As at 1. March 2021
Solytic respects your privacy and is committed to protecting your personal data.
This Privacy Statement gives you an overview of the processing of your personal data in the context of the use of the offers and online services in connection with the Websites on www.solytic.com and https://www.suntrol-portal.com (together the “Website”). This privacy statement also informs you about your rights under the EU General Data Protection Regulation (“GDPR”) and the ways in which you can control your personal data and protect your privacy. Personal data in this context means any information that enables you to be identified as a person.
Solytic takes data protection seriously and complies with the European General Data Protection Regulation (GDPR) for all its users, whether the user is a person based in the European Union, the European Economic Area or elsewhere.
Solytic services are not intended for children (i.e., persons under the age of 16) and Solytic does not knowingly collect personal data from children.
Solytic GmbH, Kottbusser Damm 25-26, 10967 Berlin, email@example.com (hereinafter referred to as “Solytic” or “we”) is responsible as the data controller for data processing within the framework of the Website. For all questions regarding this Privacy Statement or data processing within the framework of the Website, you can also contact our company data protection officer at the address or e-mail address given above, who can be reached at the above address as well as at firstname.lastname@example.org.
You are not legally or contractually obliged to provide us with the personal data specified in this Privacy Statement. If you conclude a contract with us (e.g. because you instruct us to provide services), the transmission of the contractual information provided by you to us is, however, a basic prerequisite for the conclusion of a contract with us. Furthermore, you may not be able use the Website or use it only to a limited extent if you do not provide us with certain data or if you object to the use of this data.
1. What personal data we process and from which sources:
When we make our website available to you, we process personal data from various sources. On the one hand, this is data that we process automatically for each visitor when the website is accessed. However, this can also be data that you have voluntarily provided to us or that is only processed when you use our services.
Data we collect automatically when you visit our website:
As soon as you visit the website, you send technical information to our web servers, which we store in the server log files. This happens regardless of whether you subsequently contact us (for example via the contact form). In any case, we collect the following access and web access data (which we call “usage data”):
– The date and time of your visit and the duration of your use of the website;
– the IP address of your device;
– the referral URL (the website from which you may have been referred);
– the sub-pages of the website or sub-pages of the app visited; and
– other information about your device (device type, browser type and version and settings, plugins installed, operating system).
We process the Usage Data to enable you to use the Website and to ensure the functionality of the Website. In addition, we process the Usage Data in order to analyze the performance of the Website, to continuously improve the Website and to correct errors or to personalize the content on the Website for you. We also process the Usage Data to ensure IT security and the operation of our systems and to prevent or detect misuse, in particular fraud. These server log files are deleted after a maximum of 7 days. Our legal basis for the processing of these data is Art. 6 Para. 1 lit. f) GDPR.
Data you actively transmit to us:
In addition to the data we receive from all visitors, we also process other data when you use our contact, order or application form. Here we store the title, your company, your name, street, postcode & city, telephone, email address as well as the content of your enquiry (you can see the details in the respective contact form).
We process these data in order to be able to deal with your enquiry and will delete the data once your enquiry has been dealt with. If you have applied to us via the application form for a vacant position and we were unable to offer you the respective position at the time of your application, we will only continue to store your data after your application in order to facilitate a renewed application. We will only do this if you have given us prior consent to do so.
You can also subscribe to our newsletter. If you give your consent separately, we will store your e-mail address for the purpose of sending you our newsletter. You can unsubscribe from the newsletter at any time either by sending a message to the contact option described below or via a link provided for this purpose in the newsletter. After unsubscribing, we will delete your e-mail address unless you have expressly consented to further use of your data or we reserve the right to use data in a manner that goes beyond this, which is permitted by law and about which we inform you in this declaration.
Legal basis is in each case Art. 6 Para. 1 lit. a) GDPR (your consent). Please note that we use the service MailChimp for the sending of our newsletters. If you want to learn more about MailChimp, you can do so at the end of this Privacy Statement.
2. Further purposes for which we process your data:
We have already informed you above for which purposes we process your data in individual cases. In addition, we may process your data for other purposes. This includes, for example, passing on your personal data to third parties if we are legally obliged to do so, but also the assertion of legal claims on our part or the defence against legal disputes. Legal basis in these cases is either a legal obligation (Art. 6 para. 1 lit. c) GDPR) or our legitimate interests.
