In this privacy notice, SMA Solar Technology AG, Sonnenallee 1, 34266 Niestetal ("we", "us") informs you on how we collect and use (i.e. process and utilize) your personal data while using the SMA apps (the "app").
Personal data is all information about an identified or identifiable natural person that you communicate to us or that we collect otherwise. This includes:
Registration data: In order to be able to use the functions in our app, prior registration with us using your account data at our SMA Sunny Portal is required. For this, you must state your e-mail address or username as well as your password.
Energy data: You can use the app to view your energy data relating to your PV system. This data is made available to you in the app from the SMA Sunny Portal. With regard to the processing of your energy data in SMA Sunny Portal, we would like to refer to the data protection information for registration in the SMA Sunny Portal (https://ennexos.sunnyportal.com/data-privacy). By using the app, no further energy data is processed.
Simulation data: In our app, you can use the Energy Calculator to calculate whether it is recommendable for you to expand your PV system or to purchase a new one (Energy Calculator Report). For this purpose, you can enter or add data relevant for the utility value analysis (address, roof size and roof pitch, orientation of the roof, energy consumption). If the Energy Calculator has aroused your interest, you can directly request a non-binding offer for the expansion of your or the creation of a PV system. The contact data stored in the SMA Sunny Portal account will be used to contact you.
Server and application log data: When you use the app and it connects to our servers to use various features, data about it, (e.g., the date and time of your visit, the functions called up, the type and operating system of the mobile device you are using, as well as your IP address) is temporarily stored in a log file. We can also create user profiles on this under a pseudonym. It is then not possible to deduce any direct information about you.
Providing these data is required to use the app, unless the provision is not expressly voluntary.
Your registration and energy data is used for the authorization and/or rendering of the services and for the administration of your customer account data. This is required for the provision of the app and is therefore based on Art. 6 Sect. 1 lit. b. GDPR "General Data Protection Regulation" (execution of a contract). This personal data is stored with us for the duration of the existence of your customer account and three (3) months after.
If you use the Energy Calculator and have entered your data, we will process the data provided to create the Energy Calculator Report and, if you wish, to request a non-binding offer for the expansion or construction of a PV system. The processing of the data is necessary to provide the services you have requested. The legal basis for the processing is therefore the execution of precontractual measures and the initiation and, if necessary, conclusion of a contract, Article 6(1), Letter b) GDPR.
Your data will be deleted immediately if, after creating the Energy Calculator Report, you do not (i) request a non-binding offer or reject the requested non-binding offer, (ii) register for a customer account where the Energy Calculator Report is stored or (iii) request the report by e-mail.
If you wish the construction and installation of a PV system based on the non-binding offer, we will transmit the above-mentioned data for the construction and installation of the PV system to the respective installer. The legal basis for the processing is also the further execution of precontractual measures and the initiation and, if necessary, conclusion of a contract, Article 6(1), Letter b) GDPR.
This data is stored in your SMA Sunny Portal account and deleted at the latest two years after the Energy Calculator Report has been created.
We will process your location or the location of the system during the registration of a new system if you click this button and do not want to enter the address manually. When you click this button, we will determine your current location via GPS in order to quickly provide you with the address. Data about your location will be used only for the registration of the new system. We will exclusively determine the address (street, house number, city, geocoordinates) and no further location data. If the address was determined by you, only this data will continue to be stored.
The legal basis for processing your location data is your consent (Article 6(1), Letter a) GDPR). The data processed with your consent will be stored until you withdraw your consent ( see Section 6.3 ). As soon as the specific address is determined and only the address data is stored, this processing is based on performing the duties contained in the contract (see Section 2.2). The address data will remain stored until the system is no longer registered with SMA.
The storage of the server and application log data is necessary for the rendering of the service for technical reasons and then to ensure system security; the data will be deleted after 90 days at the latest. This is required, on the one hand, for the provision of the app and is based on Art. 6 Sect. 1 lit. b. GDPR (execution of a contract), and on the other, to ensure system security and is based on Art. 6 Sect. 1 lit. f GDPR (legitimate interests).
After that, the server and application log data are anonymized for statistical reasons and for the improvement of the app quality and these anonymous data are analyzed. Linking the server and application log data with your personal data or an aggregation of the server and application log data with other personal data sources does not occur. Anonymization occurs to comply with the data protection law in the further use for statistical purposes and for quality assurance and thus on the basis of Art. 6 Sect. 1 lit. f GDPR (legitimate interests).
We would also like to use the data about the contents of the services used that are collected during registration and entered or accrued during your use of the services, in order to inform you about our products and services relating to smart energy solutions and about our other products (advertising).
With your express permission to receive our newsletter, we will contact you via push notification and/or via e-mail with information, offers and promotions about our products that are personally tailored to you and your interests or use. This processing is based on Article 6(1), Letter a) GDPR (consent). The data processed with your consent will be stored until you withdraw your consent (see Section 6.3) or the data is no longer relevant, whichever comes first.
We do not make a decision solely based on automatized data processing that will have legal effects on you or significantly affects you in a similar manner.
In compliance with the legal requirements, we use external service providers for development services of the app by way of commissioned data processing, i.e. on our behalf, according to our instructions and under our control.
We do not intend to transmit the data to recipients outside the European Economic Area, with the exception of the use of the Google Firebase tool (see Section 4.2.1).
We use cookies to make our app as user-friendly as possible and to increase the relevance of our advertising to the users of our app. Cookies allow information to be kept for a certain period of time and to identify the user's app-capable medium.
