PFAN Privacy Statement

Privacy Statement – for Applicants/Entrepreneurs

 

REEEP – the Executing Agency of the Private Financing Advisory Network (PFAN) – is committed to protecting your personal data. REEEP processes personal data in compliance with the EU’s General Data Protection Regulation. All information that you provide to REEEP, e.g. by completing online registration and application forms and uploading supporting documents in Climate Invest, is stored on a secure IT infrastructure.

This privacy statement sets out our privacy policy and explains what happens with personal data that we collect from our users. If you have any questions or concerns regarding this statement, feel free to reach out using the contact details below.

In addition, PFAN and its partners in the PFAN Programme respect the confidentiality of all information submitted with each Application. These documents and data will not be copied for any purposes other than for the use during the application process. Once a project is selected, confidentiality terms will be covered in the respective coaching contract.

 

What is the legal basis for processing your personal data?

During the application process, you will be requested to give consent to the processing of your personal data by REEEP, in line with this privacy statement.

Please note that your consent is necessary to apply for and to receive support from PFAN. If you do not give your consent, you may not submit a PFAN application, because PFAN would not be allowed to process your application further. You may withdraw your consent at any time – however, this may also hinder the possibility to receive support from the PFAN network, if processing and transferring the data is necessary to prepare or administer this support.

 

What personal data does REEEP process about you and why?

As the Executing Agency of the Private Financing Advisory Network (PFAN), REEEP processes personal data of PFAN Network Members, Project Developers, PFAN Coordinators, and external evaluators.

The data processed via Climate Invest belongs to the following categories: contact details (such as full name, physical address, e-mail, phone number, and Skype ID), affiliated organisation, gender and nationality, CV, data on competencies and experience, personal data related to projects and names of associated investors and shareholders.

This personal data is processed for various purposes of PFAN programme management: administration of contact data, selection of PFAN Network Members for assignment to Project Developers, administrative tasks related to programme and project implementation, investor outreach, as well as programme monitoring and evaluation.

 

Will REEEP disclose any of your personal data?

For the purposes of PFAN programme management, it is indispensable that certain data is shared with the following third parties: PFAN Coordinators (Global, Regional and Country Coordinators) and affiliated personnel, Members of the Technical Committee, Members of the Investment Facilitation Team, PFAN Network Members, UNIDO personnel, external evaluators, external partners and judges.

All data recipients are committed to the highest standards in dealing with personal data – independent of their location. Nevertheless, we are legally obliged to inform you that a level of protection comparable to one under the GDPR cannot be guaranteed in third countries or international organisations due to the absence of an adequacy decision and appropriate safeguards.

Since PFAN operates at an international level and its Trust Fund and investor outreach efforts are managed by UNIDO, many of the above-mentioned data recipients and IT system suppliers are based in third countries or are representatives of international organisations:

Climate Invest is a system hosted by FLUXX, a company based in the USA. The FLUXX privacy policy is available here: https://www.fluxx.io/privacy-policy. REEEP has concluded a data processing agreement with FLUXX, which includes further details related to the protection of personal data.

PFAN Coordinators and affiliated personnel, Members of the Technical Committee and Members of the Investment Facilitation Team receive project application data and documents, including details on personal data, for the purpose of evaluating the project and providing support within their respective regions, as applicable.

PFAN Network Members receive project application data and documents, including details on personal data, for the purpose of assignment and contracting of coaching services. Once the contract is signed, the confidentiality of the data is further embedded into the contractual service agreement among the respective parties.

UNIDO personnel dedicated to the PFAN programme and certain members of UNIDO operations (including procurement and finance) have access to shared systems (including Climate Invest and Customer Relationship Management systems), which contain project application data and documents, including details on personal data. The reason for their access is only for the purpose of processing PFAN funding contracts, required monitoring and reporting under these contracts, and investor outreach activities.

External evaluators and external partners of PFAN receive project application data and documents, including details on personal data, for the purpose of evaluating the project and providing support within their respective regions, as applicable, and when providing support to PFAN events.

