Politique de confidentialité

Privacy Policy : 
Management of personal data and cookies   

Updated to 15 January 2022 


This policy is written in accordance with the provisions of Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of individuals with regard to the processing of personal data and on the free movement of such data (known as the "RGPD") and the French Data Protection Act of 6 January 1978, as amended (known as the "Data Protection Act").  

This privacy policy may change. Any modification will be notified on this Site. These modifications may concern the processing of new data of Users, who will be informed prior to collection, or may be due to updates following legislative changes. 

1.    Definitions 

User: refers to the natural person who carries out one or other of the following activities: 
- visits and browses the Site; 
- contacts the Data Controller in order to receive information; 

Site: refers to the site published by the Data Controller at the following web address: https://www.hotelartplace.com

Data: refers to the User's personal data collected for the purposes described below.   

Data controller: refers to the company Staam, a simplified joint stock company with a capital of 10,000 euros, whose registered office is located at 679 avenue de la République, 59,000 LILLE, registered in the Lille Trade and Companies Register under number 883 294 241, represented by Mr Ludovic SIMON, duly authorised in his capacity as Chairman. 

Exhibitions: refers to the exhibitions organised by Staam up, for the benefit of the Hotels and the Artists (in which the Artists may participate after having responded to a Call for Entries and if and only if they have been selected by the Hotel). 

Platform: refers to the Platform published on this Site under the trade name "Hotel Art Place", enabling the public, the Artists and the Hotels to connect.  
2.    Purpose 

The purpose of this privacy policy is to inform the User of the processing carried out on his/her Data by the Data Controller.

The User may at any time write to the Data Controller in order to exercise his/her rights with regard to his/her Data under the conditions specified below.   
3.    Implementation of personal data processing 

The Data Processor processes Data in accordance with the provisions of the RGPD and the French Data Protection Act.  

The person whom the User may contact concerning the protection of his Data is : 
SIMON Ludovic  
Contact email address: contact@staamup.com
4.    Data collected, place of collection and purpose of data processing

4.1.    Data collected: 

The Data Controller collects the following Data in the manner described below:  

With regard to users: 

email address :  

With regard to the artists: 

Works produced by the Artist ; 
previous exhibitions in which he/she has participated; 
prizes received, if any; 
training ; 
titles and files of the works they have produced.    

With regard to the Hotels : 

email address; 

With regard to Users of the Site who only wish to obtain information from the Platform: 

email address.  

4.2.    Place of collection : 

The Data is collected directly by the Data Controller on the Site when the User :
- deposits his/her email address; or 
- wishes to create an account in order to respond to Calls for Entries as an Artist; or 
- wishes to create an account in order to submit Calls for Entries as an Organiser. 
4.3.    Purpose of processing 

The purpose of processing the Data is to:  
(i) to answer questions from any User following contact. 
5.    Consent to the processing of Data  

Users' data is collected on the following legal basis:

(i) to enable the performance of the service requested by the User when creating an account on the Site according to the purposes indicated above;  
(ii) to respond to the User's request when they wish to contact the Data Controller. 

Consequently, and in accordance with Article 6 of the RGPD, as soon as the User creates an account on the Website or contacts the Data Controller, he/she consents to the use of his/her Data in order to allow the Data Controller to respond to his/her request and to execute the subscribed service.
6.    Duration of Data retention 

Users' Data are kept for the duration of the contractual relationship between the User and the Data Controller.  

Users may delete their account at any time by going to their user account on the Site. In such a case, the Data is immediately deleted from the Site. 

Thereafter, the Data of the Artists are deleted from the files of the Controller at the end of a maximum period of THIRTY (30) Days from the date of the end of the last Event in which the Artist was to participate.

The Organiser's Data will be deleted from the Platform's files within THIRTY (30) Days from the date of the end of the last Event carried out by the Organiser. 
In general, the Users' Data will be archived for reasons of legal security, in particular in the context of litigation for the establishment, exercise or defence of the legal rights of each of the Parties. 
User Data relating to the management of orders, invoicing and payment are kept for a period of 10 years from the end of the contractual relationship between the parties to the contract.  

