Privacy policy

Company and Individuals Concerned

The team at Hareau SAS (101 Rue de Sèvres 75272 Paris CEDEX 06, France), hereinafter referred to as "Weenect," processes your personal data when:

• You browse the Weenect Website and/or;
• You purchase one or more products on the Weenect Website and/or;
• You use the Weenect web and/or mobile App.

If you belong to at least one of these three groups, this Privacy Policy applies to you.

Data Controller

The data controller, as per the GDPR, is Weenect.

You can contact us via email at dpo@weenect.com or family@weenect.com or reach out to our Customer Service.

Data Protection Officer

Our Data Protection Officer, as per the GDPR, can be reached through our email address or via our Customer Service.

1 - Principles Related to the Collection and Processing of Personal Data

In accordance with Article 5 of the European Regulation 2016/679, personal data are:

1. Processed lawfully, fairly, and transparently in relation to the data subject;
2. Collected for specified, explicit, and legitimate purposes (cf. Article 3.1 of the present document) and not further processed in a manner incompatible with those purposes;
3. Adequate, relevant, and limited to what is necessary in relation to the purposes for which they are processed;
4. Accurate and, where necessary, kept up to date. Every reasonable step must be taken to ensure that personal data that are inaccurate, with regard to the purposes for which they are processed, are erased or rectified without delay;
5. Retained in a form that allows the identification of the data subjects for no longer than is necessary in relation to the purposes for which they are processed;
6. Processed in a way that ensures appropriate security of the collected data, including protection against unauthorized or unlawful processing and against accidental loss, destruction, or damage, using appropriate technical or organizational measures.

2 – Purposes of the Collection and Processing of Personal Data

Purpose 1: Management and delivery of Orders placed on the Weenect Website.

Purpose 2: Management of the IT system to provide the service related to the Tracker.

Purpose 3: Handling of Customer requests (Customer Service).

Purpose 4: Quality control of products and Services; improvement of internal processes.

Purpose 5: Customer Payments and refunds.

Purpose 6: Marketing, which includes:

• Display of content from external platforms
• Performance analysis of the blog
• Performance analysis of the e-commerce Website
• Detection of the country of residence to display the correct version of the e-commerce Website
• Management of e-commerce Website scripts
• Commercial affiliation
• Blog comments
• Tracking of advertising conversions
• Creation of advertising audiences based on similarity
• Remarketing and behavioral targeting
• Integration between different IT tools
• Lead generation
• Management of contacts and sending of messages
• Data collection and online surveys
• Online sales
• Establishment of partnerships

3 – Personal Data Collected

Certain information is mandatory to provide you with the requested service (such as your first name, last name, email address, and Weenect account password). Other information is optionally provided by you, such as the image used as the icon for your Tracker, the names of your loved ones in the App, etc.

The data we collect and process are as follows:

For Purpose 1: First name, last name, address, phone number, email.

For Purposes 2, 3, and 4: First name, last name, account identifier, account password, address, phone number, GPS positions of the Tracker when it is on and with active geolocation.

For Purpose 5: First name, last name, email, address, identification document, phone number.

For Purpose 6: First name, last name, email, phone number, address, postal code, city, country, family status (only for online surveys), company name, socio-professional category, IP address, usage data, device information, browser information, session statistics, Trackers.

4 – Legal Basis for the Collection and Processing of Personal Data

The General Data Protection Regulation authorizes us to collect, store, and process only the data we are legally entitled to process. This authorization is legally based on the following grounds:

For Purpose 1: Performance of the product delivery contract concluded with you.

For Purpose 2: Consent you have given us for this purpose (necessary to provide you with the functionalities and service related to the products; optional in other cases).

For Purpose 3: Performance of the contract related to the product warranty and service.

For Purpose 4: Performance of the purchase contract with warranty. Legitimate interest in improving Services.

For Purpose 5: Consent you have given us to receive a refund. Legal obligation for billing.

For Purpose 6: Legitimate interest or Consent you have given us.

