PFAN Privacy Statement

Privacy Statement – for Applicants/Entrepreneurs

 

REEEP – the Executing Agency of the Private Financing Advisory Network (PFAN) – is committed to protecting your personal data. REEEP processes personal data in compliance with the EU’s General Data Protection Regulation. All information that you provide to REEEP, e.g. by completing online registration and application forms and uploading supporting documents in Climate Invest, is stored on a secure IT infrastructure.

This privacy statement sets out our privacy policy and explains what happens with personal data that we collect from our users. If you have any questions or concerns regarding this statement, feel free to reach out using the contact details below.

In addition, PFAN and its partners in the PFAN Programme respect the confidentiality of all information submitted with each Application. These documents and data will not be copied for any purposes other than for the use during the application process. Once a project is selected, confidentiality terms will be covered in the respective coaching contract.

 

What is the legal basis for processing your personal data?

During the application process, you will be requested to give consent to the processing of your personal data by REEEP, in line with this privacy statement.

Please note that your consent is necessary to apply for and to receive support from PFAN. If you do not give your consent, you may not submit a PFAN application, because PFAN would not be allowed to process your application further. You may withdraw your consent at any time – however, this may also hinder the possibility to receive support from the PFAN network, if processing and transferring the data is necessary to prepare or administer this support.

 

What personal data does REEEP process about you and why?

As the Executing Agency of the Private Financing Advisory Network (PFAN), REEEP processes personal data of PFAN Network Members, Project Developers, PFAN Coordinators, and external evaluators.

The data processed via Climate Invest belongs to the following categories: contact details (such as full name, physical address, e-mail, phone number, and Skype ID), affiliated organisation, gender and nationality, CV, data on competencies and experience, personal data related to projects and names of associated investors and shareholders.

This personal data is processed for various purposes of PFAN programme management: administration of contact data, selection of PFAN Network Members for assignment to Project Developers, administrative tasks related to programme and project implementation, investor outreach, (such as via the PFAN Deal Book and the PFAN Data Room as well as the data provided in entrepreneurs’ own data rooms), project-origination, communication to donors as well as programme monitoring and evaluation.

Against that background and exclusively to fulfil the above purpose, also certain non-personal data and/or company data might be processed. REEEP will process non-personal data and/or company data carefully and in compliance with this Privacy Statement.

 

Will REEEP disclose any of your personal data?

For the purposes of PFAN programme management, it is indispensable that certain data is shared with the following third parties: PFAN Coordinators (Global, Regional and Country Coordinators) and affiliated personnel, Members of the Technical Committee, Members of the Investment Facilitation Team, PFAN Network Members, personnel from donors such as UNIDO/USAID and their affiliates involved in project execution, external evaluators, external partners and judges. To the extent necessary, also non-personal data and/or company data which is processed by REEEP (see above) might be shared with the indicated third parties.

All data recipients are committed to the highest standards in dealing with personal data – independent of their location. Nevertheless, we are legally obliged to inform you that a level of protection comparable to one under the GDPR cannot be guaranteed in third countries or international organisations due to the absence of an adequacy decision and appropriate safeguards.

Since PFAN operates at an international level and its Trust Fund and investor outreach efforts are managed by UNIDO, many of the above-mentioned data recipients and IT system suppliers are based in third countries or are representatives of international organisations:

Climate Invest is a system hosted by FLUXX, a company based in the USA. The FLUXX privacy policy is available here: https://www.fluxx.io/privacy-policy. REEEP has concluded a data processing agreement with FLUXX, which includes further details related to the protection of personal data and ensures that a high standard of data protection is maintained.

PFAN Coordinators and affiliated personnel, Members of the Technical Committee and Members of the Investment Facilitation Team receive project application data and documents, including details on personal data, for the purpose of evaluating the project and providing support within their respective regions, as applicable.

PFAN Network Members receive project application data and documents, including details on personal data, for the purpose of assignment and contracting of coaching services, investor outreach and project-origination. Once the contract is signed, the confidentiality of the data is further embedded into the contractual service agreement among the respective parties.

