Privacy Statement Protection of data privacy: Your right – our obligation
We attach great importance to protecting personal data. Therefore, STEAG Solar Energy Solutions GmbH (SENS), Carl-Zeiss-Str.4, 97076 Würzburg, processes your data in accordance with the provisions of the European Data Protection Regulation (GDPR) and the other applicable statutory provisions on the protection of personal data and data security.
The following information applies to our Internet presence (hereinafter referred to as “Website”) and provides you with an overview of what personal data we collect from you through our Website and for what purposes and in what way we use such data. In addition, we provide you with information about the rights you have in relation to your personal data.
STEAG Solar Energy Solutions GmbH (SENS) is part of the STEAG Group. The STEAG Group is a group of companies in the sense of Art. 4. no. 19 GDPR. Hence we derive a legitimate interest in processing personal data of our business partners within the STEAG Group.
1. CONTROLLER UNDER DATA PROTECTION LAW
2. CONTACT DETAILS OF OUR DATA PROTECTION OFFICER
Group Data Protection Officer
Rüttenscheider Str. 1–3
3. PURPOSES AND LEGAL BASES OF PROCESSING
You can use virtually the whole of the Internet service of SENS without us requiring personal data from you. Only a small number of services which you can find on our web pages require the provision of personal data in order for you to be able to use them.
3.2 Legal basis
The legal basis is our legitimate interest in publishing our own information about our company, in making our Website content attractive and usable, and in identifying and rectifying possible technical issues (Art. 6 para 1 first sentence lit. f) GDPR).
When contacting us via a contact form, you consent to the data you provide (e.g. your e-mail address, name, telephone number) being stored by us in order to answer your questions. Your data will be deleted after processing your request (Art. 6 para 1 first sentence lit. a) GDPR).
4.1 Logging in and using the Website
When you visit the SENS Website, technical access data is automatically recorded and evaluated by the Internet server (web server) of SENS. However, this data cannot be allocated to a specific person; rather, the individual user remains anonymous. Data recorded includes:
- IP address
- Date and time of enquiry
- Time zone difference to Greenwich Mean Time (GMT)
- Content of the request (concrete page)
- Access status/HTTP status code
- Amount of data transferred
- Website from which the request originates
- Operating system and its user interface
- Language and version of the browser software
You will find further declaration of use of data in following paragraphs (particularly in 4.3 Google Analytics as well as 4.4 Google Maps).
Our website uses different types of cookies. Some cookies are placed by third parties that appear on our pages.
By law, we can store cookies on your device if they are strictly necessary for the operation of our website. For all other cookie types, we require your consent.
4.3 Google Analytics
If you have given your consent, this Website uses Google Analytics, a web analytics service provided by Google LLC. The responsible service provider in the EU is Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland (“Google”).
Scope of processing
Use of the analytics service includes the Universal Analytics mode. This makes it possible to link data, sessions, and interactions across multiple devices to a pseudonymous user ID and thus analyze a user's activities across devices.
We use the ‘anonymizeIP’ function (so-called IP masking): Due to the activation of IP anonymization on this Website, your IP address will be truncated by Google within EU member states or in other states party to the Agreement on the European Economic Area. The IP address transmitted by your browser as part of Google Analytics will not be aggregated with other data of Google.
During your stay on the Website, the following data is captured, among other things:
- achievement of “website goals” (conversions, e.g. newsletter sign-ups, downloads)
- your user behavior (for example, clicks, length of stay, bounce rates)
- your approximate location (city, country)
- your IP address (in truncated form)
- technical information about your browser and the end devices you use (e.g. language setting, screen resolution)
- your Internet provider
- the referrer URL (via which website/advertising medium you came to this Website)
Purposes of processing
On behalf of the operator of this Website, Google will use this information for the purpose of evaluating your use of the Website and compiling reports on Website activity. The reports provided by Google Analytics are used to analyze the performance of our app and the success of our marketing campaigns.
The recipient of the data is Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland as a data processor. For this purpose, we have concluded a data processing agreement with Google. Google LLC, based in California, USA, and US authorities may access the data stored by Google.
The data is automatically deleted after 14 months. The deletion of data whose retention period has expired takes place automatically once a month.
Legal basis and withdrawal of consent
Your consent, Art.6 para.1 first sentence lit. a GDPR is a prerequisite for such processing of data. You can withdraw your consent at any time with effect for the future; to do so, you can follow the link provided under point 4.2 "Cookies".
4.4 Google Maps and Google Search Console
We use the service of Google Maps on this website. Google Maps allows us to show you maps directly on the website and allows you to use the map function.