3. To whom we transmit your data:
Your personal data will only be passed on to third parties or otherwise transmitted if this is necessary to record your PV system in the “Suntrol Portal” or to answer your enquiry and in cases in which you have given your prior separate consent to this passing on. Our Website uses the Google Maps service for facility search provided by Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043 (“Google”). For this purpose your IP address is transmitted to a Google server in the USA. Google is jointly responsible with us for data processing under Google Maps and has entered into an appropriate agreement with us, which you can view at https://cloud.google.com/maps-platform/terms/maps-controller-terms/.
For more information about Google’s privacy practices, please visit https://www.google.de/intl/de/policies/privacy/. You can find more information on the other third-party service providers we use to provide the Website to you at the end of this Privacy Statement in our note on cookies, web analytics and tracking tools.
We also transmit your data to our hosting service provider, which enables us to provide the Website. This is Microsoft Azure, a service of the Microsoft Corporation One Microsoft Way, Redmond, WA 98052-6399, USA.
4. Data processing outside the EEA:
We do not transfer your access and account data to countries outside the EEA (so-called “third countries”). We do not host your data in third countries and all your data is stored on the servers of our hosting service provider located in Germany.
However, Google and Microsoft Azure’s services require transmission to the USA. We will ensure that an adequate level of data protection is guaranteed at all times.
5. Retention times:
We process and store your personal data to the extent necessary to fulfil our contractual or legal obligations. Therefore, we store the data as long as our contractual relationship with you exists and after termination only to the extent and for as long as the law of the Federal Republic of Germany requires. If the remaining data is no longer required to fulfil legal obligations (e.g. under tax or commercial law), it will be deleted regularly unless further processing is necessary to preserve evidence or defend against legal claims against us. For the preservation of evidence necessary is e.g. your IP address and the exact time of the granting, if you have given us a consent.
6. User profiles:
We use your data to create a user profile. This means that we use your information to provide you with a personalized Website based on your personal preferences and interests, and to provide you with customized offers based on your previous behavior. However, we will never process and analyse your personal data within the framework of this user profile in such a way that this leads to an automated decision which is legally valid for you or which similarly significantly affects you.
7. Your statutory rights under the GDPR:
You can assert the following rights against us within the framework of the GDPR with regard to your personal data:
Your right to access to your personal data pursuant to Article 15 GDPR,
Your right to rectification pursuant to Article 16 GDPR,
Your right to erasure Article 17 GDPR,
Your right to restriction of processing in accordance with article 18 GDPR and
Your right to data portability according to article 20 GDPR.
You also have the right to lodge a complaint with the responsible data protection supervisory authority (Article 77 GDPR in conjunction with § 19 of the German Data Protection Act 2018).
In addition, you can also revoke your consent to the processing of your personal data at any time. However, this revocation only applies for the future. Any processing that took place before the revocation remains unaffected by this.
Information on your right to object under Art. 21 GDPR
In addition to the rights already mentioned, you have the right, for reasons arising from your particular situation, to object at any time to the processing of your personal data, which takes place on the basis of Article 6 Paragraph 1 lit. e) GDPR (data processing in the public interest) and Article 6 Paragraph 1 lit. f) GDPR (data processing on the basis of a weighing of interests). If you object, we will no longer process your personal data unless we can prove compelling reasons for the processing worthy of protection which outweigh your interests, rights and freedoms, or the processing serves the assertion, exercise or defence of legal claims.
You also have the right at any time to object to the processing of your personal data for the purpose of direct marketing (including subscription to our newsletter); this also applies to the creation of a user profile (so-called “profiling”), insofar as it is associated with direct marketing. If you object, we will no longer process your personal data in the future.
Please note that if you do not provide us with certain data or if you object to the use of this data, you will not use the Website or only use it to a limited extent.
The objection can be filed informally and is to be addressed to: email@example.com
8. Changes to this Privacy Statement
To keep this information up to date, this Privacy Statement will be changed when the underlying data processing is changed. We will publish any intended changes to this Privacy Statement in advance if its content changes and not merely if editorial changes are made (e.g. to correct typographical errors).
