PRIVACY AND COOKIE MANAGEMENT POLICY
FIFTEEN CONTROL
Effective date : December 5, 2023
We are committed to protecting your personal data.
Fifteen, a simplified joint stock company with a capital of €1,818,793, headquartered at 77 rue Jean Bleuzen - 92170 VANVES and registered in the Nanterre Trade and Companies Register under number 505 280 727 ("we", "our", or "us"), is committed to respecting privacy and complying with applicable data protection laws concerning the Users ("you", "your", or "yours") of the service (the "Service", as more specifically defined in the "Definitions" section).
This privacy statement (the "Statement") describes our method of collecting and using personal data in the context of your use of the Service on the website (the "Website") and your interactions with us, who are the data controller in accordance with European legislation on the processing of personal data.
The software on your device may have access to your information. Our products or services may contain links to other companies' websites that have their own privacy notices. We therefore recommend that you read their privacy notices carefully.
This Statement applies only within the scope of the Service and the Website.
You are not obligated to provide us with your personal data. However, if you choose not to share it, we may not be able to provide you with our products or services, their full functionalities, or respond to your inquiries.
Definitions
- "We", "our", or "us": Refers to the company Fifteen as designated at the top of the Statement.
- "Service": Refers to the service analyzing the data of Users of the Fifteen Control Service to which said service is subject and forming an indivisible whole with the Statement.
- "Fifteen Control": Commercial brand of the company Fifteen.
- "Application": Refers to the downloadable program available for free and executable from the operating system (iOS or Android) of a smartphone or tablet. It allows every User of the Service to analyze the effectiveness of their commercial offer, learn more about their users, improve their territory, build an adapted cycling policy...
What information do we collect?
We collect your personal data and other information when you fill out various online questionnaires as part of your use of the Service and the Website, or when you respond to questions communicated by email, phone, through the Fifteen Control web application ("the Application"), or by any other means of communication, and when you participate in a campaign or survey or interact with us. This includes the following cases:
- Our applications may regularly contact our servers, for instance, to check for updates or send us information about your use of our services. Additionally, we may invite you to voluntarily join service improvement or research programs, where we collect detailed information such as your socio-professional category, gender, or usage of our services.
- Information you have provided. When you create an account as part of your use of the Service, request our services, participate in campaigns or surveys, or if you interact with us, we may ask you for information such as your name, email address, phone number, postal address, usernames and passwords, comments, information related to your devices, age, gender, language. We will also retain your consents, preferences, and settings related, for example, to location data, marketing, and sharing of personal data.
- Your Transactions with Us. We keep a record of your purchases, downloads, the content you have provided to us, your requests, agreements between you and us, the products and services we have offered you, details of payment and delivery, and your interactions with us. In accordance with applicable law, we may record your communications with our customer service or other contact points.
- Location and Positioning Data. Location services establish your location using satellite, mobile, Wi-Fi, or other network positioning methods. These technologies may involve sharing your location data and your mobile’s unique identification number, your Wi-Fi or other network identifiers with us. Our products may work with different platforms, applications, and services that may in turn collect your positioning data. We do not use this information to personally identify you without your consent.
- Your email address. We may process your email address if you have provided it to us via our Website.
- Collection of Personal Data via Cookies and Trackers. We also collect personal data through cookies and trackers on our Website and Application. Please refer to the section "How do we use cookies?" for more information.
Why do we process your Personal Data?
We may process your personal data to meet various needs:
- Providing the Service. We may use your personal data to provide you with the Service, maintain it, process your requests, and generally execute the contract between us. This includes ensuring the functionality and security of our products and services, particularly the Service, identifying you to provide the Service, preventing and investigating fraud and other malicious uses.
- Communication with You. We may use your personal data to communicate with you, for instance, to inform you about changes to our services, send you alerts about our products and/or services, conduct surveys, and contact you through our customer service.
- Marketing, Advertising, and Recommendations. We may contact you to inform you about new products or services, promotions that may be offered to you, after obtaining your consent, or where we are permitted to do so.
