Privacy Policy

Introduction

With the following Data Protection Declaration, we hope to be able to provide information about the types of your personal data (hereinafter also referred to as “data”) that we process, as well as the reasons for and extent of that processing. The Data Protection Declaration applies to all of the processing of personal data carried out by us, both in the course of the provision of our services and in particular on our websites, in mobile applications as well as within external online sites, such as our social media profiles (hereinafter referred to collectively as the “online content”).

The terms used are not gender-specific.

Version: August 12, 2025

Privacy Policy

Security Measures

User Registration

Legal Notice

Privacy Policy

The S-MILES CLOUD APP (“the APP”) is the management system used in the smart PV solution from Hoymiles Power Electronics Inc. (hereinafter referred to as “Hoymiles”) to allow PV device installers and PV device owners to monitor and manage their equipment and smart PV devices. This Data Protection Declaration explains the data protection practices of the APP for the user.

The S-MILES CLOUD commitment to data protection

The S-MILES CLOUD respects your entitlement to privacy. Your ability to make informed decisions concerning the use of your data is important to us. This Data Protection Declaration explains the S-MILES CLOUD policies regarding the collection, use, disclosure, and protection of personal data. The terms of this Data Protection Declaration apply to information collected from you unless there are other terms specified as part of a special offer or in a different form or contract that we provide to you.

Types of Data Processed
  • Inventory data.
  • Payment data.
  • Contact data.
  • Content data.
  • Contract data.
  • Usage data.
  • Meta, communication, and process data.
  • Project and plant data.
Categories of Data Subjects
  • Customers.
  • Interested parties.
  • Users.
  • Business and contractual partners.
  • Employees, contractors, representatives and other personnel of the above-mentioned entities.
Purposes of Processing
  • Provision of contractual services and fulfillment of contractual obligations.
  • Providing the Hoymiles website and S-MILES CLOUD APP services as agreed between us.
  • Contact requests and communication.
  • Security measures.
  • Office and organizational procedures.
  • Managing and responding to inquiries.
  • Feedback.
  • Marketing.
  • Provision of our online content and user-friendliness.
  • Information technology infrastructure.
  • Improvement, research and development of products and services. Providing functionality, analyzing performance, fixing errors, and improving the usability and effectiveness of our products and services.

We process data of our contractual and business partners, e.g., customers and interested parties (referred to collectively as “contractual partners”) in the context of contractual and comparable legal relationships as well as related measures and in the context of communication with contractual (or pre-contractual) partners, e.g., to answer inquiries.

We process this data in order to fulfill our contractual obligations. This includes, in particular, the obligations to provide the agreed services, any obligations regarding updating, and remedies for warranty problems and other service issues. Furthermore, we process the data to protect our rights, perform administrative tasks associated with these obligations, and organize our business. Furthermore, we process the data based on our legitimate interests in correct business management, as well as in security measures to protect our contractual partner and our business operations from misuse, risks to your data, secrets, information, and rights (e.g., for the participation of telecommunications, transportation, and other auxiliary services as well as subcontractors, banks, tax and legal advisors, payment service providers, or tax authorities). In accordance with the applicable law, we only pass data from contractual partners on to third parties as required for the aforementioned purpose or for the fulfillment of legal obligations. The contractual partner will be informed about other forms of processing, e.g., for marketing purposes, in the context of this Data Protection Declaration.

We will inform the contractual partners which data is required for the aforementioned purposes, either before or during the data collection process, e.g., in online forms, through special markings (e.g., color coding) or symbols (e.g., asterisks, etc.), or in person.

We delete the data after the expiry of the statutory warranty and comparable obligations, i.e., in principle, after a period of 4 years unless the data is stored in a customer account, e.g., as long as it needs to be stored for legal reasons governing archiving. The statutory period is ten years for tax-related documents, as well as for trading books, inventories, opening balance sheets, annual financial statements, work instructions, and other administrative documents and accounts, and six years for commercial and business letters received and copies of commercial and business letters sent. This period commences at the end of the calendar year in which the last entry was made in the book, or the inventory, opening balance sheet, annual financial statement or management report was prepared, or the commercial or business letter received or sent, or the account created, recording made or other document created.

