Data Privacy Policy and Consents

Date: January 2021

Name and address of the controller

The controller within the meaning of the General Data Protection Regulation and other national data protection laws of the Member States and other data protection provisions is:

Enviria Energy Holding GmbH
Niddastraße 35
60329 Frankfurt am Main
Germany


+49 800 500 00 25
datenschutz@enviria.energy
https://enviria.energy

The “controller” is the natural or legal person who alone or jointly with others determines the purposes and means of the processing of personal data (e.g. names, e-mail addresses or similar).

Contact details of the data protection officer

The data protection officer of the controller is:

Data Protect Plus UG (haftungsbeschränkt)
Hermannstr. 6
60318 Frankfurt am Main
Germany
+49 (0)69 20835344
www.dataprotectplus.de

General information on data processing

This data protection declaration provides information on the collection, processing and use (hereinafter collectively referred to as “Processing“) of your personal data within the ENVIRIA online system and websites, functions and services offered within the framework of this system, irrespective of the domains, systems, platforms and devices used (hereinafter also collectively referred to as “Website“) and the associated services by ENVIRIA Energy Holding GmbH, Mainzer Landstrasse 33, 60329 Frankfurt am Main (hereinafter “ENVIRIA“, “we” or “us“) as the body responsible under data protection law. The operators of these pages take the protection of your personal data very seriously. We treat your personal data confidentially and in accordance with the statutory data protection regulations and this privacy policy. When you use this website, various personal data of users will be collected. 

“Personal data” is data by which you can be personally identified. This Privacy Policy explains what data we collect and what we use it for. It also explains how and for what purpose this is done.

The term “user” includes all users and visitors of the Website. The terms used in this privacy policy, such as “user”, are to be understood as gender-neutral. If this privacy policy contains consents, these are highlighted (e.g. in bold).

We point out that data transmission over the Internet (e.g. communication by e-mail) can have security gaps. Complete protection of data against access by third parties is not possible.

Who is responsible for data collection on this website?

Data processing on this website is carried out by the website operator. You can find his contact details in the imprint of this website.

How do we collect your data?

On the one hand, your data is collected by you providing it to us. This can be, for example, data that you enter in a contact form.

Other data is collected automatically or after your consent when you visit the website by our IT systems. This is mainly technical data (e.g. Internet browser, operating system or time of page view). This data is collected automatically as soon as you enter this website.

What do we use your data for?

Some of the data is collected to ensure error-free provision of the website. Other data may be used to analyze your user behavior.

  1. Scope of the processing of personal data 

ENVIRIA takes the protection of your personal data seriously. Personal data will only be collected, processed and used by ENVIRIA if this is necessary to provide a functional website and our content and services. The processing of personal data of our users takes place regularly only after consent of the user. An exception applies in those cases in which obtaining prior consent is not possible for actual reasons and the processing of the data is required by legal regulations.

  1. Legal basis for the processing of personal data

Insofar as we obtain the consent of the data subject for processing operations involving personal data, Art. 6 (1) p. 1 lit. A EU General Data Protection Regulation (GDPR) serves as the legal basis.

When processing personal data that is necessary for the performance of a contract to which the data subject is a party, Article 6 (1) sentence 1 lit. b GDPR serves as the legal basis. This also applies to processing operations that are necessary for the performance of pre-contractual measures.

Insofar as the processing of personal data is necessary for the fulfilment of a legal obligation to which our company is subject, Art. 6 (1) sentence 1 lit. c GDPR serves as the legal basis.

In the event that vital interests of the data subject or another natural person make it necessary to process personal data, Article 6 (1) sentence 1 lit. d GDPR serves as the legal basis.

If the processing is necessary to protect a legitimate interest of our company or a third party and if the interests, fundamental rights and freedoms of the data subject do not outweigh the first-mentioned interest, Article 6 (1) sentence 1 lit. f GDPR serves as the legal basis for the processing.

  1. Data deletion and storage duration 

The personal data of the data subject shall be deleted or blocked as soon as the purpose of storage ceases to apply. Storage may also take place if this has been provided for by the European or national legislator in Union regulations, laws or other provisions to which the controller is subject. Data will also be blocked or deleted if a storage period prescribed by the aforementioned standards expires, unless there is a need for further storage of the data for the conclusion or performance of a contract.

  1. Data security

We process personal data of users only in compliance with the relevant data protection provisions in accordance with the principles of data economy and data avoidance. This means that the user’s data will only be processed if a legal permission exists, in particular if the data is necessary for the provision of our contractual services and online services, or is required by law, or if consent has been given.

We take organizational, contractual and technical security measures in accordance with the state of the art to ensure that the provisions of data protection laws are complied with and to protect the data processed by us against accidental or intentional manipulation, loss, destruction or against access by unauthorized persons.

  1. Third-party provider

If content, tools or other means from other providers (hereinafter collectively referred to as “Third Party Providers“) are used within the scope of this data protection declaration and their named registered office is abroad, it is to be assumed that a transfer of data to the countries in which the third-party providers are based takes place. The transfer of data to third countries takes place either on the basis of a legal permission, user consent or special contractual clauses that guarantee a legally required security of the data.

IV. Rights of the data subject

If your personal data is processed, you are a data subject within the meaning of the GDPR and you have the following rights vis-à-vis the controller:

  1. Right to information

You may request confirmation from the controller as to whether personal data concerning you are being processed by him.

If such processing is taking place, you may request information from the controller about the following:

  1. the purposes for which the personal data are processed;
  2. the categories of personal data which are processed;
  3. the recipients or categories of recipients to whom the personal data concerning you have been or will be disclosed;
  4. the planned duration of the storage of the personal data relating to you or, if specific information on this is not possible, criteria for determining the storage period;
  5. the existence of a right to rectification or erasure of the personal data concerning you, a right to restriction of processing by the controller or a right to object to such processing;
  6. the existence of a right of appeal to a supervisory authority;
  7. any available information on the origin of the data, if the personal data are not collected from the data subject;
  8. the existence of automated decision-making, including profiling, pursuant to Article 22(1) and (4) of the GDPR and, at least in these cases – meaningful information about the logic involved and the scope and intended effects of such processing for the data subject.

You have the right to request information about whether the personal data concerning you is transferred to a third country or to an international organization. In this context, you may request to be informed about the appropriate safeguards pursuant to Art. 46 GDPR in connection with the transfer.

  1. Right to rectification

You have a right to rectification and/or completion vis-à-vis the controller, insofar as the processed personal data concerning you are inaccurate or incomplete. The controller shall carry out the rectification without undue delay.

  1. Right to restriction of processing 

Under the following conditions, you may request the restriction of the processing of personal data concerning you:

  1. you contest the accuracy of the personal data concerning you for a period enabling the controller to verify the accuracy of the personal data;
  2. the processing is unlawful and you object to the erasure of the personal data and request instead the restriction of the use of the personal data;
  3. the controller no longer needs the personal data for the purposes of the processing, but you need it for the assertion, exercise or defense of legal claims; or
  4. if you have objected to the processing pursuant to Article 21 (1) GDPR and it has not yet been determined whether the legitimate grounds of the controller outweigh your grounds.

If the processing of personal data concerning you has been restricted, such data may – apart from being stored – only be processed with your consent or for the establishment, exercise or defense of legal claims or for the protection of the rights of another natural or legal person or for reasons of important public interest of the Union or a Member State.

If the restriction of processing has been restricted in accordance with the above conditions, you will be informed by the controller before the restriction is lifted.

