Information obligations in accordance with the General Data Protection Regulation – GDPR (Datenschutzgrundverordnung – DSGVO)

Fulfillment of services as defined by our statutes and business requirements

We process the data of our members, supporters, interested parties, customers, participants of events or other persons in accordance with Section 6 of the GDPR in the case that we offer them contractual services or are active within the framework of existing business relations, for example in a membership relationship, or in the case that we are recipients of services and benefits. Furthermore, we process the data of persons concerned on the basis of legitimate interests, with regard to administrative tasks or publicity, for example. This includes, principally, personal data and master data of relevant persons (e.g. name, address, etc.) and contact information  (e.g. email address, telephone number, etc.), the contract information (e.g. services subscribed to, information submitted, name of contact persons) and, in the case that we deliver paid services or products, payment details (e.g. bank account information, payment history, etc.). We delete data that is no longer necessary for the fulfillment of the purposes defined by our statutes and business requirements. This is determined according to the respective tasks and contractual relations. In the case of processing for business purposes, we store data as long as it may be relevant for completing the respective business transaction, and as long as it may be relevant to fulfill any warranty and liability responsibilities. The necessity to store the data is reviewed every three years; otherwise the legal data retention obligations shall apply.

In particular:

  1. General information
    1. Responsible party, contact data
    2. Data protection officer, contact data
  2. Information on data processed by BSW-SOLAR
    3. Purpose of data processing; legal grounds
    4. Categories of data processed
    5. Categories of recipients
    6. Duration of storage
    7. Rights of affected persons
    8. Right to revoke consent; right of objection
    9. Right of appeal to regulatory authority
    10. Sources

III. Information on data processed by visiting this website
11. Contact form
12. Cookies
13. Newsletter data
14. Twitter
15. LinkedIn
16. OpenStreetMap
17. Google Maps
18. Google Fonts
19. YouTube
20. XING

  1. Responsible party, contact data

The responsible party for the processing of personal data by BSW-SOLAR is BSW – Bundesverband Solarwirtschaft e.V. (German Solar Association – BSW-SOLAR), represented by the Board of Directors: Joachim Goldbeck (President), Moritz Ritter (2nd President), Jörg Ebel (3rd President), Oliver Beckel, Andreas Bruske, Michael Entrup, Dr. Gunter Erfurt, Ulrich Hadding, Helmut Jäger, Oliver Koch, Dr. Dierk Paskert, Alexander Schütt, Peter Thiele.

Contact data:

EUREF-Campus 16
10829 Berlin
Phone: +49 30 29 777 88-0
Fax: +49 30 29 777 88-99
email: info(at)bsw-solar.de

  1. Data protection officer, contact data

BSW-SOLAR’s data protection officer is David Wedepohl (telephone number as provided above).

Direct email contact: datenschutz(at)bsw-solar.de

  1. Purpose of data processing; legal grounds

BSW-SOLAR processes personal data for the communicative promotion of the purpose of the association according to Section 2 of the association statutes.

Data processing takes place based on the consent of the affected persons (see Section 6(1a) GDPR), or because

  • it is necessary for the fulfillment of a contract with the affected person or for carrying out pre-contractual measures as a result of a query made by the affected person (see Section 6(1b) GDPR),
  • it is necessary to guarantee the legitimate interests of BSW-SOLAR or of a third party, provided these are not outweighed by the interests or basic rights or freedoms of the affected persons who require protection of personal data (see Section 6(1f) GDPR),
  • it is permitted based on other legal provisions.

The primary legitimate interest of BSW-SOLAR is to promote the purpose of the association. Legitimate third-party interests are primarily those of BSW-SOLAR members, persons and companies from the solar power and storage industry, those of actors and stakeholders from politics, business and society as well as those of consumers who seek information about the expansion, development, progress and funding measures relating to solar power, who promote the networking of the energy business and technology stakeholders and who directly and indirectly participate and have an interests in this business and technology and promote and utilize the developments in this sector of the energy business in an economic, political, socially and consumer-oriented way.

  1. Categories of data processed

In particular this includes the names, companies or other references to natural and legal persons and their contact information (such as mailing addresses, telephone and fax numbers and email addresses, etc.), the data necessary for carrying out payment services and transactions (such as bank information and account details, etc.), the data that is necessary for accounting and bookkeeping, and other personal data that serve processing purpose in accordance with No. 3.

  1. Categories of recipients

The categories of recipients with whom BSW-SOLAR communicates to advance the processing purpose while using personal data are the interested persons listed under No. 3.

BSW-SOLAR works together with external data processors in order to conduct this communication and, if necessary for this purpose, sends personal data to these processors as needed. In the process, the external data processors are subject to instructions by BSW-SOLAR regarding the type of processing of relevant data, and have an obligation to BSW-SOLAR to delete this data after fulfilling the communication purpose or if instructed to do so by BSW-SOLAR.

