Privacy policy

1. WHO ARE WE?

LEAP4SME is a three year project started on 1 September 2020 and received a total grant of 1 895 027.50 Euros from the European Commission within the Horizon 2020 framework addressing the topic – supporting Member States in establishing or improving effective policies for SMEs to undergo energy audits in Europe. Our project website LEAP4SME is run by REVOLVE, and as the case may be by third party subcontractors, under the responsibility of REVOLVE.

When we refer to ‘’we’’ or ‘’our’’ in this Privacy Policy we are referring to REVOLVE and LEAP4SME and any of its affiliates. When we refer to “you” or “your”, we are referring to any user of any of LEAP4SME’s or REVOLVE’s websites, apps or services.

Our Data Protection Officer (“DPO”) can be reached by postal mail at DPO REVOLVE, Arlon street 63-67, 1040 Brussels, Belgium, or by email at dpo@revolve.media.

2. INTRODUCTION AND GENERAL TERMS

At LEAP4SME, we’re committed to protecting and respecting your privacy. This Privacy Policy relates to our use of any personal information we collect from you:

– via following online services:

The LEAP4SME website (WWW.LEAP4SME.EU)
The LEAP4SME social media pages and accounts (Twitter, YouTube, Linkedin)

This Privacy Policy also relates to our use of any personal information you may provide to us by phone, SMS, email, in letters or other correspondence, in person and through copies of your personal information obtained from your identity card or your residence permit (but excluding your national number). To provide you with the full range of services, we sometimes need to collect information about you. This Privacy Policy explains the following:

– what information LEAP4SME may collect about you

– how LEAP4SME will use information that we collect about you

– when LEAP4SME may use your details to contact you

– whether LEAP4SME will disclose your details to anyone else

– your choices regarding the personal information you provide to us

– the use of cookies on LEAP4SME website and how you can reject cookies

LEAP4SME is committed to safeguarding your personal information. Whenever you provide such information, we are legally obliged to use your information in line with the EU Regulation 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (hereafter the “GDPR”). Please note that, no website can be completely secure. If you have any concerns that one of your REVOLVE accounts could have been compromised, e.g. someone could have discovered your password, please get in touch immediately.

All information that we use and/or gather will be used in accordance with the GDPR. To find out more about the EU Data Protection Rules click here

LEAP4SME website also contains hyperlinks to websites owned and operated by third parties. These third-party websites have their own privacy policies, and are also likely to use cookies, and we therefore urge you to review them. Their policies will govern the use of personal information you submit, or which may be collected by cookies, when visiting such websites. We do not accept any responsibility or liability for the privacy practices of third-party websites and your use of such websites is at your own risk.

3. WHAT INFORMATION DOES LEAP4SME COLLECT

When you access or sign-up to any of LEAP4SME’s services, for example newsletters, chats with our social media accounts, message boards, web and mobile notifications, telephone or text LEAP4SME, we may receive personal information about you.

This can consist of personal information you have provided to us such as, for example, your name, email address, postal address, telephone or mobile number, gender or date of birth, personal interests (e.g. what newsletters you have read), as well as general (aggregate, non-personal) information collected about the way in which visitors make use of LEAP4SME’s on-line services.

If you are the parent or guardian of a child under (16), we may process limited personal data about you so that you can give consent for the child to access some REVOLVE services. We may use your contact details to communicate with you about the child’s account or use of services.

Please note that sometimes we will require you to provide additional personal information, for example when preparing lease or real estate purchase agreements. When we do this we will provide further information about why we are collecting your information and how we will use it.

Some of our services may enable you to sign-in via a third-party service, such as Facebook. If you choose to sign-in via a third-party app, you will be presented with a dialog box which will ask your permission to allow LEAP4SME to access your personal information (e.g. your full name, date of birth, email address and any other information you have made publicly accessible to the third-party service, such as Facebook). Please note that any information that is not required by the particular service you have opted to use will not be retained by LEAP4SME.

For more information, please see Article 13 of this policy, on LEAP4SME’s use of cookies and similar technologies.

4. FOR WHAT PURPOSES DOES LEAP4SME USE THE INFORMATION IT COLLECTS ABOUT YOU

LEAP4SME will use your personal information for a number of purposes including the following:

– to provide you with our services
– to provide you with information about our services
– to deal with your requests and enquiries
– to provide you with the most user-friendly online navigation experience
– for “service administration purposes”, which means that LEAP4SME may contact you for reasons related to the service or online content you have signed up for
– we may also show you relevant advertising, as set out in Article 7
– to use IP addresses and device identifiers to identify the location of users, to block disruptive use, to establish the number of visits of our websites
– for analysis and research purposes so that we may improve the services offered by LEAP4SME.
– we also use and disclose information in aggregate (so that no individuals are identified or identifiable) for marketing and strategic development purposes.

