Categories
If the data processing is necessary for the performance of a task carried out in the public interest or in the exercise of official authority or to protect the legitimate interests of the data controller or a third party (based on Art. 6(1)(e) or (f) GDPR and Art. 4 GDPR), you have the right to object, for reasons related to your particular situation, at any time to the processing of your personal data; this also applies to profiling based on these provisions. The specific legal basis for the processing is outlined in this privacy policy.
If you lodge an objection, we will no longer process your affected personal data unless we can demonstrate compelling legitimate grounds for the processing that override your interests, rights, and freedoms, or the processing is necessary for the establishment, exercise, or defense of legal claims.
If your personal data is processed for direct marketing purposes, you have the right to object at any time to the processing of your personal data for such marketing purposes; this also applies to profiling insofar as it is related to such direct marketing. If you object, your personal data will no longer be used for direct marketing purposes.
Many data processing operations are only possible with your explicit consent. We obtain this consent before starting any data processing that requires it. You can withdraw your consent at any time. If the option to withdraw consent is not already provided through clickable links or browser settings, a simple notification to us via email is sufficient. The legality of the data processing carried out before the withdrawal remains unaffected by the withdrawal.
Data subjects have the right to lodge a complaint with the relevant supervisory authority in the event of data protection violations. The competent supervisory authority for data protection matters is the data protection officer of the federal state in which our company is based. Below the data protection officer and their contact detail can be found at the following link:
You have the right to receive data that we process automatically based on your consent or in the performance of a contract, in a commonly used, machine-readable format and to transmit that data to you or another controller. If you request the direct transmission of data to another controller, this will only be done to the extent technically feasible.
You have the right, within the scope of applicable legal provisions, to access your stored personal data at any time, including information about its origin and recipients, the purpose of the data processing, and, if applicable, a right to rectification, restriction, or erasure of this data. For these and other questions regarding personal data, you may contact us at the address provided in Section I.2. above.
If you have consented to the processing of your personal data according to Art. 4 No. 1 GDPR by us, Art. 6 (1) (a) GDPR serve as the legal basis for processing. Processing of personal data required to fulfill contractual or pre-contractual obligations is based on Art. 6 (1) (b) GDPR. If processing is necessary for the protection of our legitimate interests or those of a third party, and the interests, fundamental freedoms, and fundamental rights of the data subject do not override, Art. 6 (1) (f) GDPR serves as the legal basis for processing personal data. We indicate the applicable legal basis for the processing operations carried out by us below. Processing may also be based on multiple legal bases.
We specify how long data will be stored and when it will be deleted or blocked. The duration of data storage depends on the purpose of processing, the legal basis, and statutory retention periods.
If data processing is based on consent according to Art. 6 (1) (a) GDPR, the data will be stored until the data subject withdraws their consent.
If personal data is processed for direct marketing purposes based on Art. 6 (1) (f) GDPR, the data will be stored until the data subject exercises their right to object according to Art. 21 (2) GDPR.
If no explicit storage duration is provided below, your personal data will be deleted or blocked as soon as the purpose or legal basis for storage no longer applies.
However, storage may continue beyond the specified period in the event of (impending) litigation with you or other legal proceedings.
Once the statutory retention period expires, personal data will be blocked or deleted unless further storage is necessary and there is a legal basis for it.
We implement appropriate technical and organizational security measures to protect your data against accidental or deliberate manipulation, partial or complete loss, destruction, or unauthorized access by third parties, taking into account the state of technology, implementation costs, the nature, scope, context, and purpose of processing, as well as the existing risks of a data breach (including the likelihood and impact) for the data subject. Our security measures are continuously improved in line with technological developments.
Upon request, we are happy to provide you with further information. Please contact our data protection officer (see above).
We can only provide you with the benefits of our online offering if certain data necessary for the operation of the website is collected. We collect this data when it is necessary to fulfill the contract between you and us (also in the form of terms of use for this website) according to Art. 6 (1) (b) GDPR or if you have given your consent (Art. 6 (1) (a) GDPR).
