Data Privacy Policy and Consents
Data Privacy Policy
Status: February 2025
This translation is provided for information purposes only (courtesy translation). In case of any discrepancy, ambiguity or conflict between the German and English version, the German version shall exclusively prevail and be legally binding.
We, ENVIRIA Energy Holding GmbH (hereinafter jointly referred to as the "company", "controller", "we" or "us") take the protection of your personal data seriously and would like to take this opportunity to inform you about data protection in our company. We treat your personal data confidentially and in accordance with the statutory data protection regulations and this data privacy policy.
As part of our responsibility under data protection law, additional obligations have been imposed on us by the entry into force of the EU General Data Protection Regulation (Regulation (EU) 2016/679; hereinafter: "GDPR") in order to ensure the protection of personal data of a data subject (we also refer to you as a data subject as "customer", "user", "you" or "data subject").
We would like to point out that data transmission over the Internet (e.g. when communicating by email) may be subject to security vulnerabilities. Complete protection of data against access by third parties is not possible.
Insofar as we decide on the purposes and means of data processing either alone or together with others, this includes above all, the obligation to inform you transparently about the type, scope, purpose, duration and legal basis of the processing (cf. Art. 13 and 14 GDPR). This privacy policy (hereinafter: "Privacy Policy") explains what data we collect and what we use it for. It also explains how and for what purpose this is done.
Our privacy policy has a modular structure. It consists of a general section for all processing of personal data and processing situations that come into play each time a website is accessed (A. General information), and a special section, the content of which relates only to the processing situation specified there with the designation of the respective offer or product, in particular the visit to this website described in more detail here (B. Data collection when visiting this website.
A. General Informaion
(1) Definitions
This privacy policy is based on the following definitions:
● "Personal data" (Art. 4 No. 1 GDPR) means any information relating to an identified or identifiable natural person ("data subject"). A person is identifiable if they can be identified directly or indirectly, by reference to an identifier such as a name, an identification number, an online identifier, location data or information relating to their physical, physiological, genetic, mental, economic, cultural or social identity. Identifiability can also be achieved by linking such information or other additional knowledge. The origin, form or embodiment of the information is irrelevant (photos, video or audio recordings can also contain personal data).
● "Processing" (Art. 4 No. 2 GDPR) means any operation which is performed on personal data, whether or not by automated means (i.e. using technical specifications). This includes the collection (i.e. procurement), recording, organization, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure or destruction of personal data, or alteration of the purposes for which they were originally processed.
● "Controller" (Art. 4 No. 7 GDPR) means the natural or legal person, public authority, agency or other body which, alone or jointly with others, determines the purposes and means of the processing of personal data.
● "Third party" (Art. 4 No. 10 GDPR) means any natural or legal person, public authority, agency or body other than the data subject, controller, processor and persons who, under the direct authority of the controller or processor, are authorized to process personal data; this also includes other legal entities belonging to the group.
● "Processor" (Art. 4 No. 8 GDPR) is a natural or legal person, public authority, agency or other body which processes personal data on behalf of the controller, in particular in accordance with the controller's instructions (e.g. IT service provider). In terms of data protection law, a processor is not particularly a third party.
● "Consent" (Art. 4 No. 11 GDPR) of the data subject means any freely given, specific, informed and unambiguous indication of the data subject's wishes by which he or she, by statement or by clear affirmative action, signifies agreement to the processing of personal data relating to him or her.
(2) Name and address of the controller
The controller within the meaning of Art. 4 No. 7 DS-GVO is:
ENVIRIA Energy Holding GmbH
Ferdinand-Happ-Straße 53
60314 Frankfurt am Main
Germany
+49 800 500 00 25
https://enviria.energy
For further information on our company, please refer to the imprint on our website.
(3) Contact details of the data protection officer
The data protection officer of the controller is:
Data Protect Plus UG (haftungsbeschränkt).
Hermannstr. 6
60318 Frankfurt am Main
Germany
+49 89 7400 45840
www.dataprotectplus.de
(4) Legal basis for data processing
In principle, any processing of personal data is prohibited by law and is only permitted if the data processing falls under one of the following justifications:
● Art. 6 para. 1 sentence 1 lit. a GDPR ("consent"): Where the data subject has voluntarily, in an informed and unambiguous manner, indicated by a statement or other unambiguous affirmative act that he or she consents to the processing of personal data relating to him or her for one or more specific purposes;
● Art. 6 para. 1 sentence 1 lit. b GDPR: If the processing is necessary for the performance of a contract to which the data subject is party or in order to take steps at the request of the data subject prior to entering into a contract;
● Art. 6 para. 1 sentence 1 lit. c GDPR: If processing is necessary for compliance with a legal obligation to which the controller is subject (e.g. a legal obligation to retain data);
● Art. 6 para. 1 sentence 1 lit. d GDPR: If processing is necessary in order to protect the vital interests of the data subject or another natural person;
● Art. 6 para. 1 sentence 1 lit. e GDPR: If the processing is necessary for the performance of a task carried out in the public interest or in the exercise of official authority vested in the controller; or
● Art. 6 para. 1 sentence 1 lit. f GDPR ("Legitimate interests"): If the processing is necessary for the purposes of the legitimate (legal or economic) interests pursued by the controller or by a third party, except where such interests are overridden by the interests or rights of the data subject (where the data subject is a minor).
For the processing operations we carry out, we indicate the applicable legal basis in each case below. Processing can also be based on several legal bases.
(5) Data erasure and storage period
For the processing operations carried out by us, we indicate below how long the data is stored by us and when it is deleted or blocked. If no explicit storage period is specified below, your personal data will be deleted or blocked as soon as the purpose or legal basis for storage no longer applies, unless there are retention obligations under commercial or tax law. If you assert a justified request for deletion or revoke your consent to data processing, your data will be deleted unless we have other legally permissible reasons for storing your personal data (e.g. retention periods under tax or commercial law); in the latter case, deletion will take place after these reasons no longer apply. This means that the data will be deleted from the point in time at which statutory retention obligations no longer apply, unless you have expressly consented to further use.
However, data may be stored beyond the specified period in the event of an (impending) legal dispute with you or other legal proceedings or if storage is provided for by statutory provisions to which we are subject as the controller (e.g. Section 257 HGB, Section 147 AO). If the storage period prescribed by the statutory provisions expires, the personal data will be blocked or deleted unless further storage by us is necessary and there is a legal basis for this.
Your data will only be stored on servers in the EU, subject to any disclosure in accordance with the provisions in A. (9) and A. (10).
(6) Data security
We use appropriate technical and organizational security measures to protect your data against accidental or intentional manipulation, partial or complete loss, destruction or against unauthorized access by third parties (e.g. TSL encryption for our website), taking into account the state of the art, the implementation costs and the nature, scope, context and purpose of the processing as well as the existing risks of a data breach (including its probability and impact) for the data subject. Our security measures are continuously improved in line with technological developments.
We will be happy to provide you with more detailed information on request. Please contact us using the details given in A. (2)..
(7) Technical and organizational measures
We take technical and organizational measures to ensure that the security and protection requirements of the GDPR are met and that personal data is protected against loss, destruction, manipulation or access by unauthorized persons. The measures are always adapted to the current state of the art.
(8) Cooperation with processors
As with any company, we also use external domestic and foreign service providers to process our business transactions (e.g. for IT, logistics, telecommunications, sales and marketing). These service providers only act in accordance with our instructions and are contractually obligated to comply with data protection regulations in accordance with Art. 28 GDPR.
If your personal data is passed on by us to our subsidiaries or is passed on to us by our subsidiaries (e.g. for advertising purposes), this is done on the basis of existing order processing relationships.
(9) Transfer of personal data to third parties; basis for justification
The following categories of recipients, which are usually processors (see A. (8)), may have access to your personal data:
● Service providers for the operation of our website and the processing of data stored or transmitted by the systems (e.g. for data center services, payment processing, IT security). The legal basis for the transfer is then Art. 6 para. 1 sentence 1 lit. b or lit. f GDPR, insofar as these are not processors;
● Government agencies/authorities, insofar as this is necessary to fulfill a legal obligation. The legal basis for the disclosure is then Art. 6 para. 1 sentence 1 lit. c GDPR;
● Persons employed to carry out our business operations (e.g. auditors, banks, insurance companies, legal advisors, supervisory authorities, parties involved in company acquisitions or the establishment of joint ventures). The legal basis for the disclosure is then Art. 6 para. 1 sentence 1 lit. b or lit. f GDPR.
We use the following third-party services:
● Amazon Web Services (AWS), Inc., 410 Terry Avenue North, Seattle WA 98109, United States (hereinafter: "AWS").
● Amazon Web Services EMEA SARL, 38 Avenue John F. Kennedy, L-1855, Luxem-bourg (hereinafter: "Amazon EU").
● Asana, Inc.,633 Folsom Street, San Francisco, CA 94107 (hereinafter: "Asana").
● Automattic Inc, 60 29th Street #343, San Francisco, CA 94110-4929, USA (hereinafter: "Wordpress").
● Calendly, LLC, 271 17th Street NW, Atlanta (hereinafter: "Calendly").
● Greenhouse Software, Inc., 250 W 34th Street, Suite 329, New York, NY 10119 (hereinafter: „Greenhouse“).
● Google Ireland Limited, Gordon House, 4 Barrow St, Dublin, D04 E5W5, Ireland (hereinafter: "Google EU").
● LinkedIn Ireland Unlimited Company, Wilton Plaza, Wilton Place, Dublin 2, Ire-land (hereinafter: "LinkedIn").
● Meta Platforms Ireland Limited, 4 Grand Canal Quare, Dublin 2, Ireland (hereinafter: "Meta EU").
● Microsoft Corporation, One Microsoft Way, Reymond, WA, 98052-6399, USA (hereinafter: "Microsoft").
● NextRoll, Inc, 1050 Page St, San Francisco, CA, USA (hereinafter: "AdRoll").
● Pipedrive OÜ, Mustamäe tee 3a, 10615 Tallinn, Estonia (hereinafter: "Pipedrive").
