical measures and commitments taken by our association to ensure that your personal data is respected and protected.
The terms “we” and “us” refer to the Data Controller, and to the Services we provide. The terms “you” and “your” refer to all Users of our Services or visitors to our Sites or Applications. The term “Customer” refers to our customers.
This policy is an integral part of the General Terms and Conditions and the Legal Notice of the site.
1) Identity of the data controller
In accordance with European Regulation 2016/679 of April 27, 2016 known as the “General Data Protection Regulation” (GDPR) applicable since May 25, 2018, the organization “Association MIJE” is a Data Controller (R.T.) in the sense given to this term by the said Regulation. Our Data Protection Officer (DPO) is Claude Martinez. He can be contacted by email at dpo@mije.com or by post at Association MIJE’s head office address at 13 boulevard Beaumarchais 75004 Paris.
2) Personal data we collect When you register for one of our services, you may provide us with :
Necessary data:
- Personal details such as your address, e-mail address, telephone number and date of birth.
When you purchase our products or services over the phone or online, we may collect:
- Participant information, passport details and other ID details;
- Insurance details;
- Relevant medical data and any special dietary, religious or disability-related requests;
Optional data:
- Information about your purchases, including what you bought, when and where you bought it, how you paid and your credit or other payment information;
- Your social preferences, interests and activities.
When you contact us, we contact you or you participate in promotions, competitions, surveys or questionnaires about our services, we may collect:
- Personal data you provide when you contact us, including by email, post and telephone or on social networks, such as your name, username and contact details;
- Details of e-mails and other digital communications we have sent you that you have opened, including any links you have clicked on;
- Your feedback and contributions to customer surveys and questionnaires.
- When the participant completes the stay, we may collect the image and voice of the minor, provided we have received prior informed consent from the minor(s) and legal representative(s) at the time of registration.
This data may be used for communication via the Internet, for example via various social networks: e.g. Facebook, Instagram, LinkedIn, etc. We remind you that no minor will be “tagged” by our organization.
This data may be used commercially to support the holidays offered for sale on our website and/or brochures.
As part of the preparation of a holiday, we use personal data that you provide about other individuals, in particular via a Customer Area, such as the people in your booking. When the services/products purchased or used are intended for minors, our general terms and conditions of sale specify that only the legal representative of the person concerned is authorized to validate the data transmitted.
We therefore consider that the consent of these persons is deemed to have been obtained at the time of booking.
3) Use of your personal data
MIJE uses your personal data in various ways, as described below.
- To provide you with the products and services you request:
We process your personal data in order to create and manage your account and booking, to provide you with the products and services you wish to purchase and to assist you with any orders or refunds you may request.
- To manage and improve our products, services and day-to-day operations:
We use personal data to manage and improve our products and websites.
We monitor how our services are used in order to protect your personal data, detect and prevent fraud, other crimes and misuse of our services. This helps us to ensure that you use our services safely.
We may use personal data to respond to and manage security operations, accidents or similar incidents, including for medical and insurance purposes. We use personal data for market research, internal research and development, and to deploy and improve our range of products and services, our IT systems, our security, our know-how and the way we communicate with you.
- To contact and interact with you
We are always keen to provide you, our customer, with the best possible service. So if you contact us, for example by e-mail, post, telephone or social networks, we may use your personal data for any clarification or assistance you request. We need to process your personal data in order to manage promotions or competitions in which you choose to participate, including promotions or competitions organized with our service providers and distribution partners. For example, if you win a prize. We may invite you to take part in customer surveys, questionnaires and other market research carried out by us and other organizations on our behalf.
We do not sell your personal data to third parties.
4) Legal basis for processing personal data
Following the delivery of your consent, in particular by sending a form/request for quotation/registration form/booking form for the collection of your personal data, we will use and process them:
- for the performance of a contract or in order to take steps at your request prior to the contract. Example: in order to provide you with the products and services you request.
➔ We need to process your personal data in order to manage your account or booking, to procure the products and services you wish to purchase and to assist you with any orders or refunds you may request. (e.g. surname, first name, age, weight, dietary requirements, measurements in the case of ski equipment, etc.).
- to comply with a legal obligation. Example: sharing personal data with supervisory authorities.
➔ To enable you to travel, some of your personal data may be required to be communicated (in accordance with government requirements at the point(s) of departure and/or arrival) for immigration, border control, security and anti-terrorism purposes.
To protect your vital interests or those of others. Example: in the event of an emergency.
➔ Your insurance company, their agents and medical staff may exchange relevant personal data and special categories of personal data with us when we/they need to act on your behalf, in the interests of other customers or in an emergency. (e.g. for health treatment, as in the case of Contact-Covid)
- in our legitimate interests or those of a third party. Example: in order to personalize your experience.
➔ We may use your personal data to better understand your interests, so as to try to predict which products, services and information would be of most interest to you. This enables us to fine-tune our communications so that they are as relevant and interesting to you as possible.
We process special categories of personal data, such as health data:
- For the medical monitoring of participants during their stays;
- Only if one or more additional conditions apply.
To protect your vital interests or those of others. Example: in the event of an emergency.
➔ Your insurance company, their agents and medical staff may exchange relevant personal data and special categories of personal data with us when we/they need to act on your behalf, in the interests of other customers or in an emergency. (e.g. for health treatment, as in the case of Contact-Covid)
- in our legitimate interests or those of a third party. Example: in order to personalize your experience.
➔ We may use your personal data to better understand your interests, so as to try to predict which products, services and information would be of most interest to you. This enables us to fine-tune our communications so that they are as relevant and interesting to you as possible.
