This Privacy Policy is edited by DEEPBLOO a Company having its registered office at 12, rue Joachim Colbert 34 000 Montpellier and registered with the Trade and Company Register under the number 831 420 500 (hereafter, the “Company”).
The Company offers a platform providing services in the energy sector (hereafter, the “Platform”) to its users, which have subscribed on the Platform and as such, have a user account (hereafter, the “Users”). The Platform is available at the following url address :https://platform.deepbloo.com/
The Company uses a solution called “Hivebrite”, which enables the import and export of user lists and data, the management of content and events, the organization of emailing campaigns and opportunity research and sharing as well as the management of funds and contributions of any kind.
In this regard, as data controller, the Company is particularly aware and sensitive with regard to the respect of its Users privacy and personal data protection. The Company commits to ensure the compliance of the processing it carries out as data controller in accordance with the applicable provisions of the “Loi n°78-17 dated January 6, 1978, relative à l’informatique, aux fichiers et aux libertés” and the EU Regulation EU 2016/679 regarding data protection dated April 27, 2016.
In order to do so, the Company has put in place an appropriate privacy policy which guarantees an optimal level of protection of its Users’ data.
This privacy policy is intended for the Users of the Platform of the Company.
COLLECTED PERSONAL DATA
1.1. When subscribing on the Platform
When subscribing on the Platform, the User is informed that its following personal data is collected:
The User commits to only provide accurate, exhaustive, and regularly updated data regarding its identity, its content and any information in general. Under no circumstances shall the Company be liable for any data that is illegal contrary to public order provisions.
In the event the User does not consent to the collection of the above-mentioned date, it shall be informed that it cannot have access to the Platform.
1.2. During the use of the Platform
The User may validly publish, at its own initiative, any content on the Platform which shall be kept by the Company:
The User commits not to publish any content which contains, including but not limited to, any remarks/images/pictures, contrary to application legislation and regulations, to public order and good morals, or affecting the rights of third parties, including but not limited to:
In any event, Deepbloo shall not be liable for the content, accuracy, or up-to-date state of the information freely published by the User.
The User consents that, following the publication of the content, its information will become public on the Platform and that as such, same information will be published, modified, translated, reproduced in any form and accessible, saved and reproduced by other Users and the Company.
In most cases, Users post contents without previous moderation from the Company. The Company does not alter the content or information of the User, except under exceptional circumstances. The Company reserves its right to freely delete or amend the content or information of the User, without prejudice to the Users.
In the case of delivery of content on the Platform which is contravenes with the present privacy policy, applicable law or the rights of third parties, any person can inform the Company of the existence of such Content at the following address: info@deepbloo.com
The User is informed that the Company does not collect any particularly sensitive data within the meaning of applicable legislation and regulations.
1.3. Cookie data
The Company informs the User that Deepbloo, as well as its subcontractors, uses a tracking technology on its terminal such as cookies whenever the User navigates on the Platform.
A cookie is a message that, subject to the User settings, is sent to its terminal when the User navigates on a website. The aim is to collect data regarding the internet navigation of the User to send tailor-made services to its terminal (computer, mobile phone or tablet).
The cookies that are sent to the User’s terminal are detailed under Article 2 of the present privacy policy.
The purpose of the process of the data collected through the cookies and the settings of such processing is detailed under article 9 of the present privacy policy.
PURPOSE OF THE DATA PROCESSING
The Company and its subcontractors collect, process and host personal data that are freely transferred by the User when accessing the services proposed by the Platform.
Collected DataPurpose of the processing
When subscribing on the Platform:
When using the Platform:
Cookies, trackers:
2.1. International Transfer of data
Personal data may only be transferred outside of the EU in compliance with the conditions for transfer set out in the Chapter V of the GDPR.
Deepbloo may transfer personal data to organizations, which have provided adequate safeguards and where Individuals’ rights must be enforceable and effective legal remedies for individuals must be available following the transfer. Such a transfer will not be made without prior individual’s informed consent;
Moreover, as per GDPR, infrequent, not repetitive transfers of personal data related to only a limited number of Deepbloo may happen if is necessary for the purposes of the compelling legitimate interests of Deepbloo.
