Reservation
EN
EN FR

Privacy Policy

Site editor

Thaiger Paris
16 Rue de la Harpe 75005 Paris

Scope

This Privacy Policy explains how we process personal data collected on our website, including via forms, cookies, and Google Analytics (GA4). It follows the principles of the GDPR applicable in France and sector practices observed in restaurant policies.

What Data We Collect

Depending on your interactions: Browsing and device data: IP address (anonymized for analytics), device/browser details, pages viewed, date/time, referrer URLs, consent choices. Contact form data: name, email, phone, message content, and any information you voluntarily provide. Newsletter (if applicable): email address and subscription preferences. Reservation requests (if applicable): name, contact details, date/time, party size, notes. Server logs and security data: technical logs generated by our host and security tools. We do not knowingly collect special categories of data unless you voluntarily share them. Please share only what is necessary.

Purposes and Legal Bases

Website operation and security (hosting, performance, security monitoring): Legitimate interest. Responding to inquiries and managing reservations: Contract performance or pre‑contractual steps; alternatively legitimate interest (business communication). Newsletter and marketing communications (if any): Consent (you can withdraw at any time). Audience measurement and usage analytics (Google Analytics 4): Consent via CookieYes. Compliance and legal claims: Legal obligation or legitimate interest, in line with clauses commonly stated in restaurant policies ).

Cookies and Consent

We use CookieYes to collect and manage cookie consent in line with EU requirements. You can review or change your preferences at any time via the cookie banner or the “Reject All” button visible on the site. Non‑essential cookies are only set after you consent. Essential cookies necessary for site functionality are always active. General explanations of cookies are similar to those found in restaurant cookie notices.

Google Analytics (GA4)

Purpose: to understand how the site is used and improve our services. Data: GA4 may process pseudonymous identifiers, device and event data, and approximate location (based on IP). We enable IP anonymization. Legal basis: Your consent via CookieYes. Control: You can disable analytics via our banner/settings, and you can also use Google’s browser add‑on if desired. For information about Google’s processing, see Google’s privacy policy at https://policies.google.com/privacy.

Data Recipients

Internal teams: staff authorized to handle inquiries and reservations. Service providers (processors): hosting provider, CookieYes (consent platform), analytics provider (Google). We require our providers to offer appropriate confidentiality and security safeguards.

International Transfers

Some providers (notably Google) may process data outside the EU/EEA. Transfers are protected by appropriate safeguards such as the European Commission’s Standard Contractual Clauses and supplementary measures, mirroring the type of clause found in restaurant policies . You can contact us for details of the applicable safeguards.

Retention Periods

Contact and reservation inquiries: up to 3 years after last contact (or longer if required for legal obligations). Newsletter data: until you unsubscribe or 3 years after last interaction. Analytics data (GA4): typically 14 months . Server logs and security events: usually up to 12 months, unless needed longer for incident investigation or legal purposes.

Your Rights (GDPR)

Subject to conditions and exceptions, you have the right to:
– Access, rectify, and erase your personal data.
– Restrict or object to processing.
– Data portability.
– Withdraw consent at any time (without affecting the lawfulness of processing before withdrawal).
– Lodge a complaint with the French data protection authority (CNIL).
– To exercise your rights, contact us at [[email protected]]. We may ask for proof of identity when necessary.

Security

We implement technical and organizational measures appropriate to the risk (secure hosting, SSL/TLS, access controls). No method is 100% secure, but we strive to protect your data.

Minors

Our services are intended for a general audience. If you believe a minor has provided data without appropriate consent, contact us to delete it.

Changes to This Policy

We may update this Privacy Policy to reflect legal, technical, or business changes. The “Last updated” date will indicate the latest version. Significant changes will be communicated on this page or via the site banner.

Contact

For privacy questions or to exercise your rights: [email protected].