Privacy Policy
The Website https://www.greenpowermonitor.com/ and the platform https://gpmportal.greenpowermonitor.com are owned and operated by the Spanish registered company GREENPOWERMONITOR SISTEMAS DE MONITORIZACION, S.L. Tax Identification Code: CIF. B-64760655, registered in the Trade Register of Barcelona, Volume 40188, Sheet 0157, Sheet Number 363197, Entry 1.
Introduction
This privacy statement applies to any processing of personal data on the Website https://www.greenpowermonitor.com/ and the platform https://gpmportal.greenpowermonitor.com which is hereinafter referred to as the “Platform”.
Personal data in this regard shall mean any information relating to an individual who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that individual.
Processing shall mean any operation which is performed on personal data, such as collection, recording, organization, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure or destruction.
How we process your personal data
Personal data automatically collected when you browse the Website or Platform
When you visit the Website/Platform for informational reasons, i.e. without being registered, we will automatically gather and store certain information (e.g. device type, the browser used, the date and time of visit, pages visited, IP addresses, preferred time zone and language). We use such data only to assist us in providing an effective service (e.g., to adapt to the needs of your end user device or to allow you to log into our Platform). The personal data collected is necessary to provide you with the Platform. The legal basis for this processing activity is Article 6 (1) 1 lit. f of the European General Data Protection Regulation (“GDPR”).
Registration for and use of our services and products
We will process personal data actively provided by you, e.g. when you register with us by setting-up an account at the Platform, sending us requests or questions, prepare offers or place orders or access services. Such personal data may contain inter alia your name, e-mail address, contact details, company affiliation, user role, request and order information.
We collect and use personal data only to provide you with the services you requested, to administer your account at the Platform, identify you at sign-in and to communicate with you. We also interact with you via our contact sections or responding to complaints or general feedbacks given by you on our services or because we had or have a contract with you in place. For this, the legal basis is Article 6 (1) 1 lit. b GDPR (i.e., the processing is necessary for entering into or the performance of a contract with you).
Once you have gained access to our Platform, which is a real-time monitoring program that centralizes plant production data and status information, the following can be done:
- You as user can subscribe to multiple triggered alerts, getting e.g. informed about when a monitoring device is stopped, and we will send an email to your provided e-mail address to inform you about it. Anytime you can unsubscribe to any mail alert.
- You as a user can also subscribe to receive these communications via SMS which will be send to your provided phone number. You can unsubscribe from any SMS alert.
- You as a user can subscribe to daily or monthly reports, that will be send to your provided e-mail address. You can unsubscribe to emails being send at anytime.
- You can object to the use of your personal data for direct marketing at any time. We will then refrain from any processing to the extent it is related to such purposes. You can inform us about your objection under dataprotection@dnv.com .
We process your personal data as far as necessary for compliance with legal obligations to which we as the data controller are subject, in particular the applicable commercial accounting obligations and tax law requirements. The legal basis for this processing activity is Article 6 (1) 1 lit. c GDPR.
Your personal data is, in the absence of exceptions within the specific services mentioned below, retained for as long as your user account is used. After deletion of your account, your personal data will be erased once the purpose for keeping it has expired. As the case may be some personal data may be kept for security related purposes. Statutory storage obligations or the need for legal actions that may arise from misconduct within the services or payment problems can lead to a longer retention of your personal data. In this case, we will inform you accordingly.
Log files
The Platform is collecting log files to determine error situations and maintaining the service and to understand changes on data objects (e.g. who has disabled an alarm or report, has access to certain assets). Legal basis for this processing is Article 6 (1) 1 lit. f GDPR as it is our and the customer’s legitimate interest to get to know how their data is used and if something went wrong within the Platform.
Informational e-mails
With your email address, you can subscribe to our informational e-mails that provide you with the latest news about our products and services like research, analytics, reports and whitepapers if you consent to receiving such e-mails. The legal basis for this processing is Article 6 (1) lit. a GDPR. This service is partly provided by means of a double-opt-in. Thus, you will receive an email containing a link by which you can confirm that you are the owner of the email address and wish to be notified via our email service. If your subscription is not confirmed, we will not send you informational e-mails. You can unsubscribe from this service by opting out via the link provided in each informational e-mail.
