Return to
Home
Affiliate Sites Search
Contact Français

Privacy Policy

Privacy Policy

Effective Date [2021, March, 19th]

  1. Introduction

[EDF Renewables], whose registered office is located at 100, esplanade du Général de Gaulle 92932 Paris la Défense Cedex (hereinafter the "Company" or "We"), acting as independent data controller, entity of the EDF RE Group (hereinafter the “Group”) would like to inform you about the methods of processing (i.e. collection, use and sharing) of your personal data, through this website (hereinafter the "Website") and the use of associated services (hereinafter "Services"), in accordance with applicable laws and regulations on the protection of personal data, in particular: (i) Law No 78-17 of 6 January 1978 on Data Processing, Data Files and Individual Liberties and Law No 2018-493 of 20 June 2018 on the protection of personal data; (ii) Regulation (EU) 2016/679 dated April 27, 2016 (hereinafter "GDPR"), which came into force on May 25, 2018; and (iii) any other normative act, decree, regulation or provision that would be enacted by a competent national or European supervisory authority (hereinafter collectively referred to as the "Applicable Data Protection Regulations").

  1. What is the scope of this policy?

The Company is processing personal data (that is, any information related to an identified or identifiable person, called "Data Subject") that concern you, processed through the Website and for the use of the Services, under the conditions set out in this policy ("Privacy Policy").

This Privacy Policy, as well as the Cookie Policy, available here, concerns all users, including those who use the Website and the Services without being registered or subscribed to a specific service (hereinafter collectively "Users").

  1. What types of personal data do we collect?

The Company collects (1) registration data; (2) data that you have voluntarily shared with the Company; (3) navigational data related to access and use of the Website and Services; and (4) other miscellaneous information. In particular, the Company collects the following information:

  • Registration Data: collected through the registration form.
  • Personal Data that you voluntarily share with the Company: the Company may collect your personal data (e.g. first name, last name, email, address, telephone number, etc.) when you submit a request via an online form on the Website or when you use our Services;
  • Navigation data: when you access and use the Website or the Services, the Company may collect information about these visits. For example, in order to establish your connection to the Website or Services, our servers receive and record information about your computer, device, and browser, which may include, but is not limited to, IP address, browser type, and other information about computer software or hardware. If you access the Website or the Services from a cell phone or other device, the Company may collect the unique identifier of the device, location data, and other identifying information about that device. Information may also be collected via cookies and other tracking technologies (such as browser cookies, retargeting cookies, audience metrics, web beacons, and Adobe Flash technologies etc.). These technologies may also be used to collect and store information about your use of the Website or Services, such as the pages you visited, the online content you viewed, the web searches you performed, and the advertisements you saw. For more information, please visit our Cookie Policy available here.

We do not collect :

  • Financial data from a secure payment service provider: In some cases, the Company may use a non-affiliated payment service to enable you to purchase a product or make payments. In such cases, the processing of the information you provide will be governed solely by the payment service provider's privacy policy, and not by this Privacy Policy.
  • Special Categories of Personal Data: We ask you not to disclose or communicate to us data considered as Special Categories of Personal Data or assimilated by the CNIL (including social security number, offence data, ethnic origin, political opinions, religions and beliefs, health data or trade union membership) through our Website, Services or by any other means.

Associated Services. The Services may be associated with websites published by third party companies not affiliated with the Group, and may include advertisements, offer online content, and provide features, games, newsletters, contests or lottery, or applications developed by third party companies. The Company is not responsible for the privacy practices of such third party companies. Once you leave the Services or click on an advertisement, it is your responsibility to check the applicable Personal Data protection policy for that other service.

  1. For what purposes do we collect your personal data?

We process your personal data:

  1. To enable you to use the Website and Services;
  2. To evaluate and improve our Services and the functionality of the Services;
  3. To improve your experience using the Website and Services;
  4. Provide you with customer support and respond to your inquiries;
  5. To comply with legal obligations (including obligations related to the provision of the Services), or to respond to requests from public and governmental authorities;
  6. To serve the interests of the Company; in certain cases, the Company may disclose your personal data, including when the Company believes in good faith that such processing is necessary to : (i) protect, exercise, or defend the rights, privacy, safety, security, or property of the Company or its employees, agents and contractors (including the performance of our contracts and terms and conditions of use); (ii) protect the safety, privacy and security of Users or the public; (iii) protect against fraud or for risk management purposes;
  7. Subject to your prior consent, if necessary, to carry out commercial prospecting operations with you, in accordance with your personal preferences and choices;
  8. Subject to your consent, to share your personal data with our trusted business partners, including other Group entities, to enable them to send you messages of a commercial nature.

