The CLEVER project will develop a novel set of harmonised emission factors for the transport sector that will be instrumental in the implementation of the CountEmissionsEU initiative.
We are committed to giving you clarity on how we handle your data. CLEVER operates under the names of its partners which include PNO INNOVATION SL, STICHTING SMART FREIGHT CENTRE, ALLIANCE FOR LOGISTICS INNOVATION THROUGH COLLABORATION IN EUROPE (ALICE), INSTITUT FUR ENERGIE- UND UMWELTFORSCHUNG HEIDELBERG GGMBH (IFEU), GREENROUTER SRL, ANONIMI ETAIRIA PERIVALLONTIKON KAI ENERGIAKON MELETON KAI ANAPTIXIS LOGISMIKOU (EMISIA SA), MEO CARBON SOLUTIONS GMBH, ZN, AND THREE O’CLOCK, hereinafter referred to commonly as ‘CLEVER’.
In this Privacy Statement we inform you about our approach to handling and processing of data.
Barcelona, Spain, July 9, 2024
CONTACT DETAILS
Carolina Salas from PNO is the assigned CLEVER project Data Protection Officer (DPO) and thereby the data controller. She is located at C/ París 45-47, 08029 Barcelona, Spain and she can be contacted by e-mail at clever@emissionfactors.eu.
WHO IS THIS PRIVACY STATEMENT APPLICABLE TO?
This Privacy Statement applies to all persons whose personal data is processed by the CLEVER project. Personal data means any data that contains information about persons through which those persons are identifiable.
This Privacy Statement applies to:
- Users of the CLEVER repository.
- Visitors to the website of CLEVER.
- Recipients of newsletters from CLEVER.
- Registered attendees of the events, webinars and training activities organized by CLEVER.
- Applicants to the CLEVER open calls for use cases.
- Potential collaborators with whom CLEVER has made or wants to make contact.
- Members of the CLEVER Expert Forum.
- Any other person who contacts CLEVER or whose personal data is processed by CLEVER.
WHICH DATA DO WE PROCESS?
By processing (personal) data, we mean collecting, recording, organising, storing, updating, modifying, retrieving, consulting, using, providing by means of forwarding, distribution, or any other form of posting, bringing together, linking together, and to protect, erase or destroy your data.
We process data that you have provided to us, personal data generated during your visit to our website and repository and reading newsletters, and personal data that we have derived from other sources, such as business social media repositories and business cards.
The data sets that will be generated and collected are foreseen to belong to the following categories:
Personal data:
- Contact details and other personal data needed to handle your interest in the CLEVER project,
- Contact details (e.g. email address, first name and last name) and other optional personal data (e.g. telephone number, profile picture, position, address, links to social media channels, etc.) entered on contact forms or other web forms, and
- Contact information provided during events, webinars (attendance lists), etc.
You control the personal information to which you allow us to have access through the privacy settings on the applicable social media site and the permissions you give us when you grant us access to your personal information retained by the respective social media site about you.
Interest data:
Data on opinions and knowledge on emission factors and calculation methodologies may be exchanged during the execution of the CLEVER activities (e.g. interviews, surveys, etc.). This data will be provided voluntarily by you to CLEVER only in case these services are of your interest.
Data obtained from other sources:
- personal data available on public business social media repositories such as LinkedIn,
- personal data obtained from the Trade Register of the Chamber of Commerce, and
- personal data available on public business websites, and
- Usage data: personal data collected automatically when using the website, repository, electronic newsletter, and other services. This includes:
- Usage Data such as your devices Internet Protocol address (e.g. IP address), browser type and browser version. Similarly, your surfing behaviour on the website and repository, such as date and time of your visit, the pages viewed and time spent on those pages, unique device identifiers, device type, ID for listing, geo-location information and other diagnostic data.
- Mobile Device data collected automatically when you access the website and repository by or through a mobile device. This includes, but is not limited to the type of mobile device you use, your mobile operating system, the type of mobile internet browser you use, unique device identifiers and other diagnostic data.
- Browser data collected also as your browser sends data whenever you visit and/or access our website and repository by or through a personal computer device. This includes computer and connection information such as statistics on your page views, traffic to and from the sites, referral URL, ad data, and your IP address.
- Newsletter data collected automatically when you open a newsletter you have received from CLEVER, including some behaviour data such as which parts of the newsletter you click.
