Deepki achieves ISAE 3000 Type 2 attestation guaranteeing audit-ready data
Learn more

Privacy Policy

What is the purpose of our Privacy Policy?

Deepki Group (hereinafter “Deepki”), which manages the website Deepki.com, understands the importance of protecting and keeping your personal data confidential, which we consider to be a guarantee of reliability and trust.

Our Personal Data Privacy Policy reflects our desire to ensure that Deepki complies with the applicable rules on the protection of personal data and, more specifically, those of the General Data Protection Regulation (“GDPR”).

In particular, our Privacy Policy aims to inform you about how and why we process your personal data as part of the services we provide to you.

To whom is our Privacy Policy addressed?

Our Privacy Policy applies to you, wherever you live, if you are at least 15 years old, whether you are one of our customers, a B2B third party whose energy consumption data is collected by Deepki, or simply a visitor to the Deepki.com website.

If you are under the legal age detailed above, you are not authorized to use our services without the prior and explicit consent of one of your parents or the holder of parental authority, which must be sent to us by email at privacy@deepki.com.

If you believe that we are holding personal data about your children without your consent, please contact us at the dedicated address detailed above.

Does our Privacy Policy apply to job applicants?

If you are a candidate for a position within Deepki, you should consult our “candidate policy”, which is accessible at all times on our dedicated page on Deepki.com and which details the processing carried out as part of our recruitment process.

Why do we process your personal data and on what basis?

We process your personal data primarily for the following reasons:

  • To browse our website, benefit from our services and so that we can respond to your requests in particular via our customer service (e.g. requests for information, complaints, etc.) on the basis of our general terms of use and our legitimate interest in providing you with the best possible service.
  • To stay informed of our latest offers and events via email or social networks on the basis of our legitimate interest in building customer loyalty and prospecting potential new customers.
  • To stay informed of our latest offers and events through the publication of online advertisements based on our legitimate interest in building customer loyalty.
  • To follow us and comment on our publications on social networks on the basis of our legitimate interest in benefiting from a dedicated page on social networks.
  • To contact us via our chatbot or contact form on the basis of our general terms of use.
  • To receive our newsletter, which informs you about our services on the basis of your consent.
  • To operate the videos on our site on the basis of our legitimate interest in offering you content in video format.
  • To guarantee and reinforce the security and quality of our services on a daily basis (e.g. statistics, data security, etc.) on the basis of the legal obligations incumbent on us, our general terms of use and our legitimate interest in ensuring the proper functioning of our services.
  • In the specific case of BtoB tenants, your personal data is collected solely for the performance of the Deepki ready service on the basis of your consent materialized in the mandate authorizing Deepki to collect your energy consumption data on behalf of the owner. 

How did we obtain your personal data?

Your data is collected directly from you if you are a customer of our services, a B2B third party whose energy consumption data is collected by Deepki, or simply a visitor to our Deepki.com website, and we undertake to process your data only for the purposes described above.

However, we may also obtain your personal data indirectly from partners if you have given your prior consent to the latter.

Your personal data may also be processed indirectly in the context of trade fairs or social networks (e.g. Linkedin).

However, when you voluntarily publish content on our social networking pages, you acknowledge that you are entirely responsible for any personal information you may transmit, whatever the nature and origin of the information provided.

What personal data do we process and for how long?

We have summarized below the categories of personal data and their respective retention periods:

  • Professional identification data (e.g. surname, first name, position, company, etc.) and contact details (e.g. email address and business telephone number, etc.) retained for the entire duration of the provision of the service, to which must be added the statutory limitation periods, which are generally 5 years.
  • Where there is confusion between the name of your organization and your personal name (e.g.: self-employed entrepreneur, very small business, etc.), economic and financial data (e.g.: bank account number, verification code, etc.) retained for the duration necessary for the transaction and the management of invoicing and payments, plus the statutory limitation periods, which are generally 5 to 10 years.
  • Email address for our commercial prospecting campaigns by email, kept for a maximum of 3 years from the last contact we had with you.
  • Email address to receive our newsletter kept until the end of your newsletter subscription.
  • CCTV Images / CCTV Cameras collected using our video protection cameras and kept for a maximum of one month.
  • Statistical data relating to the viewing of our videos, which are anonymized and kept indefinitely.
  • Connection data (e.g. logs, IP address, etc.) kept for a period of 1 year.
  • Cookies which are generally kept for a maximum of 13 months. For more details on how we use your cookies, you can consult our cookies policy accessible at any time on our website.

