PRIVACY POLICY
We are pleased that you are visiting the website of green flexibility GmbH (hereinafter referred to as “green flexibility” or “we”). We greatly appreciate your interest in our company and products. Data protection is of particular importance to the management of green flexibility. This privacy policy is directed at visitors to our website. Use of our website is generally possible without providing any personal data. However, if a data subject wishes to make use of special services offered by our company via our website, the processing of personal data may become necessary.
The processing of personal data, such as the name, address, email address, or telephone number of a data subject, is always carried out in accordance with the General Data Protection Regulation and in compliance with the country-specific data protection regulations applicable to green flexibility. Through this privacy policy, our company seeks to inform the public about the nature, scope, and purpose of the personal data we collect, use, and process. Furthermore, data subjects are informed of their rights through this privacy policy.
As the controller responsible for processing, we have implemented numerous technical and organizational measures to ensure the most complete protection of personal data processed through this website. Nevertheless, internet-based data transmissions can generally have security gaps, so absolute protection cannot be guaranteed. For this reason, every data subject is free to transmit personal data to us by alternative means, such as by telephone.
1. Definitions
The privacy policy of green flexibility is based on the terms used by the European legislator for the adoption of the General Data Protection Regulation (GDPR).
2. Name and Address of the Controller
The controller within the meaning of the General Data Protection Regulation and other applicable data protection laws is:
green flexibility development gmbh
Lohgässele 1
87435 Kempten
Germany
Data Protection Officer Contact:
Datenschutzkanzlei Lenz GmbH & Co. KG
Sven Lenz
Bahnhofstraße 50, D-87435 Kempten
Phone: +49 831 930653-00
Email: datenschutz@green-flexibility.com
3. Cookies
In some areas of our website, so-called cookies are used. A cookie is a small text file that is placed on your hard drive by a website. Cookies do not harm your computer and do not contain viruses. The cookies used on our website do not collect any personal data. The information contained in cookies is used to make it easier for you to use our site and to tailor it to your needs. Our website uses both session cookies and persistent cookies. Session cookies are temporary and stored in the user's web browser until the browser window is closed, thereby deleting the session cookies. Persistent cookies are used for repeat visits and stored in the user's browser for a specific period (usually one year or longer). These cookies are not deleted when the browser is closed. This type of cookie is used to reuse a user's preferences when they return to the site. Of course, you can also use our website without cookies. If you do not want cookies to be stored on your computer, you can disable the appropriate option in your browser’s system settings or actively refuse them when visiting our website. Stored cookies can be deleted at any time in your browser’s system settings. Please refer to your browser manufacturer's instructions for details on how this works.
Additionally, our website uses technically necessary cookies. Technically necessary cookies are those required for the smooth operation of our website. The legal basis for processing is Art. 6 para. 1 lit. f GDPR. We have a legitimate interest in the smooth functionality of our website.
4. Collection of General Data and Information
Our website collects a range of general data and information each time it is accessed by a data subject or automated system. These general data and information are stored in the server’s log files. The following may be collected: (1) browser types and versions used, (2) the operating system used by the accessing system, (3) the website from which an accessing system reaches our website (referrer), (4) the subpages accessed on our site, (5) the date and time of access, (6) an Internet Protocol address (IP address), (7) the internet service provider of the accessing system, and (8) similar data and information that serve to prevent danger in the event of attacks on our IT systems.
When using these general data and information, we do not draw any conclusions about the data subject. This information is instead required to (1) correctly display the content of our website, (2) optimize our website’s content and its advertising, (3) ensure the long-term viability of our IT systems and website technology, and (4) provide law enforcement authorities with the necessary information in the event of a cyberattack. These anonymously collected data and information are therefore statistically evaluated by us, and also with the aim of increasing data protection and data security within our company, ultimately ensuring an optimal level of protection for the personal data we process. The anonymous data of the server log files are stored separately from any personal data provided by a data subject. The data is collected based on Art. 6 para. 1 lit. f GDPR to safeguard our legitimate interests (e.g., secure website operation). Server log data is automatically deleted after 28 weeks.
In some areas of our website, so-called cookies are used. A cookie is a small text file that is placed on your hard drive by a website. Cookies do not harm your computer and do not contain viruses. The cookies used on our website do not collect any personal data. The information contained in cookies is used to make it easier for you to use our site and to tailor it to your needs. Our website uses both session cookies and persistent cookies. Session cookies are temporary and stored in the user's web browser until the browser window is closed, thereby deleting the session cookies. Persistent cookies are used for repeat visits and stored in the user's browser for a specific period (usually one year or longer). These cookies are not deleted when the browser is closed. This type of cookie is used to reuse a user's preferences when they return to the site. Of course, you can also use our website without cookies. If you do not want cookies to be stored on your computer, you can disable the appropriate option in your browser’s system settings or actively refuse them when visiting our website. Stored cookies can be deleted at any time in your browser’s system settings. Please refer to your browser manufacturer's instructions for details on how this works.
Additionally, our website uses technically necessary cookies. Technically necessary cookies are those required for the smooth operation of our website. The legal basis for processing is Art. 6 para. 1 lit. f GDPR. We have a legitimate interest in the smooth functionality of our website.
