Back to www.pv-magazine.com

Data Privacy Policy of pv magazine group GmbH & Co. KG for www.pv-magazine.com

We’re glad you are visiting our website. This document will inform you how we handle your data in accordance with Art. 13 Data Privacy Basic Directive (DSGVO).

1. Responsible

pv magazine group GmbH & Co. KG (pv magazine group) is responsible for the data processing described below in terms of data privacy regulations.

Please email questions to dataprivacy@pv-magazine.com.

2. Processing log files

When you visit our website, our web server saves standardized information in a log file about your end device and the browser you are using. We process this data so that we can analyze errors on our server and any attempts at misuse. This data set consists of the following:

The name of the accessed website,
The date and time of the query,
The amount of data transferred,
The message about the successful retrieval,
The IP address of the requesting computer,
The specific address of the page of ours accessed,
The page from which you reached us,
The transmitted browser identifier.

We cannot identify you based on this data; the log data is only evaluated anonymously. Log data is regularly deleted promptly but by seven days at the latest. The legal basis for this data processing is our legitimate interest as defined in Article 6 (1) (f) GDPR.

2.1. SSL or TLS encryption

This website uses SSL or TLS encryption for security reasons and to protect the transmission of personal data and other confidential content (e.g., inquiries to the person responsible). The character string “https://” and the lock symbol in your browser line denote an encrypted connection.

3. Hosting

We use WP Engine to host our platform. WP Engine Ltd, Beyond Aldgate 2 Leman Street #5032, London, E1 8FA, United Kingdom, is the provider.

Connection data is processed for the purpose of providing and delivering the website. The legal basis for data processing is the legitimate interest (an absolute technical necessity for the provision and delivery of the “website” service expressly requested by you by calling it up) in accordance with Art. 6 (1) (f) GDPR.

To operate the website, the connection data and other personal data are also processed as part of various other functions and services. Detailed information on this is provided in this privacy policy for the individual functions and services.

Further information can be found at https://wpengine.com/legal/privacy/.

4. Contact form

You can use the contact form on our website to contact us electronically. The data you enter in the input mask will be transmitted to us and saved if you contact us via our contact form or by personal message.

The fields marked with * must be filled in. You must confirm that you have read the Data Privacy Declaration to transfer this data. We use this data based on Art. 6 Para. 1 lit. f GDPR to respond to your request.

In addition, Art. 6 (1) (b) GDPR can also be considered the legal basis if your request serves to carry out pre-contractual measures.

Fields that are not marked with an asterisk (*) (telephone) are purely voluntary information. The data you voluntarily enter is processed based on Article 6 (1) (a) GDPR. You can revoke your consent by sending an email to dataprivacy@pv-magazine.com.

4.1. Contact Form Service Provider | Gravity Forms

Please use the contact forms we provide if you’d like to contact us via our website. We use the Gravity-Forms plug-in from Rocketgenius Inc., 1620 Centerville Turnpike, Suite 102, Virginia Beach, VA 23464-6500, USA.

These forms send an e-mail containing the data you have provided to our internal responsible when you click the Send button. These e-mails are sent via our own mail server.

In addition, all form transmissions are temporarily saved when they are sent. After seven days, they will be deleted without leaving any residue. Your IP address will not be stored during the submission of the form.

You agree to this transmission by using the form and ticking the corresponding check box with reference to this data privacy agreement. The legal basis for this is Article 6 (1) (a) GDPR.

The following manufacturer’s pages contain additional information regarding the purpose, scope, and functionality of the data collected and how the plug-in processes it: https://docs.gravityforms.com/wordpress-gravity-forms-and-gdpr-compliance/.

4.2. Contact by e-mail

If you contact us by e-mail, your request, including all resulting personal data (surname, first name, request, etc.), will be stored and processed by us for the purpose of processing your request.

This data is processed on the basis of Art. 6 (1) (b) GDPR if your request is related to the performance of a contract or is necessary for the implementation of pre-contractual measures.

In all other cases, the processing is based on our legitimate interest in the effective processing of the inquiries addressed to us (Art. 6 (1) (f) GDPR) or on your consent (Art. 6 (1) (a) GDPR) if this has been requested.

The data you send to us via contact requests will remain with us until you ask us to delete it, revoke your consent to the storage, or the purpose for data storage no longer applies (e.g., after your request has been processed). Mandatory statutory provisions – in particular, statutory retention periods – remain unaffected.

5. Newsletter

You can order newsletters on various topics or products from our website homepage. The following data will be processed for the purpose of delivering advertising as part of your required consent: Last name, first name, email address, and/or telephone number.

The pv magazine group uses the double opt-in procedure to confirm your request and email address. An email will be sent to the email address you provide, along with a request to confirm your consent. As part of the double opt-in procedure, we document the IP address, date, and time the web form was sent and the IP address and date and time of the confirmation of the double opt-in email.