During purely informational use of our website, i.e., if you do not register or provide us with other information, we collect and process the following technical data necessary to display our website:
Visited website Source/reference from which you accessed the page Device information: Access data includes IP address, device ID, device type, device-specific settings, date and time of retrieval, time zone, the amount of data transferred in bytes, and whether the data exchange was complete, device crashes, browser type, and operating system. These access data are processed to technically enable the operation of the website. Information with your consent: Other information (e.g., geo-location data, personal data such as name and email address) is processed if you permit us to do so.
Data will not be used for any other purposes or shared further. However, it may be necessary to review server log files retrospectively if there are concrete indications of unlawful use of the website.
If you (proactively) contact us via a contact form or chat provided by us, the data you provide will be stored by us to respond to your request and for related technical administration. The legal basis for processing this data is our legitimate interest in addressing your concerns according to Art. 6 (1) (f) GDPR. Providing certain truthful data is necessary for processing your request, while other information is voluntary. Mandatory information required to respond to your request is marked as such, and the remaining information is voluntary. The data collected via a contact form can be identified in the respective contact form. The processing of the aforementioned data may be based on your consent if you have provided such during your contact according to Art. 6 (1) (a) GDPR, and, where special categories of personal data (e.g., health data or other 'sensitive' data) are concerned, according to Art. 9 (2) (a) GDPR. The collected personal data will be deleted immediately after your request is fully processed unless required for the initiation or execution of a contract with you according to Art. 6 (1) (b) GDPR, or statutory retention obligations exist.
If you, as a businessperson, contact us via a contact form or email provided by us, your data may be stored in a customer service system, which may also be used to contact you for marketing purposes if you have granted us additional consent (see also the following section). Please ensure that you select the correct subject in contact forms with fixed subject options to avoid being mistakenly classified as a business customer and receiving a different response compared to consumers.
With consent, we may later inform users of our website about specific products and services from OPENAX (especially the partner program). The personal data that can be used for sending information is specified in the input mask used for this purpose.
For legal reasons, a confirmation email will be sent to the email address provided by a data subject in the double-opt-in process. This confirmation email serves to verify whether the owner of the email address, as the data subject, has authorized the receipt of promotional content.
When registering/signing up or submitting contact form content, we also store the IP address assigned by the Internet Service Provider (ISP) of the computer system used by the data subject at the time of registration, as well as the date and time of registration. The collection of this data is necessary to trace any potential misuse of the email address of the data subject later and serves as legal protection for the data controller.
Consent to the processing of personal data provided by the data subject for the purpose of sending information can be withdrawn at any time with effect for the future.
On our website, users are given the option to subscribe to our company's newsletter to receive regular information about our offers. The personal data transmitted to the data controller when ordering the newsletter is specified in the input mask used for this purpose.
With consent according to Art. 6 (1) (a) GDPR, we regularly inform our customers and business partners about our company's offers through a newsletter. The company’s newsletter can generally only be received if:
A confirmation email will be sent to the email address initially registered for the newsletter for legal reasons in a double-opt-in process. This confirmation email serves to verify whether the owner of the email address has authorized the receipt of the newsletter. Activating the confirmation link constitutes consent to the use of your personal data.
When registering for the newsletter, we also store the IP address assigned by the Internet Service Provider (ISP) to the computer system used by the data subject at the time of registration, as well as the date and time of registration. This data collection is necessary to trace any potential misuse of the data subject's email address later and serves as legal protection for the data controller.
The personal data collected during newsletter registration is used solely for sending our newsletter. Subscribers may also be informed via email if this is necessary for the operation of the newsletter service or related registrations, such as changes to the newsletter offer or technical conditions. Personal data collected in the course of the newsletter service will not be shared with third parties. Subscription to our newsletter can be canceled by the data subject at any time. Consent to the storage of personal data given by the data subject for newsletter dispatch can be withdrawn at any time. To withdraw consent, there is a corresponding link in each newsletter. Additionally, you can unsubscribe from the newsletter directly on the data controller's website or inform the data controller in another way.
