Privacy
policy

Neoen (hereinafter “Neoen” or “we”) is aware of its duties regarding the protection of personal data. We are vigilant about using your data responsibly, while maintaining a confidential environment. The collection, use and storage of your information are necessary for us to provide you with our solar, wind, and biomass renewable energy supply services and to manage our business relationships. The purpose of this privacy Policy (hereinafter the “Policy”) is to explain how we process your data and how you can exercise your rights over it.

The Policy applies to all processing of personal data by Neoen. Personal data means information relating to a natural person who can be directly or indirectly identified, either from the information itself, or by cross-referencing multiple pieces of information. Processing refers to any operation that relates to information, such as consultation, use, modification or deletion.

To comply with the goals of the General Data Protection Regulation n° 2016/679 of 27 April 2016 and the law known as “informatique et libertés” (French Data Protection Act) n°78-17 of 6 January 1978 (hereinafter referred together as the “Regulation”), we undertake to inform you transparently of our processing operations and to only process it in connection with the services we offer.

 

1. Who are we?

This policy regulates the services provided by Neoen, a public limited company with a share capital of €108,794,140, with a registered office at 6, rue Ménars, 75002 Paris, registered with the Paris RCS under n° 508 320 017 and intra-Community VAT number FR74 508 320 017.

 

2. What data is used?

Neoen processes personal data received directly from you, when you conclude a contract with us or when you complete our contact form on our website, and indirectly, from collecting in public files. The categories of data processed are as follows:
• Identity and identification data;
• Personal life;
• Professional life;
• Economic and financial information;
• Billing and payment elements;
• Characteristics of properties;

We may automatically link this personal information to information about the nature of the connection to the website (access provider identity, IP address, browser type, etc.).

If you do not provide all or part of this data, we will inform you that we will not be able to provide all the services we offer.

 

3. Do we use cookies and web beacons?

Neoen uses cookies to improve your user experience on our website and to ensure its protection. A cookie is a small file which does not allow the identification of the user but records information relating to the navigation of a terminal on a website.

The data collected by these cookies is:
- Login ID;
- IP address;
- Unique device identifier;
- Date and time of connection.

You can decline cookies using the information banner located on the home page of our website and the setting of your internet browser.

The period of validity of your consent to the use of these cookies will not exceed thirteen months, in application of Deliberation n° 2013-378 adopted by the CNIL on 5 December 2013 and may be extended by a new expression of consent.

The website uses Google Analytics, owned by Google LLC.

We inform you that information obtained from cookies about your use of the website may be transmitted to a Google LLC server in the USA where it is stored.

Google LLC processes the information obtained in this way according to its own privacy policy available at https://policies.google.com/privacy.

We use Google Analytics for audience measurement, traffic analysis and other purposes to provide you with a better user experience.

 

4. What do we use your data for?

The legal basis for Neoen to process your personal data is your consent or the performance of our contractual obligations arising from the contract you have concluded with us. You may withdraw your consent at any time, in which case we will immediately stop processing your data for the purposes based on that consent. Please note that withdrawing your consent does not make previous processing operations illegal.

The purposes for which we process your personal data include:

• The provision of our services.
We use your data to record and execute service contracts for the supply of renewable energy, process payments and communications with you in connection with these services.

• Improve services.
This personal information is also used to analyse our performance, correct errors and improve the effectiveness of our services. These analyses can be achieved through the establishment of technical and commercial statistics.

• Communicate with you.
We use your personal data to respond to your contact requests and communicate with you.

• Project study
We use the data collected to examine the relevance of renewable energy development projects, and, where appropriate, to communicate with you about these projects.

• Administrative procedures
The energy supply services we offer may lead us to approach public administrations with a view to obtaining authorisations. To do this, providing your personal data may be necessary, depending on the information requested by the public body.

• The establishment of supplier files.
The personal data collected is used to perform administrative operations related to contracts, orders, receipts, invoices, payments, and accounting for the management of suppliers. These same elements allow us to maintain documentation and financial statistics on them.

