Personal Data and Privacy Policy

Latest update : 15/11/2022

Woman choosing her privacy settings

Preamble

Protecting your privacy is important to Alyseo. That is why we have developed a personal data management and privacy policy.

In the context of our solution for personal data protection, and our solution for Smart Buildings that respects the personal data of its residents, associated websites, associated applications, and related services, we are brought to collect, process and store personal data about you, in accordance with the European General Data Protection Regulation 2016/679, known as "GDPR".

  • Definitions

    ALYSEO strives to make this document fully understandable by defining the following terms:

    Term(s) Definition

    « ALYSEO BOS»

    « Alyseo BOS

    « Alyseo

    « we »

    refers to the company ALYSEO, with a share capital of 9 000€, registered at the Official Business Register (RCS) of Créteil under the number SIREN 451 371 884.

    « You »

    « yours »

    « your »

    refers to the natural person who uses the products and/or services and/or applications provided by ALYSEO, regardless of the technical device, for his own use or that of a third party.

    « User(s) »

    refers to any user of the application or services and products of ALYSEO.

    « Partners »

    refers to natural and legal persons, authorities and institutions, services and products, applications and websites, which are not directly controlled or managed by ALYSEO, but which have a contractual relationship with ALYSEO.

    « Policy »

    refers to the present document entitled "ALYSEO's Personal Data and Privacy Policy".

    « PyGuard »

    refers to ALYSEO's personal data protection solution.

    « NeHo »

    refers to ALYSEO's Next-Home application, whose purpose is to deliver services and information in real time within the building, on a tablet or a smartphone.

    « Alyseo's websites»

    « Websites managed by Alyseo »

    refers to the content websites published by ALYSEO: www.alyseo.com ; bos.alyseo.com ; www.pyguard.fr ;

    « Alyseo's services»

    refers to the services offered by ALYSEO.

    « Applications de Alyseo »

    refers to the applications offered and managed by ALYSEO.

    Alyseo newsletters»

    refers to the occasional newsletters from Alyseo, PyGuard and NeHo.

    « GDPR »

    refers to the European Regulation 2016/679, known as the « General Data Protection Regulation ».

    « Data »

    « Personal Data »

    « Personal Information »

    refers to any information relating to an identified or identifiable natural person, directly or indirectly, such as « a name, an identification number, location data, an online identifier or one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity », according to article 4 1° of the GDPR. For example, your name, your nickname, your e-mail address or your IP address are personal data.

    « Data processing »

    refers to « any operation or set of operations which is performed on personal data or on sets of personal data, whether or not by automated means, such as collection, recording, organisation, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure or destruction », according to article 4 2° of the GDPR.

    « Consent »

    refers to any manifestation of will, free, specific, enlightened and unambiguous by which the concerned user accepts, through a declaration or a clear positive action, that personal informations about him are being processed.

Article 1 Principles governing the collection of personal data

In publishing this policy, Alyseo defines several objectives:

  • Loupe examinant un document

    Transparency

    Be transparent about the data we collect: In this policy, you will find explanations on the data processing carried out by Alyseo (when, where, why and how we process your data).

  • Point levé

    Respect for rights

    Implementing your rights: it is important for Alyseo that each user can implement his or her GDPR rights (right to access, right to portability, right to be forgotten...).

  • Euro barré

    Ethics

    Your data will never be sold : we undertake not to sell your personal data. It is this core value of our identity that motivated the development of our project PyGuard.

Any question ?

Don't hesitate to contact our Data Protection Officer at the following address :

In accordance with the legislation in force, ALYSEO collects personal data with your explicit consent (for example, when you agree to this policy), or in the performance of a contract with Alyseo. We may also process personal data when it is necessary for the purposes of our legitimate interests, or those of third parties to whom we may disclose such data, for example to improve our products and services.

You can modify or withdraw your consent at any time by going in the parameters of your user account, or by contacting by e-mail our Data Protection Officer : dpo@alyseo.com.

Products and Services

Choose a product to view the data processing we carry out :

Article 2 Collection of personal data on our websites

  • Audience statistics

    90d

    When you visit Alyseo's websites, we store the following personal data in a format that does not identify you as an individual:

    Your IP address
    The date and time of your visit
    The reference to the webpage you visited

    These data are anonymized by the tool Matomo, recommended by the CNIL (the french National Commission on Informatics and Liberty).

