Lemo website privacy policy

1. Scope of this policy

This policy describes how the LeMO Project Partners collect, use, consult or otherwise process an individual's personal data in the context of the LeMO website (hereafter the "Service"). The Service relates to the LeMO (Leveraging big data to Manage transport Operations) Project, an EU-funded project that explores the implications of the utilisation of big data to enhance the economic sustainability and competitiveness of the European transport sector.

This policy includes a description of your data protection rights, including a right to object to some of the processing activities we carry out.

The Partners of the LeMO Project are the following:

  1. Stiftinga Vestlandsforsking (WNRI) (Project coordinator), Norway

  2. Johan Wolfgang Goethe Universitaet Frankfurt am Main (GUF), Germany

  3. Confederation of Organisations in Road Transport Enforcement AISBL (CORTE), Belgium

  4. Bird & Bird LLP (B&B), UK

  5. Panteia BV, Netherlands

In this privacy policy, “the Partners”, "we" or "us" are the Partners of the LeMO Project listed above, who will process your personal data as joint-controllers and as described herein. The Project Partners can be contacted collectively through the contact details provided in section 12 below.

For the purpose of this policy, the term "Data Protection Legislation" shall mean the Regulation 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data (the "GDPR"), as well as any legislation and/or regulation implementing or created pursuant to the GDPR and the e-Privacy legislation, or which amends, replaces, re-enacts or consolidates any of them, and all other national applicable laws relating to processing of personal data and privacy that may exist under applicable law.

For the purpose of this policy, "controller", "processor", "third party", "supervisory authority", "personal data", "processing", "data subject", shall have the meanings set out in the applicable Data Protection Legislation.

2. Who processes what personal data about you?

In the context of the Service, your personal data is processed as detailed hereafter.

Newsletter

If you have explicitly consented to receive our newsletter or marketing communications, we may, from time to time, contact you with information about our Project and process your Personal Data for this purpose.

If you no longer want to receive our newsletter, please let us know by sending us an email. You will also be able to unsubscribe from our newsletter by clicking the unsubscribe link in the emails sent to you.

The information below describes the types of data we process for these purposes, where we get your data from, the ground we rely on to carry out the processing, and who we may share your data with.

  • Processed data categories: Email address.

  • Source of data: Directly from you when subscribing to the newsletter.

  • Legal basis: Your consent when subscribing to the newsletter.

  • Recipients of data: The Rocket Science Group (provider of MailChimp).

Contacting us

Should you have a particular query or feedback, including the exercise of one of your rights under the GDPR, you may contact us through the contact information available on our website. In such context, we may process your Personal Data for the purposes of handling and providing an answer to your query or request or to follow up on your feedback.

The information below describes the types of data we process for these purposes, where we get your data from, the ground we rely on to carry out the processing, and who we may share your data with.

  • Processed data categories: Email address and any other data you may decide to share with us upon contacting us.

  • Source of data: Directly from you when contacting us.

  • Legal basis: It is in the LeMO Project Partners’ legitimate interest to address any queries or feedback concerning the Project. In this context, the Partner’s legitimate interests prevail over yours.

  • Recipients of data: E-mail service providers.

Social media

We may process your Personal Data obtained through social media platforms (including Twitter) concerning the LeMO Project for the purposes of (i) addressing your questions or complaints; (ii) monitoring our online reputation; and (iii) improving our Project and identifying opportunities on which we can focus.

Some of our social media pages allow users to submit their own content. Please remember that any content submitted to one of our social media pages can be viewed by the public, and you should be cautious about providing certain personal information (e.g., financial information or address details) via these platforms. We are not responsible for any actions taken by other individuals if you post personal information on one of our social media platforms (e.g., Twitter). Please also refer to the respective privacy and cookie policies of the social media platforms you are using.

The information below describes the types of data we process for these purposes, where we get your data from, the ground we rely on to carry out the processing, and who we may share your data with.

  • Processed data categories: Any personal data you may decide to share with us or published on social media or in other online reviews about us.

  • Source of data: Directly from you through publicly accessible social media pages.

  • Legal basis: It is in the LeMO Project Partners’ legitimate interest to understand its visitors’ preferences and monitor its reputation. In this context, the Partner’s legitimate interests prevail over yours.

Data processors

In order for us to provide the Service to you, we rely on the following organisations to process your personal data on our behalf:

  • Dropbox International Unlimited Company. Processed data categories: First name, last name, organisation, title / function, email address, any information you decide to share with us as described herein. Instructions: Provision of hosting services.

In order to improve our Service, we may from time to time change the service providers with which we work.

3. Is your personal data used for direct marketing communications?

If you have explicitly consented, we may, from time to time, contact you with information about our Service.