● Storyblok GmbH, Peter-Behrens-Platz 2, 4020 Linz, Österreich (hereinafter: „Storyblok“).
● SalesViewer® GmbH, Universitätsstraße 60, 44789 Bochum, Deutschland (hereinafter: „SalesViewer“).
● Vimeo LLC, 555 West 18th Street, New York, New York 10011, USA („Vimeo“).
● X Corp., 1355 Market Street, Suite 900, San Francisco, CA 94103, USA (hereinafter: "X.").
● XING SE, Dammtorstraße 30, 20354 Hamburg, Germany (hereinafter: "Xing").
The registered office of a third-party provider may be located in a third country, i.e. in a country in which the GDPR has no direct legal effect. In this case, data will only be transferred in accordance with the strict requirements set out in more detail under A. (10).
In addition, we will only pass on your personal data to third parties if you have given your express consent in accordance with Art. 6 para. 1 sentence 1 lit. a GDPR.
(10) General information on the legal basis for data processing on this website
If you have consented to data processing, we process your personal data on the basis of Art. 6 para. 1 lit. a GDPR or Art. 9 para. 2 lit. a GDPR, insofar as special categories of data are processed in accordance with Art. 9 para. 1 GDPR. In the event of express consent to the transfer of personal data to third countries, data processing is also carried out on the basis of Art. 49 para. 1 lit. a GDPR. If you have consented to the storage of cookies and/or access to information on your end device (e.g. via device fingerprinting), data processing is also carried out on the basis of Section 25 (1) of the German Data Protection Act (TTDSG). The respective consent can be revoked at any time. If your data is required to fulfill the contract or to carry out pre-contractual measures, we process your data on the basis of Art. 6 para. 1 lit. b GDPR. Furthermore, we process your data on the basis of Art. 6 para. 1 lit. c GDPR if this is necessary to fulfill a legal obligation. Data processing may also be carried out on the basis of our legitimate interest in accordance with Art. 6 para. 1 lit. f GDPR. Information on the relevant legal bases in each individual case is provided in the following paragraphs of this privacy policy.
(11) Requirements for the transfer of personal data to the USA and other third countries
As part of our business relationships, your personal data may be passed on or disclosed to third parties. In particular, we use tools from companies based in the USA or other third countries that are not secure under data protection law. If these tools are active, your personal data may be transferred to these third countries and processed there. We would like to point out that no level of data protection comparable to that in the EU can be guaranteed in these countries. For example, US companies are obliged to hand over personal data to security authorities without you as the data subject being able to take legal action against this. It can therefore not be ruled out that US authorities (e.g. secret services) may process, evaluate and permanently store your data on US company servers for surveillance purposes. We have no influence on these processing activities.
Any processing of personal data in a third country may only take place if the special requirements of Art. 44 et seq. GDPR are met. This includes, in particular, the conclusion of standard data protection clauses (hereinafter: "EU SCC") with the subcontractor. For this purpose, the contractor must use the "Processor to Processor" module and carry out a so-called "Transfer Impact Assessment" (hereinafter: "TIA"). We will inform you about the respective details of the transfer at the relevant points below.
For the USA, an agreement has also been concluded between the European Union and the USA to ensure compliance with European data protection standards for data processing in the USA. In line with this agreement, every DPF certified company is committed to comply with these data protection standards. Further information on this can be obtained from the provider at the following link:
https://www.dataprivacyframework.gov/s/participant-search/participant-detail?contact=true&id=a2zt0000000GnywAAC&status=Active
(12) No automated decision-making (including profiling)
We do not intend to use personal data collected from you for automated decision-making (including profiling).
(13) No obligation to provide personal data
We do not make the conclusion of contracts with us dependent on you providing us with personal data beforehand. As a customer, you are under no legal or contractual obligation to provide us with your personal data; however, we may only be able to provide certain services to a limited extent or not at all if you do not provide the necessary data. If this should exceptionally be the case in the context of the products presented below and offered by us, you will be informed of this separately.
(14) Legal obligation to transmit certain data
We may be subject to a special legal or statutory obligation to provide the lawfully processed personal data to third parties, in particular public authorities (Art. 6 para. 1 sentence 1 lit. c GDPR).
(15) Your rights
You can assert your rights as a data subject with regard to your processed personal data at any time by contacting us using the contact details provided at the beginning under A. (2). As the data subject, you have the right
● to request information about your data processed by us in accordance with Art. 15 GDPR. In particular, you can request information about the processing purposes, the category of data, the categories of recipients to whom your data has been or will be disclosed, the planned storage period, the existence of a right to rectification, erasure, restriction of processing or objection, the existence of a right to lodge a complaint, the origin of your data if it was not collected by us, as well as the existence of automated decision-making including profiling and, if applicable, meaningful information about its details;
● in accordance with Art. 16 GDPR, to immediately request the correction of incorrect data or the completion of your data stored by us;
● in accordance with Art. 17 GDPR, to demand the deletion of your data stored by us, unless the processing is necessary to exercise the right to freedom of expression and information, to fulfill a legal obligation, for reasons of public interest or to assert, exercise or defend legal claims;
● in accordance with Art. 18 GDPR, to demand the restriction of the processing of your personal data if the accuracy of the data is disputed by you or the processing is unlawful; if you dispute the accuracy of your personal data stored by us, we usually need time to check this. For the duration of the review, you have the right to request that the processing of your personal data be restricted. If you have lodged an objection in accordance with Art. 21 (1) GDPR, a balance must be struck between your interests and ours. If it has not yet been determined whose interests prevail, you have the right to request the restriction of the processing of your personal data. If you have restricted the processing of your personal data, this data - apart from its storage - may only be processed with your consent or for the establishment, exercise or defense of legal claims or for the protection of the rights of another natural or legal person or for reasons of important public interest of the European Union or of a Member State;
● In accordance with Art. 20 GDPR, you have the right to request that data which we process automatically on the basis of your consent or in fulfillment of a contract to be handed over to you or to a third party in a common, machine-readable format. If you request the direct transfer of the data to another controller, this will only be done insofar as it is technically feasible;
● pursuant to Art. 21 GDPR, the right to object to the processing at any time, provided that the processing is based on Art. 6 para. 1 sentence 1 lit. e or lit. f GDPR. This also applies to profiling based on these provisions. This is particularly the case if the processing is not necessary for the performance of a contract with you. If it is not an objection to direct advertising, we ask you to explain the reasons why we should not process your data as we have done when exercising such an objection. In the event of your justified objection, we will examine the situation and will either discontinue or adapt the data processing or show you our compelling reasons worthy of protection on the basis of which we will continue the processing. If your personal data is processed for the purpose of direct marketing, you have the right to object at any time to the processing of personal data concerning you for the purpose of such marketing; this also applies to profiling insofar as it is associated with such direct marketing. If you object, your personal data will no longer be used for the purpose of direct marketing (objection pursuant to Art. 21 (2) GDPR);
● in accordance with Art. 7 para. 3 GDPR, to REVOKE your consent once given (even before the GDPR came into force, i.e. before May 25, 2018) - i.e. your voluntary, informed and unequivocal declaration or other unambiguous confirmatory act that you consent to the processing of the personal data concerned for one or more specific purposes - to us at any time if you have given such consent. Many data processing operations are only possible with your express consent. You can withdraw previously given consent at any time. The legality of the data processing carried out up to the time of revocation remains unaffected by the revocation, and
● in accordance with Art. 77 GDPR, to lodge a complaint with a data protection supervisory authority in the event of violations of the GDPR in connection with the processing of your personal data, for example with the data protection supervisory authority responsible for us: The Hessian Commissioner for Data Protection and Freedom of Information, Gustav-Stresemann-Ring 1, 65189 Wiesbaden, telephone: 0611- 1408 0, e-mail: poststelle@datenschutz.hessen.de Homepage: https://www.datenschutz-hessen.de. The right of appeal exists without prejudice to other administrative or judicial remedies.
(16) Changes to the privacy policy
As part of the ongoing development of data protection law and technological or organizational changes, our privacy policy is regularly reviewed to determine whether it needs to be amended or supplemented. You will be informed of any changes on our German website at https://enviria.energy/datenschutz. This privacy policy is valid as of June 2024.
B. Data collection when visiting this Website
(1) Explanation of the function
Information about our company and the services we offer can be found at https://enviria.energy together with the associated subpages (hereinafter jointly referred to as the "website"). When you visit our website, your personal data may be processed.
(2) Processed personal data
Depending on the type of cookie, your personal data is collected by our IT systems automatically or with your consent when you visit the website. When using our website for informational purposes, a so-called log data record (so-called server log files) is temporarily and anonymously stored on our web server (hereinafter: "log data"). This consists of:
● Information about the browser type and version used
● The user's operating system
● The user's internet service provider
● Referer URL (the previously visited page)
● Name of the requesting provider
● The IP address of the user
● Date and time of access
● Transferred data volumes
● Websites from which the user's system accesses our website
● Websites that are accessed by the user's system via our website
This data is stored in the log files of our system. This data is not merged with other data sources.
(3) Purpose and legal basis of the processing
We process the log data for the following purposes:
● to ensure a smooth connection to the website,
● error-free provision of the website,
● to optimize the content of our website for you, and
● to ensure system security and stability.
These points are in both your and our legitimate interest. In addition, we may also use this data to comply with our legal obligations in cooperation with law enforcement authorities. Under no circumstances do we use the data collected for the purpose of drawing conclusions about your person. The legal basis for data processing is therefore Article 6(1)(f) GDPR. The log files are stored for as long as they are required to display the website.
Other personal data may be used to analyze your user behavior. However, this requires your express consent, otherwise the personal data cannot be used for analysis and advertising purposes. You can revoke this consent at any time in the future. The legal basis for the processing of personal data for the aforementioned purpose is therefore Art. 6 para. 1 lit. a GDPR.
(4) Duration of data processing
Your data will only be processed for as long as is necessary to achieve the above-mentioned processing purposes; the legal bases specified in the context of the processing purposes apply accordingly. Regarding the use and storage duration of data, please refer to the information under A. (5).