    Alyseo collects this technical information in order to detect possible issues (such as the unavailability of a page or a denial of service attack), but also to make statistics about the audience of its websites.

    These data are stored in France, and kept for 90 days, except in case of opposition by the concerned person.

  • Contact form

    2 years

    You can send us a message using the contact forms of our websites. In order to properly reply to your demand, you have to provide us with the following informations :

    Your first and last name
    Your company (optional)
    Votre e-mail adress
    The subject of your request
    The body of the message

    These data are kept for 2 years after the last exchange or the processing of your request, in a folder only accessible by our staff in charge of communication, or if applicable by the other services involved.

    In the event that your request would show an interest in keeping in touch with news of our products or services, we would suscribe you to our newsletter, and your data would be sent to the subcontractor MailJet. Mailjet's data centers are located in the European Union, specifically in Frankfurt, Germany and St. Ghislain, Belgium, and hosted by Google Cloud Platform.

    Pour plus d'informations : fr.mailjet.com/privacy-policy/

    In the event that your request would establish the beginning of a business relationship, your data would be sent to the subcontractor HubSpot Inc in the context of our prospective relationships, and will therefore be transferred to the United States and other locations where HubSpot subsidiaries and their subsequent subcontractors operate. HubSpot is hosted by AWS (Amazon Cloud Services).

    More informations : legal.hubspot.com/fr/dpa

  • Newsletter

    until unsubscribing

    You can subscribe or give your consent to receive our newsletters by ticking the checkbox in our contact form. In order to send you these newsletters, we collect the following data :

    Your first and last name
    Votre e-mail adress
    Subscription date
    Statistics related to the newsletter service

    These data will be kept as long as you stay subscribed. At any time, you can withdraw your consent to unsubsribe, using the link at the bottom of our newsletters.

    Your data are processed by the subcontractor MailJet. Mailjet's data centers are located in the European Union, specifically in Frankfurt, Germany and St. Ghislain, Belgium, and hosted by Google Cloud Platform.

    More information : mailjet.com/privacy-policy/

  • Cookies

    90d

    Interface Usage Data

    A cookie is an element which does not allow user identification, but is used for store informations related to a user browsing habits on a specific website.

    As a user, you are informed when visiting our websites that cookies may be automatically installed on your browser in order to track your navigation, measure traffic and collect your consent. The audience measurement informations collected are anonymized as soon they are recorded, and used solely for this purpose.

    The websites www.alyseo.com, bos.alyseo.com and www.pyguard.fr are using the software Matomo (formerly Piwik) and follow the recommended configuration prerogatives of the CNIL (French Data Protection Agency).

Article 3 Personal data collection for NeHo applications and services

When you become a user of NeHo (on smartphone or tablet) and the services offered by Alyseo as part of our smart building solution, we need to collect a whole set of information from you:

  • Collected data

    2 years

    Contact information: title, first name, last name, postal address and apartment number, phone number, e-mail address, IP address
    Comments, discussions and images sent through the chat, or in the ticket manager for maintenance purposes
    Data related to sensors and connected devices (temperature sensor, thermostat, lights, etc)
    Energy consumption bill

Data collection and processing within the NeHo app

When you install the NeHo application from the App Store or Play Store, we need to collect some data to ensure the link between the NeHo application installed on your smartphone, and our solution installed in your home, as well as to finalize the setup of your connected home:

  • NeHo smartphone application

    2 years

    Contact information: e-mail address, postal address and apartment number, IP address
    SSID and password of your router
    Actions and orders made to control your connected home

The data collected, necessary for the operation of the services, are not necessarily accessible or readable by Alyseo.

  • Cookies

    90d

    Interface Usage Data

    A cookie is an element which does not allow user identification, but is used for store informations related to a user browsing habits on a specific website.

    We collect usage metrics of our NeHo solution (on smartphone and tablet) using analytics cookies. You can refuse this data processing at any time by going into the application settings.

Alyseo collects this personal data because they are necessary to the proper operation of services that we offer, such as user account management or building operation and maintenance. You may be asked to provide your personal information when you sign up for any of the services we offer. In addition, Alyseo and its partners may exchange and use this personal data, anonymized, for statistical purposes for example.

