*
Shipping & ReturnsPrivacy PolicyTerms of UseGeneral sales conditionsContact UsDual Account Logins

Privacy Policy

Updated as of March 28, 2024

The information you provide on the MGallery Boutique website (the "website") enables Hotels At Home SAS ("we", "our", or "us") to process and fulfill your order for items, furniture, and equipment found in MGallery Boutique rooms. We comply with data protection legislation, such as the General Data Protection Regulation of the European Union, which governs the processing of personal data and grants you various rights regarding your personal data. The purpose of this Data Protection Declaration is to inform you of our policies regarding the collection, use, and disclosure of your personal data when you use our website, in connection with the services provided on the website (the "services"), based on the choices you have made regarding this data. Before you provide us with personal data, we recommend that you read this Data Protection Declaration, which is also part of our General Terms and Conditions governing the provision of our services. Unless otherwise defined in this Data Protection Declaration, the terms used in this Data Protection Declaration have the same meaning as those used in our General Terms and Conditions of Sale, accessible via the link https://mgalleryboutique.com/en/help/terms-and-conditions.

1. Definition

Cookies: refer to small data files stored on your device (computer or mobile phone).
Data Controller: refers to the natural or legal person who (alone, jointly, or in common with other persons) determines the purposes and means of the processing of personal data. For the purposes of this Data Protection Declaration, Hotels At Home SAS is a data controller of your personal data.
Subprocessors (or service providers): any natural or legal person who processes data on behalf of the data controller. We may use the services of various service providers to process your data more efficiently.
Data Subject (or user): any person who uses our services and is the subject of personal data.

2. What is Personal Data?

For the purposes of this Privacy Policy, “Personal Data” means any information provided by you when interacting with us, through our Website or when calling us, or data is collected about you through your use of our Website and allowing you to be identified personally, either directly (e.g. your name) or indirectly, because the data references an identifier such as your name, an identification number, location data, an online identifier (e.g. telephone number) as an individual person. We may also collect personal data about you in other instances which relate to the provision of the Services.

3. When is and what kind of data is stored and processed for what reason?

Whenever you navigate our Website, data is collected and processed about you. We collect the following data:

  • Information related to the browser or device you use to access our website
  • IP address
  • Country you are browsing from
  • Browsing habits, including sites visited
  • Other demographics and statistical information
  • Email address
  • Phone number
  • Address, State, Province, ZIP/ Postal code, City

The data is collected through the session cookies (with regard to cookies see also below) we use on our Website. It is anonymised, before we use it to build anonymous utilisation profiles, for marketing purposes and to optimise our Website and the services we provide. This data shall not be used in order to identify the visitor of this Website personally.

3.1 Purchase Orders

When you place an order, we collect personal data, including:
● Your full name
● Your address, including city and country
● Your telephone number
● Your e-mail address, and
● Your credit card details
● The list of the items purchased

We use this Personal Data to handle your purchase order and to establish and fulfill our contract with you. This includes verifying your identity, taking guarantee and/or payment information We take the protection of your Personal Data very seriously and therefore have kept the mandatory required fields to a minimum.

3.2 Newsletter and Special Offers

If you provide us with your contact information (e.g. when you place an order with us or when you subscribe to our newsletter through our website), we may use this personal data to send you our newsletters and information about other special offers that may interest you, based on your previous interactions with us. You may receive newsletters from us regarding special offers, new services, or new features of the MGallery Boutique website. If you subscribe to our newsletter through our website, you only need to provide us with your email address. By providing your email address, you consent to receiving our newsletter. You can revoke your consent and unsubscribe from the newsletter at any time by clicking on the unsubscribe link included in each newsletter. If you have any other objections, please contact our customer service at the following address: customer.service@mgalleryboutique.com. We also include web beacons in HTML newsletters to count how many newsletters (or articles, specific links, etc.) are viewed and on our website to count the users who have visited these pages.

3.3 "Contact Us" Functionality

You can get in contact with us via our Website by using the “Contact Us” functionality, or by telephone, or by chat. To contact us you are required to provide the following information:
● Your full name
● Your zip code
● Your telephone number and your e-mail address,
● Your enquiry, and
● RecCAPTCHA, to confirm you are an actual person, and not a robot

We use your information to reply to your enquiry
Depending on the purposes, your personal data is processed (i) to comply with the legal and/or regulatory obligations to which HOTELS AT HOME SAS is subject concerning the protection of personal data, (ii) for the purposes of executing the General Terms and Conditions of Sale, (iii) in HOTELS AT HOME SAS's legitimate interest in being able to offer its offers to its customers on similar products, and (iv) to ensure its defense in the event of pre-litigation or litigation or to respond to any claims.
Your personal data may also be processed based on your consent to receive our newsletter.

