North-West Privacy Policy

1. WHO WE ARE

We”, “us” or “our” means EIT Food’s North-West regional office which consists of the UK, Ireland and Iceland. The controller of your data is the EIT Food branch that initially collected your data and decided the purposes and means for using your data. Please find information about all our branches via https://www.eitfood.eu/contact.

This Privacy Policy is solely intended to provide you with information in relation to the processing of personal data.

Your privacy is important to us, so we’ve developed this Privacy Policy that sets out how we collect, disclose, transfer and use (“process”) the personal data that you share with us, and which rights you have. Please take a moment to read through this policy.

If you have any questions, concerns or complaints regarding this Privacy Policy or our processing of your personal data or you wish to submit a request to exercise your rights, you can contact us:

Via email: clcnorthwest@eitfood.eu

You can also contact our EIT Food Headquarters:

By post: EIT Food iVZW Ubicenter A Philipssite 5 bus 34, Belgium

Via email: privacy@eitfood.eu

It is very important that the information we hold about you is accurate and up to date. Please let us know if at any time your personal information changes by contacting the EIT Food North-West regional office.

This Privacy Policy is solely intended to provide you with information in relation to the processing of personal data through your use and our management of your data on EIT Food North-West databases. The databases we use are Salesforce, Mailchimp and Eventbrite.

Salesforce is a customer relationship management tool. We use Salesforce to collect, process and store data on our stakeholders to manage our customer relationships. Please be aware that you must accept the terms and conditions of Saleforce privacy policy. This can be found here.
Mailchimp is an email marketing tool. We use Mailchimp to collect, process and store data on users that signup to receive regional office newsletters. EIT Food North-West Partners can expect to receive information through the regional partner newsletter as well as general regional office communications, without manually signing up, but can opt-out at any time via the unsubscribe form here. Please be aware that you must accept the terms and conditions of Mailchimp privacy policy. This can be found here.
Eventbrite is an event platform. We use Eventbrite to host online events and registration for in-person or hybrid events. We use Eventbrite to collect process and store data on users that register for an event. Please be aware that you must accept the terms and conditions of Eventbrite privacy policy. This can be found here.

For our privacy practices in relation to our services, we refer you to the agreement as may be concluded between us. Your privacy is important to us, so we’ve developed this Privacy Policy that sets out how we collect, disclose, transfer and use (“process”) the personal data that you share with us, and which rights you have. Please take a moment to read through this policy.

If you have any questions, concerns or complaints regarding this Privacy Policy or our processing of your personal data or you wish to submit a request to exercise your rights as set out in article 4, you can contact us:

Via email: clcnorthwest@eitfood.eu

This Privacy Policy was revised last on 12.01.2023.

2. HOW WE USE AND COLLECT YOUR PERSONAL DATA

Personal data is defined as any information relating to an identified or identifiable natural person. Identifiable refers to identifiers (such as name, identification number, location data, etc.), that can be used to directly or indirectly identify a natural person.

The personal data we collect, is collected and used for the purposes as listed hereunder:

In the event you contact our regional office via post, email or telephone, we will use your personal data in order to reply to your query, via email or telephone.
In the event you register for our regional newsletter, your email address will be used in order to send you our newsletters, which may include invites to events, seminars, etc. organised by us.
In the event you register for an event hosted or associated with our region, your email address may be used in order to invite you to future events, seminars, etc. organised by us.
In the event you contact our regional office via social media messaging or social media posting or any other communication that you send us, your social media account name may be stored on our databases.
In the event we contact you under a legitimate interest, we would ask to store your personal data to be used on our databases.
We process your personal data to enforce or exercise any rights that are available to us based on the applicable law, such as use for the establishment, exercise or defense of legal claims.
We may also use your personal data to fulfil our obligations as set out by the applicable law.

