Privacy Policy

The French version is authoritative and binding on all parties.

Website – customer and partner relationsThe US English version is authoritative and binding on all parties.

Website – customer and partner relationsThe US English version is authoritative and binding on all parties.

Updated on February 19, 2025

Download the privacy policy PDF

1. PREAMBLE

The company ENLAPS specializes in image capture and analysis for project monitoring.


Its services enable users to:

  • take photos or videos using Tikee cameras;

  • monitor, configure, and modify camera shooting sequences in real time using the Tikee Remote mobile application;

  • via the MyTikee web platform (https://my.tikee.io/): create, import, view, store, analyze, publish, and share media or analyses generated from images or videos captured by a Tikee camera.


As part of its activities, ENLAPS processes personal data concerning you.

This privacy policy informs you about:

  • the personal data processing operations carried out by ENLAPS;

  • the purposes and legal bases of such processing;

  • your rights and how to exercise them.

Activities related to the www.enlaps.io website and to customer and partner relations involve the processing of personal data.

2. WHO IS THIS POLICY INTENDED FOR?

This policy applies to:

  • visitors to ENLAPS websites (corporate website and online store);

  • ENLAPS customers and prospects;

  • users of the MyTikee web platform and the Tikee Remote mobile application;

  • ENLAPS partners (ambassadors, influencers).

3. WHO IS RESPONSIBLE FOR PROCESSING YOUR DATA?

ENLAPS is the data controller for all processing activities described in this policy:

ENLAPS, a simplified joint-stock company (SAS) with share capital of €200,000

Registered with the Grenoble Trade and Companies Register under number 813 731 262

Registered office: 26 Avenue Jean Kuntzmann, 38330 Montbonnot-Saint-Martin, France

Represented by Antoine Auberton, acting as President and Publishing Director, duly authorized for the purposes hereof.


Contact details of the person in charge of the personal data use policy:


Mr. Benoît Farinotte

Email address: info@enlaps.fr

Telephone: +33 (0)4 58 00 57 30 (cost of a local call from a landline)

Available during customer service opening hours, Monday to Friday from 9:00 a.m. to 12:00 p.m. and from 2:00 p.m. to 6:00 p.m. (closed on Saturdays, Sundays, and public holidays).

Enlaps

Simplified joint-stock company with a capital of 200,000 euros 

Registered with the Grenoble Trade and Companies Registry under number 813 731 262,

Whose registered office is located: 26 Avenue Jean Kuntzmann 38330 Montbonnot-Saint-Martin 

Represented by Antoine Auberton, acting as Chairman, and Director of Publication, duly authorised for the purposes hereof.

4. PROCESSING OPERATIONS CARRIED OUT BY ENLAPS

ENLAPS carries out the following personal data processing operations as part of its activities. The detailed characteristics of each processing operation are presented in the tables below.

Mr. Antoine Auberton.
Email: info@enlaps.fr

4.1. Purposes and Legal Bases of Processing

Processing

This policy is intended for users of the site.
 
It concerns:
-those who sign up for the technical and commercial newsletters (newsletters)
-customers who order products and services
-those to whom we have entrusted technical services related to the site (hosting service provider, maintenance, security) 
-those who have access to the back office of the site for its administration
-those who reach out to us for information or to become a partner or reseller
-those who contact us for customer support or technical assistance
-users of the online chat service
-individuals who leave a comment on a blog post 

Purposes

Legal Bases

Commercial prospection

Prospect potential professional clients - Trade shows - LinkedIn - Website form (e.g., Downloading a business case - white paper)

Legitimate interest when prospection is addressed to professionals due to their function. Express and prior consent when prospection is addressed to individuals.