When you visit our website, Google receives information that you have accessed the corresponding page on which the map is integrated. The data mentioned under Section 2 (1) of this declaration will be transmitted. The transmission takes place regardless of whether you are logged in with a Google user account or not. If you are logged in at Google, your data will be assigned directly to your account. If you do not wish this, you must log out of Google first. If you do not do this, the data will be stored by Google within the framework of its user profiles and used for advertising, market research and/or the needs-based design of the website. An evaluation takes place (also for users who are not logged in) in order to provide demand-oriented advertising and to inform other users about your activities on our website. You are entitled to object to the creation of user profiles. To exercise this right you must contact Google.
Further information on this, and on data processing and the protection of your privacy can be found at https://policies.google.com/privacy?hl=deWe would like to draw your attention to the fact that Google also processes your personal data in the USA. The company has adopted the EU-US Privacy Shield, more information here: https://www.privacyshield.gov/EU-US-Framework.
We use Google Search Console to monitor the site for errors and to optimize our Google ranking. The Google Search Console is a free web analytics service provided by Google, which makes our web presence available in the Google search index. Google provides us with data and information about the appearance in Google's search results. No user and tracking data will be transmitted to Google.
4.5 Google AdWords und Conversion Tracking
On our website we use Google AdWords and so-called conversion tracking. Google AdWords is a service of Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland.
Google guarantees through its certification according to the EU-US Privacy Shield that the data protection requirements of the EU are also met when processing data in the USA.
Conversion tracking is used for targeted advertising of our services. As soon as you click on a Google ad and click on accept within our cookie notice, a cookie is set for conversion tracking. Cookies are small text files that the browser stores on the user's computer. These cookies expire after 30 days and no personal identification of the user is possible. If a user revisits the website, Google can recognise that the user clicked on the advertisement and was redirected to our website.
Google uses this information to compile statistics about the visit to our website. We receive information about the number of clicks on the advertisement and about the pages of our website visited afterwards. Neither we nor third parties receive personal information from users. You can prevent or restrict the installation of cookies by making appropriate settings in your browser. In addition, you can delete already stored cookies at any time. The steps required for this depend on the respective Internet browser.
Conversion cookies are stored on the basis of Art. 6 Para. 1 lit. f DSGVO. The website operator has a legitimate interest in the analysis of user behaviour in order to optimise both his website and his advertising.
4.6 Microsoft Advertising
We use Universal Event Tracking (UET) on our website via the Microsoft Advertising (formerly Bing Ads) service of Microsoft Corporation (USA). Via UET, Microsoft stores a cookie in your browser to enable an analysis of the use of our online offer. The prerequisite for this is that you have reached our website via an advertisement from Microsoft Advertising. In this way, Microsoft and we can recognize that someone has clicked on an ad, has been redirected to our online offer and has reached a previously determined target page (so-called conversion measurement). No IP addresses are stored in this process. No further personal information about the identity of the user is communicated.
Insofar as you click on an ad from Microsoft Advertising and accept third-party cookies within our cookie notice, a cookie is set for conversion tracking. We only process your data with your consent, Art. 6 para. 1 lit. a DSGVO. Additional note on data transfer to the USA: By selecting "Microsoft Advertising", you also expressly consent in accordance with Art. 49 (1) p. 1 lit. a DSGVO that your data collected by Microsoft may also be transferred to Microsoft servers in the USA. The USA has been classified by the European Court of Justice (ECJ) as a country with a possibly insufficient level of data protection according to EU standards.
In the case of Microsoft services, the transfer of data to the USA cannot be ruled out. Please note the information in the section "Data transfer to third countries". For more information about data protection at Microsoft, please refer to the Microsoft privacy statement at privacy.microsoft.com/en/privacystatement.
We use JotForm for individual and user-specific requests in order to provide you with a customized quote. JotForm is a paid form building kit from JotForm Inc, 111 Pine St. Suite 1815, San Francisco, CA 94111, USA, that allows us to design visually appealing forms and questionnaires that are easy for our users to understand. JotForm only provides us with the information you, in the forms, enter. The data sent via the form embedded in this website is transmitted ssl-encrypted to servers of Jotform located in the EU and stored there. All data will only be used by STEAG Solar Energy Solutions GmbH for further processing for the use declared by our users. You can find more information about Jotform's data protection at www.jotform.com/privacy.
A statement from Jotform regarding the storage of data on servers in the EU can be found here: https://www.jotform.com/blog/178-EU-Safe-Forms-Our-Solution-to-the-EU-Safe-Harbor-Invalidation.
