Updated on January 4, 2023
Privacy Policy
Fleeti attaches the greatest importance and care to the protection of the privacy of personal data and to compliance with the relevant legal provisions.
Purpose of this Charter
Fleeti implements Processing of personal data, for which it is responsible.
By means of this Privacy Policy, Fleeti wishes to inform all Data Subjects of the following
The characteristics of the Data Processing collected and processed under its responsibility;
The commitments it makes to respect the Personal Data and to allow its Customers to exercise the rights conferred to them by the Regulation, if necessary.
In the context of its contractual relationship with the Data Subjects , Fleeti undertakes to comply with the regulations in force applicable to the Processing of Personal Data and, in particular, Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of individuals with regard to the Processing of Personal Data and on the free movement of such data (hereinafter the "RGPD"), as well as Law No. 78-17 of 6 January 1978 in its latest version in force. The terms beginning with a capital letter in this article have the meaning attributed to them by the applicable regulations on the protection of Personal Data.
Who are the recipients of the Personal Data collected?
The collection of Personal Data is intended for Fleeti as the Data Controller, which guarantees its confidentiality, and for three partners: OVH, Azure and Navixy.
Fleeti informs the Data Subject that the Personal Data may be used by the staff of Fleeti or the staff of the group entities. These Recipients are subject to strict confidentiality and security obligations and will have access to the Personal Data within the limits of the determined Purposes.
Data security
Fleeti is committed to protecting your personal data against loss, destruction, alteration, unauthorized access or disclosure. We implement technical and organisational measures appropriate to the nature of the data and the risks involved in the processing. The purpose of these measures is to preserve the security and confidentiality of your personal data and, in particular, to prevent them from being distorted, damaged or accessed by third parties.
These measures may include practices such as limited access to data by authorized personnel, contractual guarantees when using an outside service provider, regular reviews of our privacy practices and policies, physical and/or logical security measures (secure access, authentication process, backups, software, anti-virus, firewalls, etc.).
Is a transfer of Personal Data foreseen? If so, under which contractual conditions and to which countries?
The Data Subject is hereby informed that, unless otherwise provided by law, Fleeti may have recourse, in the context of its mission, to third parties who may be located outside France (but within the European Economic Area), who may be other entities of the group and/or service providers acting on its behalf, who provide administrative and IT infrastructure services (including, where applicable, "cloud" type service providers), as well as services to support its activity. These third parties, for which it remains responsible, are subject to strict confidentiality and security obligations in accordance witharticle 28 and article 29 of the RGPD.
Fleeti does not transfer your data outside the European Economic Area
(EEA). Otherwise, contractual mechanisms and binding legal processes will be put in place to legally transfer personal data across EEA borders and secure these data flows
What access to the Personal Data collected is possible?
The person concerned by the Data Processing carried out by Fleeti, pursuant toarticle 18 of the GDPR, has the following rights:
A right of access, i.e. to obtain confirmation as to whether or not the Data are being processed and, if so, access to the Data, as well as various information including the purposes of the Processing, the category of Data, the recipient(s) of the Data, etc.
A right to promptly amend Data that is inaccurate, incomplete, outdated or equivocal, or whose collection and Processing is prohibited;
A right to object to the Processing or transfer of the Data, unless there are compelling legitimate reasons that override the interests of the Data Subjects;
A right to erasure of Data that can be requested in cases defined by law (Article 17 RGPD) ;
A right to the limitation of Data Processing concerning the Data Subject for the following reasons:
For a period of time that allows the Data Controller to verify the accuracy of the personal data, when the data subject contests it;
The Processing is unlawful and the Data Subject objects to their erasure and demands instead the restriction of their use;
The data controller no longer needs the Personal Data for the purposes of the Processing, but it is still necessary for the data subject for the establishment, exercise or defense of legal claims;
During the verification of whether the legitimate reasons pursued by the controller prevail over those of the data subject when the latter has objected to the Processing.
The Data Subject may exercise these rights by sending a letter or e-mail directly to Fleeti at the following address: 97 ALL THEODORE MONOD 64210 BIDART and/or an e-mail to the following address dpo@fleeti.co
The Person Concerned also has the right to file a complaint with the Commission Nationale de l'Informatique et des Libertés (CNIL), in particular on its website
www.cnil.fr