We only process the information you voluntarily provide so we can send the newsletter. Our legal basis for processing this data is your consent in accordance with Article 6 (1) (a) GDPR. You can unsubscribe from receiving our newsletter at any time by clicking on the “Unsubscribe” button at the end of each newsletter or sending an informal message to support@pv-magazine.com

At the same time, your consent to its dispatch by the dispatch service provider and the statistical analyses expire. Unfortunately, a separate revocation of the dispatch by the dispatch service provider or the statistical evaluation is not possible.

5.1. Newsletter Service Provider | MailChimp

Our newsletter is sent using “MailChimp,” a newsletter distribution platform from the US provider Rocket Science Group, LLC, 675 Ponce De Leon Ave NE #5000, Atlanta, GA 30308, USA.

Your personal data is stored on Mailchimp’s servers. Mailchimp uses this information to send and evaluate the newsletter on our behalf. According to its own information, Mailchimp can also use this data to optimize or improve its own services, e.g., to technically optimize the dispatch and the presentation of the newsletter or for economic purposes, in order to determine which countries recipients are located in.

However, Mailchimp does not use our newsletter recipient data to write to them or pass their data on to third parties. Mailchimp GmbH attaches great importance to safeguarding your data and complying with data privacy regulations. For more information, see Mailchimp’s privacy policy: https://www.intuit.com/privacy/statement/

6. Using cookies & tracking tools

We use tracking technologies such as cookies on our website in order to measure and evaluate our website and continuously improve our content. To protect our users and partners, we can also recognize and ward off fraud and security risks.

Cookies are small text files websites use to make it easier and faster to navigate your visit to our website, which are necessary to enable you to use and access secure areas of the website.

Depending on where a cookie comes from, a distinction can be made between first-party and third-party cookies:

First-party cookies – Cookies that are generated and stored locally by the website operator as the person responsible for processing or by a processor that the website operator commissions. Only the operator has access to these cookies.
Third-party cookies – Cookies that are generated, set, and accessed by third parties who are not acting as processors on behalf of the website operator.

Transient and persistent cookies can also be distinguished, depending on the validity:

Transient cookies – Cookies that are automatically deleted when you close the browser. These include, in particular, the session cookies.
Persistent cookies – Cookies that remain stored on your end device for a specified period of time after you close your browser.

Depending on their properties and purpose, the user’s consent may be required to use certain cookies. This means that cookies can then be distinguished as to whether the user’s consent is required for their use:

Consent-free cookies – Cookies that are absolutely necessary so that the website operator, which has been expressly requested by the participant or user, can provide this service (“strictly necessary cookies”). We use strictly necessary cookies on the basis of § 25 (2) no. 2 TTDSG, Art. 6 (1) lit. f GDPR in the legitimate interest of ensuring the functionality of our website. These cookies cannot be deactivated via the cookie banner on this website. However, you can generally manage and deactivate these cookies in your browser at any time.
Cookies requiring consent –Cookies that are used for all purposes other than those mentioned above. We use these cookies if you have given your consent in advance. The legal basis for the processing of personal data is regularly § 25 (1) TTDSG, Art. 6 (1) lit. a GDPR. You can object to data processing at any time with effect for the future.

6.1. Service provider for usage analysis and online advertising

6.1.1. Google Analytics

On our website, we use “Google Analytics 4”, a service provided by Google Ireland Ltd (hereinafter referred to as “Google”), Gordon House, Barrow Street, Dublin 4, Ireland.

Google Analytics 4 uses cookies and similar technologies to collect information about how users interact with the website and to generate reports on activities. This information is used to analyze trends, track user movements on the website, and improve the user experience.

Through the Google Signals feature, Google Analytics 4 also enables the tracking of user interactions across different platforms, including websites, mobile apps, and other digital platforms. This helps to better understand user behavior across different channels and devices. Google Analytics 4 uses cookies and similar technologies to collect information about how users interact with the website and to compile reports on activity. We use this information to analyze trends, track user movements on the website, and improve the user experience.

6.1.2. DoubleClick

We use “DoubleClick” on our website, a service provided by Google Ireland Ltd, Gordon House, Barrow Street, Dublin 4. Ireland.

DoubleClick uses cookies to deliver relevant ads to website visitors. A cookie ID is assigned to your browser to log which advertisements have already been sent to this browser. The DoubleClick cookie enables Google and its partner websites to deliver ads based on previous visits to this or other websites. The cookie ID also allows the DoubleClick cookie to log conversions related to advertisement views, for example, when a user views a DoubleClick ad and later uses the same browser to visit that advertiser’s website.

6.1.3. Google Tag Manager

We use “Google Tag Manager” on our website, a service provided by Google Ireland Ltd, Gordon House, Barrow Street, Dublin 4. Ireland.

Google Tag Manager is a solution that allows companies to manage website tags from one interface. Google Tag Manager is, therefore, a cookieless domain that does not collect any personal data. Google Tag Manager only triggers other tags, which in turn may collect data. However, Google Tag Manager does not access this data.

