Contact

Privacy Statement Protection of data privacy: Your right – our obligation

We attach great importance to protecting personal data. Therefore, STEAG Solar Energy Solutions GmbH (SENS) processes your data in accordance with the provisions of the European Data Protection Regulation (GDPR) and the other applicable statutory provisions on the protection of personal data and data security.

The following information applies to our Internet presence (hereinafter referred to as “Website”) and provides you with an overview of what personal data we collect from you through our Website and for what purposes and in what way we use such data. In addition, we provide you with information about the rights you have in relation to your personal data.
 

1. CONTROLLER UNDER DATA PROTECTION LAW

STEAG Solar Energy Solutions GmbH
Carl-Zeiss-Str. 4
97076 Würzburg
Germany
info@steag.com
www.steag.com
 

2. CONTACT DETAILS OF OUR DATA PROTECTION OFFICER

STEAG GmbH
Group Data Protection Officer
Rüttenscheider Str. 1–3
45128 Essen
Germany
datenschutz@steag.com

 

3. PURPOSES AND LEGAL BASES OF PROCESSING

3.1 Purposes
You can use virtually the whole of the Internet service of SENS without us requiring personal data from you. Only a small number of services which you can find on our web pages require the provision of personal data in order for you to be able to use them.

3.2 Legal basis
The legal basis is our legitimate interest in publishing our own information about our company, in making our Website content attractive and usable, and in identifying and rectifying possible technical issues (Art. 6 para 1 first sentence lit. f) GDPR).

When contacting us via a contact form, you consent to the data you provide (e.g. your e-mail address, name, telephone number) being stored by us in order to answer your questions. Your data will be deleted after processing your request (Art. 6 para 1 first sentence lit. a) GDPR).
 

4 FUNCTIONALITIES

4.1 Logging in and using the Website
When you visit the SENS Website, technical access data is automatically recorded and evaluated by the Internet server (web server) of SENS. However, this data cannot be allocated to a specific person; rather, the individual user remains anonymous. Data recorded includes:

  • IP address
  • Date and time of enquiry
  • Time zone difference to Greenwich Mean Time (GMT)
  • Content of the request (concrete page)
  • Access status/HTTP status code
  • Amount of data transferred
  • Website from which the request originates
  • Browser
  • Operating system and its user interface
  • Language and version of the browser software

You will find further declaration of use of data in following paragraphs. 

4.2 Cookies
In certain areas of our Website, we also use cookies. Cookies are small data elements which an Internet server can send to your computer. For the duration of your stay on our website, your computer can be identified by such cookies, or the use of our Internet pages can be made easier for you. We do not use cookies in order to collect personal data.

Our website uses different types of cookies. Some cookies are placed by third parties that appear on our pages.

By law, we can store cookies on your device if they are strictly necessary for the operation of our website. For all other cookie types, we require your consent.

4.3 Google Analytics
The legal basis for the use of Google Analytics is your consent according to Art.6 para.1 first sentence lit. a GDPR. If you have given your consent, this Website uses Google Analytics, a web analytics service provided by Google LLC. The responsible service provider in the EU is Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland (“Google”).

Scope of processing
Google Analytics uses cookies. This are text files placed on your computer, to help the Website analyze how users interact with the site. The information gathered by means of the cookies about your use of this Website is usually transmitted to a Google server in the USA and stored there.

Use of the analytics service includes the Universal Analytics mode. This makes it possible to link data, sessions, and interactions across multiple devices to a pseudonymous user ID and thus analyze a user's activities across devices.

We use the ‘anonymizeIP’ function (so-called IP masking): Due to the activation of IP anonymization on this Website, your IP address will be truncated by Google within EU member states or in other states party to the Agreement on the European Economic Area. The IP address transmitted by your browser as part of Google Analytics will not be aggregated with other data of Google.

During your stay on the Website, the following data is captured, among other things:

  • achievement of “website goals” (conversions, e.g. newsletter sign-ups, downloads)
  • your user behavior (for example, clicks, length of stay, bounce rates)
  • your approximate location (city, country)
  • your IP address (in truncated form)
  • technical information about your browser and the end devices you use (e.g. language setting, screen resolution)
  • your Internet provider
  • the referrer URL (via which website/advertising medium you came to this Website)

Purposes of processing
On behalf of the operator of this Website, Google will use this information for the purpose of evaluating your use of the Website and compiling reports on Website activity. The reports provided by Google Analytics are used to analyze the performance of our app and the success of our marketing campaigns.

Recipient
The recipient of the data is Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland as a data processor. For this purpose, we have concluded a data processing agreement with Google. Google LLC, based in California, USA, and US authorities may access the data stored by Google. You can retrieve the certificate here.

