Privacy Policy
Back to homepage
The company HOMEBAGS is a Simplified Joint Stock Company (SAS), with a share capital of €7,500,
registered with the Cannes Trade and Companies Register under number 982 255 739, with its registered office at
33 rue Du Pont Saint-Victor, 06400 Cannes, France (hereinafter "HOMEBAGS").
HOMEBAGS is committed to complying with current legislation in France and Europe (Regulation 2016/679 of April 27, 2016),
ensuring the protection, confidentiality, and security of personal data, and respecting privacy.
This Privacy Policy (hereinafter the “Policy”) describes how HOMEBAGS processes personal data of all individuals
concerned by the processing it implements.
The Policy also specifies the legal bases on which HOMEBAGS relies to process personal data,
the parties with whom this data is shared, and the retention periods.
In any case, regardless of the processing carried out, HOMEBAGS commits to the following principles:
- Data is only used for explicit, legitimate, and specific purposes related to the services offered by HOMEBAGS;
- Only data necessary for these purposes is collected;
- Every Data Subject is clearly and transparently informed about the purpose of using their data,
whether responses in forms are optional or mandatory, and their rights regarding data protection.
Article 1 – Definitions
- Application: Refers to the mobile application published by HOMEBAGS available on the Apple Store and Google Play;
- Personal Data: Refers to any information relating to an identified or identifiable natural person,
directly (such as by name or surname) or indirectly, in particular by reference to an identifier, location data,
or one or more elements specific to their physical, physiological, genetic, mental, economic, cultural, or social identity;
- Processing: Refers to any operation or set of operations performed on personal data, such as collection,
recording, organization, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure,
dissemination, alignment, restriction, erasure, or destruction;
- Data Subject: Refers to any identified or identifiable individual whose Personal Data is processed by HOMEBAGS in accordance with this Policy;
- Controller: Refers to the company HOMEBAGS which determines the purposes and means of Personal Data processing;
- Processor: Refers to any person or entity processing Personal Data on behalf of the Controller;
- Recipient: Refers to any person or entity receiving disclosure of Personal Data, whether or not a third party;
- Third Party: Refers to any person or entity authorized, public authority, service, or organization other than the Data Subject, the Controller, the Processor, and those authorized to process the data under their authority;
- Personal Data Breach: Refers to any breach leading to accidental or unlawful destruction, loss, alteration, unauthorized disclosure, or access to Personal Data.
Article 2 – Source and Categories of Data
2.1. Browsing the Application
When a Data Subject browses and uses the Application’s features, the following information may be collected:
- Identification data and contact details through collection forms, such as the registration form;
- Connection and audience measurement data during navigation;
- Data relating to the user’s device during connection and navigation;
- Data relating to exchanges between the Data Subject and HOMEBAGS.
2.2. Contacting HOMEBAGS
When a Data Subject contacts HOMEBAGS for information about its services, the following Personal Data may be collected:
- Identification data (name, surname, gender, age);
- Contact details (email address, postal address, phone number).
2.3. Use of Services
When the Data Subject uses the services offered by HOMEBAGS or makes a reservation, the following Personal Data may be collected:
- Identification data (name, surname, marital status, age);
- Contact details (email address, postal address, phone number);
- Profile information upon registration in the Application (name, surname, date of birth, gender, address, profile picture);
- Residence details at the partner establishment and flight schedules at Nice Côte d’Azur Airport;
- Payment data used to make a reservation.
Article 3 – Legal Bases for Processing
In accordance with applicable regulations, HOMEBAGS collects and processes Personal Data only under the following conditions:
- When the Data Subject gives free, specific, and informed consent to the processing of their data;
- When necessary for the performance of a contract or within the scope of a commercial relationship;
- When required to comply with legal or regulatory obligations (e.g. payroll, fraud prevention, anti-corruption);
- When HOMEBAGS’ legitimate interests justify processing the Data Subject’s Personal Data.
Article 4 – Purposes of Processing
The Personal Data collected and processed by HOMEBAGS is used for explicit, legitimate purposes which may vary depending on the context, including:
- Provision of content and services in the Application;
- Statistical analysis, including Application traffic monitoring;
- Communication and marketing operations;
- Management of reservations, deposit, and return of luggage;
- Managing relationships between HOMEBAGS and Application users;
- Managing requests and complaints;
- Contract management and follow-up with HOMEBAGS;
- Compliance with legal and regulatory obligations.
Article 5 – Data Retention
HOMEBAGS retains Personal Data only for as long as strictly necessary to achieve the purposes mentioned above.
Data may be stored longer only with explicit authorization from the Data Subject.
- Usage statistics: Data such as IP addresses and page visits (Consent – kept max 6 months via cookies).
- Marketing operations: Contact and identification data (Consent – up to 3 years after last interaction).
- Reservations: Identification, contact, and booking data (Contract – stored for contract duration + applicable limitation periods).
- Identity verification for luggage return: ID documents (Legitimate interest – kept only as long as necessary for verification).
- Account creation and management: Identification and booking history (Contract – kept until account deletion or 3 years of inactivity).
- After-sales service: Contact and billing data (Legal obligations – stored for contract duration + limitation periods).
Article 6 – Data Recipients
Access to Personal Data is strictly limited to those who need it in the course of their duties, including:
- Partner establishments and Nice Côte d’Azur Airport luggage storage;
- HOMEBAGS partners and processors (IT, accounting, finance, communication services);
- Authorized employees or partners of HOMEBAGS;
- Authorities (administrative or judicial) when legally required.
Article 7 – Data Transfers Outside the EU
No Personal Data transfers outside the European Union are intended.
If a transfer occurs, it will be subject to appropriate safeguards, such as EU standard contractual clauses,
ensuring confidentiality and compliance with regulations.
Article 8 – Rights of Data Subjects
Data Subjects have the following rights under GDPR:
- Right to information, access, and rectification;
- Right to restrict or object to processing;
- Right to data portability;
- Right to erasure (“right to be forgotten”);
- Right to define instructions on data after death;
- Right to lodge a complaint with a supervisory authority.
Article 9 – Exercising Rights
To exercise their rights, Data Subjects may contact HOMEBAGS:
Responses will be provided within one (1) month of receipt of a complete request (extendable by 2 months for complex cases).
Proof of identity may be required.
Article 10 – Third-Party Websites
If Data Subjects use links to third-party websites, HOMEBAGS recommends reviewing their privacy policies.
HOMEBAGS cannot be held responsible for third-party practices.
Article 11 – Security
HOMEBAGS implements technical and organizational measures to ensure data security, including preventing loss, alteration, or unauthorized access.
Service providers and processors are bound by these same security principles.
Article 12 – Changes to the Policy
HOMEBAGS reserves the right to update this Policy at any time.
Minor changes will be notified via a message on the Application homepage.
Substantial changes will trigger an email notification requesting renewed consent.
Users are encouraged to review this Policy regularly.
Back to homepage