We are pleased that you visit our website and thank you for your interest in our company and our products.
Personal data is information relating to an identified or identifiable person. In particular, these include information that allows your identity to be deduced, such as your name, telephone number, address or e-mail address. Statistical data that we collect when you visit our website/our storage portal for example and cannot be connected to your person do not fall under the definition of personal data.
1. Point of contact
The point of contact and so-called responsible body for the processing of your personal data within the meaning of the EU General Data Protection Regulation (GDPR) is
Storengy Deutschland GmbH
Telephone +49 (0)30 28 88 34-0 Fax +49 (0)30 28 88 34-149
Storengy Deutschland Betrieb GmbH
Telefon +49 (0)511 86683-0
For all questions concerning data protection you can contact our external Data Protection Officer Mrs Inna Gendelman or Dr Tobias Greb from the Legal Department of Storengy Deutschland GmbH. Besides, you can contact us via email@example.com.
Inna Gendelman (Data Protection Officer)
Am Hamburger Bahnhof 4
Telephone +49 (0)30 213 00 28-50 Fax +49 (0)30 213 00 28-99 firstname.lastname@example.org
Dr Tobias Greb (Legal Department of Storengy Deutschland GmbH)
Telephone +49 (0)30 28 88 34-251 Fax +49 (0) 30 28 88 34-149
2. Data processing for the purpose of contract initiation and execution
The processing of certain data is required for contract initiation and execution and for settlement of your contract. The legal basis for the data processing is Article 6(1) lit. b) GDPR. The basis of the decision on the establishment, implementation or termination of a contract can, under certain circumstances, include the processing of probability values for future payment behaviour. Among other things, the address data of the customer is included in the calculation of the probability values.
3. Data processing in the case of a legitimate interest on the part of Storengy
We process your data in the individual case in order to protect our legitimate interests (Article 6(1) lit. f) GDPR). This includes the use of your personal data, among other things, in order to
• implement measures for the improvement and development of products and services, and to contact you with customised offers and offer you tailored products;
• determine credit and payment default risks in consultation and data exchange with credit agencies (e.g. Schufa, Creditreform);
• determine and check the quality of service rendered to us on a random basis;
• assert legal claims and for the defence of legal disputes to clarify or to prevent criminal offences;
• determine addresses;
• use your data anonymously for analysis and test purposes.
4. Data processing on the basis of legal requirements or in the public interest
As a company, we are subject to various statutory obligations (e.g. the German Energy Industry Act (EnWG) and other legal provisions concerning energy, tax laws, the German Commercial Code (HGB)) that mandate the processing of your data for the fulfilment of the law. The legal basis for the processing of data is (Article 6(1) lit c) GDPR) (Article 6(1) lit. e) GDPR).
5. Data processing on our website/on our storage portal and visiting our website/our storage portal
5.1 Visiting our website/our storage portal
Each time you use our website (https://www.storengy.com/de) or our storage portal (https://www.speicherportal.storengy.de/startseite) we collect the access data automatically transmitted by your browser in order to make it possible for you to visit the website/the storage portal. The access data can, for example, include:
• The IP address of the requesting device
• The date and time of the request
• The address of the accessed website and the requesting website
• Information about the browser and operating system used
• Online identifiers (e.g. device identifiers, session IDs)
The data processing of this access data is required in order to make visiting the website/the storage portal possible and to ensure the sustained functioning and security of our systems. The access data is also stored temporarily in internal log files for the purposes stated previously in order to generate statistical information on the use of our website/the storage portal, in order to further develop our website/our storage portal with regard to the usage habits of our visitors (e.g., if the share of mobile devices with which the sites are accessed increases) and for the purpose of general administrative maintenance of our website/our storage portal. The legal basis is Article 6(1) sentence 1 lit. b) GDPR. The information stored in the log files does not allow information concerning your person to be deduced directly - in particular, we only store the IP addresses in abbreviated, anonymised form. The log files are stored for a maximum of 30 days and, if necessary, archived, though only after anonymisation.
5.2 Access to the protected area of the storage portal
You have the option of registering for the protected area of the storage portal via the storage portal. For this, we collect master data, contact information, your user name and the contact data for your company. The data that you are obliged to provide are highlighted in that they are marked as mandatory fields. Without this data, registration in the protected area of the storage portal is not possible. The legal basis of the processing is Article 6(1) 1 lit. b) and Article 6(1) sentence 1 lit. f) GDPR.
