Personal data is information about an identified or identifiable individual. This includes all information about your identity, such as your name, your e-mail address or your address. In contrast, information that cannot be connected to your identity (e.g. statistical information, such as on the number of online service users) is not considered personal information.
Automated decision-making based on your personal data does not occur in connection with usage of our online service.
Processing Personal Information
We store your information on specially secured servers within the European Union. These are technical and organizational measures to protect against loss, destruction, access, alteration or dissemination of your data by unauthorized persons. Only a few authorized persons are able to access your data. These individuals are responsible for the technical, commercial and editorial supervision of the server. Despite regular inspections, complete protection against all risks is not possible, however.
Your personal data will be encrypted when sent over the internet. For data transmission, we use an SSL encryption (Secure Sockets Layer).
Sharing Personal Data with Third Parties
We generally use your personal information only to carry out the services desired by you. Insofar as we use external service providers to carry out these services, their access to the data will be exclusively for the purpose of this task. Using technical and organizational measures, we ensure compliance with data protection standards and also commit our external service providers to them.
Furthermore, we do not pass on data to third parties without your express permission, especially not for promotional purposes. Your personal data is passed on only if you have consented to it or insofar as we are authorized or obligated to do so due to legal provisions and/or official or judicial instructions. In particular, this may concern giving information for the purpose of criminal prosecution, for hazard prevention or to enforce intellectual property rights.
Legal Basis for Data Processing
Insofar as we receive consent to process your personal data, Article 6 (1) letter a of the GDPR serves as the legal basis for data processing.
Insofar as your personal data is processed because it is required to fulfil a contract or as part of a contract-like relationship with you, Article 6 (1) letter b of the GDPR serves as the legal basis for data processing.
Insofar as we process your personal data to fulfil a legal obligation, Article 6 (1) letter c of the GDPR serves as the legal basis for data processing.
As a legal basis for data processing, Article 6 (1) letter f of the GDPR is taken into further consideration if the processing of your personal data is required to safeguard a justifiable interest of our company or a third party and your interests, basic rights and freedoms do not require personal data to be protected.
Deleting Data and Storage Duration
As a rule, we then always delete or block your personal data when the purpose of the storage is eliminated. However, storage may also take place if this is designated by legal provisions to which we are subject, for example in terms of legal storage and documentation obligations. In a case such as this, we delete or block your personal data after the end of the relevant specifications.
Using Our Online Service
Information about Your Device
Each time our online service is accessed, we gather the following information about your device independently of your registration: the IP address of your device, the web browser request and the time of the request. In addition, the status and the data volume transferred will be collected as part of this request. We also collect product and version information about the web browser used and the device’s operating system. Furthermore, we gather from which website the online service was accessed. The IP address of your device is stored only for the time that the online service is used and is deleted afterward or anonymized by abbreviating it. The other data is stored for an unlimited amount of time.
We use this data to operate the online service, particularly to identify and remedy errors in order to determine the utilization of the online service and make adjustments or improvements. As our justifiable interest in data processing in accordance with Article 6 (1) letter f of the GDPR, these purposes are also the legal basis for this processing.
Cookies are used on our online service, like with many websites. Cookies are small text files that are stored on your computer and store via your web browser the certain settings and data to share with our online service. A cookie usually contains the name of the domain from which the cookie file was sent and information about the age of the cookie and an alphanumerical identifier.
Cookies enable us to recognize your device and make possible default settings available immediately. Cookies help us to improve the online service and be able to provide you with a better service that is even more tailored to you. In this, we also observe our justifiable interest in data processing in accordance with Article 6 (1) letter f of the GDPR.
Most web browsers are set up so that you automatically accept cookies. However, you can deactivate cookie storage or set up your web browser so that it notifies you as soon as cookies are sent. It is also possible to delete already stored cookies manually using the web browser settings. Please note that you may be able to use only a restricted version of our online service or not at all, if you reject the storage of cookies or delete the necessary cookies.
Use of Technically Necessary Cookies
Some cookies are necessary for technical reasons to enable the use of our online service. With these cookies, we gather and store the following data:
Information to identify or authenticate the user
Data for smooth forwarding of audio or video content
Cookies enable us to recognize your computer and make possible default settings available. Cookies help us to improve the online service and be able to provide you with a better and more user-friendly service. Using cookies is also required to simplify the use of our online service. Some functions can be provided only by using cookies. This concerns the search function, language settings and similar. From this follows our justifiable interest for the legal basis for processing data by means of cookies in accordance with Article 6 (1) letter f of the GDPR.