The Website uses the following types of cookies, the scope and functionality of which are explained below: Transient cookies and persistent cookies.
Transient cookies are automatically deleted when you close your browser. This includes session cookies in particular. They store a so-called session ID, which can be used to assign various requests from your browser to the shared session. This allows your computer to be recognized when you return to our Website. Session cookies are deleted when you log out or close your browser.
Persistent cookies are automatically deleted after a specified period, which may vary depending on the cookie. You can delete the cookies in the security settings of your browser at any time.
You can reset your browser before or after your visit to our Website so that all cookies are rejected, or to indicate when a cookie is being sent. By default, the setting of cookies can be managed by the browser program of your browser, even so that no cookies may be set at all or that cookies are deleted again. Your browser may also have a feature for anonymous browsing. You can use these functions of your browser yourself at any time. If you deactivate the setting of cookies in your browser by default, it is possible, however, that our web pages do not function correctly.
The legal basis for the processing of personal data using cookies is Art. 6 Para. 1 lit. f) GDPR.
To manage the used cookies and similar technologies (tracking pixels, web beacons, etc.) and related consents, we use the consent tool “Real Cookie Banner.” You can find details about the functionality of “Real Cookie Banner” at <a href=”https://devowl.io/de/rcb/datenverarbeitung/” rel=”noreferrer” target=”_blank”>https://devowl.io/de/rcb/datenverarbeitung/</a>.
The legal basis for processing personal data in this context is Article 6(1)(c) of the GDPR and Article 6(1)(f) of the GDPR. Our legitimate interest is the management of the used cookies and similar technologies and the related consents.
The provision of personal data is neither contractually required nor necessary for the conclusion of a contract. You are not obligated to provide personal data. If you do not provide the personal data, we will not be able to manage your consents.
The information generated by the cookie about your use of our Website (identifier, browser type/version, operating system used, referrer URL, shortened IP address, time of server request) is generally transmitted to a Google server in the U.S. and stored there. However, in the Member States of the European Union or in other signatory states to the Agreement on the European Economic Area, your IP address will initially be shortened by Google on our Website. For this purpose, we have implemented the code “gat._anonymizeIp() ;” in order to ensure pseudonymized collection of IP addresses (so-called IP masking).
Only in exceptional cases will the complete IP address transmitted to a Google server in the USA and abbreviated there.
Google will use the information about your use of the Website on our behalf in the context of Google Analytics to evaluate your use of the Website, to compile reports on Website activity and to provide other services relating to Website activity and internet usage. The IP address transmitted by your browser in the context of Google Analytics and Google Tag Manager is not combined with other data from Google by us.
In addition to generally deactivating cookies, you can prevent Google from collecting and processing data about your use of our Website (including your abbreviated IP address) by downloading and installing the browser plug-in at the following link: http://tools.google.com/dlpage/gaoptout.
Google Analytics advertising functions and Google Ads
We also use Google Ads to advertise on the Websites of third parties. In relation to the data of the advertising campaigns, we can determine how successful the individual advertising measures are. We pursue with it the interest to show you advertisements which are of interest for you and to make our web page more interesting for you.
Google uses so-called “ad servers” for this purpose, through which our ads are delivered. For this purpose, we use Ad Server Cookies, which can be used to measure certain parameters such as the display of ads or clicks by users. If you access our Website via a Google advertisement, Google Adwords stores a cookie in your PC. These cookies usually lose their validity after 30 days and cannot be used by us to identify you personally. The unique cookie ID, number of ad impressions per placement (frequency), last impression (relevant for post-view conversions) and opt-out information (marking that the user no longer wishes to be addressed) are usually stored as analysis values for this cookie.
These cookies enable Google to recognize your Internet browser for advertising purposes. If a user visits certain pages of an AdWords customer’s Website and the cookie stored on his or her computer has not yet expired, Google can track whether the user clicked on the ad and was directed to that page. Each Adwords customer is assigned a different cookie. Cookies cannot therefore be traced via the Websites of Adwords customers. We can never personally identify you with the information we collect and only receive aggregated reports about user behavior. On the basis of these evaluations, we can identify which of the advertising measures used are particularly effective. We do not receive any further data from the use of the advertising media, in particular we cannot identify the users on the basis of this information.
