Thank you for your interest in our website, our services, and our products. The protection of your personal data is very important to us. In this Policy, you will find information about how we handle your information collected through your use of our website and services. The processing of your data takes place in accordance with the legal regulations on data protection.
2. CONTACT INFORMATION
Responsible Data Processor for Europe:
Creating Clean Energy Solution
Phone: +832 792 0462
The Woodlands, Texas
Data Protection Officer- Contact Data for Europe:
4. INFORMATION & PERSONAL DATA COLLECTED BY 4SunEnergy
We receive and collect personal information in various ways, such as:
- personal information that we receive directly from you via email, telephone, fax, letter etc;
- personal information that we receive from you when you call us, visit, order /use our products and services including this website;
- personal information obtained from other sources that are commercially and lawfully available.
5. USE OF YOUR PERSONAL DATA – IN GENERAL
We use your personal data that we have from you to facilitate our communication with you, to improve it, to offer you our services and products as well as to continually develop them. These are e.g.:
- provision of products and services (newsletters, product warranties, offers, etc);
- carrying out marketing and sales activities (for example, lead generation, market research, customer surveys, performance review of specific marketing activities);
- creation and processing of orders & contracts including billing, delivery, warranty management.
6. USE OF YOUR PERSONAL DATA – IN DETAIL:
a. Visiting our website
When visiting our website, it is technically necessary that data is transmitted to our web server via your internet browser. The following data is recorded during an ongoing connection for communication between your Internet browser and our web server:
- IP address of the requesting computer
- Visited domain
- Date and time of the request
- Web page from which the file was requested
- Access status (file transfer, file not found, etc.)
- Web browser used and operating system used
- Language and version of the browser software
- Transmitted amount of data
We collect the data mentioned to ensure a fast connection of the website and to facilitate a comfortable use of our website by users. In addition, the log file serves the evaluation of system security and stability as well as administrative purposes. The legal basis for the temporary storage of data or log files is Art. 6 para. 1 lit. f GDPR.
For reasons of technical security, in particular to ward off attacks on our web server, this data may be temporarily stored by us. A conclusion to individual persons is not possible based this data. There is no evaluation of this data except for statistical purposes in anonymous form. No merge of this data with data from other data sources is performed.
b. Contact Forms and E-Mail inquiries
If you send us via contact form or e-mail inquiries, your information contained in this inquiry, including the contact details you provided therein are stored with us for the purpose of processing the request and in case of follow-up questions. We will never share this information without your consent outside the 4SunEnergy. The legal basis for processing the data is our legitimate interest in answering your request in accordance with Art. 6 para. 1 lit. f GDPR and Art. 6 para. 1 lit. b GDPR, if your request is for the conclusion of a contract. Your data will be deleted after final processing of your request, provided that no legal storage requirements are in conflict.
You have the possibility to register for certain services provided on our website and to create a user profile (e.g. for the 4SunEnergy Solar Professional Program, registration of warranty cases). As part of the registration and setup, we collect and use the following personal data:
- First name, last name, salutation
- Postal address
- E-mail address
- Date and time of registration
In addition, voluntary information may be provided (eg telephone number, etc.).
Compulsory information, which is made for the purpose of the registration, are indicated in the input mask with an asterisk indication as obligatory field. Your user account gives you the opportunity to use other parts of our website and to log in for the services you are registered. Legal basis of the data processing is your consent Art. 6 Abs. 1 lit. a GDPR or Art. 6 para. 1 lit. b GDPR, if processing is required to provide the requested services. Your data will be deleted as soon as the user account on our website is deleted and there are no statutory storage requirements. A change and / or deletion of your user account, including the data you have provided, can usually be done directly in your user account after logging in or by sending a message to the responsible data processor as given in Section 2 above.