- Anonymized Statistics. We may aggregate GPS data from all users to provide statistics on travel habits, which will be communicated to our partners. These aggregated data will be anonymized in accordance with the conditions prescribed by the current regulations on personal data protection.
We use your personal data with your consent or as necessary for the proper execution of the contractual relationship that binds us. We may also use your personal data when the law or our legitimate interest requires it, for example, to protect our customers, to preserve the security of our products and services, and to protect our rights and property.
Do we share your Personal Data?
We do not sell, rent, or disclose your personal data to third parties except in the cases mentioned below.
- Your Consent and Social Network Buttons. We may share your personal data if you have given your consent. Some of our products and services may allow you to share your personal data with social networks. We advise you to be cautious and to consult the personal data protection policies of these social networks to precisely understand the information that is collected by these sites and the purposes for using your data, particularly for advertising purposes.
- Authorized Third Parties. We may share your personal data with authorized third parties who process personal data for Fifteen Control according to the points indicated in this Statement. This may include, for example, billing by your network operator, or delivering personal batteries, offering services such as customer service, consumer data management and analysis, surveys, commercial management, or others.
- Collaboration with Authorized Third-Party Partners. We may conduct commercial campaigns and other communication methods in collaboration with our authorized third-party partners. To avoid duplicate and unnecessary communications and to send you messages tailored to your needs, we may need to match the data collected by Fifteen Control with those collected by the partner when the law permits.
These authorized third parties by Fifteen Control are not allowed to use your personal data for any other purpose. We ask them to act in accordance with this Statement and the applicable data protection legislation and to employ appropriate security measures to protect your personal data.
- International Transfers of Personal Data. Our products and services may be provided using resources and servers located in various countries around the world. Therefore, your personal data may be transferred across the borders of the country where you use our services, including countries outside the European Community, which do not provide specific protection for personal data, or have different data protection laws. In such cases, we take measures to ensure adequate protection for your personal data according to applicable law by using agreements approved by relevant authorities (e.g., the European Commission) and requiring the use of technical and organizational security measures related to the information.
- Mandatory Disclosures. We may be required by law to disclose your personal data to certain authorities or other third parties, for example, to law enforcement authorities in countries where we, or third parties acting on our behalf, operate. We may also disclose and process your personal data according to applicable law to defend our legitimate interests, for example, in civil or criminal legal proceedings.
- Mergers and Acquisitions. If we decide to sell, buy, merge, or reorganize our businesses in certain countries, this may involve disclosing personal data to prospective or actual purchasers and their advisors, or receiving personal data from sellers and their advisors.
How do we address data quality?
We take all reasonable measures to ensure that the personal data we hold is up-to-date and to delete any personal data that is found to be incorrect or unnecessary. We will retain your personal data only as long as necessary to fulfill the purposes described in this Statement or as otherwise communicated to you, unless a longer retention period is required by law.
We encourage you to access your account periodically to review your personal data to help us keep it up to date.
What measures are taken to protect your Personal Data?
Confidentiality and security are of utmost importance in how we create and provide our products and services. We have assigned specific responsibilities to address issues related to security and confidentiality. We enforce our internal policies and guidelines through a selection of appropriate activities, including proactive and reactive risk management, security and privacy engineering, training, and assessments. We take appropriate measures to address the risk of online security, physical security, data loss, and other risks, considering the risk represented by the processing and the nature of the data being protected. We also limit access to our databases containing personal data to authorized personnel who have a justified need to access this information.
How do we use Cookies?
A "cookie" is a small text file containing data that is saved on a terminal (computer, tablet, smartphone, etc.) when you browse a website. We use cookies, web beacons, and other similar technologies to operate and improve our Website and our Application.