Insofar as we use third-party providers or platforms to provide our services, the terms and conditions and the data protection information of these third-party providers or platforms shall apply to the relationship between the users and providers.

  • Data Types Processed: Inventory data (e.g., names, addresses); payment data (e.g., bank details, invoices, payment history); contact data (e.g., e-mail, telephone numbers, job role); contract data (e.g., object of contract, duration, customer category); usage data (e.g., websites visited, interest in content, access times, electricity production and consumption data, export and import rate, electricity costs forecast, saving information and data relating to comparisons against other energy sources); meta, communication, and process data (e.g., IP addresses, times, identification numbers, consent status); project and plant data (e.g. site address including latitude and longitude, solar panels system design, measurement relating to the project site and property, roof type including azimuth and tilt).
  • Data Subjects: Customers; interested parties; Business and contractual partners; users; and employees, contractors, representatives and other personnel of the aforementioned entities.
  • Purposes of Processing: Provision of contractual services and fulfillment of contractual obligations; Providing the Hoymiles website and S-MILES CLOUD APP services as agreed; security measures; contact requests and communication; office and organizational procedures. Managing and responding to inquiries.
  • Legal Principles: Consent (GDPR Art. 6 Section 1 Pt. 1 Subsection a); Contract fulfillment and pre-contractual inquiries (GDPR Art. 6 Section 1 Pt. 1 Subsection b); legal obligation (GDPR Art. 6 Section 1 Pt. 1 Subsection c). Legitimate interests (GDPR Art. 6 Section 1 Pt. 1 Subsection f).
More Information on Data Processing, Procedures, and Services
  • Customer Account: Customers can create an account within our online content (e.g., customer or user account, referred to as a “customer account”). If customers need to register a customer account, they will be informed of this, and shown the necessary information for registration. Customer accounts are not public and cannot be indexed by search engines. As part of the registration process, as well as subsequent logins and uses of the customer account, we store the customer IP addresses along with access times, in order to be able to provide proof of registration and prevent any misuse of the customer account. If a customer account is terminated, the customer account data will be deleted after the termination date unless it is stored in the customer account for purposes other than provision or needs to be stored for legal reasons (e.g., internal storage of customer data, order processing, or invoices). The customer is responsible for securing their data on termination of the customer account; Legal Principles: Contract fulfillment and pre-contractual inquiries (GDPR Art. 6 Section 1 Pt. 1 Subsection b).
  • Provision of Software and Platform Services: We process the data of our users, registered users, and any test users (hereinafter referred to as “users”) to be able to provide our contractual services to them as well as on the basis of legitimate interests in order to ensure the security of our offer and to be able to improve it further. The required information is identified as such in the context of the conclusion of the order, purchase order, or comparable contract and includes details required for the provision of services and invoicing, as well as contact details to be used for arranging any consultations; Legal Principles: Contract fulfillment and pre-contractual inquiries (GDPR Art. 6 Section 1 Pt. 1 Subsection b).
Relevant Legal Principles Under GDPR

Below, you will find an overview of the GDPR legal principles implemented by us as the basis for personal data processing. Please note that, in addition to the provisions of the GDPR, there may be national data protection regulations applicable in your or our country of residence or domicile. Where there are more specific legal principles also relevant in individual cases, we will inform you about them in the Data Protection Declaration.

