Data Protection Declaration

Please read this Data Protection Declaration carefully and do not use our website if you disagree with any of the practices described here.

This website and its content are controlled by:

• PohlCon GmbH
  Nobelstraße 51
  12057 Berlin
  Phone +49 30 68283-04
  Fax +49 30 68283-383
  contact@pohlcon.com

The server stores the following data in the server logs each time the website is accessed:

• web browser used, including version;
• operating system of the accessing system;
• website from which the accessing system reached the website (referrer);
• host name of the accessing system;
• web pages the accessing system visits on the website;
• date and time of access;
• internet protocol address (IP address) of the accessing system;
• internet service provider (ISP) of the accessing system.

The data is recorded and stored in order to:

• deliver the website content properly;
• optimise the website content;
• ensure the proper operation of our systems;
• avert threats and provide information required for prosecution to the law enforcement agencies in the event of an attack on our system.

The recorded data is analysed statistically in order to optimise the systems’ data security and the level of protection provided for the personal data processed. The data in the server log files is stored separately from all personal data provided by a data subject.

When you register to receive our newsletter, the data you provide in the registration form will be processed for the purpose of sending the newsletter. We may also inform you by e-mail about circumstances that are relevant to the service or your registration (e.g. changes to the newsletter offer or technical circumstances). When you register to receive the newsletter, the IP address of the accessing system as well as the date and time are also stored in order to be able to trace the possible misuse of a registered e-mail address.

The ‘double opt-in’ procedure is used to check that a registration is actually made by the owner of an e-mail address. For this purpose, the subscription to the newsletter, the sending of a confirmation e-mail and the receipt of the requested reply are logged.

In order to be able to analyse the content of our newsletters in terms of their functionality and reach, we use a tracking technology within the newsletters known as tracking pixels. By using the tracking pixel, we can analyse

• whether and when an email was opened,
• whether and which attachment was opened,
• which links in the email were clicked on
• the IP address from which the access was made.

We combine this information with the personal data you provided when registering for the newsletter in order to optimise our newsletter offering and adapt it to the needs of our subscribers. The processed tracking data and analyses are used exclusively for sending the newsletter. They are not passed on to third parties.

We use HubSpot Inc, USA, as a processor for the processing of your data. HubSpot Inc. is certified in accordance with the EU-U.S. Data Privacy Framework and has been obliged by us to comply with data protection regulations by means of an order processing agreement. Our processor HubSpot Inc. uses graphics (‘counters.gif’) in its newsletter registration form script to ensure the functionality and security of the script. These graphics are not used to analyse user behaviour.

You can revoke your consent to receive our newsletter and the associated data processing at any time with effect for the future. There is a corresponding link in every newsletter. You can also unsubscribe directly on this website at any time or inform us of your wish to do so via the contact option provided at the end of this privacy policy.

The legal basis for sending the newsletter and the associated tracking is your consent in accordance with Art. 6 para. 1 lit. a GDPR. The logging of the registration process is based on our legitimate interest in accordance with Art. 6 para. 1 lit. f GDPR. Our interest here is in the use of a secure newsletter dispatch procedure which, among other things, makes it possible to prove your consent.

Your email address and declaration of consent will be stored for a further three years after you withdraw your consent in order to provide proof of the consent you have given us. The storage is based on our legitimate interests in the defence or enforcement of any legal claims. The data will then be deleted.

If you get in touch with us using e-mail, the contact form, a price enquiry or the form for ordering brochures, the details you provide are stored for the purposes of processing the query and for any follow-up questions.

Our website contains links to social networks. You will be transferred to the website of the relevant provider when the link is activated. Please refer to the relevant providers’ data protection provisions for information about how your personal data is handled when you use these websites.

We use cookies on our website for various purposes. You can configure your browser to inform you whenever cookies are placed. This makes the use of cookies transparent to you. Of course, you can also set your browser to prohibit cookies, but if you do this you may no longer be able to use our website to its full extent.

We use the following types of cookie on our website:

Without their use, you will not be able to use our website as intended. They are used exclusively by us and are only stored on your computer during the current browser session. These cookies are used to customise the functionality of the website so that you are shown a version that your computer and your connection can handle. They also support the change from an http (unencrypted) session to an https (encrypted) session, thereby increasing the security of your visit to our website.

The necessary cookies we use include

• PHPSESSID: Stores the data provided for the duration of the session
• MATOMO_SESSID: Stored for the duration of your session if the opt-out function is used to avoid security problems with CSRF.
• cookieconsent_status: Saves the selection to save cookies for one year.
• dp_cookieconsent_status: Saves the selection to save cookies for one year.
• _cf_bm: Is determined by HubSpot, a processor used by us, and is used for bot protection. It contains information for calculating the bot score and, if applicable, a session identifier. The information in the cookie is encrypted with the exception of time-related information. A separate __cf_bm cookie is generated for each website that an end user visits. The cookie expires after 30 minutes of end user inactivity.
• _cfuvid: Set by HubSpot, a processor we use, based on their rate limiting policies. These are techniques for limiting traffic where multiple unique visitors use the same IP address, such as behind a NAT. End users who delete this cookie may not be able to access the website if there are many other visitors with the same IP address.