If you would like to receive the newsletter offered on our website with regular information about our offers and products, we need your e-mail address as a mandatory entry. For sending the newsletter, we use the so-called double-opt-in procedure. This means that we will only send you our newsletter by e-mail if you have expressly confirmed to us that you agree to the sending of newsletters. In the first step, you will receive an e-mail with a link that you have to use to confirm that you, as the owner of the corresponding e-mail address, wish to receive newsletters in the future. By this confirmation, you give us your consent in accordance with Art. 6 para. 1 lit. a GDPR, that we may use your personal data for the purpose of the desired newsletter dispatch.
When registering for the newsletter, we store, in addition to the e-mail address required for the shipment, the IP address you used to subscribe to the newsletter and the date and time of registration and confirmation in order to prevent possible misuse to understand later.
You can unsubscribe from the newsletter at any time via the link inserted in each newsletter or an e-mail to the responsible data processor as given in Section 2 above. After cancellation, your e-mail address will be deleted immediately from our newsletter distribution, as far as you have not expressly consented to a continued use of the collected data or the continued processing is otherwise permitted by law.
e. Collection and Processing of Personal Data in case of applications
We furthermore collect personal data when you apply for a position with us. As part of the recruitment procedure, we may forward your personal data to the respective group company (in the EU, in the US or also in Singapore), which has advertised the job and / or is involved in the application process. The processing of this personal data by us is required for the performance of the recruiting process, including setting up an electronic job applicant file, managing your application, organizing interviews – in short, the processing is necessary for us to execute the job interview process and potentially to enter into an employment contract with you. The processing is based on Art. 6 para. 1 lit. b GDPR.
f. Contractual Relationship and Warranty-/Guarantee- Management
The processing of the personal data provided by you in connection with a quotation, a contract and / or the execution of the contract also in the event of a warranty or guarantee claim is required for the execution of the underlying contractual relationship and/or if we are required by law to collect, (e.g. to comply with retention periods to the tax authorities). It is based on Art. 6 (1b) and (c) GDPR. The data will be deleted as soon as they are no longer required for the aforementioned purposes.
g. Google Analytics
Our website uses Google Analytics, a web analytics service provided by Google Inc. (“Google”). Google Analytics uses so-called cookies. These are text files that are stored on your computer and that allow an analysis of the use of the website by you. The information generated by the cookie about your use of this website is usually transmitted to a Google server in the USA and stored there. We only use Google Analytics with activated IP anonymization. This means that the IP address of the users is shortened by Google within member states of the European Union or in other contracting states of the Agreement on the European Economic Area, whereby a person-relatedness can be excluded. US-based Google Inc. is certified to the US Privacy Shield, which ensures compliance with the level of data protection in the EU. The processing is carried out in accordance with Art. 6 para. 1 lit. f GDPR or § 15 Abs. 3 TMG based on our legitimate interest in the statistical analysis of user behavior for optimization and marketing purposes.
You may configure your browser settings as needed and may, for example, object to the acceptance of cookies. However, please note that in this case you may not be able to use all the functions of the website.
h. Google Maps
This website uses Google Maps API on the basis of Art. 6 para. 1 lit. f) GDPR to illustrate geographic information. When using Google Maps, Google also collects, processes and uses data about the use of the map functions by visitors. For further information on data processing by Google, please refer to Google’s privacy statement available through the website of Google: https://www.google.com. You may also change your personal data protection settings in Google’s data protection center.
i. Google Web Fonts
This website uses so-called Web fonts provided by Google LLC, 1600 Amphitheater Parkway, Mountain View, CA 94043, USA (“Google”) for consistent font presentation. Google Web Fonts allows us to use external fonts, called Google Fonts. When retrieving our website, the required Google Font is loaded from your web browser into your browser cache to display text and fonts correctly. This is necessary so that your browser can display a visually improved presentation of our texts. If your browser does not support this feature, a default font will be used by your computer for viewing. The integration of these web fonts is done by a server call, usually a Google server in the USA. This will be transmitted to the server, which page of our website you have visited. Also, the IP address of the browser of the device/pc of the visitor of Google is stored.