• Site administration, improvement and security.
The data collected indirectly through cookies and audience measurement tools is required for us to improve and ensure the proper administration and improvement of our website, thus allowing us to regularly improve your browsing experience. In addition, this data also serves our legitimate interest in ensuring the security of our website, including the prevention and detection of fraud, malware and security incidents.

 

5. Who can access your personal data?

The personal information you provide to us is only accessible to Neoen personnel authorised to process the provision of our services, to study renewable energy development projects, to respond to contact requests, and to administer, improve and secure our website.

Data related to our suppliers is only accessible to personnel in our purchase and accounting services, as well as to persons contractually linked to Neoen to ensure accounting operations.

Neoen may pass on your personal data to public and ministerial officials responsible for supporting the drafting of contracts you have concluded with us, to our subcontractors involved in the delivery of our contractual obligations, or to public bodies, exclusively to meet our legal and regulatory obligations.

In accordance with the Regulation in force, we are also obliged to disclose your personal data at the request of a competent authority.

 

6. Do we transfer your personal data outside France?

Neoen may transfer your personal information to its subsidiaries and subcontractors located in a country outside the European Union, for the purposes of fulfilling our contractual obligations.

We inform you that all our providers are subject to an obligation of confidentiality and that all transfers are made either to a country recognised by the European Commission as having an adequate level of data protection, or to a country whose transfer is regulated by standard contractual clauses of the European Commission previously recognised by the CNIL as guaranteeing an adequate level of protection of the privacy and fundamental rights of the persons concerned.

 

7. How long is your data retained?

The data collected is retained for the duration of the processing of your contact request, and the study of our development projects or the execution of our contractual obligations resulting from our contract concluded with you.

In compliance with a legal obligation, Neoen may retain your personal data for a longer but determined period.

Your data is generally deleted after 5 years from the end of the contract to allow us to retain the necessary elements until the end of the prescription period in commercial law.

At the end of this period, we are obliged to proceed with the deletion of your data, subject to legal or regulatory obligations requiring us to archive them.

 

8. What are your rights under the personal data protection Regulation?

In certain circumstances, you have the following rights regarding your personal data:
- Request access to your data;
- Request the correction of your data;
- Request the deletion of your data;
- Request to limit the processing of your data;
- Request the transfer of your data in a usable format;
- Object to the processing, for legitimate reason;
- Set guidelines for the disposition of your data after your death.

Due to legal or regulatory obligations, Neoen may be unable to respond positively to your request. If this is the case, we will explain the reasons which prevent us from doing so.

 

9. Is my data automatically processed?

Neoen does not use any automated decision-making system. Likewise, we do not process your data automatically.

 

10. Where can I find the current privacy Policy?

This version was last updated on 16 July 2018. We reserve the right to make changes to the Policy at any time. We therefore invite you to regularly review this Policy.

 

11. How can I exercise my rights and complain?

If you wish to exercise your rights relating to your personal data or file a complaint, you can contact us by filling our contact form available at https://www.neoen.com/contact-2/, or by contacting us by phone on 01 70 91 62 62 or by post at 6, rue Ménars, 75002 Paris.

All requests for exercising your rights must be accompanied by a signed identification document. We will reply within one month of receiving your request. Depending on the complexity or the number of requests, we may extend this period to two months, in which case we will notify you of the extension within one month.

If you believe that Neoen processes your data in a manner contrary to the Regulation, you may file a complaint with the Commission Nationale de l’Informatique et des Libertés (CNIL – National Commission for information technology and civil liberties). This is the supervisory authority responsible for matters relating to processing of personal data. The CNIL can be contacted at 3, Place de Fontenoy - TSA 80715 - 75334 PARIS CEDEX 07, by phone on 01 53 73 22 22 and on its website: www.cnil.fr.

 

Thank you for reading this policy.