When you use our simulator, all data entered and calculations performed remain strictly on your browser. We do not collect any personal information related to your responses, unless you voluntarily choose to provide your email address. In this case, your simulation data may be saved on our servers, solely for the purpose of allowing you to retrieve it later.
We anonymously collect certain navigation data — such as pages visited or visit duration — exclusively for the purpose of improving the simulator's functionality and ergonomics. Cookies may be used to ensure the proper functioning of the site and measure its audience. You can consult the list of cookies used and associated data below on this page.
Privacy Policy
Updated on 17/07/2025
The French Environment and Energy Management Agency, a public industrial and commercial establishment whose headquarters is located at 20, avenue du Grésillé 49000 Angers (hereinafter "ADEME"), attaches great importance to the protection of Personal Data that it has to collect and process as data controller, within the framework of the Nos Gestes Climat website activity (hereinafter the "Site").
Thus, the collection and Processing of Personal Data carried out by ADEME within the framework of the operation of its activity and the use of its products or services, its information or communication websites, its databases, its web applications, potentially requiring account creation and allowing user/application interaction and its mobile applications are governed by this data protection policy (hereinafter referred to as the "Policy").
All Personal Data Processing implemented within the framework of accessible Services complies with applicable regulations on personal data protection and in particular the provisions of the "Informatique et libertés" law of January 6, 1978 as amended and the General Data Protection Regulation (EU Regulation 2016/679) ("GDPR").
To ensure the proper application of these rules, ADEME has designated a Data Protection Officer who is the privileged relay of the National Commission for Information Technology and Civil Liberties ("CNIL"). ADEME also implements appropriate internal procedures to raise awareness among its employees and ensure compliance with these rules within its organization.
This Policy aims to present to Data Subjects as defined below:
- the manner in which ADEME processes Personal Data, as defined below, that it collects and that Data Subjects, as defined below, provide with their consent or on the basis of any other legal basis to enable the provision of ADEME Products or Services in particular;
- the rights of Data Subjects;
- any beneficiaries of data transfers.
Data Subjects are thus invited to read this Policy carefully to know and understand ADEME's practices regarding Personal Data Processing that ADEME implements.
1. Definitions
Terms used with a capital letter have the definition given to them below.
Terms have the same definition whether used in singular or plural.
- "Personal Data" refers to any information relating to an identified or identifiable natural person.
- "Data Subject(s)" refers to a natural person who can be identified, directly or indirectly, in particular by reference to an identifier, such as a name, an identification number, location data, an online identifier, or to one or more specific elements of their physical, physiological, genetic, mental, economic, cultural or social identity.
- "Products" refers to ADEME's products.
- "Data Controller" refers to ADEME which is the legal person who, alone or jointly with others, determines the purposes and means of processing.
- "Services" refers to services provided by ADEME.
- "Sites" refers to all web pages and resources accessible on the Internet.
- "Processing" refers to any operation or set of operations performed or not using automated processes and applied to personal data or sets of personal data, such as collection, recording, organization, structuring, storage, adaptation or modification, extraction, consultation, use, communication by transmission, dissemination or any other form of making available, comparison or interconnection, limitation, erasure or destruction.
2. What are ADEME's commitments regarding Personal Data protection?
ADEME undertakes to guarantee a high level of protection of Personal Data of Data Subjects who use its Sites and other Products or Services and of any other person whose Personal Data it processes.
ADEME undertakes to comply with applicable regulations (notably articles 5 and 6 of the GDPR) for all Personal Data Processing that it implements. More particularly, ADEME undertakes in particular to respect the following principles:
- Personal Data is processed lawfully, fairly and transparently (lawfulness, fairness, transparency);
- Personal Data is collected for determined, explicit and legitimate purposes, and is not subsequently processed in a manner incompatible with these purposes (purpose limitation);
- Personal Data is kept adequately, relevantly and is limited to what is necessary in relation to the purposes for which it is processed (data minimization);
- Personal Data is accurate, kept up to date and all reasonable measures are taken to ensure that inaccurate data, having regard to the purposes for which it is processed, are erased or rectified without delay (accuracy).