  • With your consent (GDPR Art. 6 Section 1 Pt. 1 Subsection a) - We may process personal information with your consent or as otherwise instructed by you.
  • Contract Fulfillment and Pre-contractual Inquiries (GDPR Art. 6 Section 1 Pt. 1 Subsection b) - The processing is required for the fulfillment of a contract where the data subject is one of the contracting parties or for the implementation of pre-contractual measures at the request of the data subject.
  • Legal Obligation (GDPR Art. 6 Section 1 Pt. 1 Subsection c) - The processing is required for the fulfillment of a legal obligation of the data controller.
  • Legitimate Interests (GDPR Art. 6 Section 1 Pt. 1 Subsection f) - The processing is required for protection of the legitimate interests of the data controller or a third party, except where this is overridden by such interests or the fundamental rights and freedoms of the data subject, requiring protection of personal data.
National Data Protection Regulations in Germany

In addition to the GDPR data protection regulations, the national regulations concerning data protection in Germany shall apply. In particular, this includes the law covering misuse of personal data in data processing (BDSG - the German Federal Data Protection Act). The BDSG, in particular, contains special regulations concerning the right to information, right to deletion, right to objection, the processing of special categories of personal data, processing for other purposes and transmission, as well as automated decision-making in individual cases, including profiling. Furthermore, individual federal state data protection laws may apply.

Security Measures

In accordance with the legal requirements, we take appropriate technical and organizational measures, taking account of the state of the art, the implementation costs, and the type, scope, circumstances, and purposes of the processing as well as the varying probabilities of occurrence, and the extent of any threat to the rights and freedoms of individuals, in order to ensure an appropriate level of protection for the risk.

The measures include, in particular, ensuring the confidentiality, integrity, and availability of data by controlling physical and electronic access to the data, as well as data access, input, disclosure, ensuring availability and separation. We have also established procedures to ensure the exercise of the rights of the data subject, deletion of data, and responses to threats to the data. Furthermore, we already take the protection of personal data into account when developing or selecting hardware, software, and procedures, following the principle of data protection through technology design and default privacy settings.

TLS/SSL encryption (https): For the protection of user data transmitted via our online services, we use TLS/SSL encryption. Secure Sockets Layer (SSL) is the standard technology used to secure Internet connections by encrypting the data transmitted between a website or app and a browser (or between two servers). Transport Layer Security (TLS) is an updated and more secure version of SSL. Hyper Text Transfer Protocol Secure (HTTPS) is shown in the URL wherever a website is secured by an SSL/TLS certificate.

Collecting Personal Data

We collect personal data provided to us by those who:

  • register to use the APP or to receive our newsletter
  • use the APP to provide information about their account
  • place an order online or purchase products or services
  • contact our customer support service by phone, e-mail, or web chat
  • use the APP to perform operations related to equipment and devices, in which case:

    (1) We collect plant addresses, latitude and longitude as well as information about the plant operation.

    (2) We collect basic data about the devices attached to the plant, such as the device name, model, version, status, settings, and historical data.

    (3) If the charging pile is used in the plant, we collect the operating data from the charging pile (e.g., working mode, temperature, power, voltage, and charged energy) and the configuration of the charging pile (scheduled charging task, etc.).

    (4) When conducting energy storage safety analysis and providing alerts for energy storage devices, we collect data at the energy storage subsystem level (e.g., electronic device labels and device status) and data at the battery rack level (e.g., rack current, rack voltage, highest cell temperature, and lowest cell temperature), data at the battery pack level (e.g., battery pack voltage and current), data at the cell level (e.g., cell voltage and current), and basic information about the battery pack (e.g., battery type, nominal capacity, and cell manufacturer).

    (5) To detect and connect to devices through Wi-Fi/Bluetooth, we collect the information from the Wi-Fi or Bluetooth. When connecting to a device by Wi-Fi, you need to get the Wi-Fi SSID, BSSID, and MAC address of the device. The Wi-Fi information above is used only for display. If the Wi-Fi information is not provided, the device connection will not be affected. When connecting to a device by Bluetooth, you need to get the Bluetooth name, UUID, and MAC address of the device. If the information is not specified, the device cannot be connected by Bluetooth. The data mentioned above is only collected during the connection, with local processing, not uploaded to the server. When using the above functions, you can activate the “Local network” (iOS) or “Connect to nearby device” (Android)/Bluetooth (iOS) at the same time to log in to the device by Wi-Fi or Bluetooth.