The following categories of personal data can be distinguished:

Contact data: in the event you contact our regional office, the information that is provided is directly from you. In the event we contact you under a legitimate interest, we will ask to store your personal information. The following information: name, address, email address, phone number, and any personal data that you choose to share with us, may be stored in our regional databases.
Newsletter: if you register for our newsletter, you will be asked to provide your name and email address. This is information provided directly by you.
Event: if your register for one of our events, you may be asked the following information: name, address, email address, phone number. This is information provided directly by you.
Usage data: we collect personal data regarding your activities on our website: IP address, device ID and type, referral source, language settings, browser type, operating system, geographical location, length of visit, page views, or information about the timing, frequency and pattern of your service use. This information may be aggregated and used to help us provide more useful information regarding the use of our website. In the event the usage data is completely anonymised (and can therefore not be traced back to you as an individual), this will not be considered personal data for the purpose of this Privacy Policy. This is personal data that is automatically collected through your use of the website.
Transaction data: we collect personal data relating to transactions that you make through the website, including your “contact data”, payment information and the goods and/or services purchased. This is personal data provided directly by you.

The legal basis for the processing of your personal data is based on consent. You have the right to withdraw your consent at any time. This will, however, not affect the lawfulness of any processing done prior to the withdrawal of consent.

Sensitive Data: We do not collect any Sensitive Data about you. Sensitive data refers to data that includes details about your race or ethnicity, religious or philosophical beliefs, sex life, sexual orientation, political opinions, trade union membership, information about your health and genetic and biometric data. We do not collect any information about criminal convictions and offences.

Your personal data will solely be used for the purposes as set out in this article. In case we need to use your details for an unrelated new purpose we will let you know and explain the legal grounds for processing. We may process your personal data without your knowledge or consent where this is required or permitted by law.

3. RETENTION OF YOUR DATA AND DELETION

Your personal data will be retained for a period of 3 years.

In the event you withdraw your consent or you object to our use of your personal data, and such objection is successful, we will remove your personal data from our databases. Please note that we will retain the personal data necessary to ensure your preferences are respected in the future.

The foregoing will, however, not prevent us from retaining any personal data if this is necessary to comply with our legal obligations, in order to file a legal claim or defend ourselves against a legal claim, or for evidential purposes.

4. YOUR RIGHTS

This article lists your principal rights under data protection law. We have tried to summarise them for you in a clear and legible way.

To exercise any of your rights, please send us a written request in accordance with article 1 of this Privacy Policy. We will respond to your request without undue delay, but in any event within one month of the receipt of the request. In the event of an extension of the term to respond or in the event we do not take action on your request, we will notify you.

The right to access

You have the right to confirmation as to whether or not we process your personal data and, in the event we do so, you have the right to access such personal data, together with certain additional information that you also find listed in this Privacy Policy.

You have the right to receive from us a copy of your personal data we have in our possession, provided that this does not adversely affect the rights and freedoms of others. The first copy will be provided free of charge, but we reserve the right to charge a reasonable fee if you request further copies.

The right to rectification

If the personal data we hold about you is inaccurate or incomplete, you have the right to have this information rectified or, taking into account the purposes of the processing, completed.

The right to erasure (right to be forgotten)

In some circumstances, you have the right to the erasure of your personal data without undue delay. Those circumstances include:

The personal data are no longer needed in relation to the purposes for which they were collected or otherwise processed;
You withdraw your consent, and no other lawful ground exists;
The processing is for direct marketing purposes;
The personal data have been unlawfully processed; or,
Erasure is necessary for compliance with EU law or Belgian law.

There are certain exclusions to the right to erasure. Those exclusions include where processing is necessary,

for exercising the right of freedom of expression and information;
for compliance with a legal obligation; or,
for the establishment, exercise or defense of legal claims.

The right to restrict processing

You have the right to restrict the processing of your personal data (meaning that the personal data may only be stored by us and may only be used for limited purposes), if:

You contest the accuracy of the personal data (and only for as long as it takes to verify that accuracy);
The processing is unlawful and you request restriction (as opposed to exercising the right to erasure);
We no longer need the personal data for the purposes of our processing, but you require personal data for the establishment, exercise or defense of legal claims; or,
You have objected to processing, pending the verification of that objection.

In addition to our right to store your personal data, we may still otherwise process it but only:

with your consent;
for the establishment, exercise or defense of legal claims;
for the protection of the rights of another natural or legal person; or,
for reasons of important public interest.

We will inform you before we lift the restriction of processing.

The right to data portability

To the extent that the legal basis for our processing of your personal data is consent, and such processing is carried out by automated means, you have the right to receive your personal data from us in a structured, commonly used and machine-readable format. However, this right does not apply where it would adversely affect the rights and freedoms of others.

