Privacy policy

SAS MALIBU (TE MOANA TAHITI RESORT), hereinafter referred to as “TE MOANA TAHITI RESORT,” is a simplified joint-stock company registered with the Paris Trade and Companies Register under SIRET number 938 554 342 00015. Its registered office is located at PK 10.500 côté mer – SAS MALIBU – Punaauia Centre – BP 2851 Punaauia 98703 Punaauia. Its main activity is the operation and management of a hotel and restaurants, including services related to event organization or hosting.

Given the trust-based relationship between TE MOANA TAHITI RESORT and its guests, the hotel has established a privacy policy that complies with the requirements of the General Data Protection Regulation (GDPR).

This privacy policy adopted by our establishment informs you of the types of information we collect from our clients and visitors to our website www.temoanatahitiresort.com.

Additionally, we explain the reasons for and methods by which TE MOANA TAHITI RESORT uses this information.

By providing us with your personal data, you agree to the processing and use of this data as described in this privacy policy and have obtained the corresponding authorization (if necessary). If you do not agree to the processing of your personal data under this policy, please refrain from providing it and discontinue use of our services.

I. Data Processed

1. Data subjects

TE MOANA TAHITI RESORT collects personal data from all individuals who enter or wish to enter into contact with the establishment, including the TAAPUNA RESTAURANT, TAAPUNA BAR, TAAPUNA BEACH BAR, HONONUI Wellness Center, and TE MOANA EXPLORATIONS: clients, prospects, suppliers, business partners, media, job applicants, etc.—whether through browsing the website, submitting contact or reservation forms, emails or other correspondence, or orally via phone or in person. Personal, professional, sensitive, location, and payment-related data is collected from anyone booking or experiencing a stay, meal, event, or activity at the resort. Connection and browsing data processed by TE MOANA TAHITI RESORT is collected from anyone who continues browsing the website after accepting cookies other than essential cookies.The website is intended for adults. It is the responsibility of legal guardians to monitor and guide minors in their internet use.

2. Categories of data processed

a. Data directly collected by the hotel

TE MOANA TAHITI RESORT collects the following “personal information”: full name, address, email, phone number, age, gender, image, payment card details, passport, expenses incurred, flight and arrival/departure details, complaints, and specific requests. This may include additional personal data such as nationality, country of residence, and copies of ID. Depending on the case, information about family status, children’s ages, lifestyle preferences (e.g., dietary habits, pet ownership), or any voluntarily disclosed specific personal data may also be collected. Professional data may be collected when the request or reservation is work-related. Sensitive data (e.g., health conditions, dietary requirements, religious or political beliefs) may also be collected if voluntarily disclosed as part of a specific request.When visiting the website, connection data such as IP address, IMEI number, mobile phone number, device model, approximate location, access software, operating system, and date/time of connection may be collected. Browsing data may include pages viewed, time spent, navigation history, and preferences. These help ensure website security and optimize the user experience. Identity is not disclosed during website browsing. Our tools, including Google Analytics, only collect anonymous data such as visit duration, origin, and gender, which we use to improve our editorial and website quality. However, personal information like full name, address, email, and phone number is required if the user proceeds with a reservation.

b. Data Collected by Hotel Partners

TE MOANA TAHITI RESORT processes data collected by the following partners:

  • TE MOANA EXPLORATIONS (nautical center): may collect personal data (e.g., civil status, contact info, health-related info like swimming level or medical restrictions) for safety/logistics reasons, with consent.
  • HONONUI WELLNESS CENTER: collects data when booking services or treatments, including ID, contact, health preferences, and payment info.

The hotel also processes the same categories of data shared by online booking platforms (e.g., BOOKING, EXPEDIA, AGODA, RESERVING). Clients should consult those platforms’ privacy policies.

c. Cookie management

When a user visits the website, a cookie and unique identifier are assigned to their computer. Cookies help track behavior on the website, personalize the user experience, and support marketing and communication efforts.
Cookies improve the user experience on www.temoanatahitiresort.com and may enable targeted advertising. If users do not block cookies, their use is considered accepted. Most cookies used are performance cookies tracking visit numbers, time spent, location, etc. These help us improve the website continuously.
Users may block cookies in browser settings or withdraw consent at any time.

 

II. Characteristics of Processing

Some personal data is essential for proper stay management and service delivery. We collect this data to provide the best possible experience.

1. Processing Activities and Purposes

Les données à caractère personnel décrites au I. 2/ sont traitées par l’hôtel TE MOANA TAHITI RESORT dans le cadre des activités suivantes :

  • Booking, including online reservations;

When making a reservation on our website, the user must fill out a form containing their contact details and payment card information. Once the customer has submitted the form, the card number is saved in the FASTBOOKING tool. The information available in the FASTBOOKING system is then used by our reservation agents to confirm bookings.