When using the APP, the execution log information is recorded, including IP information, app error information, your operating information, and information about interaction with devices. After exporting device logs, the app will save a copy of the device logs that may contain important execution parameters and alarm information for the devices. This app will not collect any other logs on your mobile phone without authorization. All the logs are stored locally and are not uploaded to the server. You can upload logs to the server manually to analyze log information, diagnose the execution status of the applications, and identify and locate any application errors.

We can collect some information automatically when you visit the APP, such as the application with which you connected to us, as well as the time and date of your visit, any purchases, and activities. We also collect information received from third parties, where they have stated that they have entered into an agreement concerning the connectivity of the Hoymiles products with the APP. The APP does not intentionally collect any personal data from children under the age of 16, and you need to be at least 18 years old to set up an account in the APP.

Use of Personal Data

As part of our processing of personal data, the data may sometimes be transmitted to other bodies, companies, legally independent organizational entities, or individuals or disclosed to them. Those receiving this data may include, for example, service providers commissioned with IT tasks or providers of services and content integrated into a website. In these cases, we comply with the legal requirements and, in particular, conclude corresponding contracts or agreements with data recipients to protect your data.

The personal data collected by us is used to identify security issues on devices, protect plant security, process your requests or transactions, send you important notifications (e.g., alarms, regular maintenance, as well as update and installation notifications), correct application errors, provide a high-quality service for you, and customize the APP according to your preferences, as well as inform you about certain goods and services that we believe to be of potential interest to you. If you prefer not to receive promotional information from us, we will make it easy for you to tell us this. You can contact us at any point to refuse advertising information (see “Selection” section below).

Transfer of Personal Data

The S-MILES CLOUD will not sell or transfer personal data to a third party without your prior consent. The S-MILES CLOUD will not share or disclose personal data to third parties without your prior consent, except in the limited circumstances described below in the “Disclosures” section.

International Data Transfer

Data processing in third countries: If we process data in a third country (i.e., a country outside the European Union (EU) or the European Economic Area (EEA)), or if the processing is carried out in the context of the use of third-party services or the disclosure or transfer of data to other persons, bodies or companies, this will only take place in compliance with the legal requirements. If the level of data protection in the third country has been recognized by an adequacy decision (GDPR Art. 45), this forms the basis for the data transfer. Otherwise, data transfers will only take place where the level of data protection is otherwise secured, in particular by standard contractual clauses (GDPR Art. 46 Section 2 Subsection c), explicit consent, or in the case of legally required or contractual transmission (GDPR Art. 49 Section 1). In addition, we will inform you about the basic aspects of the third-country transmission with individual providers from the third country, with adequacy decisions taking precedence as the foundation. Information about transfers to third countries and existing adequacy decisions is included in the information provided by the EU Commission: https://commission.europa.eu/law/law-topic/data-protection/international-dimension-data-protection_en?prefLang=de.

EU-US Trans-Atlantic Data Privacy Framework: As part of the “Data Privacy Framework” (DPF), the EU Commission has also recognized the level of data protection as secure for specific companies from the USA in the context of the adequacy decision of 10.07.2023. The list of certified companies and further information about the DPF are provided on the website of the US Department of Commerce at https://www.dataprivacyframework.gov/ (in English). In the context of data protection information, we will tell you which service providers we use, certified under the Data Privacy Framework.

Disclosures

We may disclose personal data in good faith, with the belief that we are required to do so by law or that it is reasonably necessary in order to comply with legal processes or contractual requirements, respond to claims, or protect the rights, property, or personal safety of Hoymiles, our customers, or the public. Information about our customers, including personal data, may be disclosed if this is necessary for legitimate purposes, e.g., as part of or during negotiations for a merger, sale of company assets, or acquisition. With the exceptions indicated above, we hold a policy of obtaining an individual’s consent if we intend to process their personal data.