Third parties used by us will store your data on their system for as long as is necessary in connection with the provision of the services for us in accordance with the respective order.
You can find more details on the storage period of personal data under A. (5).
(5) Possibility of objection and removal
The collection of data for the provision of the website and the storage of data in log files is absolutely necessary for the operation of the website. Consequently, the user has no option to object.
(6) SSL or TLS encryption
This website uses SSL or TLS encryption for security reasons and to protect the transmission of confidential content, such as orders or inquiries that you send to us as the site operator. You can recognize an encrypted connection by the fact that the address line of the browser changes from "http://" to "https://" and by the lock symbol in your browser line.
If SSL or TLS encryption is activated, the data you transmit to us cannot be read by third parties.
(7) Hosting of the website and content delivery
We host the content of the website at AWS. When you visit our website, AWS collects various log files including your IP addresses. All data collected when you visit our website is processed and stored on the AWS servers. Further information on AWS data protection can be found on the following website:
https://aws.amazon.com/de/compliance/data-privacy/Die
AWS is used on the basis of Art. 6 para. 1 lit. f GDPR. We have a legitimate interest in displaying our website as reliably as possible. If a corresponding consent has been requested, the processing is carried out exclusively on the basis of Art. 6 para. 1 lit. a GDPR and § 25 para. 1 TTDSG, insofar as the consent includes the storage of cookies and/or access to information in the user's terminal device (e.g. for device fingerprinting) within the meaning of the TTDSG. This consent can be revoked at any time.
Order processing
We have concluded a data processing agreement (hereinafter: "DPA") with AWS for the use of the above-mentioned service. This is a contract prescribed by data protection law, which ensures that AWS only processes the personal data of our website visitors in accordance with our instructions and in compliance with the GDPR.
(b) Amazon CloudFront CDN
We use the Amazon CloudFront CDN content delivery network to host the website. The provider is Amazon EU.
Amazon CloudFront CDN is a globally distributed content delivery network. The information transfer between your browser and our website is technically routed via the content delivery network. This enables us to increase the global accessibility and performance of our website.
The use of Amazon CloudFront CDN is based on our legitimate interest in providing our website as error-free and secure as possible (Art. 6 para. 1 lit. f GDPR).
Data transfer to the USA is based on the standard contractual clauses of the EU Commission. You can find details here:
https://aws.amazon.com/de/blogs/security/aws-gdpr-data-processing-addendum/.
Further information about Amazon CloudFront CDN can be found here:
https://d1.awsstatic.com/legal/privacypolicy/AWS_Privacy_Notice__German_Translation.pdf.
(8) Use of analysis tools, cookies and plugins as well as other third-party tools on our website
When you visit this website, your surfing behavior may be statistically evaluated. This is mainly done using so-called analysis programs, cookies, pixels and plug-ins.
Detailed information on these individual analysis programs, cookies, pixels and plug-ins can be found in the following privacy policy:
(a) Cookies
We use cookies to make visiting our website attractive and to enable the use of certain functions. Cookies are small data packets and do not cause any damage to your end device. They are stored on your device either temporarily for the duration of a session (session cookies) or permanently (permanent cookies). Session cookies are automatically deleted at the end of your visit. Permanent cookies remain stored on your device until you delete them yourself or they are automatically deleted by your web browser. In the latter case, you can find the storage period in the cookie settings overview of your web browser.
Cookies may originate from us (so-called first-party cookies) or from third-party companies (so-called third-party cookies). Third-party cookies enable the integration of certain services from third-party companies on our website (e.g. cookies for processing payment services).
Cookies have various functions. Many cookies are technically necessary, as certain website functions would not work without them (e.g. consent via the cookie banner) (so-called technically necessary cookies). Other cookies can be used to evaluate user behavior or for advertising purposes (so-called statistics cookies or marketing cookies).
The purpose of using technically necessary cookies is to simplify the use of the website for users. Some functions of our website cannot be offered without the use of cookies. For these, it is necessary for the browser to be recognized even after a page change. The user data collected by technically necessary cookies is not used to create user profiles.
Statistics and marketing cookies are used for the purpose of improving the quality of our website and its content. Through the statistics and marketing cookies, we learn how the website is used and can thus constantly optimize our offer.
The legal basis for the setting and storage of technically necessary cookies on your terminal device is Art. 6 para. 1 lit. f GDPR. The website operator has a legitimate interest in the storage of technically necessary cookies for the technically error-free and optimized provision of its website services. For the use of statistics cookies and/or marketing cookies, however, your express consent is required in accordance with Art. 6 para. 1 lit. a GDPR and § 25 para. 1 TTDSG. The setting and storage of statistics cookies and marketing cookies takes place exclusively on the basis of this consent (Art. 6 para. 1 lit. a GDPR and § 25 para. 1 TTDSG); this consent can be revoked at any time.
Cookies are stored on the user's computer and transmitted by it to our website. As a user, you therefore have full control over the setting of cookies. By changing the settings in your Internet browser, you can deactivate or restrict the transmission of cookies, set the browser so that you are informed about the setting of cookies and only allow the setting of cookies in individual cases, exclude the acceptance of cookies for certain cases or in general, and activate the automatic deletion of cookies when closing the browser. If cookies are deactivated, the functionality of this website may be restricted.
You can see which cookies and services are used on this website in detail in the cookie banner.
Consent
This website uses its own consent technology to obtain your consent to the storage of certain cookies on your end device or to the use of certain technologies and to document this in accordance with data protection regulations.
When you visit our website, a cookie is stored in your browser in which the consents you have given, or the revocation of these consents are stored. This data is not passed on to third parties.
Cookie consent technology is used to obtain the legally required consent for the use of certain technologies. The legal basis for this is Art. 6 para. 1 lit. c GDPR.
The data collected will be stored until you ask us to delete it, revoke your consent, the cookies delete themselves, or the purpose for data storage no longer applies. Mandatory statutory retention periods remain unaffected by this.
(b) Google Analytics 4
This website uses functions of the web analysis service Google Analytics, an analysis tracking tool of the American company Google Inc (hereinafter: "Google"). The provider for companies based in Europe is Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland (hereinafter: "Google EU").
Google Analytics enables the website operator to analyze the behavior of website visitors. For example, when you click on a link, this action is stored in a cookie and sent to Google Analytics. Information such as browser, IP address, referrer URL, session duration, bounce rate, location, page views, length of visit, operating systems used, and origin of the user is recorded. We can also use Google Analytics to record your mouse and scroll movements and clicks, among other things. Google EU also creates so-called heat maps. Heatmaps allow you to see exactly those areas that you click on. This provides us with information about where you are on our website. Other data that Google EU collects includes contact details, any ratings, the playing of media (e.g. when you play a video on our site), the sharing of content via social media or adding to your favorites.
Google Analytics also uses various modeling approaches to supplement the collected data records and uses machine learning technologies for data analysis.
This data is summarized in a user ID and assigned to the respective end device of the website visitor. As soon as you leave our website, this data is sent to the Google Analytics servers and stored there. Google EU processes the data, and we receive reports on your user behavior.
Google Analytics uses technologies that enable the recognition of the user for the purpose of analyzing user behavior (e.g. cookies or device fingerprinting). Google Analytics uses a tracking code to create a random, unique ID that is linked to your browser cookie. This is how Google Analytics recognizes you as a new user. The next time you visit our website, Google Analytics will recognize you as a returning user. All data collected during this is stored together with this user ID. This is what makes it possible to analyze pseudonymous user profiles in the first place. In order to be able to analyze our website with Google Analytics, a property ID must be inserted into the tracking code. The data is then stored in the corresponding property. The Google Analytics 4 property is standard for every newly created property.
Google EU has its servers spread all over the world. Most of the servers are in the USA. The information collected by Google EU about the use of this website is usually transferred to a Google EU server in the USA and stored there. You can find out exactly where the Google data centers are located here:
https://www.google.com/about/datacenters/locations/?hl=de.
IP anonymization
We have activated the IP anonymization function on this website. This means that your IP address will be truncated by Google EU within member states of the European Union or in other signatory states to the Agreement on the European Economic Area before it is transmitted to the USA. Only in exceptional cases will the full IP address be transmitted to a Google EU server in the USA and truncated there. On behalf of the operator of this website, Google EU will use this information to evaluate your use of the website, to compile reports on website activity and to provide other services relating to website activity and internet usage to the website operator. The IP address transmitted by your browser as part of Google Analytics will not be merged with other Google EU data.
Demographic characteristics in Google Analytics
This website uses the "demographic characteristics" function of Google Analytics to display suitable advertisements to website visitors within the Google advertising network. This allows reports to be generated that contain statements about the age, gender and interests of site visitors. This data comes from interest-based advertising from Google and visitor data from third-party providers. This data cannot be assigned to a specific person. You can deactivate this function at any time via the ad settings in your Google account or generally prohibit the collection of your data by Google Analytics as described in the section "Objection to data collection".
Google Analytics is only used based on your consent in accordance with Art. 6 para. 1 lit. a GDPR and § 25 para. 1 TTDSG. You can revoke your consent at any time indefinitely by deactivating this service in the cookie consent banner provided on the website. If you do not consent to the use of Google Analytics, Google Analytics will not be used when you visit our website.
The data transfer to the USA because of the use of Google Analytics is based on the standard contractual clauses of the EU Commission. You can find details here:
https://privacy.google.com/businesses/controllerterms/mccs/.
Order processing
We have concluded an order processing agreement (AVV) with Google EU and fully implement the strict requirements of the German data protection authorities when using Google Analytics.
The statistics and data from Google Analytics help us to optimize our website, adapt it to user preferences and offer our services in the best possible way. The data statistically evaluated by Google EU shows us the strengths and weaknesses of our website and we can optimize it on this basis. The data also helps us to carry out our advertising and marketing measures more individually and cost-effectively.
The retention period of the data depends on the properties used. When using the newer Google Analytics 4 properties, the retention period for your user data is fixed at 14 months. For other so-called event data, we have the option of choosing between a retention period of 2 months or 14 months.