ADEME implements appropriate technical and organizational measures to guarantee a level of security adapted to the risk inherent in its Processing operations, meet regulatory requirements and protect the rights and Personal Data of Data Subjects from the design of Processing operations.
Furthermore, ADEME contractually imposes the same level of Personal Data protection on its subcontractors (service providers, suppliers, etc.).
Finally, ADEME undertakes to respect any other principle imposed by applicable regulations on Personal Data protection, and more precisely concerning the rights conferred on Data Subjects, the retention periods of Personal Data as well as obligations relating to cross-border transfers of Personal Data.
3. What are the categories of Personal Data collected?
In the context of using its products or services as well as its websites, several types of Personal Data may be collected by ADEME.
Mainly, the data collected corresponds to the following categories:
- identification data: name, first name, pseudonym, date of birth;
- contact data: postal address, simulation region, email address.
- Data relating to transport habits (type of vehicle, type of transport mode, distances traveled, ownership, type of car)
- Data relating to housing (ownership, surface area)
- Data relating to consumption (food, purchases)
4. Means of collecting Personal Data
Data Subjects may communicate their Personal Data to ADEME through various means and in particular on the Sites during internet navigation and through Products or Services, by filling out various collection forms, when subscribing to a newsletter, when creating an account, when submitting an application, when contacting ADEME or when transmitting Personal Data in other circumstances.
5. Processing purposes and legal bases
For temporary and specific partnerships (contests, prizes to be won), ADEME's partners receive only email and identification data to contact winners and provide them with their prizes
6. How long is personal data retained?
The purposes of Personal Data Processing carried out by ADEME are based on the following legal bases: contractual execution, consent of Data Subjects, ADEME's legal and regulatory obligations, its legitimate interest or public interest mission.
The purposes associated with each legal basis are listed below:
- Based on the execution of pre-contractual measures taken at the request of Data Subjects and/or on the execution of the contract they have entered into, ADEME implements Processing pursuing the following purposes:
- management of the relationship of Site users with ADEME, including:
- creation of a user account;
- use of sites and services;
- management of communications and monitoring of exchanges with users.
- management of the relationship of Site users with ADEME, including:
- Based on the consent of Data Subjects, ADEME implements Processing pursuing the following purposes:
- provision of personalized Services, such as announcements, newsletters, training, etc.;
- provision of optional Services such as interactive discussion spaces or chats;
- management of user participation in games and contests;
- management of cookies subject to consent (notably via Google which allows better management of our expenses and targeting).
- Based on compliance with its legal and regulatory obligations, ADEME implements Processing pursuing the following purposes:
- development of Products and Services to facilitate the completion of administrative formalities necessary for processing requests from internet users and users;
- management of responses to official requests from public or judicial authorities authorized for this purpose;
- compliance with regulations applicable to our activity;
- management of requests for exercise of rights.
- Based on its legitimate interests, ADEME implements Processing pursuing the following purposes:
- development and improvement of new Products or Services and offers of Products or Services to internet users and/or benefiting the public;
- fight against fraud, abuse, including also the management of consequences of this fraud or abuse;
- management of security breaches or any technical problem encountered by Products or Services;
- carrying out commercial prospecting operations aimed at professionals;
- management of clients or employees within a group of companies for internal administrative management purposes;
- management of user information requests and complaints;
- establishment of any means of proof necessary for the defense of ADEME's rights;
- management of cookies not subject to consent.
- Based on the public interest mission, ADEME implements Processing pursuing the following purposes:
- Management of aid requests to facilitate the completion of administrative formalities necessary for processing user requests;
- management of communications and monitoring of exchanges with users;
- compliance with regulations applicable to our activity.
In the context of temporary and specific partnerships (contests, prizes to be won), ADEME's partners receive only email and identification data to contact the winners and provide them with the prizes.
6. How long is Personal Data retained?
ADEME undertakes to retain Personal Data of Data Subjects for a period not exceeding that necessary for the accomplishment of the purposes for which it is processed, increased by the legal limitation period. Furthermore, ADEME retains Personal Data of Data Subjects in accordance with retention periods imposed by applicable laws in force, where applicable.