  1. Right to deletion
  2. a) Obligation to delete

You may request the controller to delete the personal data concerning you without undue delay, and the controller is obliged to delete such data without undue delay, if one of the following reasons applies:

  1. the personal data concerning you are no longer necessary for the purposes for which they were collected or otherwise processed.
  2. you revoke your consent on which the processing was based pursuant to Art. 6 (1) sentence 1 lit. a or Art. 9 (2) lit. a GDPR and there is no other legal basis for the processing.
  3. you object to the processing pursuant to Art. 21 (1) GDPR and there are no overriding legitimate grounds for the processing, or you object to the processing pursuant to Art. 21 (2) GDPR. 
  4. the personal data concerning you has been processed unlawfully.
  5. the erasure of the personal data concerning you is necessary for compliance with a legal obligation under Union or Member State law to which the controller is subject.
  6. the personal data concerning you has been collected in relation to information society services offered pursuant to Art. 8(1) GDPR.
  7. b) Information on third parties

If the controller has made the personal data concerning you public and is obliged to erase it pursuant to Article 17(1) of the GDPR, it shall take reasonable measures, including technical measures, having regard to the available technology and the cost of implementation, to inform data controllers which process the personal data that you, as the data subject, have requested that they erase all links to or copies or replications of such personal data.

  1. c) Exemptions

The right to deletion does not exist insofar as the processing is necessary for

  1. for the exercise of the right to freedom of expression and information;
  2. for compliance with a legal obligation which requires processing under Union or Member State law to which the controller is subject, or for the performance of a task carried out in the public interest or in the exercise of official authority vested in the controller;
  3. for reasons of public interest in the area of public health pursuant to Article 9(2)(h) and (i) and Article 9(3) of the GDPR;
  4. for archiving purposes in the public interest, scientific or historical research purposes or statistical purposes pursuant to Art. 89(1) GDPR, insofar as the right referred to in section a) is likely to render impossible or seriously prejudice the achievement of the purposes of such processing; or
  5. for the assertion, exercise or defense of legal claims.
  6. Right to information

If you have asserted the right to rectification, erasure or restriction of processing against the controller, the controller is obliged to notify all recipients to whom the personal data concerning you has been disclosed of this rectification or erasure of the data or restriction of processing, unless this proves impossible or involves a disproportionate effort.

You have the right against the controller to be informed about these recipients.

  1. Right to data portability

You have the right to receive the personal data concerning you that you have provided to the controller in a structured, commonly used and machine-readable format. You also have the right to transfer this data to another controller without hindrance from the controller to whom the personal data was provided, provided that

  1. the processing is based on consent pursuant to Art. 6 para. 1 sentence 1 lit. a GDPR or Art. 9 para. 2 lit. a GDPR or on a contract pursuant to Art. 6 para. 1 sentence 1 lit. b GDPR and
  2. the processing is carried out with the help of automated processes.

In exercising this right, you also have the right to have the personal data concerning you transferred directly from one controller to another controller, insofar as this is technically feasible. Freedoms and rights of other persons must not be affected by this.

The right to data portability does not apply to processing of personal data necessary for the performance of a task carried out in the public interest or in the exercise of official authority vested in the controller.

  1. Right of objection

You have the right to object at any time, on grounds relating to your particular situation, to the processing of personal data relating to you which is carried out on the basis of Article 6 (1) sentence 1 lit. e or f GDPR; this also applies to profiling based on these provisions.

The controller shall no longer process the personal data concerning you unless it can demonstrate compelling legitimate grounds for the processing which override your interests, rights and freedoms, or for the establishment, exercise or defense of legal claims.

If the personal data concerning you is processed for the purpose of direct marketing, you have the right to object at any time to the processing of personal data concerning you for the purpose of such marketing; this also applies to profiling, insofar as it is related to such direct marketing.

If you object to processing for direct marketing purposes, the personal data concerning you will no longer be processed for these purposes.

You have the possibility, in connection with the use of information society services – notwithstanding Directive 2002/58/EC – to exercise your right to object by means of automated procedures using technical specifications.

  1. Right to revoke the declaration of consent under data protection law

Many data processing operations are only possible with your express consent. You have the right to revoke your declaration of consent under data protection law at any time. For this purpose, an informal communication by e-mail to us is sufficient. The revocation of consent does not affect the lawfulness of the processing carried out on the basis of the consent until the revocation.

Objection to advertising e-mails

The use of contact data published within the framework of the imprint obligation for the transmission of advertising and information material not expressly requested is hereby objected to. The operators of the pages expressly reserve the right to take legal action in the event of the unsolicited sending of advertising information, such as spam e-mails.

Right to object to data collection in special cases and to direct advertising (Art. 21 GDPR)

IF DATA PROCESSING IS CARRIED OUT ON THE BASIS OF ART. 6 ABS. 1 LIT. E OR F GDPR, YOU HAVE THE RIGHT TO OBJECT TO THE PROCESSING OF YOUR PERSONAL DATA AT ANY TIME FOR REASONS ARISING FROM YOUR PARTICULAR SITUATION; THIS ALSO APPLIES TO PROFILING BASED ON THESE PROVISIONS. THE RESPECTIVE LEGAL BASIS ON WHICH PROCESSING IS BASED CAN BE FOUND IN THIS PRIVACY POLICY. IF YOU OBJECT, WE WILL NO LONGER PROCESS YOUR PERSONAL DATA CONCERNED UNLESS WE CAN DEMONSTRATE COMPELLING LEGITIMATE GROUNDS FOR THE PROCESSING WHICH OVERRIDE YOUR INTERESTS, RIGHTS AND FREEDOMS, OR THE PROCESSING IS FOR THE PURPOSE OF ASSERTING, EXERCISING OR DEFENDING LEGAL CLAIMS (OBJECTION UNDER ARTICLE 21(1) GDPR).

IF YOUR PERSONAL DATA ARE PROCESSED FOR THE PURPOSE OF DIRECT MARKETING, YOU HAVE THE RIGHT TO OBJECT AT ANY TIME TO THE PROCESSING OF PERSONAL DATA CONCERNING YOU FOR THE PURPOSE OF SUCH MARKETING; THIS ALSO APPLIES TO PROFILING INSOFAR AS IT IS RELATED TO SUCH DIRECT MARKETING. IF YOU OBJECT, YOUR PERSONAL DATA WILL SUBSEQUENTLY NO LONGER BE USED FOR THE PURPOSE OF DIRECT MARKETING (OBJECTION PURSUANT TO ARTICLE 21 (2) GDPR).

  1. Automated decision in individual cases including profiling

You have the right not to be subject to a decision based solely on automated processing – including profiling – which produces legal effects concerning you or similarly significantly affects you. This does not apply if the decision:

  1. is necessary for the conclusion or performance of a contract between you and the controller;
  2. is permissible on the basis of legal provisions of the Union or the Member States to which the controller is subject and these legal provisions contain appropriate measures to protect your rights and freedoms as well as your legitimate interests; or
  3. is done with your express consent.

However, these decisions may not be based on special categories of personal data pursuant to Article 9(1) of the GDPR, unless Article 9(2)(a) or (b) of the GDPR applies and appropriate measures have been taken to protect the rights and freedoms and your legitimate interests.

With regard to the cases mentioned in 1. and 3. above, the controller shall take reasonable steps to safeguard the rights and freedoms as well as your legitimate interests, which include at least the right to obtain the intervention of a person on the part of the controller, to express his or her point of view and to contest the decision.

  1. Right to complain to a supervisory authority

You have the right to lodge a complaint with a supervisory authority, in particular in the Member State of your residence, workplace or the place of the alleged infringement, if you consider that the processing of personal data relating to you infringes the GDPR. The right of appeal is without prejudice to other administrative or judicial remedies.

The supervisory authority to which the complaint has been lodged shall inform the complainant of the status and outcome of the complaint, including the possibility of a judicial remedy under Article 78 GDPR.

V. Provision of the website and creation of the log files
  1. Description and scope of Data Processing

Each time you visit our website, our system automatically collects data and information from the computer system of the calling computer. This website is hosted on servers at an external service provider commissioned by us, [] (hoster). The personal data collected on this website is stored on the hoster’s servers.

The servers automatically collect and store information in so-called server log files, which your browser automatically transmits when you visit the website.

Among others, the following data is collected in the process:

  • information about the browser type and version used.
  • the operating system of the user
  • the user’s Internet service provider
  • host name of the accessing computer
  • date and time of the server request
  • referrer URL (the previously visited page)
  • name of the requesting provider
  • the IP address of the user
  • date and time of access
  • the amount of data transferred
  • web pages from which the user’s system accesses our website
  • web pages that are accessed by the user’s system via our website

This data is stored in the log files of our system. This data is not stored together with other personal data of the user. This data is not merged with other data sources. 

