Privacy Policy

Blueshore (publisher of Luxury Villas St Barth, hereafter "we", "us", "the company") is committed to protecting your personal data. This policy explains what we collect, why, how long we keep it, and what rights you have under the EU General Data Protection Regulation (GDPR) and applicable French law.

Who is the data controller

The data controller is Blueshore (Entrepreneur individuel, SIREN 903 437 317), Route de Pointe Milou, 97133 Saint-Barthélemy, France. Contact for privacy questions: privacy@luxuryvillasstbarth.com.

What data we collect

We collect only the data you provide voluntarily, through:

• The Reservation Desk chat: your typed messages, which may include your name, dates, group size, preferences.
• The contact form: name, email or WhatsApp number, dates, group composition, message.
• Our newsletter (if you subscribe): email address only.

We do not use Google Analytics, Facebook Pixel, or any cookie-based tracking. Our analytics provider is Plausible Analytics, which is privacy-friendly, cookieless, and GDPR-compliant. Plausible captures only aggregated, anonymous traffic data (page views, referrers, country) without identifying individual visitors.

Why we collect it (legal basis)

• Pre-contractual relationship (GDPR Art. 6.1.b): we use your contact and preferences to send you villa proposals and arrange your stay.
• Legitimate interest (GDPR Art. 6.1.f): we maintain a record of past inquiries for follow-up and to improve our service.
• Consent (GDPR Art. 6.1.a): for the newsletter and any marketing communication. You may withdraw consent at any time.

How long we keep it

• Reservation Desk and contact form submissions: 3 years from last interaction.
• Confirmed bookings: 10 years (French accounting and tax obligations).
• Newsletter subscribers: until you unsubscribe.

Who receives it

Your data is accessed only by the small team operating Blueshore. We share it with:

• Villa owners and managers on the island, only when you proceed to book a specific villa.
• Technical service providers who help us operate:
  • Netlify (USA): hosting the website
  • Cloudflare (USA): chat service infrastructure
  • Supabase (EU): database for inquiries
  • Brevo (France): email marketing platform
  • Anthropic (USA): AI model powering the Reservation Desk chat

Some of these providers are based outside the EU. They have committed to appropriate safeguards (Standard Contractual Clauses, EU-US Data Privacy Framework) as required by GDPR.

Your rights

Under GDPR, you have the right to:

• Access the data we hold about you
• Rectify inaccurate or incomplete data
• Erasure ("right to be forgotten")
• Restrict processing
• Data portability (receive your data in a structured format)
• Object to processing based on legitimate interest
• Withdraw consent at any time, where consent is the legal basis
• Lodge a complaint with the CNIL (French data protection authority) at cnil.fr

To exercise any of these rights, contact privacy@luxuryvillasstbarth.com or write to our registered office at Route de Pointe Milou, 97133 Saint-Barthélemy, France.

Cookies and tracking

This site uses no marketing cookies and no tracking cookies. Plausible Analytics is cookieless. The only client-side storage we use is sessionStorage for technical purposes (remembering whether the page loader has played in the current browser session). This storage is cleared when you close the tab and identifies nothing.

Security

We use HTTPS encryption across the entire site. Form submissions and chat exchanges are transmitted over TLS. Our database (Supabase) is encrypted at rest. We restrict access to your data on a strict need-to-know basis.

Updates

We may update this policy to reflect changes in our practices or legal requirements. The current version is dated below. Significant changes will be communicated by email to active contacts.

Last updated: May 2026.