发布者

信息

I. General Information, Responsible Authority, and Legal Framework

1. Legal Framework and Principles of Data Processing

We take the protection of your personal data very seriously and handle your personal data confidentially and in accordance with the statutory data protection regulations (within the framework of the GDPR (EU); in the Federal Republic of Germany under the Federal Data Protection Act (BDSG) and in Switzerland under the Data Protection Act (DSG)), as well as this privacy policy.

When using our online services, we collect personal data about you. This privacy policy explains what data we collect and how we use it. It also explains how and for what purposes this is done.

2. Responsible Authority

The data controller is the natural or legal person who alone or jointly with others determines the purposes and means of processing personal data (e.g., names, email addresses, etc.).

The responsible authority (hereinafter also 'we', 'us', 'our') in terms of data protection law is:
AE Alternative Energy GMBH
Messerschmittring 54
86343 Königsbrunn
Germany

+49 8231 978268 0
info@ae-solar.com
sales@ae-solar.com

IMPRINT
Tax ID: 102/121/20478 AE Alternative Energy GmbH
WEEE-Reg.-No. DE 20958316
Process ID: RV-201601-001190
Commercial Register Augsburg: HRB 24795
Managing Director: Alexander Maier
Registration number according to ElektroG:
VAT No.: DE268975577
Registration No. UID: DE268975577

3. Definitions

Our privacy policy is based on the terms used by the European legislator in the adoption of the General Data Protection Regulation (GDPR) and the Swiss Data Protection Act (DSG). We would like to explain the essential terms:

a.

Personal data means any information relating to an identified or identifiable natural person (hereinafter referred to as 'data subject'). An identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, identification number, location data, online identifier, or to one or more specific factors inherent to the physical, physiological, genetic, mental, economic, cultural, or social identity of that natural person.

b.

Data subject means any identified or identifiable natural person whose personal data is processed by the data controller.

c.

Processing means any operation or set of operations which is performed on personal data or on sets of personal data, whether or not by automated means, such as collection, recording, organization, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure, or destruction.

d.

Restriction of processing means the marking of stored personal data with the aim of limiting their processing in the future.

e.

Profiling means any type of automated processing of personal data consisting of the use of personal data to evaluate certain personal aspects relating to a natural person, in particular to analyze or predict aspects concerning that natural person's work performance, economic situation, health, personal preferences, interests, reliability, behavior, location, or movements.

f.

Pseudonymization means the processing of personal data in such a manner that the personal data can no longer be attributed to a specific data subject without the use of additional information, provided that such additional information is kept separate and subject to technical and organizational measures to ensure that the personal data cannot be attributed to an identified or identifiable natural person.

g.

Controller or data controller means the natural or legal person, authority, agency, or other body which alone or jointly with others determines the purposes and means of the processing of personal data. Where the purposes and means of such processing are determined by Union law or the law of the Member States, the controller or the specific criteria for its designation may be provided for by Union law or the law of the Member States.

h.

Processor means a natural or legal person, public authority, agency, or other body which processes personal data on behalf of the controller pursuant to Article 28 GDPR and Article 9 GDPR.

i.

'Recipient' means a natural or legal person, public authority, agency, or other body to which the personal data is disclosed, whether or not a third party. However, public authorities which may receive personal data in the course of a particular inquiry in accordance with Union law or the law of the Member States shall not be regarded as recipients.

j.

'Third party' means a natural or legal person, public authority, agency, or body other than the data subject, the controller, the processor, and the persons who, under the direct authority of the controller or the processor, are authorized to process personal data.

k.

'Consent' means any freely given, specific, informed, and unambiguous indication of the data subject’s wishes by which the data subject signifies agreement to the processing of personal data relating to them.

II. Data Subject Rights under Art. 12 et seq. GDPR and Art. 77 GDPR/Art. 25 et seq. DSG (CH)

1. Right to Object to Data Collection in Specific Cases and to Direct Marketing (Art. 21 GDPR)

If the data processing is necessary for the performance of a task carried out in the public interest or in the exercise of official authority or to protect the legitimate interests of the data controller or a third party (based on Art. 6(1)(e) or (f) GDPR and Art. 4 GDPR), you have the right to object, for reasons related to your particular situation, at any time to the processing of your personal data; this also applies to profiling based on these provisions. The specific legal basis for the processing is outlined in this privacy policy.

If you lodge an objection, we will no longer process your affected personal data unless we can demonstrate compelling legitimate grounds for the processing that override your interests, rights, and freedoms, or the processing is necessary for the establishment, exercise, or defense of legal claims.

If your personal data is processed for direct marketing purposes, you have the right to object at any time to the processing of your personal data for such marketing purposes; this also applies to profiling insofar as it is related to such direct marketing. If you object, your personal data will no longer be used for direct marketing purposes.

2. Withdrawal of Your Consent to Data Processing

Many data processing operations are only possible with your explicit consent. We obtain this consent before starting any data processing that requires it. You can withdraw your consent at any time. If the option to withdraw consent is not already provided through clickable links or browser settings, a simple notification to us via email is sufficient. The legality of the data processing carried out before the withdrawal remains unaffected by the withdrawal.

3. Right to Lodge a Complaint with the Relevant Supervisory Authority

Data subjects have the right to lodge a complaint with the relevant supervisory authority in the event of data protection violations. The competent supervisory authority for data protection matters is the data protection officer of the federal state in which our company is based. A list of data protection officers and their contact details can be found at the following link:

German Complaints Office:
https://www.bfdi.bund.de/DE/Service/Anschriften/Laender/Laender-node.html
BfDI - State Authorities (bund.de)

EU Complaints Office:
Complaints | European Data Protection Supervisor (europa.eu)

Swiss Complaints Office:
https://www.edoeb.admin.ch/edoeb/de/home.html
Home (admin.ch)

4. Right to Data Portability

You have the right to receive data that we process automatically based on your consent or in the performance of a contract, in a commonly used, machine-readable format and to transmit that data to you or another controller. If you request the direct transmission of data to another controller, this will only be done to the extent technically feasible.

5. Access, Rectification, Restriction, Erasure

You have the right, within the scope of applicable legal provisions, to access your stored personal data at any time, including information about its origin and recipients, the purpose of the data processing, and, if applicable, a right to rectification, restriction, or erasure of this data. For these and other questions regarding personal data, you may contact us at the address provided in Section I.2. above.

III. Data Processing during Informational Use of the Website, Technical Background, Cookies, etc.

1. Legal Basis and Storage Duration

If you have consented to the processing of your personal data according to Art. 4 No. 1 GDPR by us, Art. 6 (1) (a) GDPR and Art. 4 DSG CH serve as the legal basis for processing. Processing of personal data required to fulfill contractual or pre-contractual obligations is based on Art. 6 (1) (b) GDPR and Art. 4 DSG CH. If processing is necessary for the protection of our legitimate interests or those of a third party, and the interests, fundamental freedoms, and fundamental rights of the data subject do not override, Art. 6 (1) (f) GDPR and Art. 4 DSG CH serve as the legal basis for processing personal data. We indicate the applicable legal basis for the processing operations carried out by us below. Processing may also be based on multiple legal bases.

