Privacy Statement

All personal data that we, EPIA SOLARPOWER EUROPE AISBL (“SolarPower Europe”), obtain about you will be collected and processed in accordance with applicable data protection legislation, in particular the General Data Protection Regulation 2016/679 of 27 April 2016 (“GDPR”).

Below, you can find for each purpose the personal data that we process, why we process it, how we obtain the data, how long we retain the data and with whom we share it.

Identity and contact details

The data controller for your personal data is the following legal entity: 

EPIA SOLARPOWER EUROPE AISBL

Rond-Point Robert Schuman 3

Brussels 1040 

Belgium

Enterprise number: 0427.557.687 

If you have any questions about the processing of your personal data, you can always contact us:

• via post: to the above-mentioned address (attn. Privacy)
• via e-mail: info@solarpowereurope.org

Purposes

1. Website

When you visit our website, we process your personal identification data (IP address and cookies). This data allows us to improve your browsing experience on our website, to better tailor the website to your preferences and to secure our website against spam. 

The legal basis for placing essential and functional cookies is our legitimate interest to provide a well-functioning and user-friendly website (Art. 6, §1, (f) GDPR). Analytical, advertising and social media cookies will only be placed if you have given your consent (Art. 6, §1, (a) GDPR) (for more information, see our cookie statement available at the following link: https://www.iubenda.com/privacy-policy/77412430/cookie-policy). 

We obtain this personal data directly from you. 

The expiration date varies per cookie and you can change your cookie preferences at any time (for more information, see our cookie statement, available at the following link: https://www.iubenda.com/privacy-policy/77412430/cookie-policy). 

We only share this personal data with IT, cloud, software and other service providers with whom we cooperate for our website and for data management purposes. The providers of third party cookies may also have access to your personal data.

2. Membership management

When your organisation becomes a member of SolarPower Europe, we may process your personal identification data (such as, name, company address, email address, telephone number), employment data (such as, employer, function), log-in details, information relating to your participation in meetings and events, and other information provided in correspondence with us. 

The legal basis for this processing is our legitimate interest to administer membership and provide services to our members (providing you with (access to) information and tools, managing your participation in meetings and events etc.) (Art. 6, §1, (f) GDPR). To publish personal data relating to (contacts of) members on our website, we request consent (Art. 6, §1, (a) GDPR). 

We may process certain passport or ID card information when you become a director of SolarPower Europe because we have a legal obligation to do so (Art. 6, §1, (c) GDPR). 

We obtain this personal data directly from you or your organisation or, in certain circumstances, via third parties such as other SolarPower Europe members.

We may store your personal data for up to 10 years after termination of the membership agreement (plus a verification period of 1 year).

We only share your personal data with third parties on a need-to-know basis, including:

• other SolarPower Europe members
• other interprofessional and trade federations
• public authorities
• participants in meetings and events
• commercial partners (for instance, co-organisers of events or sponsors)
• third parties in case of corporate transactions

Our IT, cloud, software and other service providers may also have access to your personal data.

3. Interactions with stakeholders

As (a contact person of) a stakeholder, we may process your personal identification data (such as, name, (company) address, email address, telephone number), employment data (such as, employer, function), log-in details, information relating to your participation in meetings and events, and other information provided in correspondence with us.  

The legal basis for this processing is our legitimate interest to pursue the mission of our organisation and in particular to organise meetings, inform you about issues important for us, provide you with relevant information and organise your participation in events (Art. 6, §1, (f) GDPR).

We obtain this personal data directly from you or your organisation or, in certain circumstances, via public sources or third parties such as other SolarPower Europe members.

We may store your personal data for up to 10 years after our last communication with you (plus a verification period of 1 year).

We only share your personal data with third parties on a need-to-know basis, including:

• SolarPower Europe members
• other interprofessional and trade federations
• public authorities
• participants in meetings and events
• commercial partners (for instance, co-organisers of events)
• third parties in case of corporate transactions

Our IT, cloud, software and other service providers may also have access to your personal data.

4. B2B management

When managing our relationships with suppliers or business partners (such as sponsors), we may process your personal identification data (such as, name, company address, email address, telephone number), employment data (such as, employer, function) as well as all other information that is provided to us or is relevant in the context of our collaboration. 

The legal basis for this processing is our legitimate interest to organise our B2B management (Art. 6, §1, (f) GDPR).

We obtain this personal data directly from you or, in certain circumstances, via third parties.

We may store your personal data for up to 10 years after the termination of our cooperation (plus a verification period of 1 year).

We only share your personal data with third parties on a need-to-know basis, including:

• SolarPower Europe members
• other interprofessional and trade federations
• public authorities
• participants in meetings and events
• commercial partners (for instance, co-organisers of events)
• third parties in case of corporate transactions

Our IT, cloud, software and other service providers may also have access to your personal data.

5. Newsletter and other communications 

For our newsletters and other communications, we may process your personal identification data (name, (company) address, e-mail address), personal characteristics (language) and employment data (employer, function). We may also receive information about your interaction with our newsletters or other communications.

This data allows us to keep you informed of developments, our activities, services and events.