2.2. Automated decision-making
Moreover, Deepbloo platform may use automated decision-making (in the sense of making a decision solely by automated means without any human involvement) in order to provide relevant information based on data of subjects. In particular, we may use data on locations, market segment, type of industries, skills and experience in order to suggest, through pre-programmed algorithms, to the data subject some opportunities, news, events, companies, etc.…. which may interest him/her.
Deepbloo may use techniques such as artificial intelligence and machine learning and profiling to suggest business decision and to analyze or predict using automated software, which are regularly checked to make sure they are working as intended.
These automated individual decision-making and profiling lead DEEPBLOO to quicker and more consistent decisions.
If you request explanations of those decisions and want to contest them, you can write at contact@deepbloo.com
USER’S CONSENT TO THE COLLECTION OF DATA
The Company informs the User that no personal data within the meaning of applicable legislation and regulations shall be collected without the prior explicit consent of the User.
The User expresses its consent upon its subscription on the Platform, and after having been able to consult the present privacy policy.
The Company and its subcontractors commit to a lawful and fair collection of the User’s data, in full transparency and in compliance with the rights conferred to the User pursuant to applicable legislation and regulations.
User consent for personal data collected from other sources
Deepbloo has valid contracts with entities (third parties), which are inviting other users to join the Deepbloo platform (e.g. group administrator invites users to join Deepbloo).
Such contracts contain GDPR clauses giving the obligations to the third party to collect the consent of the data subject prior to invite them to join their group on the Deepbloo Platform.
Moreover, when Deepbloo obtains personal data from other sources such as third parties with the purpose to invite users on the platform to join their group, Deepbloo will provide the individuals with privacy information within one month and at the time the consent will be asked to these individual when logging for the first time. Deepbloo will inform individuals who provide us with their data.
LENGHT OF DATA RETENTION
The Company informs the User that the data is retained only during the length of the User’s subscription on the Platform.
Following the termination of said subscription, the data collected upon the subscription as well as the content published by the User on the Platform shall be deleted after a period of 30 days.
The Company informs the User that it uses a payment service provider called [·] which offers full guarantees of security.
You can consult [·]’s privacy policy by clicking on the following link: [·]
In accordance with application legislation, cookie data will be automatically deleted thirteen (13) months following their placing on the User’s terminal.
Finally, the data regarding the identification of the Users in case of exercise of their rights pursuant to Article 6 of the present privacy policy shall be retained for (i) one (1) year in case of exercise of their access or rectification rights and (ii) three (3) years in case of exercise of their opposition right.
OBLIGATIONS OF THE COMPANY
As data controller and in accordance with applicable legislation and regulations, the Company commits to:
For any additional information on Hivebrite, you can consult the webpage available at the following address: www.hivebrite.com.
EXERCISE OF THE USERS’ RIGHTS
Any user of Deepbloo can manage the personal information on Deepbloo using the user profile dashboard, which is directly accessible. Each information can be directly edited or deleted and users have the possibility to decide the visibility of the information (visible to all, to admin only, to favourite users). Consequently, this provides the right for an individual to rectify inaccurate data (Right to rectification)
Moreover, the User is duly informed that it disposes at any time, meaning prior to, during or following the processing of data, to a right to access, copy, rectify, oppose, port, limit and delete its data.
The User can exercise its rights by sending an email to the following address info@deepbloo.com or by mail at the following address 12, rue Joachim Colbert 34 000 Montpellier France provided that the User justifies its identity.
In addition, in the event the User considers that its rights have not been respected, the User of which the personal data is collected can file a reclamation before the competent supervisory authority. For any additional information, you can review your rights on the websites of the competent authorities.
The competent supervisory authorities are listed on the following website:
http://ec.europa.eu/justice/article-29/structure/data-protection-authorities/index_en.htm.