We specify how long data will be stored and when it will be deleted or blocked. The duration of data storage depends on the purpose of processing, the legal basis, and statutory retention periods.

If data processing is based on consent according to Art. 6 (1) (a) GDPR, the data will be stored until the data subject withdraws their consent.

If personal data is processed for direct marketing purposes based on Art. 6 (1) (f) GDPR, the data will be stored until the data subject exercises their right to object according to Art. 21 (2) GDPR.

If no explicit storage duration is provided below, your personal data will be deleted or blocked as soon as the purpose or legal basis for storage no longer applies.

However, storage may continue beyond the specified period in the event of (impending) litigation with you or other legal proceedings, or if storage is required by statutory provisions to which we are subject (e.g., Switzerland: Art. 958 lit. f OR & Art. 5 GeBüV; Germany: § 257 HGB, § 147 AO).

Once the statutory retention period expires, personal data will be blocked or deleted unless further storage is necessary and there is a legal basis for it.

2. Data Security

We implement appropriate technical and organizational security measures to protect your data against accidental or deliberate manipulation, partial or complete loss, destruction, or unauthorized access by third parties, taking into account the state of technology, implementation costs, the nature, scope, context, and purpose of processing, as well as the existing risks of a data breach (including the likelihood and impact) for the data subject. Our security measures are continuously improved in line with technological developments.

Upon request, we are happy to provide you with further information. Please contact our data protection officer (see above).

3. Data Processed during Informational Use of the Website

We can only provide you with the benefits of our online offering if certain data necessary for the operation of the website is collected. We collect this data when it is necessary to fulfill the contract between you and us (also in the form of terms of use for this website) according to Art. 6 (1) (b) GDPR and Art. 4 (3) DSG (CH) or if you have given your consent (Art. 6 (1) (a) GDPR and Art. 4 DSG (CH)). Additionally, we collect this data based on our legitimate interest if it is necessary for the functionality of the website and your interest in the protection of your personal data does not outweigh it (Art. 6 (1) (f) and Art. 4 (3) DSG (CH)).

During purely informational use of our website, i.e., if you do not register or provide us with other information, we collect and process the following technical data necessary to display our website:

Visited website Source/reference from which you accessed the page Device information: Access data includes IP address, device ID, device type, device-specific settings, date and time of retrieval, time zone, the amount of data transferred in bytes, and whether the data exchange was complete, device crashes, browser type, and operating system. These access data are processed to technically enable the operation of the website. Information with your consent: Other information (e.g., geo-location data, personal data such as name and email address) is processed if you permit us to do so.

Data will not be used for any other purposes or shared further. However, it may be necessary to review server log files retrospectively if there are concrete indications of unlawful use of the website.

4. Contacting Us

If you (proactively) contact us via a contact form or chat provided by us, the data you provide will be stored by us to respond to your request and for related technical administration. The legal basis for processing this data is our legitimate interest in addressing your concerns according to Art. 6 (1) (f) GDPR. Providing certain truthful data is necessary for processing your request, while other information is voluntary. Mandatory information required to respond to your request is marked as such, and the remaining information is voluntary. The data collected via a contact form can be identified in the respective contact form. The processing of the aforementioned data may be based on your consent if you have provided such during your contact according to Art. 6 (1) (a) GDPR and Art. 4 DSG CH, and, where special categories of personal data (e.g., health data or other 'sensitive' data) are concerned, according to Art. 9 (2) (a) GDPR and Art. 3 (c) DSG (CH). The collected personal data will be deleted immediately after your request is fully processed unless required for the initiation or execution of a contract with you according to Art. 6 (1) (b) GDPR and Art. 4 (3) DSG CH, or statutory retention obligations exist.

If you, as a businessperson, contact us via a contact form or email provided by us, your data may be stored in a customer service system, which may also be used to contact you for marketing purposes if you have granted us additional consent (see also the following section). Please ensure that you select the correct subject in contact forms with fixed subject options to avoid being mistakenly classified as a business customer and receiving a different response compared to consumers.

5. Sending Specific Information about Products and Services

With consent, we may later inform users of our website about specific products and services from Meyer Burger (especially the partner program). The personal data that can be used for sending information is specified in the input mask used for this purpose.

For legal reasons, a confirmation email will be sent to the email address provided by a data subject in the double-opt-in process. This confirmation email serves to verify whether the owner of the email address, as the data subject, has authorized the receipt of promotional content.

When registering/signing up or submitting contact form content, we also store the IP address assigned by the Internet Service Provider (ISP) of the computer system used by the data subject at the time of registration, as well as the date and time of registration. The collection of this data is necessary to trace any potential misuse of the email address of the data subject later and serves as legal protection for the data controller.

Consent to the processing of personal data provided by the data subject for the purpose of sending information can be withdrawn at any time with effect for the future.

6. Subscription to Our Newsletter

On our website, users are given the option to subscribe to our company's newsletter to receive regular information about our offers. The personal data transmitted to the data controller when ordering the newsletter is specified in the input mask used for this purpose.

With consent according to Art. 6 (1) (a) GDPR or Art. 6 (7) DSG (CH), we regularly inform our customers and business partners about our company's offers through a newsletter. The company’s newsletter can generally only be received if:

1.) the data subject has a valid email address and

2.) the data subject has registered for the newsletter.

A confirmation email will be sent to the email address initially registered for the newsletter for legal reasons in a double-opt-in process. This confirmation email serves to verify whether the owner of the email address has authorized the receipt of the newsletter. Activating the confirmation link constitutes consent to the use of your personal data.

When registering for the newsletter, we also store the IP address assigned by the Internet Service Provider (ISP) to the computer system used by the data subject at the time of registration, as well as the date and time of registration. This data collection is necessary to trace any potential misuse of the data subject's email address later and serves as legal protection for the data controller.

The personal data collected during newsletter registration is used solely for sending our newsletter. Subscribers may also be informed via email if this is necessary for the operation of the newsletter service or related registrations, such as changes to the newsletter offer or technical conditions. Personal data collected in the course of the newsletter service will not be shared with third parties. Subscription to our newsletter can be canceled by the data subject at any time. Consent to the storage of personal data given by the data subject for newsletter dispatch can be withdrawn at any time. To withdraw consent, there is a corresponding link in each newsletter. Additionally, you can unsubscribe from the newsletter directly on the data controller's website or inform the data controller in another way.

The data controller has integrated the Tensid marCo component from EQS Group AG, Schochenmühlestrasse 4, 6340 Baar, Switzerland, for newsletter registration on this website in accordance with Art. 28 GDPR. The purpose of this component is newsletter registration. Further information and the applicable data protection regulations of EQS Group AG can be found at switzerland.eqs.com. For Switzerland, the EU Commission has issued an adequacy decision according to Art. 45 (3) GDPR, finding that personal data in Switzerland enjoys adequate protection comparable to European data protection law.