If you subscribe to our newsletters or other communications via the website, you will receive them because you have given your consent (Art. 6, §1, (a) GDPR).

We obtain this personal data directly from you when you sign up for our newsletters or other communications or from your organisation.

You can unsubscribe to our newsletters and other communications, which you are free to do at any time (for more information, see Rights). (Un)subscribing-preferences are managed per communication type. After you unsubscribe, we may retain your personal data related to that communication type for up to one year.

Our IT, cloud, software and other service providers, and third parties in case of corporate transactions may also have access to your personal data.

6. Recruitment

When you apply for a position at SolarPower Europe, we process your personal identification data (name, address, email address, telephone number) as well as all other information provided to us in your resume or during the recruitment process (including during interviews).

This personal data allows us to fill in our current vacancies (including by conducting reference checks) and maintain a database of potential candidates for future vacancies.

The legal basis for this processing is the conclusion of an employment agreement with you (Art. 6, §1, (b) GDPR). In case we conduct reference checks or want to include you in our talents database for future vacancies, we will ask for your consent (Art. 6, §1, (a) GDPR).

We obtain this personal data directly from you or via recruitment agencies.

For recruitment purposes, we store your personal data for up to 1 year plus a verification period of 6 months after withholding or rejecting your application. When you have given your consent, we will keep you in our talents database for a period of 5 years. You can of course withdraw your consent at any time (for more information, see Rights).

We may share your personal data with recruitment agencies. Our IT, cloud, software and other service providers, and third parties in case of corporate transactions may also have access to your personal data.

7. Accounting

For accountancy purposes, we may process your personal identification data (such as, name, company address, email address, telephone number), identification data issued by public authorities (enterprise number, VAT number), financial data (bank account number, manner of payment) and an overview of supplied services.

This data allows us to keep our accounts and comply with accounting obligations and invoice our services.

The legal basis for this processing is the various legal obligations as set out in the Belgian Code of Economic Law, the Belgian Code of Companies and Associations and its Royal Decree and the Belgian Income Tax Code (Art. 6, §1, (c) GDPR).

We obtain this personal data directly from you, your organisation or, in certain circumstances, via third parties such as other SolarPower Europe members or other stakeholders.

For accountancy purposes, we store your personal data for up to 10 years plus a verification period of 1 year after the relevant financial year.

We only share this personal data with third parties on a need-to-know basis, including public authorities, social security authorities, banking and insurance companies, our accounting firm and auditors. Our IT, cloud, software and other service providers, and third parties in case of corporate transactions may also have access to your personal data.

8. Proceedings management

In case of (potential) proceedings (including without limitation litigation, investigations, or similar processes), we may process your personal identification data (name, company address, email address, telephone number) and any other information that is relevant to the matter.

This data allows us to safeguard our legitimate interests in managing, responding to, and resolving such proceedings.

The legal basis for this processing is the legitimate interest to preserve, exercise and defend our (contractual, extra-contractual, legal and other) rights (Art. 6, §1, (f) GDPR).

We obtain this personal data directly from you or via third parties.

For our proceedings management, we store your personal data for up to 5 years plus a verification period of 1 year after the expiry of the period for appeal at last instance.

We only share this personal data with third parties on a need-to-know basis, including other SolarPower Europe members and directors, public authorities and judicial authorities (i.e. courts and tribunals, bailiffs, public prosecutor’s office and police authorities), banking and insurance companies, our accounting firm, external legal counsel and debt collection firms. Our IT, cloud, software and other service providers, and third parties in case of corporate transactions may also have access to your personal data.

Security

We have implemented appropriate technical and organizational measures to ensure the confidentiality of your personal data and to protect your data from accidental and unlawful destruction, loss, alteration, unauthorized disclosure and access.

We have made the necessary contractual arrangements with the third parties with whom we work together and will not transfer your personal data outside the European Economic Area without ensuring that your data is granted an equivalent level of protection there.

Rights

You can always contact us to exercise the following rights:

• the right to access and rectification of your personal data
• the right to erasure of your personal data
• the right to restrict the processing of your personal data
• the right to withdraw your consent
• the right to object to the processing of your data
• the right to transmit your data to another service provider
• the right to lodge a complaint if you believe that we are not acting in accordance with applicable data protection laws. You can also submit a complaint to the Belgian Data Protection Authority.

You can reach us via one of the channels mentioned under the contact details above in this statement.

If you no longer wish to receive our newsletter or other communications and wish to stop the processing of your data for that purpose, you can always use the unsubscribe link provided at the bottom of each newsletter. Once you unsubscribe from the newsletter or other communications, you will no longer receive them. You can always resubscribe via our website. You can also access or rectify your personal data by using the “update preferences” option at the bottom of the newsletter. 

We respect all rights relating to your personal data to which you are entitled under applicable law.

For those processing activities for which the legal basis is a legitimate interest, you can ask us more information about the balancing test that we have carried out in that context (for more information, see Purposes).

For identification purposes, we may ask you for further information or a copy of the front side of your identity card.

Updates

This privacy notice may be amended from time to time, within the limits of the applicable data protection laws. Via our website you always have access to the most recent version.