Pre-sales exchanges

Responding to information requests from a potential client - pre-contractual exchanges - establishing quotes

Legitimate interest and pre-contractual measures

Management of standard customer contracts

Negotiating, signing the contract, exchanges relating to the execution of the contract, invoicing, monitoring of services, customer loyalty

Execution of customer contracts - legitimate interest

Management of the online store

Online order management - Maintenance, hosting and security of the site - Tracker management (GA statistics, social network Pixels, marketing retargeting, cart abandonment recovery) - Chat

Execution of customer contracts - legitimate interest - Consent for trackers

Management of the showcase website

Subscription to the commercial newsletter - Contact form - Other forms (business case, etc.) - Chat - Display of team members - Becoming a partner - Tracker management (GA statistics, social network Pixels, marketing retargeting, cart abandonment recovery)

Legitimate interest - Consent for trackers

Management of the MyTikee platform

User account management: creation, management, deletion - Subscription order management - Platform security and maintenance - User services (e.g., camera location) - Tracker management (statistics, social network Pixels, marketing retargeting, cart abandonment recovery)

Legitimate interest - Execution of contracts - Consent for trackers

Management of the Tikee remote mobile application

User services (e.g., camera location)

Consent to geolocation (acceptance if from the mobile and specific camera setting). On the camera, the user can deactivate geolocation at any time.

Management of after-sales service and technical requests (customers)

Support service - incident management - responses to technical requests from clients - Camera returns

Execution of contracts - Legitimate interest

Sending of the technical newsletter

Providing information about the platform, the application (technical, new features, maintenance, etc.)

Legitimate interest - Execution of contracts

Sending of the commercial newsletter

Providing commercial information to customers and prospects

Legitimate interest - Execution of contracts

Statistics on the use of the platform and applications

Producing statistics on platform usage data (e.g., number of clients using a certain feature, which countries, etc.)

Legitimate interest

Testing, performance optimization, and improvement of the platform and mobile application, including using modeling and/or machine learning methods, including for continuous improvement

Testing, performance optimization, and improvement of the platform and mobile application, including using modeling and/or machine learning methods, including for continuous improvement

Legitimate interest

Partnership management

Management of partnerships with ambassadors and influencers

Execution of contracts

4.2. Personal Data Collected

Processing

Categories of personal data collected

Commercial prospection

Last name, first name, job title, email, phone number, professional address

Pre-sales exchanges

Last name, first name, job title, email, phone number, professional address, identified needs, notes

Management of standard customer contracts

Last name, first name, job title, email, phone number, professional address, SIRET (for sole proprietorships), relevant order, exchanges

Management of the online store

  • For technical management of the site (maintenance, hosting), the data processed are those stored on the site as well as connection data (IP address, logs, identifiers, terminals, etc.)

  • For orders: address, VAT number, order content, order number, phone number

  • For trackers, the data processed are connection data (IP address, terminals, etc.)

Management of the showcase website

  • For technical management of the site (maintenance, hosting), the data processed are those stored on the site as well as connection data (IP address, logs, identifiers, terminals, etc.)

  • For trackers, the data processed are connection data (IP address, terminals, etc.)

Management of the MyTikee platform

  • User account data: last name, email, employer's name, country, customer account

  • Order data: address, VAT number, order content, order number, phone number

  • Operational data: access logs and IP address

  • Usage data (e.g., number of cameras, number of projects, etc.)

  • Camera usage data: camera geolocation (from the mobile device or from the camera)

  • For trackers, the data processed are connection data (IP address, terminals, etc.)

Management of the Tikee remote mobile application

Camera usage data: camera geolocation (from the mobile device or from the camera)

Management of after-sales service and technical requests (customers)

  • User account data: last name, email, employer's name, country, customer account

  • Customer account data: last name, first name, job title, email, phone number, professional address, SIRET (for sole proprietorships), relevant order, exchanges

Sending of the technical newsletter

Emails of customers and/or users, platform usage data (e.g., those with an active camera)

Sending of the commercial newsletter

  • If customer: email, platform usage data (e.g., those with an active camera)

  • If prospect: email

  • If the prospect comes from a site form (e.g., business case): last name, first name, job title, email, phone number, professional address

Statistics on the use of the platform and applications

Usage data (e.g., number of cameras, number of projects, etc.)