Newsletter2Go by Brevo (Sendinblue GmbH) may also be used as additional newsletter software. Transmission of your data to Sendinblue GmbH is carried out within the framework of order processing according to Art. 28 GDPR. Sendinblue is also prohibited from selling your data or using it for purposes other than sending newsletters. Sendinblue is a German certified provider selected according to the requirements of the General Data Protection Regulation and the Federal Data Protection Act.

For more information, please click here: https://de.sendinblue.com/informationen-newsletter-empfaenger/?rtype=n2go

6a. Newsletter Tracking

Our newsletters may contain tracking pixels. A tracking pixel is a tiny graphic embedded in HTML-formatted emails to enable log file recording and log file analysis. This allows statistical evaluation of the success or failure of online marketing campaigns. Using the embedded tracking pixel, we can determine if and when an email was opened by a data subject and which links in the email were clicked by the data subject.

Personal data collected via the tracking pixels in newsletters is stored and evaluated by the data controller to optimize newsletter delivery and better tailor the content of future newsletters to the data subject’s interests. This personal data is not shared with third parties. Data subjects have the right to withdraw their separate consent given through the double-opt-in process at any time. After withdrawal, this personal data will be deleted by the data controller. Unsubscribing from the newsletter is automatically considered as withdrawal. After unsubscribing, we will promptly delete your email address from our newsletter distribution list so that you will no longer receive newsletters, unless you have explicitly consented to further use of the data.

7. Automated Processing and Use of Cookies

Cookies may be used for the operation of our website to make it more pleasant for the user or to enable certain functions. Cookies are small text files that are stored on your device’s memory and may be associated with the mobile device you are using, and through which certain information is transmitted to the place that sets the cookie. Cookies cannot run programs or transmit viruses to your device, and therefore cannot cause harm. They serve to make our internet offering generally more user-friendly and effective, i.e., more pleasant for you.

Cookies cannot directly identify a user but may contain data that allows the recognition of the device used. In some cases, cookies contain only information about certain settings that are not personally identifiable.

There is a distinction between session cookies, which are deleted once you end your internet session, and persistent cookies, which are stored beyond a single session. With regard to their function, cookies are further distinguished as follows:

Technically necessary cookies: These are essential for navigating our website, using basic functions, and ensuring the website's security. They do not collect information about you for marketing purposes and do not store which websites you have visited; Performance cookies: These collect information about how you use our website, which pages you visit, and whether, for example, errors occur while using the website. They do not collect information that could identify you - all collected information is anonymous and is only used to improve our website and find out what interests our users; Advertising cookies, Targeting cookies: These are used to offer you targeted advertising within our internet offering or from third-party offers and to measure the effectiveness of these offers; Advertising and targeting cookies are stored for a maximum of 36 months; Social cookies/Sharing cookies: These are used to improve the interactivity of our website with other services (e.g., social networks); Sharing cookies are stored for a maximum of 36 months.

According to Art. 6 para. 1 lit. b GDPR, the processing of your data by cookies used is either for the performance of a contract or for contract initiation, or according to Art. 6 para. 1 lit. f GDPR, to protect our legitimate interests. These interests are based on our desire to optimally design our website and achieve a user-friendly presentation.

Any use of cookies that is not strictly necessary is considered data processing that can only occur with your explicit and active consent according to Art. 6 (1) sentence 1 lit. a) GDPR, § 25 (1) German TTDSG and Art. 4 DSG CH. This particularly applies to the use of advertising, targeting, or sharing cookies. Additionally, we will only share your personal data processed through cookies with third parties if you have given us your explicit consent according to Art. 6 para. 1 sentence 1 lit. a) GDPR, § 25 para. 1 German TTDSG and Art. 4 DSG CH. Please note that when using cookies, your data may be transferred to recipients outside the EEA where there is no adequate level of data protection according to GDPR or DSG (CH) (e.g., USA). Details can be found in the subsequent description of the individual marketing tools.

This website uses cookies and similar functions to process device information and personal data. The processing serves to integrate content, external services, and third-party elements, statistical analysis/measurement, personalized advertising, and integration of social media. Depending on the function, data is transferred to third parties and processed by them in countries where there is no adequate level of data protection, e.g., the USA. Your consent is always voluntary, not required for the use of our website, and can be rejected or withdrawn at any time on our site.

Technically necessary
Cookie Consent Manager CCM19
Publisher
Papoo Software & Media GmbH

Description
Used to store the cookie consent - which cookies may be set. The status of the cookie settings can be determined for
you. The data is stored in categories.

Link to Privacy Policy
https://www.ccm19.de/datenschutzerklaerung.html

Local Storage:

Name Lifetime Description
ccm_consent 1 year Used to store the cookie consent agreement, which indicates which cookies may be set.
Legal basis
Art. 6 para. 1 sentence 1 lit. c GDPR

Place of processing
Bonn & Falkenstein, Germany

Analysis / Statistics
Adform
Publisher
Adform A/S

Analysis / Statistics
Adform is the ‘brand-led media platform’ in Europe. It combines media planning, buying, delivery, optimization, and reporting in one platform and offers a global solution for agencies, online advertisers, and publishers. The browser type used by the user and its settings. Information about the device's operating system. Information about cookie IDs and other identifiers assigned to the device. The IP address under which the device interacts with the customer’s website or mobile application; IP addresses may be truncated, encrypted, or both in accordance with local laws or other requirements. Information about user interactions and activities on websites and mobile applications, including the time of interaction or activity, involved internet addresses, and search terms entered in search engines. Information about the approximate geographical location of the device (city, state, postal code) when visiting a website or mobile application, derived from truncated IP address information or truncated GPS data. Adform processes only pseudonymous data. This means that no directly identifiable data can be entered into the platform. Data such as names, email addresses, phone numbers, and similar data are automatically rejected by the platform. The database is scanned daily for violations algorithmically and manually. Additionally, various measures such as IP truncation are automatically carried out through breach analysis.

https://site.adform.com/privacy-center/platform-privacy/product-and-services-privacy-policy/

What data is collected?
Browser information; Date and time of visit; Device ID; Usage data; Device operating system; Device information; Browser type; Search terms; Geographical location; Visited websites; Cookie ID; Viewed ads; Clicked ads; Mobile advertising IDs; Third-party information; Unique device ID; Cross-device ID; Partner ID

Purpose of data collection
Advertising; Analysis; Optimization; Content delivery; Statistics; Personalization; Tag management; Payment; Bot protection; Targeting; Retargeting; Social media; Website security; Conversion tracking; Conversion tracking; Customer data management; Search results; Personalized advertising content; Access measurement; Reach measurement; System security; Statistical purposes; Identity verification

Cookies:
Name Lifetime Description

Connect.sid 5184000 Indicates whether the user's browser accepts cookies.