More precisely, ADEME organizes its data retention policy as follows:
| PURPOSES | RETENTION PERIODS |
|---|---|
| Management of ADEME Site users relationship | Data is retained for the entire duration of the contractual relationship: user account lifetime or last incoming contact (login or modification to personal space), increased by the legal limitation period. The limitation period for common law in civil and commercial matters is five (5) years from the end of the contract. |
| Provision of personalized Services | Data is retained for three (3) years from the last incoming contact |
| Provision of optional Services | Data is retained for three (3) years from the last incoming contact |
| Management of user participation in games and contests | Data is retained for three (3) years from the last incoming contact |
| Development of Products and Services to facilitate the completion of administrative formalities necessary for processing requests from internet users and users | Data is retained for the entire duration of the completion of administrative formalities, increased by the legal limitation period. The limitation period for common law in civil and commercial matters is five (5) years from the end of the contract. |
| Management of responses to official requests from public or judicial authorities authorized for this purpose | Data is retained for the entire duration of the authorities' investigation. |
| Management of requests for exercise of rights | Data is retained for one (1) or six (6) years, depending on the right exercised. |
| Fight against fraud, abuse | Data may be retained for up to twelve (12) months from the issuance of alerts before being qualified. Alerts qualified as irrelevant or unqualified after the twelve (12) month period are deleted. Qualified alerts are retained for a maximum period of five (5) years from the closure of the fraud file. For persons registered on a list of proven fraudsters, data concerning them is deleted after the five (5) year period from the date of registration on this list. If legal proceedings have been initiated, data is retained until the end of the legal proceedings, increased by the legal limitation period. The limitation period for common law in civil and commercial matters is five (5) years from the end of the contract. |
| Management of security breaches | IT traces are retained for thirteen (13) months. |
| Carrying out commercial prospecting operations aimed at professionals | Data is retained for three (3) years from the last incoming contact. |
| Management of clients or employees within a group of companies for internal administrative management purposes | Data is retained for the entire duration of the contractual relationship, increased by the legal limitation period. The limitation period for common law in civil and commercial matters is five (5) years from the end of the contract. |
| Management of user information requests and complaints | In case of contractual relationship with ADEME, data is retained for the entire duration of the contractual relationship, increased by the legal limitation period. The limitation period for common law in civil and commercial matters is five (5) years from the end of the contract. In case of absence of contractual relationship with ADEME, data is retained for three (3) years from the last incoming contact. |
| Establishment of any means of proof necessary for the defense of ADEME's rights | In case of contractual relationship with ADEME, data is retained for the entire duration of the contractual relationship, increased by the legal limitation period. The limitation period for common law in civil and commercial matters is five (5) years from the end of the contract. In case of absence of contractual relationship with ADEME, data is retained for three (3) years from the last incoming contact. |
| Cookie management | Your cookie choices are retained for 6 months. Data collected through cookies is retained for 25 months. This allows us to analyze the evolution of your footprints over time. |
7. Who is likely to have access to Data Subjects' Personal Data?
Categories of recipients of Data Subjects' Personal Data
The data collected on ADEME's Sites and Products or Services and by any other means may be communicated to:
- ADEME's authorized personnel, its partners or its service providers, in the context of carrying out all or part of services;
- city and community agents, company managers creating organizational campaigns.
Cross-border data transfers outside the European Union
Some of the recipients mentioned above may be established outside the European Union and have access to all or part of the personal information collected by ADEME due to a specific legal authorization.
In this context, ADEME undertakes to guarantee the protection of Data Subjects' Personal Data in accordance with the strictest rules, in particular through the signature, on a case-by-case basis, of contractual clauses based on the European Commission model, or any other mechanism compliant with the GDPR, as soon as Data Subjects' Personal Data is processed by a service provider outside the European Economic Area and whose country is not considered by the European Commission as ensuring an adequate level of protection.
In any case, ADEME undertakes to inform Data Subjects in advance in case of data transfer outside the European Union.
