Contact
Location

Germany

Spain

Portugal

Italy

Privacy Statement Protection of data privacy: Your right – our obligation

We attach great importance to protecting personal data. Therefore, Iqony Solar Energy Solutions GmbH (SENS) processes your data in accordance with the provisions of the European Data Protection Regulation (GDPR) and the other applicable statutory provisions on the protection of personal data and data security.

The following information applies to our Internet presence (hereinafter referred to as “Website”) and provides you with an overview of what personal data we collect from you through our Website and for what purposes and in what way we use such data. In addition, we provide you with information about the rights you have in relation to your personal data.
 

1. CONTROLLER UNDER DATA PROTECTION LAW

Iqony Solar Energy Solutions GmbH
Carl-Zeiss-Str. 4
97076 Würzburg
Germany
sens@iqony.energy
www.sens-energy.com

2. CONTACT DETAILS OF OUR DATA PROTECTION OFFICER

Iqony GmbH
Group Data Protection Officer
Rüttenscheider Str. 1–3
45128 Essen
Germany
datenschutz@steag.com

 

3. PURPOSES AND LEGAL BASES OF PROCESSING

3.1 Purposes
You can use virtually the whole of the Internet service of SENS without us requiring personal data from you. Only a small number of services which you can find on our web pages require the provision of personal data in order for you to be able to use them.

3.2 Legal basis
The legal basis is our legitimate interest in publishing our own information about our company, in making our Website content attractive and usable, and in identifying and rectifying possible technical issues (Art. 6 para 1 first sentence lit. f) GDPR).

When contacting us via a contact form, you consent to the data you provide (e.g. your e-mail address, name, telephone number) being stored by us in order to answer your questions. Your data will be deleted after processing your request (Art. 6 para 1 first sentence lit. a) GDPR).
 

4 FUNCTIONALITIES

4.1 Logging in and using the Website
When you visit the SENS Website, technical access data is automatically recorded and evaluated by the Internet server (web server) of SENS. However, this data cannot be allocated to a specific person; rather, the individual user remains anonymous. Data recorded includes:

  • IP address
  • Date and time of enquiry
  • Time zone difference to Greenwich Mean Time (GMT)
  • Content of the request (concrete page)
  • Access status/HTTP status code
  • Amount of data transferred
  • Website from which the request originates
  • Browser
  • Operating system and its user interface
  • Language and version of the browser software

You will find further declaration of use of data in following paragraphs. 

4.2 Cookies
In certain areas of our Website, we also use cookies. Cookies are small data elements which an Internet server can send to your computer. For the duration of your stay on our website, your computer can be identified by such cookies, or the use of our Internet pages can be made easier for you. We do not use cookies in order to collect personal data.

Our website uses different types of cookies. Some cookies are placed by third parties that appear on our pages.

By law, we can store cookies on your device if they are strictly necessary for the operation of our website. For all other cookie types, we require your consent.

4.3 Google Analytics
The legal basis for the use of Google Analytics is your consent according to Art.6 para.1 first sentence lit. a GDPR. If you have given your consent, this Website uses Google Analytics, a web analytics service provided by Google LLC. The responsible service provider in the EU is Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland (“Google”).

Scope of processing
Google Analytics uses cookies. This are text files placed on your computer, to help the Website analyze how users interact with the site. The information gathered by means of the cookies about your use of this Website is usually transmitted to a Google server in the USA and stored there.

Use of the analytics service includes the Universal Analytics mode. This makes it possible to link data, sessions, and interactions across multiple devices to a pseudonymous user ID and thus analyze a user's activities across devices.

We use the ‘anonymizeIP’ function (so-called IP masking): Due to the activation of IP anonymization on this Website, your IP address will be truncated by Google within EU member states or in other states party to the Agreement on the European Economic Area. The IP address transmitted by your browser as part of Google Analytics will not be aggregated with other data of Google.

During your stay on the Website, the following data is captured, among other things:

  • achievement of “website goals” (conversions, e.g. newsletter sign-ups, downloads)
  • your user behavior (for example, clicks, length of stay, bounce rates)
  • your approximate location (city, country)
  • your IP address (in truncated form)
  • technical information about your browser and the end devices you use (e.g. language setting, screen resolution)
  • your Internet provider
  • the referrer URL (via which website/advertising medium you came to this Website)

Purposes of processing
On behalf of the operator of this Website, Google will use this information for the purpose of evaluating your use of the Website and compiling reports on Website activity. The reports provided by Google Analytics are used to analyze the performance of our app and the success of our marketing campaigns.

Recipient

The recipient of the data is Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland as a data processor. For this purpose, we have concluded a data processing agreement with Google. Google LLC, based in California, USA, and US authorities may access the data stored by Google. You can retrieve the certificate here.

Storage period

The data is automatically deleted after 14 months. The deletion of data whose retention period has expired takes place automatically once a month.

Legal basis and withdrawal of consent
Your consent, Art.6 para.1 first sentence lit. a GDPR is a prerequisite for such processing of data. You can withdraw your consent at any time with effect for the future; to do so, you can follow the link provided under point 4.2 "Cookies".

