Privacy Policy

Last update: 18/11/2025

The purpose of this policy is to inform users of the website about how their personal data is collected, processed and protected, in accordance with the General Data Protection Regulation (GDPR) and the recommendations of the CNIL (French Data Protection Authority).

1. Data controller

The data controller for the data collected on this website is:
Caroline Oliver – Tourist guide

Email :
Telephone :

2. Data collected

The following data may be collected via the contact form:

  • Surname
  • First name
  • Email address
  • Telephone number
  • Town/city
  • Country
  • Tour you are interested in
  • Number of people
  • Free message

No other personal data is collected without your consent.

3. Purposes of processing

Data is collected solely for the following purposes:

  • responding to enquiries sent via the contact form,
  • managing communications prior to service provision,
  • organising booked visits.

This data is never used for commercial purposes or shared with third parties.

4. Legal basis for processing

Processing is based on:

  • the legitimate interest of the Service Provider in responding to requests,
  • or consent when this is explicitly given (GDPR checkbox).

5. Recipients of the data

The data is intended solely for the Service Provider.
It is never sold, rented or transferred to a third party.

6. Data hosting

The site is hosted by:

o2switch – SAS
Chemin des Pardiaux
63000 Clermont-Ferrand – France

Data submitted via the form is also sent by email to the Service Provider.

7. Cookies and audience measurement tools

The website may use cookies for:

  • the technical functioning of the website,
  • audience measurement (Burst Statistics or equivalent),
  • consent management (Complianz).

A consent banner allows users to accept or refuse non-essential cookies.

For more information, see the website’s Cookie Policy.

8. Data retention period

Data sent via the form is not stored on the website.
It is simply sent by email to the Service Provider.

These emails are kept for a maximum of 12 months and then deleted on a regular basis.

9. Security

The Service Provider implements reasonable measures to protect data:

  • HTTPS encryption,
  • secure access to messaging,
  • security measures provided by the host o2switch.

10. Your rights

In accordance with the GDPR, you have the following rights:

  • right of access,
  • right to rectification,
  • right to object,
  • right to erasure,
  • right to restriction of processing.

To exercise your rights:

You will receive a response within 30 days.

11. Policy changes

This policy may be amended at any time in order to remain compliant with legal obligations.
Users are invited to consult it regularly.