Last name, email, country, subscription-related data

Testing, performance optimization, and improvement of the platform and mobile application, including using modeling and/or machine learning methods, including for continuous improvement

  • Images from cameras

  • Camera location

Partnership management

Person's identity data: first name, last name, email, phone number, job title, address

4.3. Data retention periods

Processing

Retention Period

Commercial prospection

3 years from the collection or the last click or contact from the person

Pre-sales exchanges

3 years from the last contact from the person

Management of standard customer contracts

Customer contract retained for the duration of the contract + 10 years

Management of the online store

  • For technical management of the site, data is only retained for the time necessary for the technical operation (a few months);

  • For trackers, data is retained for a maximum duration of 25 months. The lifespan of trackers is a maximum of 13 months. At the end of this period, consent is requested again

  • For orders: 10 years from the end of the contract

Management of the showcase website

  • For technical management of the site, data is only retained for the time necessary for the technical operation (a few months);

  • For trackers, data is retained for a maximum duration of 25 months. The lifespan of trackers is a maximum of 13 months. At the end of this period, consent is requested again

Management of the MyTikee platform

  • Account: Automatic data deletion if the account is inactive for 2 years and there is no active subscription: after one year of inactivity, a notification is sent to warn that the account will be blocked in 30 days; after one year of blocking, a notification is sent to warn that the account will be deleted in 30 days. Once the account is deleted, the data is deleted within a maximum period of 45 days max.

  • Order data is retained for the duration of the subscription + 10 years

  • IP addresses and logs for a maximum period of 12 months

  • Geolocation data is retained as long as the client keeps the images in their account

  • For trackers, data is retained for a maximum duration of 25 months. The lifespan of trackers is a maximum of 13 months. At the end of this period, consent is requested again

Management of the Tikee remote mobile application

Geolocation data is retained as long as the client keeps the images in their account

Management of after-sales service and technical requests (customers)

The duration of the contract + 10 years

Sending of the technical newsletter

As long as the contract is ongoing - 3 years from the end of the contract or the last contact (same)

Sending of the commercial newsletter

  • If prospect: 3 years from the collection or the last contact from the person

  • after this period, consent is required to continue sending the commercial newsletter

  • If customer: as long as the contract is ongoing - 3 years from the end of the contract or the last contact (same)

Statistics on the use of the platform and applications

As long as the account is active and the client is a client - 5 years from the deletion of the account

Testing, performance optimization, and improvement of the platform and mobile application, including using modeling and/or machine learning methods, including for continuous improvement

Processing is carried out as long as the images / camera location are available on the platform. The data is deleted once the customer account is deleted (45 days max)

Partnership management

The duration of the contract + 10 years

5. RECIPIENTS OF YOUR DATA

Your personal data may be communicated to the following recipients:

The purpose of the processing is the management of the website.
 
This processing is for the following:
-management of subscriptions 
-management of technical and commercial newsletters (newsletter)
-management of orders for products and services and customer relations, including the online store
-technical management of the site (maintenance, hosting, site security)
-administration of the website
-handling of inquiries and partnerships
-management of requests for after-sales service and technical support
-management of the online chat service
-management of comments on blog posts

5.1. Categories of sub-processors

ENLAPS uses sub-processors for the performance of certain services:

  • Hosting of the platform, mobile application, and data

  • Customer Relationship Management (CRM)

  • Online store management

  • Corporate website management

  • Invoicing and payments

  • Emailing and marketing

  • Instant messaging and online chat

  • Telephony

  • Appointment scheduling

  • Statistics generation


These service providers act as sub-processors of ENLAPS and are bound by sub-processing agreements guaranteeing the security and confidentiality of your data in accordance with the GDPR.


Some trackers belong to third-party companies that act as independent data controllers. They determine their own purposes and means of processing. They must be cited in the policy and a link provided to their own cookie policies. These third-party publishers include, in particular:

Plausible Analytics (analytics): https://plausible.io/data-policy

The legal foundations for processing activities include:

 

  • for subscription management to technical and commercial newsletters (newsletters), the legal foundation is a legitimate interest (technical newsletter) and the subscriber's consent (commercial newsletter)

  • for order management and customer relationship, the legal foundation is the order placed by these customers (the contract)

  • for technical site management (maintenance, hosting, site security), the legal foundation is legitimate interest

  • for website administration, the legal foundation is legitimate interest

  • for handling requests for information and partnerships, the legal foundation is legitimate interest (enabling online communication) or carrying out pre-contractual actions (providing quotes upon individual requests)

  • For managing requests to the after-sales service and technical support: the legal foundation is the contract with the customer or legitimate interest

  • for chat management on the site, the legal foundation is the data subjects' consent

  • for managing comments on blog articles, the legal foundation is the data subjects' consent

5.2. Authorities and jurisdictions

In the event of a legal obligation, your data may be communicated to the competent authorities (tax administration, judicial authorities, control bodies, etc.).