You also have the right to have your personal data transferred directly to another company, if this is technically possible, and/or to store your personal data for further personal use on a private device.

The right to object to processing

You have the right to object to the processing of your personal data on grounds relating to your particular situation, but only to the extent that the legal basis for the processing is that the processing is necessary for:

The performance of a task carried out in the public interest or in the exercise of any official authority vested in us;
The purposes of the legitimate interests pursued by us or by a third party.

If you make such an objection, we will cease to process the personal information unless we can demonstrate compelling legitimate grounds for the processing which override your interests, rights and freedoms, or the processing is for the establishment, exercise or defense of legal claims.

You have the right to object to our processing of your personal data for direct marketing purposes (including profiling for direct marketing purposes). If you make such an objection, we will cease to process your personal data for this purpose.

The right to complain to a supervisory authority

If you consider that our processing of your personal information infringes data protection laws, you have a legal right to lodge a complaint with a supervisory authority responsible for data protection. You may do so in the EU member state of your habitual residence, your place of work or the place of the alleged infringement.

In the UK, you can submit a complaint to the Information Commissioners Office.
In the Republic of Ireland, you can submit a complaint to the Data Protection Commission.
In Iceland, you can submit a complaint to the Icelandic Data Protection Authority.

If you are within the UK and are not happy with any aspect of how we collect and use your data, you have the right to complain to the Information Commissioner’s Office (ICO), the UK supervisory authority for data protection issues (www.ico.org.uk). We should be grateful if you would contact us first if you do have a complaint so that we can try to resolve it for you.

If you are within the EU and are not happy with any aspect of how we collect and use your data, you have the right to complain to the data protection authority of the country in which you are based. We should be grateful if you would contact us first if you do have a complaint so that we can try to resolve it for you.

5. DISCLOSURE TO THIRD PARTIES

To the extent necessary or appropriate, EIT Food North-West may disclose your Personal Information to external 3rd Parties, such as IT consultants carrying out testing and development work on our IT systems and other service and software providers who we may appoint as data processors such as e.g. for CRM purposes.

Where applicable, we will impose appropriate contractual, security, confidentiality and other obligations on to 3rd party providers and processors we have appointed, based on the nature of the services they provide to us. We will only permit them to process your Personal Information in accordance with the law and our instructions. We do not allow them to use your Personal Information for their own purposes and when our relationship ends we will ensure your Personal Information is securely returned or destroyed.

The above mentioned third parties may be located both within and outside the EEA. In the latter case, we will take the necessary measures to ensure that your Personal Information is adequately protected, secure, kept confidential and that we have a lawful basis for the transfer.

In addition, we may disclose your personal data in the event such disclosure is required or necessary in order to fulfil a legal obligation. We may also disclose personal data in order to protect your vital interests or the vital interest of another natural person.

As such, we do not disclose your personal data to our social media partners. We do, however, make use of social media plugins to direct you to our social media channels and to allow you to interact with our content. These social media channels are Facebook, LinkedIn, Twitter, Instagram and YouTube. In the event you click such link, such social media service provider may collect personal data about you and may link this information to your existing profile on such social media.

We are not responsible for the use of your personal data by such social media service provider. In such case, the social media service provider will act as controller and we refer to the privacy policies of those social media channels for information about the use of your personal data.

6. SECURITY

We have put in place appropriate security measures to prevent your Personal Information from being accidentally lost, used or accessed in an unauthorized way, altered or disclosed. In addition, we limit access to your Personal Information to those employees, agents, contractors and other third parties who have a business need to do so.

We have put in place procedures to deal with any suspected Personal Information breaches and we will notify you and the applicable supervisory authority of a breach where we are legally required to do so.

7. INTERNATIONAL TRANSFERS

We will ensure that any transfer of personal data to countries outside of the European Economic Area will take place pursuant to the appropriate safeguards.

8. COOKIES

Our website makes use of cookies. For further information relating to our use of cookies, we refer you to our Cookie Policy:

9. AMENDMENTS TO THE PRIVACY POLICY

From time to time, we have the right to modify this Privacy Policy. You will always be able to consult the most recent version of the Privacy Policy on the website: https://www.eitfood.eu/north-w...

Innovation

Education

Entrepreneurship

Public Insights and Engagement

Funding regenerative agriculture: why collaboration is key to a future-fit food system