The Maison Collections Elys Book Collaborate Contact

Privacy Policy

Last Updated: January 22, 2026

1. Introduction

Welcome to Once Maison. We are committed to protecting your personal data and respecting your privacy. This Privacy Policy explains how we collect, use, store, and protect your personal information when you use our website and services, in compliance with the General Data Protection Regulation (GDPR) and other applicable data protection laws.

Data Controller:

Once Maison

Email: privacy@oncemaison.com

Address: [Your Business Address]

2. What Data We Collect

We collect and process the following types of personal data:

2.1 Information You Provide to Us

  • Contact Information: Name, email address, phone number, postal address
  • Travel Preferences: Destination interests, travel dates, budget, special requirements
  • Communication Data: Messages you send us through contact forms or email
  • Booking Information: Travel itinerary details, payment information (processed securely through third-party payment providers)
  • Partner/Collaboration Information: Business details, proposals, partnership inquiries

2.2 Information We Collect Automatically

  • Technical Data: IP address, browser type and version, device type, operating system
  • Usage Data: Pages visited, time spent on pages, links clicked, referral sources
  • Cookies and Similar Technologies: See our Cookie Policy for details

3. How We Use Your Data

We use your personal data for the following purposes:

  • Providing Services: To process your travel bookings, design custom itineraries, and deliver our services
  • Communication: To respond to your inquiries, send booking confirmations, and provide customer support
  • Personalization: To tailor our services and recommendations to your preferences
  • Marketing: To send you promotional materials about our collections and services (only with your consent)
  • Analytics: To understand how visitors use our website and improve our services
  • Legal Compliance: To comply with legal obligations and protect our rights

Legal Basis for Processing

We process your data based on:

  • Consent: When you provide explicit consent (e.g., marketing communications, cookies)
  • Contract Performance: When necessary to fulfill our services to you
  • Legitimate Interest: When necessary for our business operations and your interests are not overridden
  • Legal Obligation: When required by law

4. How We Store and Protect Your Data

We implement appropriate technical and organizational security measures to protect your personal data:

  • Secure SSL/TLS encryption for data transmission
  • Access controls and authentication for data systems
  • Regular security assessments and updates
  • Data minimization - we only collect what's necessary
  • Staff training on data protection and security

Data Storage Locations

Your data is stored using the following services:

  • Form Submissions: Airtable (GDPR compliant, Data Processing Agreement in place)
  • Email Communications: [Your email provider, e.g., Gmail with Google Workspace]
  • Analytics: Google Analytics 4 (with IP anonymization and consent mode enabled)
  • Website Hosting: [Your hosting provider]

Data Retention

We retain your personal data only as long as necessary for the purposes outlined in this policy:

  • Active Inquiries: Duration of the inquiry plus 2 years
  • Completed Bookings: 7 years (for tax and legal compliance)
  • Marketing Consent: Until you withdraw consent or 3 years of inactivity
  • Analytics Data: 14-26 months (Google Analytics retention settings)

5. Third-Party Services

We may share your data with trusted third-party service providers:

  • Airtable: Form data storage and CRM
  • Google Analytics: Website analytics (anonymized)
  • Email Service Providers: For communication purposes
  • Payment Processors: For secure payment processing (we do not store full payment card details)
  • Travel Partners: Hotels, airlines, tour operators (only data necessary for bookings)

All third-party providers are carefully selected and required to comply with GDPR and maintain appropriate security measures.

6. Your Rights Under GDPR

As a data subject, you have the following rights:

  • Right to Access: Request a copy of the personal data we hold about you
  • Right to Rectification: Request correction of inaccurate or incomplete data
  • Right to Erasure: Request deletion of your personal data ("right to be forgotten")
  • Right to Restrict Processing: Request limitation on how we process your data
  • Right to Data Portability: Receive your data in a structured, commonly used format
  • Right to Object: Object to processing based on legitimate interests or for marketing purposes
  • Right to Withdraw Consent: Withdraw consent at any time (without affecting prior processing)
  • Right to Lodge a Complaint: File a complaint with your local data protection authority

To exercise any of these rights, please contact us at privacy@oncemaison.com. We will respond within 30 days.

7. Cookies and Tracking Technologies

We use cookies and similar technologies to enhance your browsing experience. For detailed information about the cookies we use and how to manage them, please see our Cookie Policy.

8. International Data Transfers

Your data may be transferred to and processed in countries outside the European Economic Area (EEA). When we do so, we ensure appropriate safeguards are in place, such as:

  • Standard Contractual Clauses (SCCs) approved by the European Commission
  • Adequacy decisions by the European Commission
  • Privacy Shield certification (where applicable)

9. Children's Privacy

Our services are not directed to individuals under the age of 18. We do not knowingly collect personal data from children. If you believe we have collected data from a child, please contact us immediately.

10. Marketing Communications

We may send you marketing communications if you have:

  • Given us explicit consent to receive marketing materials
  • Provided your information when inquiring about our services (soft opt-in)

You can unsubscribe from marketing communications at any time by:

  • Clicking the "unsubscribe" link in any marketing email
  • Contacting us at privacy@oncemaison.com
  • Updating your communication preferences in your account settings (if applicable)

11. Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our practices or legal requirements. We will notify you of any material changes by posting the updated policy on our website and updating the "Last Updated" date. We encourage you to review this policy periodically.

12. Contact Us

If you have any questions, concerns, or requests regarding this Privacy Policy or our data practices, please contact us:

Data Protection Officer / Privacy Contact

Email: privacy@oncemaison.com

Address: Once Maison, [Your Business Address]

Response Time: We aim to respond to all inquiries within 30 days

13. Data Protection Authority

If you believe your data protection rights have been violated, you have the right to lodge a complaint with your local data protection authority:

Cookie Preferences

We use different types of cookies to optimize your experience on our website. You can choose which categories you'd like to allow.

Essential Cookies

Always Active

These cookies are necessary for the website to function and cannot be switched off. They are usually set in response to actions you take, such as setting privacy preferences or filling in forms.

Analytics Cookies

These cookies help us understand how visitors interact with our website by collecting and reporting information anonymously.

Marketing Cookies

These cookies track your online activity to help advertisers deliver more relevant advertising or to limit how many times you see an ad.

Functional Cookies

These cookies enable enhanced functionality and personalization, such as videos and live chats.