Use of Analysis Cookies (Google Analytics)
Frequency of page views
Use of website functions
Duration of visit
Your data, collected using cookies, is pseudonymized so that it is no longer possible to assign data to a respective user if they have not clearly and actively given their consent.
We use cookie analysis to improve and optimize the quality of our online service and its content and to also review and improve the range and retrievability of our online service. At the same time, these purposes constitute a legitimate interest within the meaning of the legal basis for processing under Article 6 (1), letter f, of the GDPR.
To analyze user behavior for the aforementioned purposes, we use the software called Google Analytics, which itself employs cookies as explained.
We are of the opinion that due to the protective measures taken (anonymization and the right of withdrawal), data processing to optimize our online service can be considered a justifiable interest in data processing pursuant to Article 6 (1) letter f of the GDPR.
Use of Advertising Cookies (Salesforce Pardot Services)
SMA Solar Technology AG (SMA) stores only and exclusively the personal data belonging to website users that have registered voluntarily/on their own initiative on our websites in order to receive information on products and services, because they want to subscribe to the SMA Newsletter or download documents. If they have given their consent, they can also receive promotional e-mails that are relevant to their interests.
Some forms on SMA websites are linked to Pardot. Pardot is a marketing automation software by Salesforce.com EMEA Limited (Salesforce), village 9, floor 26 Salesforce Tower, 110 Bishopsgate, London, UK, EC2N 4AY.
Personal data provided voluntarily is initially stored in Pardot to then be processed using the Salesforce CRM system for the purpose of contacting and/or sending you information. Salesforce does not store any IP addresses but uses the individual assignment references “unique visitor ID” and “unique identifier.” Deriving personal information is not possible.
You can learn about how Salesforce processes your information when visiting websites by following this link: (LINK: https://help.salesforce.com/articleView?id=pardot_basics_cookies.htm&type=5).
SMA uses Pardot as a marketing analysis service that makes it possible to maintain, assess and expand the SMA online service and SMA marketing communication and to optimize the content on SMA websites. Furthermore, to protect users and partners, fraud and security risks can be detected and parried, if necessary. Data will be processed in Salesforce on our behalf using cookies.
If you choose this option, it can lead to functions being restricted and to the SMA online service being less user-friendly.
Use of Google Maps
Our online service contains an interface to the Google Maps service. This service is provided by Google Inc., 1600 Amphitheatre Parkway, Mountain View, CA 94034, USA (“Google”).
To enable you to use the functions of Google Maps, we need to store your IP address. That information is generally transmitted to a Google server in the United States and stored there. The provider of this site has no influence on this data transmission.
We use Google Maps to make it easier for you to locate the places named on our website. This constitutes a legitimate interest within the meaning of Art. 6 (1) letter f of the GDPR, which is also the legal basis for our use of Google Maps.
Our our website, we also give users the opportunity to register to attend events. For this purpose, we use the Eventbrite tool, which is operated by Eventbrite, Inc., 155 5th Street, Floor 7, San Francisco, CA 94103, USA (“Eventbrite”). If you register for an event, you will be redirected to Eventbrite’s website. We have no influence on data processing by Eventbrite. Eventbrite, Inc., participates in the EU-U.S. Privacy Shield Framework Programme as set forth by the US Department of Commerce and the European Commission regarding the collection, use, and retention of personal data from European Economic Area member countries. To receive information on what information Eventbrite, Inc., collects, processes, and uses as part of the EU-U.S. Privacy Shield Framework Program and for what purposes, follow this link:
As the organizer, we receive from Eventbrite access to the information listed above on the individuals attending an event. We use the information for purposes of preparing for and following up on the event. To enable better planning of events we offer in the future, we use data on attendance at events to analyze how many people sign up for and are present at the events.
Use of YouTube
Our online service includes videos for the forwarding of which we use a plug-in belonging to YouTube (“YouTube”), which is operated by Google. The operator of this service is YouTube LLC, 901 Cherry Ave., San Bruno, CA 94066, U.S.A. If you call up a website of our online service that includes a video, this creates a connection to YouTube’s servers. This communicates to YouTube’s servers which websites of our online server you have visited.
We use YouTube to show you videos and so communicate more to you about us and our services; at the same time, this is the justifiable interest in terms of Article 6 (1) letter f of the GDPR.
Use of EQS Stock Charts
We incorporate external services of EQS Group AG (EQS Group AG, Karlstrasse 47, 80333 Munich) for visual presentation of our stock chart. If you use a service such as this, or if you are shown third-party content, communication data will be exchanged between you and the respective provider for technical reasons.
Our use of this program constitutes a legitimate interest in data processing under Art. 6 (1) letter f of the GDPR.