The data controller has integrated the Brevo component from (Sendinblue GmbH), for newsletter registration on this website in accordance with Art. 28 GDPR. Transmission of your data to Sendinblue GmbH is carried out within the framework of order processing according to Art. 28 GDPR. Sendinblue is also prohibited from selling your data or using it for purposes other than sending newsletters. Sendinblue is a German certified provider selected according to the requirements of the General Data Protection Regulation and the Federal Data Protection Act.
For more information, please click here:
https://de.sendinblue.com/informationen-newsletter-empfaenger/?rtype=n2go
Our newsletters may contain tracking pixels. A tracking pixel is a tiny graphic embedded in HTML-formatted emails to enable log file recording and log file analysis. This allows statistical evaluation of the success or failure of online marketing campaigns. Using the embedded tracking pixel, we can determine if and when an email was opened by a data subject and which links in the email were clicked by the data subject.
Personal data collected via the tracking pixels in newsletters is stored and evaluated by the data controller to optimize newsletter delivery and better tailor the content of future newsletters to the data subject’s interests. This personal data is not shared with third parties. Data subjects have the right to withdraw their separate consent given through the double-opt-in process at any time. After withdrawal, this personal data will be deleted by the data controller. Unsubscribing from the newsletter is automatically considered as withdrawal. After unsubscribing, we will promptly delete your email address from our newsletter distribution list so that you will no longer receive newsletters, unless you have explicitly consented to further use of the data.
Cookies may be used for the operation of our website to make it more pleasant for the user or to enable certain functions. Cookies are small text files that are stored on your device’s memory and may be associated with the mobile device you are using, and through which certain information is transmitted to the place that sets the cookie. Cookies cannot run programs or transmit viruses to your device, and therefore cannot cause harm. They serve to make our internet offering generally more user-friendly and effective, i.e., more pleasant for you.
Cookies cannot directly identify a user but may contain data that allows the recognition of the device used. In some cases, cookies contain only information about certain settings that are not personally identifiable.
There is a distinction between session cookies, which are deleted once you end your internet session, and persistent cookies, which are stored beyond a single session. With regard to their function, cookies are further distinguished as follows:
Technically necessary cookies: These are essential for navigating our website, using basic functions, and ensuring the website's security. They do not collect information about you for marketing purposes and do not store which websites you have visited;
Performance cookies: These collect information about how you use our website, which pages you visit, and whether, for example, errors occur while using the website. They do not collect information that could identify you - all collected information is anonymous and is only used to improve our website and find out what interests our users;
Advertising cookies, Targeting cookies:
Advertising cookies, Targeting cookies: These are used to offer you targeted advertising within our internet offering or from third-party offers and to measure the effectiveness of these offers; Advertising and targeting cookies are stored for a maximum of 36 months;
Social cookies/Sharing cookies: These are used to improve the interactivity of our website with other services (e.g., social networks); Sharing cookies are stored for a maximum of 36 months.
According to Art. 6 para. 1 lit. b GDPR, the processing of your data by cookies used is either for the performance of a contract or for contract initiation, or according to Art. 6 para. 1 lit. f GDPR, to protect our legitimate interests. These interests are based on our desire to optimally design our website and achieve a user-friendly presentation.
Any use of cookies that is not strictly necessary is considered data processing that can only occur with your explicit and active consent according to Art. 6 (1) sentence 1 lit. a) GDPR.
This particularly applies to the use of advertising, targeting, or sharing cookies. Additionally, we will only share your personal data processed through cookies with third parties if you have given us your explicit consent according to Art. 6 para. 1 sentence 1 lit. a) GDPR.
Please note that when using cookies, your data may be transferred to recipients outside the EEA where there is no adequate level of data protection according to GDPR (e.g., USA).
Details can be found in the subsequent description of the individual marketing tools.
This website uses cookies and similar functions to process device information and personal data. The processing serves to integrate content, external services, and third-party elements, statistical analysis/measurement, personalized advertising, and integration of social media. Depending on the function, data is transferred to third parties and processed by them in countries where there is no adequate level of data protection, e.g., the USA. Your consent is always voluntary, not required for the use of our website, and can be rejected or withdrawn at any time on our site.