Below is a list of the cookies we use:
Provider | Cookie name | Category | Purpose | Lifespan |
Fifteen | session | Functional | Keep the user logged into their account for secure and authenticated navigation | 7 days |
Clarity | _clck _clsk | Analytics | These cookies are used by Clarity to gather statistical anonymous information on the use of Control. | 1 year 1 day |
Clartiry Third party (Microsoft) | ANONCHK CLID MR MUID NID SM SRM_B | Advertising | Using Clarity induces third party advertising cookies placed by Microsoft under several domains (google, bing, clarity) | 10 min 1 year 7 days 360 days 6 months Session 6 months |
Axeptio | axeptio_all_vendors axeptio_authorized_vendors axeptio_cookies | Preferences | List of third-party applications referenced in Axeptio. Axeptio is a consent management tool | 7 days |
How can You manage/delete these Cookies?
All major internet browsers allow you to manage the cookies installed on your computer or mobile device.
If you do not want our Website to place cookies on your computer or mobile device, you can easily limit or delete them by adjusting the settings of your browser or mobile device. Additionally, you can set up your computer or mobile device to send you a notification each time a cookie is placed on your computer or mobile device, allowing you to decide whether to accept it or not.
We alert all new users with a banner specifying that cookies are used on our website. It is possible to accept or refuse them at this time. You can reset your choice at any time by clicking here. The cookie consent banner will be displayed again upon your next login.
What Are Your Rights?
You have the following rights regarding the personal data we use about you:
- Access. You have the right to know the personal data we hold about you and to obtain a copy of it.
- Data Portability. Subject to the law, you have the right to obtain in a machine-readable format the personal data you have provided to us.
- Rectification. You have the right to request that any incomplete, incorrect, or outdated personal data about you be rectified.
- Erasure. You have the right to request the erasure of your personal data when it is no longer necessary for the purpose for which it was collected, if you have withdrawn your consent to processing, if you oppose it in accordance with data protection regulations, if the processing is unlawful, or if a legal obligation requires its erasure.
- Withdrawal of Consent. You have the right to withdraw the consent you have given us to use your personal data.
- Objection. You have the right to object to the processing of personal data if it is based on the performance of a public interest task or the exercise of official authority, or on a legitimate interest pursued by us, for reasons related to your particular situation. You can also object at any time to processing carried out for direct marketing purposes.
- Restriction. You have the right to request the restriction of processing of personal data when you dispute the accuracy of the personal data subject to processing, if the processing is unlawful and you oppose the erasure of your personal data, if you deem it necessary or if you have objected to the processing, pending our verification of the legitimacy of our interests.
- Post-Mortem Directives. You also have the right to define instructions regarding the retention, erasure, and communication of your personal data after your death.
If you wish to exercise any of your rights, you can let us know by contacting us at the contact email address. If you are still not satisfied, you also have the right to file a complaint with a competent supervisory authority, namely, for France, the National Commission on Informatics and Liberty (CNIL) - 3 Place de Fontenoy, 75334 Paris Cedex 07.
How long do We retain Your Personal Data?
We will retain your data for a period that does not exceed what is necessary for the purposes set out in this Statement.
If your data is no longer necessary for the purposes outlined in this Statement, it will be regularly deleted or anonymized, unless it is necessary to keep it longer:
- To comply with legal, accounting, and tax retention obligations: For 10 years.
- For the preservation of evidence during the applicable limitation periods: For 5 years.
- For commercial prospecting purposes: For 3 years from the end of our contractual relationship with you or from our last contact with you.
Furthermore, if we notice that your user account has not been used for more than 2 years, we will delete your personal data.
What are the access permissions required by the Application?
For you to register and use the Fifteen Control Service, it is necessary that you grant the following permissions to the Application to allow us to collect the necessary data:
- Camera: Permission is required to scan the QR Code identifying the bike.
- Location: Permission is necessary to locate you on the map (MapBox), indicate the position of nearby bikes, and how to access them.
- Bluetooth: Permission is necessary to establish and maintain the connection between the user's phone and the bike, enabling the proper use of the Fifteen Control Service.
Modification of the Statement
We reserve the right to modify this Statement at any time, with or without notice. However, if our Statement is modified, you will be notified by email so that you can become acquainted with it.
Contact
If you have any questions or requests regarding this Statement or generally about how we process your data, you can contact us at the following email address: donnees.personnelles@fifteen.eu or contact our data protection officer at the following email address: dpo@mobivia.com.