Compliance with Data protection Law
Enovos acknowledges and undertakes to comply with the laws and regulations governing the processing of personal data, including, but not limited to, the Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data (designated “GDPR”) and any other national applicable laws or regulations governing the processing of any personal data.
Data protection officer
Enovos acts as data controller and has appointed a data protection officer.
The data protection officer appointed by Enovos shall be contacted by using the following information:
Personal identification information
Enovos may collect personal identification information from Users in a variety of ways, including, but not limited to, when Users visit Enovos websites, register on such websites, fill out a form, sign a contract, purchase a product and in connection with other activities, applications and Services proposed by Enovos. Users may be asked for, as appropriate, name, date of birth, email address, mailing address, phone number, etc. In the framework of certain Services, Enovos may also collect data relating to energy consumption of the Users in order to benefit from such particular Services.
Non-personal identification information
Enovos may collect non-personal identification information about Users whenever they use an Enovos website or application or other online service. Non-personal identification information may include technical information about Users means of connection, such as the operating system and the Internet service provider utilized, geographical information such as country of origin, behavioral information such as time spent on the website, as well as further non-personal analytical data to improve customer experience, products and services.
Each User recognizes and accepts that the performance of the Services may depend on the collection and processing of personal identification information and non-personal identification information.
Web browser cookies
How Enovos uses collected information
Principally, personal and non-personal identification information is used to provide the Users with the Services and to insure a full efficiency of the Services they have registered for or they requested in any other manner.
In this framework, Enovos may collect and use Users’ personal and non-personal identification information for the following purposes:
- To improve Services: Information Users provide will help Enovos respond to certain Users’ requests.
- To personalize User experience: Enovos may use non-personal identification information to understand how Users as a group use Enovos’ Services.
- To improve Enovos’ websites and other internet presence as well as other communication tools or tools for specific Services: Enovos may use feedback Users provide to improve its products and services.
- To send periodic emails and other text messages and/or notifications: Enovos may use the email address or mobile phone number provided by Users to respond to inquiries, questions, and/or other requests. If Users decide to opt-in to Enovos notification list, they will receive periodic information that may include energy summaries (for certain Services), company news, updates, related product or service information, private sales, information from Enovos service providers on joint projects etc.(the “Periodic Information Service”). In the case that, at any time, Users would like to unsubscribe from the Periodic Information Service, Enovos includes detailed unsubscribe instructions at the bottom of each such email or other text message.
How Enovos protects personal identification information
Enovos adopts appropriate data collection, storage and processing practices and security measures to protect against unauthorized access, alteration, disclosure or destruction of Users’ personal identification information within the limits of Enovos’ role with respect to the relevant Services (as certain specific services might be rendered by third parties).
Sharing personal information
However, Users’ non-personal identification information may be provided to third parties for marketing, advertising, or other uses.
- as long as we maintain an ongoing relationship with you (e.g., where you are a recipient of our services, or you are lawfully included in our mailing list and have not unsubscribed);
- until the expiry of a period of a two(2)-months’ period following the end of any applicable limitation period under applicable law; and
- with your prior consent, until the expiry of any additional retention period.
Enovos undertakes to delete or to anonymise your personal data upon expiry of the retention period as described above.
Data Security and data transfer
Enovos has implemented appropriate technical and organizational security measures designed to protect your personal data against accidental or unlawful destruction, loss, alteration, unauthorised disclosure, unauthorised access, and other unlawful or unauthorised forms of Processing, in accordance with applicable law.
You are responsible for ensuring that any personal data that you send to us are sent securely.
Enovos does not transfer personal data to any third country nor to any international organisation, except as the case may be on the basis of:
- adequacy decisions;
- suitable Standard Contractual Clauses; or
- other valid transfer mechanisms under GDPR.
Data Accuracy and minimization
We take reasonable measures:
- to ensure that your personal data are accurate and, when necessary, kept up to date; and
Data subject rights
Each User benefits under data protection law from a right of access, modification and opposition to the processing of its personal data, a right to erasure and a right to portability of its personal data by sending an email to firstname.lastname@example.org. Those rights may only be exercised within the limits of any contractual or legal obligation. Each User has also a right to lodge a complaint with the Luxembourg supervisory authority, namely the Commission nationale pour la protection des données (https://cnpd.public.lu/fr.html).
Acceptance of these terms