Keep in touch
Register for our newsletter
As part of its activities, DRIVECO publishes a website accessible at driveco.com (hereinafter the “Site“) which includes a section dedicated to accessing and paying for the recharging service provided by the charging stations that are part of the DRIVECO’s network (the “Recharging Portal“), as well as several mobile applications available on the Android and iOS platforms (the “Mobile Applications“).
We attach the greatest importance to respecting the privacy and personal data of persons who interact with us via the Site, the Mobile Applications, or by any other means. Thus, we implement appropriate technical and organizational measures to ensure that your personal data is processed in accordance with the regulations in force (in particular the General Data Protection Regulation No. 2016/679 of 27 April 2016 (hereinafter “GDPR”) and the French Data Protection Act of 6 January 1978 as amended).
The terms “data” or “personal data” used in this document have the same meaning as the term “personal data” in the GDPR. Other terms common to this document and the GDPR, such as “processing“, “controller“, “processor“, or “recipient” have the meaning given to them in the GDPR.
The purpose of this document is to inform you in a clear and transparent way about:
Aware of the importance of clear and transparent information in this area, we have integrated various tables to help you better understand our practices regarding the management of your personal data and facilitate the exercise of your rights.
We apply the principles of data minimization, data protection by design and by default.
Consequently, we only collect information that is relevant, adequate and limited to what is necessary for the purposes for which the data is collected and processed.
1. WHO IS THE DATA CONTROLLER OF YOUR PERSONAL DATA?
The data controller is, within the meaning of the GDPR, the person who determines the purposes and means of the data processing, i.e. for what purpose(s) and in what way your personal data are processed.
The person responsible for processing your data is DRIVECO, a simplified joint stock company registered in the Bastia trade and companies register under number 818 943 938.
We have appointed a Data Protection Officer (“DPO”) who will be your privileged contact for all questions relating to the protection of your personal data. You can contact the DPO by e-mail at dibbdpo@dibb.fr
2. WHAT PERSONAL DATA DO WE COLLECT AND HOW?
2.1 Data collected
2.2 How we collect your data :
3. WHAT ARE THE PURPOSES AND LEGAL BASES OF THE PERSONAL DATA PROCESSING THAT WE IMPLEMENT?
Type of data | Purpose of the processing | Legal basis |
Identification and contact data | Making contact / prospecting. | Legitimate interest GDPR, Article 6.1.f) |
Sending of newsletters. | Consent GPDR, article 6.1.a) | |
Sending commercial communications (promotional offers, coupons, contests, etc.). | Consent GPDR, article 6.1.a) | |
Identification, connection and payment data on Mobile Applications | Access to the functionalities offered by the Mobile Applications, and in particular the possibility of creating a user account. Provision and management of the recharge service. | Execution of the contract GDPR, article 6.1.b) |
Identification and payment data for the provision of the recharging service (Recharging Portal) | Provision and management of the recharge service. | Execution of the contract GDPR, article 6.1.b) |
Browsing data of the users of the Site | Provision of a functional, secure Site adapted to the different types of terminals and browsers present on the market. | Legitimate interest GDPR, Article 6.1.f) |
Statistics and audience measurement. | Consent GPDR, article 6.1.a) | |
Prospects data | Prospecting: identify potential new clients and present our service offers Data collected via public information sources. | Legitimate interest GDPR, Article 6.1.f) |
Customers data | Management of our relationship in the provision of the services. | Execution of the contract GDPR, article 6.1.b) |
Business partners data | Performance of the service contract. | Execution of the contract GDPR, article 6.1.b) |
Candidate data | Management of applications and storage of applications in a database. | Consent GPDR, article 6.1.a) |
Employee data | Management of our working relationships. | Execution of the contract GDPR, article 6.1.b) |
4. WHAT SECURITY MEASURES DO WE IMPLEMENT TO PROTECT YOUR PERSONAL DATA?
We implement appropriate technical and organizational measures to protect your personal data against accidental or unlawful destruction, accidental loss, alteration, unauthorized disclosure or access.
We also monitor the way our service providers process your personal data to ensure that they provide sufficient guarantees that appropriate data security measures are in place.
5. HOW LONG DO WE KEEP YOUR DATA?
Personal data are kept for the period necessary to achieve the purposes for which they are collected, as described in Article 3, plus the duration of the legal requirements.
The main retention periods are the following:
6. WHAT ARE YOUR RIGHTS?
You have a number of rights over your data, which you can exercise under the conditions set out in the GDPR. You will find below a summary of these rights.
Your rights | Purposes |
Right of access GDPR, Article 15 | Obtain a readable and understandable copy of the data we have about you, as well as a copy of this document in a durable medium. |
Right of rectification GDPR, Article 16 | Obtain the rectification, update or completion of data concerning you. |
Right to withdraw consent GDPR, Article 7, 3. | To obtain, for the future, the cessation of the processing of the data for which you have consented to the processing. |
Right to object GDPR, Article 21 | To obtain, for the future, the cessation of the processing of your data when this processing is based on our legitimate interest or that of a third party (subject in particular to legitimate and compelling reasons) or when your data is used for commercial prospecting purposes. |
Right to erasure (right to be forgotten) GDPR, Article 17 | Obtain the deletion of all or part of your data, or their complete and irreversible anonymization, under certain conditions (in particular if you consider that the data are no longer necessary, if you have withdrawn your consent or if you consider that your data are the subject of an illicit processing). In this case, we may nevertheless need to retain certain data to meet our legal obligations or to enforce our legal rights. |
Right to limit processing GDPR, Article 18 | Obtaining the retention of your data without further use (e.g. if you believe that the data is no longer needed or is being processed unlawfully). In this case, your data is temporarily isolated and no longer used (subject to our legal obligations or the exercise of our legal rights). |
Right to data portability GDPR, Article 20 | Obtain a copy of the data you have provided to us in a reusable computer format for transfer to another data controller. |
Right to define post-mortem directives | Tell us how you want us to handle your data in the event of your death. |
You may exercise these rights at any time and free of charge, except in the case of manifestly unfounded or excessive requests (in particular because of their repetitive nature). In this exceptional case we reserve the right, in accordance with the provisions of the GDPR (Article 12, 5)), to require payment of a reasonable fee or to refuse your request.
You can exercise your rights by contacting our Data Protection Officer electronically at: dibbdpo@dibb.fr
If you feel that we have not responded satisfactorily to your request, you can contact the Commission Nationale de l’Informatique et des Libertés (CNIL), via its website www.cnil.fr or by post at the following address CNIL – 3, Place de Fontenoy – TSA 80715 – 75334 PARIS CEDEX 07.
7. WHO HAS ACCESS TO YOUR DATA?
Some of your data may be accessed, or at least hosted, by the following people:
Your personal data will not be transferred to recipients outside the European Union (hereafter “EU”) or the European Economic Area (hereinafter “EEA”).
In the event that we process your data outside the EU and the EEA, we undertake to implement the necessary measures to ensure the protection of your data, in particular through the implementation of the European Union’s standard contractual clauses approved by the European Union Commission.
8. MODIFICATIONS
The present document is subject to updates. We invite you to consult this page regularly in this regard.
Keep in touch
Register for our newsletter
Keep in touch
Register for our newsletter