7.    Users' rights to their Data  

In accordance with the provisions of Article 14 of the RGPD, the User is informed that he/she has the following rights over his/her Data:   

Right of access: namely the right for the User to request a list of the Data processed by the Data Controller; 

Right of rectification, i.e. the right to request that inaccurate or incomplete information be corrected; 

Right to erasure ("right to be forgotten"): i.e. the right to request the deletion of Data, except where it is necessary for the Data Controller to retain the Data for the establishment, exercise or defence of its legal rights; 

Right to withdraw consent: the right of the User to withdraw consent to the processing of Data for legitimate reasons, i.e. for reasons other than those related to the performance of the services subscribed to on the Site;       

Right to object: namely, the right to object, for legitimate reasons, to the use of the Data;  

Right to Data portability: i.e. the possibility to obtain and re-use for personal purposes the information held by the Data Controller and to request its transfer to another data controller and/or to request a copy of it, where technically possible;  

Right to limitation: namely the right of the User to challenge the accuracy of the Data and to request the Data Controller not to process the Data any further during the verification period, the limitation of the use of the Data in case of unlawful processing; the conservation of the Data in order to allow the User to establish, exercise or defend his/her rights in court; 

Right to lodge a complaint: the right to lodge a complaint with the Commission Nationale de l'Informatique et des Libertés (CNIL) or its local data protection authority if the User is not resident in France. 

All of the above rights may be exercised directly with the Data Controller by writing to the following email address: contact@staamup.com and enclosing proof of identity when sending the email.  

8.    Data security  

The Data Controller undertakes to take all precautions to preserve the security and confidentiality of the Data, whether during collection or during processing of the Data within its information system. 

The collection of Data is secured using SSL (Secure Sockets Layer Software).
Similarly, the Data Controller ensures the security of the Data in its files so that no unauthorised third party can gain access to it, both in terms of computer security and the physical security of its premises.   

9.    Use of cookies - consent of the User 

9.1.    Definition

Cookies are small files that are deposited on the User's terminal when the User visits a website or a mobile application. 

Article 32-II of the French Data Protection Act stipulates that tracers (cookies or other) requiring consent may not be deposited or read on the User's terminal unless he/she has given his/her consent. 

An exception to the prior consent of the User is however provided for in this text with regard to storage or technical access exclusively for the purpose of carrying out or facilitating the transmission of a communication, which is strictly necessary for the provision of the service requested by the User (for example to memorise connection identifiers). 

In accordance with the provisions of this text, the Data Controller informs the User by means of a banner on the home page of the Site and invites him/her to manage his/her preferences so that he/she can express his/her acceptance or refusal of the insertion of cookies. 

The User's consent is valid for a period of THIRTEEN months. 

9.2 Type of cookies used and consent of the User 

As soon as the User browses the Site, the Data Controller places cookies on his/her terminal, as defined below: 

(i) Technical cookies: these are cookies that are essential for browsing and enabling the use of the services offered on the Site. 

(ii) Audience measurement cookies: these are cookies that make it possible to measure the use and performance of the Site, to draw up statistics and volumes of traffic and use of the services of the Site and the Application (content visited, user path) in order to optimise the ergonomics of the Site and enhance the services offered. 
With the exception of technical cookies, the User must give his/her consent to the use of audience cookies and may therefore accept or refuse them.
10.    Transfer of Data to Third Parties and outside the European Union 

As of the date of this Privacy Policy, the Controller transfers Data to its web service provider for the purposes of hosting and maintaining the Site. 

The Data Controller does not transfer Personal Data outside the French territory. 

11.    Applicable law and settlement of disputes   

This policy is drafted in accordance with the provisions of the RGPD and the French Data Protection Act. Any dispute relating to the interpretation and execution of this policy will be subject to the provisions of these texts.

However, in the event of a dispute and in accordance with the provisions of Regulation No. 593/2008 of 17 June 2008 on the law applicable to contractual obligations (known as the "Rome I Regulation"), this choice of law may not result in the User being deprived of the protection afforded by the provisions which cannot be derogated from by agreement under the law which would have been applicable in the absence of a choice of law. Thus, in the event of a dispute, the User may request that the protective provisions of the law of his country of residence be applied. 
In the event of a dispute arising from the performance of these Terms of Use, the Parties shall make their best efforts to settle the dispute amicably. In the event of a complaint, the User may submit his request to the Data Controller. 
The User may also submit a claim to the French National Commission for Information Technology and Civil Liberties (CNIL) or contact his local personal data protection authority if he does not reside on French territory. 
If it is not possible to find an amicable solution, disputes will be submitted to the competent courts in accordance with the provisions of European regulation n°1215/2012 of 12 December 2012 (Brussels 1 bis Regulation). The User may also have recourse to any other alternative dispute resolution method. 

Original artwork
with certificate of authenticity
by experts
Free returns
up to 14 days after receipt
Secure payments
by credit card or bank transfer