Privacy policy
(Mobilize Charge Pass service)
PART 1 : Who processes your personal data?
This personal data protection policy, together with any document referred to herein, details the conditions under which RCI Banque SA, (trade name: Mobilize Financial Services) a public limited company with capital of 100,000,000 euros, having its registered office at 15, rue d'Uzès, 75002 Paris, SIREN 306 523 358 R. C.S. Paris (hereinafter referred to as ‘we’ or ‘Mobilize Financial Services’), as data controller, carries out the processing described below of the personal data of any user of the Charge Pass service, hereinafter referred to as ‘you’.
We process your personal data in compliance with the principles laid down by the regulations applicable to the protection of personal data, and in particular Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of individuals with regard to the processing of personal data and on the free movement of such personal data, and Law No. 7817 of 6 January 1978 on information technology, files and freedoms, as amended (hereinafter together the ‘Personal Data Regulations’).
This policy may change in accordance with the applicable legal and regulatory context or as a result of developments in our business, and in particular the products or services we offer you.
PART 2 : What categories of personal data do we process?
When using this application, we collect the following categories of personal data:
- identification data: title, surname, first name(s), billing address, delivery address, e-mail address, telephone number;
- vehicle identification data: VIN, licence plate number ;
- economic and financial data: means of payment, income, IBAN, etc.
- connection data: log, cookies, IP address, etc.
- location data: movements, GPS data, etc.
PART 3 : For what purposes do we process your personal data?
Depending on the context in which your personal data is collected, we may use your data to :
Purpose of processing | Description of treatment | Legal basis | Shelf life |
Management of the application
|
• Manage your Mobilize Charge Pass service user account in the My Renaultn My Dacia or My Alpine Application
| The performance of a contract involving the User or the performance of precontractual measures taken at the User's request | Retention of data until the end of the contract OR Data retention 2 years after inactivity |
Managing regulatory obligations |
identify fraud
| RCI's legitimate interest | Contract duration extended by 5 years |
User consumption management |
My Alpine application
| The performance of a contract involving the User or the performance of precontractual measures taken at the User's request | Contract duration extended by 2 years |
Commercial relationship management |
| RCI's legitimate interest | Contract duration extended by 2 years |
Billing management | • Carry out invoicing | Legal obligations in tax and accounting matters | Our legal or regulatory obligations to comply with data retention obligations under tax and commercial law (up to 10 years after the end of the contract)
|
PART 4 : Who will receive your data?
In order to achieve the purposes described above and only to the extent necessary for the pursuit of those purposes, the personal data we collect may be transmitted to some or all of the following recipients:
1. Within Mobilize Financial Services :
- Internal departments authorised to manage the commercial relationship. All persons responsible for placing, managing and executing contracts and orders.
- Internal departments in charge of marketing, customer relations, complaints, canvassing, administration and IT;
2. Within the Mobilize Financial Services group :
We may share your personal data within the Mobilize Financial Services group of companies in accordance with the intra-group agreement between the Mobilize Financial Services group of companies and subject to your consent where required by law.
- Mobilize Financial Services Group entities in charge of marketing, customer relations, complaints, prospecting, administrative services, IT services, etc.
- The Mobilize Financial Services Group entities responsible for the centralised management of our clients' databases
- Any other entity of the Mobilize Financial Services Group whose intervention may be necessary to carry out the processing carried out in accordance with this policy.
3. Outside the Mobilize Financial Services group :
We may share your personal data with other companies in the Mobilize Financial Services group:
- It may be communicated to subcontractors for the purposes set out in this privacy policy. These operations are carried out on the basis of instruments that comply with the applicable regulations and are capable of ensuring that your rights are protected and respected.
- In other cases, we may share some of your personal data with partners, who will use it for their own purposes. These partners then act as data controllers and their personal data processing policy applies to the shared data. We will ensure that we ask for your consent to such sharing where required by law, or at the very least allow you to object.
- Renault SAS: In accordance with the intra-group contract between Renault group entities: https://www.renaultgroup.com/information-sur-la-protection-de-vos-donneespersonnelles/ o Ionity : https://privacy.ionity.eu/privacy-statement-for-ionity-websites
- FlowBird : https://flowbird.fr/legal/terms-of-service/
- Parclick: https://parclick.com/conditions?_ga=2.75830226.65737929.16796494621019975149.1652802296 o PlugSurfing : https://plugsurfing.com/legal/terms-of-use/
- WorldPay : https://www.fisglobal.com/en/terms-of-use
• Finally, we may communicate your personal data to third parties in order to comply with any legal obligation or administrative or judicial decision.
PART 5 : Is your data transferred outside the European Union?
Wherever possible, your data is processed in the European Economic Area (EEA). However, as some of our service providers or their subcontractors are located in countries outside the EEA, your personal data is processed in those countries. Some of these countries may have regulations on personal data that differ from those of the European Union. In such cases, we take particular care to ensure that this transfer is carried out in compliance with the applicable regulations and put in place guarantees ensuring a level of protection of your privacy and your fundamental rights equivalent to that offered by the European Union (in particular by using the European Commission's Standard Contractual Clauses).
We can provide you with more information about these transfers (including the European Commission's standard contractual clauses) on request to the address given in the ‘7. What are your rights’ section.
PART 6 : How is your data secured?
Your personal data is stored on secure servers. We implement, and require from our subcontractors and partners, appropriate security and data protection measures in line with the latest technologies.
Where the processing of personal data involves its transfer, we ensure that this transfer takes place under appropriate conditions guaranteeing a sufficient level of protection, security and confidentiality.
When you create a digital account, you must enter a password that complies with our security standards and forms part of our confidentiality policy. It is your responsibility to keep it secret.
PART 7 : What are your rights?
You have a number of rights under the regulations on the protection of personal data:
- A right to withdraw your consent at any time, for the purposes for which we have collected your consent,
- A right of access to your personal data,
- A right of rectification, should your data prove to be incorrect or out of date,
- A right to erasure (or the right to be forgotten) of your personal data, which may be limited in the light of our contractual or legal obligations,
- A right to request the restriction of the processing of your personal data, in certain cases provided for by the regulations,
- A right to the portability of your data, i.e., under certain conditions, the right to receive the personal data you have provided us with, in a structured, commonly used computer format, and to have it transmitted to a third party if this is technically possible,
- A right to object to the processing of your personal data, provided that you can justify this on grounds relating to your particular situation,
- A right to information: you have the right to obtain clear, transparent and comprehensible information on how we use your personal data and on your rights. This policy is one example.
- A right to define either general or specific directives, with regard to certain processing operations, for the conservation, erasure and communication of your personal data in the event of your death.
You have the right to lodge a complaint with the competent authorities about the processing of your personal data. We encourage you to contact us before making any complaint, so that we can try to resolve your problem together.
If, after contacting us, you feel that your ‘Data Protection’ rights have not been respected, you can submit a complaint to the CNIL (Commission Nationale de l’Informatique et des Libertés). Visit www.cnil.fr for more information about your rights.
Finally, you may exercise your rights by sending an e-mail to the following
address: dataprotectionofficer@mobilize-fs.com , or by mail to the following address
RCI Banque SA, Direction de la conformité Groupe
Délégué à la protection des données personnelles
15 rue d’Uzès 75002 Paris
France
Updated in July 2024