N'PY Party les 7 et 8 mars →
NPY Logo

Privacy Policy

N'PY Group Personal Data Protection Policy

This personal data protection policy demonstrates the commitments implemented by the N'PY Group (SAEM Compagnie des Pyrénées, N'PY RESA) in its daily operations to ensure the responsible use of personal data.

Introduction

The N'PY Group strives to act with complete transparency, explaining the types of personal data it collects, how it is processed, and your rights.

This Personal Data Protection Policy applies to the information the Group collects during your visit and use of the services it offers. It also applies to data transferred by third parties in accordance with regulations.

As the Data Controller, particularly of your personal data, we make every effort to protect your privacy and ensure the security of the personal data you entrust to us. We pay great attention to the processing of your data and the confidentiality of your personal information.

All operations involving your personal data are carried out in compliance with current regulations, in particular Law No. 78-17 of January 6, 1978, relating to information technology, data files, and civil liberties, as amended, and European Regulation No. 2016/679 on Data Protection (General Data Protection Regulation, GDPR).

By using our services, websites, and points of sale, you declare that you accept the terms of this Personal Data Protection Policy.

If you disagree with any of its terms, you are free to no longer use our websites and/or services.

We may modify this Personal Data Protection Policy at any time and at our discretion. Therefore, we invite you to refer to it each time you visit our services* to ensure you are aware of the latest version, which is always available.

*Websites (n-py.com, blog.n-py.com), points of sale (Piau-Engaly, Peyragudes, Grand Tourmalet Barèges-La Mongie, Pic du Midi, Luz-Ardiden, Cauterets-Pont d’Espagne, Gourette, La Pierre Saint Martin, Train de La Rhune), social networks (LinkedIn, Facebook, Twitter, Instagram, Google +, WhatsApp, YouTube, Pinterest) and mobile application (N’PY available on Google Store and AppStore).

How do we collect your personal data?

Your personal data is used to help you book your stay at one of our resorts or tourist attractions. To do this, we need to know at least your identity (first and last name), but also your postal address (to send you your ready-to-use ski passes, for example) and other contact details (telephone number, email address, etc.). Depending on the type of reservation or purchase you make on our services, we may also need to collect other information about you, such as your date of birth (to determine the age category for a ski pass, for example), and your photo (necessary for issuing certain ski passes, for example). Your purchase history may also be stored. Finally, when you make your reservation, information relating to your payment methods is collected to allow you to pay for the reserved service, but only in encrypted and secure form.

Your personal data is also collected when you contact us via our Customer Service or our social media.

When you use our mobile application, we may collect your location data, which may be used, for example, to locate you in the event of an incident on the ski slopes.

Finally, we may need to collect your data to open a user account where you can view your reservations, ski days, and related charges, etc.

Why does the N’PY Group collect and use your personal data?

When the N'PY Group collects your Personal Data, it is done fairly and transparently, with information provided or referenced to this Policy. No data is collected without the knowledge or information of individuals.

The term "Personal Data" refers to any information relating to an identified or identifiable natural person, directly or indirectly, by reference to one or more factors specific to them.

Your personal data may be used in the following situations:

A - Online booking on the website or application:

We use your personal data for any purchase of products and services available on the various websites of the N’PY group. All of this personal data necessary for the reservation may be: identification data (photos, personal address(es), email address(es), telephone, mobile phone), payment details in encrypted form, purchase history, etc.).

B - Commercial and marketing activities:

In order to develop commercial relationships, we use your personal data to send you regular information about products and services (e.g., sending tailored and personalized commercial offers by email). You can easily unsubscribe from these marketing emails at any time by clicking on the "Unsubscribe" link found in all "L'Équipe N'PY" emails.

When you participate in other promotional activities (e.g., contests organized by the N'PY group or its partners), certain information will be used to properly manage these activities.

We use cross-device tracking to optimize our services and marketing activities. This can be done with or without the use of cookies. If you would like to learn more about cookies and other similar technologies, please see our cookie policy at the end of this policy.

C - Communication

We may also contact you on other occasions by email, post, telephone or SMS, depending on the contact details you have provided to us. We then process the communications you send us, for the following reasons:

  • We send you other information related to your reservation so that you know, for example, how to contact N'PY customer service if necessary, or to help you prepare for your stay by providing you with information (such as weather, events and activities at the resort, etc.).
  • If you have not completed your reservation online, we may contact you to offer to finalize it and add new products and services to your reservation. We believe this service is useful because it allows you to access all the components of your ski vacation directly on our website (www.n-py.com).
  • We send you information about your consumption and updates to your personal information (you can change your contact details, payment information, sponsorships, etc., at any time in your customer area).