If you are visiting our app for the first time, the privacy notice with consent to cookies will be displayed on the first page. If you then agree to the processing of your data by cookies, this consent will be stored in your app so that we do not have to display this notice each time you access the app.
We use two types of cookies in our app: (1) optional cookie analysis and (2) optional targeting or advertising cookies:
With cookie analysis, we gather and store the following data:
· Frequency of page views
· Search terms
· Use of website functions
· Duration of visit
Your data, collected using cookie analysis, is pseudonymized so that it is no longer possible to assign data to a respective user if that user has not clearly and actively given his/her consent.
We use cookie analysis to improve and optimize the quality of our online service and its content and to also review and improve the range and retrievability of our online service. The legal basis for processing is your consent in accordance with the first time you use the app (Article 6(1), Letter a) GDPR).
To analyze user behavior for the aforementioned purposes, we use Google Firebase, which itself employs cookies as explained. We use Google Firebase for statistical evaluations. Google Firebase is an analytics service from Google Inc., 1600 Amphitheatre Parkway, Mountain View, CA 94034, USA (“Google”). Google Firebase analyzes your use of the app and our services . The information generated by these cookies about your use of our app will generally be transmitted to and saved by Google in the United States. Google uses the advertising ID of your device. Google will use the information to evaluate the use of our app and to provide us with other services associated with the use of apps.
You can find more information on this at https://firebase.google.com/terms/data-processing-terms.
The data will be deleted as soon as it is no longer needed for our record-keeping purposes. This is usually after 90 days.
The consent you have given may be revoked at any time (see 6.3).
Targeting and advertising cookies are used to better target advertising to you and your interests. SMA Solar Technology AG (SMA) stores only and exclusively the personal data belonging to website users that have registered voluntarily/on their own initiative on our websites in order to receive information on products and services, because they want to subscribe to the SMA Newsletter or download documents. If they have given their consent, they can also receive promotional e-mails that are relevant to their interests.
Our app is linked to the Pardot tool. Pardot is a piece of marketing automation software from Salesforce.com EMEA Limited (Salesforce), Village 9, Floor 26 Salesforce Tower, 110 Bishopsgate, London, UK, EC2N 4AY.
Personal data provided voluntarily is initially stored in Pardot to then be processed using the Salesforce CRM system for the purpose of contacting and/or sending you information. Salesforce does not store any IP addresses but uses the “unique visitor ID” and “unique identifier.” Deriving personal information is not possible.
You can learn about how Salesforce processes your information when visiting websites here: (https://help.salesforce.com/articleView?id=pardot_basics_cookies.htm&type=5).
SMA uses Pardot as a marketing analysis service that makes it possible to maintain, assess and expand the SMA online service and SMA marketing communication and to optimize the content on SMA websites. Furthermore, to protect users and partners, fraud and security risks can be detected and parried, if necessary. Data will be processed in Salesforce on our behalf using cookies.
We also use these cookies to tailor advertisements on our websites and apps to you so that you can later be presented with exactly the type of advertising that may be of real interest to you, based on your user behavior.
The legal basis for processing is your consent in accordance with the first time you use the app (Article 6(1), Letter a) GDPR).
The consent you have given may be revoked at any time (see 6.3).
We and our service providers have implemented technical and organizational security measures to protect your personal data managed by us against accidental and intentional manipulation, loss, destruction or against unauthorized access. Our data processing and our security measures are constantly improved according to the current level of technology.
When your personal data is transmitted to us, it is encrypted via Secure Socket Layer (SSL). Personal data that are shared between you and us or other involved companies, are always transmitted via encrypted connections that correspond to the current state of technology.
Naturally, our employees and our commissioned service providers are obliged to maintain data secrecy.
If you have any questions regarding the processing of your personal data by us, we will provide you with information on the personal data stored about you at any time and free of charge. You are also entitled to the correction of incorrect data as well as blocking/restricting the processing or deletion of your personal data no longer required as well as the transmission of the data provided as far as technically possible. If the GDPR makes these rights subject to conditions, this only applies if these are fulfilled.
You also have the right to complain to a supervisory authority for data protection. The supervisory authority responsible for us is Der Hessische Beauftragte für Datenschutz und Informationsfreiheit (Gustav-Stresemann-Ring 1, 65189 Wiesbaden, Deutschland).
If you have given your consent to data processing, you may revoke it at any time with future effect, i.e. the legality of the data processing up to the time of the revocation remains untouched.
If we process your personal data on the basis of a legitimate interest according to Art. 6 Sect. 1 lit. f GDPR, you can object this processing for reasons that result from your special situation at any time. We will then determine whether our legitimate interest in the data processing also prevails in your case or whether your interests due to your special situation prevail. In the latter case, we will stop processing your data according to your objection. In this case, we will be unable to process existing and future orders.
Please contact us with your concerns at the office indicated below7. We reserve the right to verify your identity so that your personal data do not become known to unauthorized persons.
You can reach us as follows:
SMA Solar Technology AG
Sonnenallee 1
34266 Niestetal
Germany
Phone: +49 561 95 22-0
Fax: +49-561 95 22-100
E-mail: info@SMA.de
Our Data Protection Officer can be reached as follows:
SMA Solar Technology AG Data Protection Officer, Sonnenallee 1
34266 Niestetal, Germany
E-mail: datenschutz@SMA.de
From time to time, it is necessary to amend the content of this privacy notice. Thus, we reserve the right to amend it at any time. We will also publish the amended version of the privacy policy here. Therefore, you should reread the privacy policy when visiting us again.
As of November 2021