4. SHARING OF PERSONAL DATA

The information provided on the website mgalleryboutique.com allows Hotels At Home Company to process and carry out orders. Hotels At Home is handling all information with privacy.
We inform you that Hotels At Home SAS can outsource the processing of your data to Hotels At Home, Inc., located in the United States, in order to process your orders and/or send you marketing emails if you choose to receive them. Hotels At Home agrees to be in accordance with the French and the European law concerning protection of data with personal features and also provides an appropriate level of protection to the processing done. We will share neither your email address nor your postal address, phone number or other personal information with any companies without your consent.
When information is transferred outside the European Economic Area, we will ensure that appropriate protection measures are in place. If your personal data is transferred to a country that is not the subject of an adequacy decision by the European Commission, the data will be adequately protected by the standard contractual clauses approved by the European Commission or the binding corporate rules of a third party.

5. COOKIES

This Cookie policy describes the different types of cookies and similar technologies that may be applied on the Website.

5.1 What are cookies?

A cookie is a data file, which often includes a unique identifier, that is sent to your browser from a web server and is then stored on the hard drive of the device you are using to browse the website. Each website you visit can send its own cookie to your browser if your browser’s preferences allow it, but to protect your privacy your browser only permits a website to access cookies it has already sent to you, not cookies sent to you by other websites. On the Website, users have the option of agreeing to the use of cookies in principle and thus being able to use all functions of the website without restrictions, the option of not receiving cookies at any time or of personalizing cookies by agreeing to the use of certain cookies. Please be aware that if you do not accept or deactivate the use of cookies which are subject to consent, this may lead to a situation that these cookies cannot do what they are intended for. In particular, if you deactivate functionality cookies, the respective functions of the website cannot be used. Therefore, your consent is required if you want to use certain functions provided by cookies.

5.2 How we use cookies

On our website, users have the choice to accept the use of cookies in general and thus be able to use all the functions of the site without restriction, not to receive cookies at all, or to customize cookies by accepting only the use of certain cookies.
You can find more information about the categories of cookies we generally use and the purposes for which we use them through this link. For the individual cookies of each category, we have further set forth the cookie name, duration of the operation of the respective cookie, description of what this cookie does and, if applicable, what personal information is concerned as well as the name of the third party(ies) having access to the cookie.
FOR EXAMPLE:
● Cookies necessary for the operation of the site: essential for navigation, these cookies allow users to use the main features of the site such as maintaining their identification throughout their navigation.
● Customization cookies: these cookies allow the retention of browsing preferences based on previous visits. This category of cookies does not require the consent of the data subject.
● Marketing cookies: these cookies allow the user's browser to request advertising content from HOTELS AT HOME SAS partners and to transmit personal data to them for this purpose.
● Statistical cookies: these cookies allow the improvement of the site. In this regard, the cookies used allow for the analysis of the behavior of data subjects in a global and anonymous manner and the compilation of statistical reports on the activity of the site, the purpose of which is to guide HOTELS AT HOME in its decision-making regarding improvements to the site. Information on the use of the site by data subjects is transmitted to the third-party issuers of these cookies.
The latter three categories of cookies require the consent of the data subjects. This consent can be given by clicking on the "Allow All" button in the information banner displayed when first connecting to the site (or when reconnecting in case of refusal during a previous connection).Please be aware that if cookies are disabled, not all features of the Website may operate as intended. In particular, if you disable functionality cookies, the corresponding functions of the website cannot be used. Therefore, your consent is required if you want to use certain functions provided by cookies. You can read Google's privacy policy here.

5.3 How to control and delete cookies

With the banner, we offer you a convenient option of rejecting or approving individual cookies or groups of cookies generally used on the Website. You can also block and delete cookies at any time by changing settings on your browser. To manage cookies, most browsers allow you to accept or reject all cookies or accept only certain types of cookies. Information about the procedure to follow in order to enable or disable cookies can be found on your Internet browser provider’s website via your help screen. You can also find out how to do this and find more information on cookies at www.allaboutcookies.org. for information on how to manage cookies within commonly used browsers. Please be aware that if cookies are disabled, not all features of the Website may operate as intended. If you would like more information about interest-based advertising, including how to opt-out of these cookies, please visit http://youronlinechoices.eu/.

6. WHAT KIND OF SECURITY MEASURES FOR THE COMPLIANCE WITH DATA PROTECTION?

We strive to comply with appropriate security standards and have implemented robust technical and organizational measures for the protection of your personal data in accordance with the current state of the art, especially to protect data against loss, falsification, or unauthorized access by third parties. For the transfer of particularly sensitive personal data over the internet, such as credit card information, we use exclusively encrypted transmission channels and comply with the Payment Card Industry Data Security Standards (PCI DSS) security standards, which are a series of policies and procedures aimed at optimizing the security of transactions with credit, debit, and cash cards and protecting cardholders from misuse of their personal information. However, the transmission of information over the internet is not completely secure. For this reason, although we strive to protect your personal data, we cannot guarantee the security of your data transmitted to our website. Any transmission is at your own risk. Once we have received your personal data, we use strict procedures and security measures to prevent unauthorized access. Our internal processing is carried out within a VPN, which is protected by a firewall from the open internet and within which all communication is encrypted. To the extent that third parties (i.e. external companies) provide us with data processing services, we have obtained their commitment to comply with our data protection rules. Compliance with these rules by our external service providers is monitored by our Global Data Protection Manager.

