Privacy Policy

1. Introduction

With the following information we want to provide an overview of how we process your personal data as a "data subject" and inform you about your rights under applicable data protection laws. In most cases, you can use our website without sharing any personal data. However, if you wish to take advantage of certain services offered by our company through the website, it may become necessary to process your personal data. If the processing of personal data is necessary and there is no legal basis for such processing, we generally obtain your consent.

The processing of personal data—such as your name, address, or email address—is conducted in strict compliance with the General Data Protection Regulation (GDPR) and other relevant national data protection laws applicable to us. This data protection notice serves to inform you about the nature, purpose, and scope of the personal data we collect, utilize, and process.

As the data controller, we have implemented a wide range of technical and organizational measures to ensure the highest possible level of security for personal data processed via our website. However, please be aware that data transmission over the internet may have inherent security vulnerabilities, so absolute security cannot be guaranteed.

2. Data controller

The entity responsible for data processing within the meaning of GDPR is (“controller”):

Krannich Group GmbH

Heimsheimer Straße 65/1

71263 Weil der Stadt / Hausen

phone: +49 7033 3042-0

email: infonoSpam[at]krannich-solar.com

Authorized Representative:

Kurt Krannich

3. Data protection officer

For any questions, concerns, or suggestions regarding data protection, you can reach out to our data protection team at: datenschutznoSpam[at]krannich-group.com

Alternatively, you can contact our Data Protection Officer directly via email at:

DSBnoSpam[at]krannich-group.com

4. Legal basis

When we obtain your consent for a specific purpose, Article 6(1)(a) GDPR (in conjunction with Section 25(1) TDDDG [formerly TTDSG]) serves as the legal basis for the processing of your personal data.

If the processing of personal data is necessary for the performance of a contract to which you are a party —for instance, processing activities required for delivering goods or providing other services —the processing is based on Article 6(1)(b) GDPR. The same applies to processing activities necessary for pre-contractual measures, such as inquiries about our products or services.

When the processing of personal data is required to meet legal obligations, such as fulfilling tax or regulatory requirements, the processing is based on Article 6(1)(c) GDPR.

In rare cases, the processing of personal data may be necessary to protect the vital interests of the data subject or another natural person. In such cases, the processing would be based on Article 6(1)(d) GDPR.

Finally, processing activities could be based on Article 6(1)(f) GDPR. This legal basis applies to processing activities not covered by the aforementioned grounds if processing is necessary to safeguard the legitimate interests of our company or a third party, provided that these interests are not overridden by the interests, fundamental rights, or freedoms of the data subject. Such processing activities are particularly permitted because they have been specifically mentioned by the European legislator. In this context, the legislator considered that a legitimate interest might exist, for example, if you are a customer of our company (Recital 47, Sentence 2 GDPR).

5. Data transfer to third parties

Your personal data will only be shared with third parties under the conditions outlined below. Any transfer beyond these purposes will not occur.

We may share your personal data with third parties if:

You have explicitly provided your consent in accordance with Article 6(1)(a) GDPR;
The transfer is necessary to protect our legitimate interests under Article 6(1)(f) GDPR, and there is no indication that your overriding interests or fundamental rights require the protection of your personal data;
The disclosure is required to comply with a legal obligation under Article 6(1)(c) GDPR; or
The transfer is legally permissible and necessary for the performance of a contract with you under Article 6(1)(b) GDPR.

As part of the data processing activities described in this Privacy Policy, personal data may be transferred to the United States. Companies in the United States are only deemed to have an adequate level of data protection if they are certified under the EU-US Data Privacy Framework, allowing the adequacy decision of the European Commission under Article 45 GDPR to apply. We explicitly identify such service providers in this Privacy Policy.

In all other cases, we have concluded data processing agreements based on the European Commission's Standard Contractual Clauses to protect your personal data. If the Standard Contractual Clauses are insufficient to ensure an adequate level of security, your consent pursuant to Article 49(1)(a) GDPR may serve as the legal basis for transfers to third countries. This does not apply to data transfers to countries for which the European Commission has issued an adequacy decision under Article 45 GDPR.

6. Technology

6.1 SSL/TLS Encryption
This website uses SSL or TLS encryption to ensure the security of data processing and to protect the transmission of confidential content, such as orders, login data or contact requests that you send to us as the operator. You can recognize an encrypted connection by the “https://” instead of “http://” in the address line of the browser and by the lock symbol in your browser line.

We use this technology to safeguard your transmitted data and ensure its security during communication.

6.2 Data collection during website visits
When you use our website for informational purposes only—meaning you do not register, provide information, or consent to processing activities requiring your explicit approval—we collect only the data that is technically necessary for the provision of the service. This data is typically transmitted by your browser to our server and stored in "server log files." Each time you or an automated system accesses our website, a range of general data and information is collected and stored in the server log files. This may include:

1. the types and versions of browsers used,

2. the operating system used by the accessing system,

3. the website from which the accessing system reaches our site (the "referrer"),

4. the subpages accessed on our website,

5. the date and time of access,

6. a truncated Internet Protocol (IP) address (anonymized), and

7. the Internet service provider of the accessing system.