The location of the server of the website is geographically in Germany.

  1. Purpose of the Data Processing

The host is used for the purpose of fulfilling contracts with our potential and existing customers (Art. 6 para. 1 lit. b GDPR) and in the interest of a secure, fast and efficient provision of our website by a professional provider (Art. 6 para. 1 lit. f GDPR). The temporary storage of the IP address by the system is necessary to enable delivery of the website to the user’s computer. For this purpose, the IP address of the user must remain stored for the duration of the session. The website operator has a legitimate interest in the technically error-free presentation and optimization of his website – for this purpose, the server log files must be recorded.

The storage in log files is done to ensure the functionality of the website. In addition, we use the data to optimize the website and to ensure the security of our information technology systems. We use the log data without attribution to the person of the user or other profiling in accordance with legal requirements only for statistical analysis for the purpose of operation, security and optimization of the website. However, we reserve the right to check the log data retrospectively if there is a justified suspicion of unlawful use on the basis of concrete indications. An evaluation of the data for marketing purposes does not take place in this context.

These purposes are also our legitimate interest in data processing according to Art. 6 para. 1 p. 1 lit. f GDPR.

  1. Legal Basis for Data Processing

The legal basis for the temporary storage of the data and the log files is Art. 6 para. 1 p. 1 lit. f GDPR.

  1. Duration of Storage

The data is deleted as soon as it is no longer required to achieve the purpose for which it was collected. In the case of the collection of data for the provision of the website, this is the case when the respective session has ended.

In the case of storage of data in log files, this is the case after seven days at the latest. Storage beyond this period is possible. In this case, the IP addresses of the users are deleted or alienated, so that an assignment of the calling client is no longer possible.

  1. Possibility of objection and removal

The collection of data for the provision of the website and the storage of the data in log files is absolutely necessary for the operation of the website. Consequently, there is no possibility of objection on the part of the user.

  1. Conclusion of a commissioned processing agreement

In order to ensure data protection-compliant processing, we have concluded an order processing agreement with our hoster.

  1. SSL or TLS Encryption

For security reasons and to protect the transmission of confidential content, such as orders or requests that you send to us as the site operator, this site uses SSL or TLS encryption. You can recognize an encrypted connection by the fact that the address line of the browser changes from “http://” to “https://” and by the lock symbol in your browser line.

If SSL or TLS encryption is activated, the data you transmit to us cannot be read by third parties.

  1. Encrypted payment transactions on this website

If, after the conclusion of a contract with costs, there is an obligation to transmit your payment data to us (e.g. account number in the case of direct debit authorization), this data is required for payment processing.

Payment transactions via the common means of payment (Visa/MasterCard, direct debit) are made exclusively via an encrypted SSL or TLS connection. You can recognize an encrypted connection by the fact that the address line of the browser changes from “http://” to “https://” and by the lock symbol in your browser line.

With encrypted communication, your payment data that you transmit to us cannot be read by third parties.

  1. Use of analytics tools, cookies and third-party tools
  2. Description and scope of data processing

When visiting this website, your surfing behavior can be statistically evaluated. This is done mainly with cookies and with so-called analysis programs.

Our Internet pages use so-called “cookies”. Cookies are small text files and do not cause any damage to your terminal device. They are stored either temporarily for the duration of a session (session cookies) or permanently (permanent cookies) on your end device. Session cookies are automatically deleted at the end of your visit. Permanent cookies remain stored on your terminal device until you delete them yourself or an automatic solution is provided by your web browser.

In some cases, cookies from third-party companies may also be stored on your terminal device when you enter our site (third-party cookies). These enable us or you to use certain services of the third-party company (e.g. cookies for processing payment services).

Cookies have various functions. Many cookies are technically necessary, as certain website functions would not work without them (e.g. the shopping cart function or the display of videos). Other cookies are used to evaluate user behavior or display advertising.

Cookies that are necessary to carry out the electronic communication process (necessary cookies) or to provide certain functions that you have requested (functional cookies, e.g. for the shopping cart function) or to optimize the website (e.g. cookies to measure the web audience) are stored on the basis of Art. 6 (1) lit. f GDPR, unless another legal basis is specified. The website operator has a legitimate interest in storing cookies for the technically error-free and optimized provision of its services. If consent to the storage of cookies has been requested, the storage of the cookies in question is based exclusively on this consent (Art. 6 para. 1 lit. a GDPR); consent can be revoked at any time.

You can set your browser so that you are informed about the setting of cookies and only allow cookies in individual cases, exclude the acceptance of cookies for certain cases or in general and activate the automatic deletion of cookies when closing the browser. If cookies are deactivated, the functionality of this website may be limited.

Insofar as cookies are used by third-party companies or for analysis purposes, we will inform you separately about this within the scope of this data protection declaration and, if necessary, request your consent.

Cookie consent with Borlabs cookie

Our website uses the cookie consent technology of Borlabs Cookie to obtain your consent to the storage of certain cookies in your browser and to document this in accordance with data protection law. The provider of this technology is Borlabs – Benjamin A. Bornschein, Georg-Wilhelm-Str. 17, 21107 Hamburg (hereinafter Borlabs).

When you enter our website, a Borlabs cookie is stored in your browser, in which the consents you have given or the revocation of these consents are stored. This data is not shared with the Borlabs cookie provider.

The collected data will be stored until you request us to delete it or until you delete the Borlabs cookie yourself or until the purpose for storing the data no longer applies. Mandatory legal retention periods remain unaffected. Details on the data processing of Borlabs Cookie can be found at https://de.borlabs.io/kb/welche-daten-speichert-borlabs-cookie/.

Server log files

The provider of the pages automatically collects and stores information in so-called server log files, which your browser automatically transmits to us. These are:

  • browser type and browser version
  • operating system used
  • referrer URL
  • host name of the accessing computer
  • time of the server request
  • IP address

This data is not merged with other data sources.

  1. Purpose of data processing

Users are informed about the use of cookies in the context of pseudonymous reach measurement within the scope of this privacy policy. In addition, cookies are used for display purposes or legally required functions, such as noting that the cookie notice banner has been confirmed, range measurement should not take place (so-called “opt-out” cookie) or adapting the website design to different devices. The purpose of using technically necessary cookies is to simplify the use of websites for users. Some functions of our website cannot be offered without the use of cookies. For these, it is necessary that the browser is recognized even after a page change. Cookies are required for the following applications:

  • Adoption of language settings

The viewing of this online offer is also possible under exclusion of cookies. The user data collected through technically necessary cookies are not used to create user profiles.

In these purposes also lies our legitimate interest in the processing of personal data according to Art. 6 para. 1 p. 1 lit. f GDPR.

  1. Legal basis for data processing

The legal basis for the processing of personal data using technically necessary cookies is Art. 6 para. 1 p. 1 lit. f GDPR.

The legal basis for the processing of personal data using cookies for analysis purposes is Art. 6 para. 1 p. 1 lit. a GDPR if the user has given his consent in this regard.

The use of Bborlabs cookie consent technology takes place in order to obtain the legally required consent for the use of cookies. The legal basis for this is Art. 6 para. 1 p. 1 lit. c GDPR.

The collection of server log data is based on Art. 6 para. 1 lit. f GDPR. The website operator has a legitimate interest in the technically error-free presentation and optimization of its website – for this purpose, the server log files must be collected.

  1. Duration of storage, possibility of objection and elimination

Cookies are stored on the user’s computer and transmitted to our site by the user. Therefore, you as a user also have full control over the use of cookies. By changing the settings in your Internet browser, you can disable or restrict the transmission of cookies. Cookies that have already been stored can be deleted at any time. This can also be done automatically. If users do not want cookies to be stored on their computer, they are asked to disable the corresponding option in the system settings of their browser. Stored cookies can be deleted in the system settings of the browser. If cookies are deactivated for our website, it may no longer be possible to use all the functions of the website in full.

VII. Contact via E-mail, Telefax or Phone
  1. Description and scope of data processing

On our website, it is possible to contact us via the e-mail address provided. In this case, the user’s personal data transmitted with the e-mail will be stored.