Data collected from third party sources
We may also collect personal data about you such as your name and contact details for providing you with information on products and services, coming from third party resources on trade fairs and webinar vendors we are participating in.
Legal basis for this processing is Article 6 (1) 1 lit. f GDPR as it is our company group’s legitimate interest to maintain our user base, bring new users to the Platform and inform (potential) users about services organized and provided by DNV.
Automated decision making
We do not use your personal data for automated decision making which produces legal effects concerning you or similarly significantly affects you.
Recipient of your personal data
Your personal data will be disclosed to the following parties:
Group internal recipient
Within the DNV company group, your personal data may be transferred to various entities of the DNV Group. DNV consists of DNV Group AS with subsidiaries (“DNV”). The legal basis for such transfer is DNV Group’s legitimate interest in the provision of a shared custom support, administration and internal IT department as well as our company group’s legitimate interest to guarantee smooth operations between our entities for the purposes set out above. Personal data may be transferred outside of the country in which it was collected for.
DNV is a Binding Corporate Rules (Controller) certified company and therewith personal data transferred to a third country outside the European Union / European Economic Area is subject to these.
Third party recipients
We engage third party companies and individuals who assist us in providing the services and products we offer through this Platform or support us with certain functions related to this Platform. Your personal data will be e. g. shared with the following third parties and partly their sub-processors based also outside EU/EEA:
- Oracle AS
- Salesforce
- Microsoft Ireland Operations Limited
Our Service Providers will only use your personal data to the extent necessary to perform their functions and will be contractually bound to process your personal data only on our behalf and in compliance with the requests.
We may disclose your personal data if legally entitled or required to do so (for example if required by law or by a court order). The legal basis for this processing is Art. 6 (1) 1 lit. c GDPR.
International data transfer
Within the scope of our information sharing activities set out above, your personal data may be transferred to other countries (including countries outside the European Union) which may have different data protection standards than your country of residence. Please note that data processed in a foreign country may be subject to foreign laws and accessible to foreign governments, courts, law enforcement, and regulatory agencies. However, we will endeavor to take reasonable measures to keep up an adequate level of data protection also when sharing your personal data with such countries.
In the case of a transfer outside of the European Union, this transfer is safeguarded by the EU Standard Contractual Clauses.
You can find further information about the aforementioned safeguards under:
Retention periods
We strive to keep our processing activities with respect to your personal data as limited as possible. In the absence of specific retention periods set out in this policy, your personal data will be retained only for as long as we need it to fulfil the purpose for which we have collected it and, if applicable, as long as required by statutory retention requirements.
How we use cookies
The Platform uses cookies. A cookie is a small file of letters and numbers that we put on your computer. These cookies allow us to distinguish you from other users of the Platform which helps us to provide you with a good experience when you browse our Platform, and to improve our Platform.
A cookie can be classified by its lifespan and the domain to which it belongs. By lifespan, a cookie is either a:
- session cookie which is erased when the user closes the browser or As for the domain to which it belongs, there are either:
- first-party cookies which are set by the web server of the visited page and share the same domain.
- third-party cookies are stored by a different domain to the visited page’s domain. This can happen when the webpage references a file, such as JavaScript, located outside its domain.
The cookies we use allow us to see:
- The Internet domain and Internet Protocol (IP) address from which you access our Platform;
- The type of Internet browser and the operating system of the computer you use to access our Platform;
- The date and time you visit our Platform;
- The pages you visit on our Platform;
- The pages you shared on social media and to which social media network;
- If you linked to our Platform from another Platform, the address of that Platform; and If you were referred to our Platform from a search engine, the address of that Platform and the search term you used to find us.
Any data processing that occur while using cookies used for the sole purpose of carrying out the transmission of a communication and/or strictly necessary to perform the services you required is based on Article 6 (1) lit. b GDPR.
In case personal data is processed in the course of using cookies and/or similar technologies that are used for other purposes, e.g. improving our Platform or marketing purposes, the processing is based on Article 6 (1) lit. f GDPR and represents our legitimate interest in maintaining our user base, bringing new users to the Platform and informing (potential) users about services organized and provided by DNV.