You can find more information on the terms of use of Google Analytics and on Google's data protection policy at https://marketingplatform.google.com/about/analytics/terms/de and at https://policies.google.com/?hl=en

4.4 Google Ads und Conversion Tracking
On our website we use Google Ads and so-called conversion tracking. Google Ads is a service of Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland.

Conversion tracking is used for targeted advertising of our services. As soon as you click on a Google ad and click on accept within our cookie notice, a cookie is set for conversion tracking. Cookies are small text files that the browser stores on the user's computer. These cookies expire after 30 days and no personal identification of the user is possible. If a user revisits the website, Google can recognise that the user clicked on the advertisement and was redirected to our website. You can change or revoke your consent at any time from the cookie declaration under point 4.3.

Google uses this information to compile statistics about the visit to our website. We receive information about the number of clicks on the advertisement and about the pages of our website visited afterwards. Neither we nor third parties receive personal information from users. You can prevent or restrict the installation of cookies by making appropriate settings in your browser. In addition, you can delete already stored cookies at any time. The steps required for this depend on the respective Internet browser.

Conversion cookies are stored on the basis of Art. 6 Para. 1 lit. f DSGVO. The website operator has a legitimate interest in the analysis of user behaviour in order to optimise both his website and his advertising.

4.5 Microsoft Advertising
We use Universal Event Tracking (UET) on our website via the Microsoft Advertising (formerly Bing Ads) service of Microsoft Corporation (USA). Via UET, Microsoft stores a cookie in your browser to enable an analysis of the use of our online offer. The prerequisite for this is that you have reached our website via an advertisement from Microsoft Advertising. In this way, Microsoft and we can recognize that someone has clicked on an ad, has been redirected to our online offer and has reached a previously determined target page (so-called conversion measurement). No IP addresses are stored in this process. No further personal information about the identity of the user is communicated.

Insofar as you click on an ad from Microsoft Advertising and accept third-party cookies within our cookie notice, a cookie is set for conversion tracking. We only process your data with your consent, Art. 6 para. 1 lit. a DSGVO. Additional note on data transfer to the USA: By selecting "Microsoft Advertising", you also expressly consent in accordance with Art. 49 (1) p. 1 lit. a DSGVO that your data collected by Microsoft may also be transferred to Microsoft servers in the USA. The USA has been classified by the European Court of Justice (ECJ) as a country with a possibly insufficient level of data protection according to EU standards.

In the case of Microsoft services, the transfer of data to the USA cannot be ruled out. Please note the information in the section "Data transfer to third countries". For more information about data protection at Microsoft, please refer to the Microsoft privacy statement at privacy.microsoft.com/en/privacystatement

4.6 Meta Platforms Inc.
We use the conversion pixel or visitor action pixel of Meta Platforms Inc (1 Hacker Way, Menlo Park, CA 94025, USA).

The conversion pixel is a snippet of JavaScript code that loads a collection of functions that allow Facebook to track your user actions if you have come to our website via Facebook ads. Meta processes your personal data based on your consent via the conversion pixel to create campaign reports, track conversions, click events as well as targeted advertising outside our websites (retargeting) using HTTP headers (including IP address, device and browser properties, URL, referrer URL, your person), pixel-specific data (including pixel ID and Facebook cookie), click behaviour, optional values (for example, conversions, page type), form field names (such as "email", "address", "quantity" for the purchase of a product or service). We only receive statistical data from Meta on this without reference to a specific person. This allows us to record the effectiveness of Facebook ads for statistical and market research purposes. In particular, if you are logged into Facebook, please refer to their privacy information https://www.facebook.com/about/privacy/ .

When collecting data, we rely on your consent according to Art.6 para.1 first sentence lit. a GDPR for the corresponding data processing, which you can revoke at any time by changing the privacy settings of your Facebook profile: https://www.facebook.com/settings?tab=ads.

4.7 LinkedIn Inc.
We use the LinkedIn Insight Tag of LinkedIn Inc (Sunnyvale, California, USA).

The LinkedIn Insight Tag is a snippet of JavaScript code that loads a collection of functions that allow LinkedIn to track your user actions if you have come to our website via LinkedIn ads. LinkedIn processes your personal data on the basis of your consent Art.6 para.1 first sentence lit. a GDPR via the pixel "LinkedIn Insight Tag" to create campaign reports, track conversions, click events as well as targeted advertising outside of our websites (retargeting) using URL, referrer URL, IP address shortened or hashed (for cross-device retargeting), devices and browser properties (user agent) and timestamp. We do not receive any personal data from LinkedIn, only anonymised campaign reports on website audience and ad performance.

The anonymised data is pseudonymised after 7 days and finally deleted after 180. You can find more information at: https://www.linkedin.com/legal/privacy-policy.

4.8 Icons
Our website has integrated the icons of the social networks LinkedIn, Instagram and XING. Via the icons you can only access these networks by using an external link. They are only hyperlinks, not share buttons.

