Privacy Policy
(“Privacy Policy”)
1.Preamble
Protection of privacy is paramount to us. In the course of using our Enectiva Application, specific natural persons, whether acting as direct Users or as representatives of Users, entrust us with their personal data. We wish to ensure it is clear that we handle such data responsibly, transparently, and in full compliance with legal regulations, including but not limited to Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (General Data Protection Regulation) (hereinafter the “GDPR”).
This Privacy Policy provides an overview of what personal data we collect in connection with the use of the Enectiva Application, the purposes for which such data is required, how it is utilized, and the measures taken for its protection. Furthermore, this document sets forth the rights vested in data subjects regarding the processing of their data and the procedures for exercising such rights.
This Privacy Policy constitutes an integral part of the General Terms of Service for the Enectiva Application (hereinafter the “Terms of Service”). All capitalized terms used herein shall have the same meaning as defined in the Terms of Service.
2.Scope of This Privacy Policy
This Privacy Policy applies to the use of the Enectiva Application across all interfaces and platforms.
3.Controller of Your Personal Data
The Controller of your personal data in connection with the use of the Enectiva Application is the Provider. For the purposes of this Policy, the Provider shall also be referred to as the “Controller”, or alternatively as “we”, “us”, “our”, etc.
4.Categories of Personal Data Collected
Enectiva Application primarily serves the purpose of collecting metering data and building-related information. However, in order to duly provide the Enectiva Application and ensure its full functionality, we collect and process selected personal data of the User or the User’s representatives, e.g. employees, (hereinafter referred to as “Personal Data”), particularly in connection with the operation of the User Account. This includes the following Personal Data:
| Personal Data Category | Description |
|---|---|
| Identification Data | Information enabling the identification of a natural person, including but not limited to, first name and surname. |
| Contact Data | Information used for communication purposes, such as an email address or telephone number. |
| Device Information | We also collect data regarding the devices used to access the Enectiva Application. This includes, without limitation, the IP address and information about the device itself, notably its model, type, operating system version, and the version of the Enectiva Application being utilized. |
5.Purpose of Use of Your Personal Data
The Personal Data that we process pursuant to the section above is processed for the purposes described below:
| Purpose of Processing Personal Data | Personal Data Category | Legal Basis |
|---|---|---|
| Facilitating the proper use of the Enectiva Application, e.g. creation and configuration of the User Account, and communication between you and the Controller. | Identification Data; Contact Data; Device Information | Art. 6(1)(f) GDPR, where processing is necessary for the legitimate interests of the Controller in duly providing the Enectiva Application. Art. 6(1)(a) GDPR, where consent is required by the nature of the Personal Data or applicable legal regulations. |
| Monitoring the performance of our products and their continuous improvement, e.g. analysis of the manner in which the Enectiva Application is utilized. | Identification Data; Contact Data; Device Information | Art. 6(1)(f) GDPR, where processing is necessary for the legitimate interests of the Controller in progressively improving the Enectiva Application. Art. 6(1)(a) GDPR, where consent is required by the nature of the Personal Data or applicable legal regulations. |
| Compliance with the legal order, fulfillment of the Controller’s obligations, and protection of the Controller in connection with the exercise of the Controller’s rights or the assertion of alleged claims against the Controller. | Identification Data; Contact Data; Device Information | Art. 6(1)(c) GDPR, where processing is necessary for compliance with a legal obligation to which the Controller is subject. Art. 6(1)(f) GDPR, where processing is necessary for the legitimate interests of the Controller in complying with legal regulations and protecting itself within potential judicial or other proceedings. Art. 6(1)(a) GDPR, where consent is required by the nature of the Personal Data or applicable legal regulations. |
6.Sharing of Your Personal Data
For the purpose of providing the best possible user experience, we may share your Personal Data with other users or third parties. The specific reasons for sharing your Personal Data are set forth below:
| Recipients of Your Personal Data | Type of Shared Personal Data | Reason for Sharing |
|---|---|---|
| Partners of the Controller and persons providing services or other performance to the Partner | Identification Data; Contact Data; Device Information | We share data with our suppliers and partners who assist us in operating the Enectiva Application. These may include persons providing services, particularly in the fields of analytics, hosting, software services, customer relationship management, legal consultancy, security, and similar areas. These partners act as processors of your Personal Data, while the Controller remains the controller of your Personal Data. They may therefore process your Personal Data solely in accordance with our instructions and for our purposes. |
| Public authorities or bodies empowered to decide on the rights and obligations of persons | Identification Data; Contact Data; Device Information | We may share your Personal Data with public authorities for the purpose of fulfilling the Controller’s statutory obligations. |
| We do not share your Personal Data with any entities outside the European Economic Area, except in cases where such disclosure is required by legal regulations. | ||
7.Retention Period of Your Personal Data
We will generally process your Personal Data for as long as necessary to fulfill the purposes set out above. Unless otherwise required by applicable law or a specific provision, e.g. contractual, we retain your Personal Data for a maximum period of 5 years from the deactivation or termination of your User Account, in particular for the purpose of protecting our rights in the event of potential disputes or claims.