If you contact us by e-mail, telephone or fax, your inquiry including all resulting personal data (name, inquiry) will be stored and processed by us for the purpose of processing your request. We will not pass on this data without your consent.

  1. Purpose of data processing

In the case of contact by e-mail, telefax or phone this also constitutes the necessary legitimate interest in processing the data.

  1. Legal basis of the data processing

The processing of this data is based on Art. 6 (1) lit. b GDPR, if your request is related to the performance of a contract or is necessary for the implementation of pre-contractual measures. In all other cases, the processing is based on our legitimate interest in the effective processing of requests addressed to us (Art. 6 para. 1 lit. f GDPR) or on your consent (Art. 6 para. 1 lit. a GDPR) if this was requested.

  1. Duration of storage

The data you send to us via contact requests will remain with us until you request us to delete it, revoke your consent to store it, or the purpose for storing the data no longer applies (e.g. after we have completed processing your request). For personal data sent by e-mail, this is the case when the respective conversation with the user has ended. The conversation is ended when the circumstances indicate that the matter in question has been conclusively clarified.

Mandatory statutory provisions – in particular statutory retention periods – shall remain unaffected.

  1. Possibility of objection and elimination

The user has the possibility to revoke his consent to the processing of personal data at any time. If the user contacts us by e-mail, he can object to the storage of his personal data at any time. In such a case, the conversation cannot be continued. To do so, please send us an informal e-mail to info@enviria.energy.

All personal data stored in the course of contacting us will be deleted in this case.

VIII.  Registration on the Website

  1. Description and scope of data processing

You can register on this website to use additional functions on the site. We use the data entered for this purpose only for the purpose of using the respective offer or service for which you have registered. The mandatory information requested during registration must be provided in full. Otherwise we will reject the registration.

For important changes, for example in the scope of the offer or for technically necessary changes, we use the e-mail address provided during registration to inform you in this way.

  1. Purpose of the processing

The processing of the data entered during registration is carried out for the purpose of implementing the user relationship established by the registration and, if necessary, for initiating further contracts (Art. 6 para. 1 lit. b GDPR).

  1. Legal basis for data processing

The processing of this data is based on Art. 6 (1) lit. b GDPR, insofar as your request is related to the performance of a contract or is necessary for the implementation of pre-contractual measures.

  1. Duration of storage

The data collected during registration will be stored by us as long as you are registered on this website and will then be deleted. Legal retention periods remain unaffected.

  1. Possibility of objection and removal

The user has the possibility to revoke his consent to the processing of personal data at any time. If the user contacts us by e-mail, he can object to the storage of his personal data at any time. In such a case, the conversation cannot be continued.

To do so, please send us an informal e-mail to info@enviria.energy.

All personal data stored in the course of registration will be deleted in this case.

  1. Comment function on this website
  2. Description and scope of data processing

For the comment function on this site, in addition to your comment, information on the time of creation of the comment, your e-mail address and, if you do not post anonymously, the username you have chosen will be stored.

Storage of the IP address

Our comment function stores the IP addresses of users who post comments. Since we do not check comments on this website before they are activated, we need this data to be able to take action against the author in the event of legal violations such as insults or propaganda.

Subscribing to comments

As a user of the site, you can subscribe to comments after registering. You will receive a confirmation e-mail to verify that you are the owner of the e-mail address provided. You can unsubscribe from this function at any time via a link in the info e-mails. In this case, the data entered in the context of subscribing to comments will be deleted; however, if you have transmitted this data to us for other purposes and at another point (e.g. newsletter order), this data will remain with us.

  1. Purpose of data processing

In the case of contacting us via the comment function, this also constitutes the necessary legitimate interest in processing the data.

  1. Legal basis for data processing

The storage of comments is based on your consent (Art. 6 para. 1 lit. a GDPR). You can revoke any consent you have given at any time. For this purpose, an informal communication by e-mail to us is sufficient. The legality of the data processing operations already carried out remains unaffected by the revocation.

  1. Duration of storage

The comments and the associated data (e.g. IP address) are stored and remain on this website until the commented content has been completely deleted or the comments must be deleted for legal reasons (e.g. offensive comments).

  1. Possibility of objection and removal

The user has the possibility to revoke his consent to the processing of personal data at any time. If the user contacts us via comment function, he can object to the storage of his personal data at any time. In such a case, the conversation cannot be continued.

To do so, please send us an informal e-mail to info@enviria.energy.

All personal data stored in the course of the comment function will be deleted in this case.

  1. Newsletter
    If you would like to receive the newsletter offered on the website, we require an e-mail address from you as well as information that allows us to verify that you are the owner of the specified e-mail address and agree to receive the newsletter. Further data is not collected or only on a voluntary basis. We use this data exclusively for sending the requested information and do not pass it on to third parties.

E-mails containing promotional information about us, our services and offers will only be sent to you with your express consent.

Unless the contents of the newsletter are expressly described in the course of registration, the newsletters contain information about our company and our services and offers, in particular for service areas that the recipient has declared as belonging to his or her interests.

In contrast, notifications sent within the scope of contractual or business relationships do not belong to promotional information. This includes, for example, the sending of service e-mails or comparable services, technical or organizational notices within the scope of our service provision, notices regarding technical and legal changes, queries regarding orders, etc.

Before the newsletter is sent, the e-mail owner receives a confirmation e-mail in which he or she must confirm the newsletter registration. Unconfirmed registrations are automatically deleted within four weeks at the latest.

The registrations for the newsletter are logged in order to be able to prove the registration process in accordance with the legal requirements. This includes in particular the recording of the registration and confirmation time.

Users can revoke their consent to the storage of data, the e-mail address and their use for sending newsletters at any time. The revocation can be made, for example, via a link within the newsletter.

After you have unsubscribed from the newsletter distribution list, your e-mail address will be stored by us or the newsletter service provider in a blacklist, if necessary, in order to prevent future mailings. The data from the blacklist will only be used for this purpose and will not be merged with other data. This serves both your interest and our interest in complying with legal requirements when sending newsletters (legitimate interest within the meaning of Art. 6 (1) lit. f GDPR). The storage in the blacklist is not limited in time. You can object to the storage if your interests outweigh our legitimate interest.

  1. CleverReach
  2. Description and scope of data processing

This website uses CleverReach to send newsletters. The provider is CleverReach GmbH & Co. KG, Mühlenstr. 43, 26180 Rastede. CleverReach is a service with which the newsletter dispatch can be organized and analyzed. The data you enter for the purpose of receiving newsletters (e.g. e-mail address) is stored on CleverReach’s servers in Germany or Ireland.

For more details, please refer to the data protection provisions of CleverReach at: https://www.cleverreach.com/de/datenschutz/.

  1. Purpose of data processing

Our newsletters sent with CleverReach enable us to analyze the behavior of newsletter recipients. Here, among other things, it can be analyzed how many recipients have opened the newsletter message and how often which link in the newsletter was clicked. With the help of so-called conversion tracking, it can also be analyzed whether a predefined action (e.g. purchase of a product on this website) has taken place after clicking on the link in the newsletter. For more information on data analysis by CleverReach newsletters, please visit: https://www.cleverreach.com/de/funktionen/reporting-und-tracking/.

  1. Legal basis of data processing

Data processing is based on your consent (Art. 6 para. 1 lit. a GDPR). You can revoke this consent at any time by unsubscribing from the newsletter. The legality of the data processing operations already carried out remains unaffected by the revocation.

  1. Duration of storage

If you do not want any analysis by CleverReach, you must unsubscribe from the newsletter. For this purpose, we provide a corresponding link in each newsletter message. Furthermore, you can also unsubscribe from the newsletter directly on the website.

The data you provide for the purpose of receiving the newsletter will be stored by us or the newsletter service provider until you unsubscribe from the newsletter and will be deleted from the newsletter distribution list after you unsubscribe. Data that has been stored by us for other purposes remains unaffected by this.

