In order to ensure that you always have the latest version, we invite you to consult this section regularly.
Ondilo takes the utmost care to protect the personal data it collects.
This Policy is intended for people downloading WIS Mobile Application (hereinafter “the Application”) in order to connect their connected device, as presented on the website accessible at wellisparts.com or in the commercial documentation (the “Connected Object”).
As part of our commitment to protect your personal data in a transparent manner, we want to inform you :
– how and why Ondilo uses and stores your personal data through the Application it offers;
– the legal basis under which your Personal Data is processed; and
– of your rights and our obligations with respect to such processing.
As part of its activity and the Connected Objects offered for sale, Ondilo offers its customers the download of its Application through which Ondilo collects data.
This private data is grouped into 2 categories:
Personal data: data that allows the identification, directly or indirectly, of a person, collected during the downloading of the Application and the configuration of the Application, data for which Ondilo is responsible for processing;
Data collected through the Connected Object: data relating to water quality (acidity, disinfection, minerality, temperature) collected by the Connected Object, data for which Ondilo acts as service provider.
In the context of the processing of personal data, Ondilo collects and processes the following data for the purposes detailed below :
Purpose of the treatment | Categories of Personal Data Processed | Legal basis of the processing operation |
Customer Relationship Management | Last name, first name, email, password | The Processing is necessary for the performance of the contract that binds us or for carrying out measures prior to the conclusion of a contract with you, or because we have a legitimate interest in the Processing in order to provide you with services. |
Management and follow-up of customer requests | Name, first name, email, phone number, country, place of purchase of the product, UUID of the product, status of private or professional, details of the request, type of request, OS used, history of requests. | The Processing is necessary for the performance of the contract that binds us or for carrying out measures prior to the conclusion of a contract with you, or because we have a legitimate interest in the Processing in order to provide you with services. |
Management and follow-up of customer requests | Pool/SPA data : Treatment of the pool/SPA, type of pool/SPA, average number of users of the pool/SPA, stock of disinfectant and/or other maintenance products, size of the pool/SPA, time of presence and absence, location of the pool, average water temperature and in real time, consumption of disinfectant and/or other cleaning products over the season, consumption status of the cleaning products, alkalinity level, ORP level, hardness level, conductivity level, Ph, chlorine or bromine, salt level and average use time of the pool/SPA over the year. The pool/spa equipment present such as cover, cover, shelters, pump model, type of stairs, chlorinator, pH control, ozonator, brominator, uV lamp, filter type and model. Rate of filter replacement or cleaning. Packaging of disinfectant and/or other cleaning products. Pool or spa coating (liner, tiles, shell, acrylic, abs, …). | The Treatment is necessary for the provision of the service, but also in our legitimate interest. Concerning the geolocation data, they are collected only with your consent. |
Data collected through the Connected Object: operating system of the smartphone, UUID number, place of purchase of the Connected Object, IP addresses, location data (depending on the permissions you have granted us) | ||
Management and follow-up of recommendations | Customer recommendation based on data collected through the Connected Object and the customer information provided | The Treatment is necessary for the provision of the service, but also in our legitimate interest. |
Service Improvement | Analysis of the profile, interests and behaviour of users, as well as on the measures carried out by the Connected Object in order to improve the content and functionality of the services, and to better understand customer needs. | The processing of this data is carried out in our legitimate interest but on the basis of anonymised and non-identifying data. |
Ondilo considers that personal data and privacy are central to the relationship with its customers.
Ondilo. The personal data that we collect directly or through the Connected Object (your data), are intended for us and allow access to services and monitoring of the use of these services. In this context, we may use your personal data as well as the data collected in the context of providing the service in order to provide you with personalised analysis and advice.
Retailers. In the context of certain partnerships, Ondilo may share your data with the reseller or distributor from whom the Connected Object was purchased, or, in the context of a Connected Object purchased on our website, Ondilo may transfer your data to certain distributors and resellers for the purposes of providing and monitoring the service. The distributor and/or reseller undertakes not to use your data for commercial purposes. Furthermore, under no circumstances may the distributor or reseller resell your data.
Providers. We ensure that only authorised persons have access to this data. Our service providers may receive this data in order to perform the services we entrust to them. Some personal data may be forwarded to third parties or legally authorised authorities in order to fulfil our legal, regulatory or contractual obligations.
They may be communicated to these entities for the purposes set out in this privacy policy. These operations are carried out on the basis of instruments that comply with the applicable regulations and are capable of ensuring the protection and respect of your rights.
Partners. In addition, data collected through Connected Items may be shared with a smart assistant in your home, such as Alexa, Google Home, or others, if you choose to do so.
In this context, data may then be shared with these partners, subject to your consent and within the framework of the privacy policy issued by each of the intelligent assistants with which you will interface the Connected Object. We invite you to read the privacy policy governing the collection of personal data from these intelligent assistants to which you agree to submit by interfacing the Connected Object.