When processing this general data and information, we do not draw any conclusions about your identity. Instead, this information is used to:

1. deliver the content of our website correctly,

2. optimize our website's content and advertising,

3. ensure the continuous functionality of our IT systems and the technology of our website, and

4. provide law enforcement authorities with the information necessary for prosecution in the event of a cyberattack.

These collected data and information are analyzed statistically and used to enhance data protection and security in our organization. This allows us to maintain an optimal level of protection for the personal data we process. The anonymized data in the server log files is stored separately from any personal data you may provide.

The legal basis for this data processing is Article 6(1)(f) GDPR. Our legitimate interest stems from the purposes listed above.

6.3 Hosting by Amazon Web Services (AWS)
We host our website using Amazon Web Services (AWS), provided by Amazon Web Services EMEA SARL, 38 Avenue John F. Kennedy, 1855 Luxembourg.

When you visit our website, your personal data is processed on AWS servers. In some cases, this may involve the transfer of personal data to AWS's parent company in the United States. The use of AWS is based on Article 6(1)(f) GDPR, as we have a legitimate interest in ensuring the most reliable presentation of our website. We have entered into a data processing agreement with AWS, a legally required contract ensuring that AWS processes the personal data of our website visitors solely in accordance with our instructions and in compliance with the GDPR.

This US-based company is certified under the EU-US Data Privacy Framework. This certification constitutes an adequacy decision under Article 45 GDPR, allowing the transfer of personal data without requiring additional guarantees or measures.

For more information on AWS's privacy practices, please visit: https://aws.amazon.com/de/privacy/?nc1=f_pr

7. Cookies

7.1 General information about cookies
Cookies are small files that your browser automatically creates and that are stored on your IT system (such as a laptop, tablet, or smartphone) when you visit our website.

These cookies contain information that is related to the specific device you are using. However, this does not mean that we can directly identify you through this information.

7.2 Cookiebot (Consent Management Tool)
We use the consent management tool "Cookiebot" provided by Usercentrics A/S, Havnegade 39, 1058 Copenhagen, Denmark. This service enables us to collect and manage the consent of website visitors for data processing.

Cookiebot collects data generated by end users who use our website. When an end user provides consent via the cookie consent tool, the following data is automatically logged by Cookiebot:

1.the end user’s IP address in anonymized form (the last three digits are set to 0),

2. the date and time of the consent,

3. the user agent of the end user’s browser,

4. the URL from which the consent was submitted,

5. an anonymous, random, and encrypted key,

6. the end user’s consent status, which serves as proof of the consent.

The key and the consent status are also stored in the "CookieConsent" cookie in the end user’s browser. This allows the website to automatically recognize the user’s consent for all subsequent page requests and future sessions for up to 12 months. The key is used to verify that the consent status stored in the end user’s browser has not been altered compared to the original consent submitted to Usercentrics.

The functionality of the website cannot be guaranteed without this processing. The "CookieConsent" cookie set by Cookiebot is classified as necessary.

Usercentrics is the recipient of your personal data and acts as a data processor on our behalf.

For detailed information about the use of Cookiebot, please visit: https://www.cookiebot.com/de/privacy-policy/.

8. Content on our website

8.1 Contact / Contact Form
When you contact us (e.g., via contact form or email), personal data is collected. Which data we collect when a contact form is used can be seen from the respective form. This data is stored and used exclusively for the purpose of responding to your inquiry and for the technical administration associated with it. The legal basis for processing this data is our legitimate interest in responding to your inquiry, in accordance with Article 6(1)(f) GDPR. If your contact aims at the conclusion of a contract, an additional legal basis for processing is Article 6(1)(b) GDPR. Your data will be deleted once your inquiry has been fully resolved, provided no legal retention obligations prevent its deletion. This is the case when it can be inferred from the circumstances that the matter has been conclusively addressed.

8.2 Application Management / Job Board
We collect and process applicants' personal data for the purpose of handling the application process. Processing may also take place electronically. This is particularly the case if an applicant submits their application documents to us electronically, for example via email or a web form on our website.

If we conclude an employment or service contract with an applicant, the transmitted data will be stored for the purpose of processing the employment relationship in compliance with legal provisions. If we do not conclude a contract with the applicant, the application documents will be automatically deleted two months after the rejection decision is communicated, provided there are no other legitimate interests on our part that oppose deletion. A legitimate interest in this sense could be, for example, the need to provide evidence in a procedure under the General Equal Treatment Act (AGG).

The legal basis for processing your data is Art. 6(1)(b), 88 GDPR in conjunction with § 26(1) BDSG.

9. Newsletter

9.1 Newsletter
On our website, we offer you the opportunity to subscribe to our newsletter. The specific personal data transmitted to us when you subscribe to the newsletter is determined by the input mask used for this purpose.