Where applicable law requires certain Personal Data to be retained for a specified period, we will retain such Personal Data at least for that period.
Where there is a reasonable likelihood that we will need your Personal Data for any of the purposes set out above, e.g. in connection with the assertion or defense of legal claims, we will retain such Personal Data until the relevant reason for its retention no longer exists.
8.Your Rights
Below, we provide an illustrative overview of the rights to which you are entitled in relation to your Personal Data. Should you have any questions regarding any of your rights or their exercise, please do not hesitate to contact us using the contact details set out in Section 9 of this Privacy Policy.
| Selected Right | Method of Exercise |
|---|---|
| Right to request access to Personal Data and data portability | You may view and review selected Personal Data processed by us directly within your User Account settings. You may obtain a copy of your Personal Data managed by us by contacting us via the methods specified in Section 9 of this Privacy Policy. |
| Rectification or modification of Personal Data | You may personally modify or rectify a significant portion of your Personal Data directly within your user profile. Should this not be possible or should you require assistance, please contact us via the methods specified in Section 9 of this Privacy Policy. |
| Erasure of Personal Data | You may personally delete selected Personal Data directly within your User Account, without prejudice to Section 7 of this Privacy Policy. Furthermore, you have the right to terminate your User Account, created in connection with the use of the Products, at any time. You may contact us regarding the right to erasure of Personal Data via the methods specified in Section 9 of this Privacy Policy. |
| Withdrawal of consent | Any consent granted to us for the purpose of processing selected Personal Data may be withdrawn at any time by contacting us via the methods specified in Section 9 of this Privacy Policy. This is without prejudice to our right to process selected Personal Data on other lawful grounds where applicable legal regulations so permit. |
| Restriction of processing and the right to object | You have the right to request the restriction of processing of your Personal Data or to object to the processing of your Personal Data. To exercise these rights, please contact us via the methods specified in Section 9 of this Privacy Policy. |
| Right to lodge a complaint with a supervisory authority | You have the right to lodge a complaint against the procedures of the Controller with the competent supervisory authority. Further information can be found in Section 10 of this Privacy Policy. |
9.Contact Details
The Controller may be contacted regarding any matter, including the exercise of your rights related to your Personal Data, via one of the following methods:
By Email: At the address info@enerfis.cz
By Data Message System: at data message ID 66q5tax
By Post: To the address of the Controller’s registered office, i.e., Viktora Huga 359/6, Smíchov, 150 00 Prague 5. For more expeditious processing of your inquiry, we recommend utilizing one of the aforementioned electronic contact methods.
10.Complaint to the Competent Public Authority
Should you believe that the processing of your Personal Data or any other action on our part in connection with your Personal Data constitutes a violation of legal regulations, we would appreciate it if you would first address such matter with us. We will exert our best efforts to resolve your concern to your satisfaction. You do, however, inherently possess the right to lodge a complaint with a supervisory authority.
If you reside within the European Union, you may lodge a complaint directly with the authority in the Member State where you have your habitual residence, place of work, or where the alleged infringement concerning the handling of your Personal Data occurred. A list of the competent authorities for individual Member States is available at https://www.edpb.europa.eu/about-edpb/about-edpb/members_en. For the Czech Republic, the competent authority is the Office for Personal Data Protection (Úřad pro ochranu osobních údajů), with its registered office at Pplk. Sochora 27, 170 00 Prague 7. Details regarding the registry and electronic registry can be found at https://uoou.gov.cz/kontakt/podatelna-a-elektronicka-podatelna.
11.Amendments to This Privacy Policy
This Privacy Policy may be amended from time to time subject to the conditions set forth in Article 7 of the Terms of Service.
In the event that this Privacy Policy conflicts with the legal order, specifically with regulations governing personal data protection, this Privacy Policy shall be deemed automatically amended to the extent necessary to ensure compliance with the legal order.