Check Availlability

Privacy policy 

Last updated:  22 April 2026

Stay Near Versailles (“we”, “us”, “our”) is committed to protecting your privacy. This Privacy Policy explains how we collect, use, share, and protect your personal data when you visit staynearversailles.com (the “Site”) or book a stay with us.

This policy is issued in compliance with the EU General Data Protection Regulation (Regulation 2016/679 — “GDPR”) and the French Data Protection Act (“Loi Informatique et Libertés” of 6 January 1978, as amended).

1. Data Controller

The entity responsible for the processing of your personal data (the “Data Controller”) is:

Operator: Luca ONESIM Siret: 807694237 00023
Address: 39, RUE DE MADRID 91190 GIF SUR YVETTE
Email: contact[at]staynearversailles.com

For any question relating to the processing of your personal data, you may contact us using the details above.

2. Personal Data We Collect

Our Site offers two forms only: a Request for a quote form and a Get in Touch contact form. No payment is processed on the Site: any payment takes place offline, directly with our payment provider, after the quote has been accepted.

Depending on your interaction with us, we may collect the following categories of personal data.

a) Data you provide directly through our forms

  • Identification data: first name, last name.
  • Contact data: email, phone number, country, postal address.
  • Quote request data: dates of stay (check-in / check-out), number of guests, chosen bed type, desired destinations and selected premium destinations.
  • Preferences: dietary preferences or allergies, accessibility needs, special requests.
  • Correspondence: content of the messages you send us via the contact form, by email, or through messaging apps.

b) Data collected only if you become a guest (offline)

If your quote is confirmed and you stay with us, we may additionally collect, outside the Site:

  • Billing information: billing name and address, transaction reference provided by the payment processor. Full card details are handled directly by our payment provider and are never entered on, or stored by, our Site.
  • ID or passport details: collected only at check-in, and only where required by law (e.g. police registration form for non-EU guests under Articles R.611-42 and R.611-43 of the French CESEDA).

c) Data collected automatically

When you browse the Site, we may automatically collect:

  • Technical data: IP address, browser type and version, device type, operating system, language settings.
  • Usage data: pages visited, duration of visits, referring URL, date and time of access.
  • Cookies and similar technologies: see Section 9 of this Privacy Policy for details.

d) Data from third parties

We may receive limited data from:

  • Online travel agencies or booking platforms (if applicable).
  • Public authorities (for regulatory checks, if applicable).

e) Sensitive data

Information about allergies or specific dietary requirements may fall within “special categories” of data under Article 9 GDPR. We collect it only with your explicit consent, solely to provide you with a safe and suitable stay.

3. Purposes of Processing and Legal Bases

We process your personal data for the following purposes, each based on a specific legal ground under the GDPR:

PurposeLegal basis
Answering quote requests and enquiries sent via our formsPre-contractual steps / legitimate interest (Art. 6.1.b and 6.1.f GDPR)
Managing confirmed bookings, check-in, stay, and off-site billingPerformance of a contract (Art. 6.1.b)
Organising excursions and transportPerformance of a contract (Art. 6.1.b)
Complying with legal and tax obligations (invoicing, bookkeeping, tourist tax, police registration for foreign guests)Legal obligation (Art. 6.1.c)
Managing allergies and special dietary requirementsYour explicit consent (Art. 9.2.a)
Sending occasional commercial offers or newslettersYour consent (Art. 6.1.a), revocable at any time
Improving the Site and analysing trafficYour consent for analytics cookies (Art. 6.1.a)
Preventing fraud and ensuring securityLegitimate interest (Art. 6.1.f)
Establishing, exercising, or defending legal claimsLegitimate interest (Art. 6.1.f)

4. Who Has Access to Your Data

Your personal data is accessed only by authorised persons and trusted service providers, strictly on a need-to-know basis:

  • Members of our team involved in quote handling, booking management and guest services.
  • Website host (hostinger.com).
  • IT and cybersecurity providers for technical maintenance (roger-ari.com).
  • Google (for audience measurement via Google Analytics — see Section 9).

We do not sell or rent your personal data to third parties.

5. International Transfers

Our priority is to host and process your data within the European Union or European Economic Area. Some of our service providers — in particular Google (Google Analytics) — may transfer data to the United States. Such transfers are framed by:

  • an adequacy decision of the European Commission (EU–US Data Privacy Framework), or
  • Standard Contractual Clauses (SCCs) approved by the European Commission, or
  • any other appropriate safeguard under Chapter V of the GDPR.

You may request a copy of the relevant safeguards by contacting us.

6. How Long We Keep Your Data

We retain your data only for as long as necessary for the purposes described above:

  • Quote requests and contact enquiries that do not lead to a booking: up to 3 years from the last contact, for commercial prospecting purposes (CNIL recommendation).
  • Booking and billing data for confirmed stays: up to 10 years after the end of the stay, for accounting and tax purposes (Article L.123-22 of the French Commercial Code).
  • Cookies and technical data: as set out in Section 9 below.