When you register for our newsletter, we store the IP address of the IT system you used at the time of registration, as assigned by your Internet Service Provider (ISP), as well as the date and time of registration. The collection of this data is necessary to trace any potential misuse of your email address at a later date and serves to ensure our legal security.

The personal data collected when register for the newsletter is used exclusively for sending our newsletter. Additionally, newsletter subscribers may be informed by email if such communication is necessary for the operation of the newsletter service or the related registration, such as in the case of changes to the newsletter offering or adjustments to technical conditions. Personal data collected in connection with the newsletter service is not shared with third parties.

You may cancel your subscription to our newsletter at any time. The consent you have given for the storage of personal data for the purpose of sending the newsletter can be revoked at any time. For this purpose, each newsletter contains a corresponding link for withdrawal of consent. Furthermore, you can also unsubscribe directly on our website or inform us of your wish to unsubscribe through other means.

The legal basis for data processing for the purpose of sending the newsletter is Art. 6(1)(a) GDPR.

9.2 Newsletter Tracking'
Our newsletters contain so-called tracking pixels. A tracking pixel is a miniature graphic embedded in emails sent in HTML format, enabling log file recording and analysis. This allows for a statistical evaluation of the success or failure of online marketing campaigns. Through the embedded tracking pixel, the company can determine whether and when an email was opened by you and which links contained in the email were clicked by you.

The personal data collected via tracking pixels in the newsletters are stored and analyzed by us to optimize newsletter distribution and better tailor the content of future newsletters to your interests. These personal data will not be shared with third parties. Affected individuals are entitled to withdraw their consent at any time. Upon withdrawal, these personal data will be deleted by us. Unsubscribing from the newsletter is automatically interpreted as a withdrawal.

Such evaluations are carried out in particular in accordance with Article 6 (1) (f) GDPR, based on our legitimate interests in displaying personalized advertising, market research, and/or the demand-oriented design of our website.

9.3 Mailingwork
We use mailingwork to send newsletters. The service provider is mailingwork GmbH, Schönherrstraße 8, 09113 Chemnitz. mailingwork is a service that can be used to organize and analyze the sending of newsletters, among other things.

If you enter data for the purpose of receiving newsletters (e.g. email address), this data will be stored on mailingwork's servers in Germany. When you open an email sent via mailingwork, a file contained in the email (a so-called web beacon) connects to mailingwork's servers. This allows it to determine whether a newsletter email was opened and which links, if any, were clicked. Additionally, technical information is collected (e.g., time of retrieval, IP address, browser type, and operating system). This information cannot be linked to individual newsletter recipients. It is used exclusively for statistical analysis of newsletter campaigns. The results of these analyses can be used to better tailor future newsletters to the recipients' interests.

If you do not wish your data to be analyzed by mailingwork, you need to unsubscribe from the newsletter. A corresponding link is provided in every newsletter message.

Data processing is based on your consent in accordance with Article 6 (1) (a) GDPR. You may revoke this consent at any time. The legality of the data processing that has already occurred remains unaffected by the revocation.

You can view the privacy policy of mailingwork GmbH at: https://mailingwork.de/datenschutzerklaerung

9.3 WhatsApp newsletter
You can also receive our free newsletter via the instant messaging service WhatsApp. The provider is WhatsApp Ireland Limited, 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland. Communication takes place via end-to-end encryption (peer-to-peer), which prevents WhatsApp or other third parties from gaining access to the communication content. However, WhatsApp receives access to metadata that is created in the course of the communication process (e.g. sender, recipient and time). We further point out that, according to its own statement, WhatsApp shares personal data of its users with its US-based parent company Meta. For more details about data processing, please refer to WhatsApp’s privacy policy: https://www.whatsapp.com/legal/#privacy-policy

By subscribing to the WhatsApp newsletter, you consent to the data processing. The legal basis for processing is Article 6 (1) (a) GDPR. Data processing is based solely on your consent, which can be revoked at any time with future effect.

The company is certified under the "EU-US Data Privacy Framework" (DPF). The DPF is an agreement between the European Union and the USA that aims to ensure compliance with European data protection standards for data processing in the USA. Each company certified under the DPF is obligated to adhere to these data protection standards. More information can be found at the following link: https://www.dataprivacyframework.gov/s/participant-search/participantdetail?contact=true&id=a2zt00000011sfnAAA&status=Active

We use WhatsApp in the "WhatsApp Business" version. The data transfer to the USA is based on the EU Commission's standard contractual clauses. More details are available here: https://www.whatsapp.com/legal/business-data-transfer-addendum Our WhatsApp accounts are configured to prevent automatic synchronization of contacts with the address book of the smartphones in use.

We have concluded a data processing agreement (DPA) with the provider mentioned above.

10. Our activities on social networks

To communicate with you on social networks and inform you about our services, we maintain our own pages there. When you visit one of our social media pages, we are jointly responsible with the provider of the respective social media platform for the processing activities triggered by your visit, as per Article 26 GDPR.