UNIDO personnel dedicated to the PFAN programme and certain members of UNIDO operations (including procurement and finance) have access to shared systems (including Climate Invest and Customer Relationship Management systems), which contain project application data and documents, including details on personal data. The reason for their access is only for the purpose of processing PFAN funding contracts, required monitoring and reporting under these contracts, communication to donors and investor outreach activities.

External evaluators and external partners of PFAN receive project application data and documents, including details on personal data, for the purpose of evaluating the project and providing support within their respective regions, as applicable, and when providing support to PFAN events.

Personal data of project developers and project-related personnel may be shared with investors via restricted data rooms (PFAN Deal Book and/or the PFAN Data Room) for the purpose of evaluating projects for potential investments. Entrepreneurs may also use their own data room to share data for the purpose of investor outreach. Before accessing the data, investors have to register via PFAN to access the PFAN Deal Book and/or the PFAN Data Room and/or the entrepreneurs’ data rooms.

Judges receive project application data and documents, including details on personal data, for the purpose of project evaluation during the PFAN Investment Forum.

 

For how long will REEEP store your personal data?

Personal data related to the PFAN network and stakeholder engagement is deleted if there has not been any contact with the network member/stakeholder for eight years, unless erasure is requested earlier.

Personal data related to project proposals and supported projects is stored for the period foreseen in the contract between REEEP and the funder of the PFAN programme. Beyond this data, data is only stored with the consent of the persons concerned.

If you withdraw your consent to data processing, your personal data will be deleted, unless there is another lawful reason – such as a legal obligation – to keep it further.

 

What are your rights under the General Data Protection Regulation?

Right to request access: you may contact us at any time to access to the personal data we keep about you, as well as further information related to the processing of this data

Right to request rectification: If we keep any personal data which is inaccurate or incomplete, you may ask us to correct this data

Right to request erasure: You also have the right to request the erasure of your personal data.

Right to withdraw consent: If you have given us the consent to process your personal data, but you change your mind, you may withdraw your consent at any time.

Right to data portability

Under GDPR, you also have the right to lodge a complaint with the supervisory authority. The competent supervisory authority in Austria is the “Austrian Data Protection Authority” (https://www.data-protection-authority.gv.at/)

Privacy Statement – for Network Members

 

REEEP – the Executing Agency of the Private Financing Advisory Network (PFAN) – is committed to protecting your personal data. REEEP processes personal data in compliance with the EU’s General Data Protection Regulation. All information that you provide to REEEP, e.g. by submitting your data information by emails and through this website, is stored on a secure IT infrastructure. This privacy statement sets out our privacy policy and explains what happens with personal data that we collect from our users. If you have any questions or concerns regarding this statement, feel free to reach out using the contact details below. In addition, PFAN and its partners in the PFAN Programme respect the confidentiality of all information submitted with each email or through this website. The respective documents and data will not be copied for any purposes other than for the use regarding the execution of the PFAN programme and for publicising your services on our website, as agreed in this policy.

 

What is the legal basis for processing your personal data?

For all those applying to become a PFAN Network Member: The legal basis for processing your personal data is your consent. Please note that in order for PFAN to publish certain personal data from you and that of your company, including logo, on our website, your consent via email with respect to the specific data and logo is necessary.

 

What personal data does REEEP process about you and why?

As the Executing Agency of the Private Financing Advisory Network (PFAN), REEEP processes personal data of PFAN Network Members. The data processed via this website or emails, may include the following categories: contact details (such as full name, physical address, e-mail, phone number, and Skype ID), affiliated organisation, gender and nationality, CV, data on competencies and experience, personal data related to projects and names of associated investors and shareholders. This personal data is processed for various purposes of PFAN programme management: administration of contact data, selection of PFAN Network Members for assignment to Project Developers, administrative tasks related to programme and project implementation, investor outreach, communication to donors as well as programme monitoring and evaluation.

Against that background and exclusively to fulfil the above purpose, also certain non-personal data and/or company data might be processed. REEEP will process non-personal data and/or company data carefully and in compliance with this Privacy Statement.