We may also contact you via our mobile application “N’PY”. Our websites are also optimized for browsing on smartphones and tablets. The mobile application “N’PY” and the sites for mobile devices process the personal data you transmit to us in a similar way to our website www.n-py.com.

  • With your consent, we may send you push notifications on the mobile app containing weather information, your payment details, etc.
  • You may give us access to your geolocation data or contact information so that we can provide the requested services.

D - Customer Service:

We provide customer service to handle all complaints and questions, including technical assistance via email, online chat, WhatsApp, telephone, and mail. To this end, we share your data, such as information relating to your reservation or your consumption, with our internal teams.

We may also collect customer requests and/or complaints via the social networks used by the N'PY group (mainly Messenger, Instagram private messaging, and Twitter private messaging).

All of these data sharing measures allow us to respond as accurately as possible to your questions and requests in order to provide you with quality service.

E - Improving our services:

We also use personal data for analytical purposes to improve the operation of our services.

  • When you use our services, we may send you a satisfaction questionnaire.
  • When you have stayed at one of the N'PY Group's member resorts, we may send you a satisfaction survey. We may also invite you to leave a review of your experience.
  • When you connect to the N'PY Group's websites, we may store connection and location data for our analysis purposes.
  • When you use our services, we may store your data for analysis and statistical purposes. For these analysis purposes, we strive to use only pseudonymous data.

When you are invited to participate, please review the information provided to understand what personal data is collected and how it is used. Our goal is to optimize our services to best meet your needs.

F - Recruitment

As part of a recruitment process for the N’PY group, we will use your personal data. All of this personal data required to compile your recruitment file may include: identification data (photos, personal address(es), email address(es), telephone number, mobile phone number), bank details, etc.

How is your data shared with third parties by the N’PY Group?

When you use the N'PY Group's services, you interact with various third parties: the ski resorts to use the ski pass you purchased on n-py.com, the service providers (accommodation providers, ski equipment rental companies, etc.) that you booked on n-py.com, etc.

We would like to reassure you that this data is neither sold nor rented to third parties. It is simply shared to organize your stay and finalize your reservations.

In what cases does the N'PY Group share your personal data with third parties?

  • Marketplace provider n-py.com: We collect your personal data in order to transmit it to the service provider (accommodation, equipment rental, ski lessons, activities, ski passes, transport tickets, insurer, etc.). This data is essential to finalize your reservation and/or give you access to the service to which you have subscribed.
  • Business partners: The N'PY Group may work with various business partners (Works Council, Tour Operators, etc.). If you book through them, they collect your personal data to enable us to manage your reservation.
  • Third-party service providers: Your personal data may be transmitted to service providers who process your data on behalf of the N'PY Group. This is the case, for example, with providers of email routing or mass mailing solutions, or secure payment solution providers. These partners are bound by confidentiality clauses and are not authorized to use your personal data for purposes other than those contractually stipulated. Competent authorities: we may be required to communicate some of your personal data to law enforcement and/or emergency services to the extent that this is required by law or strictly necessary for the prevention, detection or prosecution of criminal acts or fraud, or in the event of a legal obligation.

In all cases, the personal data collected is strictly necessary for the purpose of its collection. The N'PY Group strives to minimize the data collected, keep it accurate and up-to-date, and facilitate the rights of the data subjects.

Third-party companies have limited access to your information when performing these tasks on behalf of the N'PY Group and are contractually obligated to protect and use it only for the purposes for which it was disclosed and in accordance with this Personal Data Protection Policy.

The N'PY Group does not transmit personal data outside the European Union.

What security and retention procedures does the N’PY Group have in place regarding the protection of your personal data?

An Information Systems Protection Policy (PSSI) is implemented, adapted to the nature of the data processed and the company's activities.

Appropriate physical, logical, and organizational security measures are in place to ensure data confidentiality, including preventing unauthorized access.

The N'PY Group also requires all subcontractors to provide appropriate guarantees to ensure the security and confidentiality of personal data.

The N'PY Group has implemented protective measures to ensure the confidentiality, security, and integrity of your personal data.

Only authorized personnel are authorized to access your personal data, and only for the purposes of their work.

How long is your personal data kept?