After you have unsubscribed from the newsletter distribution list, your e-mail address may be stored by us or the newsletter service provider in a blacklist to prevent future mailings. The data from the blacklist will only be used for this purpose and will not be merged with other data. This serves both your interest and our interest in complying with legal requirements when sending newsletters (legitimate interest within the meaning of Art. 6 (1) lit. f GDPR). The storage in the blacklist is not limited in time. You may object to the storage if your interests outweigh our legitimate interest.

  1. Conclusion of an order processing contract

We have concluded an order processing contract with CleverReach and fully implement the strict requirements of the German data protection authorities when using CleverReach.

XII. Contact form

  1. Description and scope of data processing

On our website there is a contact form for requesting an offer, which can be used for electronic contact. If you send us inquiries via the contact form, your data from the inquiry form including the contact data you provided there will be stored by us for the purpose of processing the inquiry and in case of follow-up questions. We do not pass on this data without your consent. At the time the message is sent, the following data is stored:

  1. e-mail address
  2. name of contact person (optional)
  3. telephone / mobile phone number (optional)
  4. IP address of the calling computer
  5. date and time of contact
  6. comment (optional)

For the processing of the data, your consent is obtained during the submission process and reference is made to this privacy policy.

Alternatively, it is possible to contact us via the e-mail address provided. In this case, the personal data of the user transmitted with the e-mail will be stored.

We collect, process and use the information provided by you in the context of the offer request for the purpose of establishing, implementing and, if necessary, terminating a contract for the products or services requested by you. The preparation of an offer is free of charge and non-binding. We use your contact data to specify your request with you. In addition, we may ask you at a later date whether you have received the offer. For the purpose of order processing, it may be necessary for us to pass on your data to group companies or external service providers as part of order data processing. Your data will not be transferred to other third parties. The processing of personal data from the input mask serves us solely to process the request. In the case of contact by e-mail, this also constitutes the necessary legitimate interest in processing the data.

The other personal data processed during the sending process serve to prevent misuse of the contact form and to ensure the security of our information technology systems.

Your personal data will only be used by us for advertising purposes if you have previously given your consent to this. You can object to the use of your personal data for advertising purposes at any time without giving reasons, e.g. by sending an e-mail to info@enviria.energy.

We encourage all parents and guardians to instruct their children in the safe and responsible use of personal data on the Internet. Children should not submit any personal data to our website without the consent of their parents or guardians. We assure not to knowingly collect personal data from children, use it in any way or disclose it to third parties without authorization.

Declaration of consent

By sending my inquiry (by clicking on the “Send inquiry” button), I agree that ENVIRIA may collect, process and use my name as well as my contact and inquiry data in order to process my inquiry and, if necessary, to prepare a free, non-binding offer, and that my data may also be sent to the companies commissioned by ENVIRIA, i.e. e.g. a material supplier, by e-mail without encryption. I can revoke my consent at any time informally by e-mail to info@enviria.energy or by letter to ENVIRIA Energy Holding GmbH, Mainzer Landstr. 33, 60329 Frankfurt am Main with effect for the future.

  1. Lega basis of data processing

The processing of this data is based on Art. 6 (1) lit. b GDPR, if your request is related to the performance of a contract or is necessary for the implementation of pre-contractual measures. In all other cases, the processing is based on our legitimate interest in the effective processing of requests addressed to us (Art. 6 para. 1 lit. f GDPR) or on your consent (Art. 6 para. 1 lit. a GDPR) if this was requested.

  1. Duration of storage

The data you enter in the contact form will remain with us until you request us to delete it, revoke your consent to store it, or the purpose for storing the data no longer applies (e.g. after we have completed processing your request). Mandatory legal provisions – in particular retention periods – remain unaffected. 

The data is deleted as soon as it is no longer required to achieve the purpose for which it was collected. For the personal data from the input mask of the contact form and those sent by e-mail, this is the case when the respective conversation with the user has ended. The conversation is ended when it is clear from the circumstances that the matter in question has been conclusively clarified.

  1. Possibility of objection and removal

The user has the possibility to revoke his consent to the processing of personal data at any time. If the user contacts us by e-mail, he can object to the storage of his personal data at any time. In such a case, the conversation cannot be continued. To do so, please send us an informal e-mail to info@enviria.energy.

All personal data stored in the course of contacting us will be deleted in this case.

XIII. Cloudflare
  1. Description and scope of data processing

We use the service “Cloudflare”. The provider is Cloudflare Inc, 101 Townsend St, San Francisco, CA 94107, USA (hereinafter “Cloudflare“).

Cloudflare offers a globally distributed content delivery network with DNS. This technically routes the transfer of information between your browser and our website through Cloudflare’s network. This enables Cloudflare to analyze traffic between your browser and our website and serve as a filter between our servers and potentially malicious traffic from the Internet. In doing so, Cloudflare may also use cookies, but these are used solely for the purpose described here.

We have entered into an order processing agreement with Cloudflare. Cloudflare is also a certified participant of the “EU-US Privacy Shield Framework”. Cloudflare has committed to handling all personal data received from European Union (EU) member states in accordance with the “Privacy Shield Framework”.

For more information about Cloudflare’s security and privacy practices, please visit: https://www.cloudflare.com/privacypolicy/

  1. Purpose of data processing

The use of Cloudflare is based on our legitimate interest in providing our website as error-free and secure as possible (Art. 6 para. 1 lit. f GDPR).

  1. Legal basis for data processing

The legal basis for the processing of personal data using technically necessary cookies is Art. 6 para. 1 p. 1 lit. f GPDR.

4 Duration of storage

Your personal information will be stored for as long as necessary to fulfill the purposes described in this Privacy Policy or as required by law.

  1. Possibility of objection and removal.

You may object to the processing of your personal information collected by Cloudflare in the course of making the Website available at any time and exercise your data subject rights as set out in IV. of this Privacy Policy. To do so, send us an informal e-mail to info@enviria.energy.

XIV. Adobe Fonts

  1. Description and scope of data processing

This website uses web fonts from Adobe for the uniform display of certain fonts. The provider is Adobe Systems Incorporated, 345 Park Avenue, San Jose, CA 95110-2704, USA (“Adobe”).

When you access this website, your browser loads the required fonts directly from Adobe so that they can be displayed correctly on your terminal device. In doing so, your browser establishes a connection to Adobe’s servers in the USA. This enables Adobe to know that your IP address has been used to access this website. According to Adobe, no cookies are stored when providing the fonts.

Adobe is certified under the EU-US Privacy Shield. The Privacy Shield is an agreement between the United States of America and the European Union to ensure compliance with European data protection standards. For more information, visit: https://www.adobe.com/de/privacy/eudatatransfers.html.

For more information about Adobe Fonts, please visit: https://www.adobe.com/de/privacy/policies/adobe-fonts.html.

Adobe’s privacy policy can be found at: https://www.adobe.com/de/privacy/policy.html.

  1. Legal basis for data processing

The storage and analysis of the data is based on Art. 6 (1) lit. f GDPR. The website operator has a legitimate interest in the uniform presentation of the typeface on its website. If a corresponding consent has been requested (e.g. consent to the storage of cookies), the processing is carried out exclusively on the basis of Art. 6 (1) lit. a GDPR; the consent can be revoked at any time.

XV. Corporate Presences

Use of corporate presences in social networks

Use of YouTube

  1. Scope of the processing of personal data

We have included YouTube videos on our website. This way we can present you interesting videos directly on our site. YouTube is a video portal that has been a subsidiary of Google LLC since 2006 (“YouTube“). The video portal is operated by Google. When you call up a page on our website that has a YouTube video embedded, your browser automatically connects to the servers of YouTube or Google. In the process, various data are transferred (depending on the settings). Google is responsible for all data processing and Google’s privacy policy therefore also applies.

In the following, we would like to explain in more detail which data is processed, why we have embedded YouTube videos and how you can manage or delete your data.

What is YouTube?

On YouTube, users can watch, rate, comment on and upload videos for free. Over the last few years, YouTube has become one of the most important social media channels in the world. In order for us to display videos on our website, YouTube provides a code snippet that we have built into our site.

Why we use YouTube-Videos on our website?

