EcoStruxure IT Privacy Notice
1. Who is in charge of data processing?
2. What types of personal information do we process?
- Contact information
- Professional information (company name, company address, work phone number, work email address)
- Identification information, such as name, country, username
- Technical information (information about devices you use, such as their identifiers, model and version)
- Technical information about the devices you set up the system to monitor (device log, device IP address, device name, device type)
- Location tracking inside a geofence area, if you opt-in.
- Like any system, connections are logged for security purposes.
In cases where your account is managed by someone else (such as an administrator or employer), they may provide data on your behalf.
3. Why do we collect and use personal information?
We do not make decisions based solely on automated processing which may produce legal effects or similarly affect you.
4. How long do we keep your personal information?
We keep information as needed to perform the purposes described above, taking into consideration the need to provide the services, marketing requirements, security requirements, legal requirements and statute of limitations. Location information is not kept but only displayed in real time if used.
For marketing purposes, we keep relevant customer information for three years after the end of our relationship or since the last interaction with us.
5. Who do we share personal information with and where is it processed?
We do not sell your personal information.
Personal information will be processed by our affiliates and suppliers involved in the provision of the services and in the performance of the purposes. Their activities include hosting and maintenance, performance monitoring and security. As we are a global company, teams and suppliers may have global or multi-country roles, and they can be located anywhere in the world, in countries with different privacy standards than the country of our customers. We take measures to ensure that personal information receives an adequate level of protection.
We have internal policies applied by our affiliates and we conclude relevant contracts with our suppliers to ensure appropriate safeguards. Our group has adopted Binding Corporate Rules (BCR). In addition, we conclude Standard Contractual Clauses and rely on EU Commission’s adequacy decisions. To obtain more details and copies of safeguards put into place, you may contact firstname.lastname@example.org.
We may also share your information, as necessary:
- with competent authorities, based on a good faith belief that disclosure is necessary to respond to a judicial process, a valid official inquiry, or if otherwise required by law;
- to defend our legal rights, or to protect the rights or safety of any person or entity;
- as instructed by you, our customer or the user;
- with third parties in the context of reorganization of operations.
6. How do we secure personal information?
We follow generally accepted industry standards to protect the information submitted to us, both during transmission and once we receive it. We maintain appropriate administrative, technical and physical safeguards to protect information against accidental or unlawful destruction, accidental loss and unauthorized alteration.
Please note that no method of transmission over the internet, or method of electronic storage, is 100% secure. Therefore, we cannot guarantee absolute security.
7. How to exercise your choices and rights about your personal information?
In order to exercise the data protection rights granted under applicable data protection law, such as the rights to be informed, to access, to rectify, to withdraw consent, to request restriction or erasure, the right to object and data portability, you may make a request at the contact details available within the application or at email@example.com. To ensure the security of your personal information, we may ask you to provide other details to verify your identity.
8. How to contact us?
You may address questions or comments about our privacy practices or this privacy notice to our Group Data Protection Officer (Group DPO):
DPO Schneider Electric
35 rue Joseph Monier
92506 Rueil Malmaison
If you believe that Schneider Electric has processed your personal information in violation of applicable law, you may file a complaint with the Group DPO at the contact details above or with a supervisory authority.
9. Changes to this privacy notice
Please note that this privacy notice may change from time to time. We will provide information about material changes.
Last updated: February 2021