7.1 Subcontractors
| Partner | Destination Country | Hosting Country | Processing Performed | Guarantee |
|---|---|---|---|---|
| Scalingo | France | France | Site hosting | https://scalingo.com/legal-notice |
| Scalingo | France | France | Database | https://scalingo.com/legal-notice |
| United States | United States | Audience measurement | https://policies.google.com/privacy | |
| Posthog | United States | United States | Audience measurement | https://posthog.com/privacy |
| Matomo | France | France (self-hosted or EU server) | Audience measurement | https://matomo.org/privacy-policy/ |
| Crisp | France | France (Scaleway, OVH or AWS Paris) | Messaging / Support | https://crisp.chat/fr/privacy/ |
| Tally | Belgium | Europe / Ireland (AWS) | Online forms | https://tally.so/help/privacy-policy |
| Youtube | United States | United States | Video playback | https://policies.google.com/privacy |
7.2 Cookies
1. Preamble
To allow internet users to benefit from the services offered by the Nos Gestes Climat website (hereinafter the "Site") such as its consultation, the optimization of its use or its personalization according to the internet user, the Site uses cookies. You can at any time deactivate the cookies to which you have consented, and this free of charge, from the deactivation possibilities offered to you and recalled above.
2. Definitions
Cookies are information relating to the navigation of your terminal (computer, tablet, smartphone, etc.) on the Site. They are used to send information to your browser and allow this browser to return information to the Site (for example a session identifier or the choice of a language).
Only the issuer of a cookie can read or modify the information it contains. There are different types of cookies:
-
session cookies that disappear as soon as you leave the Site;
-
permanent cookies that remain on your terminal until their lifetime expires or until you delete them using your browser's features.
You are informed that, during your visits to this Site, cookies may be installed on your terminal equipment.
3. Purposes of cookies used
Cookies are used on the Site for different purposes, to facilitate your navigation, to offer you personalized content or to carry out visit statistics.
The Site uses navigation cookies essential for the use of the Site. They have the exclusive purpose of technical network management and enabling or facilitating electronic communication (detection of connection errors, identification of connection points...).
The Site uses preference cookies, to offer you navigation according to your profile (companies, communities/institutional/journalist) and allow you to access Site content more easily. Preference cookies also allow you to store content in favorites on some of our sites.
The Site also uses authentication cookies, essential to allow you to access your personal space from different sites;
Finally, the Site also uses performance cookies, for the purpose of:
-
analyzing the traffic and use made of the Site, in order to:
-
evolve it towards improving the navigation experience, with the final objective of offering you a Site that is always more adapted;
-
carry out statistical studies;
-
memorize your browser's display preferences (language used, display settings, operating system used, etc.) and adapt the Site's presentation during your visits, according to the materials and software for visualization or reading that your terminal equipment includes and which are used for navigation on the Site;
-
implement security measures;
-
-
improve the relevance of advertisements broadcast on the Site;
-
make the Site more user-friendly and interactive
| Cookie Category | Cookie Name | Retention Period | Purposes | Publisher | Destination |
|---|---|---|---|---|---|
| Tag and behavior management and tracking | Posthog | 13 months | Conversion analysis | Posthog | United States |
| Tag and behavior management and tracking | Google Tag Manager | 13 months | Behavioral tracking analysis | United States | |
| Tag and behavior management and tracking | Matomo | 13 months | Anonymized audience measurement | Matomo & ADEME | France |
| Audience measurement | Google Tag Manager | 13 months | Audience measurement | United States | |
| Audience measurement | Google Ads | 13 months | Audience measurement | United States | |
| User preference | Language/region change | Session | Conservation of language preferences | Internal / CMS | France / EU |
| Service functionality | Crisp (chat) | Until session closure | User support | Crisp | France |
| Form collection | Tally | 13 months | Form response collection | Tally | Belgium / EU |
| Session cookie | Session cookie | Session | User session maintenance | Internal | France / EU |
| Video playback / third-party trackers | YouTube | Up to 13 months | Video playback, advertising tracking | Google / YouTube | United States |
See the complete list of Matomo cookies https://matomo.org/faq/general/faq_146/
Nos Gestes Climat uses the Matomo audience measurement solution configured in "exempt" mode, in accordance with CNIL recommendations. It therefore does not require the consent of data subjects. You can nevertheless object to the tracking of your navigation by unchecking the box below.