You can also opt out of participating in this tracking process via Google’s preferences at https://www.google.de/settings/ads, or as part of the About Ads self-regulatory campaign via the link http://www.aboutads.info/choices, where this setting will be deleted if you delete your cookies. You can also disable it in your browser by installing a plugin if you click on the following link: http://www.google.com/settings/ads/plugin.
Further information on data processing within the framework of Google Ads can be found at https://policies.google.com/technologies/ads?hl=en and https://www.google.de/intl/de/policies/privacy/.
Facebook Pixel Tag
The Facebook pixel is installed on our Website. An overview of the Facebook plugins can be found here: http://developers.facebook.com/docs/plugins/. These are services of Facebook Ireland Ltd, 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland (“Facebook EU”), which also transmit data to Facebook Inc., 1 Hacker Way, Menlo Park, CA 94025, USA (“Facebook USA”; together with Facebook EU as a whole “Facebook”). Like Google, Facebook USA is certified under the Privacy Shield Agreement, providing an appropriate level of data protection outside the EU (https://www.privacyshield.gov/participant?id=a2zt000000000GnywAAC&status=Active).
When you visit our Website, a direct connection is established between your device and the Facebook server. Facebook receives information that you have visited our Website, including your IP address. If you click the “Like” button in your Facebook account, you can link the content of our Website to your Facebook profile. In this way, Facebook can connect the visit with the visitor and use it to advertise on Facebook according to the interests of the visitor.
The tracking pixel transmits to Facebook your IP address and other information when you use our Website, including device information (operating system, hardware version, device settings, file and software names and types, battery and signal strength), device identifiers, device locations, including specific geographic locations such as GPS, Bluetooth or WiFi signals, connection information such as the name of your mobile operator or ISP, browser type, language and time zone, mobile phone number) and information about your activities. When you later sign into Facebook, an irrevocable, non-personally identifiable checksum (profile) of your Usage Data is sent to Facebook for analysis and marketing purposes.
For analysis purposes we use Hubspot, a service of Hubspot Inc., HubSpot Headquarters (Cambridge, MA),25 First St., 2nd floor, Cambridge, Massachusetts 02141, USA (“Hubspot”). Hubspot is certified under the EU-US Privacy Shield (https://www.privacyshield.gov/participant?id=a2zt0000000TN8pAAG).
So-called web beacons are used and cookies are also set. Hubspot evaluates the information collected (e.g. IP address, geographical location, type of browser, domain of our Website and subpages called up, the time of the first visit, the time of the last visit, the time of the current visit and a session number) on our behalf in order to generate reports about the visit and the subpages visited.
More information about how Hubspot works can be found in the Hubspot Inc. Privacy Statement at: http://legal.hubspot.com/de/privacy-policy.
Our Website uses features of the LinkedIn network. The provider is LinkedIn Corporation, 2029 Stierlin Court, Mountain View, CA 94043, USA (“LinkedIn”). Each time you visit one of our Websites, a connection is established to LinkedIn servers. LinkedIn will be informed that you have visited our Website with your IP address. If you click the LinkedIn “Recommend” button and are logged into your LinkedIn account, LinkedIn will be able to associate your visit to our Website with you and your user account. Thus, LinkedIn can place targeted advertising and content on the LinkedIn platform for you.
For more information, see LinkedIn’s Privacy Statement at: https://www.linkedin.com/legal/privacy-policy. If you wish to object to the processing of your data by LinkedIn, you can do so here: https://www.linkedin.com/psettings/guest-controls/retargeting-opt-out.
To integrate different databases and tools we use Zapier, a service of Zapier Inc., 548 Market St #62411, San Francisco, California 94104, USA (“Zapier”).
Zapier functions exclusively as a technical service provider for cloud services on our behalf. Further information on data protection at Zapier can be found at https://zapier.com/privacy . Zapier’s Privacy Shield certificate can be viewed at: https://www.privacyshield.gov/participant?id=a2zt0000000TNk2AAG.