 

Will REEEP disclose any of your personal data?

For the purposes of PFAN programme management, it is indispensable that certain data is shared with the following third parties: PFAN Coordinators (Global, Regional and Country Coordinators) and affiliated personnel, Members of the Technical Committee, Members of the Investment Facilitation Team, PFAN Network Members, personnel from donors such as UNIDO/USAID and their affiliates involved in project execution, external evaluators, external partners and judges. To the extent necessary, also non-personal data and/or company data which is processed by REEEP (see above) might be shared with the indicated third parties.

All data recipients are committed to the highest standards in dealing with personal data – independent of their location. Nevertheless, we are legally obliged to inform you that a level of protection comparable to one under the GDPR cannot be guaranteed in third countries or international organisations due to the absence of an adequacy decision and appropriate safeguards. Since PFAN operates at an international level and its Trust Fund and investor outreach efforts are managed by UNIDO, many of the above-mentioned data recipients and IT system suppliers are based in third countries or are representatives of international organisations:

Climate Invest is a system hosted by FLUXX, a company based in the USA. The FLUXX privacy policy is available here: https://www.fluxx.io/privacy-policy. REEEP has concluded a data processing agreement with FLUXX, which includes further details related to the protection of personal data.

PFAN Coordinators and affiliated personnel, Members of the Technical Committee and Members of the Investment Facilitation Team receive project application data and documents, including details on personal data from Project Developers and respective Network Member assigned to coach such project, and also from all available Network Members, for the purpose of evaluating the projects, assigning coaching contracts and providing support within their respective regions, as applicable.

PFAN Network Members may receive documents with certain personal data from other Network Members whist participating in joint events and in relation to collaboration under certain coaching contracts. Once a contract is signed among the parties, the confidentiality of the data is further embedded into the contractual service agreement among the respective parties.

UNIDO personnel dedicated to the PFAN programme and certain members of UNIDO operations (including procurement and finance) have access to shared systems (including Climate Invest and Customer Relationship Management systems), which contain project application data and documents, including details on personal data from the Project Developer and Network Member coaching such project, and in some cases from all available Network Members. The reason for their access is only for the purpose of processing PFAN funding contracts, required monitoring and reporting under these contracts, and investor outreach activities.

External evaluators and external partners of PFAN receive project application data and documents, including details on personal data from both Project Developers and Network Members considered for coaching of such project, only for the purpose of evaluating the project and providing support within their respective regions, as applicable, and when providing support to PFAN events.

Judges receive project application data and documents, including details on personal data from both Project Developers and Network Member coaching such project, for the purpose of project evaluation during the PFAN Investment Forum.

 

For how long will REEEP store your personal data?

Personal data related to the PFAN Network Members is deleted if there has not been any contact with the Network Member/stakeholder for eight years, unless erasure is requested earlier. Personal data related to project proposals and supported projects (including personal data from both Project Developer and Network Member coaching such projects) is stored for the period foreseen in the contract between REEEP and the funder of the PFAN programme. Beyond this data, data is only stored with the consent of the persons concerned. If you withdraw your consent to data processing, your personal data will be deleted, unless there is another lawful reason – such as a legal obligation – to keep it further.

 

What are your rights under the General Data Protection Regulation?

Right to request access: you may contact us at any time to access to the personal data we keep about you, as well as further information related to the processing of this data.

Right to request rectification: If we keep any personal data which is inaccurate or incomplete, you may ask us to correct this data.

Right to request erasure: You also have the right to request the erasure of your personal data.

Right to withdraw consent: If you have given us the consent to process your personal data, but you change your mind, you may withdraw your consent at any time.

Right to data portability

Under GDPR, you also have the right to lodge a complaint with the supervisory authority. The competent supervisory authority in Austria is the “Austrian Data Protection Authority” (https://www.data-protection-authority.gv.at/)

Privacy Statement – for Investors (PFAN Deal Book, PFAN Data Room, including registration for the PFAN data rooms and data rooms of entrepreneurs)

 

REEEP – the Executing Agency of the Private Financing Advisory Network (PFAN) – is committed to protecting your personal data. All information that you provide, e.g. by completing online registration and application forms, is stored on a secure IT infrastructure. REEEP processes personal data in compliance with the EU’s General Data Protection Regulation (GDPR – link: https://www.eugdpr.org/).

