Latest update: 10 OCTOBER 2019

As an entity of the Somfy Group, SIMU SAS complies with the data protection policy currently in force within the Somfy Group, described below.

At Somfy, we wish to become and remain your preferred partner in your exploration and experience concerning smart home solutions and the related products and services. We have high regard for the trust you place in us and we are committed to complete transparency in the way in which we collect, use and protect your personal data. We recognise your need to have reasonable control over your personal data, and we undertake to implement mechanisms, procedures and policies which guarantee the confidentiality, integrity and security of your personal data throughout the duration of its life cycle.

The Somfy Group has appointed a Data Protection Officer (DPO) who will ensure that our activities are performed in accordance with the applicable laws.

This data protection policy (“Policy”) informs you what you can expect when we collect and use personal data, i.e.

• Who is concerned by this Policy?
• Who is responsible?
• How do we collect your personal data and what personal data do we process?
• What do we do with your personal data?
• Who receives your personal data?
• How is your personal data protected?
• Data retention
• International data transfers
• Your rights
• Amendments to the current Policy
  

We invite you to read our Policy carefully and acquaint yourself with its content.

• Who is concerned by this Policy?

This Policy applies when you visit our websites, when you send forms from our websites, when you interact with us with a view to establishing a business relationship, throughout our business relationship, when you use the technology we provide or when you log into some platforms or other solutions which we may supply or make available to you.

This Policy does not apply to Somfy employees or to job applicants, who may refer to our data protection policy on our careers website

• Who is responsible?

The legal entity responsible for the personal data collected from you is the entity which determines how, when and why it collects and uses your personal data (the “Controller”).

The identity of the Controller depends on who you are:

• If you are a visitor to one of our websites (a person who simply consults pages on our website), the Controller is the Somfy entity presented on that website.
• If you are a customer or supplier, the Controller is the legal entity managing your business relationship with Somfy. The relevant information can be consulted on the invoice or purchase order you receive or in the contract you have signed with Somfy.

For any other private individual, except for employees working on Somfy sites, the Controller is the legal entity managing your relationship with Somfy. The relevant information can be consulted in the contract you have signed with Somfy or can be obtained from your usual contact at Somfy.

• How do we collect your personal data and what personal data do we process?

Personal data concerns data which can be attributed to you personally.

We collect personal data directly from you (a), and also indirectly through other sources (b) for example when you browse Somfy websites or when you subscribe to our content on social media.

Regardless of whether we collect your personal data directly or indirectly, we undertake only to process personal data in a manner which is adequate, relevant and limited to the purposes for which we collected it.

Data collected directly from you

We may collect and use personal data which you send during your interactions with our services.

This data may include:

• your title;
• your full name;
• your contact details;
• your role within your company;
• the products and services you or your company are interested in;
• your opinion and preferences concerning a product;
• your preferences with regard to communication;
• your comments concerning our services.

We also collect information you provide when you do business with us, when you subscribe to one of our services, when you fill in contact forms or when you create accounts on any of our websites, when you contact our customer team or our press relations team, during trade fairs or other events you attend.

In these cases, the data we collect (in addition to the above-mentioned data) includes:

• your customer number;
• your bank details;
• your credit card numbers;
• your signature;
• your date of birth;
• any photos you provide;
• any location data you decide to share with us.

The other information collected when you use our products and related applications may include:

• the date of your subscription;
• your email address;
• your cloud ID;
• your IP address;
• your mobile phone number;
• various information collected from your control device, including log files, information concerning peripherals, network information and, depending on the services you have chosen, location data or biometric data.

We may process the following personal data which is attributable to you as a visitor of one of the premises of a Somfy Group entity:

• name;
• company;
• host name;
• ID card number;
• vehicle registration number;
• the date and
• time of arrival and departure at our premises.

Indirectly, via other sources

We also collect information concerning you indirectly, for example when you browse on Somfy websites or when you subscribe to our content on social media.

We may use cookies to improve your browsing experience on our websites. Cookies are small files which are stored on a user computer. They contain little specific data relating to a particular user or website.

We use the cookies which are strictly necessary to the functioning of our websites (e.g. analytical cookies which enable us to assess the use and proper functioning of our websites and thus improve the features).

If you do not wish to accept the use of cookies, you can change your internet browser settings so that the storage of cookies is automatically refused or so that you are informed each time that a website requests permission to store a cookie. If you opt not to accept cookies, our websites may not function properly.

Processing is based on our legitimate interest in gathering, monitoring and analysing activity on our website. However, you will also have to accept the processing of cookies as shown in the cookie banner when you enter our website.

We also use advertising cookies so that we can display advertisements which we think may interest you, either on our website or when you browse the internet in general. These cookies are mainly used to limit the number of times you see a particular advertisement and to help us assess the impact of an advertising campaign.

Refusing advertising cookies will not affect your user experience when you browse our websites.

From time to time, we may collect information concerning you from third-parties or from other publicly available sources such as information you make available on your company’s website or public registers such as the Trade and Companies Register.

• What do we do with your personal data?

We collect and use your personal data when necessary to negotiate or perform a contract with you, for example, to:

• manage and maintain our business relationship, including to create and maintain an account on our systems;
• manage your orders: e.g., for payments, to ship the end products or services and to inform you of the status of your order;
• supply services in accordance with our contractual agreement;
• provide customer services, e.g., to process any request you may have and to record and share such requests internally in order to respond more appropriately and improve our products and services in the future.

You are free to refuse to share personal data with us, but without this data we cannot negotiate or perform the contract.