 

5. On what legal basis do we process your personal data?

  • The purposes of processing presented in section 4 (a) to section 4 (f) of this Privacy Policy are in principle based on the legitimate interest of the data controller for the purposes of operating the Website, responding to Users' requests and providing the Services. With regard to certain cookies that may be used, the processing is based on the consent of the Data Subjects;
  • The purpose of processing presented in section 4(e) of this Privacy Policy is based on applicable legal and regulatory obligations;
  • The purpose of processing presented in section 4(f) of this Privacy Policy is based on the legitimate interest of the Company or the applicable legal and regulatory obligations;
  • The purposes of processing set out in sections 4(g) and 4(h) of this Privacy Policy are carried out on the basis of your consent where required.
  1. How long are your personal data retained?

The Company retains your personal data for as long as it is necessary for the fulfillment of the purposes described in section 4 above.

Your personal data are kept:

  • For the time strictly necessary for the Use of the Website, the Services, or for the needs of the Company, and for a maximum of 3 years from the date of collection in the absence of a contract with the Company;
  • In case of conclusion of a contract or an order, within the framework of the Services or otherwise, during the entire period of the contractual relationship, then kept in intermediate archives for a period corresponding to the possible warranty period to which is added the applicable legal prescription period (5 years in most cases);
  • For a period of 25 months from the installation/creation of cookies.
  1. How do we process your personal data?

The personal data are processed both manually and electronically and is protected by appropriate security measures. In this respect, although the Company uses appropriate administrative, technical and organizational measures to protect personal data against theft, loss, unauthorized use, disclosure or modification, it cannot guarantee that it will be able to protect itself against all existing IT risks.

  1. Who has access to your personal data?

Within the framework of the purposes of processing presented in section 4 of the Privacy Policy, your personal data are communicated internally within the Company, to [EDF Renewables]. if applicable within the Group, to the customer service, the marketing/commerce department and the communication department:  The Company may also communicate your personal data to the following recipients:

  • Other entities of the Group, as the case may be;
  • Third party service providers, subcontractors (i.e. IT service providers, service providers related to the Services - for illustrative purposes, and without this list being exhaustive, experts, consultants and lawyers, companies involved in potential mergers, demergers or other transformations);
  • Competent national authorities: in order to comply with the law in force;
  • Trusted business partners: subject to your consent. The fields of activity to which these third parties may belong are, in particular, the following: (i) energy, (ii) [industry]; etc.
  1. Are your personal data transmitted abroad?

Your personal data may be transferred to other EDF RE’s entities and service providers acting on its behalf that are located within the European Union.

We make transfers of personal data to service providers acting on our behalf to non-EEA countries.

  1. Minors under 15 years of age

The Website does not address or offer Services to individuals under the age of 15, and the Company does not knowingly collect personal data from individuals under the age of 15 or minors in general.

  1. What are the applicable security measures?

The Company implements all appropriate technical and organizational security measures to ensure a level of personal data security appropriate to the risk, and in particular, to protect data against accidental or unlawful destruction, loss, damage, disclosure or unauthorized access.

The same level of protection is contractually imposed by the Company on all its subcontractors. Any employee of the Company who, in the course of his or her duties, may have access to your personal data undertakes to hold it in a strictly confidential manner.

  1. What are your rights with regard to personal data?

In accordance with the Applicable Data Protection Regulations, depending on the situation, you have a right to request access, rectification, erasure and the portability of your personal data and to request the limitation or object to the processing of your personal data as well as to withdraw your consent at any time. You have the possibility to give us instructions concerning the use and disclosure of your personal data (retention, erasure, third party transfer, etc.) after your death. You may exercise these rights by writing to the following e-mail address: privacy@edf-en.com.

However, you are informed that your objection may, in practice and depending on the case, affect or make it impossible to take into account your request for information, registration or use of the Services offered on the Website.

You also have a right to lodge a complaint against a supervisory authority such as the Commission Nationale de l’Informatique et des Libertés, “CNIL”, in the event of a breach of the Applicable Data Protection Regulations.

  1. Modifications and updates

The Privacy Policy will be effective as of the effective date indicated in the introduction. The Company reserves the right to modify or supplement this document, in particular in the event of changes in the regulations applicable to the protection of personal data.

Any modification of this Privacy Policy will be notified to you by the Company before it comes into force and will in any case be available in its modified version once published on our Website.

  1. Data Protection Officer

EDF RE has appointed a Data Protection Officer ("DPO") whom you may contact for any questions relating to the processing of your personal data and to exercise your rights.

Name of the DPO: Nicolas Vanoudendycke

DPO contact information: privacy@edf-en.com