Privacy Policy

The Privacy and Cookie Policy of ENoLL

  This is the privacy policy (“Policy”) of the European Network of Living Labs (“ENoLL”), an international non-profit association established under Belgian law, with registered office at Kunstlaan 6, 1210 Sint-Joost-ten-Node, 0824.793.473 (“us”, “we”, “our”). 

This Policy sets out the general policies on data privacy and protection and will help every person who uses our website(s) and/or services (“you”, “your”) understand how ENoLL collects, uses, shares and protects the personal data you provide to us by visiting one of our websites (e.g. https://enoll.org/), filling in surveys distributed by us, subscribing to our newsletters, participating in our events, directly communicating with us via email or by submitting personal data in any other manner to us. 

We are responsible for the collection, processing, use and disclosure of your personal data in accordance with the legal requirements of the General Data Protection Regulation of the European Union (GDPR) and the Belgian law of 30 July 2018 on the protection of natural persons with regard to the processing of personal data. We take data protection seriously and are committed to the protection of your personal data. 

By submitting personal data to us, you consent and agree that we may collect, use and disclose such personal data in accordance with this Policy and as permitted or required by law, and may disclose the information to a third party, such as service providers and members and partners of ENoLL or as otherwise authorized under applicable law. 

For our privacy practices in relation to specific services, we refer you also to the agreement as may be concluded between us. 

  

  1.  Personal data we collect about you 

We may collect the following data 

  • Your name and contact information, including email address, telephone number and job title. 
  • Information to enable us to check and verify your identity, e.g. your date and/or place of birth. 
  • Your activity across our different working groups (emails sent to lists, etc.). 
  • In relation to specific projects or legal requirements, information including your nationality, geographical location (residence), gender, age, sector of employment. 
  • Your responses to surveys, questionnaires, projects, events, including special requirements or points of interest you indicate during your registration to events. 
  • Your IP address. 
  • Other relevant information regarding user interaction (such as interests and preferences) data profile regarding your online (clicking) behaviour on our website etc.), such as information about how you interact with our website (e.g., pages visited, buttons clicked, time spent on different sections).  

We may collect and process also sensitive personal data in compliance with applicable data protection laws such as health information to provide appropriate services (i.e. allergies, dietary restrictions and disability information for the sole purpose of organisation and catering of events) and based on your consent. 

  1. How your personal data are collected 

We collect most of these personal data, depending on how you interact with us, directly from you, in person, by telephone, text or email and via our website, registration forms, surveys or feedback forms. In particular, we may collect information in the following non-limited cases: 

  • Data you provide directly: We collect personal data when you voluntarily provide it to us, including: 
  • Member/partner registration: When you sign up for member/partner registration, we collect your name, email address, and other contact details. 
  • Board member/representative registration: When you are appointed as board member or member/partner representative, we collect your name, email address, data and place of birth, nationality and residence and other personal data (if required).  
  • Project registration: When you participate in projects, we collect your name, email address, phone number and other personal data (if required).  
  • Event registration: When you contact us for the registration of ENoLL events, we may collect your name, email address and other personal data (if required). 
  • Support: When you contact us for support, inquiries, questions or information, we collect your name, contact information (including but not limited to name, job title, business/email address and telephone number) and any details you provide about your issue. 
  • Surveys and feedback: When you complete surveys or provide feedback, we collect the information you provide, including opinions, responses, and preferences. 
  • Data collected automatically: When you use our website or portals/forms, we automatically collect certain data through cookies and other tracking technologies, including: 
  • Usage data: We collect data about your interactions with our services, such as the pages you visit, time spent on the site, and clicks. 
  • Device and browser information: We collect technical information about your device, browser type, IP address. 

For more information on our use of cookies, please see our cookies policy below. 