4. Collection of General Data and Information
Our website collects a range of general data and information each time it is accessed by a data subject or automated system. These general data and information are stored in the server’s log files. The following may be collected: (1) browser types and versions used, (2) the operating system used by the accessing system, (3) the website from which an accessing system reaches our website (referrer), (4) the subpages accessed on our site, (5) the date and time of access, (6) an Internet Protocol address (IP address), (7) the internet service provider of the accessing system, and (8) similar data and information that serve to prevent danger in the event of attacks on our IT systems.
When using these general data and information, we do not draw any conclusions about the data subject. This information is instead required to (1) correctly display the content of our website, (2) optimize our website’s content and its advertising, (3) ensure the long-term viability of our IT systems and website technology, and (4) provide law enforcement authorities with the necessary information in the event of a cyberattack. These anonymously collected data and information are therefore statistically evaluated by us, and also with the aim of increasing data protection and data security within our company, ultimately ensuring an optimal level of protection for the personal data we process. The anonymous data of the server log files are stored separately from any personal data provided by a data subject. The data is collected based on Art. 6 para. 1 lit. f GDPR to safeguard our legitimate interests (e.g., secure website operation). Server log data is automatically deleted after 28 weeks.
5. Google Analytics: Google LLC
This website uses Google Analytics, a web analysis service provided by Google LLC (Amphitheatre Parkway, Mountain View, CA 94043, United States – hereinafter referred to as “Google”). Google Analytics uses “cookies”, which are text files stored on your computer that enable analysis of your use of the website (see Section 3).
The information generated by the cookie about your use of this website (including your IP address, which is anonymized using “_anonymizeIp()” to exclude direct personal reference) is transmitted to and stored on a Google server in the USA. Google uses this information to evaluate your use of the website, compile reports on website activity for website operators, and provide other services related to website and internet usage. Google may also transfer this information to third parties if required by law or if third parties process this data on behalf of Google. Under no circumstances will Google associate your IP address with other data held by Google.
You can prevent the installation of cookies by adjusting your browser settings accordingly; however, we point out that in this case you may not be able to fully use all features of this website. By using this website, you consent to the processing of data about you by Google in the manner and for the purposes set out above. You can object to the collection and storage of data by Google Analytics at any time with future effect by installing a deactivation add-on for your browser: http://tools.google.com/dlpage/gaoptout?hl=en
6. Information Pursuant to Article 13 GDPR for New Contacts
We process your personal data in accordance with applicable data protection regulations. We use your data to respond to inquiries, for communication, and to fulfill contracts. Your data is stored and processed in our CRM/internal management tools, email, and office programs. Access to your data is role-based and restricted to the necessary personnel.
The legal basis is primarily Art. 6 para. 1 lit. b) GDPR (contract execution or pre-contractual measures). Additionally, processing may rely on Art. 6 para. 1 lit. f) GDPR (legitimate interest), or Art. 6 para. 1 lit. a) GDPR (consent), or Art. 6 para. 1 lit. c) GDPR (legal obligation).
We retain your data only as long as needed to fulfill the stated purposes or as required by law (e.g., retention under HGB or AO). Once no longer needed, the data is routinely deleted in compliance with legal requirements.
Data is disclosed to third parties only as legally permitted. If subcontractors or service providers require access (e.g., IT support), we have processing agreements in place to ensure data protection.
We do not transfer your data to non-EU countries unless a legal basis exists. Use of Microsoft 365 may involve such transfers. Microsoft is certified under the EU-U.S. Data Privacy Framework (July 2023), providing an adequate level of data protection.
7. Data Protection in Applications and Recruitment
This privacy information informs you about how your applicant data is processed by us.
We use your data exclusively for the purpose of processing your application. Only the HR staff and decision-makers responsible for hiring have access to your application documents. Inclusion in our applicant pool for future positions only occurs with your consent. If not hired, your data will be deleted after four months. If hired, relevant data will be transferred to your personnel file.
Personal data includes all information relating to you, such as name, address, date and place of birth, education and qualification details, and certificates. These data are stored and processed in our applicant management system, with access restricted to authorized individuals only. We use 'Personio' (Personio SE & Co. KG, Seidlstraße 3, 80335 Munich). We have a data processing agreement with this provider.
Purpose of Processing
We collect and process your data solely for application purposes (i.e., initiating employment). We will inform you in advance of any further processing beyond this original purpose as required by Art. 6(4) GDPR.
Legal Basis
Your data is processed under Art. 6(1)(b) GDPR (pre-contractual measures). Processing may also be based on legal obligations per Art. 6(1)(c) GDPR or your consent under Art. 6(1)(a) GDPR. Consent is voluntary and can be withdrawn at any time.
Transfer of Your Personal Information
Your data is not transferred to external parties without a legal basis. Microsoft 365 may result in data transfer to a third country. Since July 2023, the EU Commission has issued an adequacy decision for the U.S. (Data Privacy Framework). Microsoft is listed as a certified company.
Retention Period
Your personal data is stored only as long as necessary for the employment process or to meet legal retention requirements. If no employment is established, your data will be deleted after four months for documentation purposes under the AGG. If employment is established, relevant data will be moved to the personnel file.
8. Changes to This Privacy Policy
We reserve the right to update our privacy policy at any time to comply with current legal requirements.