Smooth operation of services and maintenance

When you share content with other users using our services, we collect the information necessary for the proper functioning of these services, such as messages sent and received, and their recipients. We use this information to process your requests and to provide appropriate products or services.

Communication and information

The personal data we collect allows us to inform you of the latest product announcements, software updates and upcoming Alyseo events that are relevant to you.

From time to time, we may use your personal information to send important notices, such as communication of changes to our terms of use and policies. Because this information is important to your relationship with Alyseo, you may not opt out of receiving these communications.

Improvement of our products and services

We use your personal data to create, develop, use, deliver and improve our products, services, and content, and for loss prevention purposes. We may also use your data for internal purposes, such as audits, data analysis and research to improve Alyseo's products, services and customer communications.

The interface usage data retrieved using analytics cookies, and all data related to your user account are stored in France, and will not be resold under any circumstances.

Article 4 Collection of Personal Data in PyGuard Services

When you use PyGuard, the box collects personal data in order to be able to monitor to whom these data are transmitted, and possibly to be able to modify or block them :

  • Digital Safe

    as long as you use PyGuard

    Whenever you become a user of PyGuard ans our services, we have to collect, with your consent, a whole set of informations about you in order to build your digital safe :

    Contact information : first name, last name, date of birth, gender and title, postal address, e-mail address, phone number, IP address, nickname
    Bank details
    Data related to sensors and connected devices (temperature sensor, thermostat, lights, etc)
    Various accounts : usernames and passwords
    The different types of profiles you use

    The product PyGuard collects these personal data because they are necessary for the proper operation of the services we offer. This data can be modified or made invisible (blocked) when you use the Internet on a daily basis. ALYSEO n'a pas accès à ces données personnelles, qui sont stockées localement chez vous.

  • Blocking unwanted connections

    as long as you use PyGuard

    PyGuard also collects personal data related to web traffic in order to block unwanted connections, categorize websites and secure your local network. The following data is collected :

    Your IP and MAC addresses
    The name of your device
    Your device type
    The IP addresses of websites
    The quantity of exchanged data
    The number of exchanged messages
    The public informations of the site owner (whois)
    The IP geolocation of the website
    The reason for closing a connection (normal or by PyGuard)

    Alyseo sends the FQDN (Fully Qualified Domain Name) of websites to R2C-Sytem, à l'origine de la solution MyDataBall, to improve the Artificial Intelligence that categorizes websites. This data is stored on the PyGuard box and kept for the duration of the use of PyGuard services, then destroyed.

  • Personal Data Interception

    as long as you use PyGuard

    PyGuard and its plugin identify the personal data transferred to third party websites, blocking or modifying the data in the queries, depending on what the user decides to share on the internet. The PyGuard box and the plugin can thus access the following personal data :

    Personal Data identified in requests

    In particular identity, contact, connection, geolocation, and financial data (surname, first name, gender, date of birth, e-mail address, phone number, login, username, password, GPS coordinates, IP address, postal address, city, region, country, language, credit card number, credit card holder, expiration date, etc).

    Potentially all data passing through the internet

    Such as your browsing history, the history of any action made through the internet such as a purchase, comments, posts, photos sent, received emails, etc.

    Potentially all data visible during web browsing

    Such as health websites, political parties, religious beliefs, etc. ALYSEO does not have access to this sensitive data.

    These data processing operations are necessary for the proper functioning of the personal data modification or blocking service that we offer you. ALYSEO does not have access to these personal data.

    When you use PyGuard's services, you consent to the processing of such data. You may change your mind and refuse such processing at any time by contacting our Data Protection Officer by e-mail at the following address : DPO@pyguard.fr.

    These data are stored in France and kept for the duration of the use of PyGuard services, then destroyed.

  • Cookies

    90d

    In order to carry out statistics of use of the PyGuard solution, the user can accept analytics cookies at his first connection. ALYSEO will then collect the following data:

    Your public IP address (only the first 2 bytes)
    The name and version of your operating system
    Your browser (name, version, rendering engine, components)
    Your device type (desktop, mobile, tablet, etc)
    Your screen resolution
    The duration and number of sessions
    The date of visits
    Your actions (pages browsed, buttons and links clicked)

    The data are stored in France. You can refuse this data processing at any time in the parameters of your account.

By using PyGuard's services, you consent to the processing of such data. You may change your mind and refuse such processing at any time by contacting our Data Protection Officer by e-mail at the following address : DPO@pyguard.fr.