We use Matomo for web analysis using cookie technology. The protection of your data is important to us, therefore we have additionally configured Matomo so that your IP address is only recorded in abbreviated form. We therefore process your personal user data anonymously. A conclusion on your person is not possible for us.The following cookies are set via Matomo, if you allow them:

• _pk_id: Stores a data, such as a visitor ID for 13 months, in order to record repeated visits, and thus analyse the regular use of the page. Is set via the domain stats.pohlcon.com.
• _pk_ref: Saves the page from which you accessed our site for six months. Is set via the domain stats.pohlcon.com.
• _pk_ses, _pk_cvar, _pk_hsr: Saves the data of your current visit for 30 minutes. It records who you are using the site and the path you take to find information. This helps us to make the site more convenient for you. Is set via the domain stats.pohlcon.com.

Of course we respect "Do not track" (DNT). Depending on the browser, DNT is either a switch in the program settings or a module (add-on or plug-in) to be installed later. If this option is activated, your browser signals our web server that you do not wish to have any tracking measures taken without your explicit consent. We will then automatically deactivate all tracking functions on the server.

This also means that our websites are delivered without code for Matomo. This ensures the best possible data protection without you having to take any further measures with regard to our internet presence.

Depending on the internet browser used, the procedure by which you can activate the "Do not track" option differs. Please refer to the developers help pages on how to set this up in our browser. For most common ones, you can follow the links below:

• Mozilla Firefox: Instructions for activating "Do not track" in the program options
• Microsoft Internet Explorer: Instructions for activating "Do not track" in the program options
• Google Chrome: How to enable "Do not track" in the program options

Legal basis for the processing of personal data

• for which we obtain consent for processing is Article 6(1a) GDPR;
• for performance of a contract where the data subject is a party to the contract is Article 6(1b) GDPR;
• which is required for the implementation of pre-contractual measures, e.g. for queries about products or services, is Article 6(1b) GDPR;
• which we require because of a legal obligation, e.g. fiscal duties, is Article 6(1c) GDPR;
• which we undertake in order to protect the vital interests of the data subject or of another natural person is Article 6(1d) GDPR;
• which we carry out in order to protect our own or a third party’s legitimate interests is, unless these are overridden by the interests, fundamental rights and fundamental freedoms of the data subject, Article 6(1f) GDPR. Legitimate interests include such things as the transfer of your data in cases where there is joint responsibility.

We process and store personal data only for the period of time which is necessary to achieve the purpose of storing it or which is required by statutory provisions. Personal data is subsequently blocked or deleted:

• Server logs are deleted after a maximum of seven days.
• We store your newsletter registration data during the period you are subscribed to the newsletter. In addition, we store your consent until the limitation period has expired so that we can continue to prove, even at a later date, that the newsletter was sent legitimately. We delete your data after one week if you do not complete the registration process for the newsletter.

You have the right to information at any time regarding the personal data we hold about you. Likewise, you have the right to correction, blocking or, except for the storage of data required for business operations, erasure of your personal data. Please contact our data protection officer for information. You can make changes or withdraw consent with future effect by notifying us accordingly.

Please see the explanations below for details.

Every data subject has the right to request confirmation from us as to whether personal data concerning the subject is processed.

In this event, the data subject can request information about the purposes of the processing; the categories of the personal data processed; the recipients or categories of recipients to whom the personal data is or has been disclosed, particularly in the case of recipients in third countries or in international organisations; to the extent possible, the length of time it is planned to store the personal data, or at least the criteria for determining this length of time; the existence of a right to rectification or erasure of the personal data concerning the subject or to restriction of processing or a right to object to this processing; the existence of the right to lodge a complaint with a supervisory authority; if the personal data is not collected from the data subject, all available information about the origin of the data; the existence of automated decision-making, including profiling, in accordance with Article 22(1) and (4) GDPR and – in these cases at least - meaningful information about the logic involved and the scope and the intended impact of such processing for the data subject; transfer of data to a third country or to an international organisation and the appropriate guarantees in accordance with Article 46 GDPR.

If requested, we will provide the data subject with one copy of the personal data undergoing processing. Due to administrative overheads, we may request appropriate payment for any additional copies the data subject requests or applies for. The right to receive the aforementioned copies must not impair the rights and freedoms of other persons.

Every data subject has the right to request us to rectify without delay any incorrect personal data concerning the subject. Taking into account the purposes of the processing, the subject also has the right to request that incomplete personal data be completed, including by means of a supplementary statement.