For Universal Analytics properties, Google Analytics has a standard retention period of 26 months for your user data. Your user data will then be deleted.
Browser plugin
You can prevent the collection and processing of your data by Google EU by downloading and installing the browser plug-in available at the following link:
https://tools.google.com/dlpage/gaoptout?hl=de.
You can find more information on the handling of user data when using Google Analytics in Google EU's privacy policy:
https://support.google.com/analytics/answer/6004245?hl=de.
We hope we have been able to provide you with the most important information about data processing by Google Analytics. If you would like to find out more about the tracking service, we recommend these two links:
https://marketingplatform.google.com/about/anayltics/terms/de/
(c) Google Tag Manager
This website uses Google Tag Manager (hereinafter: "Google Tag Manager"). Google Ads is an online advertising program of Google EU. This Tag Manager is one of many helpful marketing tools from Google. Google Tag Manager allows us to centrally manage and integrate code sections from various tracking tools that we have integrated into our website. Tags are small sections of code that track your activities on our website, for example. For this purpose, JavaScript code sections are inserted into the source code of our website. The tags can come from Google's own products such as Google Ads or Google Analytics 4, but tags from other companies can also be integrated and managed via the Manager. Such tags perform different tasks. They can collect browser data, feed marketing tools with data, integrate buttons, set cookies and track users across multiple websites.
In order to optimize our website for you and all users who are interested in our products and services, we need various tracking tools such as Google Analytics 4. The data collected by Google Analytics 4 helps reveal what draws visitors to our website and where we can improve our services. In principle, we could integrate each code section of the individual tracking tools separately into our source code. However, this takes a relatively long time, and it is easy to lose track. That's why we use the Google Tag Manager, which allows us to integrate and manage all tools centrally and requires hardly any programming knowledge.
The legal basis for the use of the Tag Manager is Art. 6 para. 1 f) GDPR. We have a legitimate interest in managing the individual analysis tools centrally via a platform.
The Tag Manager itself is a domain that does not set any cookies or store any data. It acts as a mere "administrator" of the implemented tags. Accordingly, the Tag Manager only records the individual tags of the various web analysis tools that are managed via it. The data is virtually channeled through the Google Tag Manager to the individual tracking tools and is not saved.
This data is stored on Google's own servers. The servers are located all over the world. Most of them are in America. You can find out exactly where the Google servers are located
https://www.google.com/about/datacenters/inside/locations/?hl=de.
Data transfer to the USA is based on the standard contractual clauses of the EU Commission. You can find details here:
https://policies.google.com/privacy/frameworks and
https://privacy.google.com/businesses/controllerterms/mccs/
You can find out how long the individual tracking tools store your data in our individual data protection texts for the individual tools.
(d) Google Ads
This website uses Google Ads (hereinafter: "Google Ads"). Google Ads is an online advertising program of Google EU.
Google Ads enables us to display advertisements in the Google search engine or on third-party websites when the user enters certain search terms on Google (keyword targeting). Furthermore, targeted advertisements can be displayed based on the user data available at Google EU (e.g. location data and interests) (target group targeting). As the website operator, we can evaluate this data quantitatively by analyzing, for example, which search terms led to the display of our advertisements and how many advertisements led to corresponding clicks.
This service is only used exclusively with your consent in accordance with Art. 6 para. 1 lit. a GDPR and § 25 para. 1 TDDDG. You can revoke your consent at any time indefinitely by deactivating this service in the cookie consent banner provided on the website.
Data transfer to the USA is based on the standard contractual clauses of the EU Commission. You can find details here:
https://policies.google.com/privacy/frameworks and
https://privacy.google.com/businesses/controllerterms/mccs/.
(e) Google Ads Remarketing and Conversion feature
This website uses the functions of Google Ads Remarketing and Conversion Tracking of Google Ads. The provider is Google EU.
The Remarketing function is used to present interest-based advertisements to website visitors within the Google advertising network. The conversion tracking function in turn enables us to measure how effective the ads we placed and that were clicked on by website visitors are and whether these led to profitable activities on the website, such as purchases or registrations.
For this purpose, Google EU sets a cookie in the browser of your end device, which automatically enables interest-based advertising by means of a pseudonymous cookie ID and based on the pages you visit. Any further data processing will only take place if you have consented to Google linking your internet and app browsing history to your Google account and using information from your Google account to personalize ads that you view on the web. In this case, if you are logged in to Google while visiting our website, Google will use your data together with Google Analytics data to create and define target group lists for cross-device remarketing. For this purpose, Google temporarily links your personal data with Google Analytics data to create target groups.
With Google Ads Remarketing, we can assign users to specific target groups to subsequently show them interest-based advertising in the Google advertising network (remarketing or retargeting). We transfer certain customer data (e.g. email addresses) from our customer lists to Google for this purpose. If the customers in question are Google users and are logged into their Google account, they will be shown suitable advertising messages within the Google network (e.g. on YouTube, Gmail or in the search engine).
Furthermore, the advertising target groups created with Google Ads Remarketing can be linked to Google's cross-device functions. In this way, interest-based, personalized advertising messages that are adapted to you depending on your previous usage and surfing behavior on one device (e.g. cell phone) can also be displayed on another of your devices (e.g. tablet or PC).
When Google AdServices are used, the following data is collected and transmitted to Google in the USA: Data about the device and browser (host name, browser type, referrer, language), IP address and the respective user interaction on our website as well as on other websites on which our ads are placed (e.g. which page a user visits, which products the user selects and purchases, which ads a user clicks on). In addition, a cookie is used to assign a random, pseudonymous ID to a user to which the aforementioned information is assigned.
We also use Conversion Tracking as part of the Google Ads service. If you click on an ad placed by Google, a cookie for conversion tracking is stored on your computer/mobile device. These cookies lose their validity after 30 days (our setting at Google) or a maximum of 90 days (according to Google), they don’t contain any personal data and are therefore not used for personal identification. The information collected with the help of the conversion cookies is used to create conversion statistics.
For this purpose, we have set up Enhanced Conversions. Enhanced Conversions is a feature that can improve the accuracy of conversion tracking while protecting user privacy by supplementing existing conversion tags with the hashed first-party conversion data from the website. Hashing the first-party data before sending it to Google Ads ensures privacy by converting personal information as (in this case: email address) into a hashed / pseudonymized (SHA256) string.
The use of these services is based on your consent in accordance with Art. 6 para. 1 lit. a GDPR and § 25 para. 1 TTDSG. You can revoke your consent at any time indefinitely by deactivating this service in the cookie consent banner provided on the website.
The use of these services is based on your consent in accordance with Art. 6 para. 1 lit. a GDPR and § 25 para. 1 TTDSG. You can revoke your consent at any time indefinitely by deactivating this service in the cookie consent banner provided on the website.
Data may be transferred to the USA when using both the remarketing and the conversion function. The data transfer to the USA is based on the standard contractual clauses of the EU Commission. You can find details here:
https://policies.google.com/privacy/frameworks und
https://privacy.google.com/businesses/controllerterms/mccs/
The company is certified in accordance with the „EU-US Data Privacy Framework“ (DPF). The DPF is an agreement between the European Union and the USA which is intended to ensure the compliance with European data protection standards while processing data in the USA. Every company certified under the DPF is committed to comply with these data protection standards. Further information on this can be obtained from the provider at the following link:
https://www.dataprivacyframework.gov/s/participant-search/participant-detail?contact=true&id=a2zt000000001L5AAI&status=Active
If you have a Google account, you can also object to personalized advertising at any time by clicking on the following link:
https://www.google.com/settings/ads/onweb/.
In addition, Google offers you the option of downloading and installing a browser add-on to deactivate Google Analytics, which can be found here:
https://tools.google.com/dlpage/gaoptout?hl=de
Further information and the data protection provisions can be found in Google's privacy policy at:
https://policies.google.com/technologies/ads?hl=de.
(f) Microsoft Advertising
We use Microsoft Advertising for our online marketing measures. The provider of Microsoft Advertising is Microsoft. Microsoft Advertising is Microsoft's conversion tracking tool, which we have integrated on our website to widen our reach and make more users aware of our products and services. We want to present our products not only on the famous search engine Google, but also on Bing and Yahoo!. With Microsoft Advertising, we also could place ads in the so-called Microsoft Audience Network. For example, we can also place advertisements on LinkedIn and conversion tracking tells us which advertisement led you to us, which subpages you liked and which actions you took on our website. This data enables us to adapt our website, advertisements and offers, to better match your needs.
For tracking by Microsoft Advertising, we have integrated a conversion tracking tag from Microsoft Advertising into our website. This is the so-called Universal Event Tracking (UET) tag. If you come to our website via a Microsoft advertisement, we can use this tracking tool to find out more about your user behavior on our website. For example, we find out which keyword or ad you used to reach us, what you click on while using our website, how many users visit our website via Microsoft Ads and how long you stay on our website. However, this data is user behavior data and not personal data. Microsoft itself uses this data to optimize its own advertising and other services. If you have a Microsoft account yourself, the data collected can be linked to your account and Microsoft will recognize and store your IP address. In order to obtain all this data about your user behavior, a cookie is set in your browser after you have reached our website via a Microsoft or Bing ad.
The legal basis for the use of Microsoft Advertising is the consent of the visitor to the website in accordance with Art. 6 para. 1 lit. a GDPR (consent). This is requested from users via the cookie banner on our website and can be revoked by the visitor at any time indefinitely. We therefore only use Microsoft Advertising if you have given us the corresponding consent.
We have no influence on how Microsoft uses the collected data on user behavior. Microsoft operates its own servers worldwide. Most of them are in the USA. Therefore, it cannot be ruled out that your data may also be stored, managed or processed on servers in the USA. Microsoft stores the data for as long as it is necessary for the provision of its own services, products, or for legal purposes. Microsoft also mentions that the actual retention period varies greatly and depends on the respective product. For Bing search queries, Microsoft usually deletes the search queries after six months by deleting your IP address. Cookie IDs that are generated via the MUID cookie, for example, are made unrecognizable after 18 months.