We may share personal data with third party companies and individuals that provide services on our behalf or help us operate our business. Examples include fulfilling orders for products or services, payment processors, customer support, hosting, analytics, email delivery, marketing, database management. These third-party service providers have access to personal data needed to perform their functions, but may not use it for other purposes.

Protection of Personal Data

The S-MILES CLOUD has implemented security measures to protect personal data against loss, misuse, or modification as long as they are under our control. The personal data that we collect is stored electronically. We implement technical, contractual, administrative, and physical measures to protect ourselves from unauthorized access.

Account information is accessible online only with the use of a password. To protect the confidentiality of personal data, you must keep your password confidential and not disclose it to others. If there are other people with access to your e-mail address, they could obtain access to your password and receive personal data concerning you, or they could change information about your user profile.

Although we take appropriate measures to safeguard the information stored in our database, and we ensure that access to information is restricted solely to those employees who need that access to carry out their professional duties, such as our customer service and technical personnel, we cannot guarantee the security of account information. The security of account information could be compromised at any time by unauthorized access or use, hardware or software failure, and other factors. We cannot guarantee the security of the information that you provide to us, so we do urge you to take every precaution to protect your personal data when you are online. Make sure you change your passwords frequently and use combined letters and numbers. Make sure you use a secure browser.

Aggregated Data

Personal data does not include “aggregated” data. Aggregated data is data that we collect about a group or category of products, services, or customers, from which individual customer identities have been removed, and this information cannot be used to identify a specific individual. Aggregated data also includes all information or data that we collect from inverters and power optimizers and that is available to you via the S-MILES CLOUD. In other words, information about the way you use a service may be collected and combined with information about how other people use the same service, but the resulting data will not include any personal data. Similarly, information about the products or services that you have used or purchased is collected and combined with information about products and services used or purchased by others, but the resulting data will not include any personal data. Among other things, aggregated data is used to help understand trends and customer requirements when considering new products and services and adjust existing products and services to match customer preferences.

The S-MILES CLOUD recognizes the importance of protecting the privacy of the personal data that you provide to us. The S-MILES CLOUD uses and publishes anonymized aggregated data for the purpose of evaluating and improving our services and customizing our products, as well as for commercial purposes. The S-MILES CLOUD may decide, at its own sole discretion, to transfer, sell, provide, or disclose such information to third parties, including Hoymiles' business partners, for commercial purposes.

Deletion of Data

The data processed by us will be deleted immediately, in accordance with the legal requirements, if you withdraw your consent for processing or if other permissions are no longer applicable (e.g., if the purpose for processing this data ceases to apply, or it is not required for the purpose). If the data is not deleted because it is required for other legally permissible purposes, processing of this data will be limited solely to those purposes. This means that the data will be blocked and not processed for other purposes. This applies, for example, to data that must be retained for reasons of commercial or tax law or whose storage is necessary for the assertion, exercise, or defense of legal claims or for the protection of the rights of another individual or legal entity. Our data protection notices may also include further information on the storage and deletion of data, primarily applicable to relevant processing operations.

What are cookies, and do you have to accept them?

Read more about our cookie policy.

Online Links to Other Websites

The APP enables users to link to other third-party websites that provide useful information. All information provided by you on such linked sites is provided directly to the third party concerned and is subject to the third party's privacy policy. The APP is not responsible for the content or the data protection practices of the linked websites. Links from the APP to third-party or other websites are provided for your convenience. We encourage you to learn about the data protection practices of individual websites before you provide any data to them.

Updating, Checking, or Correcting Personal Data

You can update, check, or correct your online account information in the S-MILES CLOUD at any time by accessing your password-protected personal account management page. You can also contact us to correct any other information about yourself by emailing us at service@hoymiles.com or by calling us at the phone numbers provided at https://www.hoymiles.com/contact-us/.

Questions or Concerns

If you have any questions or concerns about this Data Protection Declaration or you would like to contact us for any reason, you can call us at the phone numbers provided at https://www.hoymiles.com/contact-us/ or use any other contact method indicated in the “Selection” section.