We use Google Web fonts for optimization purposes, in particular to improve the use of our website and to make its design more user-friendly. This also includes our legitimate interest in accordance with Art. 6 para. 1 lit. f GDPR.
Google has submitted to the Privacy Shield Agreement between the European Union and the United States and has been certified. As a result, Google agrees to comply with the standards and regulations of European data protection law. For more information, please refer to the following linked entry: https://www.privacyshield.gov/participant?id=a2zt000000001L5AAI. For more information about privacy, please refer to the Google Privacy available through the website of Google: https://www.google.com.
For more information about Google Web Fonts, visit http://www.google.com/webfonts/.
(1) If the website is used for information purposes only, i.e. if you do not contact us beyond using our website or otherwise transmit information to us, we collect usage data which is automatically transmitted by your browser in order to enable you to visit the website. Such storage of data exclusively serves system-related and statistical purposes (on the basis of Art. 6 para. 1 lit. b) GDPR) as well as, in exceptional cases, to report criminal offences (on the basis of Art. 6 para. 1 lit. e) GDPR).
(2) The data collected under Section k.(1) is
- IP address
- date and time of the request
- content of the request (exact page)
- access status/HTTP status code
- respective data volume transmitted
- website from which the request originates
- operating system and its interface
- language and version of the browser software
(3) Moreover, cookies are stored on your computer when using the website. Cookies are small text files which are stored on your hard drive allocated to the browser used by you which provide the party placing the cookie (in this case us) with certain information. Cookies do not damage your computer and do not contain any viruses. Cookies serve the purpose of making our services more user-friendly, effective and secure. For the most part, the cookies that we use are “session cookies”. These cookies are deleted automatically at the end of your visit of our website. Other cookies remain on your terminal device until being deleted. These cookies enable us to recognize your browser on your next visit as well as your preferred region and language version.
(4) Cookies required to perform the electronic communications procedure or to provide certain functions requested by you (e.g. basket function) are stored on the basis of Art. 6 para. 1 lit. f GDPR. We have a legitimate interest in the storage of cookies in order to be able to provide our services in a defect-free and optimized way.
(5) You may configure your browser settings as needed and may, for example, object to the acceptance of cookies. However, please note that in this case you may not be able to use all the functions of the website.
7. DATA TRANSFER AND RECEIVERS
(1) We do not sell your personal data to third parties.
(2) We do not share your personal information with third parties, unless
- you have consented to the data transfer or
- we are hereto entitled or obliged due to legal regulations and / or law enforcement authorities or other government orders to a data transfer or
- we believe that this is necessary to enforce and defend our rights. (e.g. provision of information for law enforcement purposes, security or enforcement of intellectual property rights).
(3) We use external service providers for processing our services (for example, processing payments, carrying out deliveries, marketing support, etc.), which we have carefully selected and commissioned in writing. They are bound by our instructions and are regularly monitored by us. If necessary, we also have data processing contracts according to. Art. 28 GDPR in place (for example, service providers for web hosting, the sending of e-mails and the maintenance of our IT systems, etc.). The service providers will not pass on this data to third parties.
(4) We are an international, global corporation and use your personal information within our worldwide 4SunEnergy (e.g., for marketing, recruiting, order processing and warranty management). In doing so, the personal data are also transmitted outside the EU, in particular in the USA and in Singapore, and if necessary stored there. If we transfer personal information to non-EU countries and only within our 4SunEnergy, we will ensure that your personal information in those third countries is processed in accordance with EU data protection standards through appropriate contracts and policies.
8. RETENTION PERIOD FOR STORAGE OF PERSONAL DATA
The retention period for your personal data is determined by the relevant statutory retention periods (e.g. from commercial law and tax law). After expiry of the respective deadline, the corresponding data will be deleted. If data is required to fulfill the contract or to initiate an agreement or if we have a legitimate interest in the re-storage, the data will be deleted if you are no longer required for these purposes or if you make use of your right of revocation or objection.
9. RIGHTS OF AFFECTED PERSONS:
As an individual whose data is subject to processing, you may assert certain rights against us in accordance with the GDPR and other relevant data protection regulations.