Your personal data is kept for a limited period which does not exceed the period necessary for the purposes of processing and applicable laws, namely in particular:

  • 12 months for personal data relating to recruitment processes (CVs, cover letters, etc.)
  • 3 years for data relating to:
    • Online booking on the website and the app
    • Sales and marketing activities
    • Communication
    • Customer service
    • Improving our services
  • 3 months for data following a request to exercise rights.

How is minors' data managed?

Minors under the age of 16 must be accompanied by their parent or legal guardian to use the N’PY Group’s services, particularly those relating to online holiday bookings. The N’PY Group may therefore only collect and use personal data from minors under the age of 16 if provided by their parent or legal guardian with their consent.

Who is responsible for processing personal data collected via the N’PY Group services?

To protect your privacy and the protection of your personal data, the N'PY Group has appointed its Data Protection Officer (DPO). The DPO was registered with the competent authority (CNIL) on May 15, 2018.

As a specialized contact for personal data protection, responsible for ensuring the preservation of privacy and the proper application of personal data protection rules, the Data Protection Officer is also the primary contact for the French National Commission for Information Technology and Civil Liberties (CNIL) and for all persons affected by the collection or processing of personal data.

To contact the DPO, write to: N'PY - Data Protection Officer - 3 bis avenue Jean Prat - 65100 Lourdes - FRANCE

Or by email at: dpo@n-py.com

What are your rights regarding personal data?

All necessary measures are implemented to ensure the effectiveness of individuals' rights regarding their personal data.

Clear and comprehensive information on data processing is provided, easily accessible and understandable to all.

To exercise their rights, users must send an email to the N'PY Group's Personal Data Protection Officer, along with a photocopy of their signed ID to ensure data confidentiality, to the following address: N'PY - Data Protection Officer - 3 bis avenue Jean Prat - 65100 Lourdes - FRANCE or by email to: dpo@n-py.com.

The N'PY Group will respond within one month of receiving the request. If necessary, this period may be extended by two months, given the complexity and number of requests. The user will then be informed of this extension and the reasons for the delay within one month of receiving the request.

The rights attached to personal data are as follows:

  • You may exercise your right of access to know your personal data, including its nature, origin, and use.
  • If your personal data held by the N'PY Group is inaccurate, you may request that the information be updated or completed.
  • You may request a copy of the personal data that the N'PY Group holds about you.
  • You may request the deletion of personal data held by the N'PY Group in accordance with applicable laws.
  • You may request the portability of your Data as of May 25, 2018.
  • As processing is based on consent and carried out using automated processes, you have the right to receive the data in a structured format, in clear, machine-readable, and interoperable language, and to transmit it to another controller without hindrance from the N'PY Group. You have the right to obtain the restriction of processing when you contest the accuracy of the data, when its processing is unlawful, or when you need it to establish, exercise, or defend your legal rights.
  • In addition, you have the right to inform us at any time that you do not wish your Personal Data to be disclosed to a third party in the event of your death.

We rely on you to ensure that your personal data is complete, accurate, and up-to-date. Please promptly inform us of any changes or inaccuracies in your personal data by contacting us.

We will respond to you within one (1) month of receiving your request. You may file a complaint with the competent supervisory authority (in France, the CNIL: www.cnil.fr).

How do we update this Personal Data Protection Policy?

This policy, accessible to all on the N’PY Group websites, is updated regularly to take into account legislative and regulatory developments and any changes in the organization of the company, in the offers, products and services proposed.

When you visit our websites, information about your browsing may be recorded in "Cookies" files installed on your device (computer, tablet, smartphone, etc.), subject to the cookie preferences you have expressed, which you can change at any time.

The information below will help you better understand how cookies work and how to use current tools to configure them.

A cookie is a small file, usually consisting of letters and numbers, downloaded to your computer when you access certain websites or services. Cookies are then sent back to the website or service they came from on each subsequent visit.

Cookies serve several purposes, including allowing you to navigate between web pages efficiently, remembering your preferences, and generally improving your website experience. They can also help ensure that the ads you see are more relevant to you and your interests.

A cookie does not contain or collect any information. However, when read by a server in conjunction with a web browser, it allows the website to provide a more user-friendly service by remembering, for example, previous purchases or account login details.

Cookies are stored in your browser's memory, and each cookie typically contains:

  • The name of the server from which the cookie was sent;
  • The cookie's lifespan;
  • A value - usually a randomly generated unique number.