This privacy statement sets out our privacy policy and explains what happens with personal data that we collect from our users. Please read the following descriptions to understand our views and practices regarding personal data, and how they pertain to you as you use our various site features and services.

In addition, PFAN and its partners in the PFAN Programme respect the confidentiality of all information submitted with each registration. These documents and data will not be copied for any purposes other than those set out below.

If we make any substantive changes to this policy, we will announce it on our site. If you have any questions or concerns regarding this statement, feel free to reach out using the contact details below.

 

What is the legal basis for processing your personal data?

For all investors registering with the PFAN Deal Book, the PFAN Data Room and/or data rooms of entrepreneurs: The legal basis for processing your personal data is your consent.

 

What personal data does REEEP gather about you and why?

The data processed through your registration includes contact details (such as full name, country of location, e-mail, website URL), investment-specific personal data and personal data that might be contained in investor presentations or summary documents. Furthermore, preferences in relation to deals with projects will be gathered.

The personal data processed serves the purpose to provide necessary details to match Investors with projects and to add Investors to a customer management relationship database to facilitate this matchmaking process.

Against that background and exclusively to fulfil the above purpose, also certain non-personal data and/or company data might be processed. REEEP will process non-personal data and/or company data carefully and in compliance with this Privacy Statement.

 

Will REEEP disclose any of your personal data?

For the purposes of PFAN programme management, it is indispensable that certain data is shared with PFAN, including UNIDO personnel dedicated to the PFAN programme and certain members of UNIDO operations. To the extent necessary, also non-personal data and/or company data which is processed by REEEP (see above) might be shared with the indicated third parties.

All data recipients are committed to the highest standards in dealing with personal data – independent of their location. Nevertheless, we are legally obliged to inform you that a level of protection comparable to one under the GDPR cannot be guaranteed in third countries or international organisations due to the absence of an adequacy decision and appropriate safeguards.

Since PFAN operates at an international level and its Trust Fund and investor outreach efforts are managed by UNIDO, many of the above-mentioned data recipients and IT system suppliers are based in third countries or are representatives of international organisations:

UNIDO personnel dedicated to the PFAN programme and certain members of UNIDO operations (including procurement and finance) have access to shared systems (including Climate Invest and Customer Relationship Management systems), which contain registration data and documents, including details on personal data. The reason for their access is only for the purpose set out above.

REEEP will only disclose personal data as described above (see “What personal data does REEEP gather about you and why?”) to comply with applicable laws or valid legal process, or to protect the rights or property of REEEP.

 

For how long will REEEP store your personal data?

Your personal data is kept only as long is necessary and is reviewed and deleted as is required by the applicable laws and regulations, in particular, the GDPR. If you withdraw your consent to data processing, your personal data will be deleted, unless there is another lawful reason – such as a legal obligation – to keep it further.

 

Data rooms of entrepreneurs

Please note that external data rooms do not lie under the control of REEEP. If you wish to visit entrepreneur’s data rooms or websites after your registration with PFAN, please refer to their respective Privacy and Cookie Statement as our Statement does not cover how third parties process your data. REEEP has no responsibility or liability for these independent Statements.

 

What are your rights under the General Data Protection Regulation?

Right to request access: you may contact us at any time to access to the personal data we keep about you, as well as further information related to the processing of this data.

Right to request rectification: If we keep any personal data which is inaccurate or incomplete, you may ask us to correct this data.

Right to request erasure: You also have the right to request the erasure of your personal data.

Right to withdraw consent: If you have given us the consent to process your personal data, but you change your mind, you may withdraw your consent at any time.

Right to data portability

Under GDPR, you also have the right to lodge a complaint with the supervisory authority. The competent supervisory authority in Austria is the “Austrian Data Protection Authority” (https://www.data-protection-authority.gv.at/).