  1. On what legal basis are your personal data processed? 

In accordance with the data protection law, we process your personal data based on the following legal grounds: 

  • if necessary for compliance with our legal and regulatory obligations; 
  • if necessary for the performance of a contract to which you are a party or in order to take steps at your request prior to entering into a contract; 
  • if necessary for the purposes of the legitimate interests pursued by us or by a third party.  A legitimate interest is when we have a business or commercial reason to use your personal data, as long as this is not overridden by your own rights and interests; 
  • if you have given consent to the processing of your personal data for one or more specific purposes. 

We are collecting your data for several (non-limited) reasons: 

  • Supplier management 
  • Client management 
  • Membership and network management 
  • Corporate file 
  • EU Transparency register  
  • Website management 
  • Marketing (Newsletter) 
  • Project Management 

We may use your personal data to send you updates (by email, text message, telephone or post) about our services, including ENoLL’s activities, programs and events and to organize such activities, programs and events, and to provide you with access to the ENoLL portals, forms, platforms and to conduct our activities and comply with legal requirements. 

We will always treat your personal information with the utmost respect and never share it with other organizations for marketing purposes. 

You have the right to opt-out of receiving updates of our services, activities, programs and events at any time by contacting us at [email protected].  

We may ask you to confirm or update your preferences if you instruct us to provide further services in the future, or if there are changes in the law, regulation, or the structure of our operation. 

  1. Who do we share your personal data with? 

ENoLL is the controller, meaning, the legal person which, alone or jointly with others, determines the purposes and means of the processing of personal data. 

We routinely share personal information with: 

  • third parties we use to help deliver our services to you (such as distribution mailing services, event mailing services); 
  • other third parties we use to help us run our organization, e.g. website hosts, accountancy, legal counsels, event organizers etc.; 
  • third parties approved by you if any, e.g. social media sites you choose to link your account to or third-party payment providers; 
  • our banks in relation to our legal statutory obligations under Belgian law. 

We only allow our service providers to handle your personal data if we are satisfied that they take appropriate measures to protect your personal data. We also impose contractual obligations on service providers relating to ensure they can only use your personal data to provide services to us and to you. We may also share personal information with external auditors, e.g. in relation to accreditation and the audit of our accounts. We may also disclose and exchange personal data with law enforcement agencies and regulatory bodies to comply with our legal and regulatory obligations. 

  1. Where are your personal data held. 

Personal data may be stored and processed within the European Economic Area (EEA). All personal data are stored at our offices (own servers or on paper) or on secure servers located within the EEA. We utilize third-party cloud service providers that operate data centers within the EEA to ensure high levels of security and compliance. These service providers are subject to strict data protection standards, and all data is stored with adequate measures in compliance with the GDPR.   

In cases where we are required to transfer personal data outside the EEA, we will take the necessary measures to ensure that your personal data is adequately protected, secured, kept confidential and that there is a lawful basis for the transfer, as outlined by GDPR.  

  1. How long will your personal data be kept? 

We process and retain your personal data during the period required for the performance of our contractual obligations and compliance with legal obligations or other purposes pursued with the processing and in accordance with legal retention and documentation obligations. 

Personal data may be retained for the period to respond to questions and complaints or during which claims can be asserted against us or insofar as we are otherwise legally obliged to do so or if legitimate business interests require further retention (e.g., for evidence and documentation purposes). As soon as your personal data are no longer required for the above-mentioned purposes, they will be deleted or anonymized, as appropriate.  

We will not retain your personal data for longer than necessary for the purposes set out in this Policy. 

  1. Your rights 

In accordance with, and as far as provided by the GDPR, you have  

  • the right to access (the right to be provided with a copy of your personal information); 
  • the right to rectification (the right to require us to correct any mistakes in your personal data); 
  • the right to be forgotten (the right to require us to delete your personal data in certain situations); 
  • the right to restriction of processing (the right to require us to restrict processing of your personal data in certain circumstances, e.g. if you contest the accuracy of the personal data); 
  • the right to data portability (the right to receive the personal data you provided to us, in a structured, commonly used and machine-readable format and/or transmit that data to a third party in certain situations); 
  • the right to object to processing (the right to object to the processing of your personal data (1) on grounds relating to your particular situation, but only to the extent that the legal basis for the processing is that the processing is necessary for the purposes of the legitimate interests pursued by us or by a third party, and (2) at any time to your personal data being processed for direct marketing); 

We reserve the right to enforce legal or statutory restrictions on our part, for example if we are obliged to retain or process certain data, have legitimate grounds overriding your interests, rights and freedoms or need the data for the establishment or defense of legal claims.  