TPC 1209600 Used to determine whether the user's browser accepts third-party cookies

GCM 86400 Indicates whether the existence of the partner cookie match should be re-validated

CM 86400 Indicates whether the presence of the partner cookie needs to be re-authenticated (set by AdServing)

CM14 1209600 Check if the partner cookie needs to be re-synchronized (cookie set for cookie synchronization) token End of session (browser)

otsid 3650 days

uid 5184000 Contains a unique identifier for identifying the user

cid 5184000 Unique value (e.g., uid) used to identify the user's cookie

adtrc 7 days Used to determine whether browser-related information is collected

SR 86400 Information on sequential rotation – including total impressions, daily impressions, total clicks, daily clicks, and date of last impression

CT 3600 Identify third-party pixel mappings for the last click on advertiser pages

EBFCD 604800 Determine the daily frequency limit for expanding banners

CFFC 604800

C 60 days to 3650 days Used to determine whether the user's browser accepts cookies

SR 1 day Unique metrics for recording ongoing ad information – including: total impressions, daily impressions, total clicks, daily clicks, and date of last impression

CT 1 hour Identify third-party pixel mappings for the last click on advertiser pages

EBFCD 7 days Capture the maximum number of impressions per day (frequency limit) to enlarge the ad (expandable)

EBFC 7 days Maximum total impressions for registered expandable ads (expandable) (frequency limit)

CFFC 7 days Maximum number of impressions for registered composite banners (frequency limit)

DigiTrust.v1.identity 7 days Unique value used to identify users from DigiTrust Independent Industry Entity

SR(RotatorID) 1 day Information on sequential rotation – including total impressions, daily impressions, total clicks, daily clicks, and date of last impression

CT(TrackingSetupID) 1 hour Determine the ownership of the last click on third-party pixels on advertiser pages

EBFCD(BannerID) 7 days Sets the daily frequency limit for expanding banners.

EBFC(BannerID) 7 days Determine the overall frequency limit for expanding banners

CFFC(TagID) 7 days

Legal basis
Consent, Art. 6 para. 1 lit. a GDPR

Place of processing

European Union

Google Analytics 4

Publisher

Google Ireland Limited

Description

Collects statistics on website usage. (Distance measurement) Browser information (browser type, referral/exit pages, files viewed on our site, operating system, timestamp and/or clickstream data) Usage data (views, clicks) IP address (we have enabled IP anonymization (hence - IP masking) (your IP address, so your IP address is truncated by Google in the EU and EEA before transmission, so no further conclusions about the person are possible. Only this anonymized IP address is transmitted to Google.)

Link to Privacy Policy

https://policies.google.com/privacy?hl=en

What data is collected?

Browser information; Click path; Date and time of visit; Location information; Internet service provider; Device information; Referrer URL; Screen resolution; Mouse movements; Anonymized IP address; Visit duration; Account data; Bounce rates; Downloads; Behavioral data; App updates

Purpose of data collection

Analysis; Marketing

Cookies:

Name Lifetime Description

_ga 24 months Collects statistics on website usage. (Distance measurement)

_gid 24 hours This cookie is used to collect website usage statistics.

_gac_gb_* 90 days Contains event information. If you have linked your Google Analytics account with your Google Ads account, the 'Conversions' tab on the Google Ads site reads this cookie, unless you disable this feature.

_ga_* 2 years Used to retrieve session status.

Legal basis

Consent, Art. 6 para. 1 lit. a GDPR, Art. 49 para. 1 lit. a GDPR

Place of processing

European Union

Google Tag Manager

Publisher

Google Ireland Limited

Description
This is a tag management system. With Google Tag Manager, tags can be integrated centrally via the user interface. Tags are small code snippets that can track activities. Script code for other tools is integrated via Google Tag Manager. The Tag Manager can control when certain tags are activated.

Link to the Privacy Policy
https://policies.google.com/privacy?hl=en

What data is collected?
Aggregated data about tag triggers; Aggregated data for tag triggers; No data collected

Purpose of data collection
Tag management; Functionality; Lead generation; Website tag management; Manage website tags; Network analysis; Manage tags and scripts on this website; Ensure comfortable use of our website

Cookies:
Name Duration Description
cookiePreferences 2 years Cookie settings for registered users
mat_ep n.a. Collect cross-site visitor data - this data is used to increase ad relevance.
_dc_gtm_UA-.* n.a. Used by Google Tag Manager to control the loading of Google Analytics script code.
_gcl_au 4 months Google Tag Manager uses cookies to track and store conversions.
_dc_gtm_UA-* Session Used by Google Tag Manager to control the loading of Google Analytics script code.
Legal basis
Consent, Art. 6 para. 1 lit. a GDPR, Art. 49 para. 1 lit. a GDPR

Place of processing
European Union

Hotjar
Publisher
Hotjar Limited

Description
Hotjar uses cookies and other technologies to collect information about user behavior and their devices. It captures the device's IP address (logged and stored only in anonymized form), screen size, device type (unique device identifiers), browser information, geographic location (country only), preferred language for displaying the website. Hotjar stores this information in pseudonymized user profiles. Hotjar or we do not use this information to identify individual users or to match it with other data about individual users.

Link to the Privacy Policy
https://www.hotjar.com/legal/policies/privacy

What data is collected?
Browser information; Date and time of visit; IP address; Device operating system; Referrer URL; Browser type; Geographical location; Screen resolution; Device type; Visited pages; Mouse movements; Domain name; Unique device identifier; Language information; Clicks; Unique user identifier; Survey responses

Purpose of data collection
Advertising; Analysis; Content delivery; Service improvement; Tag management; Cloud computing; Bot protection; Website security; Online audio distribution; Enabling downloads; Feedback; Tracking acceptance; Measuring ad performance; Managing website tags; System security; Selecting simple ads; Measuring ad performance; Measuring content performance; Using market research to gain audience insights

