Privacy Policy – Shanti Lake

Last updated: 23/06/2025

At Shanti Lake (operated by DG, SIREN 941072852), we respect your privacy and are committed to protecting your personal data in accordance with the General Data Protection Regulation (GDPR) (EU Regulation 2016/679).

This Privacy Policy explains how we collect, use, and protect your information when you interact with our website (https://www.shantilake.com) or participate in our services.

1. Who We Are

Data Controller:
Shanti Lake (DG)
30 Hameau de la Grausse, 09420 Clermont, France
Email: info@shantilake.com

2. What Data We Collect

We may collect the following personal data when you visit our site or use our services:

  • Contact information: name, email address, phone number

  • Booking details: arrival/departure dates, retreat type, room preference

  • Payment details: payment method, transaction ID (processed securely by third-party providers like Stripe)

  • Health info (if provided voluntarily): allergies, dietary preferences, or medical conditions relevant to your stay

  • Technical data: IP address, browser type, pages visited (via cookies/analytics)

3. Why We Use Your Data

We process your data for the following purposes:

  • To manage bookings, payments, and registration

  • To send booking confirmations and important service emails

  • To respond to inquiries or support requests

  • To comply with legal obligations (e.g., accounting, tax)

  • To improve our services and website user experience

4. Legal Basis for Processing

We process your data under one or more of the following lawful bases:

  • Contractual necessity – to manage bookings and deliver services

  • Legitimate interests – to operate and improve our business

  • Legal obligation – to comply with French and EU regulations

  • Consent – for optional communications or if health-related data is provided

5. Data Sharing

We do not sell or rent your personal data. We may share it with:

  • Payment processors (e.g., Stripe) – to handle secure transactions

  • Booking platforms or facilitators – if you booked through a partner

  • Professional service providers – e.g., accountants, IT support

  • Public authorities – if legally required (e.g., for taxes or health & safety)

6. Data Storage & Security

Your data is stored securely within the EU or with trusted partners that comply with GDPR requirements.

We implement technical and organizational safeguards to protect your data from unauthorized access, loss, or misuse.

7. How Long We Keep Your Data

We retain your data only as long as necessary for the purposes listed above. For example:

  • Booking and invoicing data: 10 years (legal requirement in France)

  • Email communications: up to 3 years

  • Health-related data: deleted immediately after your retreat unless legally required

8. Your Rights

Under the GDPR, you have the following rights:

  • Access – request a copy of your personal data

  • Rectification – correct inaccurate or incomplete data

  • Erasure – request deletion of your data

  • Restriction – limit how your data is processed

  • Objection – object to certain types of processing

  • Portability – request transfer of your data to another provider

  • Withdraw consent – at any time, for consent-based processing

To exercise your rights, contact: contact@shantilake.com

9. Cookies

Our website uses cookies for basic functionality and analytics (e.g., Google Analytics). You will be asked for your consent when visiting the site.

You can manage or block cookies through your browser settings.

10. Changes to This Policy

We may update this policy from time to time. The latest version will always be available on our website.

11. Contact & Complaints

If you have questions or concerns, contact:
Shanti Lake – DG
Email: contact@shantilake.com

You also have the right to lodge a complaint with the CNIL (Commission Nationale de l’Informatique et des Libertés)www.cnil.fr