TECHNICALLY NECESSARY
Legal basis: Consent, Art. 6 para. 1 lit. a GDPR
Analysis / Statistics
. Tools : Adform
Publisher : Adform A/S
Description: Adform is the ‘brand-led media platform’ in Europe. It combines media planning, buying, delivery, optimization, and reporting in one platform and offers a global solution for agencies, online advertisers, and publishers. The browser type used by the user and its settings. Information about the device's operating system. Information about cookie IDs and other identifiers assigned to the device. The IP address under which the device interacts with the customer’s website or mobile application; IP addresses may be truncated, encrypted, or both in accordance with local laws or other requirements. Information about user interactions and activities on websites and mobile applications, including the time of interaction or activity, involved internet addresses, and search terms entered in search engines. Information about the approximate geographical location of the device (city, state, postal code) when visiting a website or mobile application, derived from truncated IP address information or truncated GPS data. Adform processes only pseudonymous data. This means that no directly identifiable data can be entered into the platform. Data such as names, email addresses, phone numbers, and similar data are automatically rejected by the platform. The database is scanned daily for violations algorithmically and manually. Additionally, various measures such as IP truncation are automatically carried out through breach analysis.
Link to Privacy Policy
https://site.adform.com/privacy-center/platform-privacy/product-and-services-privacy-policy/
What data is collected?
Browser information; Date and time of visit; Device ID; Usage data; Device operating system; Device information; Browser
type; Search terms; Geographical location; Visited websites; Cookie ID; Viewed ads; Clicked ads; Mobile advertising IDs;
Third-party information; Unique device ID; Cross-device ID; Partner ID
Purpose of data collection
Advertising; Analysis; Optimisation; Content delivery; Statistics; Personalization; Tag management; Payment; Bot
protection; Targeting; Retargeting; Social media; Website security; Conversion tracking; Conversion tracking; Customer
data management; Search results; Personalized advertising content; Access measurement; Reach measurement; System
security; Statistical purposes; Identity verification
Cookies:
. Tools: Google Analytics 4
Publisher: Google Ireland Limited
Description: Collects statistics on website usage. (Distance measurement) Browser information (browser type, referral/exit pages, files viewed on our site, operating system, timestamp and/or click stream data) Usage data (views, clicks) IP address (we have enabled IP anonymization (hence - IP masking) (your IP address, so your IP address is truncated by Google in the EU and EEA before transmission, so no further conclusions about the person are possible. Only this anonymized IP address is transmitted to Google.)
Link to Privacy Policy
https://policies.google.com/privacy?hl=en
What data is collected?
Browser information; Click path; Date and time of visit; Location information; Internet service provider; Device
information; Referrer URL; Screen resolution; Mouse movements; Anonymized IP address; Visit duration; Account data;
Bounce rates; Downloads; Behavioral data; App updates
. Tools: Google Tag Manager
Publisher: Google Ireland Limited
Description: This is a tag management system. With Google Tag Manager, tags can be integrated centrally via the user interface. Tags are small code snippets that can track activities. Script code for other tools is integrated via Google Tag Manager. The Tag Manager can control when certain tags are activated.
Link to the Privacy Policy
https://policies.google.com/privacy?hl=en
What data is collected?
Aggregated data about tag triggers; Aggregated data for tag triggers; No data collected
Purpose of data collection, Tag management; Functionality; Lead generation; Website tag management; Manage website tags;
Network analysis; Manage tags and scripts on this website; Ensure comfortable use of our website
. Tools: Hotjar
Publisher: Hotjar Limited
Description: Hotjar uses cookies and other technologies to collect information about user behavior and their devices. It captures the device's IP address (logged and stored only in anonymized form), screen size, device type (unique device identifiers), browser information, geographic location (country only), preferred language for displaying the website. Hotjar stores this information in pseudonymized user profiles. Hotjar or we do not use this information to identify individual users or to match it with other data about individual users.
Link to the Privacy Policy
https://www.hotjar.com/legal/policies/privacy
What data is collected?