If you no longer want to receive such communications, please unsubscribe by clicking on the unsubscribe link in the emails sent to you.

4. How long is your personal data stored?

We retain your Personal Data for as long as is required to fulfil the activities set out in this Privacy Policy, for as long as otherwise communicated to you or for as long as is permitted by applicable law. For example, we may retain your Personal Data if it is reasonably necessary to comply with any legal obligations, meet any regulatory requirements, resolve any disputes or litigation, or as otherwise needed to enforce this Policy and prevent fraud and abuse.

To determine the appropriate retention period for the information we collect from you, we consider the amount, nature, and sensitivity of the Personal Data, the potential risk of harm from unauthorized use or disclosure of the data, the purposes for which we process the Personal Data, and whether we can achieve those purposes through other means, and the applicable legal requirements.

5. How is your personal data shared with third parties?

We only share or disclose information as described herein, including with third parties.

Your personal data will also be shared with government authorities and/or law enforcement officials if required for the purposes above, if mandated by law or if required for the legal protection of the data controllers' legitimate interests in compliance with applicable laws.

6. Is your personal data transferred outside the EEA?

We do not intend to transfer the data that we collect from you to a destination outside the EEA. However, please note that the data processor(s) we rely on may store or transfer your personal data outside the EEA. When such a transfer happens, we ensure that it takes place in accordance with this Privacy Policy and that the necessary safeguards are put in place, ensuring that the transfer is (i) either regulated by standard contractual clauses approved by the European Commission as ensuring an adequate protection or (ii) done to an organisation that complies with the EU-US and Swiss-US Privacy Shield Framework as implemented by the U.S. Department of Commerce in case the transfer is made to the United States of America.

7. What are your rights?

Once you have provided your personal data, several rights are recognized under the Data Protection Legislation, which you can in principle exercise free of charge, subject to statutory exceptions. In particular, you have the following rights:

Right to withdraw consent: if your personal data is processed on the basis of your consent, you have the right to withdraw your consent at any time you choose and on your own initiative. You can do so by contacting the project coordinator at rak@vestforsk.no. The withdrawal of your consent will not affect the lawfulness of the collection and processing of your data based on your consent up until the moment where you withdraw your consent.

Right to access, review, and rectify your data: you have the right to access, review, and rectify your personal data. You may be entitled to ask us for a copy of your information, to review or correct it if you wish to review or rectify any information like your name or email address. You may also request a copy of the personal data processed as described herein by sending an email to the project coordinator at rak@vestforsk.no. You can access and review this information and, if necessary, ask to rectify your information.

Right to erasure: you have the right to erasure of all the personal data processed by as described herein in case it is no longer needed for the purposes for which the personal data was initially collected or processed, in accordance with the Data Protection Legislation.

Right to object or restriction of processing: under certain circumstances described in the Data Protection Legislation, you may ask for a restriction of processing or object to the processing of your personal data.

Right to object to processing for direct marketing: where your personal data is processed for direct marketing purposes, you may object to such processing.

Right to data portability: you have the right to receive the Personal Data processed in a format which is structured, commonly used and machine-readable and to transmit this data to another service provider.

These rights may be limited, for example if fulfilling your request would reveal personal data about another person, or if you ask us to delete information which we are required by law to keep or have compelling legitimate interests in keeping.

To exercise any of these rights, you can get in touch with us using the details set out below.

If you have unresolved concerns, you have the right to lodge a complaint with an EU data protection authority where you live, work or where you believe a breach may have occurred.

8. What security measures are put in place?

Appropriate technical and organisational measures are implemented in order to ensure an appropriate level of security of your personal data.

In the event personal information is compromised as a result of a security breach and where the breach is likely to result in a high risk to the rights and freedoms, we will make the necessary notifications, as required under the Data Protection Legislation.

9. What rules apply to children?

The Service is not intended for use by anyone under the age of 18.

We do not knowingly collect of solicit personal data from anyone under the age of 18 or knowingly allow such persons to register for the Service.

10. Does this policy apply to third party websites?

If you click on a link to a third party website, you will be taken to a website we do not control. This policy is only in effect for the Service and not for any third party website and you are subject to the terms of use and privacy and other policies of such third party website. Read the privacy policy of other websites carefully. We are not responsible or liable for the information or content on such third party websites.

11. Changes to this policy

We reserve the right to modify and update this privacy policy from time to time. We will bring these changes to your attention should they be indicative of a fundamental change to the processing or be relevant to the nature of the processing or be relevant to you and impact your data protection rights.

12. How can we be contacted?

Questions, comments, remarks, requests or complaints regarding this Privacy Policy are welcome and should be addressed to the project coordinator at rak@vestforsk.no