Energy Digital Platform Services SASU (“EDPS”) respects the privacy of the users of its online services and ensures that the personal data collected will be processed in full compliance with applicable legislation and in particular with the General Data Protection Regulation no. 2016/679 (“Privacy Regulation”).
1. Services provided by the YEM Website
On the YEM Website, the user can access dedicated information and services. These services are freely accessible or subject to registration on the YEM Platform; these services are both didactic/informative (content and data published by EDPS) and customised (management of user requests, which are also forwarded by entering Data in the relevant grids).
2. Data controller and other persons involved in the processing of data
The data controller (“Owner”) of the Data collected through the YEM Website is EDPS, with registered office at 14-16 rue Touzet Gaillard 93400 Saint-Ouen, France, which may be contacted by email on the following email address: firstname.lastname@example.org.
3. Categories of processed data, purposes of processing and nature of the data provision
Type of data collected and processing purposes related to the use of the YEM Website
Through the YEM Website, the Owner collects and processes the following Data:
(c) Data voluntarily provided by the user for specific services: Data voluntarily provided by the user for service contact (contact details: such as email, landline telephone number and/or mobile telephone number), are processed by EDPS by electronic means (email) and traditional means (telephone) to provide the requested service, in particular to provide the user with commercial information. The data provided by the user for the use of the newsletter service are processed by electronic means (email) in order to provide the user with the requested service. The provision of data for this purpose is optional. However, failure to provide such data may prevent EDPS from providing the service and the requested response.
Further processing purposes
(d) Advertising, trade and marketing: with the prior specific consent of the user, the Data may be processed by the Data Controller and by “external data controllers”, by electronic means (such as sms, instant messaging, email, etc.), by traditional means (such as mail, telephone), as well as for the following purposes: i) sending/communication by EDPS of advertising, informative, promotional material on new products/services with the YEM brand from EDPS itself or reporting of company events or participation in webinars, as well as carrying out market studies and statistical analyses; ii) direct sale and/or placement by EDPS of products/services with the YEM brand, benefits and promotions.
(e) Profiling: With the prior specific consent of the user, the Data may be processed to detect and analyze preferences, habits, behaviors, interests inferred, for example, from online clicks on articles/sections of the YEM Website, in order to send you personalized commercial communications/to carry out targeted promotional actions, business intelligence activities. Data processing for profiling purposes will be carried out, in case of consent, by means of data processing tools which, on the basis of cross-referencing, will create a commercial and behavioural profile of the user. This data processing tool links the Data collected during the user’s browsing on the YEM Website by the means of first party profiling cookies accepted by the user, with the other collected Data. Furthermore, such Data and/or information, will be associated with any additional Data and/or information already held by EDPS as a result of the subscription to the services provided by the YEM Website.
4. Data source, processing methods and categories of recipients
Processing is carried out by means of automated tools (e.g. by using electronic procedures and media) and/or manually (e.g. on paper) for the time strictly necessary to achieve the purposes for which the Data was collected and, in any case, with the adoption of specific security measures to avoid any Data violation, such as loss of Data, unlawful or incorrect use and unauthorised access. However, such measures, due to the nature of the online transmission medium, cannot limit or exclude in absolute terms any risk of unauthorised access or dispersion of the Data. That is why, it is advisable to periodically check that your computer is equipped with software devices suitable for the protection of the network transmission of Data, both incoming and outgoing (such as updated antivirus systems) and that the Internet service provider has adopted suitable measures for the security of the network transmission of Data (such as firewalls and anti-spamming filters).
The Data may be known (i) by the employees and/or collaborators of EDPS, due to the company’s function, who operate as subjects authorised by the Data Controller and are duly instructed by the same; (ii) by the employees and/or collaborators of companies controlled by/ affiliated to EDPS, again as subjects authorised and instructed by the aforementioned Data Controller; (iii) by third parties (suppliers of technical, technological, mailing services, and other suppliers of services using the services provided by the YEM Website).
The Data will be mainly processed in France; however, some processing activities may be carried out in other countries, both within and outside the European Union, ensuring the necessary standards of protection required by national and supranational legislation, such as, in the case of transfer of Data to non-EU countries, 4 Assas Junior Conseil Tous droits réservés
the adoption of Standard Contractual Clauses approved by the European Commission (Decisions no. 2004/915/EC and no. 2010/87/EU).
To request any information concerning the processing of the Data, as well as a complete list of the appointed “data processors”, or to obtain a copy of the Data transferred abroad or to know their geographical location, you can write to the Data Controller on the following email address: email@example.com.
5. Legal basis for the processing and retention period of the Data
(i) the processing of the Data necessary to access the YEM Platform referred to in point 3 (b) is based on the contractual obligation assumed by EDPS to provide such services, including the fulfilment of the relevant pre-contractual obligations, such as support in the preliminary phase of registration to the YEM Platform;
(ii) the processing of data relating to the services referred to in point 3(c) is based on EDPS’s legitimate interest in providing the services, responses and information requested by the user.
The Data collected for the services referred to in point 3(c) above will be processed for the time strictly necessary to carry out the requested activity.
Data processed for the marketing purposes referred to in point 3(d) will be stored for a period not exceeding 24 months after collection.
The Data processed for profiling purposes referred to in point 3(e) will be stored for a period not exceeding 12 months after collection.
6. Rights of the interested parties
(Articles 15, 16, 17, 18, 20 and 21 of the Privacy Regulations)
Users, in their capacity as “interested parties”, have the right to access their data at any time, in particular to obtain confirmation of their existence or non existence and to know their content and origin. They also have the right to verify their accuracy or request their integration, updating, rectification, limitation of processing, cancellation, transformation into an anonymous form or blocking, if the Data are processed in violation of the law. They have the right to oppose in any case, for legitimate reasons, their processing. Furthermore, they have the right to request the portability of the Data, to lodge a complaint with the Control Authority and to oppose at any time the use of the Data for the purposes referred to in points 3(d) and 3(e), as well as to revoke the relative consent, if given. Requests may be addressed to the attention of the Data Controller at the addresses indicated in point 2 above.