Privacy Statement Protection of data privacy: Your right – our obligation
We attach great importance to protecting personal data. Therefore, STEAG Solar Energy Solutions GmbH (SENS) processes your data in accordance with the provisions of the European Data Protection Regulation (GDPR) and the other applicable statutory provisions on the protection of personal data and data security.
The following information applies to our Internet presence (hereinafter referred to as “Website”) and provides you with an overview of what personal data we collect from you through our Website and for what purposes and in what way we use such data. In addition, we provide you with information about the rights you have in relation to your personal data.
1. CONTROLLER UNDER DATA PROTECTION LAW
2. CONTACT DETAILS OF OUR DATA PROTECTION OFFICER
Group Data Protection Officer
Rüttenscheider Str. 1–3
3. PURPOSES AND LEGAL BASES OF PROCESSING
You can use virtually the whole of the Internet service of SENS without us requiring personal data from you. Only a small number of services which you can find on our web pages require the provision of personal data in order for you to be able to use them.
3.2 Legal basis
The legal basis is our legitimate interest in publishing our own information about our company, in making our Website content attractive and usable, and in identifying and rectifying possible technical issues (Art. 6 para 1 first sentence lit. f) GDPR).
When contacting us via a contact form, you consent to the data you provide (e.g. your e-mail address, name, telephone number) being stored by us in order to answer your questions. Your data will be deleted after processing your request (Art. 6 para 1 first sentence lit. a) GDPR).
4.1 Logging in and using the Website
When you visit the SENS Website, technical access data is automatically recorded and evaluated by the Internet server (web server) of SENS. However, this data cannot be allocated to a specific person; rather, the individual user remains anonymous. Data recorded includes:
- IP address
- Date and time of enquiry
- Time zone difference to Greenwich Mean Time (GMT)
- Content of the request (concrete page)
- Access status/HTTP status code
- Amount of data transferred
- Website from which the request originates
- Operating system and its user interface
- Language and version of the browser software
You will find further declaration of use of data in following paragraphs.
Our website uses different types of cookies. Some cookies are placed by third parties that appear on our pages.
By law, we can store cookies on your device if they are strictly necessary for the operation of our website. For all other cookie types, we require your consent.
4.3 Google Analytics
The legal basis for the use of Google Analytics is your consent according to Art.6 para.1 first sentence lit. a GDPR. If you have given your consent, this Website uses Google Analytics, a web analytics service provided by Google LLC. The responsible service provider in the EU is Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland (“Google”).
Scope of processing
Use of the analytics service includes the Universal Analytics mode. This makes it possible to link data, sessions, and interactions across multiple devices to a pseudonymous user ID and thus analyze a user's activities across devices.
We use the ‘anonymizeIP’ function (so-called IP masking): Due to the activation of IP anonymization on this Website, your IP address will be truncated by Google within EU member states or in other states party to the Agreement on the European Economic Area. The IP address transmitted by your browser as part of Google Analytics will not be aggregated with other data of Google.
During your stay on the Website, the following data is captured, among other things:
- achievement of “website goals” (conversions, e.g. newsletter sign-ups, downloads)
- your user behavior (for example, clicks, length of stay, bounce rates)
- your approximate location (city, country)
- your IP address (in truncated form)
- technical information about your browser and the end devices you use (e.g. language setting, screen resolution)
- your Internet provider
- the referrer URL (via which website/advertising medium you came to this Website)
Purposes of processing
On behalf of the operator of this Website, Google will use this information for the purpose of evaluating your use of the Website and compiling reports on Website activity. The reports provided by Google Analytics are used to analyze the performance of our app and the success of our marketing campaigns.
The recipient of the data is Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland as a data processor. For this purpose, we have concluded a data processing agreement with Google. Google LLC, based in California, USA, and US authorities may access the data stored by Google. You can retrieve the certificate here.
The data is automatically deleted after 14 months. The deletion of data whose retention period has expired takes place automatically once a month.
Legal basis and withdrawal of consent
Your consent, Art.6 para.1 first sentence lit. a GDPR is a prerequisite for such processing of data. You can withdraw your consent at any time with effect for the future; to do so, you can follow the link provided under point 4.2 "Cookies".
4.4 Google Maps
We use the service of Google Maps on this website. Google Maps allows us to show you maps directly on the website and allows you to use the map function.