Buyer. Finally, in the event that Ondilo is purchased by a buyer, your data will be transferred to the buyer. The Acquirer shall in turn be bound by the same obligations to store and modify data with respect to the user of the Application and its linked sites as those set out in this Privacy Policy.
The retention periods we apply to your personal data are proportionate to the purposes for which they were collected.
The length of time we retain personal data is variable and determined by various criteria, including :
– the purpose for which we use them: Ondilo must keep the data for the period necessary to fulfill the purpose of the processing ;
and
– legal obligations: legislation or regulations may set a minimum length of time for which we must retain personal data.
We organise our data retention policy according to these criteria and make it available to you.
Furthermore, your data is kept until you request its deletion. If you request deletion, all your data will be permanently deleted within 30 days of your request. In the event of deletion of your account, Ondilo will however keep anonymised data for the purposes of improving service and statistics. However, if you have deleted your Ondilo account and wish to use our Products and Services again, you simply need to create a new account.
As part of the provision of the service, Ondilo, acting as a service provider on behalf of its client, undertakes to : (i) Process the data solely for the purpose(s) for which the service is provided; (ii) Process the data in accordance with the instructions of the client; (iii) In the event that Ondilo is required to hire subcontractors to provide services for which personal data is processed, to inform the client; (iv) Guarantee the confidentiality of the data processed; (v) Ensure that its staff involved in the processing of personal data is fully informed of this fact: – undertakes to respect the confidentiality of the data processed by way of contract; – receives the necessary training in the protection of personal data; – undertakes to take commercially reasonable measures to ensure the reliability of any member of staff involved in the processing of personal data; (vi) notifies the client of any violation of personal data as soon as possible after becoming aware of it; (vii) Assist the customer, to the extent possible, in fulfilling its obligation to comply with requests to exercise the rights of data subjects and transmit to the customer, upon receipt, any request for exercise of the rights of a data subject; (viii) Make available to the customer the documentation necessary to demonstrate compliance with its obligations under applicable regulations. In addition, Ondilo undertakes to implement the technical and organisational measures guaranteeing a level of security appropriate to the risk, in particular : (a) The means to guarantee the confidentiality, integrity, availability and constant resilience of the processing systems and services; (b) The means to restore the availability of and access to personal data within an appropriate timeframe in the event of a physical or technical incident; (c) A procedure to regularly test, analyse and evaluate the effectiveness of the technical and organisational measures to ensure the security of processing. (ix) Depending on the choice of the customer, once the service has been terminated, to delete all personal data or to return them to the customer; existing copies shall be destroyed, unless Union law or the law of the Member State requires the retention of personal data.
You acknowledge that this Privacy Policy informs you of the purposes, legal framework, interests, and recipients or categories of recipients with whom your personal data is shared.
If we decide to process data for purposes other than those indicated, you will be informed of these new purposes.
You have the right to access and correct your personal data.
In this respect, you have confirmation whether or not your personal data are processed, and when they are processed, you have access to your data as well as to information concerning :
You may request that your personal data be, as the case may be, rectified or completed if they are inaccurate, incomplete, equivocal or out of date.
You may request us to delete your personal data when one of the following reasons applies:
Nevertheless, the exercise of this right will not be possible when the retention of your personal data is necessary under the terms of legislation or regulations and in particular for example for the establishment, exercise or defence of legal rights.
You may request the limitation of the processing of your personal data in the cases provided for by laws and regulations.
You have the right to object to the processing of personal data concerning you when the processing is based on the legitimate interest of the controller.
You have the right to the portability of your personal data
The data on which this right can be exercised are :
This right is limited to processing based on consent or a contract as well as to personal data that you have personally generated.
This right does not include neither derived data nor inferred data, which are personal data created by Ondilo.
Where the data processing we carry out is based on your consent, you may withdraw it at any time. We will then stop processing your personal data without jeopardizing the previous operations for which you consented.
You have the right to file a complaint with the CNIL on French territory, without prejudice to any other administrative or jurisdictional recourse.
You have the option to set guidelines for the storage, deletion and disclosure of your personal data after your death to a trusted, certified third party who is responsible for enforcing the wishes of the deceased in accordance with the requirements of the applicable legal framework.
All the rights listed above can be exercised at the following email address rgpd@ondilo.com or by mail with a copy of an identity document to the following address Ondilo: 162 Avenue Robert Schuman ZA la Pile, 13 760 Saint-Cannat – France.
Nevertheless, with regard to the exercise of the right to information, we may not be obliged to act on it if :
All useful precautions are taken to ensure the security and confidentiality of your personal data, in particular to prevent their loss, alteration, destruction or use by unauthorised third parties.
In addition, we require service providers and subcontractors who may have access to personal data to implement appropriate technical and organisational security measures with regard to such personal data.
We reserve the right to amend this policy to reflect changes in various regulations and practices.
Any changes we make to our policy will be directly accessible through the Application under the heading “Privacy”.
In order to ensure that you always have the latest version, we invite you to consult this section regularly.
In order to ensure that you always have the latest version, we invite you to consult this section regularly.