Cookies:
Name Duration Description
_hjClosedSurveyInvites 31557600 This Hotjar cookie is set once the user interacts with an external link in the survey invitation mode. It is used to ensure that the same invitation does not reappear if it has already been shown.
_hjDonePolls 31557600 Hotjar cookie. This cookie is set once a visitor has voted using the survey widget. It is used to ensure that the same record does not reappear once it has been created.
_hjMinimizedPolls 31557600 Hotjar cookie. This cookie is set once a visitor minimizes the survey widget for comments. It is used to ensure that widgets remain minimized while visitors browse your website.
_hjShownFeedbackMessage 31557600 Hotjar cookies are set when the user minimizes or completes incoming feedback. This is done so that when the user navigates to another page configured to display, the incoming feedback loads minimized immediately.
_hjid 31557600 We use Hotjar to better understand our users' needs and optimize the offerings on this page. Hotjar's technology allows us to better understand our users' experience (e.g., how much time users spend on which pages, which links they click, what they like and dislike, etc.) and helps us improve our offerings so that user feedback is consistent.
_hjTLDTest Session When the Hotjar script is executed, we try to determine the most commonly used cookie path instead of the website hostname. This is done so that cookies (if any) can be shared between subdomains. To determine this, we attempt to store the _hjTLDTest cookie for various URL substring alternatives until this fails. After this check, the cookie is deleted.
_hjUserAttributesHash Session User attributes sent through the Hotjar Discovery API are cached during the session to determine when attributes have changed and need to be updated.
_hjCachedUserAttributes Session This cookie stores user attributes sent through the Hotjar Discovery API when the user is not in the sample. Collected properties are only stored on the Hotjar server when the user interacts with the Hotjar feedback tool, but cookies are used regardless of the feedback tool's presence.
_hjLocalStorageTest Under 100 ms This cookie is used to check if the Hotjar recognition script can use local storage. If so, set the value 1 in this cookie. Data stored in _hjLocalStorageTest has no expiration time but is deleted immediately after creation, so the expected storage time is less than 100 ms.
_hjIncludedInPageviewSample 30 Minutes Hotjar uses cookies and other technologies to collect information about our users' behavior and their devices (in particular, the IP address of the device (collected and stored only in anonymized form), screen size, device type (unique device identifiers), information about the browser used for browsing, location (country only), preferred language for displaying our website). Hotjar stores this information in pseudonymized user profiles. Hotjar or we do not use this information to identify individual users or to match it with other data about individual users.
_hjIncludedInSessionSample_* 30 Minutes This cookie is set to inform Hotjar when the user is included in the data sample defined by your site's daily session limit.
_hjAbsoluteSessionInProgress 30 Minutes Hotjar uses cookies and other technologies to collect information about our users' behavior and their devices (in particular, the IP address of the device (collected and stored only in anonymized form), screen size, device type (unique device identifiers), information about the browser used for browsing, location (country only), preferred language for displaying our website). Hotjar stores this information in pseudonymized user profiles. Hotjar or we do not use this information to identify individual users or to match it with other data about individual users.
_hjFirstSeen 30 Minutes This is set to identify the first session of a new user. It stores a true/false value indicating whether Hotjar sees the user for the first time. This is used by registration filters to identify new user sessions.
hjViewportId 0 Stores information about the user's viewing area such as size and dimensions.
_hjRecordingEnabled n.a. This is attached to the beginning of the recording and played when the recording engine initializes to see if the user is already recording in a particular session.
_hjSessionUser {site_id} 31557600 This cookie is set when the user first accesses a page containing a Hotjar script. This stores the unique Hotjar user ID for this site in the browser. This ensures that subsequent visits to the same site are attributed to the same user ID.
_hjSession{site_id} 1800 This cookie contains current session data. It ensures that subsequent requests within the session window are attributed to the same Hotjar session.
_hjSessionTooLarge n.a. This cookie forces Hotjar to stop collecting data if the session becomes too long. WebSocket server signals automatically detect this when the session size exceeds the limit.
_hjSessionRejected n.a. If present, this cookie is set to "1" for the duration of a user session when Hotjar rejects the session's connection to the WebSocket due to server overload. This cookie is used only in rare cases to avoid severe performance issues.
_hjSessionResumed n.a. The cookie set when the session/recording reconnects to the Hotjar server after disconnection.
_hjIncludedInSample 365 Days Hotjar uses cookies and other technologies to collect information about our users' behavior and their devices (in particular, the IP address of the device (collected and stored only in anonymized form), screen size, device type (unique device identifiers), information about the browser used for browsing, location (country only), preferred language for displaying our website). Hotjar stores this information in pseudonymized user profiles. Hotjar or we do not use this information to identify individual users or to match it with other data about individual users.
_hjDoneTestersWidgets 365 Days Hotjar cookie. This cookie is set once a visitor enters their information into the "Recruit User Testers" widget. It is used to ensure that the same form does not reappear once filled.
_hjMinimizedTestersWidgets 365 Days Hotjar cookie. This cookie is set when a visitor minimizes the website's user tester widget. It is used to ensure that widgets remain minimized while visitors browse your website.
_hjptid Session This cookie is set for Hotjar users logged in with admin rights for team members. It is used for price tests to show administrators consistent pricing across the website.
_hjSession_ 30 Minutes A cookie that contains data from the current session. It ensures that subsequent requests within the session window are attributed to the same Hotjar session.
_hjRecordingLastActivity Session Must be stored in session storage (as opposed to a cookie). It is updated when the user survey starts and when data is sent via WebSocket (user performs actions recorded by Hotjar).
_hjSession.* n.a. A cookie that contains data from the current session. It ensures that subsequent requests within the session window are attributed to the same Hotjar session.
_hjViewportId n.a. User viewport information such as size and dimensions are stored here.
_hjSessionUser_­* 365 Days Hotjar cookie that is set when a user first visits a page containing a Hotjar script. This stores the unique Hotjar user ID for this page in the browser. This ensures that subsequent visits to the same site are attributed to the same user ID.
_hjSession_* 26 Minutes n.a.
_hjCookieTest n.a. n.a.

Local Storage:
Name Duration Description
hjActiveViewportIds n.a. n.a.
Legal Basis
Consent, Art. 6 para. 1 lit. a GDPR

Place of Processing
European Union

Bing Ads Retargeting
Provider
Microsoft Corporation

Description
It is a retargeting service that helps websites reconnect with previous visitors.

Link to Privacy Policy
https://privacy.microsoft.com/en/PrivacyStatement

What data is collected?
Cookie information; IP address; Referrer URL; URL; Browser language; Screen resolution; Digital signature; Microsoft Click ID; Page title; Page load time; IP Address; Version of UET; Event information; Microsoft Click ID; Browser language; Screen resolution; cookie information; Digital signature; Page title; Version of UET; Event information; Page load time

Purpose of data collection
Retargeting

Cookies:
Name Duration Description
_uetsid 1800 This is a tracking cookie used for targeted advertising.
MUID 33696000 This is a user ID tracking cookie used to count valid clicks on targeted ads.
MUIDB 33696000 This is a user ID tracking cookie used by Microsoft Bing Ads for targeted advertising.
_uetvid 1382400 It is used to track visitors across various websites to display relevant ads based on the visitor's preferences.
Legal Basis
Art. 6 para. 1 sentence 1 lit. a GDPR

Place of Processing
European Union

Outbrain
Provider
Outbrain Inc.

Description
Outbrain is the leading SEO platform for the open web. Our technology enables one-third of online consumers worldwide to discover new things through recommendation feeds on their favorite media, and connects advertisers with these audiences to grow their business.

