Heliorec S.A.S. is committed to safeguarding your privacy.
We ensure that your personal data, as defined below, is collected and processed in compliance with the provisions of (i) French law no. 78-17 of 6 January 1978 on data processing, data files and individual liberties and (ii) the Regulation no 2016/679 of the European Parliament and of the Council of 27 April 2016 (the “GDPR”).
This document describes how and why we may collect, use, store, share your information when you use our services (“Services”):
visit our website www.heliorec.com, or our pages on social media channels (Facebook, Twitter, Instagram, Linkedin) or other websites that link to this policy.
communicate with us in other ways (email, phone, chat services (Facebook, Tweeter, Instagram, Linkedin) or use our web-chat service on our website).
click on our online advertisements.
Table of Content:
Definitions used in this Policy
Data protection principles we follow
What rights do you have regarding your Personal Data?
What Personal Data we gather about you?
What are the purposes of such collect?
How long do we keep your Personal Data?
Who else has access to your Personal Data?
How we secure your Personal Data?
Cookies and other technologies we use
The words of which the initial letter is capitalized have meanings defined under the following conditions. The following definitions shall have the same meaning regardless of whether they appear in singular or in plural.
Children – natural persons under 16 years of age.
Data subject – a natural person whose Personal Data is being Processed.
Personal Data – any information relating to an identified or identifiable natural person.
Processing – any operation or set of operations that is performed on Personal Data or on sets of Personal Data.
Social media platforms – Facebook, Instagram, Tweeter, Linkedin, Pipedrive, webchat.
Transfer – transfer of Personal Data to a third country or an international organisation.
We/us/our (either capitalized or not) – HELIOREC S.A.S.
2. Data Protection principles
We ensure that:
Processing is lawful, fair, and transparent. Our Processing activities have lawful grounds. We always consider your rights before Processing Personal Data. We will provide you with information regarding Processing upon request.
Processing is limited to the purpose, as described below. Our Processing activities fit the purpose for which Personal Data was gathered.
Processing is done with minimal data. We only gather and Process the minimal amount of Personal Data required for any purpose.
Processing is limited . We do not store your Personal Data for longer than needed.
We will do our best to ensure the accuracy of the Personal Data.
We will do our best to ensure the integrity and confidentiality of Personal Data.
3. Data Subject’s rights
The Data Subject has the following rights:
Right to information – meaning you have the right to know whether your Personal Data is being processed; what data is gathered, from where it is obtained and why and by whom it is processed.
Right to access – meaning you have the right to access the data collected from/about you. This includes your right to request and obtain a copy of your Personal Data gathered.
Right to rectification – meaning you have the right to request rectification or erasure of your Personal Data that is inaccurate or incomplete.
Right to erasure – meaning in certain circumstances you can request for your Personal Data to be erased from our records.
Right to restrict processing – meaning where certain conditions apply, you have the right to restrict the Processing of your Personal Data.
Right to object to processing – meaning in certain cases you have the right to object to the Processing of your Personal Data, for example in the case of direct marketing.
Right to object to automated Processing – meaning you have the right to object to automated Processing, including profiling; and not to be subject to a decision based solely on automated Processing. This right you can exercise whenever there is an outcome of the profiling that produces legal effects concerning or significantly affecting you.
Right to data portability – you have the right to obtain your Personal Data in a machine-readable format or if it is feasible, as a direct transfer from one Processor to another.
Right to lodge a complaint – in the event that we refuse your request under the rights to access, we will provide you with a reason as to why. If you are not satisfied with the way your request has been handled, please contact us.
Right for the help of supervisory authority – meaning you have the right for the help of a supervisory authority and the right to other legal remedies such as claiming damages. In France, the supervisory authority is the “Commission nationale de l'informatique et des libertés” (“CNIL”) and you can lodge a complaint at https://www.cnil.fr/fr/plaintes.
Right to withdraw consent – you have the right to withdraw any given consent for the Processing of your Personal Data, and/or to unsubscribe from marketing communications.
4. Data we collect
4.1. Information you provided us with
This might be your:
any other details that you willingly provide/submit in the “Get Started” and “Subscribe to Our Newsletter” forms or via email or Social media platforms (Facebook, Linkedin, Tweeter, Instagram direct messages) – i.e. information that is necessary for delivering our Services or to enhance your customer experience with us.
We save the information you provide us in order to contact you and provide you with an informative response regarding your inquiry. This information includes, for example, your name, username, e-mail address, phone number, and non personal information such as available water area for solar panels in m² or ft², water depth, wave-data, wind-data, currents, average monthly energy consumption, country for the installation, coordinates of desired solar power installation (Latitude & Longitude) and any other information that you willingly provide in the contact form, via email or Social media platforms.