We are not the original provider of these platforms and only use them within the scope of the possibilities offered to us by the respective providers. Therefore, we would like to point out that your data may also be processed outside the European Union (EU) or the European Economic Area (EEA). Use may therefore be associated with data protection risks for you, as it may become more difficult to assert your rights (e.g., access, deletion, objection, etc.), and processing on social networks often occurs directly for advertising purposes or user behavior analysis by the platform providers without our ability to influence these activities. When user profiles are created by the providers, cookies are often used, or your usage behavior is linked to your profile within the social network.

The described processing operations of personal data are carried out in accordance with Art. 6 para. 1 lit. f) GDPR on the basis of our legitimate interest and the legitimate interest of the respective provider in order to be able to communicate with you in a timely manner or to inform you about our services. If you are required to provide consent for data processing to the respective providers as a user, the legal basis for processing is Article 6 (1) (a) in conjunction with Article 7 GDPR.

As we do not have access to the providers' databases, we recommend that you exercise your rights (e.g., access, correction, deletion, etc.) directly with the respective provider. Further information on the processing of your data on social networks is provided below for each social media platform we use:

10.1 Facebook
(Joint) controller for data processing in Europe: Meta Platforms Ireland Ltd, 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland

10.2 Instagram
(Joint) controller for data processing in Germany: Meta Platforms Ireland Ltd, 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland

10.3 LinkedIn
(Joint) controller for data processing in Europe: LinkedIn Ireland Unlimited Company Wilton Place, Dublin 2, Ireland

10.4 XING (New Work SE)
(Joint) controller for data processing in Germany: New Work SE, Am Strandkai 1, 20457 Hamburg, Germany

Access requests for XING members: www.xing.com/settings/privacy/data/disclosure

10.5 YouTube
Joint Controller for data processing in Europe: Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland

11. Web Analysis

11.1 Meta Pixel (formerly Facebook Pixel)
This website uses Facebook Pixel by Meta Platforms, Inc., 1 Hacker Way, Menlo Park, CA 94025, USA ("Meta"). With explicit consent, this tool enables the tracking of user behavior after they have viewed or clicked on a Facebook advertisement. This process is used to evaluate the effectiveness of Facebook ads for statistical and market research purposes and can help optimize future advertising strategies.

When visiting the website, the Meta Pixel can process, among other things, the following data:

1. IP address

2. device information

3. browser history

4. interactions on our website (e.g., page views, clicks, conversions)

The data collected is stored and processed by Meta, allowing it to be linked to the respective user profile. Meta may use this data for its own advertising purposes in accordance with the Meta (Facebook) Data Use Policy (https://www.facebook.com/about/privacy/). This enables Meta and its partners to display advertisements on and outside of Facebook. For these purposes, a cookie may also be stored on your computer.

The collected data is stored by Meta for a period of 180 days and is subsequently deleted if the user does not revisit the website.

These processing activities occur exclusively with the explicit consent of the user, in accordance with Art. 6(1)(a) GDPR.

This U.S. company is certified under the EU-US Data Privacy Framework. Therefore, an adequacy decision under Art. 45 GDPR exists, allowing the transfer of personal data without the need for additional safeguards or measures.

11.2 Google Analytics 4 (GA4)
We use Google Analytics 4 (GA4) on our websites, a web analytics service provided by Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland ("Google").

In this context, pseudonymized user profiles are created, and cookies are used (see the "Cookies" section). Information generated by the cookie about your use of this website may include, but not limited to:

1. a temporary collection of the IP address without permanent storage

2. location data

3. browser type/version

4. operating system used

5. referrer URL (previously visited page)

6. time of the server request

The pseudonymized data may be transferred to and stored on a server in the USA by Google.

This information is used to evaluate website usage, compile reports on website activities, and provide other services related to website and internet usage for the purposes of market research and needs-based website design. This information may also be passed on to third parties if required by law or if third parties process this data on behalf of Google. These processing activities only occur with explicit consent under Article 6 (1) (a) GDPR.

The default data retention period set by Google is 14 months. Personal data is otherwise retained as long as necessary to fulfill the processing purpose. The data will be deleted once it is no longer required for this purpose.

The parent company Google LLC, a US-based company, is certified under the EU-US Data Privacy Framework. This certification constitutes an adequacy decision under Article 45 GDPR, allowing the transfer of personal data without additional guarantees or measures.

For more information on data protection when using GA4, please visit: https://support.google.com/analytics/answer/12017362?hl=de

11.3 HubSpot
We use HubSpot features on this website. The service provider is HubSpot, Inc., 25 First Street, Cambridge, MA 02141, USA.

HubSpot tracks visitors to our website using browser cookies. Each time you access our website, HubSpot checks whether a HubSpot tracking cookie is already set. If no such cookie is present in your browser, a HubSpot cookie will be placed—provided you give your consent—which records all subsequent visits to our webpages.

Here are key points regarding the use of HubSpot tracking cookies:

Your visit to our webpages is only tracked with the HubSpot cookie if you have provided consent to set the HubSpot cookie or all tracking cookies.