Changes to This Declaration

The APP reserves the right to change this Data Protection Declaration at any time, but will notify you of any changes made by indicating the date of the most recent update at the end of the Data Protection Declaration. We encourage you to read our Data Protection Declaration to ensure that you understand how your data will be used. If any substantial change is ever made in the way that we use your data, and the new uses are not related to the uses mentioned in this declaration, the new version of the privacy policy will be presented in the APP to give you the choice of accepting or acknowledging those changes before continuing to use the APP.

Rules of Use for Third-party SDKs or APIs

In order to provide and optimize our services, the APP uses the Baidu Maps SDK, Google Maps SDK, and Bugly SDK. The Baidu Maps SDK and Google Maps SDK are used for geolocation (1. Select the plant location on the map when you are building a plant. 2. Show plant locations on the map). The Bugly SDK is used for counting and recording the BUG logs displayed during the running process of the APP for BUG analysis.

(1) You can find the data protection declaration for the Baidu Maps SDK here: https://map.baidu.com/zt/client/privacy/index.html

(2) You can find the data protection declaration for the Google Maps SDK here: https://policies.google.com/privacy?hl=zh-CN&gl=sg

(3) You can find the privacy policy for the Bugly SDK here: https://static.bugly.qq.com/bugly-sdk-privacy-statement.pdf

User Registration

Consent

If you send us any inquiries during registration, we will store your information provided in the inquiry form, including your contact details, to process the inquiry and any potential follow-up questions. We will not pass on this data without your consent.

The data entered during registration is, therefore, processed exclusively on the basis of your consent (GDPR Art. 6 Section 1 Subsection a). You may revoke this consent at any time. It is sufficient to notify us informally by e-mail of your wish to revoke the consent. The legality of the data processing operations carried out prior to the revocation of the consent stands unaffected.

The data you provide us during registration will remain with us until you ask us to delete it or revoke your consent to its storage or the purpose of its storage ceases to apply (e.g., after your request has been processed). Mandatory legal provisions, in particular retention periods, remain unaffected.

Social Media

We maintain our online content within social networks and process user data in this context in order to communicate with active users there or to provide information about us.

We would like to point out that user data may be processed outside the European Union. This could present risks for users because, for example, it could make it more difficult to enforce user rights.

Moreover, user data within social networks will usually be processed for market research and advertising purposes. For example, usage behaviors and the resulting interests of users can be processed to form usage profiles. Such usage profiles can then be used, for example, to place advertisements within and outside of social networks that are presumably appropriate to user interests. For these purposes, cookies are usually stored on users’ computers, where the usage behavior and interests of the user are stored. Moreover, data can also be stored in usage profiles independently of the devices used by users (especially if users are members of the respective platforms and are logged in to them).

For a detailed description of the respective forms of processing and the opt-out options, please refer to the data protection declarations and the information provided by operators of the respective networks.

Regarding requests for information and assertion of the rights of data subjects, we also wish to note that these can be asserted most effectively with the providers. Only the providers have access to user data and can take appropriate measures and provide information directly. If you still need help, you can contact us.