Judges receive project application data and documents, including details on personal data, for the purpose of project evaluation during the PFAN Investment Forum.

 

For how long will REEEP store your personal data?

Personal data related to the PFAN network and stakeholder engagement is deleted if there has not been any contact with the network member/stakeholder for eight years, unless erasure is requested earlier.

Personal data related to project proposals and supported projects is stored for the period foreseen in the contract between REEEP and the funder of the PFAN programme. Beyond this data, data is only stored with the consent of the persons concerned.

If you withdraw your consent to data processing, your personal data will be deleted, unless there is another lawful reason – such as a legal obligation – to keep it further.

 

What are your rights under the General Data Protection Regulation?

Right to request access: you may contact us at any time to access to the personal data we keep about you, as well as further information related to the processing of this data

Right to request rectification: If we keep any personal data which is inaccurate or incomplete, you may ask us to correct this data

Right to request erasure: You also have the right to request the erasure of your personal data.

Right to withdraw consent: If you have given us the consent to process your personal data, but you change your mind, you may withdraw your consent at any time.

Right to data portability

Under GDPR, you also have the right to lodge a complaint with the supervisory authority. The competent supervisory authority in Austria is the “Austrian Data Protection Authority” (https://www.data-protection-authority.gv.at/)

Privacy Statement – for Network Members

 

REEEP – the Executing Agency of the Private Financing Advisory Network (PFAN) – is committed to protecting your personal data. REEEP processes personal data in compliance with the EU’s General Data Protection Regulation. All information that you provide to REEEP, e.g. by submitting your data information by emails and through this website, is stored on a secure IT infrastructure. This privacy statement sets out our privacy policy and explains what happens with personal data that we collect from our users. If you have any questions or concerns regarding this statement, feel free to reach out using the contact details below. In addition, PFAN and its partners in the PFAN Programme respect the confidentiality of all information submitted with each email or through this website. The respective documents and data will not be copied for any purposes other than for the use regarding the execution of the PFAN programme and for publicising your services on our website, as agreed in this policy.

 

What is the legal basis for processing your personal data?

For all those applying to become a PFAN Network Member: The legal basis for processing your personal data is your consent. Please note that in order for PFAN to publish certain personal data from you and that of your company, including logo, on our website, your consent via email with respect to the specific data and logo is necessary.

 

What personal data does REEEP process about you and why?

As the Executing Agency of the Private Financing Advisory Network (PFAN), REEEP processes personal data of PFAN Network Members. The data processed via this website or emails, may include the following categories: contact details (such as full name, physical address, e-mail, phone number, and Skype ID), affiliated organisation, gender and nationality, CV, data on competencies and experience, personal data related to projects and names of associated investors and shareholders. This personal data is processed for various purposes of PFAN programme management: administration of contact data, selection of PFAN Network Members for assignment to Project Developers, administrative tasks related to programme and project implementation, investor outreach, as well as programme monitoring and evaluation.

 

Will REEEP disclose any of your personal data?

For the purposes of PFAN programme management, it is indispensable that certain data is shared with the following third parties: PFAN Coordinators (Global, Regional and Country Coordinators) and affiliated personnel, Members of the Technical Committee, Members of the Investment Facilitation Team, PFAN Network Members, UNIDO personnel, external evaluators, external partners and judges. All data recipients are committed to the highest standards in dealing with personal data – independent of their location. Nevertheless, we are legally obliged to inform you that a level of protection comparable to one under the GDPR cannot be guaranteed in third countries or international organisations due to the absence of an adequacy decision and appropriate safeguards. Since PFAN operates at an international level and its Trust Fund and investor outreach efforts are managed by UNIDO, many of the above-mentioned data recipients and IT system suppliers are based in third countries or are representatives of international organisations:

Climate Investis a system hosted by FLUXX, a company based in the USA. The FLUXX privacy policy is available here: https://www.fluxx.io/privacy-policy. REEEP has concluded a data processing agreement with FLUXX, which includes further details related to the protection of personal data.