Link to Privacy Policy
https://www.outbrain.com/legal/privacy

What data is collected?
Date and time of visit; Device operating system; Device information; Referrer URL; Browser type; Visited websites; Anonymized IP address

Purpose of data collection
Advertising; Conversion tracking

Cookies:
Name Duration Description
outbrain_cid_fetch n.a. This cookie determines how the user accessed the website. Website operators use this information to measure the effectiveness of their marketing.
cookieJartestCookie 1 day
obuid 3 months A cookie from the Outbrain provider assigns a unique identifier to a user, allowing third parties to display relevant advertisements.
apnxs 4 months To display relevant content and advertisements to visitors – this service is provided by a third-party advertising center.
criteo 1 month A cookie from the Outbrain provider assigns a unique identifier to a user, allowing third parties to display relevant advertisements.
mdfrc 4 months Used in conjunction with SEO and conversion optimization. Collect all user reports or behavioral data in the website owner's report. This service is provided by a third-party analytics service.
adrl 4 months This cookie stores data about the visitor. This information is used to optimize ad relevance.
ttd 4 months Used in conjunction with SEO and conversion optimization. Collect all user reports or behavioral data in the website owner's report. This service is provided by a third-party analytics service.
bdswch 3 months Used to display relevant content and advertisements to visitors. The service is provided by a third-party advertising center that allows advertisers to bid in real-time.
pwrlnks 29 days Collect data about user visits to the website, such as the number of visits, average time spent on the website, and pages visited.
adot 29 days Collect data about user visits to the website, such as the number of visits, average time spent on the website, and pages visited.
zmnta 29 days Collect data about user navigation and behavior on the website. It is used to create statistical reports and heatmaps for website operators.
rtbhs 29 days Collect information about user preferences and/or interactions with web campaign content – this is the CRM campaign platform used by the website owner to promote campaigns or products.
sid_key Session
actvagnt 29 days Collect information about user behavior on various websites. This information is used to optimize the relevance of ads on the website.
sid Session
Legal Basis
Consent, Art. 6 para. 1 lit. a GDPR

Place of Processing
United States of America

Twitter
Provider
Twitter

Description
These are third-party Twitter cookies. These cookies allow users to log into their Twitter account when they want to share content on our website with their friends. These cookies do not allow us to access your account or provide us with confidential information about your account. These cookies also enable Tweet news feeds to appear on the website.

Link to Privacy Policy
https://twitter.com/en/privacy

Cookies:
Name Lifespan Description
gt 1 year Twitter uses these cookies to support plug-in integrations with our website. If you use the Tweet plugin and are logged into your Twitter account, Twitter sets some of these cookies to remember that you are logged in. Twitter also uses cookies for its own analytics purposes.
_twitter_sess Session Twitter uses these cookies in conjunction with social plugins to allow users to easily follow Twitter accounts, share content, and view the latest tweets.
ads_prefs 2 years These cookies enable us to track visitor activities for Twitter ads on our website and allow users to share content on our website. These cookies do not provide us with confidential information about your account.
auth_token 2 years These cookies enable us to track visitor activities for Twitter ads on our website and allow users to share content on our website. These cookies do not provide us with confidential information about your account.
csrf_same_site 2 years These cookies enable us to track visitor activities for Twitter ads on our website and allow users to share content on our website. These cookies do not provide us with confidential information about your account.
csrf_same_site_set 2 years These cookies enable us to track visitor activities for Twitter ads on our website and allow users to share content on our website. These cookies do not provide us with confidential information about your account.
dnt 2 years These are third-party Twitter cookies. These cookies allow users to log into their Twitter account when they want to share content on our website with their friends. These cookies do not allow us to access your account or provide us with confidential information about your account. These cookies also enable the appearance of tweet news feeds on the website.
eu_cn 2 years These are third-party Twitter cookies. These cookies allow users to log into their Twitter account when they want to share content on our website with their friends. These cookies do not allow us to access your account or provide us with confidential information about your account. These cookies also enable the appearance of tweet news feeds on the website.
external_referer 2 years Our website uses a Twitter button to allow our visitors to follow our promotional Twitter feed, sometimes the feed is embedded on our website.
kdt 2 years These are third-party Twitter cookies. These cookies allow users to log into their Twitter account when they want to share content on our website with their friends. These cookies do not allow us to access your account or provide us with confidential information about your account. These cookies also enable the appearance of tweet news feeds on the website.
remember_checked_on 2 years These cookies enable us to track visitor activities for Twitter ads on our website and allow users to share content on our website. These cookies do not provide us with confidential information about your account.
rweb_optin 2 years These cookies enable us to track visitor activities for Twitter ads on our website and allow users to share content on our website. These cookies do not provide us with confidential information about your account.
syndication_guest_id 2 years To gather information on users' browsing behavior for marketing purposes, including digital ads and social media advertising.
twid 2 years These cookies enable us to track visitor activities for Twitter ads on our website and allow users to share content on our website. These cookies do not provide us with confidential information about your account.
tfw_exp 2 years These cookies enable us to track visitor activities for Twitter ads on our website and allow users to share content on our website. These cookies do not provide us with confidential information about your account.
ct0 persistent This cookie is used for Twitter integration and the sharing function.
guest_id 2 years This cookie is used for Twitter integration and the sharing function.
personalization_id 2 years Used by Twitter.com to determine the number of website visitors through Twitter advertising content, which can be used for targeted advertising.
pid n.a. This cookie allows website visitors to use Twitter-related functions on the websites they visit.
external_reference 7 days This cookie is used for Twitter integration and the sharing function.
lang Session
remember_check_on Unknown This cookie is used for Twitter integration and the sharing function.
tfw_ex 14 days This cookie is used for Twitter integration and the sharing function.
Legal Basis
Consent, Art. 6(1)(a) GDPR

Location of Processing
European Union

Ads
Google Ads Conversion Tracking
Publisher
Google Ireland Limited

Description
This is a conversion tracking service. This service tracks what happens when a user visits a website and clicks on an ad we serve through Google Ads. With conversions, we measure whether users perform a specific action (e.g., subscribing to a service) on a website specified by us after clicking on an ad served through Google Ads. This allows us to track which keywords, ads, ad groups, or campaigns led to the desired user interaction.

Link to Privacy Policy
https://policies.google.com/privacy?hl=en

What data is collected?
Date and time of visit; IP address; Referrer URL; Browser type; Browser language; Cookie ID; User behavior; Clicked ads; Web requests

Purpose of data collection
Analysis; Content delivery; Service improvement; Cloud computing; Bot protection; Measuring the success of marketing campaigns; Conversion tracking; Customer data management; Customer behavior analysis; Personalized advertising content; Conversion optimization

Cookies:
Name Lifespan Description
test_cookie 900 Tests if your browser allows the installation of cookies. Contains no identifiers.
IDE 31557600 Contains a randomly generated user ID. This ID allows Google to identify users across different websites and show them personalized ads.
_gcl_aw 7776000 This cookie is set when a user clicks on a Google ad to visit a website. It contains information about the clicked ad, so that successes such as an order or a contact request can be attributed to the ad.
_gcl_dc_ 7776000 This cookie is set when a user clicks on a Google ad to visit a website. It contains information about the clicked ad, so that successes such as an order or a contact request can be attributed to the ad.
Legal Basis
Art. 6(1)(a) GDPR

Location of Processing
European Union

Facebook Pixel
Publisher
Meta Platforms Ireland Ltd.

Description
This is a tracking technology provided by Facebook and used by other Facebook services. It is used to track visitors' interactions with the website (“events”) after they have clicked on ads offered on Facebook or other Meta services (“conversions”).