You can control and/or delete cookies as you wish – for details, see www.allaboutcookies.org. You can delete all cookies that are already on your computer and you can set most browsers to prevent them from being placed. If you do this, however, you may have to manually adjust some preferences every time you visit the Platform and some services and functionalities may not work.
Please note that Service Providers might be using their own Cookies.
Google Analytics
This Platform uses Google Analytics, a web analytics service provided by Google, Inc. (“Google”). Google Analytics uses cookies to help us analyze how users use the site. The information generated by the cookie about your use of the Platform (including your IP address) will be transmitted to and stored by Google on servers in the United States.
The Platform uses Google Analytics’ IP anonymization function. Google will truncate/anonymize the last octet of the IP address for Member States of the European Union as well as for other parties to the Agreement on the European Economic Area. Only in exceptional cases, the full IP address is sent to and shortened by Google servers in the USA. On our behalf, Google will use this information for the purpose of evaluating your use of the Platform, compiling reports on Platform activity and providing other services relating to Platform activity and internet usage to us. Google will not associate your IP address with any other data held by Google. You may refuse the use of cookies by selecting the appropriate settings on your browser. However, please note that if you do this, you may not be able to use the full functionality of this Platform.
Furthermore, you can prevent Google’s collection and use of data (cookies and IP address) by downloading and installing the browser plug-in available under https://tools.google.com/dlpage/gaoptout?hl=en. An opt-out cookie will be set to prevent the future collection of your information when you visit this Platform.
Further information can be found under https://developers.google.com/analytics/devguides/collection/analyticsjs/cookie-usage
Security
- Security of personal data is our highest concern. We apply strict security measures to protect confidentiality and integrity of your personal data when transferring, storing or processing it.
- We use physical, administrative and technical security measures to reduce the risk of loss, misuse or unauthorized access, disclosure or modification of your personal data.
- Your personal data is stored using industry best practices on secure servers at fully classed data centers
- All traffic is transmitted over secured communication protocols (TLS/SSL)
- All access to our systems is implemented using industry best practices
Data subjects’ rights
You may be entitled to exercise some or all of the following rights free of charge:
a) Require (i) information whether your personal data is retained and (ii) access to and/or (iii) duplicates of your personal data retained, including the purposes of the processing, the categories of data concerned, and the recipients or categories of recipients to whom the data are disclosed and where possible, the envisaged period for which the personal data will be stored, or, if not possible, the criteria used to determine that period;
b) Request proper rectification, removal or restriction of your personal data, e.g. because (i) of the incomplete or inaccurate nature of the personal data, (ii) it is no longer needed for the purposes for which it was collected, (iii) the consent on which the processing was based has been withdrawn, or (iv) you have taken advantage of an existing right to object to the data processing; in case your personal data is processed by third parties, we will forward your request for rectification, removal or restriction also to such third parties unless this proves impossible or involves disproportionate effort;
c) Receive the personal data concerning you, which you have provided to us, in a structured, commonly used and machine-readable format and to transmit those data to another controller without hindrance from our side; where technically feasible you shall have the right to have the personal data transmitted directly from us to another controller,
d) Refuse to provide and – without impact to data processing activities that have taken place before such withdrawal – withdraw your consent to processing of your personal data at any time;
e) Object at any time that your personal data will be used for direct marketing purposes, or – based on grounds relating to your particular situation, that your personal data shall be subject to data processing for other purposes;
f) Not to be subject to any automatic individual decisions (automatic decisions based on data processing by automatic means, for the purpose of assessing several personal aspects) which produce legal effects on you or similarly significantly affect you;
g) Take legal actions in relation to any breach of your rights regarding the processing of your personal data, as well as to lodge complaints before the competent data protection regulators.
Revision of the Privacy Statement
DNV may change or update the privacy statement without notice. All such changes will take effect once they have been posted on the Platform. It is your responsibility to monitor such updates. The privacy statement was last updated on the date stated at the beginning of this privacy statement.
Contact Details
If you are concerned about use of the Data or have any questions regarding this Privacy Statement, please contact our data protection officer via dataprotection@dnv.com or by getting back to her using the same postal address as listed below. DNV regrets that only general queries about the privacy statement can be responded to via e-mail.
We wish you a pleasant, enhanced user experience at the Platform!