- Our website and repository may contain hyperlinks to websites of other parties and ‘social media buttons’. CLEVER is not responsible for the content of those websites or the services of referred repositories. Neither is CLEVER responsible for the privacy policy and the use of cookies on those websites and repositories.
WHAT DO WE USE YOUR DATA FOR?
We use the personal information we collect to:
- Deliver CLEVER services by our partners and upon your request, as well as to provide and maintain CLEVER repository services, for instance, by monitoring your use of such services.
- Manage your account and requests, when registering as a user of the CLEVER repository. The personal data you provide can grant you access to different repository functionalities and services that are available as a registered user. Similarly, such personal data can be used to manage and attend your requests to us.
- Support the outreach campaigns by promoting the events, webinars, and other activities of the CLEVER project, including news, special offers and general information about other goods, services and activities offered on the CLEVER repository.
- Send you information mailings, such as the CLEVER project newsletter. There are three ways you may receive the CLEVER project newsletter: (1) you may opt-in to the newsletter via the sign-up form on the CLEVER project website; (2) as a registered user on the CLEVER repository, once you sign up for our repository, we automatically add you to our mailing list; and/or (3) as a registered user for a CLEVER project event, we will automatically add you to our mailing list. You can unsubscribe at any time. As further explained below, the newsletter is sent via Mailchimp, a third-party service provider, with whom we share only your first name, last name, employer and e-mail address.
- Send you CLEVER-related mailings. They include and are not limited to confirmation, notification, updates and general communication mailings related to the project activities. These mailings are essential for the functioning of certain project activities. Other non-essential and optional mailings may include polls, surveys, or similar mailings to help improve the results of the CLEVER project. You can change your CLEVER-related mailing preferences at any time.
- Manage your applications to the Open calls organised by CLEVER, in the event that you have applied to them.
- Improve overall services, marketing campaigns, and your repository experience (usability) through anonymised data analyses that will serve to identify, for instance, usage trends and determine the effectiveness and efficiency of our processes and initiatives.
COMPLIANCE WITH LEGAL OBLIGATIONS
Maintaining contact with you.
Your contact data are kept in EU located relationship management system and may be used for the purpose of sending CLEVER newsletters, updates, invitations to events and webinars and sending information you requested from us in relation to the CLEVER project.
Improving our service information and carrying out targeted outreach campaigns.
Part of our service is to keep you informed with CLEVER information that is relevant to you and your business. To make this possible, we combine and analyse the personal data available with us. On that basis we determine which information are relevant and which moments are most suitable for providing information or establishing contact. In outreach campaigns, we do not process special personal data nor confidential data. Withdraw of consent is always possible.
We analyse the following information:
- Interaction data: Obtain personal data and contact between CLEVER and you. For example, about your use of our website or repository. This also applies to offline interactions, such as how often and when there is contact between CLEVER and you.
- Behavioural data: Personal data that CLEVER processes about your behaviour, such as your preferences, opinions, wishes and needs. We can derive this data from your surfing behaviour on our website and the indication of your interests in the repository, reading our newsletters or by requesting information. But also, through contact, incoming telephone calls and e-mail contact with the CLEVER partners. Information obtained through tracking cookies, we collect and use only with your permission, which you can always withdraw.
- Performing and analysing research on client satisfaction: Sometimes we ask collaborators to cooperate in a client satisfaction survey. This is done through an online questionnaire. Participation is voluntary. Prior to each client satisfaction survey, you will receive further information about the working method and the way we deal with the information gathered.
- Improving and securing our website and repository.
- Creating user statistics. The user statistics of the website and repository enable us to track the number of visitors, the duration of the visit, which parts of the website and repository are being viewed and the click-behaviour. It concerns generic reporting, without information about individuals. We use the information obtained to improve the website and repository and support potential connections between the registered users of the repository.
SECURITY LEVEL
We protect personal data through technical and administrative security measures to minimise the risk of loss, misuse, unauthorised access, disclosure, and modification. You can think of security software such as a virus scanner and firewalls, a secure internet connection, encryption of data and physical and administrative access controls to data and servers. For security reasons, and to protect the transmission of confidential content, such as enquiries that you send to us as the site operator, this site uses SSL or TLS encryption. You can recognize an encrypted connection by the fact that the address line of the browser changes from “http://” to “https://” and by the lock symbol in your browser line. If SSL or TLS encryption is activated, the data you transmit to us cannot be read by third parties.
