Name and address of data controller

The data controller, within the meaning of the EU GDPR and other national data protection laws of the member states as well as other data protection regulations, is:

Responsible for the research project

Fraunhofer Society
for the Advancement of Applied Research

Fraunhofer-Gesellschaft
zur Förderung der angewandten Forschung e.V.

Hansastraße 27 c,
D–80686 München (Munich, Germany)

On behalf of your Fraunhofer Institute for Solar Energy System ISE

(in the following referred to as „Fraunhofer ISE“)

Responsible for the technical implementation

Ed. Züblin AG
Albstadtweg 3
70567 Stuttgart
Germany
Tel. +49 711 7883-0
Fax +49 711 7883-390
info@zueblin.de
www.zueblin.de

Name and address of data protection officer

The data controller’s data protection officer is:

Responsible for the research project

E-Mail: datensicherheit(at)ise.fraunhofer.de

Responsible for the technical implementation

Claus Genschow
CML Construction Services GmbH
Albstadtweg 3
70567 Stuttgart
Germany
Tel. +49(0)711 7883 – 625
claus.genschow@bauholding.com

General information on data processing

1. Scope of processing of the personal data
In principle, we process personal data of our users only insofar as this is necessary for the maintenance of a functional website and the provision of our content and services. The processing of our users’ personal data generally occurs only following receipt of the user’s consent. An exception is made in cases where it is not possible to obtain consent in advance for practical reasons and where the processing of the data is permitted by statutory regulations.

2. Legal basis for the processing of personal data
Insofar as we obtain consent from the data subject for the processing of personal data, Art. 6 (1) a of the EU’s General Data Protection Regulation (GDPR) shall serve as the legal basis.

Where the processing of personal data is required for the fulfilment of a contract to which the data subject is party, Art. 6 (1) b of the GDPR shall serve as the legal basis. This shall also apply to all processing operations required for the performance of pre-contractual measures.

Insofar as the processing of personal data is required for the fulfilment of a legal obligation (statutory conditions) to which our company is bound, Art. 6 (1) c of the GDPR shall serve as the legal basis.

If processing is necessary in order to protect the vital interests of the data subject or of another natural person, Art. 6 (1) d of the GDPR shall serve as the legal basis.

If processing is necessary to safeguard a legitimate interest of our company or of a third party, and the interests, basic rights and fundamental freedoms of the data subject do not outweigh the aforementioned legitimate interest, Art. 6 (1) f of the GDPR shall serve as the legal basis for processing.

3. Deletion of data and storage duration
The personal data of the data subject are deleted or blocked as soon as the purpose for their storage no longer applies. Storage beyond this point may take place if this is provided for by the European or national legislator in EU regulations, laws or other provisions to which the data controller is subject. Data will also be blocked or deleted once the storage period prescribed by the aforementioned standards expires, unless further storage of the data is necessary for the conclusion or fulfilment of a contract.

Provision of the website and creation of log files

1. Description and scope of data processing
Each time this website is accessed, our system records data and information from the computer system of the calling computer by means of an automated system.

The following data are collected as part of this process:
(1) Information about the browser type and version used
(2) The user’s operating system
(3) The user’s Internet service provider
(4) The user’s IP address
(5) Date and time of access
(6) Websites from which the user’s system has come to our website
(7) Websites accessed by the user’s system via our website

These data are also stored in our system’s log files. These data are not stored together with other personal data of the user.

2. Legal basis for data processing
The legal basis for the temporary storage of data and log files is Art. 6 (1) f of the GDPR.

3. Purpose of data processing
The system temporarily stores the user’s IP address in order to make the website available on the user’s computer. To do this, the user’s IP address must be stored for the duration of the session.

The storage in log files is carried out to ensure the functional capability of the website. The data also help us to optimise the website and ensure the security of our IT systems. No data are evaluated for marketing purposes in this context.

This is also the reasoning behind our legitimate interest in data processing under Art. 6 (1) f of the GDPR.

4. Storage duration
The data are deleted as soon as they are no longer required to achieve the purpose for which they were collected. When data are collected in order to make the website available, this is the case when the respective session ends.

When data are stored in log files, this is the case after 180 days at the latest.

5. Possibility of objection and elimination
The collection of data for the provision of the website and the storage of data in log files is necessary for operating the website. Therefore, there is no possibility for the user to object.

Disclosure to service provides

WWe only disclose your personal data to third parties when service providers work for us to manage our data. The legal basis is Art. 6 (1) f of the GDPR. We have concluded processing agreements with our service providers to ensure the data protection with regard to your personal data.

List of our service companies:
• Mynewsdesk
Privacy Policy
Cookie Policy

Rights of the data subject

When your personal data is processed, you become the data subject within the meaning of the GDPR and you shall have the following rights in relation to the data controller:
1. Right of access
2. Right to rectification
3. Right to restriction of processing
4. Right to erasure
5. Right to be informed
6. Right to data portability
7. Right to object
8. Right to withdraw declaration of consent
9. Automated individual decision-making, including profiling
10. Right to lodge a complaint with a supervisory authority