We would like to point out that, in the opinion of the European Court of Justice, the USA does not guarantee the protection of personal data in line with European data protection standards.
Microsoft uses standard contractual clauses as the basis for data processing in third countries outside the EU or data transfer to these countries. These are templates provided by the EU Commission, which are based on an implementing decision of the EU Commission. These are intended to ensure that the protection of personal data also meets the European standard in third countries if it is stored or processed there. As part of this, Microsoft undertakes to comply with the European level of data protection, even if the data is stored or processed in the USA.
The implementing decision of the EU Commission can be found at:
https://eur-lex.europa.eu/eli/dec-impl/2021/914/oj?locale=de
Further information on Microsoft's standard contractual clauses can be found at:
https://learn.microsoft.com/en-us/compliance/regulatory/offeringeu-model-clauses
You have the option not to participate in Microsoft Ads conversion tracking at any time. If you do not want interest-based advertisements from Microsoft Advertising to be displayed to you, you can opt out via
https://account.microsoft.com/privacy/ad-settings/signedout
switch off this function.
You can also deactivate, manage or delete all cookies in your browser. This works a little differently for each browser. You can find the instructions for the most common browsers here:
Chrome: Delete, activate and manage cookies in Chrome
Safari: Managing cookies and website data with Safari
Firefox: Delete cookies to remove data that websites have stored on your computer Internet Explorer: Delete and manage cookies
Microsoft Edge: Deleting and managing cookies We hope we have provided you with an overview of data processing by Microsoft Ads ConversionTracking.
You can find more information on data processing by Microsoft at https://privacy.microsoft.com/dede/privacystatement.
(g) LinkedIn Lead Gen
We use the “Lead Gen Ads” ad format from LinkedIn to generate leads. A lead is an interested party who provides their contact details to contact a company that offers services or products. We use forms to generate leads via LinkedIn Lead Gen.
When contacting us via LinkedIn forms, personal data (e.g. name, e-mail address or your position) is stored by LinkedIn and transmitted to us. We use your data to provide you with information and other content relating to ENVIRIA.
The use of lead generation tools, such as LinkedIn Lead Gen, serves our public relations work and communication with applicants. The legal basis for the evaluation of the LinkedIn lead forms is your explicit consent (Art. 6 para. 1 lit. a GDPR). By using this form, you consent to the use of automatic contact and profile information from your LinkedIn profile. If you would like to delete the data stored by us, please contact us. You can revoke your consent at any time using the contact details provided.
We store your data for a period of two years from receipt of the completed form. The personal data will be deleted if statutory retention periods prevent this.
On LinkedIn, the lead data is automatically deleted after 90 days. For more information on how LinkedIn uses your data, please refer to LinkedIn's privacy policy at
https://www.linkedin.com/legal/privacy-policy
It cannot be ruled out that LinkedIn may also transfer, store or process the collected data in the USA. Standard contractual clauses are required as the basis for data processing in a third country. These are templates provided by the EU Commission, which are intended to ensure that personal data is also processed in a third country in accordance with the European data protection standard. LinkedIn has committed to comply with the European data protection standard when processing personal data, even if the processing takes place in the USA through these standard contractual clauses.
You can find more information on LinkedIn's standard contractual clauses at
https://de.linkedin.com/legal/l/dpa
The company is also certified in accordance with the “EU-US Data Privacy Framework” (DPF). The DPF is an agreement between the European Union and the USA that is intended to ensure compliance with European data protection standards for data processing in the USA. Every company certified under the DPF undertakes to comply with these data protection standards. Further information on this can be obtained from the provider at the following link:
https://www.dataprivacyframework.gov/s/participant-search/participant-detail?contact=true&id=a2zt000000001L5AAI&status=Active
(h) Meta Pixel (formerly Facebook Pixel)
This website uses the Meta pixel for conversion measurement. The provider of this service is Meta Platforms Ireland Limited, 4 Grand Canal Square, Dublin 2, Ireland ("Meta EU"). However, according to Meta EU, the data collected is also transferred to the USA and other third countries.
By integrating the meta pixel into our website, the behavior of site visitors can be tracked after they have been redirected to our website by clicking on a Facebook ad. This allows the effectiveness of Facebook ads to be evaluated for statistical and market research purposes and future advertising measures to be optimized.
The data collected is anonymous to us as the operator of this website; we cannot draw any conclusions about the identity of the users. However, the data is stored and processed by Meta EU so that a connection to the respective user profile is possible and Meta EU can use the data for its own advertising purposes in accordance with the Facebook Data Usage Policy (https://de-de.facebook.com/about/privacy/). This enables Facebook to place advertisements on Facebook pages and outside of Facebook. This use of the data by Meta EU cannot be influenced by us as the website operator.
This service is used exclusively on the basis of your consent in accordance with Art. 6 para. 1 lit. a GDPR and § 25 para. 1 TTDSG, which is obtained via the cookie consent banner. You can revoke your consent at any time with effect for the future by deactivating this service in the cookie consent banner provided on the website.
Insofar as personal data is collected on our website with the help of the tool described here and forwarded to Meta EU, we and Meta EU are jointly responsible for this data processing (Art. 26 GDPR). The joint responsibility is limited exclusively to the collection of the data and its forwarding to Meta EU. The processing carried out by Meta EU after forwarding is not part of the joint responsibility. The obligations incumbent on us jointly have been set out in an agreement on joint processing. You can find the wording of the agreement at
https://www.facebook.com/legal/controller_addendum.
According to this agreement, we are responsible for providing the data protection information when using the Facebook tool and for the secure implementation of the tool on our website in accordance with data protection law. Meta EU is responsible for the data security of Facebook products. You can assert data subject rights (e.g. requests for information) regarding the data processed by Meta EU directly with Meta EU. If you assert your data subject rights with us, we are obliged to forward them to Meta EU.
Data transfer to the USA is based on the standard contractual clauses of the EU Commission. You can find details here:
https://www.facebook.com/legal/EU_data_transfer_addendum and
https://de-de.facebook.com/help/566994660333381.
You can find further information on protecting your privacy in Facebook's privacy policy:
https://de-de.facebook.com/about/privacy/.
You can also activate the remarketing function "Custom Audiences" in the ad settings section under
https://www.facebook.com/ads/preferences/?entry_product=ad_settings_screen
In order to deactivate it. You must be logged in to Facebook to do this.
If you do not have a Facebook account, you can deactivate usage-based advertising from Facebook on the website of the European Interactive Digital Advertising Alliance:
http://www.youronlinechoices.com/de/praferenzmanagement/.
(i) AdRoll Pixel
AdRoll Pixel is a retargeting service offered by AdRoll. AdRoll Pixel is a platform for digital and growth marketing that bundles marketing and advertising activities in one central location and serves as a kind of "mission control" for the customer journey. The solution offers advanced tracking and audience targeting, cross-channel attribution, dynamic ads and email marketing automation tools, among other things. It enables us and our partners to inform visitors about topics of interest to them based on their previous use of the website and to place advertisements accordingly. This activity is facilitated by tracking usage data and using cookies and other identifiers to collect information, which is then transferred to the partners who manage the remarketing and behavioral targeting activity. AdRoll does this by placing a JavaScript code in the head of the website to track the behavior of website visitors on the website. The information is processed by AdRoll Advertising Limited to display advertising that is relevant to that visitor. You can opt out of receiving targeted advertising from AdRoll by clicking on the blue icon that usually appears in the corner of AdRoll advertisements. You can also opt out of targeted advertising using the opt-out tools provided by Your Online Choices.
(http://www.youronlinechoices.com/), Digital Advertising Alliance (http://www.aboutads.info/choices/) or the Network Advertising Initiative (NAI) (http://www.networkadvertising.org/choices/).
It cannot be ruled out that AdRoll may also transfer, store or process the data collected in the USA. Standard contractual clauses are required as the basis for data processing in a third country. These are templates provided by the EU Commission which are intended to ensure that personal data is also processed in the third country in accordance with the European data protection standard. Through these standard contractual clauses, AdRoll has undertaken to comply with the European data protection standard when processing personal data, even if the processing takes place in the USA.
You can find more information on AdRoll's standard contractual clauses at:
https://www.nextroll.com/trems/data-protection
Further information on data processing by AdRoll can be found at:
https://www.nextroll.com/about/privacy
(j) LinkedIn Insight Tag
We use the conversion tracking technology and the retargeting function of the LinkedIn Corporation on our website. This technology allows visitors to the website to receive personalized advertising on LinkedIn. It also allows us to create anonymous reports on the performance of advertisements and information on website interaction. The LinkedIn Insight Tag is a JavaScript code from LinkedIn that companies can embed on their website. It is a tracking tool that records and analyzes LinkedIn members on a website. By integrating the LinkedIn Insight tag on the website, a connection to the LinkedIn server is established when you visit this website and are logged into your LinkedIn account at the same time. This gives us insights into your target group, the attractiveness of your offers and the performance of ad campaigns on LinkedIn. The LinkedIn Insight Tag places a cookie in the website visitor's browser. LinkedIn uses this to collect the following data about the website visitor, among other things
· URL,
· Referrer URL,
· Device features,
· Browser properties
· IP address.
LinkedIn anonymizes the data within 7 days. It deletes the data again within 90 days. We do not receive any personal data, only summarized reports on the demographics of our target group and the performance of our ads. We receive information on criteria such as
· Industry,
· Job title,
· Company size,
· Career level
· Location
of the website visitors.
The legal basis for the use of LinkedIn Insight Tag is the consent of the respective visitor to the website in accordance with Art. 6 para. 1 lit. a of the General Data Protection Regulation (GDPR), which is obtained via the cookie banner when visiting the website. You can revoke this consent indefinitely at any time.
It cannot be ruled out that LinkedIn also transfers, stores or processes the data collected in the USA. Standard contractual clauses are required as the basis for data processing in a third country. These are templates provided by the EU Commission which are intended to ensure that personal data is also processed in the third country in accordance with the European data protection standard. LinkedIn has undertaken through these standard contractual clauses to comply with the European data protection standard when processing personal data, even if the processing takes place in the USA.