Use of Retargeting and Remarketing
Retargeting and remarketing refer to technologies in which users who have visited a certain website are shown applicable advertisements also after leaving this website. For this, it is required that internet users recognize, beyond the company website, for what purpose the cookies of the corresponding service provider are used; the previous usage behavior is also taken into account. For example, if a user views certain products, these or similar products could then be shown later as advertisements on other websites. This concerns personalized advertisements that are adapted to the needs of the individual user. For these personalized advertisements, it is not necessary for the user to be identified beyond initial recognition. The data used for retargeting or remarketing is therefore not combined with further data.
We use these kinds of technologies to connect advertisements on the internet. We rely on third-party providers to connect advertisements. This includes an offer from Google that enables an automatic display for products that are interesting to the internet user. This function is implemented using cookies. More information on this technology can be found in the Google data protection regulations under https://policies.google.com/privacy?hl=de. The installation of cookies for Google remarketing and Google AdWords conversion tracking can be prevented by a setting on the respective web browser software by calling up the website http://www.google.com/policies/privacy/ads/ and changing the corresponding setting.
Connecting advertisements is our justifiable interest in data processing pursuant to Article 6 (1) letter f of the GDPR.
Communicating with Us
There are a variety of ways to contact us, including via the contact form on our website. In addition, you can stay up-to-date regularly with our newsletter by e-mail.
If you wish to use the contact form on our website, we will collect the personal data that you enter in the contact form, especially your name and e-mail address. We will also store your IP address as well as the date and time of the request. We process the data sent via the contact form only for the purpose of responding to your inquiries or concerns.
You can decide for yourself what information to send us in the contact form. The legal basis for processing your data is your consent in accordance with Article 6 (1) letter a of the GDPR.
After your concerns have been addressed, we will store your data temporarily in case we have any further questions. You can request that your data be deleted at any time; otherwise, it will be deleted after the matter has been addressed in full. This is without prejudice to legal retention obligations.
Registration for the SMA Newsletter is done via the double opt-in process, which requires a personal reconfirmation via e-mail approval. The newsletter can be canceled at any time.
Investor Relations Newsletter
We use the services of EQS Group AG to distribute our investor relations newsletter (hereinafter referred to as the “IR Newsletter”). Distribution on our behalf takes place on the basis of a processing agreement in accordance with Art. 28 (3) sentence 1 of the GDPR. We provide the head of distribution with your information exclusively for the purpose of sending the e-mail.
Subscriptions to our IR Newsletter are performed using a process called double opt-in. That means, after you sign up, you will receive an e-mail asking you to confirm your subscription. This confirmation is necessary so that no one can subscribe using e-mail addresses that do not belong to them. As record is kept of subscriptions to the IR Newsletter so that we can show proof of the subscription process as required by law. This includes storing the times at which the subscription and the confirmation were received as well as the IP address. We also record any changes in your information stored by the head of distribution.
Your information is used exclusively for the purpose of mailing the IR Newsletter.
When you subscribe to our marketing newsletter, your e-mail address will be used for our own advertising purposes until you unsubscribe. You will receive regular information via e-mail on current topics and e-mails on special occasions, e.g. for special promotions or training offers. These e-mails may be personalized and tailored based on our information about you.
When you subscribe to our marketing newsletter, if you have not provided your consent in writing, we use what is known as the double opt-in process, which means that we will only send you a marketing newsletter by e-mail when you have expressly confirmed to us in advance that we should activate marketing newsletter delivery. We will then send you a notification e-mail and ask you to confirm that you want to receive our newsletter by clicking the link included in this e-mail.
The legal basis for processing your data is your consent in accordance with Article 6 (1) letter a of the GDPR if you have expressly subscribed to our marketing newsletter. In line with legal provisions, you may also receive our marketing newsletter from us without your express consent because you have ordered goods or services from us, we obtained your e-mail address in this context, and you did not object to receiving information by e-mail. In this case, the legal basis is our justifiable interest to communicate direct advertising to you in accordance with Article 6 (1) letter f of the GDPR.
We use the Salesforce Pardot marketing automation tool to distribute our marketing newsletter. Pardot is a marketing automation software by Salesforce.com EMEA Limited (Salesforce), Village 9, Floor 26 Salesforce Tower, 110 Bishopsgate, London, UK, EC2N 4AY.
The personal data you share with us when subscribing to our marketing newsletter is also processed in the US for the purposes of mailing the marketing newsletter and for marketing activities. We transmit that information to Salesforce.com EMEA Limited (Salesforce). We also use Salesforce Pardot software for the purposes stated above with regard to customer data. Thus, in cooperation with Salesforce.com, we are better able to customize our communications by evaluating the specific interests of our customers. We believe that communications that specifically address our customers’ interests also benefit the customers. Because Salesforce.com is also a member of Privacy Shield in the US (https://www.privacyshield.gov/participant_search), we are confident that customers’ data is also processed in the US with a similar level of data protection to that provided under German law.