  • Data Types Processed: Contact data (e.g., e-mail, phone numbers); content data (e.g., entries made in online forms); usage data (e.g., websites visited, interest in content, access times); meta, communication, and process data (e.g., IP addresses, times, identification numbers, consent status).
  • Data Subjects: users (e.g., website visitors, users of online services).
  • Purposes of Processing: contact requests and communication; feedback (e.g., collecting feedback by means of an online form). Marketing.
  • Legal Principles: Legitimate interests (GDPR Art. 6 Section 1 Pt. 1 Subsection f).
More Information on Data Processing, Procedures, and Services:
  • Facebook pages: Profile within the social network Facebook; Service provider: Meta Platforms Ireland Limited, Merrion Road, Dublin 4, D04 X2K5, Ireland; Legal Principles: Legitimate interests (GDPR Art. 6 Section 1 Pt. 1 Subsection f); Website: https://www.facebook.com; data protection declaration: https://www.facebook.com/about/privacy; basis for third-country transfer: EU-US Data Privacy Framework (DPF), standard contractual clauses (https://www.facebook.com/legal/EU_data_transfer_addendum); additional information: Together with Meta Platforms Ireland Limited, we are responsible for collecting (but not carrying out any other processing) data from visitors to our Facebook page (“Fan Page”). This data includes information about types of content users view or interact with or the actions they take (see “Things you and others do and provide” in the Facebook Data Policy: https://www.facebook.com/policy), as well as information about the devices used by users (e.g., IP addresses, operating system, browser, language settings, cookie data; see “Device information” in the Facebook Data Policy: https://www.facebook.com/policy). As explained in the Facebook Data Policy under “How do we use this information?”, Facebook also collects and uses information to provide analytical services referred to as “Page Insights” for site operators to help them understand how people interact with their pages and the associated content. We have concluded a special agreement with Facebook (“Information about Page Insights,” https://www.facebook.com/legal/terms/page_controller_addendum), which, in particular, regulates which security measures need to be observed by Facebook, and in which Facebook has agreed to fulfill the rights of data subjects (i.e., users can, for example, send information or deletion requests directly to Facebook). The rights of users (in particular, their rights to information, deletion, objection, and complaint to the competent supervisory authority) are not restricted by agreements with Facebook. More information can be found under “Information about Page Insights” (https://www.facebook.com/legal/terms/information_about_page_insights_data). The joint responsibility is limited to the collection of the data and its forwarding to Meta Platforms Ireland Limited, a company based in the EU. Meta Platforms Ireland Limited is solely responsible for further processing of the data, in particular, the forwarding of the data to the parent company Meta Platforms, Inc. in the USA.
  • LinkedIn: Social network; Service Provider: LinkedIn Ireland Unlimited Company, Wilton Place, Dublin 2, Ireland; Legal Principles: Legitimate interests (GDPR Art. 6 Section 1 Pt. 1 Subsection f); Website: https://www.linkedin.com; data protection declaration: https://www.linkedin.com/legal/privacy-policy; basis for third-country transfer: EU-US Data Privacy Framework (DPF), standard contractual clauses (https://legal.linkedin.com/dpa); option to object (Opt-Out): https://www.linkedin.com/psettings/guest-controls/retargeting-opt-out; additional information: Together with LinkedIn Ireland Unlimited Company, we are responsible for the collection (but not carrying out any other processing) of data from visitors to create “Page Insights” (statistics) for our LinkedIn profiles.

    • This data includes information about the types of content that users view or interact with, or actions they take, as well as information about the devices users use (e.g., IP addresses, operating system, browser, language settings, cookie data) and information from the user’s profile, such as job function, country, industry, level in hierarchy, company size, and employment status. Data protection information about the processing of user data by LinkedIn is provided in LinkedIn’s data protection policy: https://www.linkedin.com/legal/privacy-policy

    We have concluded a special agreement with LinkedIn Ireland (“Page Insights Joint Controller Addendum (the ‘Addendum’)”, https://legal.linkedin.com/pages-joint-controller-addendum), which, in particular, regulates which security measures need to be observed by LinkedIn, and in which LinkedIn has agreed to fulfill the rights of data subjects (i.e., users can, for example, send information or deletion requests directly to LinkedIn). The rights of users (in particular, their rights to information, deletion, objection, and complaint to the competent supervisory authority) are not restricted by agreements with LinkedIn. The joint responsibility is limited to the collection of the data and its forwarding to the Ireland Unlimited Company, a company based in the EU. The Ireland Unlimited Company is solely responsible for further processing of the data, in particular, the forwarding of the data to the parent company LinkedIn Corporation in the USA.