The data processed are retained only for the time necessary to fulfill the purposes for which they were collected (principle of data minimization).

The maximum retention periods are:
for managing newsletter subscriptions: the email address is kept until the individual unsubscribes
for order management and customer relations: 10 years from the end of the contract
for technical management of the website (maintenance, hosting, website security): IP addresses and connection logs are kept for 12 months
for website administration: as long as the individuals are managing the site
for handling information requests: 3 years from the date of the request
for customer service and support inquiries: 5 years from the date of the request if it pertains to a customer – otherwise 3 years
for managing the online chat: 3 years from the request


for managing comments posted on the blog: 5 years from the date of the post

6. SECURITY MEASURES

The data controller implements appropriate technical and organizational measures to ensure a level of security adapted to the risk, notably:

The pseudonymization and encryption of personal data

Means to guarantee the constant confidentiality, integrity, availability, and resilience of processing systems and services

Means to restore the availability and access to personal data within appropriate timeframes in the event of a physical or technical incident

A procedure aimed at regularly testing, analyzing, and evaluating the effectiveness of the technical and organizational measures

The data controller takes measures to ensure that any natural person acting under their authority and having access to personal data only processes them upon instruction from the data controller.

The data controller processes the following categories of data:

  • for the management of newsletter subscriptions (newsletters): the email address

  • for the management of orders and customer relations: identification data (name, first name, company name, telephone, address, delivery address if different); the products and services ordered

  • for the technical management of the website (maintenance, hosting, website security): IP addresses and connection logs

  • for the administration of the website: the identity of the individuals who administer the site

  • for the management of information requests: type of information (quote/partner), name, first name, email, company name, telephone, country, message

  • for the management of after-sales service and support requests: type of information (quote/partner), name, first name, email, company name, telephone, country, message, camera serial number

  • for the management of the online chat: name, email address, question

  • for the management of comments posted on the blog: name, email address, comment, website address


7. TRANSFER OF DATA OUTSIDE THE EUROPEAN UNION

The data controller may be required to transfer personal data outside the European Union through certain subcontractors.

The data controller undertakes that these transfers will be made to countries presenting an adequate level of protection, as defined by the European data protection authorities, and/or with appropriate safeguards pursuant to Article 46 of the GDPR (in particular the implementation of standard contractual clauses).

-----For MyTikee Services: the platform hosting is entrusted to AWS (Ireland Region - Dublin area) by the subcontractor Amazon Web Services EMEA SARL.

In accordance with Article 12 of the AWS DPA, transfers outside the EEA may exceptionally be carried out only: (a) when strictly necessary to provide the services requested by the Client, or (b) upon imperative legal obligation.

These transfers are framed by the Standard Contractual Clauses approved by European Commission Implementing Decision (EU) 2021/914 and by the additional measures detailed in the document “DATA PROCESSING AGREEMENT” (DPA).

8. AUTOMATED DECISION-MAKING

No entirely automated decision-making is carried out.

9. YOUR RIGHTS REGARDING YOUR PERSONAL DATA

The data subject of a processing operation may define directives regarding the retention, erasure, and communication of their personal data after their death. These directives may be general or specific.

The data subject of a processing operation also benefits from a right of access, objection, rectification, erasure, portability, and limitation of processing concerning all of their personal data.

The request must indicate the first name and last name, email or postal address of the data subject, and be accompanied by a photocopy of an identity document bearing the holder's signature.

10. COMPLAINT

The data subject of a processing operation has the right to lodge a complaint with the competent supervisory authority (in France, the Commission Nationale de l'Informatique et des Libertés - CNIL) if they consider that the processing of personal data concerning them constitutes a violation of the General Data Protection Regulation.


Commission Nationale de l'Informatique et des Libertés (CNIL)

3 Place de Fontenoy - TSA 80715 - 75334 PARIS CEDEX 07

Telephone: 01 53 73 22 22

Website: www.cnil.fr

Book a demo

Eshop

account icon
USA ($)

News

myTikee

USA ($)
USA ($)