You can find more information on LinkedIn's standard contractual clauses at
https://de.linkedin.com/legal/l/dpa
Further information on data processing by LinkedIn can be found at:
https://de.linkedin.com/legal/privacy-policy.
If you are logged in to LinkedIn, you can deactivate data collection at any time by clicking on the following link: https://www.linkedin.com/psettings/enhanced-advertising
(k) SalesViewer technology
This website uses the SalesViewer® technology of SalesViewer® GmbH. With the help of a Java Script code integrated on our website, the names of the companies that view content on the ENVIRIA website are recognized on the basis of their IP address. SalesViewer shares information with us such as the duration of the visit and details of the pages viewed. With this information, our sales staff can see which companies are potentially interested in our offer and into which aspects of our offering they are interested. However, they do not know which specific person from the company visited the website, as no personal data such as name or email address is collected.
For this purpose, a JavaScript-based code is used to collect company-related data and the corresponding use. The data collected using this technology is encrypted using a non-reversible one-way function (known as hashing). The data is immediately pseudonymized and not used to personally identify the visitor to this website.
The legal basis is the consent of the website visitor (pursuant to Art. 6 para. 1 lit. a GDPR), which is requested via the cookie banner, as well as the legitimate interests of the website operator (Art. 6 para. 1 lit. f GDPR) to collect and store data for marketing, market research and optimization purposes.
The data stored as part of SalesViewer® will be deleted as soon as it is no longer required for its intended purpose and the deletion does not conflict with any statutory retention obligations.
You can object to the collection and storage of data at any time with effect for the future by clicking on this link https://www.salesviewer.com/opt-out to prevent the collection by SalesViewer® within this website in the future. An opt-out cookie for this website will be stored on your device. If you delete your cookies in this browser, you must click this link again.
(9) Plugins and other tools
(a) YouTube with enhanced data protection
This website embeds videos from the YouTube website. YouTube is operated by Google EU.
We use YouTube in extended data protection mode. According to YouTube, this mode means that YouTube does not store any information about visitors to this website before they watch the video. However, the transfer of data to YouTube partners is not necessarily excluded by the extended data protection mode. For example, YouTube establishes a connection to the Google DoubleClick network regardless of whether you watch a video.
As soon as you start a YouTube video on this website, a connection to the YouTube servers is established. This tells the YouTube server which of our pages you have visited. If you are logged into your YouTube account, you enable YouTube to assign your surfing behavior directly to your personal profile. You can prevent this by logging out of your YouTube account.
Furthermore, YouTube may store various cookies on your end device after starting a video or use comparable recognition technologies (e.g. device fingerprinting). In this way, YouTube can obtain information about visitors to this website. This information is used, among other things, to record video statistics, improve user-friendliness and prevent fraud attempts.
After the start of a YouTube video, further data processing operations may be triggered over which we have no influence.
The use of YouTube is in the interest of an appealing presentation of our online offers. This constitutes a legitimate interest within the meaning of Art. 6 para. 1 lit. f GDPR. If a corresponding consent has been given, the processing is carried out exclusively on the basis of Art. 6 para. 1 lit. a GDPR and § 25 para. 1 TTDSG. You can revoke your consent at any time with effect for the future by deactivating this service in the cookie consent banner provided on the website.
You can find more information about data protection at YouTube in their privacy policy at:
https://policies.google.com/privacy?hl=de.
(b) Vimeo
This website integrates videos from the Vimeo website. Vimeo is an online video portal. Users can upload, watch, comment on and rate videos there. Companies can publish videos on the portal for their content marketing or embed Vimeo videos on their website. The platform has around 170 million members. Vimeo is operated by Vimeo LLC, 555 West 18th Street, New York, New York 10011, USA ("Vimeo").
We use Vimeo in extended data protection mode. According to Vimeo, this mode means that Vimeo does not store any information about visitors to this website before they watch the video. As soon as you start a Vimeo video on this website, a connection to the Vimeo servers is established. This tells the Vimeo server which of our pages you have visited. If you are also a member of Vimeo and logged in, Vimeo assigns this information to your personal user account. When you click on the start button of a video, this information can also be assigned to an existing user account. You can prevent this assignment by logging out of your Vimeo account before using the website and deleting the corresponding cookies from Vimeo
Furthermore, Vimeo may store various cookies on your end device after starting a video or use comparable recognition technologies (e.g. device fingerprinting). In this way, Vimeo can obtain information about visitors to this website. This information is used, among other things, to record video statistics, improve user-friendliness and prevent attempted fraud.
After the start of a Vimeo video, further data processing operations may be triggered over which we have no influence.
The use of Vimeo is in the interest of an appealing presentation of our online offers. This constitutes a legitimate interest within the meaning of Art. 6 para. 1 lit. f GDPR. If a corresponding consent has been given, the processing is carried out exclusively on the basis of Art. 6 para. 1 lit. a GDPR and § 25 para. 1 TTDSG. You can revoke your consent at any time with effect for the future by deactivating this service in the cookie consent banner provided on the website.
Further information about data protection at Vimeo can be found in their privacy policy at:
https://vimeo.com/privacy
Vimeo also calls up the Google Analytics tracker via an iFrame in which the video is called up. This is Vimeo's own tracking, to which we have no access. You can prevent tracking by Google Analytics by using the deactivation tools that Google offers for some Internet browsers. Users can also prevent Google from collecting the data generated by Google Analytics and relating to their use of the website (including your IP address) and from processing this data from Google by downloading and installing the browser plug-in available at the following link: tools.google.com/dlpage/gaoptout.
(c) Storyblok
This site uses the Storyblok ("Storyblok") plugin, which is provided by Storyblok GmbH, Peter-Behrens-Platz 2, 4020 Linz, Austria, for the uniform display of fonts. Storyblok is installed locally. There is no connection to Storyblok servers. Storyblok sets iFrames and forms on the end device of the visitor to the website and collects their IP address, operating system, device type, geo-localization, timestamp and website visited. The purpose of this use is to further develop and improve the website and to measure the content and its performance.
The use of Storyblok is in the interest of a uniform and appealing presentation of our online offers. This constitutes a legitimate interest within the meaning of Art. 6 para. 1 lit. f GDPR.
Further information on Storyblok can be found at:
https://www.storyblok.com/legal/privacy-policy
(d) Google Maps
This site uses the map service Google Maps in connection with the solar configurator. The provider is Google EU.
Google Maps is a web service for displaying interactive (land) maps to visualize geographical information. To use the functions of Google Maps, it is necessary to save your IP address. This information is usually transmitted to a Google EU server in the USA and stored there. The provider of this site has no influence on this data transfer. If Google Maps is activated, Google EU may use Google Fonts for the purpose of uniform display of fonts. When you access Google Maps, your browser loads the required web fonts into your browser cache to display texts and fonts correctly.
This takes place regardless of whether Google provides a user account through which you are logged in or whether a user account exists. If you are logged in to Google, your data will be assigned directly to your account. We have no influence on this data transfer.
The use of Google Maps is in the interest of an appealing presentation of our online offers and to make it easy to find the places we have indicated on the website. This constitutes a legitimate interest within the meaning of Art. 6 para. 1 lit. f GDPR. If a corresponding consent has been requested, the processing is carried out exclusively on the basis of Art. 6 para. 1 lit. a GDPR and § 25 para. 1 TTDSG. You can indefinitely revoke your consent at any time by deactivating this service in the cookie consent banner provided on the website.
Data transfer to the USA is based on the standard contractual clauses of the EU Commission. You can find details here:
https://privacy.google.com/businesses/gdprcontrollerterms/ and
https://privacy.google.com/businesses/gdprcontrollerterms/sccs/.
You can find more information on the handling of user data in Google EU's privacy policy:
https://policies.google.com/privacy?hl=de.
(e) Google reCAPTCHA
We use "Google reCAPTCHA" (hereinafter referred to as "reCAPTCHA") on our websites. The provider is Google Inc, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA. This function is primarily used to differentiate whether an entry is made by a natural person or abusively by machine and automated processing.
For this purpose, reCAPTCHA analyzes the behavior of the website visitor based on various characteristics. This analysis begins automatically as soon as the website visitor enters the website. For the analysis, reCAPTCHA evaluates various information (e.g. IP address, time spent on the website by the website visitor or mouse movements made by the user). The data collected during the analysis is forwarded to Google.
The reCAPTCHA analyses run completely in the background. Website visitors are not informed that an analysis is taking place.
Data processing is carried out on the basis of Art. 6 para. 1 lit. f GDPR. The website operator has a legitimate interest in protecting its website from abusive automated spying and SPAM.
Insofar as legally required, we have obtained your consent to the processing of your data as described above in accordance with Art. 6 para. 1 lit. a GDPR. You can withdraw your consent at any time indefinitely. To exercise your revocation, please follow the option described above for making an objection.
As part of the use of Google reCAPTCHA, personal data may also be transmitted to the servers of Google LLC in the USA.
Further information on Google reCAPTCHA and Google's privacy policy can be found at the following links:
https://www.google.com/intl/de/policies/privacy/
https://www.google.com/recaptcha/intro/android.html
Deletion: Further information on the deletion of personal data by Google can be found at: https://policies.google.com/privacy?gl=DE&hl=de
(10) Contact form
If you send us inquiries via the contact form, your details from the inquiry form, including the contact details you provide there, will be stored by us for the purpose of processing the inquiry and in the event of follow-up questions.
The following data is stored at the time the message is sent:
1. Email address
2. Name of contact person (optional)
3. Telephone / mobile phone number (optional)
4. IP address of the calling computer
5. Date and time of contact
6. Comment (optional)
We do not pass this data on to third parties without your consent.
This data is processed on the basis of Art. 6 para. 1 lit. b GDPR if your request is related to the performance of a contract or is necessary for the implementation of pre-contractual measures. In all other cases, the processing is based on our legitimate interest in the effective processing of the inquiries addressed to us (Art. 6 para. 1 lit. f GDPR) or on your consent (Art. 6 para. 1 lit. a GDPR), provided that this has been requested; consent can be revoked at any time.