Link to Privacy Policy
https://www.facebook.com/privacy/explanation

What data is collected?
Browser information; Location information; IP address; Usage data; Device operating system; Device information; Referrer URL; Browser type; User Agent; Geographical location; Facebook user ID; HTTP headers; Visited pages; Interactions with ads, services, and products; User behavior; Viewed ads; Viewed content; Clicked items; Marketing information; Pixel ID; Facebook cookie information; Usage/click behavior; Device ID; Non-sensitive custom data; Success of marketing campaigns; IP address; Location information; Device information; Facebook user ID; Non-sensitive custom data; Pixel-specific data; User behavior; Ads viewed; Interactions with ads, services, and products; Marketing information; Content viewed; Browser information; Conversion goals; Visitor ID; Facebook user ID; Pixel-specific data; Browser information; Location information; Device information;

Purpose of data collection
Advertising; Analysis; Font delivery; Service improvement; Marketing; Personalization; Tag management; Payment; Cloud computing; Bot protection; Functionality; Retargeting; Website security; Conversion tracking; Recommendations; Buyer protection; Feedback; Tracking; Geolocation; Accept tracking; Customer behavior analysis; Analytics; Tracking; Search results; Success measurement; Access measurement; Reach measurement; Manage tags and scripts on this website; Research; Location identification; Lead generation; Managing customer reviews; Website monitoring; Providing online chats; Tracking ID; Facilitate payments; Improve service; Provide a marketplace for marked data; Trend analysis; Display ads; Processing applications; Provide software solutions; Digital advertising; Product updates; Company news; Sponsorship news; Website design; Create targeted advertising graphics;

Cookies:
Name Lifespan Description
_fbp 3 months Facebook cookies are used for website analytics, targeting, and ad measurement.
act 1 year Facebook cookies for website analytics, ad targeting, and measurement.
c_user 1 year Facebook cookies for website analytics, ad targeting, and measurement.
datr 1 year Facebook cookies for website analytics, ad targeting, and measurement.
fr 1 year Facebook cookies for website analytics, ad targeting, and measurement.
m_pixel_ration 1 year Facebook cookies for website analytics, ad targeting, and measurement.
pl 1 year Facebook cookies for website analytics, ad targeting, and measurement.
presence 1 year Facebook cookies for website analytics, ad targeting, and measurement.
sb 1 year Facebook cookies for website analytics, ad targeting, and measurement.
spin 1 year Facebook cookies for website analytics, ad targeting, and measurement.
wd 1 year Facebook cookies for website analytics, ad targeting, and measurement.
xs 1 year Facebook cookies for website analytics, ad targeting, and measurement.
AA003 3 months Collects information about visitor behavior across different websites. This information is used on the website to optimize ad relevance.
ATN 2 years Facebook does not provide a description for these cookies.
Legal Basis
Art. 6(1) GDPR, Art. 49(1)(a) GDPR

Location of Processing
European Union

Specialist Partners
Google Maps
Publisher
Google Ireland Limited

Description
We have integrated Google Maps to provide you with a better browsing experience on our website.

Link to Privacy Policy
http://www.google.com/intl/en/policies/privacy/

What data is collected?
Date and time of visit; Location information; IP address; Usage data; URL; Search terms; Geographical location; IP address; Usage of the embedded map service (clicks, map view changes, etc.); URLs

Purpose of data collection
Content delivery; Font delivery; Service improvement; Displaying maps; Personalization; Displaying content; Social media; Website security; Displaying maps; Improving Google products and services; Providing a marketplace for marked data

Cookies:
Name Lifespan Description
NID 15778800 This cookie stores information about user settings and information about Google Maps.

Local Storage:
Name Lifespan Description
goog_pem_mod persistent Used to send data about the device and visitor behavior to Google Analytics. Tracks visitors across devices and marketing channels.
Legal Basis
Consent, Art. 6(1)(a) GDPR, Art. 49(1)(a) GDPR

Location of Processing
European Union

Additionally, it is possible to configure the browser to notify the website user about cookie placement. This allows users to decide whether to accept cookies for specific cases or to generally exclude them.

Cookie settings are managed differently depending on the browser, which can be found in the browser’s help menu. For assistance, example links are provided below:

Google Chrome
Clear Cookies:
Clear, allow, and manage cookies in Chrome - Computer - Google Chrome Help

Mozilla Firefox
Clear Cookies:
Delete cookies and site data in Firefox | Firefox Help (mozilla.org)

Microsoft Edge
Clear Cookies:
Clear cookies in Microsoft Edge - Microsoft Support

Opera
Clear Cookies: please visit the provider's website under Settings / Security and Privacy, as no direct link is provided.

Safari
Clear Cookies: please visit the provider's website under Settings / Privacy, as no direct link is provided.

8. Google Maps

This website uses the Google Maps service through an API interface. The provider is Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA.

To use the features of Google Maps, it is necessary to store your IP address. This information is usually transferred to and stored on a Google LLC server in the USA. The provider of this site has no control over this data transfer.

The use of Google Maps is in the interest of providing an attractive presentation of our online offerings and an easy way to locate the places specified on our website. This represents a legitimate interest on our part pursuant to Art. 6(1)(f) GDPR, § 25(2) TTDSG, and Art. 4 DSG (CH).

For more information on how user data is handled, please refer to Google’s privacy policy:

Privacy Policy – Privacy & Terms – Google.

9. Google Analytics

If you have given your consent, this website uses Google Analytics 4, a web analytics service provided by Google LLC. The data controller for users in the EU/EEA and Switzerland is Google Ireland Limited, Google Building Gordon House, 4 Barrow St, Dublin, D04 E5W5, Ireland (“Google”).

Scope of Processing: Google Analytics uses cookies to enable analysis of your use of our websites. The information collected via cookies about your use of this website is generally transmitted to and stored on a Google server in the USA.

For Google Analytics 4, IP address anonymization is enabled by default. Due to IP anonymization, your IP address is truncated by Google within member states of the European Union or in other contracting states to the Agreement on the European Economic Area. Only in exceptional cases is the full IP address transmitted to a Google server in the USA and truncated there. According to Google, the IP address transmitted by your browser as part of Google Analytics is not combined with other Google data.

During your visit to the website, your user behavior is recorded in the form of 'events'. Events may include:

Page views
First visit to the website
Session start
Your 'click path', interaction with the website
Scrolls (every time a user scrolls to the end of the page (90%))
Clicks on external links
Internal search queries
Interaction with videos
File downloads
Viewed/clicked ads
Language settings

Additionally, the following is recorded:
Your approximate location (region)
Your IP address (in truncated form)
Technical information about your browser and the devices you use (e.g., language settings, screen resolution)
Your internet service provider
The referrer URL (which website/advertisement led you to this website)
Purpose of Processing: On behalf of the operator of this website, Google will use this information to evaluate your pseudonymous use of the website and to compile reports on website activities. The reports provided by Google Analytics are used to analyze the performance of our website and the success of our marketing campaigns.

Recipients

Recipients of the data are/can be

Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland (as data processor under Art. 28 GDPR)
Google LLC, 1600 Amphitheatre Parkway Mountain View, CA 94043, USA
Alphabet Inc., 1600 Amphitheatre Parkway Mountain View, CA 94043, USA
It cannot be ruled out that U.S. authorities may access the data stored by Google.