  1. Duration of storage

BSW-SOLAR stores personal data only as long as the permission from the affected person is in effect, or as long as it is necessary to meet the processing purpose in accordance with No. 3. Once those prerequisites no longer exist, BSW-SOLAR deletes such data.

  1. Rights of affected persons

Persons affected by the processing of their personal data may have rights vis-à-vis BSW-SOLAR to obtain information from BSW-SOLAR about the personal data that affects them, or to have such data corrected or deleted, or to have the processing of that data restricted or its transferability modified.

  1. Right to revoke consent; right of objection

Affected persons who have provided consent for the processing of their personal data by BSW-SOLAR have the right to revoke their consent at any time.

Insofar as the processing takes place within the predominant interest of BSW-SOLAR (see Section 6(1f) GDPR), they also have the right, for reasons resulting form special circumstances, to object to this processing.

The revocation or rejection must be made in writing or in text form, and addressed to:

BSW – Bundesverband Solarwirtschaft e.V.
EUREF-Campus 16
10829 Berlin
Phone: +49 30 29 777 88-0
Fax: +49 30 29 777 88-99
email: info(at)BSW-Solar.de

  1. Right of appeal to regulatory authority

The affected persons have the right to appeal to a regulatory authority if they believe that the processing of the personal data affecting them violates the GDPR.

  1. Sources

BSW-SOLAR processes personal data primarily from publicly accessible sources, in particular from directories containing information from companies or persons who have either provided such information voluntarily or on the basis of regulations, for example on the legal notice section of a website or a social network, or because the affected persons have shared the information with BSW-SOLAR for the purpose of communication, in particular in conjunction with communication relating to business, policy or other publicity with companies and persons, for example electronic, postal or personal (business cards) communication, unless this expressly or recognizably takes place only for private purposes.

  1. Contact forms

Data that is submitted in the masks of our contact forms under the domain https://2021.energydialogue.berlin/ and will only be used by us and exclusively for the circumstances outlined under the above points 1 to 10 if the submitter has provided permission for data transfer and use by previously clicking the respective box. Data that is submitted in the masks of our contact forms under the domain will be processed by eclareon gmbh whose privacy policy you can view here: https://www.eclareon.com/de/datenschutz

  1. Cookies

The programs that display our websites on the domain www.energiedialogue.berlin and its sub-domains when these websites are accessed through a web browser, and which are stored on our web server (our internet sites), use so-called cookies.

These are files that can place and exchange information in the relation between our websites or web server and the visitor’s web browser.

Our websites use cookies from the open-source analysis software of the provider Matomo (formerly PIWIK). The data collected in this context is mainly the time and duration of the visit, the domains and sub-domains visited, the browser used for the visit as well as the IP address of the devices used for the visit, whereby the IP addresses are rendered anonymous prior to storage. This data, even when used in conjunction with additional information, does not allow a connection to be made to actual persons. Data is not passed on to third parties. You can prevent the storage of cookies by activating a setting on your internet browser; we must inform you, however, that in this case you will not be able to fully utilize all the functions on our website.

Our web server by domainfactory GmbH, Oskar-Messter-Strasse 33, 85737 Ismaning, uses cookies with which so-called server log files are generated, i.e. files containing information that is exchanged in the communication between the visitor’s internet browser and our internet server during a visit to our webpages. They correspond to the data that is collected by Matamo’s cookie, whereby according to our information, the full IP address is registered from our server, thereby making a connection to the respective person fundamentally possible. This data collection, however, is not initiated or requested by us, and takes place outside of our sphere of influence.

  1. Newsletter data

To receive our newsletter, we require you to supply an email address. A verification of the email address supplied is necessary, and the recipient must agree to receive the newsletter. Supplemental information is not collected, or is provided on a voluntary basis. The use of information takes place exclusively for sending the newsletter.

The data provided when subscribing to the newsletter will be processed exclusively on the basis of your declaration of consent (Section 6(1a) GDPR). You may revoke your prior consent at any time. To revoke your consent, it is sufficient if you send us an informal notification via email, or you can de-register by activating the “Austragen” (unsubscribe) link. The legality of the data processing activities that took place before the revocation remains unaffected.

The data submitted to set up the subscription will be deleted once you deregister. If this data has been submitted to us for other purposes and in a different context, we will retain that data.