We process special categories of personal data, such as health data:
- For the medical monitoring of participants during their stays;
- Only if one or more additional conditions apply.
5) Marketing communications
No matter how hard you try, no method of transmission over the Internet and no method of electronic storage is completely secure. Therefore, we cannot guarantee absolute security. If we become aware of a security breach, we will notify the users concerned so that they can take appropriate action. Our incident notification procedures take into account our legal obligations, whether at national or European level. We are committed to keeping our customers fully informed of all matters relating to the security of their accounts and to providing them with all the information necessary to help them meet their own regulatory reporting obligations.
No personal information of the user of L’ASSOCIATION MIJE is published without the user’s knowledge, exchanged, transferred, assigned or sold in any medium whatsoever to third parties. Only in the event of the purchase of L’ASSOCIATION MIJE and its rights would it be possible to pass on the said information to the eventual purchaser who would in turn be under the same obligation to keep and modify the data towards the user of L’ASSOCIATION MIJE.
Security
To ensure the security and confidentiality of Personal Data, MIJE ASSOCIATION uses networks protected by standard devices such as firewalls, encryption and passwords.
When processing Personal Data, MIJE ASSOCIATION takes all reasonable steps to protect it from loss, misuse, unauthorised access, disclosure, alteration or destruction.
6) Sharing personal data with service providers
In order to provide you with the products or services you request, we may share your personal data with suppliers of travel arrangements, including airlines, hotels and transport companies, insurance companies…
We also work with carefully selected service providers who perform certain functions on our behalf. These companies handle, for example, IT services, data storage and compilation, marketing, market research, payment processing and the delivery of products and services.
We may also need to share personal data in order to establish, exercise or defend our legal rights; this includes passing on personal data to third parties in order to prevent fraud.
When we share personal data with other organizations, we ask them to secure this data and not to use it for their own commercial purposes. In particular, these organizations are obliged to limit the retention period of your data to the time necessary to perform the service, or to comply with their legal or regulatory obligations, and to guarantee an RGPD-compliant personal data destruction procedure at the end of said retention period.
We only share personal data that is strictly necessary to enable our service providers to provide their services to you/us.
7) Sharing personal data with supervisory authorities
To enable you to travel, it may be necessary to disclose and process your personal data (in accordance with government requirements at the point(s) of departure and/or arrival) for immigration, border control, security and anti-terrorism purposes, or for any other purposes deemed appropriate by the authorities.
Some countries will only authorize your travel if you provide prior passenger information (e.g. Caricom API Data and US Secure Flight Data). These requirements may vary according to your destination. We advise you to check them. Even if they are not mandatory, we can provide assistance where necessary.
We may share strictly necessary personal data with other public bodies if required by law or if we are legally authorized or obliged to do so.
8) Protection of your personal data
We understand the importance of protecting and managing your personal data. We take appropriate security measures to help protect your personal data against accidental loss and unauthorized access, use, alteration and disclosure.
For example:
- We use encrypted computer technology to store your data;
- We do not store your bank details on computer databases;
- We include confidentiality clauses in our agreements with suppliers and service providers, enabling us to identify the information communicated and granting us the right to carry out unannounced checks on compliance with protection procedures;
- We regularly update our processing registers.
9) Retention of personal data
The length of time your personal data is kept varies according to the purposes for which your data is processed and the contracts or services you use. It may also result from legal retention obligations.
For example, in the case of holiday contracts, the duration is linked to the duration of your contract, the guarantees and the implementation of these guarantees, plus the periods during which you benefit from them and the applicable limitation periods.
In the context of commercial prospecting, your data is kept for a maximum of 3 years after the last contact or at the end of the contractual relationship.
Your data is processed and stored in France and Europe. If your data is required after this period for analytical, historical or other legitimate business purposes, we will take appropriate measures to render it anonymous.
| Purpose / Nature of collection | Data retention period |
|---|---|
| For quotation requests on https://www.mije.com/ or by telephone | 3 years for anonymization and 5 years for deletion |
| To request a brochure or price list on the website https://www.mije.com/ | 3 years for anonymization and 5 years for deletion |
|
For a request or question via contact forms or online appointments https://www.mije.com/ |
3 years for anonymization and 5 years for deletion |
| For cookie management, see details on the page: https://www.mije.com/en/cookies-management | 13 months maximum from the date they are deposited on your browser or terminal. At the end of this period, a new consent will be required. |
10) Your rights regarding your data
At any time, you have the right to request a copy of the personal data we hold about you. You can write to us to request a copy of any other personal data we hold about you.
Please include any details that will help us identify you and locate your personal data. Access to your data is free unless multiple copies are requested. In this case, we may charge a reasonable fee based on administrative costs.
You may also ask us to restrict, rectify or delete your personal data, and, depending on the processing, you may also object and request that the personal data you have supplied be transferred to another organization (right of portability). You may also give instructions concerning the storage, deletion and communication of your data after your death.
We will update or delete your data unless we are required to retain it for legitimate business or legal purposes. You can also contact us if you have a complaint about the way we collect, store or use your personal data.
Please submit your request or complaint in writing to the Data Protection Officer (DPO) on plain paper (preferably in R.A.R.) indicating:
- Your first and last name
- Your postal address
- Your e-mail address
- Your telephone number
- The grounds for your complaint
To the following address: Association MIJE – DPO – 13 boulevard Beaumarchais – 75004 PARIS
Or by e-mail to dpo@mije.com.
We make every effort to resolve complaints, but if you are not satisfied with our response, you can lodge a complaint with the local data protection authorities: https://www.cnil.fr/fr/plaintes.
Please note that we must check your identity before processing your request or complaint. We may ask you for further information to ensure that you are authorized to make such a request.