5.3 Contacting us via our website/our storage portal
There are various options for contacting us as stated on our website/our storage portal. In this context, we process data (name, e-mail, phone number, information you give us in relation to your contact request) exclusively for the purpose of communication with you. The legal basis is Article 6(1) 1 lit. b), Article 6(1) sentence 1 lit. f) and/or Article 6(1) sentence 1 lit. a) GDPR.
We use so-called cookies on our website/our storage portal. A cookie is a small text file that is stored on your device by the browser. Cookies are not used to run programmes or download viruses to your computer. The main purpose of our own cookies is more to make our services as time-saving as possible. We also use our own cookies, for example,
• for load distribution;
• in order to save your language settings.
By doing so, we want to offer you more convenient and individual use of our website/our storage portal. These services are based on our above-mentioned legitimate interests, the legal basis is Article 6(1) sentence 1 lit. f) GDPR.
5.5 Setting of cookies for analytical purposes, Google Analytics
This website uses Google Analytics, a web-analysis service of Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA (“Google”). According to Google the contact person for all data protection topics is Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland.
We have made the following privacy settings at Google Analytics:
• IP anonymisation (shortening of the IP address before evaluation, so that no conclusions can be drawn about your identity)
• Automatic deletion of old logs / limitation of storage time
• Deactivated advertising function (including target group remarketing through GA Audience)
• Disabled personalised ads
• Disabled Measurement Protocol
• Disabled cross page tracking (Google signals)
• Disabled sharing of information with other Google products and services
The following data are processed by Google Analytics:
• Anonymised IP address;
• Referrer URL (previously visited page);
• Pages accessed (date, time, URL, title, length of stay);
• Downloaded files;
• Clicked links to other websites;
• if applicable, achievement of certain goals (conversions);
• Technical information: Operating system; Browser type, version and language; Device type, brand, model and resolution;
• Approximate location (country and possibly city, based on anonymous IP address).
We have concluded a data processing agreement with Google for the use of Google Analytics and standard contractual clauses in the event that personal data is transferred to the USA or other third countries.
The legal basis for the data processing described in the following section is Art. 6(1) sentence 1 lit. f) GDPR, based on our legitimate interest in the needs-based design and continual optimisation of our website.
In the following, you will find information on the possibilities of objection regarding our analysis measures by means of a so-called opt-out cookie. Please note that after deleting all cookies in your browser or the later use of another browser and/or profile, an opt-out cookie must be set again.
As set out above, you can so configure your browser that it rejects cookies, or you can prevent the capture of the data generated by cookies and relating to your use of our websites (including your IP-address) and the processing of this data by Google by downloading and installing the browser add-on provided by Google. As an alternative to the browser-addon or if you browse our website from a mobile device, you can use this optout link. This will prevent the data collection of Google Analytics within this website (the opt-out link will only work in this browser and only for this domain). If you delete your cookies in this browser, you will have to click on the link again.
You will find more detailed information on this matter in the Privacy Statement and Terms of Google Analytics.
6. Data processing in connection with a job application Processed data categories
6.1 Processed data categories
We process data that relate to your application. These can be general data about your person (such as your name, address and contact information), information on your professional qualifications and education or information on further vocational training or other information that you provide to us in connection with your application.
We process personal data about you for the purpose of your application for employment to the extent that this is necessary for the decision on establishing an employment relationship with us. The legal basis for doing so is Section 26 (1) in conjunction with (8) sentence 2 of the German Federal Data Protection Act (BDSG). We can also process personal data about you to the extent necessary for the defence of legal claims asserted against us arising from the application process. The legal basis is Article 6(1), paragraph 1, lit. f) GDPR, the legitimate interest is, for example, a burden of proof in a proceeding in accordance with the General Equal Treatment Act (AGG). Insofar as an employment relationship results between you and us, in accordance with Section 26(1) of the German Federal Data Protection Act (BDSG), we can further process data already received from you for the purposes of the employment relationship, if this is required for the implementation or termination of the employment relationship or for the exercise or fulfilment of the rights and obligations of the representation of interests of the employees arising from a law or a collective bargaining agreement, a works agreement or a service agreement (collective agreement).
6.2 Data sources
If we do not collect the data directly from you and you have an active profile with StepStone or LinkedIn for example, or you disclose an inactive or active profile to us in the context of the application procedure, we may also collect personal data from these.
6.3 No automated decision-making
No automated decision is made in the individual case within the meaning of Article 22 GDPR, which means that the decision on your application is not based on automated processing.
