In compliance with the laws and regulations related to data protection, we want to inform you about how we handle personal information on our website https://ecotree.green/. According to the provisions of Law No. 78-17 of January 6, 1978, which deals with data processing and individual privacy rights, and the Regulation (EU) 2016/679, known as GDPR, which focuses on safeguarding personal data and its movement, we aim to be transparent about our data practices. This page contains important details about how we process your personal information.
Personal data is any information that directly or indirectly identifies a person. It could be your name, your address, your telephone number, your date of birth or even the IP address with which you connect to the internet. Today, personal data is a valuable tool to provide you with the fast, efficient and personalized service you expect from us. In order to strengthen the trust between us, EcoTree is committed to protecting your personal data and respecting your privacy. This is why we've put together this page to inform you in a clear and transparent manner about the conditions under which we collect, process, store, archive and delete the personal data of our prospective customers, users and customers. You will also find a reminder of the rights you have over your data, as well as all the necessary information to exercise those rights. It is our responsibility as a partner to ensure you can remain in control of how your data is being used at all times.
To protect internet users against data leaks or the misuse of personal data, it is now mandatory for companies to keep visitors informed of all computer processing that is carried out using the collected data. Like all e-retailers, we collect data from our internet users and we work with several third-party providers, who therefore have access to part of our data. This data is essential in giving you the best possible experience on our site, to ensure that your order and customer support are both handled smoothly and efficiently. We have nothing to hide, we want to be as transparent as possible, so we'll tell you everything!
In strict compliance with current regulations, we mainly process four kinds of personal data:
• Declared data, i.e. data collected directly from you or from partners with whom we have a contractual link.
• Personal data related to the operation of products and services, generated in particular when using online services.
• Personal data from public information, such as a public profile on social networks.
• Personal data resulting from calculations or inferences we’ve made with the data that you have provided. For example, to conduct fraud risk assessments. We responsibly handle your personal data for a specific and useful purpose.
The data helps us streamline our activities, meet our legal obligations, and most importantly provide you with the most efficient service possible, wherever you are.
No ! And we never will! Some companies exchange customer files for commercial prospecting opportunities, but this is not the case at EcoTree. All collected data stays with us and will never be given, rented or sold to a third party.
Stored passwords are encrypted and cannot be decrypted. Your passwords are therefore safe.
For payments by credit or debit card, we work with the world leader in internet payment, Stripe, which guarantees your data’s security. We have no access to your bank card number. Stripe is certified to the highest industry standards and has obtained regulatory approvals worldwide.
Managing data from contact forms
• Purposes:
When you submit information through contact forms on the EcoTree website, we use it to process your requests. Some details marked with an asterisk (*) are mandatory, while others are optional. Please note that without the mandatory information, we may not be able to respond to your inquiries.
• Legal basis:
We process your data based on your consent. By providing your information through the contact forms, you agree to our use of it for the stated purposes.
• Data concerned:
The data we collect and process includes your first and last name, email address, telephone number, and the content of your requests.
• Retention periods:
We retain your data, along with the questions and answers you provide, for a period of one year from the date of your last request made through the form.
• Recipients:
Please be assured that the information you provide is intended solely for the authorized departments of EcoTree. We treat your data with confidentiality and ensure it is only accessible to the relevant personnel within our organisation.
Managing data from the EcoTree account
• Purposes:
EcoTree gathers personal information directly from you to manage registrations, re-registrations, and monitor the usage of our services.
• Legal basis:
We process this information based on our legitimate interest in providing and improving our services.
• Data concerned:
The data we collect and process includes your first and last name, email address, postal address, telephone number, date of birth, and IBAN (International Bank Account Number).
• Retention periods:
Your data is stored for one year after your account's validity period ends.
• Recipients:
The information you provide is strictly used by authorised personnel at EcoTree, legally authorised oversight bodies, and IT service providers who work on our network. We ensure that your data is handled securely and responsibly by these entities.
Managing newsletter data
• Purposes:
EcoTree collects personal information directly from you for the purpose of sending you newsletters.
• Legal basis:
We process this information based on your consent. By providing your details, you agree to receive newsletters from us.
• Data concerned:
The data we collect and process includes your first and last name, as well as your email address.
• Retention periods:
We keep your data on record until you decide to withdraw your consent. If you choose to stop receiving newsletters, we will remove your information from our mailing list.
• Recipients:
Rest assured that your information is solely intended for use by authorized departments at EcoTree, as well as IT service providers working on our network and the email service provider. We ensure that your data is treated with confidentiality and handled responsibly by these parties.
Managing data from cookies
• Purposes:
When you visit our website, EcoTree uses cookies to gather information on our audience, enhance your user experience, and provide personalised content. Some of these cookies may come from third-party services.