Data Retention: The data we send and link with cookies will be automatically deleted after 2 months. Data retention is automatically carried out once a month.

Legal Basis: The legal basis for this data processing is your consent according to Art. 6(1)(a) GDPR.

Revocation: You can revoke your consent at any time with future effect by accessing the cookie settings and changing your selection:
The legality of the processing carried out based on the consent until the revocation remains unaffected.

You can also prevent cookies from being stored in the first place by configuring your browser software accordingly. However, if you configure your browser to reject all cookies, this may lead to limitations in functionality on this and other websites. Additionally, you can prevent the collection of data generated by the cookie and related to your use of the website (including your IP address) by Google, as well as the processing of this data by Google, by

a.

not consenting to the setting of the cookie or

b.

downloading and installing the browser add-on to disable Google Analytics here.

10. Recipients; Transfer to Third Countries

Within our company, departments responsible for processing inquiries have access to your data. Additionally, we use external service providers, particularly data processors in accordance with Art. 28 GDPR and Art. 10 Para. 1 DSG CH, where we cannot provide services ourselves or where it is unreasonable to do so. These external service providers primarily include IT and telecommunications service providers. If certain service providers are explicitly mentioned, you can find further information in their respective privacy policies. Furthermore, we may share your data with external service providers for handling your inquiries (especially installers or sales partners) when using our website, who may provide you with additional offers.

Transfers to third countries outside the European Economic Area (EEA) occur only under certain conditions as outlined in Art. 44ff GDPR and Art. 6 Para. 2 DSG (CH).

The European Commission has granted certain third countries an adequacy decision, confirming that they provide a level of data protection comparable to the EEA standard. A list of these countries and copies of the adequacy decisions can be found here:

In English
https://commission.europa.eu/law/law-topic/data-protection/international-dimension-data-protection/adequacy-decisions_en

In German
https://commission.europa.eu/law/law-topic/data-protection/international-dimension-data-protection/adequacy-decisions_de?etrans=de

In other third countries to which personal data may be transferred, a uniformly high level of data protection may not be guaranteed due to the absence of legal provisions. In such cases, we ensure that adequate data protection is maintained through binding corporate rules, standard contractual clauses of the European Commission for the protection of personal data (available at https://commission.europa.eu/publications/standard-contractual-clauses-international-transfers_de),

certifications, or recognized codes of conduct. You may contact our Data Protection Officer if you require further information on this matter.

Transfer to Third Countries and Google Analytics: Where data is processed outside the EU/EEA and there is no equivalent level of data protection to the European standard, we have established an appropriate level of data protection with the service provider by using EU Standard Contractual Clauses. The parent company of Google Ireland, Google LLC, is based in California, USA. Data transfer to the USA and access by U.S. authorities to the data stored by Google cannot be ruled out. The USA is currently considered a third country from a data protection perspective. You do not have the same rights as within the EU/EEA, and legal remedies against access by authorities may not be available.

Notice on the Adequacy Decision: USA

On February 28, 2023, the European Commission adopted the adequacy decision for the EU-U.S. Data Privacy Framework (successor to the 'Privacy Shield'). This adequacy decision now serves as the basis for data transfers to certified organizations in the USA.

Meyer Burger ensures the lawfulness of the transfer by checking before transferring personal data to U.S. organizations whether they are certified under the EU-U.S. Data Privacy Framework.

Whether organizations are certified by the U.S. Department of Commerce can be verified through the following link:

https://www.dataprivacyframework.gov/s/participant-search

10. Minors

Our website is not intended for children. Individuals under the age of 16 are not permitted to submit personal data or provide consent without the approval of their legal guardians. We strongly advise parents, guardians, and minors to comply with GDPR requirements and not to circumvent age restrictions.

11. No Automated Decision-Making (including Profiling)

We do not intend to use the personal data collected from you for automated decision-making (including profiling).

IV. Special Notes on Data Processing in the Context of Additional Features

1. Installer Finder

To show you installers in your area, we process the following personal data based on a contract:

Name and surname
Address
Email address
Geo-location data
The legal basis for processing this data is Article 6(1)(b) GDPR.

2. Use of the Solar Calculator

When you use the solar calculator, we use the data you input to provide you with a corresponding non-binding offer and additional information such as potential savings. With your consent, we may also contact you for informational and marketing purposes using the contact details you provided. Furthermore, if you also consent to this, we will forward your data to up to three selected installers in your region to provide further consultation and a non-binding offer. Providing certain accurate data (particularly name, address, geo-location data, roof area based on satellite images from third-party services, heating type, email address) is necessary to process your request and provide you with a PDF summary. The processing of the aforementioned data is based on your consent, which you express by entering data into the form, according to Article 6(1)(a) GDPR. The collected personal data will be deleted no later than 24 months after it is no longer required for the initiation or performance of a contract with you.

V. Data Processing in the Recruitment Context

1. Processing Purposes, Categories of Personal Data

We process the application data mentioned in this section for the purpose of initiating or performing an employment relationship or a similar employment relationship to the extent described below.

In particular, the following categories of data may be processed:
General Personal Data (name, address and other contact details, application photo, date of birth, nationality, marital status, and any other (potentially sensitive) data you provide)
Professional Data (professional contact information, current position, responsibilities, current employer, current compensation, notice period, possession status, restrictions).
Experience Data (previous positions and employers, education, vocational training, experience, skills)
Future-oriented Data (wishes and expectations, assessments, potential areas of application, placement ideas)
Other Data (information about your professional life that you provide through the application).

2. Additional Data Processing by the Data Controller; Legal Basis for Data Processing

If you contact us proactively, we process the data you provide during the initial contact, as well as any additional data we request.

We treat and process all information (including resumes, certificates, and qualifications) as application data, as well as any other information (e.g., from phone interviews or personal meetings). This is done for the contractual or pre-contractual purposes mentioned above.

Providing certain accurate data is necessary to process your request; further information (including the submission of a photo) is optional.

As far as your data is required for the recruitment process, Article 88 GDPR in conjunction with § 26 of the Federal Data Protection Act (BDSG) and Article 4 of the Swiss Data Protection Act (DSG) is the legal basis for processing your data.

If the data concerns special categories of personal data (e.g., health data, union or religious affiliation, or other 'sensitive' data), processing is based on your consent according to Article 9(2)(a) GDPR and DSG (CH), which you have expressed by disclosing this data.

If your application is successful and an employment relationship is established, your data will be stored for the duration of the employment relationship. After you leave the company, we will process your data for evidence purposes for up to three years.

The processed personal data will be deleted if processing is no longer necessary for contract performance or if you request deletion as part of your rights as a data subject. This usually occurs no later than six (6) months after the conclusion of the application process, if there are no longer retention obligations. If no hiring takes place, in individual cases, a longer retention period of 24 months from the last individual contact with you may apply—e.g., to defend against potential AGG claims—based on our legitimate interests according to Article 6(1)(f) GDPR and Article 4 DSG CH.

VI. Miscellaneous

Changes to This Privacy Policy

We reserve the right to amend this privacy policy at any time, in accordance with legal requirements.

01/2024