GDPR and AI

Privacy Statement

We have drawn up this privacy statement to make clear to you that we take your privacy seriously. The personal data we collect from you is processed and secured properly and carefully. In doing so, we comply with the General Data Protection Regulation (GDPR).

Personal Data We Process.

We process your personal data because you use our services and/or because you provide this data to us yourself. We do not process more personal data than we truly need. Below you will find an overview of the personal data we process, depending on the purpose:

Use of Teamenergy (platform): First name; Company name; Email address 

Billing: Name; Company name; Email; Phone; Other personal data you actively provide, for example when contacting us, etc. 

Special and/or sensitive personal data that we process

In principle, we do not process any special and/or sensitive personal data. 

Our website and/or service does not intend to collect data about website visitors under the age of 16, unless they have consent from a parent or guardian. However, we cannot verify whether a visitor is older than 16. We therefore advise parents to be involved in their children’s online activities, in order to prevent data about children being collected without parental consent. If you are convinced that we have collected personal data about a minor without such consent, please contact us and we will delete this information. 

For what purpose and on what basis do we process personal data?

We process your personal data for the following purposes: to be able to carry out our services and provide access to the Teamenergy platform; to be able to call or email you if this is necessary to carry out our services; to inform you about changes to our services and products.

We process your personal data because (legal bases): this is necessary to perform our services (contract); you have given your consent for this; we are legally required to do so. 

Automated Decision-Making

We do not use automated decision-making within the meaning of Article 22 GDPR. This means we do not make decisions based on automated processing about matters that could have (significant) consequences for individuals. This refers to decisions made by computer programs or systems without any human (for example, an employee) involved.

How long we retain personal data

We do not retain your personal data longer than strictly necessary to achieve the purposes for which your data is collected. We apply the following retention periods for the following (categories of) personal data: 

Use of Teamenergy: Company data used for billing purposes is retained for 5 calendar years. The first name and email address you provided during the performance of the services are deleted 12 months after a measurement has been taken, and therefore must be re-entered for any subsequent measurement. 

Sharing Personal Data with Third Parties

We only share your personal data with third parties when this is permitted under current legislation. It may occur that we provide your personal data to third parties because: we have engaged them to process certain personal data; this is necessary to perform the agreement with you; you give your consent for this; we have a legitimate interest in doing so; we are legally required to do so (for example, if the police demand it in case of a suspected crime). 

Where applicable, we enter into a data processing agreement with these recipients to ensure the same level of security and confidentiality of your data. Below you will find an overview of the parties that process personal data on our behalf or on yours. 

RebelsAI is based in the Netherlands and is used for generating reports. Digital Impact is based in the Netherlands and provides the Teamenergy platform. This platform is used for administering questionnaires within Teamenergy (front-end). 

International Transfer of Personal Data

Some of our suppliers are established outside the European Economic Area (EEA), but in that case the personal data is processed within Europe. This concerns Microsoft Azure. Arrangements have also been made about this in the data processing agreement, so that there is no processing of personal data outside the EEA. 

Security

We take appropriate security measures to limit misuse of, and unauthorized access to, your personal data. For example, we ensure that only the necessary persons have access to your personal data, that access to your personal data is shielded, and that our security measures are checked regularly. Among others, we take the following security measures: 

MFA access control on our laptops and systems; physical measures for access security to the premises; encryption of digital files; anonymization at the source where possible; separate processing of personal data and platform; securing of network connections via Transport Layer Security (TLS) technology; purpose-based access restrictions. 

We work digitally, and digital documents are secured. 

Cookies, or similar technologies, that we use.

We use functional, analytical, and tracking cookies. A cookie is a small text file that is stored in the browser of your computer, tablet, or smartphone on your first visit to this website. 

We use cookies with a purely technical functionality. These ensure that the website works properly and that, for example, your preferred settings are remembered. These cookies are also used to make the website work well and to optimize it. 

In addition, we place cookies that track your browsing behavior so that we can offer tailor-made content and advertisements. 

These cookies collect the following data from you: IP address; Cookie ID; Application and click behavior; Referrer URL 

On your first visit to our website, we already informed you about these cookies, provided an explanation about them, and — insofar as we are required to do so — requested your consent for placing them. You can opt out of cookies by setting your internet browser so that it no longer stores cookies. In addition, you can also delete all previously stored information via your browser settings. For an explanation, see: https://veiliginternetten.nl/themes/situatie/cookies-wat-zijn-het-en-wat-doe-ik-ermee/ 

Via this link you will find an overview of the cookies we use: Rights of Data Subjects

Yhttps://www.teamenergy.ai/en/cookies ou have the following rights: 

Right of access: you have the right to view the personal data we process about you. 

Right to rectification: you have the right to correct or supplement the personal data we process about you if it is inaccurate or incomplete. 

Right to withdraw your consent: you can always easily withdraw your consent. 

Right to object: you can object to the processing of your personal data. 

Right to erasure: you can request us to delete your personal data. 

Right to data portability: where technically possible, you have the right to have the personal data we process about you transferred to a third party. 

Right to restriction of processing: in some cases you can request that the processing of your personal data be restricted (whether temporarily or not), which means we process less of your data. 

When you wish to exercise one of these rights, we may ask you to identify yourself. We request data for this purpose to be sure that you are the correct person to whom the personal data belongs. 

In principle, we will comply with your request within one month. However, this period may be extended by two months for reasons related to the specific privacy rights or the complexity of the request. If we extend this period, we will notify you of this within the first month. 

If you wish to exercise one of your rights, you can make this known by contacting us via the contact details at the bottom of this privacy and cookie statement. 

File a complaint

If you have questions or wish to file a complaint about the use of your personal data, you can contact us via the contact details at the bottom of this privacy and cookie statement. We handle every question and complaint internally and communicate further with you about it. If you feel that we are not helping you in the right way, you can contact the Dutch Data Protection Authority (Autoriteit Persoonsgegevens) to file a complaint.

Changes to this Privacy and Cookie Policy

We have the right to make changes to this privacy and cookie statement. Changes will be published on our website. Therefore, please check this privacy and cookie statement regularly so that you are aware of any changes. 

Contact

Teamenergy B.V., Amersfoortsestraatweg 124, 1411 HJ Naarden, the Netherlands. info@teamenergie.ai