Privacy Policy

Last updated: 20 February 2025

Pinnacle Experiences attaches great importance to the protection and respect of the privacy and personal data (“Personal Data “) of users of its website (hereinafter the ” website “).

Pinnacle Experiences is committed to implementing the appropriate measures for the protection, confidentiality and security of Personal Data in accordance with the regulations in force in France and in the European Union, in particular the EU General Data Protection Regulation 2016/679 of 27 April 2016 and the rules of national law adopted for its application.

Users are informed by this policy (the ” Policy “) of the practices and treatments inherent in the collection and use of Personal Data by Pinnacle Experiences as a controller. Accordingly, Pinnacle Experiences invites users to read this document carefully to know and understand the processing of Personal Data.

It is specified that by browsing the Site, users accept this Charter and the general terms of use.

When using the website, users provide their Personal Data in digital format.

1.1 APPLICABLE PRINCIPLES FOR THE COLLECTION OF PERSONAL DATA

In general, users can browse the website without necessarily having to communicate Personal Data to Pinnacle Experiences.
Pinnacle Experiences collects only the Personal Data necessary to carry out the processing it implements and ensures a high level of protection. As such, the processing operations requiring data collection are as follows:
Collection and management of registrations and reservations to the experiences offered;
Sending confirmations, logistical information and updates on events;
Secure payment through our third-party providers Paygreen, Stripe;
Improving our services and personalizing the experience on our site;
Sending marketing communications or promotions, with your consent.

In this case, the personal information collected from users is at least:
Name;
First name;
E-mail address;
Telephone number;
Mailing address (if required for the booking);
Online payment information (processed through a secure provider).

This data is collected in several ways:

When registering for our experiences via online forms;
When booking or paying on our website;

These Personal Data are then kept for the time necessary to complete the user’s request. If they are not implemented, they are deleted within the time recommended by the CNIL, that is three years after their collection by the Site subject to legal possibilities and obligations regarding archiving, obligations to retain certain data and/or anonymize it.

1.2 INFORMATION ON WEBSITE USERS’ BROWSING HABITS

When using the website or certain services linked to the website, certain data is automatically collected such as: IP address, reference of the browser software used, navigation data (date, time, content viewed, search terms used, etc.), operating system references. Among the technologies used to collect this information, Pinnacle Experiences may use “php” sessions that store each user’s data using a unique session identifier. These php sessions keep the data in memory only the time of browsing users. The data collected during browsing is thus deleted at the moment when the user’s browser closes, or, if applicable, within a maximum of thirteen months from their collection.

Personal Data is processed by Pinnacle Experiences in the cases permitted by the regulations in force and under the following conditions:
Obtaining free, specific, informed and unambiguous consent from users to the processing of their Personal Data (it is specified that for minors under 18 years of age, consent must be given by the legal representative);
Collection of Personal Data necessary to fulfill the users’ request;
Compliance with legal and/or regulatory obligations imposed on Pinnacle Experiences (such as the fight against fraud and corruption);
Protection of Pinnacle Experiences’ legitimate interests (such as protecting the security of its computer network).

Only the authorised personnel of the group and the service providers of Pinnacle Experiences may have access to the Personal Data collected and be required to process them, without prejudice to their possible transmission:

1. To partner organizations required for the organization of experiments, such as:
Sports clubs,
Tourist offices,
Transport companies,
Logistics providers and other event partners, to the strict extent necessary for the realization of the booked events.

2. To companies entrusted with a control or inspection mission in accordance with the legislation and/or regulations in force or for the purpose of responding to a judicial or administrative decision. All recipients of Personal Data are subject to a confidentiality obligation and undertake to use such data only in the context of the purposes mentioned. Pinnacle Experiences undertakes not to market the Personal Data collected from third parties.

The Personal Data collected from users of the website are exclusively stored in France and are not transferred outside the European Union. In the event of use of affiliates or service providers located outside the European Union, Pinnacle Experiences undertakes to verify that appropriate measures have been put in place so that users’ Personal Data benefit from an adequate level of protection.

Pinnacle Experiences collects and processes users’ Personal Data with the utmost confidentiality and in compliance with applicable laws. Users are protected against unauthorized access, modification, disclosure or destruction of their Personal Data. When the disclosure of Personal Data to third parties is necessary and authorized, Pinnacle Experiences ensures that these third parties guarantee the Personal Data concerned the same level of protection as that offered to them by Pinnacle Experiences, and requires contractual guarantees so that the Personal Data is processed exclusively for the purposes accepted by the users, with the required confidentiality and security (in particular thanks to European Commission model clauses, Internal Company Rules (‘BCR’) or the Data Protection Shield set up between the European Union and the United States of America).
Pinnacle Experiences implements technical and organisational measures to ensure that the storage of Personal Data is secure for as long as is necessary for the purposes for which it is to be used. Users’ attention is drawn to the fact that no transmission or storage technology is totally infallible. Therefore, in the event of a proven breach of Personal Data likely to give rise to a high risk for the rights and freedoms of users, Pinnacle Experiences will inform the competent supervisory authority of this breach in accordance with the procedures set out in the applicable regulations. Users are responsible for exercising caution to prevent any unauthorised access to their Personal Data and in particular to their computer and digital terminals (computer, smartphone, tablet in particular).