Storage period
The data is automatically deleted after 6 months. The deletion of data whose retention period has expired takes place automatically once a month.

Legal basis and withdrawal of consent
Your consent, Art.6 para.1 first sentence lit. a GDPR is a prerequisite for such processing of data. You can withdraw your consent at any time with effect for the future; to do so, you can follow the link provided under point 4.2 "Cookies".

You can find more information on the terms of use of Google Analytics and on Google's data protection policy at https://marketingplatform.google.com/about/analytics/terms/de and at https://policies.google.com/?hl=en

4.4 Google Maps and Google Search Console
We use the service of Google Maps on this website. Google Maps allows us to show you maps directly on the website and allows you to use the map function.

When you visit our website, Google receives information that you have accessed the corresponding page on which the map is integrated. The data mentioned under Section 2 (1) of this declaration will be transmitted. The transmission takes place regardless of whether you are logged in with a Google user account or not. If you are logged in at Google, your data will be assigned directly to your account. If you do not wish this, you must log out of Google first. If you do not do this, the data will be stored by Google within the framework of its user profiles and used for advertising, market research and/or the needs-based design of the website. An evaluation takes place (also for users who are not logged in) in order to provide demand-oriented advertising and to inform other users about your activities on our website. You are entitled to object to the creation of user profiles. To exercise this right you must contact Google.

Further information on this, and on data processing and the protection of your privacy can be found at https://policies.google.com/privacy?hl=deWe would like to draw your attention to the fact that Google also processes your personal data in the USA. The company has adopted the EU-US Privacy Shield, more information here: https://www.privacyshield.gov/EU-US-Framework.

Information from the third-party provider: Google Dublin, Google Ireland Ltd., Gordon House, Barrow Street, Dublin 4, Ireland, Fax: +353 (1) 436 1001, Privacy policy: https://policies.google.com/privacy?hl=de.

4.5 Google Ads und Conversion Tracking
On our website we use Google Ads and so-called conversion tracking. Google Ads is a service of Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland.

Google guarantees through its certification according to the EU-US Privacy Shield that the data protection requirements of the EU are also met when processing data in the USA.

Conversion tracking is used for targeted advertising of our services. As soon as you click on a Google ad and click on accept within our cookie notice, a cookie is set for conversion tracking. Cookies are small text files that the browser stores on the user's computer. These cookies expire after 30 days and no personal identification of the user is possible. If a user revisits the website, Google can recognise that the user clicked on the advertisement and was redirected to our website.

Google uses this information to compile statistics about the visit to our website. We receive information about the number of clicks on the advertisement and about the pages of our website visited afterwards. Neither we nor third parties receive personal information from users. You can prevent or restrict the installation of cookies by making appropriate settings in your browser. In addition, you can delete already stored cookies at any time. The steps required for this depend on the respective Internet browser.

Conversion cookies are stored on the basis of Art. 6 Para. 1 lit. f DSGVO. The website operator has a legitimate interest in the analysis of user behaviour in order to optimise both his website and his advertising.

4.6 Microsoft Advertising
We use Universal Event Tracking (UET) on our website via the Microsoft Advertising (formerly Bing Ads) service of Microsoft Corporation (USA). Via UET, Microsoft stores a cookie in your browser to enable an analysis of the use of our online offer. The prerequisite for this is that you have reached our website via an advertisement from Microsoft Advertising. In this way, Microsoft and we can recognize that someone has clicked on an ad, has been redirected to our online offer and has reached a previously determined target page (so-called conversion measurement). No IP addresses are stored in this process. No further personal information about the identity of the user is communicated.

Insofar as you click on an ad from Microsoft Advertising and accept third-party cookies within our cookie notice, a cookie is set for conversion tracking. We only process your data with your consent, Art. 6 para. 1 lit. a DSGVO. Additional note on data transfer to the USA: By selecting "Microsoft Advertising", you also expressly consent in accordance with Art. 49 (1) p. 1 lit. a DSGVO that your data collected by Microsoft may also be transferred to Microsoft servers in the USA. The USA has been classified by the European Court of Justice (ECJ) as a country with a possibly insufficient level of data protection according to EU standards.

In the case of Microsoft services, the transfer of data to the USA cannot be ruled out. Please note the information in the section "Data transfer to third countries". For more information about data protection at Microsoft, please refer to the Microsoft privacy statement at privacy.microsoft.com/en/privacystatement

4.7 JotForm
We use JotForm for individual and user-specific requests in order to provide you with a customized quote. JotForm is a paid form building kit from JotForm Inc, 111 Pine St. Suite 1815, San Francisco, CA 94111, USA, that allows us to design visually appealing forms and questionnaires that are easy for our users to understand. JotForm only provides us with the information you, in the forms, enter. The data sent via the form embedded in this website is transmitted ssl-encrypted to servers of Jotform located in the EU and stored there. All data will only be used by STEAG Solar Energy Solutions GmbH for further processing for the use declared by our users. You can find more information about Jotform's data protection at www.jotform.com/privacy. 