If you fill out and submit one of the forms on our website (e.g., a contact form) and have consented to the HubSpot cookie, HubSpot associates your previous page views (captured by the cookie) with the submitted form.

If you have already been in contact with us, the email address submitted via the form is linked to the information already stored in our system.

If you delete all your cookies or specifically HubSpot cookies, you will be recognized as a new visitor, and a new cookie will be set. However, HubSpot automatically links all form submissions from the same email address, even if they are associated with different browser cookies.

Since cookies are only set once per browser, submissions from two individuals sharing a single computer are associated with the same contact record. This deduplication ensures that if a single contact submits forms using different email addresses, all submissions are linked to one contact record in HubSpot.

HubSpot assigns page views to a contact if the contact clicks a link in a tracked marketing email that leads to a page where the HubSpot tracking code is installed.

For these activities, the processing of data only occurs with explicit consent in accordance with Article 6 (1) (a) GDPR.

These processing activities only take place with explicit consent in accordance with Article 6 (1) (a) GDPR. Your data will be stored until you withdraw your consent.

You can configure your browser to notify you when cookies are set, allow cookies only in specific cases, exclude the acceptance of cookies in certain cases or in general, and activate the automatic deletion of cookies when closing the browser. Please note that disabling cookies may limit the functionality of this website.

The transfer of your personal data to the USA is based on the standard contractual clauses.

For more information about HubSpot, please visit: https://legal.hubspot.com/privacy-policy.

11.4 LinkedIn Analytics
This website uses the retargeting tool and conversion tracking of LinkedIn Ireland, Wilton Plaza, Wilton Place, Dublin 2, Ireland (LinkedIn).

For this purpose, the LinkedIn Insight Tag is integrated into our website. This allows LinkedIn to collect statistical data about your visit and usage of our website and provide us with aggregated statistics based on this data. Additionally, the service is used to display interest-specific and relevant offers and recommendations to you after you have explored specific services, information, or offers on the website. The related data is stored in a cookie.

The following data is typically collected and processed:

1. IP address

2. device information

3. browser information

4. Referrer URL

5. Timestamp

These processing activities occur exclusively with your explicit consent, in accordance with Art. 6(1)(a) GDPR. Your data will be stored until you withdraw your consent.

As part of processing via LinkedIn, data may be transferred to the USA and Singapore. This US company is certified under the EU-US Data Privacy Framework. This constitutes an adequacy decision pursuant to Art. 45 GDPR, meaning that personal data may be transferred without further guarantees or additional measures. In addition, the security of the transfer is regularly ensured by so-called standard contractual clauses, which guarantee that the processing of personal data is subject to a level of security that corresponds to that of the GDPR.f the standard contractual clauses are insufficient to ensure an adequate level of security, your explicit consent under Art. 49(1)(a) GDPR will be obtained.

For more information about LinkedIn's privacy policies, please visit: https://de.linkedin.com/legal/privacy-policy.

11.5 Mouseflow
This website uses Mouseflow, a service provided by Mouseflow ApS, Flaesketorvet 68, 1711 Copenhagen, Denmark. Mouseflow is a tool for analyzing your user behavior on this website. To achieve this, cookies are placed in your browser.

Mouseflow enables us to record your mouse and scroll movements, keyboard inputs, use of form and feedback fields, referrer URLs, and IP addresses (optional). Mouseflow can also determine how long you hovered the mouse pointer over a specific area. From this information, so-called heatmaps are created, which help identify the areas of the website that are most frequently viewed by visitors. Additionally, we can track how long you stayed on a page and when you left. We can also see where you abandoned your inputs in a contact form (so-called conversion funnels).

These processing activities only take place with explicit consent in accordance with Article 6 (1) (a) GDPR.

For more information about Mouseflow, please visit: https://mouseflow.com/legal/visitor/

12. Advertising

12.1 Google Ads with Conversion Tracking
We have integrated Google Ads on this website. The service provider of Google Ads is Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland. Google Ads is an online advertising service that allows advertisers to place ads both in Google’s search engine results and within the Google advertising network. Google Ads enables advertisers to define specific keywords in advance, ensuring that an ad is only displayed in Google’s search engine results if a user retrieves a keyword-relevant search result using the search engine. Within the Google advertising network, ads are distributed to topic-relevant websites through an automatic algorithm based on predefined keywords.

The purpose of Google Ads is to promote our website by displaying interest-relevant advertising on third-party websites and in Google search engine results, as well as to display third-party advertising on our website. If you reach our website via a Google ad, Google places a so-called conversion cookie on your device. A conversion cookie expires after 30 days and is not used to identify you. If the cookie has not yet expired, it tracks whether specific subpages, such as the shopping cart of an online store, were accessed on our website. Using the conversion cookie, both we and Google can determine whether a user who accessed our website via a Google Ads ad completed a purchase or abandoned the process.

The data and information collected through the use of the conversion cookie are used by Google to generate visit statistics for our website. We use these statistics to determine the total number of users who were referred to us via Ads, evaluate the success or failure of individual Ads, and optimize our Ads for the future. Neither our company nor other Google Ads advertisers receive information from Google that could identify you.