If you believe your account has been abused, please contact us following the instructions below.
In case of a possible leak of data, our data processor and site administrator will notify us immediately after discovering or becoming aware of any such incident. Following the report of the incident, we will carry out an assessment with our contractors and partners to identify corresponding measures We will inform you about the situation, the gravity of the situation and the solution as soon as possible.
STORAGE OF PERSONAL DATA
We store your personal data in secure and dedicated servers in the EU. In addition, your data is stored in the servers of our Service Providers including but not limited to: MailChimp, Hubspot, Google and Microsoft.
We do not store your personal data for longer than is strictly necessary for the execution of the purposes. If legal regulations apply to the storage, the personal data will not be kept longer than prescribed by law. CLEVER will also retain Usage Data for internal analysis purposes. Usage Data is generally retained for a shorter period of time, except when this data is used to strengthen the security or to improve the functionality of our Service, or we are legally obligated to retain this data for longer time periods. Log files are stored for a period of two weeks, whereas google analytics stores usage data for a period of 14 months. After it is no longer necessary for us to retain your personal information, we dispose of it in a secure manner.
Once you make a public posting, you may not be able to change or remove. Upon your request, we will close your account and remove your personal information from view as soon as reasonably possible, based on your account activity and in accordance with applicable national laws.
LEGAL BASIS OF THE PROCESSING
We process personal data on the basis of one of the following legal grounds:
- Permission: On the basis of an agreement or in the run up to the conclusion of an agreement
- Legal obligation: In connection with a legitimate interest.
A controller may only process personal data if this can be based on one of the limitative enumerated legal grounds in the General Data Protection Regulation.
The legal bases on which CLEVER relies are:
- Permission: If we have requested your permission to process your personal data and you have given this permission, then you also have the right to withdraw this consent.
- Agreement or in the run up to the conclusion of an agreement: If you contact us and request information on innovation or financing consultancy services, we process personal data if and insofar as this is necessary for the execution of the support service.
- Legal obligation: We only provide personal data to supervisors of investigative authorities if this is legally required. We will take measures in such cases that are reasonably necessary to ensure that your personal data is protected as well as possible.
- Justified interest: We may also process personal data if we have a legitimate interest and do not therefore disproportionately infringe your privacy. For example, we use your contact information to invite you for webinars and events related to the CLEVER project.
PROCESSORS
We may use service providers (processors) for the processing of your personal data that only process personal data on our order. These are parties that can be designated as (sub) processors as referred to in the General Data Protection Regulation. We conclude a processor agreement with these processors that meets the requirements set by the General Data Protection Regulation.
SHARE PERSONAL DATA WITH THIRD PARTIES (PROCESSORS)
Sometimes it is necessary to disclose your personal data to employees of the CLEVER partner organisations or share your personal data with third party service providers. Depending on the circumstances of the case, this is necessary to handle your dossier or personal account, to provide you access to specific repository services, to comply with our legal obligations, to facilitate our marketing activities, to prevent, as well as to detect, mitigate, or investigate fraudulent or illegal activities related to our services. All in all, we strive to minimise the amount of personal information we disclose to what is directly relevant and necessary to accomplish the specific purpose. We do not disclose your personal information to third parties for their marketing and/or commercial purposes without your explicit consent – there is no exception to this.
We take all steps reasonably necessary to ensure that your data is treated securely and in accordance with this Privacy Statement. We will never sell your personal data to third parties and do not make automated decisions that could have significant consequences for you. No transfer of your Personal Data will take place to an organization or institution unless there are adequate controls in place including the security of your data and other personal information.
We may disclose your personal information to the following parties and for the following purposes:
Internal parties
Your information, including personal data, may be processed by the employees of the CLEVER partner organisations, when requested to the designated sub-processors for the website and repository, respectively. These individuals are located at the respective offices and/or any other place where the parties involved in the processing are located. This information may be transferred to – and maintained on- computers located outside of your state, province, country or other governmental jurisdiction where the data protection laws may differ than those from your jurisdiction. Your consent to this Privacy Statement followed by your submissions of such information represents your agreement to that transfer.