 

Cookies

For Investors registering for the PFAN Deal Book and/or the PFAN Data Room, we use a necessary WordPress-specific cookie that tracks whether an Investor is logged in. Investors then receive more information regarding the deals and can save and schedule projects which will be saved in the database.

 

Newsletter registrations

When you confirm that you want to sign up to our PFAN newsletter, we will save your email address so we can e-mail you information about our events, news and services, or other products and services we feel may interest you. If you are asked to fill out a sign-in form for the newsletter, we may ask you to provide your name and other personal data on a voluntary basis because it is helpful to us to track our general audience profile, so we can better tailor the news we share. If you give us permission to send direct mail, this extra information will allow us to send you messages relevant to you.

Only REEEP will send you these e-mails. To send out newsletters, we use a mass mailing system run by MailChimp. Your email address and information you enter with the registration will be transferred to, and saved on a MailChimp server in USA. The European Commission has adopted an adequacy decision which assumes an adequate level of protection for personal data that is transferred from the EU to the USA for companies participating in the EU – U.S Privacy Framework. Intuit is listed as one of the companies in this “Data Privacy Framework List”.

MailChimp stores the IP address of the computer where you sign up from, and/or where you last accessed the messages we sent. For technical reasons this is necessary and if you withhold permission for this, we need to unsubscribe you from the newsletter.

REEEP will store the data you have provided as long as you are subscribed to the newsletter list. You can change your mind at any time by clicking the unsubscribe link in the footer of any email you receive from us, or by contacting us at communications[at]reeep.org.

Mailchimp’s Terms of Use, Privacy Policy and other privacy measures are available here: https://mailchimp.com/legal/ and Mailchimp and European Data Transfers Mailchimp.

 

What else should you know about your privacy?

You may find links from our site to areas on other sites. If you follow these links from our site to another site, you should be aware that these other sites have their own privacy and data collection practices. REEEP has no responsibility or liability for these independent policies. For more information regarding a site and its privacy policies, check each site.

 

How can I contact REEEP?

In case of any questions or requests regarding this privacy policy, please contact:

Renewable Energy & Energy Efficiency Partnership (REEEP)

International Secretariat

Wagramer Strasse 5 (Vienna International Centre, Room D-1861)

A-1400 Vienna

Austria

data-protection[at]reeep.org

Phone: +43-1-26026-3425

 

Where can I find further information about GDPR?

Background information on GDPR is available at https://eugdpr.org.

To check out individual GDPR clauses, please go to https://gdpr-info.eu/.

 

Privacy Notice

 

The controller of this website is:

Renewable Energy & Energy Efficiency Partnership (REEEP)
International Secretariat
Wagramer Strasse 5 (Vienna International Centre, Room D-1861)
A-1400 Vienna
Austria
data-protection[at]reeep.org
Phone: +43-1-26026-3425

 

The protection of your personal data is very important to us. Therefore, we process your data exclusively on the basis of the legal regulations (GDPR, DSG, TKG 2003). In this privacy policy we inform you about the most important aspects of data processing within our website.

 

Which data we process

When visiting this website, the following information is processed: The date and time of access to a page on our website, your IP address, name and version of your web browser, the website (URL) that you visited before, certain cookies (see there) and the information that you provide (contact or any other form). There is no obligation to actually provide the data that we ask for. If you do not transmit certain data, you will not be able to use all functions of the website.

 

Purposes of data processing

Your personal data will be processed for the following purposes:

 

  • to provide, improve and develop this website;
  • to create usage statistics;
  • to detect, prevent and investigate attacks on our website;
  • to respond to your requests;
  • to avoid spam

 

Legal basis of processing

The legal basis for the processing of your personal data is a legitimate interest (in accordance with Article 6 (1) lit f of the EU General Data Protection Regulation), which is to achieve the purposes set out above.

Furthermore, your data may be used to fulfil a contract or to carry out pre-contractual measures and to fulfil legal obligations, such as accounting. If necessary we will ask you for an explicit consent.