YouTube is used in the interest of an appealing presentation of our online offers. What data is stored by YouTube?

As soon as you visit one of our pages that has a YouTube video embedded, YouTube sets at least one cookie that stores your IP address and our URL. 

We use YouTube in extended privacy mode. According to YouTube, this mode means that YouTube does not store any information about visitors to this website before they watch the video. However, the disclosure of data to YouTube partners is not necessarily excluded by the extended data protection mode. Thus, YouTube – regardless of whether you watch a video – establishes a connection to the Google DoubleClick network. As soon as you start a YouTube video on this website, a connection to YouTube’s servers is established. This tells the YouTube server which of our pages you have visited.

If you are logged into your YouTube account, YouTube can usually assign your interactions and surfing behavior on our website to your personal profile using cookies. This includes data such as session duration, bounce rate, approximate location, technical information such as browser type, screen resolution or your internet provider. Other data may include contact details, any ratings, sharing of content via social media or adding to your favorites on YouTube. You can prevent this by logging out of your YouTube account.

If you are not signed in to a Google Account or YouTube account, Google stores data with a unique identifier associated with your device, browser, or app. For example, your preferred language setting is retained. But a lot of interaction data can’t be stored because fewer cookies are set.

Furthermore, YouTube may store various cookies on your terminal device after starting a video. These cookies allow YouTube to obtain information about visitors to this website. This information is used, among other things, to collect video statistics, improve the user experience, and prevent fraud attempts. Cookies remain on your terminal device until you delete them.

If necessary, further data processing operations may be triggered after the start of a YouTube video, over which we have no control.

You can find more information about data protection at YouTube in their privacy policy at: https://policies.google.com/privacy?hl=de.

  1. Purpose of the processing of data

The processing of users’ personal data by YouTube enables us to analyze the performance of our advertising on YouTube and the interactions with YouTube users. By evaluating the data obtained, we are able to compile information about the use of the individual components of our offer. This helps us to constantly improve our advertising measures.

  1. Lega basis of data processing 

The legal basis for the processing of the users’ personal data is Art. 6 para. 1 p. 1 lit. f GDPR. Our legitimate interest here lies in the purposes of data processing mentioned under 2. If a corresponding consent was requested, the processing is based exclusively on Art. 6 para. 1 lit. a GDPR; the consent can be revoked at any time.

  1. Duration of processing

The data that YouTube receives from you and processes is stored on Google servers. Most of these servers are located in the USA. You can see exactly where Google data centers are located at https://www.google.com/about/datacenters/inside/locations/?hl=de. Your data is distributed across the servers. Thus, the data can be retrieved more quickly and is better protected against manipulation.

Google stores the collected data for different lengths of time. Some data you can delete at any time, others are automatically deleted after a limited time, and still others are stored by Google for a longer period of time. Some data (such as items from “My Activity”, photos or documents, products) stored in your Google Account will remain stored until you delete it. Even if you are not signed into a Google account, you can delete some data associated with your device, browser, or app.

  1. Possibility of objection and elimination

Basically, you can delete data in Google Account manually. With the automatic deletion function of location and activity data introduced in 2019, information is stored depending on your decision – either 3 or 18 months and then deleted.

Whether you have a Google account or not, you can configure your browser to delete or disable cookies from Google. Depending on which browser you use, this works in different ways. 

If you generally do not want cookies, you can set up your browser so that it always informs you when a cookie is to be set. This way, you can decide for each individual cookie whether you allow it or not. Since YouTube is a subsidiary of Google, there is a common privacy policy. If you want to learn more about how your data is handled, we recommend the privacy policy at https://policies.google.com/privacy?hl=de.

XVI. Use of company presences in job-oriented networks
  1. Description and scope of data processing

We use the possibility of company appearances on profession-oriented networks. We maintain a company presence on the following job-oriented networks:

LinkedIn:

LinkedIn, Unlimited Company Wilton Place, Dublin 2, Ireleand

On our website we provide information and offer users the possibility of communication.

The company website is used for job applications, information/PR and active sourcing.

We do not have any information on the processing of your personal data by the companies jointly responsible for the corporate presence. For more information, please refer to the privacy policy of:

LinkedIn:

https://www.linkedin.com/legal/privacy-policy?trk=hb_ft_priv 

If you carry out an action on our company website (e.g. comments, posts, likes, etc.), it is possible that you make personal data (e.g. clear name or photo of your user profile) public.

  1. Legal basis of the data processing

The legal basis for the processing of your data in connection with the use of our corporate presence is Art. 6 para. 1 p. 1 lit. f GDPR.

  1. Purpose of the data processing

Our company website serves to inform users about our services. In doing so, every user is free to publish personal data through activities.

  1. Duration of storage

We store your activities and personal data published via our corporate website until you revoke your consent. In addition, we comply with the statutory retention periods.

  1. Possibility of objection and removal 

You can object at any time to the processing of your personal data that we collect in the course of your use of our company website and assert your data subject rights as stated under IV. of this data protection declaration. To do so, send us an informal e-mail to the e-mail address stated in this data protection declaration.

In addition, LinkedIn has submitted to the Privacy Shield Agreement concluded between the European Union and the USA and has certified itself. In this way, LinkedIn undertakes to comply with the standards and regulations of European data protection law. You can find more detailed information in the entry linked below: https://www.privacyshield.gov/participant?id=a2zt0000000L0UZAA0&status=Active

You can find further information on objection and removal options here

LinkedIn:

https://www.linkedin.com/legal/privacy-policy?trk=hb_ft_priv 

XVII.        Used Plugins

We use plugins for various purposes. The plugins used are listed below:

LinkedIn Plugin

  1. Description and scope of data processing

This website uses functions of the LinkedIn network. The provider is LinkedIn Corporation, 2029 Stierlin Court, Mountain View, CA 94043, USA (“LinkedIn“).

Each time you access a page of this website that contains functions of LinkedIn, a connection to servers of LinkedIn is established. LinkedIn is informed that you have visited this website with your IP address. If you click the “Recommend Button” of LinkedIn and are logged into your account at LinkedIn, it is possible for LinkedIn to assign your visit to this website to you and your user account. We point out that we as the provider of the pages have no knowledge of the content of the transmitted data and its use by LinkedIn.

The use of the LinkedIn plugin is based on Art. 6 para. 1 lit. f GDPR. The website operator has a legitimate interest in ensuring the greatest possible visibility in social media. Insofar as a corresponding consent has been requested, the processing is carried out exclusively on the basis of Art. 6 para. 1 lit. a GDPR; the consent can be revoked at any time.

For more information on the collection and storage of data by LinkedIn in this regard, please refer to LinkedIn’s privacy policy at: https://www.linkedin.com/legal/privacy-policy.

  1. Purpose of the data processing

The processing of users’ personal data by LinkedIn Analytics enables us to analyze the surfing behavior of our users. By evaluating the data obtained, we are able to compile information about the use of the individual components of our offer. This helps us to continuously improve our online presence and in this context also to increase user-friendliness.

  1. Legal basis for the processing of personal data

The legal basis for the processing of users’ personal data is Art. 6 para. 1 p. 1 lit. f GDPR. Our legitimate interest here lies in the purposes of data processing stated under 2.

4 Duration of storage

Your personal information will be stored for as long as necessary to fulfill the purposes described in this Privacy Policy or as required by law.

  1. Possibility of objection and elimination

You can prevent the collection as well as the processing of your personal data by LinkedIn by preventing third-party cookies from being stored on your computer, using the “Do Not Track” function of a supporting browser, disabling the execution of script code in your browser or installing a script blocker such as NoScript (www.noscript.net) or Ghostery (www.ghostery.com) in your browser. You can use the following link to deactivate the use of your personal data by LinkedIn: https://www.linkedin.com/help/linkedin/answer/62931/manage-advertising-preferences

For more information on objection and removal options vis-à-vis LinkedIn, please visit: https://www.linkedin.com/legal/privacy-policy.