In the following cases personal data will be provided to internal parties:
- When processing a dossier, it may be necessary to share your personal data with third parties. For example, in probing or asking for funding to a government, or the conclusion of an agreement with further parties.
- If a court decision obliges us to provide personal data to third parties, we will have to comply with this.
- Your personal data will not be shared with third parties for commercial purposes. There is one exception to this. Sometimes we organise a joint activity with another organization, such as an event or webinar. In that case, only the necessary contact details are exchanged.
Service providers and financial institution partners
Your personal data may also be disclosed and/or shared to third party service providers. These are organisations who help us deliver our services and assist us in providing you with personalised information and/or content. These are also organisations who assist us with the prevention, detection, mitigation and investigation of potentially illegal acts, fraud and/or security breaches, bill collection, affiliate and rewards programs, co-branded credit cards and other business operations.
We use the following external services:
- Hubspot for customer relationship management
- Data shared: first name and last name, email, phone number, position at your organisation
- Hubspot’s Privacy Policy: https://legal.hubspot.com/privacy-policy
- MailChimp for sending and tracking our CLEVER project newsletter
- Data shared: first name, last name, company name and email
- MailChimps Privacy Policy: https://mailchimp.com/legal/privacy/
- Microsoft Office 365 Suite for our day-to-day business activities, including Outlook for email, and
- SharePoint and One Drive for storage.
- Data shared: first name, last name, email, phone number, position at your company
- Microsoft’s Privacy Statement: https://privacy.microsoft.com/en-us/privacystatement
Law enforcement, legal proceedings, and as authorised by law
We may release your data:
- To comply with legal requirements, respond to claims that a listing or other content violates the rights of other or protect anyone’s rights.
- To law enforcement or governmental agencies, or authorized third-parties, in response to a verified request relating to a criminal investigation or alleged or suspected illegal activity or any other activity that may expose us, you, or any other of our users to legal liability. We will only disclose information we deem relevant to the investigation or inquiry, such as name, city, state, postcode, telephone number, email address, User ID history, IP address, fraud complaints, or bidding and listing history.
- To third parties involved in a legal proceeding, if they provide us with a subpoena, court order or substantially similar legal procedure, or we otherwise believe in good faith that the disclosure of information is necessary to prevent imminent physical harm or financial loss or to report suspected illegal activity.
Change of ownership
Personal data can also be provided to third parties, in the event of a reorganisation or merger of any of the companies of the CLEVER project or sale of (a part of) these companies. Should such an event occur, we will require that the new (combined) entity(ies) follow this Privacy Statement with respect to your personal information. If your personal information is collected, used, disclosed, or retained for any purposes not covered in this Privacy Statement, you will receive prior notification of the processing of your personal information for the new purposes.
Similarly, changes may occur in the partnership structure of the CLEVER consortium after the end of the EU-funded project period (December 2026), as a sub-set (if not all) of the partners will continue with the provision of CLEVER repository services and activities on a commercial basis. Should such an event occur, we will make the necessary changes to this privacy statement and will inform you accordingly and in a timely manner, ensuring that your data is handled and processes in the most appropriate manner at all times.
TRANSFER OUTSIDE THE (EUROPEAN ECONOMIC AREA) EEA
Under the General Data Protection Regulation, personal data may only be passed on to parties outside the EEA when an appropriate level is guaranteed for the protection of the personal data or when a specific deviation applies. We may pass on personal data to a party outside the EEA only when necessary for the execution of the CLEVER project.
IF YOU HAVE QUESTIONS ABOUT YOUR PERSONAL DATA
Every person can exercise certain rights with respect to his or her personal data on the basis of the law. This gives you the right to inspect, rectify and delete personal data. You can also object to the use of your data or request that the use is restricted. In certain cases, you can request your data and take it to another party. For all these questions contact us by email via clever@emissionfactors.eu.
COMPLAINTS
If you have complaints about how we handle your personal data, you can contact us by sending a mail to clever@emissionfactors.eu. We are happy to help you find a solution within a period of four weeks after receiving your request. If that does not work, you can always contact the Spanish Data Protection Authority.
CHANGES
Developments go fast and as a result, there may also be changes in the personal data we request from you and the way in which we use your personal data. Regulations can also change. In that case, we will update this Privacy Statement. We therefore invite you to regularly check the Privacy Statement so that you are kept informed. In the event of major changes, we will also make you aware of this via our website.