Privacy Policy

Scope :


The company appreciates the trust you place in us by browsing our website. We attach the utmost importance to protecting your personal data and complying with the applicable regulations.

Visiting and using our site implies that you accept our privacy policy. Please find below all the information you need to make an informed decision.

Data processing manager :


As part of your activity on our site, we collect and use personal data relating to you, individuals.

For all processing, the company détermine les moyens et les finalités du traitement. Ainsi, nous agissons en tant que responsable de traitement, au sens de la réglementation relative aux données personnelles, et notamment du Règlement UE 2016/679 relatif à la protection des personnes physiques à l’égard du traitement des données personnelles (RGPD).

Definitions :

  • ‘Personal data’ means any information relating to an identified or identifiable natural person;
  • ‘Identifiable natural person”: a natural person who can be identified, directly or indirectly, in particular by reference to an identifier, such as a name, an identification number, location data, an online identifier, or to one or more factors specific to his or her physical, physiological, genetic, mental, economic, cultural or social identity;
  • « Traitement » : toute opération ou tout ensemble d’opérations effectuées ou non à l’aide de procédés automatisés et appliquées à des données ou des ensembles de données à caractère personnel, telles que la collecte, l’enregistrement, l’organisation, la structuration, la conservation, l’adaptation ou la modification, l’extraction, la consultation, l’utilisation, la communication par transmission, la diffusion ou toute autre forme de mise à disposition, le rapprochement ou l’interconnexion, la limitation, l’effacement ou la destruction ;
  • Controller’ means the natural or legal person, public authority, agency or other body which alone or jointly with others determines the purposes and means of the processing; where the purposes and means of such processing are determined by Union law or by the law of a Member State, the controller may be designated or specific criteria for such designation may be laid down in Union law or in the law of a Member State;
  • Processor’ means the natural or legal person, public authority, department or other body which processes personal data on behalf of the controller;
  • Recipient’ means the natural or legal person, public authority, agency or any other body to whom personal data are disclosed, whether a third party or not. However, public authorities which may receive personal data in the context of a particular enquiry in accordance with Union law or the law of a Member State shall not be regarded as recipients; the processing of such data by the public authorities in question shall comply with the applicable data protection rules in accordance with the purposes of the processing;
  • Third party’ means a natural or legal person, a public authority, a department or a body other than the data subject, the controller, the processor and the persons who, under the direct authority of the controller or the processor, are authorised to process personal data;
  • Consent’ of the data subject means any freely given, specific, informed and unambiguous indication of his wishes by which the data subject signifies his agreement, either by a declaration or by a clear positive act, to personal data relating to him being processed;

What data do we collect, for how long and why?


Data is collected for specific purposes. We collect the following information when you visit our site:

  • Information relating to your browsing: By browsing our site, you interact with it. As a result, certain information relating to your browsing is collected for a maximum period of 24 months.
    Certain information is necessary to facilitate and improve site navigation. These are described in detail in the ‘Cookies Policy’. Some necessary cookies are collected on the basis of our legitimate interests or on the legal basis of your consent in the case of non-necessary cookies.
    Other personal data, such as your IP address, is collected if you authorise cookies, particularly for statistical purposes.
  • Contact form: your identification data (surname, first name, email address, telephone number, address) is requested as part of the form.Mandatory information is marked with an asterisk. Documents in pdf, dwg, dxf or step format may be added.This data is collected on the basis of your consent in order to process your request. It is only kept for the time required to process your request.

Use and transmission of your personal data :


We share your data with our technical service providers whom we use to carry out a range of operations and tasks on our behalf. We are contractually bound to these third parties, who have made strict commitments to comply with applicable regulations and to ensure security.

We work with subcontractors such as our communications agency MCC, our hosting provider FC Net, whose contact details can be found in this legal notice, our IT service provider, etc., who may have access to your data in a lawful and secure manner, in order to carry out necessary maintenance or conservation operations.

Similarly, only employees who need to respond to you or analyse site statistics have access to personally identifiable information.

Your data may be transmitted to legal or regulatory authorities in order to comply with our legal obligations.

Your data may be transmitted to legal or regulatory authorities in order to comply with our legal obligations.

The computers and servers used to store personally identifiable information are kept in a secure environment. Our host holds its servers in the European Union.

The rights you have over your data :

The RGPD provides Data Subjects with rights that they can exercise. These include:

  1. Right to information: the right to clear, precise and complete information on the use of personal data by the company .
  2. Right of access: the right to obtain a copy of the Personal Data that the Data Controller holds on the applicant.
  3. Right of rectification: the right to have Personal Data rectified if it is inaccurate or obsolete and/or to have it completed if it is incomplete.
  4. Right to erasure / right to be forgotten: the right, under certain conditions, to have Data erased or deleted, unless the company has a legitimate interest in keeping them.
  5. Right to object: the right to object to the Processing of Personal Data by the company for reasons relating to the applicant’s particular circumstances (subject to conditions).
  6. Right to withdraw Consent: the right at any time to withdraw Consent where Processing is based on Consent.
  7. Right to limit Processing: the right, under certain conditions, to request that the Processing of Personal Data be temporarily suspended.
  8. Right to data portability: the right to request that personal data be transmitted in a re-usable format enabling it to be used in another database.
  9. Right not to be the subject of an automated decision: the applicant’s right to refuse fully authorised decision-making and/or to exercise the additional guarantees offered in this respect.
  10. Right to define post-mortem directives: the right for the applicant to define directives concerning the fate of Personal Data after his/her death.

Additional rights may be granted by the Local Regulations to the Persons concerned.

To exercise your rights, you can contact the data controller by writing to the following address , 17 Avenue des Montboucons, FR – 25000 Besançon or by email to reservation@macacha.fr

When you send us a request to exercise a right, we ask you to specify as far as possible the scope of the request, the type of right exercised, the personal data processing concerned and any other useful information, in order to make it easier to examine your request.

You will also be asked to provide proof of your identity. This information will only be used to process your request and will be deleted immediately.

You also have the right to lodge a complaint with the CNIL, the competent authority in France, online at www.cnil.fr or in writing at 3 Place de Fontenoy – TSA 80715 – 75 334 Paris Cedex 07.

How we protect your data :


We undertake to protect the personal data we collect or process against loss, destruction, alteration, unauthorised access or disclosure.

We therefore implement all appropriate technical and organisational measures, depending on the nature of the data and the risks involved in processing it. These measures must ensure the security and confidentiality of your personal data.

Several security measures have been put in place to protect both the website and the data it may collect.

The website is secure thanks to a number of secure passwords and an SSL certificate.

This also includes the implementation of regular maintenance with a complete backup of the site, updates, updates to the theme(s) and updates to the site’s modules.

Data transmitted to the company is stored in a secure environment.

Policy update :


This policy may be regularly updated to take account of changes in regulations relating to personal data.