Unsolicited application

Curriculum Vitae (CV)

Drop PDF file or click to choose one

Contact us

Privacy policy

The protection and security of Personal Data is at the heart of EP2C’s concerns. EP2C indeed pays close attention to all data protection related issues and strives to achieve a high level of protection of such data. In this context, the purpose of this data protection notice is to give details on how data are collected and processed through our website.

DATA PROTECTION SPECIFIC TERMS

 

“Personal Data” means any information relating to an identified or identifiable natural person (‘data subject’); an identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person. “Processing” means any operation or set of operations which is performed on personal data or on sets of personal data, whether or not by automated means, such as collection, recording, organisation, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure or destruction.

 

“Controller” means the natural or legal person, public authority, agency or other body which, alone or jointly with others, determines the purposes and means of the processing of personal data; where the purposes and means of such processing are determined by Union or Member State law, the controller or the specific criteria for its nomination may be provided for by Union or Member State law.

 

“Processor” means a natural or legal person, public authority, agency or other body which
processes personal data on behalf of the controller.

 

IDENTITY OF THE DATA CONTROLLER

 

EP2C is the Controller for all processing carried out via https://www.ep2c-energy.com/. The
head office is located in Balma, (31130) France.

 

HOW WE USE YOUR DATA

 

This section summarizes the main data processing carried out for each category of data
subject, on the EP2C website.

 

Applicants

 

Category of data: Identification Data (Full name, number, address, email, etc.), information related to the private life, information related to the professional career (Positions occupied, responsibilities, overall experience, professional history, resume, cover letter, etc.)
Purpose of processing: Business management (core activity), recruiting new talents
Legal basis of the processing: Processing is necessary for the performance or preparation of a contract between the data subject and EP2C.
Data recipients: Authorized and qualified EP2C services (e.g., Human Resources, Commercial team, etc.) Authorized and qualified EP2C subsidiaries. Authorized technical processors (e.g., website hosting service provider, etc.)

 

Propects / Customers

 

Category of data: Identification Data (Full name), information related to the professional career / Professional contact details (Professional phone number and email, position, name of the employer, etc.)
Purpose of processing: Business development, business management
Legal basis of the processing: Processing is necessary for the performance or preparation of a contract between the data subject and EP2C. Legitimate interest of EP2C to manage and expand their business activities.
Data recipients: Authorized and qualified EP2C services (e.g., Commercial team, Human Resources, etc.) Authorized and qualified EP2C subsidiaries. Authorized technical processors (e.g., website hosting service provider, etc.)

 

Website visitors

 

Category of data: Connection data (IP addresses, logs, etc.)
Purpose of processing: Security and analysis and development of the effectiveness of the content of our website.
Legal basis of the processing: Legitimate interest of EP2C to develop the business.
Data recipients: Authorized and qualified EP2C services (e.g., Commercial and Marketing teams, IT, etc.) Authorized technical processors (e.g., website hosting service provider, etc.)

 

Security

 

Notes EP2C has implemented security measures to guarantee the integrity and protection of your data. Our security strategy is part of our commitment to ensuring a high level of protection to every personal data we process. Here is a non-exhaustive list of the measures we have implemented :

  • Organizational safety measures : Appointment of a DPO and a CISO, management of authorizations, IT policies, data breach management policies, data subjects exercise of rights management policy, data processing process to ensure that only people who need your data in the course of their duties have access to it (these people being subject to an obligation of confidentiality).
  • Physical safety measures : on-site security, data encryption, high requirements on the reliability of our hosting service providers.
  • Logical safety measure : Firewalls, automatic locking of workstations, etc.

 

How long are your data kept

 

EP2C retains the personal data of applicants, prospects and visitors for as long as is necessary to carry out the above-mentioned tasks. Data collected through our contact forms are kept for a period varying according to the request made and the department responsible for processing the request. The following main retention period are applied :

 

  • Applicants’ resumes sent via the website are kept for a maximum of 2 years after the last contact with the applicant.
  • Prospects’ data are kept for 3 years after the last contact.
  • Customers’ data are kept for the duration of the business relationship, then for 5 years in case of legal disputes.
  • Finally, connection data are kept for no more than 6 months.

 

The data collected are then stored on our secure servers and transferred securely between
the departments concerned by the processing.

 

Data transfers

 

EP2C is committed to ensure compliance to data protection regulation and has therefore begun an incremental process to secure international data transfers required by EP2C processing. As part of this process of compliance and security, safeguards and measures are being taken for both intra-company transfers and with authorized third parties (e.g, our clients, external partners, etc.). Our website is hosted in cloud mode by Nuxit. Nuxit is a French cloud hosting provider which guarantee a high level of security. If data are transferred outside the EU as part of Nuxit’s services, Nuxit has taken appropriate safeguards (informing the Controller, Standard Contractual Clauses with their non EU quarters) to legally and technically secure these transfers.

 

Cookies and similar tracking technologies

 

What is a “cookie” ?

 

“Cookies” refers to a set of information placed on users' devices when browsing a website. It usually consists of a file containing an identifier in number, the name of the server that stored it and possibly an expiry date. They are mainly used to :

 

  • Enable technical operations of a website;
  • Collect statistics;
  • Develop a personalized user experience and environment (e.g., when an online service remembers your user profile without you having to log in).

 

What cookies do we use ?

 

We may use cookies to secure your browsing, optimize the functionality of our websites and collect statistics in order to tailor our content to your interests and improve our visibility in search engines. Some cookies are mandatory (“technical” cookies), while others are optional (“analytics” cookies) and are placed only with your consent. The chart below list all of the cookies used on our website:

 

How to uninstall or refuse cookies ?

 

Optional cookies can be refused at the time of first connection in the dedicated banner, then at any time from the website. You can also refuse to accept cookies, including “mandatory cookies” (please note that this may adversely affect your user experience), by using your browser settings. Visit the CNIL website to learn how to configure your browser to control the storage of cookies on your terminal.

 

How to exercise your rights

 

According to Chapter III of the “GDPR” regulation 2016/679 of 27 April 2016, you (i.e., data subjects) have a right of access, rectification, restriction, opposition (on legitimate grounds), portability, limitation and erasure, in relation to all your personal data under the conditions set out in the “GDPR”. Finally, you have the right to object to the processing of your personal data for prospection purposes. We do not process your personal data for that purpose unless we have collected your consent to do so. (N.B : If you are an applicant, we do not process your personal data for prospection under any circumstances). You may exercise your rights by contacting EP2C’s Data Protection Officer (DPO) by email at dpo@fr.ep2c-energy.com or by post to the EP2C DPO, 4 Rue de la Tuilerie, 31130 Balma (France). EP2C requires that all requests relating to the exercise of rights are supported by an official document attesting of the identity of the requester. In the name of transparency and full compliance with its obligations, EP2C hereby informs you that you have the right to lodge a complaint with a national supervisory authority in relation to the data processing detailed above. In France, the relevant authority is the CNIL (Commission Nationale Information et Libertés).

 

Update and changes to the privacy statement

 

This notice might be subject to changes in line with regulatory, legal and case law developments. Any legislative and regulatory developments in data protection and privacy will be taken into account by EP2C and will therefore be incorporated in this document. If you have any comments on this document, please send them to : dpo@fr.ep2c-energy.com

Last updated: 26/02/2025