When you visit our website, Google receives information that you have accessed the corresponding page on which the map is integrated. The data mentioned under Section 2 (1) of this declaration will be transmitted. The transmission takes place regardless of whether you are logged in with a Google user account or not. If you are logged in at Google, your data will be assigned directly to your account. If you do not wish this, you must log out of Google first. If you do not do this, the data will be stored by Google within the framework of its user profiles and used for advertising, market research and/or the needs-based design of the website. An evaluation takes place (also for users who are not logged in) in order to provide demand-oriented advertising and to inform other users about your activities on our website. You are entitled to object to the creation of user profiles. To exercise this right you must contact Google.
Further information on this, and on data processing and the protection of your privacy can be found at https://policies.google.com/privacy?hl=deWe would like to draw your attention to the fact that Google also processes your personal data in the USA. We cannot rule out the possibility that Google LLC, based in California, USA, and possibly US authorities may access the data stored by Google. Please also read our risk notice on chapter 5 "Recipients of your data".
4.5 Google Ads und Conversion Tracking
On our website we use Google Ads and so-called conversion tracking. Google Ads is a service of Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland.
Conversion tracking is used for targeted advertising of our services. As soon as you click on a Google ad and click on accept within our cookie notice, a cookie is set for conversion tracking. Cookies are small text files that the browser stores on the user's computer. These cookies expire after 30 days and no personal identification of the user is possible. If a user revisits the website, Google can recognise that the user clicked on the advertisement and was redirected to our website. You can change or revoke your consent at any time from the cookie declaration under point 4.3.
Google uses this information to compile statistics about the visit to our website. We receive information about the number of clicks on the advertisement and about the pages of our website visited afterwards. Neither we nor third parties receive personal information from users. You can prevent or restrict the installation of cookies by making appropriate settings in your browser. In addition, you can delete already stored cookies at any time. The steps required for this depend on the respective Internet browser.
Conversion cookies are stored on the basis of Art. 6 Para. 1 lit. f DSGVO. The website operator has a legitimate interest in the analysis of user behaviour in order to optimise both his website and his advertising.
4.6 Microsoft Advertising
We use Universal Event Tracking (UET) on our website via the Microsoft Advertising (formerly Bing Ads) service of Microsoft Corporation (USA). Via UET, Microsoft stores a cookie in your browser to enable an analysis of the use of our online offer. The prerequisite for this is that you have reached our website via an advertisement from Microsoft Advertising. In this way, Microsoft and we can recognize that someone has clicked on an ad, has been redirected to our online offer and has reached a previously determined target page (so-called conversion measurement). No IP addresses are stored in this process. No further personal information about the identity of the user is communicated.
Insofar as you click on an ad from Microsoft Advertising and accept third-party cookies within our cookie notice, a cookie is set for conversion tracking. We only process your data with your consent, Art. 6 para. 1 lit. a DSGVO. Additional note on data transfer to the USA: By selecting "Microsoft Advertising", you also expressly consent in accordance with Art. 49 (1) p. 1 lit. a DSGVO that your data collected by Microsoft may also be transferred to Microsoft servers in the USA. The USA has been classified by the European Court of Justice (ECJ) as a country with a possibly insufficient level of data protection according to EU standards.
In the case of Microsoft services, the transfer of data to the USA cannot be ruled out. Please note the information in the section "Data transfer to third countries". For more information about data protection at Microsoft, please refer to the Microsoft privacy statement at privacy.microsoft.com/en/privacystatement.
We use JotForm for individual and user-specific requests in order to provide you with a customized quote. JotForm is a paid form building kit from JotForm Inc, 111 Pine St. Suite 1815, San Francisco, CA 94111, USA, that allows us to design visually appealing forms and questionnaires that are easy for our users to understand. JotForm only provides us with the information you, in the forms, enter. The data sent via the form embedded in this website is transmitted ssl-encrypted to servers of Jotform located in the EU and stored there. All data will only be used by STEAG Solar Energy Solutions GmbH for further processing for the use declared by our users. You can find more information about Jotform's data protection at www.jotform.com/privacy.
A statement from Jotform regarding the storage of data on servers in the EU can be found here: https://www.jotform.com/blog/178-EU-Safe-Forms-Our-Solution-to-the-EU-Safe-Harbor-Invalidation.
4.8 Use of social plug-ins
Our Website does not use social plug-ins of social networks. With the integration of the icons of social networks such as Facebook, Twitter, Xing and LinkedIn, we only refer to these networks with an external link. In some cases, the link refers to a share functionality of the respective network. This means that you can share our accessed web page directly with other users via the page of the social network that is associated with the sharing button.