See also the complete list of Posthog cookies: https://www.cookie.is/service/posthog-analytics#
To go further, you can consult the sheets proposed by the National Commission for Information Technology and Civil Liberties (CNIL):
8. How are the rights recognized to Data Subjects exercised?
In accordance with the GDPR, Data Subjects can, at any time, exercise their rights of access, rectification, deletion of data concerning them as well as their rights of limitation and opposition to Processing and portability of their Personal Data by sending an email to contact@nosgestesclimat.fr
Furthermore, when Personal Data Processing implemented by ADEME is based on the consent of Data Subjects, the latter can withdraw it at any time. ADEME will then cease to process Data Subjects' Personal Data without the previous operations for which Data Subjects had consented being called into question.
In addition, Data Subjects may legally have the right to define post-mortem directives relating to the retention, erasure and communication of their Personal Data, and this with a trusted third party, certified and responsible for respecting their will, in accordance with the requirements of the applicable legal framework.
Furthermore, any minor at the time of collection of their Personal Data may obtain its erasure as soon as possible.
Data subjects may request to exercise their right to object to Personal Data Processing concerning them for reasons relating to their particular situation when the Processing is based on ADEME's legitimate interest. This right of opposition also applies to profiling.
In case of exercise of such a right of opposition, ADEME will cease processing except when there are legitimate and compelling reasons for Processing that prevail over the interests, rights and freedoms of Data Subjects or for the establishment, exercise or defense of a right in court.
Data Subjects may also object to any processing related to prospecting without it being necessary to invoke reasons relating to their particular situation.
Under the right of access, ADEME may request Data Subjects to pay reasonable fees based on administrative costs for any additional copy of data to that which will be communicated.
These rights are exercised by postal mail to the following address:
ADEME
Data Protection Officer
20, avenue du Grésillé — BP 90406
49004 Angers Cedex 01
or by Email to the following address: rgpd@ademe.fr
You also have the right to refer to the National Commission for Information Technology and Civil Liberties for any complaint
In this context, it is requested to please accompany the requests with the elements necessary for identification (name, first name, email) of Data Subjects as well as any other information necessary to confirm their identity.
For certain specific Services, these rights may be exercised directly online (management of your user account, management of your subscriptions to newsletters, news, etc.).
In case of violation of applicable regulations on Personal Data protection, Data Subjects also have the right to complain to the National Commission for Information Technology and Civil Liberties on French territory:
CNIL
3 place de Fontenoy - TSA 80715
75334 Paris cedex 07
tel.: 01 53 73 22 22
or at the following address, and this without prejudice to any other administrative or judicial recourse.
9. Information security / transaction security
ADEME implements all useful technical and organizational measures, considering the nature, scope and context of the Personal Data you communicate to us and the risks presented by their Processing, to preserve the security of your Personal Data and, in particular, prevent any destruction, loss, alteration, disclosure, intrusion or unauthorized access to this data, accidentally or unlawfully.
The security and confidentiality of Personal Data depend on everyone's good practices. This is why Data Subjects are invited not to communicate their passwords to third parties, to systematically disconnect from their profile and their social account (especially in case of linked accounts) and to close their browser window at the end of their work session, particularly if internet access is made from a computer shared with other people.
10. Personal Data concerning minors
ADEME does not collect or process Personal Data relating to children under 16 years of age without prior agreement from parents or holders of parental responsibility for the child.
If Personal Data concerning children is collected via ADEME's Site and/or via Services or Products, parents or holders of the exercise of parental authority have the possibility to object by contacting ADEME at the address indicated above.
Furthermore, as stated above, the minor child at the time of collection of their Personal Data may obtain its erasure as soon as possible.
11. Links to access other sites
On several pages of ADEME's Sites it is possible to click to access other internet sites of other companies. ADEME recommends reading these sites' policy regarding Processing and protection of Personal Data, because the conditions on these sites may differ from those applicable on ADEME's Sites and the latter will in no case be responsible for the Processing of Personal Data by these other internet sites.
12. Modifications
ADEME reserves the right to adapt this Policy.
If ADEME makes a modification to this Policy, it will publish the new version on the relevant supports and update the "last update" date appearing at the top of this Policy.
ADEME therefore invites you to regularly consult the relevant supports where the Policy is published.