4.2. Sensitive information
We do not process sensitive information.
4.3. Information automatically collected about you
When you use our Services or look at the contents of our website, your activities may be anonymised and logged. This includes information that is automatically stored by cookies and other session tools. This information does not reveal your identity (i.e. name or contact details), however may include details about your device and usage – i.e. browser, timing and time spent, operating system, referring URLs, searches, the pages you view, as well as country, location and other technical information. This information is used to maintain our services, improve general customer experience, analytics and for internal reporting.
4.4. Information from our partners
We may gather limited information from our trusted partners with confirmation that they have legal grounds to share that information with us.
This is either information you have provided them directly with or that they have gathered about you on other legal grounds.
4.5. Publicly available information
We might gather information about you that is publicly available.
5. Purpose and legal basis of the Processing
We use your Personal Data on the grounds of (i) the performance of the contract, (ii) our legitimate interest and/or (iii) with your consent.
We use your Personal Data to:
> provide and improve our Services. This includes for example answering your query; providing you with products and services that you have requested; providing you with promotional items or information at your request and communicating with you in relation to those products and services; communicating and interacting with you; and notifying you of changes to any services.
> enhance your customer experience, request feedback, monitor usage trends, evaluate effectiveness of our marketing campaigns.
> send you marketing and promotional communication material, provided that we have your consent (subscription via website, email, or messaging platforms), we may send you occasional marketing materials. You can always opt out of these, by replying “unsubscribe” or clicking a designated unsubscribe link in our emails.
> administer and analyse our client’s base in order to improve the quality, variety, and availability of products/services offered/provided.
> offer you products/services that are similar or same to your purchasing history/browsing behaviour to be our legitimate interest.
We reserve the right to anonymise your Personal Data gathered and to use such data. We may use data outside the scope of this Policy only when it is anonymised.
6. How long do we keep your Personal Data?
6.1. Contractual liability in case of litigation and in accordance with legal and regulatory obligations - five (5) years after termination of the contract.
6.2. Analysis purposes - Navigation data are kept for no longer than six (6) months. Anonymized data can be kept with no limitation.
6.3. Administrative purposes - ten (10) years (for invoicing data, in accordance with the French Code of commerce).
6.4. Commercial purposes - information relating to a prospect will be kept for three (3) years after the date of the last message from the prospect, as per the CNIL’s recommendation.
7. With whom do we share your Personal Data?
We do not share your Personal Data with strangers.
Your Personal Data is in some cases transferred to trusted partners in order to provide the Services or enhance your customer experience.
We process your Personal Data with our service providers:
Wix (newsletter service).
Google Analytics (monitoring of performance of our website services).
Google Tag Manager (monitoring of anonymous user behavior for improvement of our services and marketing).
Google Ads (remarketing).
SendPulse (chatbot service).
Pipedrive (customer relations management).
We only work with service providers able to ensure adequate level of protection of your Personal Data in accordance with data protection laws. No transfer of Personal Data will take place to an organization or a country unless there are adequate controls in place.
We may also need to share your Personal Data under the following circumstances: merger, sale of company assets, financing, acquisition of our business to another company (partial or complete).
We disclose your Personal Data to third parties or public officials when we are legally obliged to.
8. How we secure your Personal Data?
We do our best to keep your Personal Data safe.
We only use safe protocols for communication and transferring Personal Data.
We use organizational and technical security measures such as anonymising and pseudonymising where suitable.
We monitor our systems for possible vulnerabilities and attacks.
You must keep in mind that the Internet and methods of electronic storage are not completely secure. While making its best efforts, we cannot guarantee its absolute security. You should only access the Services within a secure environment.
However, we promise to notify suitable authorities of data breaches. We will also notify you if there is a threat to your rights or interests. We will do everything we reasonably can to prevent security breaches and to assist authorities should any breaches occur.
If you have an account with us, note that you have to keep your username and password secret.
9. Cookies and other technologies we use
Only we can access the cookies created by our website.
We use necessary cookies, advertising cookies, statistical cookies and other services to facilitate your browsing, optimise technical management, compile visit statistics, and analyse traffic on our website.
You are fully free to accept or refuse all cookies but also to personalise your preferences and your consent may be withdrawn at any time.
You can control your cookies at the browser level.
Choosing to disable cookies may hinder your use of certain functions of our website and/or reduce its availability. We cannot be held responsible for these malfunctions.
10. Contact information - Data Protection Officer