The web server that sends the cookie uses this number to recognize you when you return to the website or navigate from page to page. Only the server that sent the cookie can read and, therefore, use it.

There are two types of cookies, "session" and "persistent":

  • So-called "transient" cookies allow websites to link your actions during a browsing session. They can be used for various purposes, including to remember what you have put in your "shopping cart" while browsing a website. They can also be used for security purposes when you access online payment systems or to facilitate the use of emails. These so-called "transient" cookies disappear at the end of your browsing session and are therefore not stored for a longer period.
  • So-called "persistent" cookies are stored on your computer between browsing sessions and allow your preferences or actions on a website (or in some cases, across different websites) to be remembered. So-called "persistent" cookies can be used for various purposes, including to remember your preferences and choices when using a website or to deliver targeted advertising.

Cookies can also be classified into the following categories: "first-party cookies," which come from the website you are browsing, or "third-party cookies," which come from a website other than the one you are browsing.

What is a web beacon?

Many websites, including the N’PY website - www.n-py.com, use web beacons. Web beacons are pieces of code placed on web pages that can be used, among other things, to count the number of users who visit that web page or to place a cookie on the browser of the user viewing that page. Additional information about web beacons is available at: www.allaboutcookies.org/fr/

Many websites also use Flash cookies, which function similarly to browser cookies. The N’PY website - www.n-py.com may use Flash cookies.

How are cookies used?

Cookies have various uses. For example, they are used to identify you as a unique user of a website or application. The information collected includes: IP address, device ID, pages viewed, browser type, information regarding the time and date of browsing, referring site addresses, and the features you used.

There are three main categories of cookies:

Technical cookies: These are used to operate the website or application on which they are installed. They will be used, for example, to display pop-ups that may appear on the website or application (to inform you of weather conditions or access, for example). These cookies are essential for the proper functioning of our website and application.

Functional cookies: These cookies allow us to remember your preferences and make the use of our website and application more seamless. For example, they allow us to remember the product selection made via "Book my stay" to facilitate navigation. They also allow third-party applications to function. This may be the case, for example, when implementing a chat service on the website.

Analytical cookies are used for statistical purposes to understand how our websites and applications are used so that we can continually improve them and offer you the best possible service. They also allow us to measure the interactions you may have with advertisements, emails we send you, etc.

How can I control these cookies?

You can control cookies through your browser settings. You can control Flash cookies through the Macromedia Flash application on your computer, or by visiting the Adobe Flash Player website, which allows you to identify, modify, and delete Flash cookies.

The use of cookies, web beacons, or similar technologies by any third-party websites that provide advertising content is subject to their own cookie policies.

If you have consented to the placement of cookies on your browser via the banner displayed on the homepage of the N'PY website or services, please note that this consent may be withdrawn at any time.

You can disable cookies [containing the name "n-py"] by following the instructions below:

  • If you are using Internet Explorer: Go to https://www.n-py.com/ and press F12 to open the developer tools. Click the "Networks" tab, then click the icon with a red cross over a cookie. Hovering over this icon will display the text "Clear cookies." Click this icon to delete cookies for that domain name.
  • If you are using Firefox: In the top right corner, click the menu icon, then click the "Options" tab. Select "Privacy and Security" and click "delete specific cookies." In the search bar, locate and select the cookie(s) containing the name "n-py" and click "delete selected cookie(s)."
  • If you are using Safari: In your browser, click Safari in the menu bar and select "Preferences." Select the "Privacy" tab and click "Manage website cookies." In the search bar, search for cookies containing the name "n-py" and click "delete." After deleting the cookies, click "Finish."
  • If you are using the Google Chrome browser: Click the "More" icon. Then, click the "Settings" tab. At the bottom of the page, click "Advanced settings." In the "Privacy and security" section, click the "Content settings" tab, then click "Cookies." Click "Show all cookies and site data," and in the "Search cookies" search bar, search for files containing the name "n-py" and delete them by clicking the trash can on the right.
  • If you are using the Microsoft Edge browser: You will not be able to delete cookies specific to a particular website. However, you can delete all cookies. To do this, click the "More" icon and then "Settings." Then, under "Clear browsing data," select "Choose what to clear." Check the "Cookies and saved website data" box and then click "Clear."

You can manage cookies using your browser controls. For more information on how you can delete and control cookies that are stored on your computer, please visit https://www.allaboutcookies.org/manage-cookies/index.html

Last updated: 12/12/2023