At the end of these periods, your data is either deleted or irreversibly anonymised.

7. Your Rights

In accordance with the GDPR and French law, you have the following rights regarding your personal data:

  • Right of access — obtain confirmation of whether your data is processed and receive a copy.
  • Right to rectification — correct inaccurate or incomplete data.
  • Right to erasure (“right to be forgotten”) — request deletion, subject to our legal retention obligations.
  • Right to restriction of processing in certain circumstances.
  • Right to object to processing based on legitimate interests or direct marketing.
  • Right to data portability — receive the data you provided in a structured, machine-readable format.
  • Right to withdraw consent at any time, without affecting the lawfulness of processing carried out before withdrawal.
  • Right to define post-mortem instructions regarding your personal data (Article 85 of the French Data Protection Act).

How to exercise your rights

Send a written request to contact[at]staynearversailles.com , indicating clearly the right you wish to exercise.

For security reasons, we may ask for proof of identity if there is reasonable doubt about the identity of the requester.

We will reply within one (1) month of receipt of your request. This period may be extended by two additional months for complex requests, in which case we will inform you.

Right to lodge a complaint

If you believe your rights have not been respected, you have the right to lodge a complaint with the French data-protection authority:

CNIL — 3 Place de Fontenoy, TSA 80715, 75334 Paris Cedex 07 — www.cnil.fr

8. Security

We implement appropriate technical and organisational measures to protect your personal data against unauthorised access, loss, alteration, or disclosure, including:

  • secure access controls and passwords;
  • HTTPS encryption of data in transit on the Site;
  • regular backups;
  • limited access on a need-to-know basis;
  • contractual confidentiality obligations for our service providers.

Despite our efforts, no method of transmission over the internet can be guaranteed to be 100% secure. In the event of a personal data breach likely to result in a high risk to your rights and freedoms, we will notify you and the CNIL in accordance with the GDPR.

9. Cookies and Similar Technologies

The Site uses a limited number of cookies. We distinguish between strictly necessary cookies and analytics cookies. We do not use any advertising, retargeting, or social media tracking cookies.

9.1 Strictly necessary cookies

These cookies are essential for the Site to function (e.g. session management, security, storing your cookie consent choice). They do not require your consent and cannot be disabled through our cookie banner, as without them the Site could not operate properly.

9.2 Analytics cookies — Google Analytics

We use Google Analytics, an audience-measurement service provided by Google Ireland Ltd., to understand how visitors use our Site and to improve its content and navigation.

  • Cookies used: _ga and _ga_<container-id> (and any related Google Analytics cookies), used to distinguish visitors and measure sessions.
  • Data collected: truncated/anonymised IP address, pages viewed, time spent, referring source, approximate location, device and browser information.
  • Purpose: audience measurement and Site improvement.
  • Legal basis: your consent (Art. 6.1.a GDPR), collected via our cookie banner. You can withdraw consent at any time without affecting the lawfulness of processing carried out before withdrawal.
  • Retention: up to 13 months for the cookies themselves, and up to 14 months for the collected data, in line with CNIL recommendations.
  • Transfers outside the EU: data may be transferred to Google servers located in the United States, framed by the EU–US Data Privacy Framework and/or Standard Contractual Clauses.

More information on Google’s processing: https://policies.google.com/privacy. You can also install Google’s opt-out browser add-on: https://tools.google.com/dlpage/gaoptout.

9.3 Google Search Console

We also use Google Search Console, a free tool provided by Google that helps us monitor how our Site appears in Google Search results. Google Search Console is a webmaster tool operating on Google’s side: it does not set cookies on visitors’ browsers and does not directly collect personal data from visitors through our Site. We therefore do not request consent for it.

9.4 Managing your cookie preferences

You can accept, refuse, or change your cookie preferences at any time:

  • via our cookie banner, displayed on your first visit and accessible at any time from the link provided in the footer of the Site;
  • by configuring your browser to block cookies or notify you when they are sent. Instructions are available in the help section of your browser.

Blocking strictly necessary cookies may prevent parts of the Site from functioning correctly.

9.5 Retention of your consent choice

Your cookie consent choices (acceptance or refusal) are stored for a maximum of 6 months, after which the cookie banner will be displayed again so you can renew your choice.

10. Children

Our services are not directed at children under the age of 15 (the age of digital consent under French law). We do not knowingly collect personal data from minors without parental authorisation. If you believe a minor has provided us with personal data without consent, please contact us so we can delete it.

11. Reviews, Photos, and Social Media

If you voluntarily share a review, testimonial, or photograph (for instance by email, on our Site, or on a public platform), we may republish it for promotional purposes, with your consent. You may withdraw your consent and request removal at any time.

No photograph in which a guest is identifiable will be published without their prior consent.

12. Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect legal, technical, or operational changes. The “Last updated” date at the top of this page indicates the most recent version. In the event of significant changes, we will inform you by appropriate means (email or notice on the Site).