We know that you care how we use and share your personal information and thank you for trusting us to treat it cautiously and appropriately.
We recommend that you read it, as it contains all the important information concerning the processing of your personal data.
1. 1. The personal data controller
UPERGY LIMITED is a private limited company registered in England No. 2045875, VAT GB 490 2254 58, with a registered office at Unit 2 Focus Park, Ashbourne Way, Solihull, B90 4QU.
UPERGY LIMITED is the personal data controller for your personal information and is also the publisher of the website www.enix-energies.co.uk.
2. 2. Why do we collect your data?
We collect your data for several purposes:
- Creating your account and managing your orders and the services you request from us, delivering your products or services, processing payments and communicating with you regarding your orders.
- Conducting marketing operations and sending you e-mail advertisements, for those of you who have agreed to this, concerning other products offered by our company and products similar to those you have ordered.
- We also use this information to improve our shops and websites, and to detect fraud or abuse on our websites.
3. What are the legal bases for the processing?
The legal basis for the processing of your data is as follows:
- Order management: the legal basis for processing is the fulfilment of a contract for orders, invoicing, customer relations and deliveries. (see. Article 6.1.b) of the General Data Protection Regulation.
- Sending commercial communications by e-mail on products similar to those ordered by customers: the legal basis of processing is the legitimate interest of the company (see Article 6.1.f) of the General Data Protection Regulation.
- Sending commercial communications by e-mail on other products: the legal basis for the processing is consent (see Article 6.1.a) of the General Data Protection Regulation.
- Customer complaints and after-sales services: the legal basis for processing is the legitimate interest of the company (see Article 6.1.f) of the General Data Protection Regulation.
4. What personal information do you collect?
Personal information is any information relating to a natural person who can be identified, directly or indirectly.
We collect the following information from you:
- Identity: title, surname, first name, address, delivery address, telephone number, e-mail address
- Purchase order information: transaction number, purchase details, purchase amounts, invoice payment information.
- Data relating to the method of payment: bank card number, expiry date of the card, visual cryptogram (data immediately deleted)
- Data necessary for carrying out prospecting
5. How do we collect your information?
We collect your personal information when you create an account on our websites or in our stores, when you purchase products on our websites, when you subscribe to our newsletter and when you visit our websites.
6. Who are the recipients of your information?
Transfer of businesses or activities: As part of the development of our business, we may sell or acquire shops, subsidiaries or business segments. As part of such transactions, customer information is generally part of the transferred assets but remains subject to any pre-existing privacy policies (unless, of course, the customer agrees otherwise).
Protection of the website and third parties: We disclose the content of customer accounts and other personal information when we are legally required to do so or if such disclosure is necessary to enforce and apply our General terms and conditions of sale and other agreements, or to protect the rights, property or safety of our websites or those of the users of our websites or others.
7. Transfers outside the EU
Some companies in the UPERGY group are headquartered outside the European Union, notably in Tunisia. As a result, your personal data may, as an exception, be transmitted, for certain purposes, such as the management of customer complaints and the management of customer notices, to a country outside the European Union.
In addition, to ensure the security of your personal information and to ensure the legality of such transfers, UPERGY has implemented European Union standard contractual clauses (SCCs) to govern data transfers outside the European Economic Area (EEA), in accordance with the General Data Protection Regulation (GDPR).
8. How do we secure your data?
All your personal information is strictly confidential and is only accessible by certain members of staff, other companies and subsidiaries of the group and some of our duly authorised service providers.
UPERGY has implemented a combination of physical, software and organisational security measures to ensure maximum protection of your personal information.
In terms of physical security, we have premises that are secured using access badges.
In terms of IT and software security, we have antivirus software, complex passwords according to the international standard, access rights by user group and a maximum security protocol for our digital platforms.
We follow appropriate security procedures when storing your information to prevent unauthorised access by third parties and to avoid accidental loss of your information.
In addition, we have procedures in place to deal with possible breaches of your personal information.
We also require the persons to whom we transfer your information, in particular our subcontractors and other departments, to comply with data protection regulations. (Implementation of data protection clauses).
9. How long will your information be kept?
We keep your information for a period of time appropriate to the various purposes of processing and in accordance with the regulations in force.
For customers, we keep the information for a period of 5 years. Thereafter, some information may be retained for up to 10 years after the end of the contractual relationship in compliance with accounting and tax obligations.
For prospecting, we keep the email address until withdrawal of consent (via the unsubscribe link in our emails) or 3 years from the last action taken by the prospect.
In the case of customer complaints, we retain the information for the time necessary to resolve the complaint.
Your information may be used as part of disputes or litigation during the applicable limitation periods.
The information will then be deleted or anonymised.
10. What are your rights?
You have several rights that you can exercise at any time. These include, above all:
- The right of access
This right of access guarantees you access to the personal information collected, and also allows you to request that the information is sent to you to verify the content of the information.
- The right of correction
You can ask to correct or complete your personal information, if it is inaccurate or incomplete.
- The right to oblivion (right to erasure)
You have the right to ask us to delete your personal information under certain circumstances, in particular:
- If your information is used for prospecting purposes
- If your information is no longer necessary for the purposes for which it was collected
- You withdraw your consent to the processing of your information
- Your information is being processed unlawfully
- Your information must be deleted to comply with a legal obligation
In the event of a deletion request, we will nevertheless be obliged to keep some of your information in the form of interim archiving to comply with legal and tax obligations.
- The right to limitation of processing
You have the right to ask us to temporarily freeze the use of some of your information.
- The right to portability
You may ask us to forward your personal information to you or to a data controller other than UPERGY in the following cases:
- Where the processing of information is based on your consent or necessary for the performance of a contract
- Where processing is carried out using automated processes.
- The right of opposition
You can, at any time, oppose the processing of your information for commercial prospecting purposes by clicking on the unsubscribe link present in all our emails.
Our products and services are intended for professionals and individuals. Nevertheless, we remind you that we do not collect information from minors under the age of 15 without parental consent or authorisation from the legal guardian.
12. Contact us
PIf you have any questions about the processing and protection of your information, you can contact us by email at the following address: firstname.lastname@example.org or by post at the address given in Article 1 of this document.
You may also refer all your complaints concerning the processing of your information to the National Commission for Data Protection (CNIL) at 3 Place de Fontenoy-TSA – 75334 PARIS CEDEX, or at the following address: www.cnil.fr
13. Revision of our data protection policy