Use of LinkedIn Analytics
1. Description and scope of data processing

We use the analysis service LinkedIn Analytics of LinkedIn Corporation, 1000 W Maude, Sunnyvale, CA 94085, USA and its representative in the Union LinkedIn Ireland Unlimited Company, Wilton Place, Dublin 2, Ireland (“LinkedIn“). By using LinkedIn Analytics, pseudonymized usage profiles are created of the users. The profiles are used to analyze user behavior and are used to optimize our offer. The following data is processed in the process:

  1. information about the operating system
  2. device identifier
  3. internet service provider
  4. IP address
  5. referrer URL
  6. browser information

The data is processed on LinkedIn servers in the USA. LinkedIn has submitted to the Privacy Shield agreement concluded between the European Union and the USA and has certified itself. Thereby LinkedIn commits itself to comply with the standards and regulations of the European data protection law. You can find more information in the entry linked below:

https://www.privacyshield.gov/participant?id=a2zt0000000L0UZAA0&status=Active

Further information on the collection and storage of data by LinkedIn can be found here: https://www.linkedin.com/legal/privacy-policy

  1. Purpose of the data processing

The processing of users’ personal data by LinkedIn Analytics enables us to analyze the surfing behavior of our users. By evaluating the data obtained, we are able to compile information about the use of the individual components of our offer. This helps us to constantly improve our online presence and in this context also to increase user-friendliness.

  1. Legal basis of the processing of the data

The legal basis for the processing of the users’ personal data is Art. 6 para. 1 p. 1 lit. f DSGVO. Our legitimate interest here lies in the purposes of data processing mentioned under 2.

  1. Duration of storage

Your personal information will be retained for as long as necessary to fulfill the purposes described in this Privacy Policy or as required by law.

  1. Possibility of objection and removal

You can prevent the collection as well as the processing of your personal data by LinkedIn by preventing third-party cookies from being stored on your computer, by using the “Do Not Track” function of a supporting browser, by disabling the execution of script code in your browser or by installing a script blocker such as NoScript (www.noscript.net) or Ghostery (www.ghostery.com) in your browser. You can use the following link to deactivate the use of your personal data by LinkedIn: https://www.linkedin.com/help/linkedin/answer/62931/manage-advertising-preferences

For more information on objection and removal options vis-à-vis LinkedIn, please visit: https://www.linkedin.com/legal/privacy-policy.

Use of Google Analytics and other Google Services


  1. Description and scope of data processing

This website uses functions of the web analytics service We use Google Analytics Provider is Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland(“Google“). Google Analytics uses cookies. These are text files that are stored on your computer and enable an analysis of your use of the website. Google examines, among other things, the origin of visitors, their length of stay on individual pages and the use of search engines and thus allows a better control of the success of advertising campaigns. 

Google sets a cookie on your computer. As a result, personal data can be stored and evaluated, especially the activity of the user (in particular, which pages have been visited and on which elements have been clicked), device and browser information (in particular, the IP address and the operating system), data about the advertisements displayed (in particular, which advertisements were displayed and whether the user clicked on them) and also data from advertising partners (in particular, pseudonymized user IDs). Google will use this information on our behalf for the purpose of evaluating the use of our online offer by users, compiling reports on the activities within this online offer and providing us with other services relating to the use of this online offer and internet usage. 

The information generated by the cookies about your use of this website is usually transferred to a Google server in the USA and stored there.

The IP address transmitted by the user’s browser is not merged with other data from Google. The information generated by the cookie about your use of this online presence will be transmitted to and stored by Google on servers in the United States. 

We have activated the IP anonymization function on this website. This means that your IP address is shortened by Google within member states of the European Union or in other contracting states of the Agreement on the European Economic Area before being transmitted to the USA. Only in exceptional cases will the full IP address be transmitted to a Google server in the USA and shortened there. On behalf of the operator of this website, Google will use this information for the purpose of evaluating your use of the website, compiling reports on website activity and providing other services relating to website activity and internet usage to the website operator. The IP address transmitted by your browser as part of Google Analytics will not be merged with any other data held by Google.

IP anonymization is active on this online presence. On behalf of the operator of this website, Google will use this information for the purpose of evaluating your use of the website, compiling reports on website activity and providing other services relating to website activity and internet usage to the website operator. The IP address transmitted by your browser in the context of Google will not be merged with other data from Google. You may refuse the use of cookies by selecting the appropriate settings on your browser, however please note that if you do this you may not be able to use the full functionality of our online presence.

Further information on the collection and storage of data by Google can be found here:

https://policies.google.com/privacy?gl=DE&hl=de You may refuse the use of cookies by selecting the appropriate settings on your browser, however please note that if you do this you may not be able to use the full functionality of this website. You can also prevent the collection of data generated by the cookie and related to your use of the website (including your IP address) to Google and the processing of this data by Google by downloading and installing the browser plugin available at the following link: https://tools.google.com/dlpage/gaoptout?hl=de.

You can prevent the collection of your data by Google Analytics by clicking on the following link. An opt-out cookie will be set, which will prevent the collection of your data during future visits to this website: Disable Google Analytics.

More information on how Google Analytics handles user data can be found in Google’s privacy policy: https://support.google.com/analytics/answer/6004245?hl=de.

  1. Data processing agreement

We have concluded an order processing agreement with Google and fully implement the strict requirements of the German data protection authorities when using Google Analytics.

  1. Demographic characteristics with Google Analytics

This website uses the “demographic characteristics” function of Google Analytics. This allows reports to be generated that contain statements about the age, gender and interests of site visitors. This data comes from interest-based advertising from Google as well as visitor data from third-party providers. This data cannot be assigned to a specific person. You can deactivate this function at any time via the ad settings in your Google account or generally prohibit the collection of your data by Google Analytics as shown in the item “Objection to data collection”.

Google Ads and Google Conversion Tracking

This website uses Google Ads. Google Ads is an online advertising program from Google.

Within the framework of Google Ads, we use the so-called conversion tracking. When you click on an ad placed by Google, a cookie is set for conversion tracking. Cookies are small text files that the Internet browser stores on the user’s computer. These cookies lose their validity after 30 days and are not used to personally identify the user. If the user visits certain pages of this website and the cookie has not yet expired, Google and we can recognize that the user clicked on the ad and was redirected to this page.

Each Google Ads customer receives a different cookie. The cookies cannot be tracked across Google Ads customers’ websites. The information obtained using the conversion cookie is used to create conversion statistics for Google Ads customers who have opted in to conversion tracking. The clients learn the total number of users who clicked on their ad and were redirected to a page tagged with a conversion tracking tag. However, they do not receive information that personally identifies users. If you do not wish to participate in the tracking, you can object to this use by easily deactivating the Google conversion tracking cookie via your internet browser under user settings. You will then not be included in the conversion tracking statistics.

The storage of “conversion cookies” and the use of this tracking tool are based on Art. 6 (1) lit. f GDPR. The website operator has a legitimate interest in analyzing user behavior in order to optimize both its website and its advertising. If a corresponding consent has been requested (e.g. consent to store cookies), the processing is based exclusively on Art. 6 (1) lit. a GDPR; the consent can be revoked at any time.

More information about Google Ads and Google Conversion Tracking can be found in Google’s privacy policy: https://policies.google.com/privacy?hl=de.

You can set your browser so that you are informed about the setting of cookies and only allow cookies in individual cases, exclude the acceptance of cookies for certain cases or in general and activate the automatic deletion of cookies when closing the browser. When deactivating cookies, the functionality of this website may be limited.

  1. Purpose of the data processing

The purpose of processing personal data is to specifically address a target group that has already expressed an initial interest by visiting the site.

  1. Lega basis of data processing

The storage of Google Analytics cookies and the use of this analysis tool are based on Art. 6 (1) lit. f GDPR. The website operator has a legitimate interest in analyzing user behavior in order to optimize both its website and its advertising. If a corresponding consent has been requested (e.g. consent to store cookies), the processing is based exclusively on Art. 6 (1) a GDPR; the consent can be revoked at any time.

  1. Duration of storage

Your personal information will be retained for as long as necessary to fulfill the purposes described in this Privacy Policy or as required by law. 