  1. Twitter

Functions of the service Twitter are integrated into our websites. These functions are offered by the company Twitter Inc., 1355 Market Street, Suite 900, San Francisco, CA 94103, USA. By using Twitter and the “retweet” function, the websites you visit are linked to your Twitter account and shared with other users. In the process, data is also transmitted to Twitter. Please note that as website provider we receive no information about the contents of the transmitted data or of its use by Twitter. Further information is available in Twitter’s data protection guidelines: https://twitter.com/de/privacy

  1. LinkedIn

Our website uses functions of the LinkedIn network. The provider is the LinkedIn Corporation, 2029 Stierlin Court, Mountain View, CA 94043, USA. With each visit to one of our pages that contains LinkedIn functions, a connection to LinkedIn servers is established. LinkedIn receives notification that you have visited our webpages with your IP address. If you click on the “recommend button” while logged into your LinkedIn account, LinkedIn can connect your visit to our website to your person and user account. Please note that as website provider we receive no information about the contents of the transmitted data or of its use by LinkedIn.

  1. OpenStreetMap

We integrate the maps of the service “OpenStreetMap” (https://www.openstreetmap.de), which on the basis of the Open Data Commons Open Database License (ODbL) are offered by the OpenStreetMap Foundation (OSMF). Data protection declaration: https://wiki.openstreetmap.org/wiki/Privacy_Policy.

To our knowledge, OpenStreetMap employs user data exclusively for the purpose of depicting map functions and for temporary storage of selected settings. This data can include in particular a user’s IP addresses and locations, which however cannot be collected without their permission (as a rule given in the form of settings on the users’ mobile devices).

The data may be processed in the USA. Further information is available in OpenStreetMap’s data protection declaration: https://wiki.openstreetmap.org/wiki/Privacy_Policy.

  1. Google Maps

On our website, we use Google Maps to depict our location and to generate directions. It is a service provided by Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043 USA, hereafter referred to as “Google.”

Through certification under the “EU-US Privacy Shield” (https://www.privacyshield.gov/participant?id=a2zt000000001L5AAI&status=Active), Google guarantees compliance with the European Union’s data protection regulations, also when data is processed in the USA.

In order to enable the depiction of certain fonts on our website, a connection is established to Google’s server in the USA when our website is visited.

If you click on the Google Maps element that is integrated into our website, Google will store a cookie on your end device through your internet browser. Your user settings and data are processed in order to show our location and generate directions. We cannot rule out the possibility that Google uses servers in the USA.

The legal basis for this is outlined in Section 6(1f) GDPR. Our legitimate interest lies in the optimization of the functionality of our website.

By way of the link to Google established in this way, Google can determine the website from which your query was made, and determine to which IP address the directions should be transmitted.

If you do not agree to this processing, you have the possibility to prevent the installation of cookies by activating the corresponding settings in your internet browser. Further details on this topic can be found under the aforementioned point “Cookies.”

Furthermore, the use of Google Maps and the information accessed through Google Maps is governed by the Google terms of use under https://policies.google.com/terms?gl=DE&hl=de and the Google Maps terms and conditions under https://www.google.com/intl/de_de/help/terms_maps.html.

Google also offers further information under
https://adssettings.google.com/authenticated
https://policies.google.com/privacy.

  1. Google Fonts

On our website we integrate Google Fonts to depict external fonts. This is a service provided by Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043 USA, hereafter referred to as “Google.”

Through certification under the “EU-US Privacy Shield” (https://www.privacyshield.gov/participant?id=a2zt000000001L5AAI&status=Active), Google guarantees compliance with the European Union’s data protection regulations, also when data is processed in the USA.

In order to enable the depiction of certain fonts on our website, a connection is established to Google’s server in the USA when our website is visited.

The legal basis for this is Section 6(1f) GDPR. Our legitimate interest lies in the optimization and the economical operation of our website.

By way of the link to Google established in this way, Google can determine the website from which your query was made, and determine to which IP address the font depiction is to be transmitted.

Google also offers further information, in particular with regard to possibilities of restricting data use, under
https://adssettings.google.com/authenticated
https://policies.google.com/privacy.

  1. YouTube

For the integration and depiction of video content, our website uses YouTube plugins. The service provider of the video portal is YouTube, LLC, 901 Cherry Ave., San Bruno, CA 94066, USA.

When a page with an integrated YouTube Plugin is visited, a connection to YouTube’s servers is established. This tells YouTube which of our websites you have visited.

YouTube can link your surfing behavior directly to your personal profile if you are logged into your YouTube account. By logging out in advance, you have the possibility to prevent this.

The use of YouTube takes place in the interest of an attractive depiction of our online content. This represents a legitimate interest within the meaning of Section 6(1f) GDPR. Further details on how user data is handled can be found in YouTube’s data protection declaration at: https://www.google.de/intl/de/policies/privacy.

  1. XING Plugin

Our website utilizes functions of the XING network. Service provider is XING AG, Dammtorstrasse 29-32, 20354 Hamburg, Germany.

When a page with integrated XING functions is visited, a connection to XING’s servers is established. To our knowledge, no storage of personal data takes place. IP addresses are not stored and there is no analysis of user behavior.

Further details on data protection and the XING Share Button can be found in XING’s data protection declaration at: https://www.xing.com/app/share?op=data_protection.

Status of this data protection declaration: 08/2021