CN

eu.info@unisun-energy.com

Data Protection Policy

Table of contents


1. General information and principles of data processing

2. Controller

3. Provision and use of the website / server log files

4. Contact options by e-mail

5. Categories of recipients of the personal data

6. Data security and security measures

7. Your rights (as a data subject)

8. Changes to this privacy policy

1. General information and principles of data processing


We are pleased that you are visiting our website. The protection of your privacy and the protection of your personal data, the so-called personal data, is an important concern to us.

In accordance with Article 4(1) General Data Protection Regulation (GDPR) personal data means any information relating to an identified or identifiable natural person. This includes, for example, information such as first and last name, address, telephone number, email address, but also an IP address.

Data that cannot be linked to your person, for example through anonymization, is not personal data. Processing of personal data (e.g. collection, readout, retrieval, use, transmission, deletion or destruction) pursuant to Article 4(2) GDPR always requires a legal basis or a consent. Processed personal data must be deleted as soon as the purpose of their processing has been achieved, and there are no longer any legally prescribed retention obligations.

Here you will find information on the handling of your personal data upon visiting our website. In order to provide the functions and services of our website, it is necessary for us to collect your personal data.

In the following, we explain the type and scope, purpose, legal basis and storage period of the respective data processing.

This data protection policy only applies to this particular website. It does not apply for other websites which are merely referenced via hyperlink. We cannot assume responsibility for the confidential handling of your personal data on these third-party websites, since we do not have any influence in the data protection compliance by these companies. Please inform yourself on the handling of personal data by these companies directly on their websites.

2. Controller 


Responsible for the processing of personal data on this website (see imprint) is:

Unisun Energy Services GmbH

Josephspitalstraße 15, c/o Regus

80331 Munich, Germany

Tel.: +49 (0)89 207 040 000

Email: eu.info@unisun-energy.com 

3. Provision and use of the website / server log files 


a) Type and extent of data processing

When you access our website (i.e. when you merely view it without registering and without otherwise providing us with information), we process the following personal data, which your browser automatically transmits to our server:

  • Date and time of the request

  • Time zone difference to Greenwich Mean Time (GMT)

  • Content of the request (visited page)

  • Access status/HTTP status code

  • Amount of transferred data

  • Web address from which the page or file was accessed or the requested function was initiated (referrer URL)

  • IP-address

  • Browser

  • Language and version of the browser software

  • Operating system

b) Purpose of data processing

This data described above is technically necessary to enable you to use our website. In addition, the data is technically necessary to ensure the stability of the website and IT security, in particular to protect our IT systems from misuse and to defend against attacks.

c) Legal basis

Legal basis for the processing of the data is Article 6(1)(f) GDPR respectively Section 25(2) German Telecommunications Digital Services Data Protection Act (TDDDG). 

d) Storage period

The aforementioned data will be recorded for the duration of the communication process.

To guarantee IT security, the IP-address will be saved for an additional short period of time of no more than seven calendar days.

e) Right of objection

If your personal data is processed in accordance with Article 6(1)(f) GDPR you have a right of objection in accordance with Article 21 GDPR. However, in the case of the specific data processing operation, we have compelling legitimate grounds for the processing the data that are necessary for the protection of these data, because without the processing of these data we cannot provide and operate our website.

4. Contact options by e-mail 


a) Type and scope of data processing

You can contact us by e-mail. Our data collection is limited to the e-mail address of the e-mail account used by you to contact us as well as to the personal data provided by you in the course of contacting us. If you send us an e-mail without encryption, the e-mail is not protected against unauthorized access or modification by third parties during transmission.

b) Purpose of data processing

The purpose of data processing is to be able to answer your request appropriately.

c) Legal basis

The legal basis for this is Article 6(1)(f) GDPR. There is a legitimate interest in the processing of the above-mentioned personal data in order to be able to process your request appropriately, e.g. to answer your inquiry or to fulfil your request for information.

d) Storage period

The duration of the storage of the above-mentioned data depends on the background of your contact. Your personal data will be deleted on a regular basis if the intended purpose of the communication ceases to apply and storage is no longer necessary. This may result, for example, from processing your request.