Transactions made on our website are then recorded in our reservation system as well as in our archives. This information is essential to effectively respond to requests related to completed transactions, but also to prepare for guest arrivals and departures, as well as for payment of the stay.

Due to the personal nature of the information provided during the booking process on our website, the reservation system is secured through the FASTBOOKING tool to protect the submitted payment card information.

  • Hotel, bar and restaurant services during the hotel stay;

During the stay, we record detailed charges in order to correctly issue the client’s invoice, which includes the room rate and all other expenses charged to the room. We also record this information to comply with financial reporting requirements, including those mandated by our auditors and government regulatory bodies. Stay-related information may also be stored (health issues, payment difficulties, specific requests, complaints, etc.).

This information collected during the stay is stored within the hotel’s management system.

  • Use of the activity center and wellness center;

While participating in water activities or using the wellness center, we record bookings, schedules, chosen services, as well as specific preferences or needs, in order to ensure proper service delivery. These data allow us to manage guest reception, equipment availability, staff scheduling, and billing if necessary. Some health-related information (for example: allergies, medical contraindications or physical restrictions) may be requested prior to certain activities to ensure the safety of participants. This data is collected only with the explicit consent of the client and used exclusively to tailor the service accordingly. Finally, in a spirit of personalized service and customer loyalty, we may record certain client preferences (type of massage, water temperature, preferred time slots), subject to their consent.

  • Organization of private or public, professional, cultural, artistic, or public relations events within the establishment;

As part of the organization of private or public events (professional meetings, cultural or artistic events, public relations, weddings, seminars, etc.), we collect and process certain personal data to ensure the preparation, coordination, and smooth running of each event. When the event involves photo or video capture, or the dissemination of promotional or media-related information, specific consent will be requested from participants, in accordance with applicable regulations.

  • Communication with individuals contacting TE MOANA TAHITI RESORT (information requests, job applications, etc.);

When you contact TE MOANA TAHITI RESORT—whether for an information request, a general inquiry, or a spontaneous or job-based application—we collect certain personal data in order to respond appropriately and provide the necessary follow-up. This information is used exclusively to address your inquiries, process your request, or evaluate your profile as part of a recruitment process.

2. Data Controller

TE MOANA TAHITI RESORT is the controller of all data processing mentioned above.

3. Legal Bases

TE MOANA TAHITI RESORT processes data primarily based on contract execution, legal obligations, or legitimate interest, in line with the GDPR. Sensitive data is processed with explicit consent or when necessary for safety. All processing is proportionate, confidential, and time-bound.

4. Recipients

Your data may be shared internally with authorized staff and entities (TAAPUNA, HONONUI, TE MOANA EXPLORATIONS) and with external providers (e.g., SAGE, OPERA, ZENCHEF, D-Edge, PIXIER) under strict contractual terms. Authorities may access your data if legally required (e.g., unpaid balances, fraud). Third parties (e.g., travel agencies, car rentals) may receive your data if involved in your booking.

TE MOANA TAHITI RESORT reserves the right to inform law enforcement of any suspected illegal activity.

5. Data transfers outside the European union

Some personal data may be transferred outside the European Economic Area (EEA). These transfers are safeguarded through standard contractual clauses, binding corporate rules, or adequacy decisions, as required by GDPR.

6. Security measures

We implement robust technical and organizational measures, including access control, IT and physical security, subcontractor screening, and staff awareness. However, absolute security cannot be guaranteed. Emails are not secure; sensitive data should not be shared via email.

7. Data retention

Personal data is retained for as long as legally required or until it is no longer needed. Secure systems store guest history and preferences to personalize future stays.

8. Video Surveillance

Some areas of the resort are under video surveillance for security purposes. This complies with applicable regulations, and access is restricted to authorized staff and authorities.

III. Data Subject Rights

You have the right to request from the data controller:

  • Access to your personal data and related information;
  • Rectification or erasure of your data;
  • Restriction of data use;
  • Objection to processing for marketing or profiling purposes;
  • Portability of your data under applicable conditions;
  • Directives on what should happen to your data after death;
  • Filing a complaint with the French Data Protection Authority (CNIL): www.cnil.fr.

To exercise your rights, you may submit a request:

  • In person at the hotel;
  • By email: sales@temoana.pf;
  • By mail to:
    Te Moana Tahiti Resort,
    BP 2851 Punavai,
    98 703 Punaauia, Tahiti, French Polynesia

A valid ID is required with any request. For in-person requests, a photo ID must be shown. Remote requests must include proof of ID, your address, and phone number. The hotel may decline requests with justification. You may also opt out of marketing by emailing: sales@temoana.pf.

IV. Privacy Policy Updates

In case of major updates, we will publish them on our website. Minor updates will be noted, but not applied retroactively without your consent, unless legally required. If we plan to use your data differently, you will be notified via email and may object in writing; otherwise, your consent is presumed.