PFAN Coordinators and affiliated personnel, Members of the Technical Committee and Members of the Investment Facilitation Team receive project application data and documents, including details on personal data from Project Developers and respective Network Member assigned to coach such project, and also from all available Network Members, for the purpose of evaluating the projects, assigning coaching contracts and providing support within their respective regions, as applicable.

PFAN Network Members may receive documents with certain personal data from other Network Members whist participating in joint events and in relation to collaboration under certain coaching contracts. Once a contract is signed among the parties, the confidentiality of the data is further embedded into the contractual service agreement among the respective parties.

UNIDO personnel dedicated to the PFAN programme and certain members of UNIDO operations (including procurement and finance) have access to shared systems (including Climate Invest and Customer Relationship Management systems), which contain project application data and documents, including details on personal data from the Project Developer and Network Member coaching such project, and in some cases from all available Network Members. The reason for their access is only for the purpose of processing PFAN funding contracts, required monitoring and reporting under these contracts, and investor outreach activities.

External evaluators and external partners of PFAN receive project application data and documents, including details on personal data from both Project Developers and Network Members considered for coaching of such project, only for the purpose of evaluating the project and providing support within their respective regions, as applicable, and when providing support to PFAN events.

Judges receive project application data and documents, including details on personal data from both Project Developers and Network Member coaching such project, for the purpose of project evaluation during the PFAN Investment Forum.

 

For how long will REEEP store your personal data?

Personal data related to the PFAN Network Members is deleted if there has not been any contact with the Network Member/stakeholder for eight years, unless erasure is requested earlier. Personal data related to project proposals and supported projects (including personal data from both Project Developer and Network Member coaching such projects) is stored for the period foreseen in the contract between REEEP and the funder of the PFAN programme. Beyond this data, data is only stored with the consent of the persons concerned. If you withdraw your consent to data processing, your personal data will be deleted, unless there is another lawful reason – such as a legal obligation – to keep it further.

 

What are your rights under the General Data Protection Regulation?

Right to request access:you may contact us at any time to access to the personal data we keep about you, as well as further information related to the processing of this data

Right to request rectification:If we keep any personal data which is inaccurate or incomplete, you may ask us to correct this data

Right to request erasure:You also have the right to request the erasure of your personal data.

Right to withdraw consent:If you have given us the consent to process your personal data, but you change your mind, you may withdraw your consent at any time.

Right to data portability

Under GDPR, you also have the right to lodge a complaintwith the supervisory authority. The competent supervisory authority in Austria is the “Austrian Data Protection Authority” (https://www.data-protection-authority.gv.at/)

 

How can I contact REEEP?

In case of any questions or requests regarding this privacy policy, please contact:

Renewable Energy & Energy Efficiency Partnership (REEEP)

International Secretariat

Wagramer Strasse 5 (Vienna International Centre, Room D-1861)

A-1400 Vienna

Austria

data-protection@reeep.org

Phone: +43-1-26026-3425

 

Where can I find further information about GDPR?

Background information on GDPR is available at https://eugdpr.org.

To check out individual GDPR clauses, please go to https://gdpr-info.eu/.

Privacy Notice

 

The controller of this website is:

Renewable Energy & Energy Efficiency Partnership (REEEP)
International Secretariat
Wagramer Strasse 5 (Vienna International Centre, Room D-1861)
A-1400 Vienna
Austria
data-protection@reeep.org
Phone: +43-1-26026-3425

 

The protection of your personal data is very important to us. Therefore we process your data exclusively on the basis of the legal regulations (GDPR, DSG, TKG 2003). In this privacy policy we inform you about the most important aspects of data processing within our website.

 

Which data we process

When visiting this website, the following information is processed: The date and time of access to a page on our website, your IP address, name and version of your web browser, the website (URL) that you visited before, certain cookies (see there) and the information that you provide (contact or any other form). There is no obligation to actually provide the data that we ask for. If you do not transmit certain data, you will not be able to use all functions of the website.