The conversion cookie stores personal information, such as the websites you visit. Each time you visit our website, personal data, including your IP address, is transmitted to Google in the United States. These personal data are stored by Google in the United States. Google may transfer these personal data collected via the technical process to third parties. These processing activities occur exclusively with your explicit consent in accordance with Article 6 (1) (a) GDPR.

You can find Google Ads’ privacy policy and additional information at: https://www.google.de/intl/de/policies/privacy/

12.2 LinkedIn Ads
We have integrated LinkedIn Ads on this website. The service is operated by LinkedIn Ireland, Wilton Plaza, Wilton Place, Dublin 2, Ireland.This integration allows us to advertise our company within the LinkedIn social network. For this purpose, LinkedIn places a cookie in your browser, which automatically enables interest-based advertising based on the pages you have visited.

These processing activities occur exclusively with your explicit consent, in accordance with Art. 6(1)(a) GDPR. Your data will be deleted as soon as it is no longer required to achieve the purpose or if you withdraw your consent.

As part of the processing via LinkedIn, data may be transferred to the USA and Singapore. This U.S. company is certified under the EU-US Data Privacy Framework. This constitutes an adequacy decision pursuant to Art. 45 GDPR, meaning that personal data may be transferred without further guarantees or additional measures. Additionally, the security of the transfer is regularly ensured through standard contractual clauses, which guarantee that the processing of personal data adheres to a security level equivalent to that of the GDPR. If the standard contractual clauses are insufficient to ensure an adequate level of security, your explicit consent under Art. 49(1)(a) GDPR will be obtained.

For more information about LinkedIn's privacy policy, please visit: https://de.linkedin.com/legal/privacy-policy.

13. Plugins and Other Services

13.1 Google Maps
We use Google Maps (API) on our website. The service provider of Google Maps is Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland. Google Ireland Limited is part of the Google group of companies, headquartered at 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA. Google Maps is a web service for displaying interactive (land) maps to visually present geographic information. Using this service allows you to view our location and facilitates potential navigation to us.

When you access a subpage on which a Google Maps map is embedded, information about your use of our website (e.g., your IP address) is transmitted to Google servers in the USA and stored there, provided you have given your consent under Article 6 (1) (a) GDPR. Additionally, Google Maps loads Google Web Fonts, Google Photos, and Google Stats. The provider of these services is also Google Ireland Limited.

When you access a page embedding Google Maps, your browser loads the web fonts and photos required to display Google Maps into its cache. For this purpose, the browser you are using establishes a connection to Google servers. This allows Google to know that our website was accessed via your IP address. This occurs regardless of whether Google provides a user account that you are logged into or whether no user account exists.

If you are logged into Google, your data will be directly associated with your account. If you do not wish for this association with your Google profile, you must log out of your Google user account. Google stores your data (even for users who are not logged in) as user profiles and evaluates them. You have the right to object to the creation of these user profiles, but to exercise this right, you must contact Google directly.

If you do not agree to the future transfer of your data to Google as part of the use of Google Maps, you can completely deactivate the Google Maps web service by disabling JavaScript in your browser. In this case, Google Maps and the map display on this website will no longer be usable.

These processing activities are only carried out with your explicit consent in accordance with Article 6 (1) (a) GDPR.

You can view Google's Terms of Use at: www.google.de/intl/de/policies/terms/regional.html, and the additional terms of use for Google Maps at: www.google.com/intl/de_US/help/terms_maps.html.

You can view Google Maps' privacy policy ("Google Privacy Policy") at: https://www.google.de/intl/de/policies/privacy/.

13.2 Google reCAPTCHA
We use Google reCAPTCHA on this website. The service provider of Google reCAPTCHA is Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland. Google Ireland Limited is part of the Google group of companies, headquartered at 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA.

The reCAPTCHA function is primarily used to distinguish whether an input is made by a natural person or abusively by machine or automated processing. The service also includes sending the IP address and possibly other data required by Google for the reCAPTCHA service to Google. These processing activities occur exclusively with explicit consent under Article 6 (1) (a) GDPR.

Further information about Google reCAPTCHA and Google's privacy policy can be found at: https://www.google.com/intl/de/policies/privacy/.

13.3 Google Tag Manager
We use Google Tag Manager on this website. The service provider of Google Tag Manager is Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland. Google Ireland Limited is part of the Google group of companies, headquartered at 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA.

This tool allows "website tags" (i.e., keywords embedded in HTML elements) to be implemented and managed via an interface. By using Google Tag Manager, we can automatically track which button, link, or personalized image you actively clicked on and can record which content on our website is of particular interest to you.

The tool also triggers other tags, which may in turn collect data. Google Tag Manager does not access this data. If you have disabled tracking at the domain or cookie level, this setting will remain effective for all tracking tags implemented via Google Tag Manager. These processing activities are carried out exclusively upon the granting of explicit consent in accordance with Article 6(1)(a) GDPR.