On our Website we also use the Albacross pixel, a service of Albacross Nordic AB, Kungsgatan 26, 111 35 Stockholm, Sweden (“Albacross”). We use Albacross for B2B marketing and lead generation. As soon as you visit our Website, your IP address, your reffer URL and a so-called fingerprint of your terminal device (screen resolution, browser type and version, operating system, device type) will be sent to Albacross. Albacross then compares this data with its own database and the companies stored there to determine whether you are one of these companies. The data collected with the pixel-code will not be used to personally identify you as a visitor to this Website without your separate consent. The sole purpose of data processing is to identify which IP address with the Albacross tracking code belongs to a company and thus to identify which companies have visited our Website and, on the basis of this data, to make targeted advertisements to these companies. Further information on data processing by Albacross can also be found at https://albacross.com/privacy-policy/.
Our e-mail newsletters are sent with your consent via the technical service provider The Rocket Science Group, LLC d/b/a MailChimp, 675 Ponce de Leon Ave NE, Suite 5000, Atlanta, GA 30308, USA (http://www.mailchimp.com/ – “Mailchimp”), to whom we forward the data you provide when registering for the newsletter. It is a provider that is also certified according to the Privacy Shield program and can therefore always guarantee an adequate level of protection for your data. The certificate can be viewed at: https://www.privacyshield.gov/participant?id=a2zt0000000TO6hAAG.
MailChimp uses this information for the dispatch and statistical evaluation of the newsletter on our behalf. For evaluation purposes, the e-mails sent also contain tracking pixels that represent one-pixel image files that are invisible to the eye. In this way it can be determined whether a newsletter message has been opened and which links have been clicked. Technical information is also recorded (e.g. time of access, IP address, browser type and operating system). The data will be collected exclusively pseudonymized and will not be linked to your other personal data, a direct personal reference is excluded. This data is used exclusively for statistical analysis. The results of these analyses can be used to better tailor future newsletters to the interests of recipients.
If you wish to object to the data analysis for statistical evaluation purposes, you must unsubscribe from the newsletter.
Furthermore, MailChimp may use this data in pseudonymised form in accordance with Art. 6 Para. 1 lit. f DSGVO itself on the basis of its own legitimate interest in the needs-based design and optimisation of the service as well as for market research purposes in order to determine, for example, from which countries the recipients come. However, MailChimp does not use the data of our newsletter recipients to write to them or pass them on to third parties. To protect your data in the USA, we have concluded a data processing order with MailChimp based on the standard contractual clauses of the European Commission to enable the transfer of your personal data to MailChimp. If you are interested, this data processing agreement can be viewed at the following Internet address: http://mailchimp.com/legal/forms/data-processing-agreement/.
For hosting the monitoring service, we use the hosting provider Microsoft Azure, a cloud service of Microsoft Corporation (One Microsoft Way, Redmond, WA 98052-6399 USA), as part of commissioned processing pursuant to Art. 28 GDPR.
The data protection provisions and the description of the Microsoft Azure services are available at https://azure.microsoft.com/de-de/overview/trusted-cloud/privacy/.
The legal basis for the use of OptinMonster is Art. 6 para. 1 p. 1 lit. f GDPR. We have a legitimate interest in providing visitors to our website with additional offers. The processing of data entered in a form is based exclusively on the consent given, Art. 6 para. 1 p. 1 lit. a GDPR. The consent given for the use and storage of the data can be revoked at any time. The revocation does not affect the legality of the data processing already carried out.
Solytic has concluded a contract for commissioned data processing with OptinMonster, in which OptinMonster has been obliged to protect personal data in accordance with the applicable provisions of the GDPR.
You can prevent the setting of cookies required for the use of the plugin by deleting existing cookies and deactivating the automatic setting of cookies in the settings of your web browser.
Our website uses the Cookie Consent solution provided by Iubenda (iubenda s.r.l., Via San Raffaele, 1 – 20121 Milan, Italy). The plugin automates the implementation of ePrivacy (Cookie Law) and GDPR requirements by means of a fully customisable cookie banner, blocking scripts and the management of all aspects of cookie consent.