The Website may occasionally contain links to the websites of partners or third-party companies which have their own data protection policies. Pinnacle Experiences has no control over the content of these websites and declines all responsibility for the use made of the information collected when users click on these links. Pinnacle Experiences therefore invites users to read the data protection policies implemented by the publishers of these sites before sending them any personal information.

Users have the following rights, subject to the limitations provided for by current legislation:

7.1. RIGHT TO INFORMATION ON THE PROCESSING OF PERSONAL DATA

Pinnacle Experiences is committed to making every effort to provide concise, transparent and accessible information on the conditions of processing users’ Personal Data.

7.2. RIGHT TO ACCESS PERSONAL DATA

Each user may access the Personal Data processed by Pinnacle Experiences and has the right to receive a copy of it in electronic form (for any additional copies, Pinnacle Experiences will be entitled to charge a fee based on the administrative costs incurred).

7.3 RIGHT TO ERASURE (‘RIGHT TO BE FORGOTTEN’) AND RECTIFICATION OF PERSONAL DATA

Each user has the right to request the deletion and/or rectification of personal data concerning him when it is incorrect or obsolete. It is specified that Pinnacle Experiences may retain certain Personal Data when required by law or for legitimate reasons.

7.4. RIGHT OF OPPOSITION

Users may object at any time for legitimate reasons: the use of their Personal Data for direct marketing purposes or the reuse of their Personal Data for different treatments than those granted, except in case of performance by Pinnacle Experiences of one of its legal obligations.

7.5. RIGHT TO RESTRICTION OF PERSONAL DATA PROCESSING

Users have the right to request that the processing of their Personal Data be limited to what is necessary. This right is applicable only:
if the user disputes the accuracy of their Personal Data;
if the user can establish that the processing of his Personal Data is unlawful and requests a limitation of their use rather than a deletion;
if Pinnacle Experiences no longer needs the user’s Personal Data but that these are still necessary for the user to establish, exercise or defend legal rights;
if the user objects to processing based on the legitimate interest of the controller, during the verification of whether the legitimate reasons pursued by the controller prevail over those of the user.

7.6. RIGHT TO COMPLAIN TO A SUPERVISORY AUTHORITY

If users believe that the efforts made by Pinnacle Experiences to preserve the confidentiality of their Personal Data do not guarantee respect for their rights, they have the possibility to lodge a complaint with the competent supervisory authority (CNIL or any other authority mentioned in the list available from the European Commission).

7.7. RIGHT TO PERSONAL DATA PORTABILITY

Users have a right to data portability, allowing them to obtain their personal data from Pinnacle Experiences in a structured format, commonly used and machine-readable and to request that these Personal Data be transmitted to another controller of the processing.

7.8. RIGHT TO DECIDE THE FATE OF PERSONAL DATA AFTER DEATH

Users also have the right to organise the fate of their Personal Data after their death by adopting general or specific guidelines that Pinnacle Experiences undertakes to respect. In the absence of such directives, Pinnacle Experiences recognizes the possibility for the heirs to exercise certain rights, in particular the right of access if necessary for the settlement of the deceased’s estate and the right of opposition.

7.9. CONDITIONS FOR EXERCISING RIGHTS

To exercise their rights, users are invited to contact the Pinnacle Experiences Data Protection Officer in accordance with the procedures described in Article 10. To help users exercise their rights, the CNIL has provided model letters on its website (www.cnil.fr). Before processing the user’s request(s), Pinnacle Experiences may verify their identity by requesting proof of identity. The Personal Data Protection Officer will respond to their request(s) as soon as possible and in any event within one (1) month of proof of identity. If necessary, this period may be extended by a further two (2) months depending on the complexity and number of requests, in which case Pinnacle Experiences undertakes to inform users of the extension and the reasons for the postponement.

Pinnacle Experiences reserves the right to bring, at any time, amendments to this Personal Data Protection Charter in order to comply with legislative and regulatory developments and/or improve its policy for the processing and protection of Personal Data. If any changes are made, a new version will be updated and put online with the date of ” Last update “.

This Charter is subject to French law, including the provisions applicable to rules of private international law. In the absence of an amicable agreement, jurisdiction is given to the courts of the Paris court of appeal notwithstanding plurality of defendants and/ or appeal in guarantee to know any dispute relating to the use of the site and/ or validity, the execution and interpretation of these GCU.

Pour toute question relative à la présente Charte aux fins de rectification, de complément ou de mise à jour, les utilisateurs sont invités à contacter Pinnacle Experiences :
En adressant un email au Délégué à la Protection des Données à l’adresse officepinnacleexperiences@gmail.com