Browser information; Date and time of visit; IP address; Device operating system; Referrer URL; Browser type;
Geographical location; Screen resolution; Device type; Visited pages; Mouse movements; Domain name; Unique device
identifier; Language information; Clicks; Unique user identifier; Survey responses
Purpose of data collection
Advertising; Analysis; Content delivery; Service improvement; Tag management; Cloud computing; Bot protection; Website
security; Online audio distribution; Enabling downloads; Feedback; Tracking acceptance; Measuring ad performance;
Managing website tags; System security; Selecting simple ads; Measuring ad performance; Measuring content performance;
Using market research to gain audience insights
. Tools: Bing Ads Retargeting
Provider: Microsoft Corporation
Description: It is a retargeting service that helps websites reconnect with previous visitors.
Link to Privacy Policy
https://privacy.microsoft.com/en/PrivacyStatement
What data is collected?
Cookie information; IP address; Referrer URL; URL; Browser language; Screen resolution; Digital signature; Microsoft
Click ID; Page title; Page load time; IP Address; Version of UET; Event information; Microsoft Click ID; Browser
language; Screen resolution; cookie information; Digital signature; Page title; Version of UET; Event information; Page
load time
Purpose of data collection: Retargeting
. Tools: Outbrain
Provider: Outbrain Inc
Description: Outbrain is the leading SEO platform for the open web. Our technology enables one-third of online consumers worldwide to discover new things through recommendation feeds on their favorite media, and connects advertisers with these audiences to grow their business.
Link to Privacy Policy
https://www.outbrain.com/legal/privacy
What data is collected?
Date and time of visit; Device operating system; Device information; Referrer URL; Browser type; Visited websites;
Anonymized IP address
Purpose of data collection
Advertising; Conversion tracking
. Tools: Twitter
Provider: Twitter
Description: These are third-party Twitter cookies. These cookies allow users to log into their Twitter account when they want to share content on our website with their friends. These cookies do not allow us to access your account or provide us with confidential information about your account. These cookies also enable Tweet news feeds to appear on the website.
Link to Privacy Policy
https://twitter.com/en/privacy
. Tools: Google Ads Conversion Tracking
Publisher: Google Ireland Limited
Description: This is a conversion tracking service. This service tracks what happens when a user visits a website and clicks on an ad we serve through Google Ads. With conversions, we measure whether users perform a specific action (e.g., subscribing to a service) on a website specified by us after clicking on an ad served through Google Ads. This allows us to track which keywords, ads, ad groups, or campaigns led to the desired user interaction.
Link to Privacy Policy
https://policies.google.com/privacy?hl=en
What data is collected?
Date and time of visit; IP address; Referrer URL; Browser type; Browser language; Cookie ID; User behavior; Clicked ads;
Web requests
Purpose of data collection
Analysis; Content delivery; Service improvement; Cloud computing; Bot protection; Measuring the success of marketing
campaigns; Conversion tracking; Customer data management; Customer behavior analysis; Personalized advertising content;
Conversion optimization
. Tools: Facebook Pixel
Publisher: Meta Platforms Ireland Ltd.
Description: This is a tracking technology provided by Facebook and used by other Facebook services. It is used to track visitors' interactions with the website (“events”) after they have clicked on ads offered on Facebook or other Meta services (“conversions”).
Link to Privacy Policy
https://www.facebook.com/privacy/explanation
What data is collected?