Article 5 Commercial relationship

  • Clients, suppliers and subcontractors

    When you contract with Alyseo as a Client, Supplier or Subcontractor, we collect the following personal data:

    Marital status, identity, identification data, images : civil status, first name, last name, address, phone number(s), e-mail addresse(s)
    Personal life : household members, profession, personal acquaintances
    Professional life : company, field of work
    Data related to the follow-up of the commercial relationship : person(s) in charge of the customer relationship, date of calls and appointments, summary of the problem

    The processing of this personal data is necessary for the proper management of contracts and orders, as well as for the follow-up of the commercial relationship. When you contract with Alyseo, you accept that this data is processed. This data is intended for ALYSEO SAS personnel in charge of marketing, communication, administration, legal or commercial relations, but also for public authorities when necessary.

    Conservation period

    • Customer files : 3 years starting from the end of the commercial relationship for customer files.
    • Contracts : 5 years in principle. When a contract is concluded electronically and when he deals about an amount superior to 120€, the written record is kept for a period of 10 years.
    • Orders, shipments, bills : 10 years.

  • Operations related to prospection

    3 years

    When you contact Alyseo as a prospect, we process the following personal data:

    Marital status, identity, identification data, images : civil status, first name, last name, address, phone number(s), e-mail addresse(s)
    Professional life: profession, field of work, socio-professional category, personal knowledge.
    Follow-up of the business relationship : lead status, contact owner, documentation requests, trial requests, correspondence with the prospect, comments from prospects, products that interest them (Smart Building or PyGuard).
    Use of an online communication service (social networks) : public user profile data and comments/posts published online

    Alyseo processes this personal data to manage and update its prospecting files, but also to carry out operations related to prospecting (solicitation, promotion, survey, retention action, etc.). As a prospect, you can renounce to this treatment, which will avoid you to receive commercial solicitations from us.

    Conservation period

    These data are kept for 3 years starting from the end of the business relationship, or from the last data collection.

    The data is kept in a file accessible by Alyseo personnel in charge of communication and communication and, if necessary, other contributing services.

    The data processed by the subcontractor HubSpot Inc in connection with prospect relationships are transferred to the United States and other locations where subsidiaries of HubSpot and their subsequent subcontractors operate.

    A prospect of Alyseo can be registered to our Newsletter, in this case the processed data will be sent to the subcontractor MailJet

    MailJet's data centers are located in the European Union, specifically in Frankfurt, Germany and St. Ghislain, Belgium, and hosted by Google Cloud Platform.

    More information : mailjet.com/privacy-policy/

Article 6 Personal data security

We make every effort to ensure the security of your data. The communication between our websites, services and our applications are encrypted. The communications with our partners are encrypted and carried out on a secure channel. Access to our databases and our administration tools is strictly monitored and restricted to certain staff members.

In the event where we would fall victim to a breach or disruption that compromises the security of your personal data, we undertake to inform the CNIL (the french National Commission on Informatics and Liberty) under the conditions described by the article 33 of the GDPR. We will inform you, as well as our concerned partners if necessary within 24 hours, following the conditions described by the article 34 of the same Regulation.

Article 7 Your rights

What are my rights?

You have several rights depending on the type of processing carried out and the legal basis on which it is based (contract, legal obligation, consent, legitimate interest of Alyseo, etc.) legal basis (contract, legal obligation, consent, legitimate interest of Alyseo, etc.) in accordance with articles 15, 16, 17, 20 and 21 of the GDPR.

How to exercise my rights ?

You may exercise your rights by contacting us at one of the following addresses :

In order for your request to be handled as efficiently as possible, do not forget to send us :

  • The processing concerned by your request
  • The rights that you wish to enforce
  • A copy of your identity document (we use this data to verify that the person making the request is indeed the person concerned by the processing).

If, despite all our efforts, you feel that your rights have not been respected, please be aware that you have the possibility to seize the CNIL (the french National Commission on Informatics and Liberty), or any other equivalent regulatory authority about personal data in your country, such as the ICO : https://ico.org.uk/make-a-complaint/

Article 8 Modification of this policy

This Policy is a living document, that may be changed or evolve at any time without notice. You can check the history of modifications here :

With each new modification, users of NeHo and PyGuard services and products will be notified.