YouTube embeds
In addition, we use so-called “embeds” from the YouTube platform for the videos that you find on our website. YouTube is a service provided by Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland. The embedding is carried out using the technical process known as “framing”. With framing, a frame is generated on our website (as a so-called “third-party presence”) by simply inserting an HTML link provided by YouTube into the code of the website, thus enabling the video stored on the YouTube servers to be played. We use the framing codes generated by YouTube in the so-called “extended data protection mode”. According to YouTube, usage data is only transmitted when the user clicks on the “Play” button and starts the video. If you visit our website without using the video offer, no data is transmitted to YouTube. We offer videos in our legitimate interest to provide you with interesting insights into our company and to explain our services (Art. 6 Para. 1 Sentence 1 lit. f of the GDPR).

Information on the data processed by YouTube and the purposes for which this data is used can be found in the YouTube privacy policy.

Presence in social media
We maintain a profile in various social media. You will find more information on this subject here

4.9 Whitepaper
(1) On our Website you have the possibility to subscribe to receive a whitepaper. When registering for the whitepaper, the data from the registration form will be transmitted to us.

  • Salutation
  • First name
  • Last name
  • Company
  • E-mail

During the registration process, your consent is obtained for the processing of the data and reference is made to this Privacy Statement. No data will be passed on to third parties in connection with the data processing for sending the whitepaper. The data will be used exclusively for sending the whitepaper.

(2) The legal basis for the processing of data after registration for the whitepaper by the user is Art. 6 para. 1 sentence 1 lit. a GDPR if the user has given his consent.

(3) The collection of the user's e-mail address serves to deliver the newsletter. The collection of other personal data during the registration process serves to individualise the mailing.

(4) The data will be deleted as soon as the user revokes his consent.

(5) We use the so-called double opt-in procedure to register for the whitepaper. After registration, an e-mail will be sent to the e-mail address provided asking you to confirm your consent. When registering for the whitepaper, the user can consent to being contacted by SENS for advertising purposes. This consent can be cancelled by the user concerned at any time. For this purpose, a corresponding link is provided in every mail. This also enables withdrawal of consent to the storage of personal data collected during the registration process.

4.10 Hosting
We use IT and support service providers to provide the Website. These service providers are carefully selected by us and act as processors for us.

Our hosting provider is Hetzner Online GmbH, Industriestr. 25, 91710 Gunzenhausen, Germany.

Our website agency is:
BOROS
Hofaue 63
42103 Wuppertal
Germany
 

5. RECIPIENTS OF YOUR DATA / TRANSFER TO THIRD COUNTRIES

The processing of your personal data generally takes place in a member state of the European Union (EU) or in another contracting state of the Agreement on the European Economic Area (EEA). A transfer of personal data to a third country or access to this data from a third country only takes place if the special requirements of Art. 44 ff. GDPR are fulfilled (e.g. through the agreement of standard contractual clauses or if the recipient acts on the basis of a legal basis which the European Commission has decided pursuant to Art. 45 (1) GDPR (so-called adequacy decision)). For more details, please refer to the individual providers mentioned in chapter 4.

Note: Data transfer to the USA

With regard to the use of analysis cookies and third-party cookies (such as Google or YouTube), data transmission to the USA cannot be ruled out. Unfortunately, this is currently not possible in accordance with data protection regulations. In this respect, please note this when you give us your declaration of consent regarding the setting of these cookies.

We would like to point out that in its ruling of 16.07.2020 (Case C-311/18), the ECJ declared the EU-US Privacy Shield agreement on the permissible transfer of data between the EU and the USA to be inadmissible and that personal data cannot currently be transferred to the USA in a data protection-compliant manner. The reason for this is existing laws in the USA that give security authorities far-reaching powers to monitor "foreign communications". We hereby expressly draw your attention to this risk.

 

7. YOUR RIGHTS

You have a right of access, i.e. you may request that we disclose to you all your personal information that we have collected and hold for a certain period of time (Art. 15 GDPR). Furthermore, you may also request rectification (Art. 16 GDPR) or erasure (Art. 17 GDPR) or restriction of processing (Art. 18 GDPR) and have the right to lodge a complaint with a data protection supervisory authority (Art. 77 GDPR in conjunction with Section 19 BDSG).

If we process your personal data on the basis of your consent, you may withdraw this consent at any time. The withdrawal of consent does not affect the lawfulness of the processing carried out on the basis of the consent prior to your withdrawal of consent, but prevents future processing.

Notices of withdrawal of consent and other requests can be addressed to our Group Data Protection Officer.

Of course, you can object to the processing of your personal data for purposes of advertising and data analysis at any time. You can inform us of your objection to advertising using the following contact details: info@steag.com

We take your inquiries and concerns very seriously and always endeavor to address them.

Furthermore, you have the right to lodge a complaint with a data protection supervisory authority pursuant to Article 77 GDPR in conjunction with Section 19 BDSG. In Bavaria, the competent data protection supervisory authority is: Bayerisches Landesamt für Datenschutzaufsicht, Promenade 18, 91522 Ansbach, Germany.

Data privacy information for business partners

German version

English Version

 

Go to top