  • X: Social network; Service Provider: Twitter International Company, One Cumberland Place, Fenian Street, Dublin 2 D02 AX07, Ireland; Legal Principles: Legitimate interests (GDPR Art. 6 Section 1 Pt. 1 Subsection f). data protection declaration: https://twitter.com/privacy, (Settings: https://twitter.com/personalization).
  • Photovoltaic forum https://www.photovoltaikforum.com/core/datenschutzerklaerung/
Google Analytics

Based on our legitimate interests (i.e., interest in the analysis, optimization, and economic operation of our online content in the sense of GDPR Art. 6 Section 1 Subsection f), we use Google Analytics, a web analysis service from Google LLC (“Google”). Google uses cookies. The information generated by the cookie about the use of the online content by the users is usually transmitted to a Google server in the USA and stored there.

Google is certified under the Privacy Shield Agreement, offering a guarantee that it will comply with European data protection law (https://www.privacyshield.gov/…000001L5AAI&status=Active).

Google will use this information on our behalf to evaluate the use of our online content by users, to compile reports on activities within this online content, and to provide us with other services related to the use of this online content and the Internet. As part of this process, pseudonymous usage profiles of users may be generated using the data processed.

We only use Google Analytics with IP anonymization activated. This means that Google will shorten the user's IP address within the member states of the European Union or in other signatory states to the Agreement on the European Economic Area. The full IP address will only be transmitted to a Google server in the USA and shortened there under exceptional circumstances.

The IP address sent by the user’s browser will not be merged with other data from Google. Users can prevent cookies from being stored by setting up their browser software appropriately; users can also prevent Google from collecting data generated by cookies related to their use of the online content and from processing such data by downloading and installing the browser plug-in available on the following link: http://tools.google.com/dlpage/gaoptout?hl=de.

Further information on data usage by Google, settings, and opt-out options is provided in Google's data protection declaration (https://policies.google.com/technologies/ads) as well as in the settings for advertisements displayed by Google (https://adssettings.google.com/authenticated).

Users’ personal data will be deleted or anonymized after a period of 14 months.

Target Group Creation with Google Analytics

We use Google Analytics to display advertisements placed by Google and its partners within advertising services only to those users who have also shown an interest in our online content or who have specific characteristics (e.g., interests in particular topics or products based on the websites visited) that we send to Google (“Remarketing” or “Google Analytics Audiences”). With the help of Remarketing Audiences, we also hope to ensure that our advertisements are appropriate for the potential interest of users.

Rights of the Data Subjects

Rights of the data subjects under the GDPR: As a data subject, you hold various rights under the GDPR, in particular arising from GDPR Art. 15 to 21:

  • Right to object: You shall have the right to object, on grounds relating to your particular situation, at any time to the processing of personal data concerning you which is based on point (e) or (f) of Article 6(1) of the GDPR, including profiling based on those provisions. Where personal data are processed for direct marketing purposes, you shall have the right to object at any time to the processing of personal data concerning you for such marketing, which includes profiling to the extent that it is related to such direct marketing.
  • Right to withdraw consent: You shall have the right to withdraw your consent at any time.
  • Right of access: You shall have the right to request confirmation as to whether or not personal data concerning you is being processed and to request information about this data, as well as additional information and a copy of your personal data in accordance with legal requirements.
  • Right to rectification: In accordance with legal requirements, you shall have the right to demand the rectification of inaccurate personal data concerning you and to have incomplete personal data completed.
  • Right to erasure and restriction of processing: In accordance with legal requirements, you shall have the right to request the erasure of personal data concerning you without undue delay or, alternatively, to request a restriction of processing of your personal data.
  • Right to data portability: In accordance with legal requirements, you shall have the right to receive the personal data concerning you, which you provided to us, in a structured, commonly used, and machine-readable format, and have the right to transmit those data to another controller.
  • Right to lodge a complaint with a supervisory authority: Without prejudice to any other administrative or judicial remedy, you shall have the right to lodge a complaint with a supervisory authority, in particular, in the Member State of your habitual residence, place of work, or place of the alleged infringement if you consider that the processing of personal data relating to you infringes the GDPR.