Where LEAP4SME proposes using your personal information for purposes not mentioned above we will notify you first. Please see Article 16 below for details.

5. WHEN WILL LEAP4SME CONTACT YOU?

LEAP4SME may contact you:

– in relation to any contractual relation you have engaged with LEAP4SME
– in relation to any service, activity or online content you have signed up for, for yourself or for your under 16-year old child in order to ensure that LEAP4SME can deliver the services, e.g. to verify your email when you sign up for a LEAP4SME newsletter, or to help you reset your password for your accounts on our websites or apps.
– in relation to any correspondence we receive from you or any comment or complaint you make about LEAP4SME products or services
– in relation to any job application
– in relation to our legal rights and obligations
– in relation to any personalized services you are using
– in relation to any contribution you have submitted to LEAP4SME, e.g. on LEAP4SME message boards or via text or voicemail message
– to invite you to participate in surveys about LEAP4SME services (participation is always voluntary)
– to update you on any material changes to LEAP4SME’s policies and practices

We will never contact you to ask for your LEAP4SME account password, or other login information. If you receive any emails or calls from people asking for this information and claiming to be from LEAP4SME please inform our DPO straightaway.

6. WILL LEAP4SME SHARE MY PERSONAL INFORMATION?

LEAP4SME will not sell or rent your information to third parties and will not share your information with third parties for marketing purposes.

Generally, we will use your information within LEAP4SME and will only share it outside LEAP4SME where you have requested it or given your consent, except:

– where disclosure is required or permitted by law (for example to government bodies or law enforcement agencies, including for child protection reasons) by a court order or for the purposes of prevention of fraud or other crime, or
– if LEAP4SME or its affiliate ceases to be the data controller in respect of your personal information through the operation of a merger, acquisition or any change of control
– in the limited circumstances described below and in Article 9.

We may pass your information to our third-party service providers, agents, subcontractors, and other associated organizations for the purposes of completing tasks and providing services to you on our behalf (for example to send you mailings). However, when we use third party service providers, we disclose only the personal information that is necessary to deliver the service. In addition, our contracts with such third-party service providers require them to keep your information secure and not to use it for their own direct marketing purposes. We will not release your information to third parties for them to use for their own direct marketing purposes unless you have requested us to do so.

To comply with obligations set out in Article 18.1 of Grant Agreement No 101000395, potential recipients of your data during the data retention period (see Article 9) include relevant European Commission and Agency staff in charge of managing EU funded grants, their contractors, and ex-post controls.

7. OFFENSIVE OR INAPPROPRIATE CONTENT ON LEAP4SME WEBSITES

If you post or send content which may reasonably be deemed to be offensive, inappropriate or objectionable anywhere on or to LEAP4SME websites, social media pages, or otherwise engage in any disruptive behavior on any LEAP4SME service, LEAP4SME may remove such content.

Where LEAP4SME reasonably believes that you are or may be in breach of any applicable laws, for example on hate speech, LEAP4SME may disclose your personal information to relevant third parties, including to law enforcement agencies or your internet provider. LEAP4SME would only do so in circumstances where such disclosure is permitted under applicable laws, including data protection law.

8. WHAT IF I AM A USER UNDER 16?

If you are aged 16 or under, please get your parent/guardian’s permission before you provide any personal information to LEAP4SME.

9. HOW LONG WILL LEAP4SME KEEP MY PERSONAL INFORMATION?

We will hold your personal information on our systems only for as long as is necessary for the relevant activity, or as long as is legally or contractually set out for any relevant contract you hold with LEAP4SME. The five-year data retention period is in line with the period mentioned in Article 18.1 of Grant Agreement No 101000395 for the relevant personal data.

10. WHAT CAN YOU DO WITH THE PERSONAL DATA YOU SUBMITTED TO US?

You have the right to restrict and the right to object to the use of your personal data; the right to withdraw your consent to the use of your personal data and the right to request deletion of your personal data.

You can exercise your rights by contacting our DPO. You may also adjust your communication preferences or opt out of communications at any time by clicking ‘unsubscribe’ at the bottom of any e-mail, following instructions provided in the communication or changing your preferences within your account or by sending us an e-mail.

You have the right to portability of your personal data. All personal data you directly submitted to LEAP4SME, can be sent to you or any third party, at your request made directly to our DPO.