We will retain the data you provide on the contact form until you request its deletion, revoke your consent for its storage, or the purpose for its storage no longer pertains (e.g. after fulfilling your request). Mandatory statutory provisions - in particular statutory retention periods - remain unaffected.
(11) Appointment booking
You can make appointments with us on our website. We use Calendly to book appointments. The provider is Calendly.
To book an appointment, enter the requested data and the desired date in the form provided. The data entered will be used for the planning, execution and, if necessary, follow-up of the appointment. Calendly also collects log files (number and time of page views, browser, browser version and operating system as well as an anonymized IP address).
The appointment data is stored for us on the servers of Calendly, whose privacy policy you can view here:
https://calendly.com/privacyDie data entered by you will remain with us until you ask us to delete it, revoke your consent to storage or the purpose for data storage no longer applies. Mandatory statutory provisions - in particular retention periods - remain unaffected.
The legal basis for data processing is Art. 6 para. 1 lit. f GDPR. The website operator has a legitimate interest in making appointments with interested parties and customers as uncomplicated as possible. If a corresponding consent has been requested, the processing is carried out exclusively on the basis of Art. 6 para. 1 lit. a GDPR and § 25 para. 1 TTDSG. You can indefinitely revoke your consent by deactivating this service in the cookie consent banner provided on the website.
Calendly also processes data in the USA, among other places. We would like to point out that, in the opinion of the European Court of Justice, the USA does not guarantee the protection of personal data corresponding to European data protection.
Microsoft uses standard contractual clauses as the basis for data processing in third countries outside the EU or data transfer to these countries. These are templates provided by the EU Commission, which are based on an implementing decision of the EU Commission. These are intended to ensure that the protection of personal data also meets the European standard in third countries if it is stored or processed there. As part of this, Calendly undertakes to comply with the European level of data protection, even if the data is stored or processed in the USA.
You can find these standard contractual clauses from Calendly at:
https://calendly.com/de/dpa
Order processing
We have concluded a data processing agreement (DPA) for the use of the above-mentioned service. This is a contract prescribed by data protection law, which ensures that the service only processes the personal data of our website visitors in accordance with our instructions and in compliance with the GDPR.
(12) Use of the solar configurator on the website
With the solar configurator, you can mark an area or open space in Google Maps and, based on further information that you provide us with, we will create an initial non-binding offer for you and send it to the contact details you provide. Google Maps has therefore been integrated into the solar configurator.
If you wish to use the solar configurator on the website, we require an e-mail address from you as well as information that allows us to verify that you are the owner of the e-mail address provided and that you agree to receive e-mails. In addition, you must mark the desired area on Google Maps and provide us with further information for the preparation of the offer. The data processing takes place on the basis of your consent (Art. 6 para. 1 lit. a GDPR). You can revoke this consent at any time. The legality of the data processing operations that have already taken place remains unaffected by the revocation.
In this context, the address you have entered will be passed on to Google, as well as the IP address via which the entry is made. Nevertheless, it cannot be ruled out, especially if you have a Google account, that this personal data will be linked to other data collected by Google.
When sending a contact request in connection with the use of the solar configurator, we also use Brevo. The provider of Brevo is SendInBlue GmbH. As soon as you have sent us your contact request in connection with the use of our solar configurator, you will receive an automated confirmation email from Brevo that we have received your contact request. In connection with the confirmation email, Brevo collects the following data from our website visitors who submit a contact request via the solar configurator: First name, last name and email address. The legal basis for the processing of this data is Art. 6 para. 1 lit. f GDPR. The processing is carried out on the basis of a legitimate interest. We have a legitimate interest in making the processing of customer inquiries via the solar configurator as user-friendly as possible.
The data processed in this context will be deleted by Brevo immediately after the purpose has been achieved, unless there are statutory retention obligations.
Further information on data processing by Brevo can be found at:
https;//www.brevo.com/de/legal/privacypolicy/
C. Request by e-mail, telephone or fax
If you contact us by e-mail, telephone or fax, we will store and process your inquiry, including all personal data (name, inquiry), for the purpose of processing your request. We will not pass on this data without your consent.
This data is processed on the basis of Art. 6 para. 1 lit. b GDPR if your request is related to the performance of a contract or is necessary for the implementation of pre-contractual measures. In all other cases, the processing is based on our legitimate interest in the effective processing of the inquiries addressed to us (Art. 6 para. 1 lit. f GDPR) or on your consent (Art. 6 para. 1 lit. a GDPR), provided that this has been requested; consent can be indefinitely revoked at any time.
The data you send to us via contact requests will remain with us until you ask us to delete it, revoke your consent to storage or the purpose for data storage no longer applies (e.g. after your request has been processed). Mandatory statutory provisions - in particular statutory retention periods - remain unaffected by this.
D. Other tools
(a) Pipedrive
We use Pipedrive as our CRM tool for processing and storing contact data. The provider of the Pipedrive CRM tool is Pipedrive OÜ.
Pipedrive OÜ is a limited liability company under Estonian (EU) law with the address Mustamäe tee 3a, 10615 Tallinn, Estonia, registered in the Estonian Commercial Register under the code 11958539 ("Pipedrive").
When contacting us (via contact form or e-mail), the user's details are designed to process the contact request and its handling in accordance with Art. 6 para. 1 lit. b) GDPR. We use contact forms from our customer relationship management tool ("CRM tool") Pipedrive to process and respond to your request and messages as quickly as possible. The data transmitted when filling out the form is sent to Pipedrive and stored there on Pipedrive servers.
We also use the Pipedrive CRM system on the basis of our legitimate interests in the efficient and fast processing of user inquiries, existing customer management and new customer business. Accordingly, a further legal basis is the legitimate interest pursuant to Art. 6 para. 1 lit. f) GDPR.
You can access Pipedrive's privacy policy here: https://www.pipedrive.com/en/privacy.
(b) Asana
We use Asana as our project management tool in which we manage our individual projects. The provider of the tool is Asana. In the course of this, personal data of customers and their employees may also be processed.
The legal basis for the processing of this personal data is Art. 6 para. 1 b) GDPR (contract initiation and contract processing). The use of Asana is essential for us to manage projects efficiently.
The data will be deleted by us after the purpose has ceased to exist, provided that there are no statutory retention periods. We have no further information on how long Asana stores the relevant data.
You can access Asana's privacy policy here:
https://asana.com/de/terms#privacy-polcy
c) Greenhouse
We use the Greenhouse software from Greenhouse Software, Inc, 250 W 34th Street, Suite 329, New York, NY 10119, among other things to process our applicant management. As part of the application process, your personal data (e.g. name, contact details, application documents) is collected and processed via Greenhouse.
Greenhouse acts as a processor in accordance with Art. 28 GDPR. The data is transferred on the basis of a corresponding order processing contract and taking into account suitable guarantees for data transfer to third countries (Art. 44 ff. GDPR).
The legal basis for the processing of your personal data is Art. 6 para. 1 b) GDPR. Namely, in the case of the application process, the initiation of a contractual relationship.
The company is certified in accordance with the “EU-US Data Privacy Framework” (DPF). The DPF is an agreement between the European Union and the USA, which is intended to ensure compliance with European data protection standards for data processing in the USA. Every company certified under the DPF undertakes to comply with these data protection standards. Further information on this can be obtained from the provider at the following link:
https://www.dataprivacyframework.gov/s/participant-search/participant-detail?contact=true&id=a2zt0000000GnywAAC&status=Active
Further information on data processing by Greenhouse can be found in their privacy policy at
https://www.greenhouse.io/privacy-policy
The processing of your data serves exclusively to process and manage your application. Your data will not be passed on to third parties without your explicit consent.
If data is processed as part of the application process, your data will be stored for the duration of the application process and then deleted in accordance with the statutory retention periods.
E. Audio and video conferencing
(a) Data processing
We use online conferencing tools, among others, to communicate with our customers. The individual tools we use are listed below. If you communicate with us by video or audio conference via the internet, your personal data will be collected and processed by us and the provider of the respective conference tool.
The conference tools collect all data that you provide/enter to use the tools (e-mail address and/or your telephone number). The conference tools also process the duration of the conference, the start and end (time) of participation in the conference, the number of participants and other "context information" in connection with the communication process (metadata).
Furthermore, the provider of the tool processes all technical data required for the processing of online communication. This includes IP addresses, MAC addresses, device IDs, device type, operating system type and version, client version, camera type, microphone or loudspeaker and the type of connection.
If content is exchanged, uploaded or provided in any other way within the tool, it is also stored on the tool provider's servers. Such content includes, in particular, cloud recordings, chat/instant messages, voicemails, uploaded photos and videos, files, whiteboards and other information shared while using the service.
Please note that we do not have full control over the data processing procedures of the tools used. Our options are largely determined by the company policy of the respective provider. Further information on data processing by the conference tools can be found in the privacy policies of the tools used, which we have listed below this text.
(b) Purpose and legal basis
The conference tools are used to communicate with prospective or existing contractual partners or to offer certain services to our customers (Art. 6 para. 1 lit. b GDPR). Furthermore, the use of the tools serves the general simplification and acceleration of communication with us or our company (legitimate interest within the meaning of Art. 6 para. 1 lit. f GDPR). Insofar as consent has been requested, the tools in question are used on the basis of this consent in accordance with Art. 6 para. 1 lit. a GDPR; consent can be indefinitely revoked at any time.
(c) Storage period
The data collected directly by us via the video and conference tools will be deleted from our systems as soon as you ask us to delete it, revoke your consent to storage or the purpose for data storage no longer applies. Stored cookies remain on your end device until you delete them. Mandatory statutory retention periods remain unaffected.
We have no influence on the storage period of your data, which is stored by the operators of the conference tools for their own purposes. For details, please contact the operators of the conference tools directly.
(d) Conference tools used
We use the following conference tools:
(i) Google Meet
We use Google Meet. The provider is Google EU. Details on data processing can be found in Google's privacy policy:
https://policies.google.com/privacy?hl=de.
