Privacy Policy

We, GreenTwin GmbH, operate the ResC4EU B2B Platform (the Platform, in short) and its subdomains.

This Privacy Policy informs you about our policies regarding the collection and use of your personal data. This Privacy Policy applies exclusively to personal data processed by the ResC4EU B2B Platform, and excludes processing of personal data through the project website and other project channels such as project-related events, learning academies, workshops, digital services hosted outside of the Platform, and more. The Platform is designed in compliance with the General Data Protection Regulation (GDPR) and will not be responsible for the processing of personal data by third parties.

By using this Platform and its services, you agree to this Privacy Policy.

The Platform is created to support SMEs in Europe, by providing them with a digital platform infrastructure, tools, services and methods to identify and address vulnerabilities in their supply chains. The Platform will also provide SMEs with access to a network of experts who can provide advices on how to improve the resilience of their supply chains.

The Platform is created to support the project Resilient Supply Chains for Europe (ResC4EU), which is an Coordination and Support Action (CSA) funded by the European Commission, for the period January 2024 - December 2026. GreenTwin GmbH is the project partner responsible for the operation of the ResC4EU B2B Platform. Furthermore, the project involves a consortium of 10 partners from 7 European countries: Germany, Norway, Poland, Latvia, Ireland, Spain, and Austria.

Our servers are located in the European Union. For the User Identity Management, we use modern thrid party services enabled through Kinde (https://kinde.com/). The user data such as: the user name, user surname, user email address, and user role(s) on the platform, will be stored on a trusted server that is hosted by Kinde and located in Ireland. For more details about the Kinde Privacy Policy, visit: https://docs.kinde.com/trust-center/privacy-and-compliance/privacy-policy/

Controller for the purposes of GDPR, data protection laws applicable in Member states of the European Union and other data protection provisions is:

- Information by which you may be personally identified, such as name, organization, title, postal address, e-mail address, telephone number, or other identifiers by which you may be contacted online or offline. For example, the Platform may contact you asking to use your feedback for the Platform testimonials section. Or, other business representatives may contact you to discuss potential business opportunities.

- Information that is about you but does not identify you, such as organisation identity code, system and performance information, usage data, general geographic location, demographic information, and other information provided by a person about their business, such as business size, business type, risks, offers, and other business-related information. This information is used to operate the Platform, to maintain the quality of its services and to provide analytics about the usage of the Platform.

Some features of the Platform will enable you to provide information to be published or displayed/posted on public areas of the Platform, created for marketing and promotional purposes. You should be aware that any such information you choose to provide in these areas may be read, collected and used by others who access them. The Platform will not be responsible for the use of information you choose to submit on these public pages.

We urge caution to anyone deciding to disclose their Personal information, or any other information.

- To present the Platform Services and their contents.

- To provide users with information about your goods or services they request using our Platform, for example, by providing access to a network of experts who can advice on how to improve the resilience of your supply chains.

- To manage Platform accounts.

- To provide you with notices about your accounts, including expiration and renewal notices.

- To notify you about changes to our Platform, any tools or services we offer or provide, our Terms and Conditions applicable to the Platform, or any changes to this Privacy Policy.

- To communicate with you, including to respond to your comments and questions.

- To allow you to access and download materials, and use other interactive features on our Platform.

- As we believe to be necessary or appropriate: (a) under applicable law, including laws outside your country of residence; (b) to comply with legal process; (c) to respond to requests from public and government authorities including public and government authorities outside your country of residence; (d) to carry out our obligations and enforce our terms and conditions applicable to the Services and other agreements, including for billing and collection purposes; (e) to protect our operations; (f) to protect our rights, privacy, safety or property, you or others; (g) to allow us to pursue available remedies or limit the damages that we may sustain; and (h) to protect against or identify fraudulent behaviour on the Platform.

- To fulfill any other purpose for which you provide it or with your consent.

The ResC4EU B2B Platform is a cloud platform that does not use cookies. The Platform uses similar technologies to achieve certain goals, such as session tracking, personalization, analytics, and data security.

- Authentication - is handled server-side, eliminating the need for client-side cookies; for example, users log in with credentials or use One-Time-Password (OTP) solutions. Technologies similar to cookies (e.g., local storage, session storage) are used to track user sessions (microservices).

- Session management - is handled server-side, reducing the need for client-side cookies. The Platform uses the following technologies to store session data: (a) Local storage: A web storage API that stores data with no expiration date, which is deleted when the user clears the browser cache. (b) Session storage: A web storage API that stores data for a single session, which is deleted when the user closes the browser.

- Data storage - is also done on the server-side, making cookies less necessary for storing user information. The Platform uses databases to store user data and preferences, reducing the need for client-side cookies.

- Personalization - is achieved through server-side rendering and API, reducing the need for client-side cookies. For example, the Platform can personalize content based on user preferences, language settings or dashboard layouts.

Upon request, the Platform will provide you with information about whether we hold any of your Personal Information. If you are a registered user of one of our Services, you can review you data through your account settings, request deletion, and change your Personal Information by logging into the Platform and visiting your account profile. For example:

You may update or correct you Personal Information, other profile settings and preferences.

You may also send us an e-mail to request access to, correct or delete any Personal Information that you have provided to us. In your request, please make clear what Personal Information you would like to have changed, whether you would like to have your Personal Information that you have provided to us suppressed from our database or otherwise let us know what limitations you would like to put on our use of your Personal Information that you have provided to us. For your protection, we may only implement requests with respect to the Personal Information associated with the particular email address that you use to send us your request, and we may need to verify your identity before implementing your request. We will respond to your request within a reasonable timeframe. We may not accommodate a request to change information if we believe the change would violate any law or legal requirement or cause the information to be incorrect.

Please note that we may need to retain certain Personal Information for the period of time necessary to fulfill the purposes outlined in this Privacy Policy, including, for example, record keeping purposes (7 years), including but not limited to completing any transactions that you began prior to requesting such change or deletion (e.g., when you make a purchase, you may not be able to change or delete the Personal Information provided until after the completion of such purchase), or to comply with applicable laws. There may also be residual information that will remain within our databases and other records, which will not be removed.

We seek to use reasonable organizational, technical and administrative measures to protect Personal Information within the Platform. If you have reason to believe that your interaction with us is no longer secure (for example, if you feel that the security of any account you might have with us has been compromised), please immediately notify us of the problem by contacting us.

We will be happy assisting you with your query.

resc4eu@greentwin.at