4.8 Use of social plug-ins
Our Website does not use social plug-ins of social networks. With the integration of the icons of social networks such as Facebook, Twitter, Xing and LinkedIn, we only refer to these networks with an external link. In some cases, the link refers to a share functionality of the respective network. This means that you can share our accessed web page directly with other users via the page of the social network that is associated with the sharing button.
4.9 Links to third party websites
Our website contains links to external websites of third parties, e.g. to our profiles on social networks such as LinkedIn, XING and Instagram. We have no influence on the contents of these websites. We also have no influence on which data is processed by these providers if you click on the link. The respective provider or operator of the pages is always responsible for the contents of the linked pages. The linked pages were checked for possible violations of the law at the time of linking and no illegal content was discernible at the time of linking. It is not reasonable to continuously check the content of the linked pages without concrete evidence of a violation of the law. As soon as violations of the law become known, we remove these links immediately.
On our Website you have the possibility to subscribe to a free newsletter. When registering for the newsletter, the data from the registration form will be transmitted to us.
- First name
- Last name
During the registration process, your consent is obtained for the processing of the data and reference is made to this Privacy Statement. No data will be passed on to third parties in connection with the data processing for sending out newsletters. The data will be used exclusively for sending out newsletters.
The legal basis for the processing of data after subscription to the newsletter by the user is Art. 6 para. 1 lit. a GDPR if the user has given his consent.
The collection of the user's e-mail address serves to deliver the newsletter. The collection of other personal data during the registration process serves to prevent misuse of the services or the e-mail address used.
The data is deleted as soon as it is no longer required to achieve the purpose for which it was collected. Accordingly, the user's e-mail address is stored as long as the subscription to the newsletter is active.
The newsletter subscription can be cancelled by the user concerned at any time. For this purpose, a corresponding link is provided in each newsletter. This also enables withdrawal of consent to the storage of personal data collected during the registration process.
We use IT and support service providers to provide the Website. These service providers are carefully selected by us and act as processors for us.
Our hosting provider is Hetzner Online GmbH, Industriestr. 25, 91710 Gunzenhausen, Germany.
Our website agency is:
We protect our website and other systems against loss, destruction, access, modification or dissemination of your data by unauthorized third parties by employing up-to-date technical and organizational measures.
This website uses SSL encryption technology, which means that your data will always be encrypted. If you use our contact form, your details will be transmitted in the form of e-mail messages.
Our servers use various security mechanisms and authorization procedures in order to make unauthorized access more difficult. You should always treat your access information confidentially and close the browser window when you have finished communicating with SENS. This ensures that no-one except for you yourself can access your personal information. For your own safety you should ensure that no one has unauthorized access to your computer, network or password, if applicable. Unfortunately, we have no means of protecting you from possible misuse caused by this.
5. RECIPIENTS OF YOUR DATA / TRANSFER TO THIRD COUNTRIES
The processing of data will be carried out generally within a member state of the European Union (EU) or within a member state of the European Economic Area (EEA). Transfer of personal data to a third country or access to such data from a third country shall only take place if the special requirements of Art. 44 ff. GDPR are satisfied (e.g., by agreement of Standard Contractual Clauses or if the recipient acts on a legal basis adopted by the European Commission pursuant to Art. 45 (1) GDPR (so-called “adequacy decision”)). For more details, please refer to the individual service providers mentioned in section 4 hereinabove.
6. YOUR RIGHTS
You have a right of access, i.e. you may request that we disclose to you all your personal information that we have collected and hold for a certain period of time (Art. 15 GDPR). Furthermore, you may also request rectification (Art. 16 GDPR) or erasure (Art. 17 GDPR) or restriction of processing (Art. 18 GDPR) and have the right to lodge a complaint with a data protection supervisory authority (Art. 77 GDPR in conjunction with Section 19 BDSG).
If we process your personal data on the basis of your consent, you may withdraw this consent at any time. The withdrawal of consent does not affect the lawfulness of the processing carried out on the basis of the consent prior to your withdrawal of consent, but prevents future processing.
Notices of withdrawal of consent and other requests can be addressed to our Group Data Protection Officer.
Of course, you can object to the processing of your personal data for purposes of advertising and data analysis at any time. You can inform us of your objection to advertising using the following contact details: email@example.com
We take your inquiries and concerns very seriously and always endeavor to address them.
Furthermore, you have the right to lodge a complaint with a data protection supervisory authority pursuant to Article 77 GDPR in conjunction with Section 19 BDSG. In North Rhine-Westphalia, the competent data protection supervisory authority is: Landesbeauftragte für Datenschutz und Informationsfreiheit (State Commissioner for Data Protection and Freedom of Information), North Rhine-Westphalia Kavalleriestr. 2 – 4, 40213 Düsseldorf, Germany.
Data privacy information for business partners