7. Newsletters and individual contact with offers and products
You have the option of ordering our newsletter, in which we keep you informed on a regular basis about innovations to our products and of promotions. In addition, you can allow us to contact you individually, for example with offers and products.
In order to provide our newsletter or to contact you individually, we use the so-called double opt-in procedure, which means that we will only send you the newsletter per email or contact you individually, for example with offers and products, if you confirm that you are the owner of the specified e-mail address by clicking on a link in our notification e-mail. If you confirm your e-mail address, we store your e-mail address, the time of registration and the IP address used to register until you unsubscribe from the newsletter or notify us that you no longer wish to be contacted individually. The storage solely serves the purpose of sending you the newsletter or contacting you individually and as proof of your registration. You can unsubscribe from the newsletter or cancel individual contact at any time. There is a corresponding unsubscribe link in every newsletter. Notification to the contact details specified above or in the newsletter (e.g. per e-mail or letter) is, of course, also sufficient. The legal basis of the processing is your consent according to Article 6(1) lit. a) GDPR.
8. Disclosure of data
The data collected by us is essentially only disclosed if:
• You have expressly consented to this in accordance with Article 6(1) sentence 1 lit. a) GDPR,
• The disclosure is required in accordance with Article 6(1) sentence 1 lit. f) GDPR for the assertion, exercise or defence of legal claims and there is no reason to assume that you have an overriding legitimate interest in the omission of the disclosure of your data,
• We are legally obliged to disclose in accordance with Article 6(1) sentence 1 lit. c) GDPR or
• This is legally permissible and is required in accordance with Article 6(1) sentence 1 lit. b) GDPR for the handling of contractual relationships with you or for the implementation of pre-contractual measures to be carried out at your request.
Furthermore, a disclosure may occur in connection with regulatory inquiries, court decisions and legal proceedings if so required for prosecution or enforcement.
9. Storage duration
In principle, we store personal data only for as long as is necessary to fulfil contractual or statutory obligations for which we have collected the data. We then delete the data immediately, unless we require the data until expiry of the statutory period of limitation for evidential purposes for civil law claims or due to statutory retention obligations.
For evidential purposes, we must retain contract data for three years from the end of the year in which the business relations with you ends. Any claims become statute-barred in accordance with the statutory period of limitation at this point in time at the earliest.
In some cases, we may also have to store your data after this for accounting reasons. We are also obliged to do so due to legal documentation obligations arising from the Commercial Code (HGB), the Tax Code (AO), the Banking Act (KWG), the Money Laundering Act (GwG) and the Securities Trading Act (WpHG). The specified time limits for the retention of documents is two to ten years.
10. Your rights
You have the right at any time to demand information on the processing of your personal data by us. We will explain the data processing to you within the context of the provision of information and provide you with an overview of the data stored about your person.
If data saved by us are incorrect or no longer current, you have the right to have these data corrected.
You can also demand the deletion of your data. If the deletion is not possible due to other legal provisions in exceptional cases, the data will be blocked so that they are only available for this statutory purpose.
You can also restrict the processing of your data, for example if you are of the opinion that the data stored by us are not correct. You also have a right to data portability, i.e. to receive a digital copy of the personal data provided by you.
In order to assert your rights as described here, please contact data the points of contact stated above at any time. This also applies if you wish to receive copies of guarantees as evidence of a reasonable level of data protection.
You also have the right to object to the data processing, which is based on Article 6(1) lit. e) or lit. f) GDPR. Finally, you have the right to complain to the data protection supervisory authority responsible for us. You can exercise this right with a supervisory authority in the Member State of your place of residence, place of work or the location of the alleged infringement.
11. Right of revocation and objection
In accordance with Article 7(2) GDPR, you have the right to revoke consent once given to us at any time. This has the consequence that we will no longer continue the data processing based on this consent for the future. By revoking consent, the legality of the processing carried out on the basis of the consent until the revocation shall not be affected.
Insofar as we process your data on the basis of legitimate interests in accordance with Article 6(1) sentence 1 lit. f) GDPR, you have the right to object to the processing of your personal information in accordance with Article 21 GDPR to the extent that reasons exist arising from your specific situation or if the objection is to direct advertising. In the latter case, you have a general right of objection that will be implemented by us even without the specification of reasons.
If you wish to assert your right of revocation or objection, it is sufficient to send an informal notification to the above-mentioned contact details.
12. Data security
We maintain current technical measures to guarantee data security and in particular to protect your personal data against hazards during data transfers and from becoming known to third parties. These are adjusted according to the current state of the art in each case.
13. Changes to the privacy statement