11. CAN I FIND OUT WHAT PERSONAL INFORMATION LEAP4SME HOLDS ABOUT ME?

Under the GDPR you have the right to access to and the right to correct the personal information LEAP4SME holds. These rights can be exercised by contacting our DPO directly, who will then use reasonable efforts consistent with our legal duty, to supply, correct or delete personal information about you that may be held on our files.

We will endeavor to provide you with access to your personal information wherever possible.

12. WHAT IF I AM UNHAPPY WITH THE WAY LEAP4SME IS MANAGING MY PERSONAL DATA?

You have the right to complain to the Belgian Data Protection Authority:

– By mail: Belgian Data Protection Authority Rue de la Presse, 35, 1000 Bruxelles.
– By telephone: +32 (0)2 274 48 00
– By fax: +32 (0)2 274 48 35
– By email: commission@privacycommission.be

13. WEB BROWSER COOKIES

a. What is a cookie?

A cookie is a small amount of data, which often includes a unique identifier that is sent to your computer, tablet or mobile phone (all referred to here as a “device”) web browser from a website’s computer and is stored on your device’s hard drive. Each website can send its own cookie to your web browser if your browser’s preferences allow it.

Many websites do this whenever a user visits their website to track online traffic flows. Similar technologies are also often used within emails to understand whether the email has been read or if any links have been clicked. To inform you fully, LEAP4SME will ask your consent for the receipt of cookies. However, you can change your cookie settings at any times in your web-browser (see our Cookies Policy below for more information).

On LEAP4SME websites, cookies record information about your online preferences and allow us to tailor our websites to your interests.

b. LEAP4SME cookies and how to reject cookies

LEAP4SME’s Cookies Policy [see below] which contains full information about how LEAP4SME uses cookies, and which explains how to control what cookies are set on your device through REVOLVE websites, can be found on our website.

It is important to note that if you change your settings and block certain cookies, you will not be able to take full advantage of some features of REVOLVE services, and we might not be able to provide some features you have previously chosen to receive.

c. Other information collected from web browsers

Your web browser may also provide LEAP4SME with information about your device, such as an IP address and details about the browser that you are using.

If you have any concerns about the way that we use cookies or respect your settings, please contact our DPO.

14. DO NOT TRACK (DNT) BROWSER SETTING

DNT is a feature offered by some browsers which, when enabled, sends a signal to websites to request that your browsing is not tracked, such as by third party ad networks, social networks, and analytic companies. Our websites do not currently respond to DNT requests.

15. CHANGES TO LEAP4SME’S PRIVACY POLICY

This Privacy Policy may be updated from time to time so you may wish to check it each time you submit personal information to LEAP4SME. The date of the most recent revisions will appear on this page. If you do not agree to these changes, please do not continue to use LEAP4SME websites to submit personal information to LEAP4SME. If material changes are made to the Privacy Policy, for instance affecting how we would like to use your personal information, we will provide a more prominent notice.

16. TRANSFERRING YOUR INFORMATION OUTSIDE OF EUROPE

As part of the services offered to you through the LEAP4SME websites and Apps, the information which you provide to us may be transferred to countries outside the European Union (“EU”). By way of example, this may happen if any of our servers are from time to time located in a country outside of the EU. These countries may not have similar data protection laws to Belgium. By submitting your personal data, you are agreeing to this transfer, storing, or processing. If we transfer your information outside of the EU in this way, we will take steps to ensure that appropriate security measures are taken with the aim of ensuring that your privacy rights as set out in this Policy continue to be protected.

If you use our services while you are outside the EU, your information may be transferred outside the EU in order to provide you with those services.

17. GDPR DATA PROTECTION RIGHTS

We would like to make sure you are fully aware of all of your data protection rights. Every user is entitled to the following:

• The right to access – You have the right to request copies of your personal data. We may charge you a small fee for this service.
• The right to rectification – You have the right to request that we correct any information you believe is inaccurate. You also have the right to request that we complete the information you believe is incomplete.
• The right to erasure – You have the right to request that we erase your personal data, under certain conditions.
• The right to restrict processing – You have the right to request that we restrict the processing of your personal data, under certain conditions.
• The right to object to processing – You have the right to object to our processing of your personal data, under certain conditions.
• The right to data portability – You have the right to request that we transfer the data that we have collected to another organization, or directly to you, under certain conditions.

If you make a request, we have one month to respond to you. If you would like to exercise any of these rights, please contact our DPO, whose full details are listed in Article 1.