The parent company, Google LLC, is certified as a U.S. company under the EU-US Data Privacy Framework. Accordingly, there is an adequacy decision pursuant to Article 45 GDPR, allowing the transfer of personal data without further guarantees or additional measures.

For more information about Google Tag Manager and Google's privacy policy, please visit: https://www.google.com/intl/de/policies/privacy/.

13.4 HubSpot CRM System
We use the CRM software provided by HubSpot, Inc., 25 First Street, Cambridge, MA 02141, USA ("HubSpot").

HubSpot is a CRM software solution for managing customer relationships and includes, among other features:

1. deal, lead and task management

2. email tracking and notifications

3. email templates and scheduling

4. document sharing

5. online booking system

6. telecommunication solutions, such as automatic recording

All departments (including, for example, marketing, sales, customer service e.g.) work collaboratively using the software described.

HubSpot necessarily gains access to the aforementioned data to the extent provided under the data processing agreement (Article 28 GDPR) between us and HubSpot. This may include names, addresses, email addresses, and phone numbers. Personal data may also be processed in a third country (outside the EU and the EEA).

Where consent has been requested, processing is carried out solely on the basis of Article 6(1)(a) GDPR. The legal basis for using HubSpot in the context of contractual relationships is Article 6(1)(b) GDPR. In all other cases, the legal basis for processing your personal data is Article 6(1)(f) GDPR, reflecting our legitimate interest in the effective coordination of internal and external communications and customer relationship management.

To the extent that HubSpot processes personal data in connection with its own legitimate business operations, HubSpot acts as an independent data controller for this usage and is responsible for compliance with applicable laws and obligations as a data controller.

HubSpot, a US-based company, is certified under the EU-US Data Privacy Framework.

Accordingly, there is an adequacy decision pursuant to Article 45 GDPR, allowing the transfer of personal data without further guarantees or additional measures. You can review HubSpot's privacy policy at: https://legal.hubspot.com/de/privacy-policy.

13.5 Microsoft Forms
We use Microsoft Forms provided by Microsoft Corporation, One Microsoft Way, Redmond, WA 98052-6399, USA, to create surveys, polls, and quizzes.

Microsoft Forms is a web-based application for creating surveys, quizzes, and polls. The forms created can be shared via links or can be embedded on a website to collect feedback from a target group or conduct polls. The results of the surveys are automatically collected and can be displayed and analyzed in real time. When using Microsoft Forms, various personal data may be collected, including:

1. information provided by you when completing a survey, poll, or quiz, such as your name, email address, or answers to questions

2. data about the use of Microsoft Forms, such as the date and time of access, browser type, operating system and IP address

The retention period for personal data is determined by the applicable statutory retention requirements.

Participation in surveys, polls, or quizzes is voluntary. The legal basis for processing personal data is your voluntarily given consent in accordance with Article 6(1)(a) GDPR. You can withdraw your consent at any time with effect for the future.

Microsoft, a US-based company, is certified under the EU-US Data Privacy Framework. Accordingly, there is an adequacy decision pursuant to Article 45 GDPR, allowing the transfer of personal data without further guarantees or additional measures.

For more information about the Microsoft Forms service and its privacy policy, please visit: https://privacy.microsoft.com/de-de/.

13.6 YouTube
On this website, we have integrated components from YouTube. The service provider of YouTube is YouTube, LLC, 901 Cherry Ave., San Bruno, CA 94066, USA. YouTube, LLC is a subsidiary of Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland.

YouTube is an online video portal that allows video publishers to upload video clips free of charge and other users to view, rate, and comment on them. YouTube hosts all types of videos, including full-length movies and TV shows, music videos, trailers, and user-generated content. Each time you access a page on our website that contains a YouTube component (YouTube video), your internet browser is automatically prompted by the respective YouTube component to download a representation of that component from YouTube. Additionally, YouTube may load services like Google WebFonts, Google Video, and Google Photo. Further information about YouTube can be found at www.youtube.com/yt/about/de/.

During this technical process, YouTube and Google become aware of which specific subpage of our website you visited. If you are logged into YouTube at the same time, YouTube recognizes which specific subpage you visit that contains a YouTube video. This information is collected by YouTube and Google and associated with your YouTube account.

YouTube and Google receive this information via the YouTube component whenever you visit our website while logged into YouTube, regardless of whether you click on a YouTube video or not. If you do not want this information to be transmitted to YouTube and Google, you can prevent it by logging out of your YouTube account before visiting our website.

These processing operations are carried out exclusively with your explicit consent in accordance with Article 6(1)(a) GDPR.

The parent company, Google LLC, is certified under the EU-US Data Privacy Framework. Accordingly, there is an adequacy decision pursuant to Article 45 GDPR, allowing the transfer of personal data without further guarantees or additional measures. You can review YouTube's privacy policy at: www.google.de/intl/de/policies/privacy/.

14. Your Rights as a Data Subject

14.1 Right to Confirmation
You have the right to request confirmation from us as to whether personal data concerning you is being processed.