Data stored by Google at user and event level that is linked to cookies, user identifiers (e.g. User ID) or advertising IDs (e.g. DoubleClick cookies, Android advertising ID) is anonymized or deleted after 14 months. For details, please see the following link: https://support.google.com/analytics/answer/7667196?hl=de

  1. Possibility of objection and removal

You can prevent the collection as well as the processing of your personal data by Google by preventing the storage of third-party cookies on your computer, using the “Do Not Track” function of a supporting browser, disabling the execution of script code in your browser or installing a script blocker such as NoScript (www.noscript.net) or Ghostery (www.ghostery.com) in your browser.

 You can also prevent the collection of data generated by the cookie and related to your use of the online presence (including your IP address) to Google and the processing of this data by Google by downloading and installing the browser plugin available at the following link: https://tools.google.com/dlpage/gaoptout?hl=de.

You can deactivate the use of your personal data by Google using the following link: https://adssettings.google.de

For more information on how to object to and opt-out of Google, please visit: https://policies.google.com/privacy?gl=DE&hl=de

Google Maps

  1. Description and scope of data processing

This site uses the mapping service Google Maps via an API. The provider is Google.

To use the functions of Google Maps, it is necessary to store your IP address. This information is usually transferred to a Google server in the USA and stored there. The provider of this site has no influence on this data transmission.

More information on the handling of user data can be found in Google’s privacy policy: https://policies.google.com/privacy?hl=de.

  1. Purpose of data processing

Google Maps is used in the interest of an appealing presentation of our online offers and to make it easy to find the places we indicate on the website. 

  1. Legal basis of the data processing

This represents a legitimate interest within the meaning of Art. 6 (1) lit. f GDPR. Insofar as a corresponding consent has been requested, the processing is carried out exclusively on the basis of Art. 6 para. 1 lit. a GDPR; the consent can be revoked at any time.

Google reCAPTCHA

  1. Description and scope of data processing

We use “Google reCAPTCHA” (hereinafter “reCAPTCHA“) on this website. The provider is Google.

The purpose of reCAPTCHA is to check whether data entry on this website (e.g. in a contact form) is made by a human or by an automated program. For this purpose, reCAPTCHA analyzes the behavior of the website visitor based on various characteristics. This analysis begins automatically as soon as the website visitor enters the website. For the analysis, reCAPTCHA evaluates various information (e.g. IP address, time spent by the website visitor on the website or mouse movements made by the user). The data collected during the analysis is forwarded to Google.

The reCAPTCHA analyses run entirely in the background. Website visitors are not made aware that an analysis is taking place.

For more information on Google reCAPTCHA, please refer to the Google Privacy Policy and the Google Terms of Use at the following links: https://policies.google.com/privacy?hl=de and https://policies.google.com/terms?hl=de.

  1. Purpose of data processing

The website operator has a legitimate interest in protecting its web offers from abusive automated spying and from SPAM.

  1. Legal basis of data processing

The storage and analysis of data is based on Art. 6 para. 1 lit. f GDPR. If a corresponding consent has been requested (e.g. consent to the storage of cookies), the processing is carried out exclusively on the basis of Art. 6 para. 1 lit. a GDPR; the consent can be revoked at any time.

Use of 1&1 Web Analytics

  1. Description and scope of data processing

This website uses the analysis services of 1&1 Web Analytics. The provider is 1&1 IONOS SE, Elgendorfer Straße 57, D – 56410 Montabaur. As part of the analyses with 1&1, among other things, visitor numbers and behavior (e.g. number of page views, duration of a website visit, bounce rates), visitor sources (i.e. from which page the visitor comes), visitor locations as well as technical data (browser and operating system versions) can be analyzed. For this purpose, 1&1 stores the following data in particular:

  • referrer (previously visited website)
  • requested website or file
  • browser type and browser version
  • operating system used
  • type of device used
  • time of access
  • IP address in anonymized form (only used to determine the location of the access).

According to 1&1, the data collection is completely anonymized so that it cannot be traced back to individual persons. Cookies are not stored by 1&1 Web Analytics.

  1. Legal basis for the data processing

The storage and analysis of the data is based on Art. 6 para. 1 lit. f GDPR. The website operator has a legitimate interest in the statistical analysis of user behavior in order to optimize both its web offering and its advertising. If a corresponding consent has been requested (e.g. consent to store cookies), the processing is based exclusively on Art. 6 (1) lit. a GDPR; the consent can be revoked at any time.

For more information on data collection and processing by 1&1 Web Analytics, please refer to the following links:

https://hosting.1und1.de/hilfe/online-marketing/

https://hosting.1und1.de/hilfe/datenschutz/datenverarbeitung-von-webseitenbesuchern-ihres-company-name-produktes/webanalytics/

https://hosting.1und1.de/terms-gtc/terms-privacy/

  1. Data Processing Agreement

We have concluded an order processing contract with 1&1. This contract is intended to ensure that 1&1 handles your personal data in accordance with data protection regulations.

XVIII. Own Services

Treatment of applicant data

We provide the possibility, to apply for a job at our company (e.g. through e-mail, post or via our online-applicant form). In the following we inform you on the scope, purpose and use of your personal data processed in the course of the job application process. We ensure you that the collecting, processing and use of your personal data is in line with applicable data protection laws and all other statutory regulations and will be treated as highly confidential.

  1. Scope of data processing

When you send us your application, we process your personal data provided in connection hereto (e.g. contact details, communication details, application documents, notes from the job interview) to the extent this is necessary for the decision-making regarding the conclusion of an employment relationship.

  1. Legal basis of data processing

The legal basis for the processing of the users’ personal data is Section 26 Federal Data Protection Law-New, Art. 6 para. 1 lit. b GDPR (general contract initiation) and – to the extent you granted your consent – the processing is based exclusively on Art. 6 para. 1 lit. a GDPR; the consent can be revoked at any time.

If your application was successful, the personal  data submitted by you will be saved on our data processing system for purposes of the processing of the employment relationship based on Section 26 Federal Data Protection Law-New, Art. 6 para. 1 lit. b GDPR.

  1. Duration of the processing

If we cannot offer you a position, you reject the offered the position or you revoke your application, we reserve the right to save the data provided by you up to six months after the termination of the application processes (rejection or revocaktion of the application) on the basis of a legitimate interest (Art. 6 para. 1 lit. f GDPR). Subsequently the data will be deleted and the physical application documents destroyed. The storage serves, in particular, purposes of evidence in case of legal dispute. Provided that it is obvious that the data will also be needed after the expiration of the six months period (e.g. due to a threatened or pending legal dispute), the deletion shall only take place once the purpose for its extended storages ceases to exist.

A longer storage can also occur, if you provided a respective consent Art. 6 Abs. 1 lit. a GDPR) or if statutory storage obligations prevent a deletion.

Admission to the Applicants-Pool

If we currently cannot offer you a position, there possibly exists the option to include you in our applicants-pool.

The inclusion in the applicants-pool only occurs on the basis of your express prior consent (Art. 6 para. 1 lit. a GDPR). The consent is voluntary and is unrelated to the application process itself. The consent can be revoked at any time. In this case the data in the applicants-pool will be irrevocably deleted, unless there are statutory reasons for its storage.

Data in the applicants-pool will be irrevocably deleted, the latest two years after granting the respective consent.

XIX. Further Information
To contact us regarding data protection issues, the best way is to send an e-mail to the address info@enviria.energy.

Please note that this data protection declaration applies exclusively to ENVIRIA Internet pages. Insofar as our pages contain links to Internet pages of third parties, our data protection declaration does not apply to these. Please inform yourself on the respective pages about the data protection regulations applicable there.

You can find further information about us in our imprint: http://enviria.energy/impressum/.

If you have any questions or suggestions, please feel free to contact us at any time by sending an e-mail to info@enviria.energy.

Changes to the Data Privacy Policy

We reserve the right to change the data protection declaration in order to adapt it to changed legal situations, or in the event of changes to the service as well as data processing. However, this only applies with regard to declarations on data processing. Insofar as user consents are required or components of the data protection declaration contain provisions of the contractual relationship with the users, the changes will only be made with the consent of the users.

Users are requested to inform themselves regularly about the content of the data protection declaration.