 

Purposes of data processing

Your personal data will be processed for the following purposes:

 

  • to provide, improve and develop this website;
  • to create usage statistics;
  • to detect, prevent and investigate attacks on our website;
  • to respond to your requests;
  • to avoid spam

 

Legal basis of processing

The legal basis for the processing of your personal data is an legitimate interest (in accordance with Article 6 (1) lit f of the EU General Data Protection Regulation), which is to achieve the purposes set out above.

Furthermore your data may be used to fulfill a contract or to carry out pre-contractual measures and to fulfill legal obligations, such as accounting. If necessary we will ask you for an explicit consent.

 

Contact

If you contact us by e-mail or contact form, your data will be stored for six months to process the request and in case of follow-up questions. We will not share this information without your consent.

 

Cookies

Our website uses cookies. These are small text files that are stored on your device by your browser. Session cookies contain no personal information (such as IP addresses) and are automatically deleted after your visit to the site. Some cookies remain stored on your device to make our offer user-friendly. You can prevent the setting of cookies in the settings of your Internet browser or you can allow the setting of specific cookies only. With the deactivation of cookies, the functionality of our website may be limited.

Here you can manage your 

[cookie_settings]

Hosting and Log Files

To operate this website we need hosting services like infrastructure and platform services, computing capacity, storage, database services, security and maintenance services. We / our hosting provider process(es) the data of our website visitors like contact data, content data, usage data, meta and communication data on basis of our legitimate interest in a satisfactory and secure website offer. For the same reason we / our hosting provider process(es) so called server log files (e.g. website calls, files, time of call, amount of data, browser and operating system information, website referrers, IP addresses, user`s provider). Log files are stored for security reasons (misuse or fraud detection) for a maximum of 12 months. If necessary (Incident handling), data may also be stored longer. We have concluded a data processing contract with the hosting provider.

 

Web analysis and analysis cookies

Our website uses features of Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland. For this purpose, cookies are used that allow an analysis of the use of the website by its users. The information generated thereby is transmitted to the servers of the provider in the U.S.A. and stored there. Your IP address is recorded but immediately anonymized by deleting the last number block. As a result, only a rough localization is possible. You can prevent this by setting up your browser so that no cookies are stored.

We process your data due to the legal regulations: § 96 Abs 3 TKG, Art 6 (1) lit. a (consent) and / or lit. f (legitimate interest) GDPR. Our legitimate interest is the improvement of our offer and our website. We have concluded a data processing contract with the provider.

Here you can manage your 

[cookie_settings]

Facebook

We operate a company page (fan page) on the platform “Facebook” of the company Facebook Ireland Ltd., 4 Grand Canal Square, Grand Canal Harbor, Dublin 2, Ireland, and are jointly responsible for data collection (GDPR). The company Facebook guarantees on the basis of standard contractual clauses to comply with European data protection law. We would like to point out that the company Facebook collects a large amount of data when you visit our fan pages, including the IP address, information about the device, browser, origin and user behavior. This data may be transferred to countries outside the European Union. Facebook users have given their consent for these data processing processes or this is part of their contract of use with Facebook.

We operate these fan page for marketing and communication purposes on the basis of our legitimate interest (Art. 6 (1) lit f GDPR).

The company’s information on data collection and use can be found here:

https://www.facebook.com/about/privacy

 

Third party integrations

Third party tools may set tracking technologies (like cookies) to collect information about visitors’ use of a website and across other websites and online services, such as a visitor’s IP address, web browser, mobile network information, pages viewed, time spent on pages, links clicked, and conversion information. This information may be transferred to servers outside the EU and may be used by those companies to, among other things, analyze and track usage, determine the popularity of certain content, and deliver advertisements that may be more targeted to visitor interests.

We use the following third-party services:

Google ReCaptcha (spam protection): Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland. Privacy Policy: https://www.google.com/policies/privacy/, Opt-Out: https://adssettings.google.com/authenticated

 

Your rights

You have the right to be informed, the right of access, the right to rectification, the right to erasure, the right to restrict processing, the right to data portability, the right to object and the right to withdraw consent. If you think that the processing of your data violates data protection law or if you think that your data protection claims have otherwise been violated in a way, you can complain to the competent supervisory authority.