The following section contains explanations of your rights under the GDPR.
Depending on the nature and scope of your request, we will ask you to address it in writing.
All information requests or executions of your rights or objections to data processing should be directed by e-mail to or to the address specified in Section 2.
We make every effort to comply with all requests within 30 days. However, this period may be extended for reasons relating to the specific right of the affected person or complexity of your request.
(1) Right of access by the data subject (Art. 15 GDPR): You may request information about the data we hold about you at any time. This information includes, but is not limited to, the categories of data we have processed, the purposes for which we have processed this data, the origin of the data if we did not collect it from you directly, and, if applicable, the recipients to whom we have transferred your data. You can request a copy of your data free of charge.
(2) Right to rectification (Art. 16 GDPR): You can ask us to rectify your data. We will take reasonable measures to keep the information we hold and process about you accurate, complete, and up to date, based on the most current information available to us.
(3) Right to erasure (Art. 17 GDPR): You can request the deletion of your data, provided there are legal requirements in place to support this. This may be the case under Art. 17 GDPR if:
- The data is no longer required for the purposes for which it was collected or otherwise processed;
- Your consent, which is the basis of data processing, is revoked and there is no other legal basis for the processing;
- You object to the processing of your data and there are no overriding legitimate grounds for processing, or you object to the processing of data for direct marketing purposes;
- The data was processed unlawfully, unless processing is necessary
- to ensure compliance with a legal obligation that requires us to process your data;
- particularly with regard to legal retention periods to enforce, exercise, or defend legal claims.
(4) Right to restriction of processing (Art. 18 GDPR): You may require us to restrict the processing of your data if
- You dispute the accuracy of the data for the period of time that we need to verify the accuracy of the data;
- The processing is unlawful but you refuse the deletion of your data and instead demand a restriction of use;
- We no longer need your information but you need it to enforce, exercise, or defend legal claims;
- You have lodged an objection against processing as long as it is not clear whether our justified reasons outweigh yours.
(5) Right to data portability (Art. 20 GDPR): At your request, we can transfer your data to another person in charge as far as technically possible. However, you are entitled to this right only if the data processing is based on your consent or is necessary to execute a contract. Rather than receive a copy of your data, you may also ask us to transfer the data directly to another person in charge specified by you.
(6) Right to object (Art. 21 GDPR): You may object to the processing of your data at any time for reasons that arise from your particular situation, if the data processing is based on your consent or on our legitimate interests or those of a third party. In this case, we will no longer process your data. The latter does not apply if we can provide compelling legitimate reasons for the processing that outweigh your interests or we need your data to enforce, exercise, or defend legal claims.
(7) Right to revoke (Art. 7 GDPR): If you have given your consent to the use of data, you can revoke them at any time in accordance with Art. 7 (3) GDPR. In the case of withdrawal, we will delete the data concerned immediately, as far as further processing cannot be based on a legal basis for processing without consent. The revocation of consent does not affect the legality of the processing carried out on the basis of the consent until the revocation.
(8) Complaints to supervisory authorities (Art. 77 GDPR): We take your rights and concerns very seriously. However, if you believe that we have not adequately addressed your complaints or concerns, you are entitled to file a complaint with a competent data protection authority (Bavarian State Office for Data Protection Supervision).
(9) Restriction of information in the fulfillment of subject rights: In certain situations, we may be unable to provide you with information about all your data owing to legal requirements. If we have to refuse your request for information in such cases, we will inform you at the time of the reasons for the refusal.
10. Data Security
We use technical and organizational security measures to protect your data against accidental or intentional manipulation, loss, destruction or access by unauthorized persons.
11. Data Privacy and Third-Party Websites
Insofar as our website is linked to other websites, we have neither influence nor control over the linked contents and the third-party data privacy regulations. We recommend that you check the data privacy statements on the linked websites to determine whether and to what extent personal data is collected, processed, used or made available to third parties.