Personal data protection notice Mobile

Personal data protection notice

Preamble – Introducing data privacy law

The General Data Protection Regulation (GDPR) was introduced across Europe on 25 May 2018 in order to provide Users with more transparency and stronger rights regarding their personal data.

The Company have always taken data privacy very seriously and is committed to preserve and respect User’s data privacy in accordance to applicable regulations, in particular the General Data Protection Regulation or GDPR (EU Regulation 2016/679) and the amended French law “Informatique et Libertés” of January 6th 1978.

1 – Data Controller

The company ENGIE MOBILITES ELECTRIQUES (“the Company”, “we”, “us”, “our”), Simplified Joint Stock Company with capital of 2.000.000 €, registered at the RCS of Nanterre under the number 909073363, located at Tour T1 – 1 place Samuel de Champlain – 92930 Paris la Défense Cedex France is the Data Controller relating to the management of the mobile application (“the App”) you are visiting. This policy provides all the information necessary for you to understand how your data is processed by us.

2 – Ways of personal data collection

While browsing our App, you may provide us with personal data by various means, indirectly, through cookies. For more details in this respect, please consult our Cookies Notice.

3 – Purpose of processing and legal basis

The Company may processes your data for the following purposes :

– commercial management and marketing;

– customer relations follow-up ;

– App’s optimization.

The purpose of the processing is indicated to our User before data collection.

The legal basis on which we ground our processings, as described above, depends on the personal data collected and the context of its collection. The Company may process your personal data on consent basis, or based on our legitimate interest or to ensure compliance with a legal obligation or as part of a contractual obligation.

4 – Types of personal data collected and application of minimization principle

While you are logged on to the App, you may provide us with personal data such as:

– Data relating to navigation (date, time, IP address, page consulted, device used, etc.)

5 – Data recipients

Personal data is processed only by authorized recipients. These recipients may be internal to the Company. Other entities of the ENGIE Group or third parties involved in the achievement of the purpose of the processing may also be data recipients.

In certain cases, the Company may be required to communicate data to authorized third parties not directly involved in the processing, for example :

– To comply with a legal obligation (CNIL, …);

– To protect and defend our property rights (legal consels, …);

– To prevent harm to the App;

– To ensure the safety of User’s personal data.

6 – Data retention period

User’s personal data is kept only for the time required for the corresponding purposes.

Data retention periods are organized in three different stages :

1. storage in an active database accessible only to duly authorized employees ;

2. storage in an intermediate database, with restricted access to a few employees (generally less than 10 persons), for a specific period of time in accordance with the legal obligations in force;

3. permanent erasure of your personal data from our devices.

You will be reminded of the applicable retention period when the data is collected.

7 – Security and confidentiality of your data

In its capacity as data controller, the Company implements all appropriate technical and organizational measures to ensure the security and confidentiality of your personal data and, in particular, to prevent it from being distorted, damaged or accessed by unauthorized third parties, taking into account the state of knowledge, the costs of implementation and the nature, scope, context and purposes of the processing.

8 – Subcontractors

The Company may use service providers and other third parties to facilitate, maintain, improve, analyze and secure the use of the App. These service providers may have access to your personal data for the sole and exclusive purpose of performing the tasks the Company assigned via specific contractual instruction. In accordance with article 28 of the GDPR, the Company ensures that service providers have the necessary guarantees to carry out the tasks entrusted to them and to ensure the protection of your data.

9 – Data transfer guarantees

Your personal data may be processed outside the European Union by some of our service providers (see on this point 8 – Subcontractors).

The Company takes all necessary measures to protect your personal data and ensures that no transfer is made to a country or entity that does not provide sufficient guarantees. For example, through the signature by the recipient, on a case-by-case basis, of contractual standard clauses based on the European Commission’s model or any other mechanism provided for by the GDPR when the recipient country is not considered by the European Commission as providing an adequate level of protection.

10 – Your rights

In accordance with applicable regulations, you may request the correction or erasure of your data. You may also exercise your rights of opposition, limitation and data-portability. Finally, you have the right to define general and specific directives defining how you want your data to be managed after your death.

You may exercise all and any of these rights by contacting us at: rgpd.vianeo@engie.com. You will be asked to provide proof of your identity.

We will do our utmost to respond to your request as soon as possible and at the latest within one month of receipt. We reserve the right to extend this period to three months if your request is particularly complex.

You are also hereby informed that you may submit a request to the CNIL (Commission Nationale de l’Informatique et des Libertés, the French Data Protection Authority). You may access its site at https://www.cnil.fr/fr.

11- Updates

The Company may update this Notice on the Personal Data Protection at any time. Consequently, the User is invited to regularly refer to this Notice.

Last update : 8th of June 2023.