5 – Recipients of the Collected Data

5.1 Internal Access to Personal Data

The Weenect teams have access to users' and Customers' personal data according to the scope of their responsibilities. Below is a detailed breakdown of access by purpose of processing:

Purpose 1: Weenect Logistics and Customer Service teams. Employees of logistics service providers (responsible for warehouse and package shipment).

Purpose 2: Weenect Technical, Logistics, Quality, and Customer Service teams.

Purpose 3: Weenect Customer Service, Marketing, and Sales teams. Employees of our partner companies who handle certain customer support requests.

Purpose 4: Weenect teams, each within their scope of application.

Purpose 5: Weenect Accounting team. Payment service providers.

Purpose 6: Weenect Marketing team.

5.2 Disclosure of Data

Weenect uses the personal data provided by its users solely to deliver the requested service at registration or in response to an explicit request. Any sharing or disclosure of these personal data is done in accordance with the customers' instructions and in compliance with applicable laws and legal procedures.

5.3 External Entities

We may engage third-party companies or individuals as service providers or business partners to support our operations. These third parties may, for example, provide virtual storage services. Before engaging a third-party subcontractor, we conduct assessments to evaluate their privacy, security, and confidentiality practices and execute an agreement that implements their applicable obligations. Examples of external services we use, by purpose:

• Logistics :
  • Odoo
  • UPS
  • Colissimo / Chronopost / La Poste
• Customer Service :
  • Zendesk
• Payments :
  • Hipay
  • GoCardless
• Marketing :
  • Google
  • Awin
  • Meta
  • Zapier
  • Typeform
  • Brevo
  • Disqus

6 – Cookies

The cookie policy for our Website is available at the following address: https://www.iubenda.com/privacy-policy/33091626/cookie-policy

7 – Data Retention Period

• Main Database (PostgreSQL)
  • Data Processed : User data: first name, last name, email, address, phone number, WiFi zones, and security zones, other optional information
  • Accessibility : Backoffice, Console, Metabase
  • Retention Period : Until the user deletes their account (for data essential to account functionality) or until the data is no longer necessary for account functionality.
• Position Database (MongoDB)
  • Data Processed : Informations GPS du traceur et adresses MAC géolocalisées.
  • Accessibility : BackOffice
  • Retention Period : 30 jours
• Long-term Position Archive (S3 Bucket)
  • Data Processed : Information GPS partiellement anonymisée.
  • Accessibility : Exclusivement interne, sécurité forte, avec logs des accès
  • Retention Period : 1 an

8 – Security

For Weenect, data security is paramount. We make every effort to protect the personal data we collect against any loss, misuse, or unauthorized disclosure.

To achieve this, we consider the sensitivity of the data we collect, process, and store, as well as the current state of technology. However, due to the nature of communication and information processing technologies, we cannot guarantee the security of information during transmission over the Internet or while stored on our systems. When a person clicks on a link to a third-party site, they leave our Website and exit our sphere of control.

All data stored in our databases is encrypted and isolated on a private network.

Long-term archives are accessible only from our internal network with encrypted access and strong authentication.

9 – Rights of Data Subjects

If you are a data subject concerning the processing of personal data, you have rights that allow you to retain control over your information:

• Right to information (fulfilled by this Privacy Policy)
• Right to object
• Right of access
• Right to rectification
• Right to erasure
• Right to data portability

To exercise your rights, you can contact us at: dpo@weenect.com

You also have the right to file a complaint with the authority responsible for ensuring personal data protection and enforcing the GDPR in your country of residence.

10 – Data Transfer Outside the European Union

Our Customer Service relies on an external service based in Madagascar, which exclusively uses the data necessary to provide Customer Service, and only for this purpose.

11 – Modification of the Privacy Policy

Weenect reserves the right to modify this Privacy Policy at any time.

When we make substantial changes to the provisions in this Privacy Policy, we inform our users so they can review the changes before they take effect. Substantial changes may include, for example, more detailed tracking or profiling or the addition of more precise analysis services. User consent will be obtained before any changes take effect, if necessary. If a Customer does not accept the changes, they may delete their account and permanently erase their data at any time.

This Privacy Policy was last updated on 11/12/2024.