4.9 Links to third party websites
Our website contains links to external websites of third parties, e.g. to our profiles on social networks such as LinkedIn, XING and Instagram. We have no influence on the contents of these websites. We also have no influence on which data is processed by these providers if you click on the link. The respective provider or operator of the pages is always responsible for the contents of the linked pages. The linked pages were checked for possible violations of the law at the time of linking and no illegal content was discernible at the time of linking. It is not reasonable to continuously check the content of the linked pages without concrete evidence of a violation of the law. As soon as violations of the law become known, we remove these links immediately.
On our Website you have the possibility to subscribe to a free newsletter. When registering for the newsletter, the data from the registration form will be transmitted to us.
- First name
- Last name
During the registration process, your consent is obtained for the processing of the data and reference is made to this Privacy Statement. No data will be passed on to third parties in connection with the data processing for sending out newsletters. The data will be used exclusively for sending out newsletters.
The legal basis for the processing of data after subscription to the newsletter by the user is Art. 6 para. 1 lit. a GDPR if the user has given his consent.
The collection of the user's e-mail address serves to deliver the newsletter. The collection of other personal data during the registration process serves to prevent misuse of the services or the e-mail address used.
The data is deleted as soon as it is no longer required to achieve the purpose for which it was collected. Accordingly, the user's e-mail address is stored as long as the subscription to the newsletter is active.
The newsletter subscription can be cancelled by the user concerned at any time. For this purpose, a corresponding link is provided in each newsletter. This also enables withdrawal of consent to the storage of personal data collected during the registration process.
We use IT and support service providers to provide the Website. These service providers are carefully selected by us and act as processors for us.
Our hosting provider is Hetzner Online GmbH, Industriestr. 25, 91710 Gunzenhausen, Germany.
Our website agency is:
5. RECIPIENTS OF YOUR DATA / TRANSFER TO THIRD COUNTRIES
The processing of your personal data generally takes place in a member state of the European Union (EU) or in another contracting state of the Agreement on the European Economic Area (EEA). A transfer of personal data to a third country or access to this data from a third country only takes place if the special requirements of Art. 44 ff. GDPR are fulfilled (e.g. through the agreement of standard contractual clauses or if the recipient acts on the basis of a legal basis which the European Commission has decided pursuant to Art. 45 (1) GDPR (so-called adequacy decision)). For more details, please refer to the individual providers mentioned in chapter 4.
Note: Data transfer to the USA
With regard to the use of analysis cookies and third-party cookies (such as Google or YouTube), data transmission to the USA cannot be ruled out. Unfortunately, this is currently not possible in accordance with data protection regulations. In this respect, please note this when you give us your declaration of consent regarding the setting of these cookies.
We would like to point out that in its ruling of 16.07.2020 (Case C-311/18), the ECJ declared the EU-US Privacy Shield agreement on the permissible transfer of data between the EU and the USA to be inadmissible and that personal data cannot currently be transferred to the USA in a data protection-compliant manner. The reason for this is existing laws in the USA that give security authorities far-reaching powers to monitor "foreign communications". We hereby expressly draw your attention to this risk.
6. YOUR RIGHTS
You have a right of access, i.e. you may request that we disclose to you all your personal information that we have collected and hold for a certain period of time (Art. 15 GDPR). Furthermore, you may also request rectification (Art. 16 GDPR) or erasure (Art. 17 GDPR) or restriction of processing (Art. 18 GDPR) and have the right to lodge a complaint with a data protection supervisory authority (Art. 77 GDPR in conjunction with Section 19 BDSG).
If we process your personal data on the basis of your consent, you may withdraw this consent at any time. The withdrawal of consent does not affect the lawfulness of the processing carried out on the basis of the consent prior to your withdrawal of consent, but prevents future processing.
Notices of withdrawal of consent and other requests can be addressed to our Group Data Protection Officer.
Of course, you can object to the processing of your personal data for purposes of advertising and data analysis at any time. You can inform us of your objection to advertising using the following contact details: firstname.lastname@example.org
We take your inquiries and concerns very seriously and always endeavor to address them.
Furthermore, you have the right to lodge a complaint with a data protection supervisory authority pursuant to Article 77 GDPR in conjunction with Section 19 BDSG. In Bavaria, the competent data protection supervisory authority is: Bayerisches Landesamt für Datenschutzaufsicht, Promenade 18, 91522 Ansbach, Germany.
Data privacy information for business partners