HOSTING OF THE USERS’ PERSONAL DATA
The personal data collected by the Company is hosted by the following service providers:
HostNature of the hosting
Microsoft Azure Cloud
Privacy policy: https://www.microsoft.com/en-us/TrustCenter/Privacy/gdpr/default.aspx
Hosting of all data and content produced / provided by the User, as well as images, profile pictures and backups
AmazonAWS
Privacy policy: https://aws.amazon.com/compliance/gdpr-center/
DATA BREACH
In case of breach of its systems, or theft, deletion, loss, alteration, disclosure, unauthorized access, or any other malicious act, the Company commits, in the event the said breach presents a serious risk regarding the rights and freedoms of the Users, to notify the Users, within a period of seventy two (72) hours as of the occurrence of the breach, of (i) the nature of the breach, (ii) the probable consequences of the malicious act, (iii) the appropriate measures proposed to remedy the malicious act.
The malicious act presenting a serious risk regarding the rights and freedoms of the Users shall be notified to the competent supervisory authority.
The User is duly informed that the Company shall not be liable in case of breach of IT security which can cause damages to computer equipment, as well as in case of breach or malicious act by a third party targeting the system or the Platform.
COOKIE MANAGEMENT CONFIGURATION AND OTHER DATA
The User’s consent is requested through a banner at the bottom of the Platform homepage.
In case of consent, the User’s internet navigator shall automatically transmit to the Company the data collected and detailed under Article 1.2.
The User is informed that the cookies and trackers will be automatically deleted following a period of thirteen (13) months.
The User may at all times configure its navigator in order to prevent the creation of cookie files.
However, certain functionalities of the services proposed by the Platform may not function properly without cookies. In addition, even if most navigators are configured by default and accept the creation of cookie files, the User has the possibility to choose to accept the creation of all cookies other than the functional cookies or to systematically decline them or to choose the cookies it accepts depending on the issuer by configuring the following settings:
Internet Explorer:
Firefox:
Safari:
Google Chrome:
In order to configure the data settings, please find below the recommendations of the Company:
Data collected for the following purposes:SettingsGeneral data enabling the proper functioning of the Platform and the improvement of the services proposed by the Platform. Data that is essential for the provision of services by the Company, non-configurable.Data regarding the management of payment services proposed by the Platform, delinquencies and litigation.Data that is essential for the provision of services by the Company, non-configurable.Data enabling the creation of User files;
Mailing of commercial offers, advertisements or newsletters of the Company and/or its commercial partners if this has been accepted by the User.
Management by the User in its login area;
Unsubscribing to newsletters / commercial offers by clicking on the appropriate link;
Request for deletion of the data base of the Company by writing to the following address info@deepbloo.com and subject to providing a proof of identity.
Compilation of statistics with the purpose of improving the functioning of the Platform notably by analysing the traffic of the Platform (modules which are more or less consulted, preferred routes, level of activity depending on the day of the week et hour of the day, etc.) and by adapting the Platform according to the needs and tastes of the Users (recognition of the User when it accesses the Platform).Clearance of cookie history in the navigator pursuant to the above instructions;
Using the “incognito mode” whilst navigating;
Request for deletion of the data base of the Company by writing to the following address info@deepbloo.com and subject to providing a proof of identity.
Management of requests to access, rectify, delete, limit and oppose. Request for deletion of the data base of the Company by writing to the following address info@deepbloo.com, and subject to providing a proof of identity.
PERSONS AUTHORIZED TO ACCESS THE USERS’ DATA
The data of the Users are accessible only to the persons duly authorized to do so by the Company for administrative ormaintenance purposes of the Platform to the exclusion of any commercial use, and if applicable, in order to enforce the rights exercised by the Usersregarding their data (in particular the right to access, rectify, oppose, port and to be forgotten).
The Company informs the User that, outside of hosting and payment services, it uses the following subcontractor:
The company KIT UNITED for its HIVEBRITE solution, a French societe par actions simplified with a capital of 284.280,00Euros, registered with the Paris Companies register under the number75339171300017, having its registered office at 8, rue de la Grande Chaumiere, 75008 – Paris.
Especially in light of any future developments of the applicable legislation and regulations, the Company reserves its right to proceed with any modification of its privacy policy and commits to duly in form you if any such modification occurs.
Latest update: 25 May 2018