7. YOUR RIGHTS

In respect of the collection and use of your personal data, you may:

● Withdraw your consent at any time for example by unsubscribing from the newsletter by clicking on the unsubscribe link provided in each of our communications.
● Ask us whether we process personal data about you, for what purposes, the categories of personal data concerned, to which categories of recipients the information has been communicated, where possible, the envisaged retention period of the personal data (or, where not possible, the criteria used to determine that period).
● Ask us whether we processes Personal Data about you, for which purposes, the categories of Personal Data concerned, to which categories of recipients the information has been disclosed, where possible, the envisaged period for which the personal data will be stored (or, if not possible, the criteria used to determine that period),
● Inquire with us about the appropriate safeguards relating to the transfer to a third party, ask us for a copy of the Personal Data undergoing processing and ask to receive your Personal Data in a structured, commonly used and machine-readable format and to transmit those data to another controller without any hindrance from us.
● Have inaccurate data rectified,
● Object against the further processing and request erasure of your Personal Data,
● Request that the processing of your personal data is restricted
● Request not to be subject to a decision based solely on automated processing, including profiling, which produces legal effects concerning you or similarly significantly affects you.

If you have any further questions on your personal data which has been stored with us or would like to exercise your rights please refer to our Global Data Protection Manager via the contact details stated below.
You can exercise your rights by contacting HOTELS AT HOME - Global Data Protection Manager - 163, rue de la Belle Etoile - Business Park Paris Nord 2 – Bât 6B - 95700 ROISSY EN FRANCE - France.
Finally, you can also lodge a complaint with the supervisory authorities, including the CNIL or any other competent authority.

Hotels at Home SAS may share your personal data with our partner MGallery Boutique, as a third-party recipient, for the purpose of sending you marketing emails. This transfer of your personal data is based on your consent, which you provided by ticking the box provided for this purpose on the homepage of the website, the payment page, and at the bottom of each page of the website.
For more information on the processing of your personal data implemented by MGallery Boutique, you can consult the privacy policy of MGallery Boutique.

8. RETENTION AND DELETION OF PERSONAL DATA

We only keep your personal data for a limited period, necessary for the aforementioned processing purposes. At the end of this period, your personal data is erased. If we process your personal data based on your consent, we keep your personal data until you withdraw your consent. When we enter into a contract with you, we keep your information for the duration of the contractual relationship you have with us and, to the extent permitted, after the end of that relationship for a period of 5 years for evidentiary purposes. The criteria for determining the storage period are statutory and contractual requirements, the nature of our relationship with you, the nature of the data concerned, and technical requirements. When we process personal data for marketing purposes or with your consent, we process the data until you ask us to stop and for a short period thereafter (to enable us to comply with your requests). We also keep a record of the fact that you have asked us not to send you direct advertising or not to process your data, so that we can comply with your request in the future. In other cases, we may keep data for an appropriate period after a relationship with you ends to protect ourselves against claims or to manage our business.
In this regard, your data is kept for the following periods:
- Data necessary for the management of your order:
● Your identification data necessary for the management of your order is kept for 5 years,
● Bank card data and their expiration dates are kept until full payment or until the performance of the service, unless archived (non-active database) for the sole purpose of managing the dispute of a transaction; in the latter case, this data is kept for 13 months following the debit date or 15 months in the case of deferred debit payment cards. Cryptograms are deleted at the end of the transaction.
- Data necessary for the management of the commercial relationship (complaints management, after-sales service): 5 years
- Data necessary for commercial prospecting (advertising messages, competitions, promotions, etc.) are kept for 3 years from your last contact with our services or until you exercise your right to object or withdraw your consent.
- Keeping of accounts:
● In the form of an intermediate archive: legal retention period (accounting obligation of 10 years).
The identity document is kept for the time necessary to verify the identity of the data subject.
● A copy of an identity document may be kept for a period of 6 years if it is necessary for evidentiary purposes or to comply with a legal obligation.

9. UPDATES

This Privacy Policy may be updated periodically. We will update the date at the top of its first page accordingly and encourage you to check for changes that we have made, which will be available at https://www.mgalleryboutique.com/en/help/privacy-policy. On some occasions, we may also actively advise you of specific data handling activities or significant changes to this Privacy Policy, as required by applicable law.

10. LINKS TO OTHER WEBSITES

Our Website may contain links to other sites that are not operated by us. If you click on a third party link, you will be directed to that third party’s site. We strongly advise you to review the Privacy Policy of every site you visit. We have no control over and assume no responsibility for the content, privacy policies or practices of any third party sites or service therefore we strongly advise you to review the Privacy Policy of every site you visit.