Once the applicable retention periods have expired, the deletion of your personal data is irreversible and we will no longer be able to communicate it to you. At most, we can only keep anonymous data for statistical purposes.

Please also note that in the event of litigation, we are obliged to retain all personal data concerning you for the duration of the case, even after the expiry of the retention periods described above.

What rights do you have to control the use of your personal data?

Applicable data protection regulations grant you specific rights that you can exercise, at any time and free of charge, to control how we use your data.

  • Right to access and copy your personal data, provided that this request does not conflict with business secrecy, confidentiality or the secrecy of correspondence.
  • Right to rectify any personal data that may be erroneous, obsolete or incomplete.
  • Right to request the deletion (“right to be forgotten”) of personal data that is not essential to the proper functioning of our services.
  • Right to the limitation of your personal data, which allows you to photograph the use of your data in the event of a dispute over the legitimacy of a processing operation.
  • Right to portability of your data which allows you to retrieve part of your personal data in order to store or transmit them easily from one information system to another.
  • Right to give instructions on the fate of your data in the event of your death either through yourself, a trusted third party or a beneficiary.

To make a request in respect of the above, it must be sent directly by you to privacy@deepki.com. Any other means of request cannot be processed.

Requests cannot come from anyone other than you. We may therefore ask you to provide proof of identity if there is any doubt about the identity of the person making the request.

We will respond to your request as quickly as possible, subject to a maximum of three months from receipt if the request is technically complex or if we receive many requests at the same time.

Please note that we can always refuse to respond to any excessive or unfounded request, particularly in view of its repetitive nature.

Who can access your personal data?

Your personal data is processed by our teams and by our technical service providers for the sole purpose of operating our service.

We would like to point out that we check all our technical service providers before recruiting them, to ensure that they scrupulously comply with the rules applicable to the protection of personal data.

WE GUARANTEE THAT WE WILL NEVER TRANSFER OR SELL YOUR DATA TO THIRD PARTIES OR BUSINESS PARTNERS.

Can your personal data be transferred outside the European Union?

Personal data processed by our website is exclusively hosted on servers located within the European Union.

Furthermore, we do our utmost to use only technical tools whose servers are also located within the European Union. However, if this is not the case, we take great care to ensure that they implement the appropriate guarantees required to ensure the confidentiality and protection of your personal data.

How do we protect your personal data?

We implement all the technical and organizational means required to guarantee the security of your personal data on a daily basis and, in particular, to combat any risk of destruction, loss, alteration or disclosure.

Do we use cookies when you browse our website?

Please note that we use cookies when you browse our website. For more information, please consult our Cookie Policy.

Who can you contact for more information about the use of your personal data?

To best ensure the protection and integrity of your data, we have formally appointed an independent Data Protection Officer (“DPO”) to our supervisory authority.

You can contact our DPO at any time, free of charge, at privacy@deepki.com to obtain further information or details on how we process your data.

How can you contact the CNIL?

You may at any time contact the “Commission nationale de l’informatique et des libertés” or “CNIL” at the following address: CNIL Complaints Department, 3 place de Fontenoy – TSA 80751, 75334 Paris Cedex 07 or by telephone at 01.53.73.22.22.

Can the Privacy Policy be modified?

We may modify our Privacy Policy at any time to adapt it to new legal requirements and to new processing operations that we may implement in the future.