Order processing
We have concluded a data processing agreement (DPA) for the use of the above-mentioned service. This is a contract prescribed by data protection law, which ensures that it processes the personal data of our website visitors only in accordance with our instructions and in compliance with the GDPR.
(ii) Microsoft Teams
We also use Microsoft Teams. The provider of Microsoft Teams is Microsoft. Details on data processing can be found in Microsoft's privacy policy:
https://privacy.microsoft.com/en-us/privacystatementAuftragsverarbeitung
We have concluded a data processing agreement (DPA) for the use of the above-mentioned service. This is a contract prescribed by data protection law, which ensures that it processes the personal data of our website visitors only in accordance with our instructions and in compliance with the GDPR.
F. Our Company’s presences on social media
This privacy policy applies to the following social media presences of our company
● https://www.facebook.com/Enviria.Energy.PV
● https://www.instagram.com/enviria/
● https://x.com/ENVIRIA_Energy
● https://www.linkedin.com/company/enviria
● https://www.xing.com/pages/enviria
(a) Data processing by social networks
We maintain publicly accessible profiles in social networks. The individual social networks we use are listed below.
Social networks such as Facebook, X. etc. can generally analyze your user behavior comprehensively when you visit their website or a website with integrated social media content (e.g. like buttons or advertising banners). Visiting our social media triggers numerous data protection-relevant processing operations.
In detail:
If you are logged into your social media account and visit our social media presence, the operator of the social media portal can assign this visit to your user account. However, your personal data may also be collected if you are not logged in or do not have an account with the respective social media portal. In this case, this data is collected, for example, via cookies that are stored on your device or by recording your IP address.
With the help of the data collected in this way, the operators of the social media portals can create user profiles in which your preferences and interests are stored. In this way, interest-based advertising can be displayed to you inside and outside the respective social media presence. If you have an account with the respective social network, the interest-based advertising can be displayed on all devices on which you are or were logged in.
Please also note that we cannot track all processing operations on the social media portals. Depending on the provider, further processing operations may therefore be carried out by the operators of the social media portals. For details, please refer to the terms of use and data protection provisions of the respective social media portals.
(b) Legal basis
Our social media presence is intended to ensure the widest possible reach on the Internet. This is a legitimate interest within the meaning of Art. 6 para. 1 lit. f GDPR. The analysis processes initiated by the social networks may be based on different legal bases, which must be specified by the operators of the social networks (e.g. consent within the meaning of Art. 6 para. 1 lit. a GDPR).
(c) Controller and assertion of rights
If you visit one of our social media sites (e.g. Facebook), we are jointly responsible with the operator of the social media platform for the data processing operations triggered during this visit. You can assert your rights (information, rectification, erasure, restriction of processing, data portability and complaint) both against us and against the operator of the respective social media portal (e.g. Facebook).
Please note that, despite the joint responsibility with the social media portal operators, we do not have full influence on the data processing procedures of the social media portals. Our options are largely determined by the corporate policy of the respective provider.
(d) Storage period
The data collected directly by us via the social media presence will be deleted from our systems as soon as you ask us to delete it, revoke your consent to storage or the purpose for data storage no longer applies. Stored cookies remain on your end device until you delete them. Mandatory statutory provisions - in particular retention periods - remain unaffected.
We have no influence on the storage period of your data that is stored by the operators of the social networks for their own purposes. For details, please contact the operators of the social networks directly (e.g. in their privacy policy, see below).
(e) Your rights
You have the right to receive information about the origin, recipient and purpose of your stored personal data free of charge at any time. You also have the right to object, the right to data portability and the right to lodge a complaint with the competent supervisory authority. Furthermore, you can request the correction, blocking, deletion and, under certain circumstances, the restriction of the processing of your personal data.
(f) Social networks in detail
(i) Facebook
We have a company presence on Facebook. The provider of this service is Meta EU. According to Meta, the data collected is also transferred to the USA and other third countries.
We have entered into a joint processing agreement (Controller Addendum) with Meta. This agreement specifies which data processing operations we or Meta are responsible for when you visit our Facebook page. You can view this agreement at the following link:
https://www.facebook.com/legal/terms/page_controller_addendum.
You can adjust your advertising settings yourself in your user account. To do this, click on the following link and log in:
https://www.facebook.com/settings?tab=adss
Data transfer to the USA is based on the standard contractual clauses of the EU Commission. You can find details here:
https://www.facebook.com/legal/EU_data_transfer_addendum and
https://de-de.facebook.com/help/566994660333381.
The company is certified in accordance with the “EU-US Data Privacy Framework” (DPF). The DPF is an agreement between the European Union and the USA that is intended to ensure compliance with European data protection standards for data processing in the USA. Every company certified under the DPF undertakes to comply with these data protection standards. Further information on this can be obtained from the provider at the following link:
https://www.dataprivacyframework.gov/s/participant-search/participant-detail?contact=true&id=a2zt000000001L5AAI&status=Active
Details can be found in Facebook's privacy policy:
https://www.facebook.com/about/privacy/.
(ii) Instagram
We have a corporate presence on Instagram. The provider of this service is Meta EU.
Data transfer to the USA is based on the standard contractual clauses of the EU Commission. You can find details here:
https://www.facebook.com/legal/EU_data_transfer_addendum,
https://help.instagram.com/519522125107875 und
https://de-de.facebook.com/help/566994660333381.
The company is certified in accordance with the “EU-US Data Privacy Framework” (DPF). The DPF is an agreement between the European Union and the USA that is intended to ensure compliance with European data protection standards for data processing in the USA. Every company certified under the DPF undertakes to comply with these data protection standards. Further information on this can be obtained from the provider at the following link:
https://www.dataprivacyframework.gov/s/participant-search/participant-detail?contact=true&id=a2zt000000001L5AAI&status=Active
Details on how they handle your personal data can be found in Instagram's privacy policy:
https://help.instagram.com/519522125107875.
(iii) X
We have a company presence on X (formerly Twitter). The provider of this service is X Corp.
If you carry out an action on our X corporate website (e.g. comments, posts, likes, etc.), you may make personal data (e.g. real name or photo of your user profile) public. However, since we generally, or to a large extent, have no influence on the processing of your personal data by Company X, which is jointly responsible for the ENVIRIA corporate website, we cannot provide any binding information on the purpose and scope of the processing of your data.
The data transfer to the USA as a third country is based by X on the standard contractual clauses of the EU Commission. Standard contractual clauses are templates provided by the EU Commission which are intended to ensure that personal data in the third country enjoys protection that meets the European data protection standard and are based on an implementing decision of the EU Commission (https://eur-lex.europa.eu/eli/dec_impl/2021/914/oj?locale=de). Through the clauses, X therefore undertakes to comply with the European level of data protection when transferring, processing and storing personal data, even if the data is stored, processed or managed in the USA. You can find these standard contractual clauses from X here:
https://x.com/de/tos/previous/version-18
Details on how they handle your personal data can be found in X's privacy policy:
https://x.com/en/privacy
(iv) LinkedIn
We have a company presence on LinkedIn. The provider is LinkedIn Ireland Unlimited Company, Wilton Plaza, Wilton Place, Dublin 2, Ireland. LinkedIn uses advertising cookies.
If you wish to deactivate LinkedIn advertising cookies, please use the following link:
https://www.linkedin.com/psettings/guest-controls/retargeting-opt-out.
The data transfer to the USA as a third country is based by LinkedIn on the standard contractual clauses of the EU Commission. Standard contractual clauses are templates provided by the EU Commission to ensure that personal data in the third country is protected in accordance with the European data protection standard and are based on an implementing decision of the EU Commission (https://eur-lex.europa.eu/eli/dec_impl/2021/914/oj?locale=de). Through the clauses, LinkedIn therefore undertakes to comply with the European level of data protection when transferring, processing and storing personal data, even if the data is stored, processed or managed in the USA. You can find LinkedIn's standard contractual clauses here:
https://www.linkedin.com/legal/l/dpa and
https://www.linkedin.com/legal/l/eu-sccs.
Details on how they handle your personal data can be found in LinkedIn's privacy policy:
https://www.linkedin.com/legal/privacy-policy.
(v) Xing
We have a company presence on Xing. The provider is New Work SE.
If you carry out an action on our company presence on Xing (e.g. comments, posts, likes, etc.), you may make personal data (e.g. real name or photo of your user profile) public.
Our company website serves to inform users about our services. Every user is free to publish personal data through activities.
The legal basis for the processing of your data in connection with the use of our company website is Art. 6 para. 1 sentence 1 lit. f GDPR.
We store your activities and personal data published via our company website until you withdraw your consent. In addition, we comply with the statutory retention periods.
You can object to the processing of your personal data that we collect when you use our company website at any time and assert your rights as a data subject as set out in this privacy policy. To do so, send us an informal email to info@enviria.energy. You can find further information on objection and removal options here:
https://privacy.xing.com/de/datenschutzerklaerung
Details on how they handle your personal data can be found in Xing's privacy policy:
https://privacy.xing.com/de/datenschutzerklärung
G. Further information
To contact us about data protection issues, please send an e-mail to info@enviria.energy.
Please note that this privacy policy applies exclusively to ENVIRIA websites. Insofar as our pages contain links to third-party websites, our data protection declaration does not apply to these. Please inform yourself on the respective pages about the data protection provisions applicable there.
You can find more information about us in our imprint: http://enviria.energy/impressum/.
If you have any questions or suggestions or requests, you can send an email to info@enviria.energy at any time. Changes to the data protection declaration. We reserve the right to change the data protection declaration to adapt it to changed legal situations or in the event of changes to the service and data processing. However, this only applies to declarations on data processing. If user consent is required or components of the privacy policy contain provisions of the contractual relationship with the users, the changes will only be made with the consent of the users. Users are requested to inform themselves regularly about the content of the privacy policy
Status: 18.02.2025
)
)
)
)
)
)
){kind=logo}
){kind=logo}
){kind=logo}
){kind=logo}