Every data subject has the right to request that we delete without delay personal data concerning the subject.

We are obliged to delete personal data without delay if the personal data is no longer necessary for the purposes for which it was collected or otherwise processed; the data subject withdraws consent on which the processing depends in accordance with Article 6(1a) GDPR or Article 9(2a) GDPR and there is no other legal basis for the processing; in accordance with Article 21(1) GDPR the data subject lodges an objection to the processing and there are no overriding legitimate reasons for the processing, or the subject lodges an objection to the processing in accordance with Article 21(2) GDPR; the subject’s personal data has been processed unlawfully; the deletion of the subject’s personal data is required in order to fulfil a legal obligation under European Union law or the law of the Member States to which we are subject; the subject’s personal data has been collected in relation to the provision of information society services in accordance with Article 8(1) GDPR. However, this shall not apply if the processing is required for exercising the right to freedom of expression and information; for fulfilling a legal obligation which necessitates the processing under European Union or Member State law to which we are subject, or for carrying out a task which is in the public interest or occurs in the exercise of official authority vested in us; for reasons of public interest in the field of public health in accordance with Article 9(2h) and (i) GDPR and Article 9(3) GDPR; for the purposes of archiving or scientific or historical research in the public interest or for statistical purposes in accordance with Article 89(1) GDPR if the subject’s rights are likely to render impossible or seriously compromise the achievement of the objectives of this processing; for asserting, exercising or defending legal claims.

Every data subject has the right to request that we restrict processing if the data subject disputes the accuracy of the subject’s personal data, and for a period of time which is sufficient for us to check the accuracy of the subject’s personal data; the processing is unlawful and the subject declines to have the personal data deleted, instead requesting that use of the personal data be restricted; we no longer need the personal data for the purposes of processing but do need it for asserting, exercising or defending legal claims; the subject has lodged an objection to processing in accordance with Article 21(1) GDPR until it is established whether our legitimate reasons override the subject’s. We will inform the data subject before the restriction is lifted.

Every data subject has the right, due to factors arising from the subject’s particular situation, to lodge an objection at any time to the processing of personal data concerning the subject on the basis of Article 6(1e) or (f) GDPR. This includes profiling based on these provisions. We will cease processing the personal data unless it can be demonstrated that there are compelling legitimate reasons for the processing which override the interests, rights and freedoms of the data subject, or the processing is required for asserting, exercising or defending legal claims. Where the data subject’s personal data is processed for direct marketing purposes, the subject has the right to lodge an objection at any time to the processing of the personal data concerning the subject for the purposes of such marketing. This includes profiling, to the extent that it is related to such direct marketing. The data subject has the right, due to factors arising from the subject’s particular situation, to lodge an objection to the processing of personal data concerning the subject for the purposes of scientific or historical research or for statistical purposes in accordance with Article 89(1) GDPR, unless the processing is required in order to carry out a task in the public interest.

Every data subject has the right to receive the personal data the subject has provided us concerning the subject in a structured, commonly used and machine-readable format, and has the right to send that data to another controller without any impediment from us, provided that the processing is based on consent in accordance with Article 6(1a) GDPR or Article 9(2a) GDPR or on a contract in accordance with Article 6(1b) GDPR and automated procedures are used for the processing. In exercising the right to data portability, the data subject has the right to have the subject’s personal data sent directly by us to another controller, where technically feasible. This right does not apply to processing required in order to carry out a task which is in the public interest or occurs in the exercise of official authority vested in us. The rights and freedoms of other persons must not be impaired when the right to data portability is exercised.

Every data subject can withdraw consent at any time with future effect as defined in Article 6(1a) GDPR or Article 9(2a) GDPR. This does not affect the lawfulness of the data processing that took place prior to the withdrawal of consent.

If a data subject believes that the processing of the subject’s personal data breaches existing data-protection provisions, the subject can lodge a complaint with a supervisory authority without prejudice to other judicial remedies. The complaint can be directed in particular to a supervisory authority in the Member State of the subject’s place of residence, the subject’s place of work or the place of the alleged breach.

We do not use automated decision-making or profiling of website visitors.

We reserve the right to make amendments to this Data Protection Declaration from time to time so that it always meets current legal requirements, or in order to reflect changes to our services in the Data Protection Declaration, such as when new services are introduced. The new Data Protection Declaration will then apply the next time you visit our website.

If you have any questions about data protection, please send us an e-mail or contact the data protection officer directly.

You can reach the data protection officer for PohlCon GmbH and PohlCon Solar GmbH & Co. KG at:

Rechtsanwalt Hendrik Klünder
Klünder & Selent Rechtsanwälte
Schwanebecker Chaussee 5
13125 Berlin
Tel.: +49 30 60933556
kluender@point-of-law.de