Browser information; Location information; IP address; Usage data; Device operating system; Device information; Referrer
URL; Browser type; User Agent; Geographical location; Facebook user ID; HTTP headers; Visited pages; Interactions with
ads, services, and products; User behavior; Viewed ads; Viewed content; Clicked items; Marketing information; Pixel ID;
Facebook cookie information; Usage/click behavior; Device ID; Non-sensitive custom data; Success of marketing campaigns;
IP address; Location information; Device information; Facebook user ID; Non-sensitive custom data; Pixel-specific data;
User behavior; Ads viewed; Interactions with ads, services, and products; Marketing information; Content viewed; Browser
information; Conversion goals; Visitor ID; Facebook user ID; Pixel-specific data; Browser information; Location
information; Device information;
Purpose of data collection
Advertising; Analysis; Font delivery; Service improvement; Marketing; Personalization; Tag management; Payment; Cloud
computing; Bot protection; Functionality; Retargeting; Website security; Conversion tracking; Recommendations; Buyer
protection; Feedback; Tracking; Geolocation; Accept tracking; Customer behavior analysis; Analytics; Tracking; Search
results; Success measurement; Access measurement; Reach measurement; Manage tags and scripts on this website; Research;
Location identification; Lead generation; Managing customer reviews; Website monitoring; Providing online chats;
Tracking ID; Facilitate payments; Improve service; Provide a marketplace for marked data; Trend analysis; Display ads;
Processing applications; Provide software solutions; Digital advertising; Product updates; Company news; Sponsorship
news; Website design; Create targeted advertising graphics;
. Tools: Google Maps
Publisher: Google Ireland Limited
Description: We have integrated Google Maps to provide you with a better browsing experience on our website.
Link to Privacy Policy
http://www.google.com/intl/en/policies/privacy/
What data is collected?
Date and time of visit; Location information; IP address; Usage data; URL; Search terms; Geographical location; IP
address; Usage of the embedded map service (clicks, map view changes, etc.); URLs
Purpose of data collection
Content delivery; Font delivery; Service improvement; Displaying maps; Personalization; Displaying content; Social
media; Website security; Displaying maps; Improving Google products and services; Providing a marketplace for marked
data
This website uses the Google Maps service through an API interface. The provider is Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA.
To use the features of Google Maps, it is necessary to store your IP address. This information is usually transferred to and stored on a Google LLC server in the USA. The provider of this site has no control over this data transfer.
The use of Google Maps is in the interest of providing an attractive presentation of our online offerings and an easy way to locate the places specified on our website. This represents a legitimate interest on our part pursuant to Art. 6(1)(f) GDPR.
For more information on how user data is handled, please refer to Google’s privacy policy: Privacy Policy – Privacy & Terms – Google.
If you have given your consent, this website uses Google Analytics 4, a web analytics service provided by Google LLC. The data controller for users in the EU/EEA is Google Ireland Limited, Google Building Gordon House, 4 Barrow St, Dublin, D04 E5W5, Ireland (“Google”).
Scope of Processing: Google Analytics uses cookies to enable analysis of your use of our websites. The information collected via cookies about your use of this website is generally transmitted to and stored on a Google server in the USA.
For Google Analytics 4, IP address anonymization is enabled by default. Due to IP anonymization, your IP address is truncated by Google within member states of the European Union or in other contracting states to the Agreement on the European Economic Area. Only in exceptional cases is the full IP address transmitted to a Google server in the USA and truncated there. According to Google, the IP address transmitted by your browser as part of Google Analytics is not combined with other Google data.
During your visit to the website, your user behavior is recorded in the form of 'events'. Events may include:
Additionally, the following is recorded:
Data Retention: The data we send and link with cookies will be automatically deleted after 2 months. Data retention is automatically carried out once a month.
Legal Basis: The legal basis for this data processing is your consent according to Art. 6(1)(a) GDPR.
Revocation: You can revoke your consent at any time with future effect by accessing the cookie settings and changing your selection:
The legality of the processing carried out based on the consent until the revocation remains unaffected.
You can also prevent cookies from being stored in the first place by configuring your browser software accordingly. However, if you configure your browser to reject all cookies, this may lead to limitations in functionality on this and other websites. Additionally, you can prevent the collection of data generated by the cookie and related to your use of the website (including your IP address) by Google, as well as the processing of this data by Google, by
Within our company, departments responsible for processing inquiries have access to your data. Additionally, we use external service providers, particularly data processors in accordance with Art. 28 GDPR, where we cannot provide services ourselves or where it is unreasonable to do so. These external service providers primarily include IT and telecommunications service providers. If certain service providers are explicitly mentioned, you can find further information in their respective privacy policies. Furthermore, we may share your data with external service providers for handling your inquiries (especially installers or sales partners) when using our website, who may provide you with additional offers.