You have the option to prevent cookies from being stored on your device by adjusting your browser settings. Instructions on how to do this can be found on the French-English website CNIL.fr.
You can also change your cookie settings at any time by clicking here.
• Legal basis:
We process your information based on your consent, meaning we will only collect and use your data if you agree to it.
• Data concerned:
Depending on your browser settings, the cookies stored on your device provide us with specific information, including:
- Identifiers of the equipment you are using (such as your computer's IP address, Android identifier, Apple identifier, etc.),
- Type of operating system used by your device (like Microsoft Windows, Apple macOS, Linux, Android, iOS, etc.),
- Type and version of the browser software you are using (such as Microsoft Internet Explorer, Apple Safari, Mozilla Firefox, Google Chrome, etc.),
- Dates and times of your connections to our services,
- The Internet page from which you came to our website (referrer),
- Your browsing data on our services, including the content you viewed.
• Retention periods:
We keep this data for a maximum of 13 months. After this period, it will no longer be stored.
• Recipients:
The information collected is used exclusively by authorized departments at EcoTree and IT service providers working on our network. We ensure that your data is treated with confidentiality and responsibly by these entities.
Managing data from Social networks
• Purposes:
We provide various social networking pages on our website, such as Facebook, Twitter, Instagram, and LinkedIn. When you use these pages, the personal data we may access is subject to your own privacy settings on these social networks. EcoTree uses this data to interact with subscribers and other users of these social networks through public or private messaging.
EcoTree does not collect any data about you from cookies set by these social networks. Any statistical data from these cookies is only available to EcoTree in an aggregated and anonymous form, not linked to individual users. If you have questions or concerns about these cookies, please reach out to the social networks' services directly.
• Legal basis:
We process your data based on your consent. By using our social networking pages, you agree to how we handle your personal information as described.
• Data concerned:
The data we collect and process includes your first and last name, as well as the messages exchanged with EcoTree through the social networking pages.
• Retention periods:
We retain your data for as long as the EcoTree page exists on the respective social network, unless you exercise your right to erasure or object to the processing.
• Recipients:
Please note that publications and exchanges on these social networking pages may be accessible outside the European Union, as these platforms operate globally. Additionally, the data required for statistical purposes may be processed outside the European Union, in accordance with the data management policies implemented by the social networks themselves.
You can easily update most of your information by accessing your customer area on our website. However, if you encounter any difficulty or cannot find what you need, you have the option to get in touch with our Data Protection Officer at EcoTree.
To do so, you need to provide proof of your identity. You can contact the Data Protection Officer either by email at dpo_ecotree@actecil.fr or by sending a letter to the following address: EcoTree DPO - 38 quai de la Douane 29200 Brest - France.
Our precisely defined retention periods are designed to match the amount of time necessary for proper data processing (and don’t exceed it). To determine each retention period’s duration, we took into account:
• The different purposes for which this data is collected.
• The people concerned in the collection.
• Compliance with legal, regulatory or professionally recognized obligations to which we are bound.
We have also taken organizational measures, by forming teams dedicated to the issue of information security.
More generally, we ensure all our employees are aware of personal data protection and that they comply with the regulations in force as well as the ethics of our company.
Our Data Protection Officer (DPO) ensures compliance with regulations on the protection of personal data within EcoTree. They inform and advise EcoTree’s CEO on all matters relating to the protection of personal data. They are also the contact person for the CNIL, our supervisory authority, for any question relating to the management of personal data.
We choose subcontractors or service providers who offer a high level of guarantee on the implementation of appropriate technical and organizational measures. This helps us ensure the processing of your data meets the requirements of the personal data protection regulations in force. If we notice an incident with an impact on personal data, we ensure, according to the framework imposed by the regulations, to immediately notify the French "National Commission for Information Technology and Freedoms" (French acronym CNIL) and inform the people concerned.
Our prospects, customers and other actors working with us (in particular on IT security monitoring) may also contribute to maintaining our level of security with regard to personal data. We urge them to respect the recommended rules and to inform us of any anomalies they may encounter.
Finally, you too can and should be an actor in the protection of your personal data. In terms of personal data, be aware that you have a series of dedicated rights, such as:
• A right of access, rectification, opposition, limitation, erasure and portability of your personal data.
• A right to define instructions concerning the storage, erasure and communication of your personal data, after your death.
• A right of complaint to the CNIL.
If EcoTree makes any changes to this policy due to legal or regulatory requirements, the updated version will be published on our websites and will take effect immediately upon publication. We encourage you to check this policy each time you visit our websites to stay informed about the latest version, which will always be available on our websites.