We also collect and use your personal data when it is in our legitimate interest, e.g., to:

• analyse your feedback/comments and your opinions concerning our products or our services in order to constantly improve them and continue to develop them in the future;
• manage your requests when you contact the teams in charge of press relations or relations with investors via the contact form on our website, or when you use one of our channels intended to collect complaints;
• create statistics to improve our products or services;
• send you marketing information, newsletters and/or end user surveys concerning our activities and products or services which may interest you during our business relationship.

Based on our legitimate interest, we may also share your personal data with any company affiliated to the Somfy Group and also:

• with third-party service providers who assist us in our operations in accordance with the applicable data protection laws, including software suppliers, hosting or legal/fiscal consultation services, and transport or credit/debit card services;
• In case of merger, sale or acquisition of a structure.

We also collect and use your personal data with your consent. This data includes the data you decide to send us when you open an account with our organisation or in response to a specific request you send us, e.g., to:

• subscribe to one of our services or those of our partners, or to improve them;
• activate your SIMU device;
• receive marketing communications or newsletters concerning our activities, products or services.

Giving your consent for us to process your data in such circumstances is optional. However, in most cases, refusing to give your consent will prevent us from delivering all or part of the services to which you have subscribed.

On this occasion, we collect or process your data as required by the laws and regulations.

We do not sell your personal data to third parties.

• Who receives your personal data?

We only share your personal data in compliance with the stipulations of this Policy and therefore principally with our employees in the various departments and possibly with other entities in the Somfy Group, solely for the following purposes: customer management, central administration of relations with customers and suppliers and to streamline Somfy business transactions. This personal data is shared based on the legitimate interest of the Somfy Group and on maintaining an efficient business structure.

When we share your personal data with third parties as set out in this Policy (e.g., for shipping, financial transactions and software services), we ensure that these third parties provide sufficient guarantees to implement appropriate technical and organisational measures ensuring compliance with the applicable data protection laws.

• How is your personal data protected?

We implement a series of technical and organisational measures to secure your personal data and protect it against destruction, loss, alteration or unauthorised access.

Our personnel, agents and subcontractors who process your personal data have signed a confidentiality agreement or are bound by a confidentiality obligation or must comply with an appropriate regulatory confidentiality obligation.

We impose strict obligations in terms of security with regard to all third-party service providers in line with the stipulations of this Policy.

• Data retention

We keep your personal data for as long as necessary for each of the purposes set out above.

However, we may keep some of your personal data in order to comply with the applicable laws and regulations (e.g., for fiscal or auditing purposes) and in accordance with our internal data retention rules.

If it is no longer necessary to keep data which can still identify you, we may delete either delete it or render it anonymous, or aggregate it so that you can no longer be identified as a unique individual.

• International data transfers

We keep and process your personal data principally on servers located within the EU/EEA or in Switzerland.

However, our company operates internationally and we trust international service providers to assist us as part of our solutions at the global level. Your personal data may be transferred to a different country to that in which you live.

• Your rights

You can contact us via our DPO to exercise your rights relating to your personal data collected or used by us.

Your rights include your:

• right to access and rectify. You have the right to receive confirmation as to whether or not we are processing your personal data and in such case, you have the right to request a copy of your personal data we possess and you can rectify or supplement your personal data we possess at any time by contacting us. You can help Somfy to guarantee that your contact details and preferences are correct, complete and up to date by filling in an up-to-date contact form on any of our websites or by contacting our DPO at the following email address: privacy@simu.com with your corrections and updates;
• right to object and limit processing. You have the right to object to the use of your personal data by us for the purposes of prospecting at any time. In some circumstances, you can also limit our use of your personal data, e.g., when we take measures to correct incorrect data at your request;
• right to delete. We delete your personal data at your request unless we are obliged to retain your personal data in order to comply with the applicable laws and regulations and in accordance with our own data retention rules;
• right to check the cookies and other technologies on our websites. When you visit our websites for the first time, you are asked to consent to the use of cookies and other technologies.
  • You can manage your choices at any time using your browser settings. You can configure your browser to delete cookies from your hard drive, prevent new cookies from being placed or receive alerts so that no new cookie can be placed without your express consent. You can also configure your browser so that cookies are no longer automatically saved. However, please note that any changes to the cookies settings will affect the way you access our services and the website, which require cookies in order to be fully functional. If your browser is configured to refuse all types of cookie, you may no longer have access to all of our services. The following links show you how to configure your cookies settings in your browser:
  • If you use Internet Explorer:: https://support.microsoft.com/en-us/help/17442/windows-internet-explorer-delete-manage-cookies
  • If you use Firefox:https://support.mozilla.org/en-US/kb/enable-and-disable-cookies-website-preferences
  • If you use Google Chrome:https://support.google.com/chrome/answer/95647?co=GENIE.Platform%3DDesktop&hl=en
  • If you use Safari:https://support.apple.com/guide/safari/manage-cookies-and-website-data-sfri11471/mac

• right to withdraw your consent. When we process your personal data based on your consent, you can withdraw your consent at any time. However, this may mean that it will no longer be possible to supply the service you request;
• right to receive and transfer: You have the right to receive your personal data you have sent to us in a commonly used electronic format. You have the right to transfer the relevant data to a different controller (data portability);
• right to file a complaint. You can contact us if you deem that our use of your personal data does not comply with the measures set out in the applicable data protection laws. You also have the right to file a complaint with the data protection supervisory authority in your country or the country in which the controller responsible for your personal data is located.

Amendments to the current Policy

The date of this Policy is stated before the introduction paragraph above. We may amend this Policy at any time without notice, as long as these amendments do not contain any substantial changes which could affect the rights of individuals under the applicable privacy and data protection laws, in which case you will be informed of the relevant changes by a clearly visible information note at the start of this Policy.