5. Categories of recipients of the personal data


We only pass on your personal data to third parties if:

a)  you have given your explicit consent to do so in accordance with Article 6(1)(a) GDPR.

b)  this is legally permissible and, in accordance with Article 6(1)(b) GDPR, is necessary for the fulfilment of a contractual relationship with you or the implementation of pre-contractual measures.

c)  there is a legal obligation under Article 6(1)(c) GDPR for the transfer.

We are legally obliged to transfer data to state authorities, e.g. tax authorities, social security carriers, health insurances, supervisory authorities and law enforcement agencies.

d)  the disclosure in accordance with Article 6(1)(f) GDPR is necessary to safeguard legitimate corporate interests and to assert, exercise or defend legal claims, and there is no reason to assume that you have an overriding interest worthy of protection in the non-disclosure of your data.

e)  we use external service providers (so-called processors) to process personal data in accordance with Article 28(3) GDPR. These processors have been carefully selected by us and are obliged by a data processing agreement to handle personal data in accordance with data protection regulations.

We use such external service providers in the following areas:

  • IT

  • Telecommunications

When transferring personal data to so-called third countries, i.e. outside the EU or EEA, we ensure that your personal data is treated with the same care as within the EU or EEA. We only transfer personal data to third countries where the EU Commission has confirmed an adequate level of data protection or where we have ensured the careful handling of personal data by contractual agreements or other suitable guarantees.

6. Data security and security measures 


We are committed to protecting your privacy and treating your personal data confidentially. For this purpose, we take extensive technical and organisational security precautions, which are regularly checked and adapted to technological progress.  

These include the use of recognized encryption procedures (SSL or TLS). Unencrypted data, e.g. when sent by unencrypted e-mail, may be read by third parties. We have no influence on this. It is the responsibility of the respective user to protect the data provided by him/her against misuse by means of encryption or in any other way.

7. Your rights (as a data subject)


Here you will find your rights regarding your personal data. Details of this are set out in Articles 7, 15-22 and 77 of the GDPR. You can contact the controller (Section 2) in this regard.

a) Right to withdraw your data protection consent in accordance with Article 7(3) GDPR

You can withdraw your consent to the processing of your personal data at any time with effect for the future. The withdrawal of consent shall not affect the lawfulness of processing based on consent before its withdrawal.

b) Right of access pursuant to Article 15 GDPR in conjunction with § 34 BDSG

You have the right to request confirmation as to whether we process personal data concerning you. If this is the case, you have the right to be informed about your personal data and to receive further information, e.g. the purposes of processing, the categories of personal data processed, the recipients and the planned duration of storage or the criteria for determining the duration.

c) Right to rectification and completion under Article 16 GDPR

You have the right to demand the correction of incorrect data without delay. Taking into account the purposes of the processing, you have the right to request the completion of incomplete data.

d) Right to erasure ("right to be forgotten") in accordance with Article 17 GDPR in conjunction with § 35 BDSG

You have the right of erasure, as far as the processing is not necessary.

This is the case, for example, if your data are no longer necessary for the original purposes, if you have withdrawn your declaration of consent under data protection law or if the data was processed unlawfully.

e) Right to restriction of processing in accordance with Article 18 GDPR

You have the right to limit the processing, for example if you believe that personal data is incorrect.

f) Right to data portability pursuant to Article 20 GDPR

You have the right to receive personal data concerning you in a structured, common and machine-readable format.

g) Right to object pursuant to Article 21 GDPR

You have the right to object to data processing on grounds relating to particular situations. However, this only applies in cases where we process data to fulfill a legitimate interest.

If you can present such a reason and we cannot assert compelling legitimate grounds for the processing which override your interests, we will no longer process this data for the respective purpose.

h) Automated individual decision-making, including profiling in accordance with Article 22 GDPR

You will not be subject to any decision based solely on automated processing of your data, including profiling, which produces legal effects concerning you or similarly significantly affects you.

i) Right to lodge a complaint with a data protection supervisory authority pursuant to Article 77 GDPR

You can also lodge a complaint with a data protection supervisory authority at any time, for example if you believe that data processing is not in compliance with data protection regulations.

Competent supervisory authority:

Postal address:  Postfach 1349, 91504 Ansbach, Germany

Phone:   +49 981/180093-0

Fax:    +49 981/180093-800

Email:     poststelle@lda.bayern.de

Website:  https://www.lda.bayern.de

8. Changes to this privacy policy 


Our privacy policy serves the fulfilment of legal information duties. We update our data protection declaration as far as this becomes necessary.