 

Contact

If you contact us by e-mail or contact form, your data will be stored for six months to process the request and in case of follow-up questions. We will not share this information without your consent.

 

Cookies

Our website uses cookies. These are small text files that are stored on your device by your browser. Session cookies contain no personal information (such as IP addresses) and are automatically deleted after your visit to the site. Some cookies remain stored on your device to make our offer user-friendly. You can prevent the setting of cookies in the settings of your Internet browser or you can allow the setting of specific cookies only. With the deactivation of cookies, the functionality of our website may be limited.

Here you can manage your

Cookie settings

 

Hosting and Log Files

To operate this website we need hosting services like infrastructure and platform services, computing capacity, storage, database services, security and maintenance services. We / our hosting provider process(es) the data of our website visitors like contact data, content data, usage data, meta and communication data on basis of our legitimate interest in a satisfactory and secure website offer. For the same reason we / our hosting provider process(es) so called server log files (e.g. website calls, files, time of call, amount of data, browser and operating system information, website referrers, IP addresses, user`s provider). Log files are stored for security reasons (misuse or fraud detection) for a maximum of 12 months. If necessary (Incident handling), data may also be stored longer. We have concluded a data processing contract with the hosting provider.

 

Web analysis and analysis cookies

Our website uses features of Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland. For this purpose, cookies are used that allow an analysis of the use of the website by its users. The information generated thereby is transmitted to the servers of the provider in the U.S.A. and stored there. Your IP address is recorded but immediately anonymized by deleting the last number block. As a result, only a rough localization is possible. You can prevent this by setting up your browser so that no cookies are stored.

We process your data due to the legal regulations: § 96 Abs 3 TKG, Art 6 (1) lit. a (consent) and / or lit. f (legitimate interest) GDPR. Our legitimate interest is the improvement of our offer and our website. We have concluded a data processing contract with the provider.

Here you can manage your

Cookie settings

 

Facebook

We operate a company page (fan page) on the platform “Facebook” of the company Facebook Ireland Ltd., 4 Grand Canal Square, Grand Canal Harbor, Dublin 2, Ireland, and are jointly responsible for data collection (GDPR). The company Facebook guarantees on the basis of standard contractual clauses to comply with European data protection law. We would like to point out that the company Facebook collects a large amount of data when you visit our fan pages, including the IP address, information about the device, browser, origin and user behaviour. This data may be transferred to countries outside the European Union. Facebook users have given their consent for these data processing processes or this is part of their contract of use with Facebook.

We operate these fan page for marketing and communication purposes on the basis of our legitimate interest (Art. 6 (1) lit f GDPR).

The company’s information on data collection and use can be found here:

https://www.facebook.com/about/privacy

 

Third party integrations

Third party tools may set tracking technologies (like cookies) to collect information about visitors’ use of a website and across other websites and online services, such as a visitor’s IP address, web browser, mobile network information, pages viewed, time spent on pages, links clicked, and conversion information. This information may be transferred to servers outside the EU and may be used by those companies to, among other things, analyze and track usage, determine the popularity of certain content, and deliver advertisements that may be more targeted to visitor interests.

We use the following third-party services:

Google ReCaptcha (spam protection): Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland. Privacy Policy: https://www.google.com/policies/privacy/, Opt-Out: https://adssettings.google.com/authenticated.

 

Other websites

This website contains links to websites that do not lie under the control of REEEP. Many of our articles link from our site to areas on other sites. If you visit these linked websites, please refer to their respective Privacy and Cookie Statement as our Statement does not cover how third parties process your data and has no responsibility or liability for these independent Statements.

 

Your rights

You have the right to be informed, the right of access, the right to rectification, the right to erasure, the right to restrict processing, the right to data portability, the right to object and the right to withdraw consent. If you think that the processing of your data violates data protection law or if you think that your data protection claims have otherwise been violated in a way, you can complain to the competent supervisory authority. The competent supervisory authority in Austria is the “Austrian Data Protection Authority” (https://www.data-protection-authority.gv.at/).