14.2 Right to Access (Art. 15 GDPR)
You have the right to receive information from us at any time free of charge about the personal data stored about you and a copy of this data in accordance with the statutory provisions.

14.3 Right to Rectification (Art. 16 GDPR)
You have the right to request the correction of inaccurate personal data concerning you. Additionally, you have the right to request the completion of incomplete personal data, taking into account the purposes of the processing.

14.4 Right to Erasure (Art. 17 GDPR)
You have the right to demand that we delete personal data concerning you without undue delay, provided that one of the legally stipulated reasons applies and processing or storage is not required.

14.5 Right to Restriction of Processing (Art. 18 GDPR)
You have the right to request the restriction of processing from us if one of the legal conditions applies.

14.6 Right to Data Portability (Art. 20 GDPR)
You have the right to receive the personal data concerning you that you have provided to us in a structured, commonly used, and machine-readable format. You also have the right to transmit this data to another controller without hindrance from us, provided that the processing is based on consent under Art. 6(1)(a) GDPR or Art. 9(2)(a) GDPR or on a contract under Art. 6(1)(b) GDPR and the processing is carried out by automated means, as long as the processing is not necessary for the performance of a task carried out in the public interest or in the exercise of official authority vested in us. Furthermore, when exercising your right to data portability pursuant to Art. 20(1) GDPR, you have the right to have the personal data transmitted directly from one controller to another, where technically feasible and where this does not adversely affect the rights and freedoms of others.

14.7 Objection (Art. 21 GDPR)
YOU HAVE THE RIGHT TO OBJECT AT ANY TIME, ON GROUNDS RELATING TO YOUR PARTICULAR SITUATION, TO THE PROCESSING OF PERSONAL DATA CONCERNING YOU THAT IS BASED ON ARTICLE 6(1)(E) (DATA PROCESSING IN THE PUBLIC INTEREST) OR ARTICLE 6(1)(F) (DATA PROCESSING BASED ON A BALANCING OF INTERESTS) OF THE GDPR.

THIS ALSO APPLIES TO PROFILING BASED ON THESE PROVISIONS AS DEFINED IN ARTICLE 4(4) GDPR.

IF YOU OBJECT, WE WILL NO LONGER PROCESS YOUR PERSONAL DATA UNLESS WE CAN DEMONSTRATE COMPELLING LEGITIMATE GROUNDS FOR THE PROCESSING THAT OVERRIDE YOUR INTERESTS, RIGHTS, AND FREEDOMS, OR UNLESS THE PROCESSING SERVES THE ASSERTION, EXERCISE, OR DEFENSE OF LEGAL CLAIMS.

IN INDIVIDUAL CASES, WE PROCESS PERSONAL DATA FOR DIRECT MARKETING PURPOSES. YOU HAVE THE RIGHT TO OBJECT AT ANY TIME TO THE PROCESSING OF PERSONAL DATA FOR SUCH MARKETING PURPOSES. THIS ALSO APPLIES TO PROFILING INSOFAR AS IT IS RELATED TO SUCH DIRECT MARKETING. IF YOU OBJECT TO THE PROCESSING FOR DIRECT MARKETING PURPOSES, WE WILL NO LONGER PROCESS YOUR PERSONAL DATA FOR THESE PURPOSES.

FURTHERMORE, YOU HAVE THE RIGHT TO OBJECT, ON GROUNDS RELATING TO YOUR PARTICULAR SITUATION, TO THE PROCESSING OF PERSONAL DATA CONCERNING YOU FOR SCIENTIFIC OR HISTORICAL RESEARCH PURPOSES OR FOR STATISTICAL PURPOSES PURSUANT TO ARTICLE 89(1) OF THE GDPR, UNLESS THE PROCESSING IS NECESSARY FOR THE PERFORMANCE OF A TASK CARRIED OUT FOR REASONS OF PUBLIC INTEREST.

YOU ARE ALSO FREE TO EXERCISE YOUR RIGHT TO OBJECT IN CONNECTION WITH THE USE OF INFORMATION SOCIETY SERVICES, NOTWITHSTANDING DIRECTIVE 2002/58/EC, BY MEANS OF AUTOMATED PROCEDURES THAT USE TECHNICAL SPECIFICATIONS.

14.8 Withdrawal of consent for data processing
You have the right to withdraw your consent to the processing of personal data at any time with effect for the future.

14.9 Complaint to a supervisory authority
You have the right to lodge a complaint with a supervisory authority responsible for data protection regarding our processing of your personal data.

15. Validity and changes to the privacy policy
This privacy information is currently valid as of January 2025.

Due to the further development of our websites and services or because of changes in legal or regulatory requirements, it may become necessary to amend this privacy policy. The most up-to-date privacy information can always be accessed and printed from the website at: https://krannich-solar.com/de-en/privacy-policy/

Privacy Policy

Privacy Policy

Service Hotline

Contents

Stay up to date

+49 7033 3042-0