For further information on each of those rights, including the circumstances in which they apply, please contact us. If you would like to exercise any of those rights, please: email or write to our Data Protection Officer: [email protected]  

If you consider that our processing of your personal information infringes data protection laws, you have a legal right to file a complaint with a supervisory authority responsible for data protection. You may do so in the EU member state of your habitual residence, your place of work or the place of the alleged infringement. In Belgium, you can submit a complaint to the Belgian Data Protection Authority, Drukpersstraat 35, 1000 Brussel: 

Website: https://www.dataprotectionauthority.be/citizen

E-mail: [email protected] 

  1. Safeguarding and securing the personal data 

ENoLL is committed to securing your personal data and keeping them confidential. ENoLL has taken appropriate technical and organizational security measures to protect your personal data from data theft, unauthorized access, alteration, deletion and misuse by implementing adequate technologies and software, which help us to safeguard all the information we collect. Those processing your personal data will do so only in an authorized manner and are subject to a duty of confidentiality. 

We also have procedures in place to deal with any suspected data security breach.  

We will notify you and any applicable regulator of a suspected data security breach where we are legally required to do so. 

  1. Our cookie policy 

Once you agree to -allow our website to -use cookies, you also agree to use the data it collects regarding your online behavior (analyze web traffic, web pages you spend the most time on, and websites you visit). 

The data we collect by using cookies is used to customize our website to your needs. After we use the data for statistical analysis, the data is completely removed from our systems. 

Please note that cookies don’t allow us to gain control of your computer in any way. They are strictly used to monitor which pages you find useful and which you do not so that we can provide a better experience for you. 

What cookies do we use? 

  • Strictly necessary cookies. Some cookies are strictly necessary in order to enable you to browse on our website and use its features. 
  • Performance cookies. We use Google Analytics cookies to collect information about the use of our Site, for instance which pages visitors go to most often, and if they get error messages from web pages. This helps us improve your browsing experience. Google Analytics analyses your interaction with our website and stores information about IP address, operating system, web browser, pages visited, demographics of the users, the device used, and where the visit originated.  
  1. Links to other websites 

Our website contains links that lead to other websites. If you click on these links ENoLL is not held responsible for your data and privacy protection. Visiting those websites is not governed by this Policy. Make sure to read the privacy policy documentation of the website you go to from our website. 

  1. Social media plug-ins 

Our website has buttons that link to LinkedIn, Facebook, Twitter, Instagram and YouTube. The providers of these third-party social widgets may set cookies to collect information regarding our website users and their interactions with the social widgets. Make sure to read the privacy policies documents of the social widget providers for more information. 

  1. Changes to this Policy 

This Policy was last modified on 7 October 2024.  

We reserve the right to change this Policy at any given time, of which you will be informed without undue delay via our website. If you want to make sure that you are up to date with the latest changes, we advise you to frequently visit this page. 

All changes will be effective from that date. However, in the event that any modifications to this privacy notice materially alter your rights or obligations hereunder, we will make reasonable efforts to notify you of the change and, where required by applicable law or as we otherwise deem appropriate, to obtain your consent. 

  1. How to contact us 

If you have any questions regarding data protection, if you would like to receive further information or if you would like to exercise any of your rights in relation to your personal data, please contact our Data Protection Officer by email at [email protected]  

Subscribe to newsletter

Stay connected and inspired! Subscribe to our newsletter for the latest updates, insights, and innovations from our global community of Living Labs.

ENOL