Transfers to third countries outside the European Economic Area (EEA) occur only under certain conditions as outlined in Art. 44ff GDPR.
The European Commission has granted certain third countries an adequacy decision, confirming that they provide a level
of data protection comparable to the EEA standard. A list of these countries and copies of the adequacy decisions can be
found here:
https://commission.europa.eu/law/law-topic/data-protection/international-dimension-data-protection/adequacy-decisions_en
In other third countries to which personal data may be transferred, a uniformly high level of data protection may not be guaranteed due to the absence of legal provisions. In such cases, we ensure that adequate data protection is maintained through binding corporate rules, standard contractual clauses of the European Commission for the protection of personal data (available at https://commission.europa.eu/publications/standard-contractual-clauses-international-transfers_de), certifications, or recognized codes of conduct. You may contact our Data Protection Officer if you require further information on this matter.
Transfer to Third Countries and Google Analytics: Where data is processed outside the EU/EEA and there is no equivalent level of data protection to the European standard, we have established an appropriate level of data protection with the service provider by using EU Standard Contractual Clauses. The parent company of Google Ireland, Google LLC, is based in California, USA. Data transfer to the USA and access by U.S. authorities to the data stored by Google cannot be ruled out. The USA is currently considered a third country from a data protection perspective. You do not have the same rights as within the EU/EEA, and legal remedies against access by authorities may not be available.
Our website is not intended for children. Individuals under the age of 16 are not permitted to submit personal data or provide consent without the approval of their legal guardians. We strongly advise parents, guardians, and minors to comply with GDPR requirements and not to circumvent age restrictions.
We do not intend to use the personal data collected from you for automated decision-making (including profiling).
To show you installers in your area, we process the following personal data based on a contract:
The legal basis for processing this data is Article 6(1)(b) GDPR.
When you use the solar calculator, we use the data you input to provide you with a corresponding non-binding offer and additional information such as potential savings. With your consent, we may also contact you for informational and marketing purposes using the contact details you provided. Furthermore, if you also consent to this, we will forward your data to up to three selected installers in your region to provide further consultation and a non-binding offer. Providing certain accurate data (particularly name, address, geo-location data, roof area based on satellite images from third-party services, heating type, email address) is necessary to process your request and provide you with a PDF summary. The processing of the aforementioned data is based on your consent, which you express by entering data into the form, according to Article 6(1)(a) GDPR. The collected personal data will be deleted no later than 24 months after it is no longer required for the initiation or performance of a contract with you.
We process the application data mentioned in this section for the purpose of initiating or performing an employment relationship or a similar employment relationship to the extent described below.
In particular, the following categories of data may be processed:
If you contact us proactively, we process the data you provide during the initial contact, as well as any additional data we request.
We treat and process all information (including resumes, certificates, and qualifications) as application data, as well as any other information (e.g., from phone interviews or personal meetings). This is done for the contractual or pre-contractual purposes mentioned above. Providing certain accurate data is necessary to process your request; further information (including the submission of a photo) is optional.
As far as your data is required for the recruitment process, Article 88 GDPR is the legal basis for processing your data.
If the data concerns special categories of personal data (e.g., health data, union or religious affiliation, or other 'sensitive' data), processing is based on your consent according to Article 9(2)(a) GDPR, which you have expressed by disclosing this data.
If your application is successful and an employment relationship is established, your data will be stored for the duration of the employment relationship. After you leave the company, we will process your data for evidence purposes for up to three years.
The processed personal data will be deleted if processing is no longer necessary for contract performance or if you request deletion as part of your rights as a data subject. This usually occurs no later than six (6) months after the conclusion of the application process, if there are no longer retention obligations. If no hiring takes place, in individual cases, a longer retention period of 24 months from the last individual contact with you may apply—e.g., to defend against potential OPENAX claims—based on our legitimate interests according to Article 6(1)(f) GDPR.
We reserve the right to amend this privacy policy at any time, in accordance with legal requirements.
01/2025
