Schedule a meeting
Your privacy is very important to us! In this statement we will provide you with all information regarding our use of personal data and your rights.
For further inquiries, please contact firstname.lastname@example.org.
In order to provide you with data-services, we need to collect and process personal data.
This equals information that is related to an identified or identifiable natural person and that allows a link between one or more data-pieces and a natural person.
With Eneos, we are committed to making sure that your personal data is kept confidential.
We confirm that we are in regulation with the General Data ProtectionRegulation (EU) 2016/679 law, applicable as of May 25th, 2018.
1. What data do we collect and how?
In order to improve our services and content, we collect the following information: information about your device (operating system, browser type, screen resolution), your geographical location (in order to detect your preferred language and offer local content) and your IP-address (in case of error logging).
All Eneos related websites are connected to Google Analytics. This tool collects the above mentioned data and aggregates it into statistical(non-personal) insights about the use of our websites.
If you contact us through our website, we collect the data you choose to provide: name, email, company, country, telephone number, message. This makes sure that we can deliver a high quality customer service and response to your inquiry.
If you choose to subscribe to our newsletters, we hold on to your email address, until you choose to opt-out.
Data we collect not only helps us to deliver a high quality service and personalised user experience on a daily basis, it is also essential for you, asa user, to get the most out of Eneos.
The collected information is primarily used to maintain a proper technical functioning of the platform and ensure a high level of security of your data and files.
We need the following information: your name, email and password (which will be encrypted and never stored as plain text) to identify you. We also hold on to all other information either provided by you or your company (e.g.address, company, IBAN, VAT, …).
This information is either given by you during registration for our services or by the admin that invited you to sign up to the Eneos API.
As a registered user, if you do not object to it at the time of collection, we may also use your information for our own marketing and promotional purposes. For example, we may use it to send you newsletters, special offers, and promotions, or to otherwise inform you about important updates to our platform and services.
2. Why do we collect personal data?
In order to clearly inform you about why and how we collect personal data, it is important to know the difference between a data controller and a dataprocessor:
- A data controller is a person or business who determines the purposes for which, and the way in which, personal data is processed.
- A data processor is anyone who processes personal data on behalf of the data controller.
Eneos is a data controller only for the processing of personal information for its own purposes. This involves improvement of our online services, customer support and management, invoicing and marketing.
An overview of why we collect data:
- Security: identification of users. We need to guarantee that our users have access to their own private account on our platform (and theirs alone).
- Personalised experience: all kinds of settings (e.g.: layout and language), content related to your location or preferences, personalised support.
- Personalised marketing offers.
- Improving our services by learning how you access and use our services.
- Analyse data for statistical reporting. In this case, data is not linked to your personal information.
We collect personal information because you have either:
- contacted us through our website
- signed up for our services
- given consent by opting-in
3. Where do we store data and how do we protect it?
All data that is collected by and processed by Eneos is stored on theGoogle Cloud Platform, with servers based in Belgium.
Google Cloud Platform offers a high level of security that has earned them multiple certifications:
- ISO 27001 is one of the most widely recognized, internationally accepted independent security standards;
- ISO 27017 is an international standard of practice for information security controls based on ISO/IEC 27002, specifically for cloud services;
- ISO 27018 is an international standard of practice for protection of personally identifiable information(PII) in public cloud services.
- Google Cloud Platform is compliant with the General Data ProtectionRegulation (GDPR).
4. How long do we keep your data?
Eneos holds on to your data as long as your account is active or as long as it is necessary to provide you with certain services (see above mentioned reasons). If you no longer make use of our services, we keep your data for one more year in case you would like to reinstate your account.
We might also have to extend the storage of your data if there are legal obligations, e.g.: to prove that you used our services or for tax reasons.
You have the right to ask us to delete your personal information. You’ll find more information about this and your other rights under art. 6: “What are your rights?”.
5. Who do we share your data with?
It’s simple: we do not sell or rent out your personal data. The sole purpose of every piece of information we collect is for internal use. It helps us to improve our services and it makes sure that you can make use of those services in a secure way.
We do, however, make use of some third party data processors for the following reasons:
- Customer relationship management
- Accountancy and payments
- User support (e.g. website help desk)
- Analytics about the usage of our website
These external services are carefully selected by Eneos to guarantee that your personal information safe. This means that they cannot use your data in any other way than to carry out the service they are providing us. Under theGeneral Data Protection Regulation (EU), each external data processor we use, must operate under the same regulations, as of May 25th 2018.
6. What are your rights?
Right to access
You have the right to obtain from us confirmation as to whether or not we are processing personal data concerning you. If that is indeed the case, you have the right to access that data and the following information:
- the purposes of the processing
- the categories of personal data concerned
- the recipients or categories of recipient to whom the personal data have been or will be disclosed
- the envisaged period for which the personal data will be stored
- the existence of the right to request rectification or erasure of personal data or restriction of processing of personal data or to object to such processing
- the right to lodge a complaint with a supervisory authority
- where the personal data are not collected from the data subject, any available information as to their source
- the existence of automated decision-making, including profiling, referred to in Article 22(1) and (4) in the GDPR.
Right to object
You have the right to object at any time to the processing of your personal data in its entirety or specific subsets or for specific reasons. This includes the use for marketing with or without automatic profiling. We will immediately stop processing your personal data and/or stop sending you direct advertising, unless the storage of your information is necessary for legal reasons (which we will then communicate).
Right to correct or delete
You can ask us to correct, complete inaccurate personal data. We confirm that we will rectify this information without undue delay. You also have the right to request the erasure of personal data without undue delay, unless we need to store your information for compliance with a legal obligation which requires processing by Union or MemberState law to which the controller is subject or for the performance of a task carried out in the public interest or in the exercise of official authority vested in the controller; the establishment, exercise or defense of legal claims.
Right to transfer
It is possible to receive your personal data in order to transfer it to another data controller. We will provide this data to you in a structured, commonly used and machine-readable format. If preferred, you can ask us to transmit the data directly to another controller, where technically feasible.
If you would like to exercise any of these rights, please contact: email@example.com
The company responsible for all Eneos related websites, services and platforms is:
7. Updates to the Privacy Statement
The way we offer you the application and its related services remains subject of constant changes as we are continuously evolving. We may amend thePrivacy Statement from time to time in order to meet changes in the regulatory environment, business needs, to satisfy the needs of our customers, users, visitors or service providers or to reflect new innovative features and services. These new developments remain within our original objectives.
Updated versions will be posted to our web site and date stamped so that you are always aware of when the Privacy Statement was last updated.
As Eneos is constantly growing and evolving, we might update our PrivacyStatement from time to time in order to stay compliant to the General DataProtection Regulation (EU).
Changes will remain within the same scope as our original objectives. If you are a user of Eneos and there would be a drastic change in our policy or data processing, we will provide you with this information in a direct manner.
Renewed versions of the Privacy Statement will be posted on our website with a date stamp so that you are always aware of when the statement was last updated.
Important: In the unlikely case of a data breach with a high risk to your rights and freedoms as a data subject, we will contact you personally.
Last update: 02/04/2021