Please note that we will analyze your user behavior when we mail the marketing newsletter. For the purpose of this analysis, the emails that are sent contain web beacons or tracking pixels. For the analyses, we link the data transmitted via these tracking pixels with your e-mail address and a personalized ID. We use the information thus obtained to create a user profile so that we can tailor the marketing newsletter to your particular interests. We record when you read our marketing newsletters and which links you click on in order to infer your personal interests. We link this data to actions that you carry out on our website. If you do not want us to do this, you should cancel your subscription. Tracking of this nature will also not be possible if your e-mail application settings prevent images from being displayed. In this case, you will not see the full content of the newsletter and may not be able to use all its features. If you display the images manually, the tracking referred to above will take place.
If you have subscribed to our marketing newsletter and we, as described above, analyze your user behavior, we will share the information collected in the process for marketing purposes with the companies named below, which are affiliated with us:
SMA Solar Technology AG, Sonnenallee 1, 34266 Niestetal, Germany
Tel.: +49 561 9522-0 / www.SMA.de / Info@SMA.de
SMA Energy Direct GmbH, Sonnenallee 1, 34266 Niestetal, Germany
Tel.: +49 561 9522-0 / www.SMA.de / Info@SMA.de
SMA Sunbelt Energy GmbH, Sonnenallee 1, 34266 Niestetal, Germany
Tel.: +49 561 9522-0 / www.SMA.de / Info@SMA.de
The information will be stored as long as your subscription to the newsletter lasts. If you unsubscribe, we will store data anonymously and purely for statistical purposes.
If you no longer wish to receive marketing newsletters from us, you can withdraw your given consent at any time with effect for the future or object to the further receipt of e-mails without any additional expenses besides the basic rates of notifying us. Just use the unsubscribe link included in every newsletter or send a message to us or our data protection officer.
You have the option to comment on our articles in our online service. You need to provide your name but you can also use a pseudonym. In addition, you need to give your e-mail address. Specifying your e-mail address is required so that we can contact you if there are complaints about your comments and we can ask you for a statement on them; we also store the IP address. You cannot post comments without this information. However, when publishing a comment, only the name or pseudonym chosen by you will be shown. The legal basis for processing your data is your consent in accordance with Article 6 (1) letter a of the GDPR.
In our online service, you can find hyperlinks to the social network Facebook, professional network LinkedIn and short message service Twitter. The hyperlinks can be recognized by the provider’s respective logo.
Before calling up the relevant hyperlinks, your personal information is not transferred to the respective provider. At the same time, your calling up the linked site is the legal basis for data processing by the relevant provider.
Your Rights and Contact
We place strong emphasis on explaining the processing of personal data as transparently as possible and informing you of your rights. If you would like more detailed information or want to exercise your rights, you can contact us at any time so that we can take care of your issue.
Data Subject Rights
With regard to processing your personal data, you are entitled to extensive rights. In addition, you have a comprehensive right to information and can demand the correction and/or deletion or blocking of your personal data, if applicable. You can also demand a restriction of the processing and have the right to cancel. With regard to the personal data you transferred to us, you also have the right to data portability.
If you want to claim your rights and/or receive more information about them, please contact our customer service. Alternatively, you can also contact our data protection officer.
Revoking Consent and Objection
Provided consent can be freely withdrawn with effect for the future at any time. Revoking consent will not affect the validity of the processing carried out because of the consent until revocation. Both our customer service and our data protection officer are contact persons for this matter.
Insofar as processing your personal data is not based on permission but occurs on the basis of another legal basis, you can object to this data processing. Your objection will lead to a review and, if necessary, the end of the data processing. You will be informed of the results of the review and receive – if the data processing is to continue nevertheless – from us detailed information on why the data processing is permitted.
Data Protection Officer and Contact
We have commissioned an external data protection officer who provides us with support in issues relating to data protection and who you can contact directly. Our data protection officer and their team is available for questions related to our handling of personal data or more information on issues relating to data protection:
SMA Solar Technology AG
Data protection officer
More Information and Changes
Links to Other Websites
Our online service may contain links to other websites. These hyperlinks are generally labeled as such. We have no influence on to what extent the linked websites comply with the applicable data protection regulations. Therefore, we recommend that you inform yourself of the relevant privacy policies for other websites as well.
For more details consult our data protection declarations.Ok