A statement from Jotform regarding the storage of data on servers in the EU can be found here: https://www.jotform.com/blog/178-EU-Safe-Forms-Our-Solution-to-the-EU-Safe-Harbor-Invalidation

4.8 Use of social plug-ins
Our Website does not use social plug-ins of social networks. With the integration of the icons of social networks such as Facebook, Twitter, Xing and LinkedIn, we only refer to these networks with an external link. In some cases, the link refers to a share functionality of the respective network. This means that you can share our accessed web page directly with other users via the page of the social network that is associated with the sharing button.

4.9 Links to third party websites
Our website contains links to external websites of third parties, e.g. to our profiles on social networks such as LinkedIn, XING and Instagram. We have no influence on the contents of these websites. We also have no influence on which data is processed by these providers if you click on the link. The respective provider or operator of the pages is always responsible for the contents of the linked pages. The linked pages were checked for possible violations of the law at the time of linking and no illegal content was discernible at the time of linking. It is not reasonable to continuously check the content of the linked pages without concrete evidence of a violation of the law. As soon as violations of the law become known, we remove these links immediately.

4.10 Newsletter
On our Website you have the possibility to subscribe to a free newsletter. When registering for the newsletter, the data from the registration form will be transmitted to us.

  • Salutation
  • First name
  • Last name
  • E-mail

During the registration process, your consent is obtained for the processing of the data and reference is made to this Privacy Statement. No data will be passed on to third parties in connection with the data processing for sending out newsletters. The data will be used exclusively for sending out newsletters.

The legal basis for the processing of data after subscription to the newsletter by the user is Art. 6 para. 1 lit. a GDPR if the user has given his consent.

The collection of the user's e-mail address serves to deliver the newsletter. The collection of other personal data during the registration process serves to prevent misuse of the services or the e-mail address used.

The data is deleted as soon as it is no longer required to achieve the purpose for which it was collected. Accordingly, the user's e-mail address is stored as long as the subscription to the newsletter is active.

The newsletter subscription can be cancelled by the user concerned at any time. For this purpose, a corresponding link is provided in each newsletter. This also enables withdrawal of consent to the storage of personal data collected during the registration process.

4.11 Hosting
We use IT and support service providers to provide the Website. These service providers are carefully selected by us and act as processors for us.

Our hosting provider is Hetzner Online GmbH, Industriestr. 25, 91710 Gunzenhausen, Germany.

Our website agency is:
BOROS
Hofaue 63
42103 Wuppertal
Germany
 

5. RECIPIENTS OF YOUR DATA / TRANSFER TO THIRD COUNTRIES

The processing of data will be carried out generally within a member state of the European Union (EU) or within a member state of the European Economic Area (EEA). Transfer of personal data to a third country or access to such data from a third country shall only take place if the special requirements of Art. 44 ff. GDPR are satisfied (e.g., by agreement of Standard Contractual Clauses or if the recipient acts on a legal basis adopted by the European Commission pursuant to Art. 45 (1) GDPR (so-called “adequacy decision”)). For more details, please refer to the individual service providers mentioned in section 4 hereinabove.
 

6. YOUR RIGHTS

You have a right of access, i.e. you may request that we disclose to you all your personal information that we have collected and hold for a certain period of time (Art. 15 GDPR). Furthermore, you may also request rectification (Art. 16 GDPR) or erasure (Art. 17 GDPR) or restriction of processing (Art. 18 GDPR) and have the right to lodge a complaint with a data protection supervisory authority (Art. 77 GDPR in conjunction with Section 19 BDSG).

If we process your personal data on the basis of your consent, you may withdraw this consent at any time. The withdrawal of consent does not affect the lawfulness of the processing carried out on the basis of the consent prior to your withdrawal of consent, but prevents future processing.

Notices of withdrawal of consent and other requests can be addressed to our Group Data Protection Officer.

Of course, you can object to the processing of your personal data for purposes of advertising and data analysis at any time. You can inform us of your objection to advertising using the following contact details: info@steag.com

We take your inquiries and concerns very seriously and always endeavor to address them.

Furthermore, you have the right to lodge a complaint with a data protection supervisory authority pursuant to Article 77 GDPR in conjunction with Section 19 BDSG. In Bavaria, the competent data protection supervisory authority is: Bayerisches Landesamt für Datenschutzaufsicht, Promenade 18, 91522 Ansbach, Germany.

Data privacy information for business partners

German version

English Version