If a deactivation has been carried out at the domain or cookie level, it remains in place for all tracking tags as long as these are implemented using Google Tag Manager.

6.1.4. Google reCAPTCHA

We use “Google reCAPTCHA” on our website, a service provided by Google Ireland Ltd, Gordon House, Barrow Street, Dublin 4. Ireland.

reCAPTCHA checks whether the data entry on this website (e.g., data contained in a contact form) has been filled in by a human or by an automated program. To make this distinction, Google reCAPTCHA analyzes the behavior of the website visitor based on various information (e.g., IP address, device, and application data, how long the website visitor spends on the website, or mouse movements that the user makes). The data collected during analysis is forwarded to Google and may also be shared with other third parties. The Google reCAPTCHA analyses run completely in the background. Website visitors are not informed that an analysis is taking place.

6.1.5. Google Web Fonts

We use web fonts provided by Google Ireland Limited, Gordon House, 4 Barrow St, Dublin, D04 E5W5, Ireland (“Google”) to uniformly display fonts.

When you call up a page, your browser loads the required web fonts into your browser cache in order to correctly display text and fonts.

We have integrated the Google fonts locally, i.e., on our web server—not on the Google servers. As a result, there is no connection to Google servers and, therefore, no data transmission or storage. The legal basis for this data processing is our legitimate interest as defined in Article 6 (1) (f) GDPR.

You can object to this data processing at any time via the browser settings or certain browser extensions. Please note that this can lead to functional restrictions on the website.

Further information on Google Web Fonts can be found at https://developers.google.com/fonts/faq and in Google’s privacy policy: https://www.google.com/policies/privacy/.

6.1.6. YouTube videos

We embed “YouTube videos” on our website. YouTube is a subsidiary of Google Ireland Limited (“Google”), Gordon House, Barrow Street, Dublin 4, Ireland.

Calling up our site with an embedded video results in provider content being reloaded. This gives YouTube the information that you have accessed our site and the usage data that is technically required in this context.

We use YouTube in connection with the “extended data privacy mode” function. According to YouTube, the “Extended data privacy mode” function ensures that no cookies are set and data is not transmitted to the YouTube server until you actually start a video.

6.1.7. Data transfer to third countries

As described under 5.2, we use services whose providers are partly located in third countries (such as the USA), i.e., countries whose level of data protection does not correspond to that of the European Union. If this is the case and the European Commission has issued an adequacy decision for these countries (Art. 45 GDPR), data transfers to these third countries are legally protected. An adequacy decision means that the European Commission has determined that the level of data protection in the third country concerned is adequate and that a comparable level of protection of personal data is guaranteed as in the European Union.

If there is no adequacy decision for certain third countries, we have taken appropriate measures to ensure an adequate level of data protection for data transfers. These measures include the use of standard contractual clauses of the European Union or binding internal data protection regulations. If these options are not possible, we base the data transfer on exceptions in accordance with Article 49 of the General Data Protection Regulation (GDPR), in particular on your express consent or the necessity of the data transfer for the performance of a contract.

7. Shop—ordering process or concluding a purchase contract

As part of the order processing via our webshop and to conclude a contract with us, you must provide an e-mail address, your company data, and, if applicable, your personal data, which we need to process your order. Mandatory information required for processing the contracts is marked; further information is voluntary. The legal basis for this data processing is Article 6, Paragraph 1, Sentence 1 lit. b GDPR, since your request is related to the fulfillment of a contract or is necessary to carry out pre-contractual measures.

As part of payment processing, we pass on payment data to the commissioned bank and to our shipping and billing service provider (Cover Service GmbH & Co. KG Hanns-Klemm-Straße 1A, 71034 Böblingen) if this is necessary for payment processing. The legal basis for transferring data is Article 6, Paragraph 1, Sentence 1 lit. b GDPR, since the transfer is necessary to fulfill a contract.

The data you enter during the ordering process will remain with us until the purpose for data storage no longer applies and the deletion does not conflict with any mandatory legal provisions—in particular, storage obligations.

7.1. Data processing in the customer portal

We need your email address if you want to use the customer portal. A login link will be sent to this email address. A secure link will be generated and sent to the email address provided if that email address corresponds to an order that has been placed. If you click on this link, you will be taken to the customer portal, where you can view your orders, among other things.

The legal basis for this data processing is our legitimate interest in a solution for managing orders that are as user-friendly and data-saving as possible (Art. 6 Para. 1 S. 1 lit. f GDPR). At the same time, you will benefit from this data processing since no registration is required to use the customer portal.

The data you enter in the contact form will remain with us until you ask us to delete it or until the purpose for storing the data no longer applies (e.g. after your request has been processed). Mandatory legal provisions—in particular retention periods—remain unaffected.

7.2. PayPal

We offer the option of processing the payment transaction via the payment service provider PayPal (PayPal (Europe) S.à.rl. et Cie, SCA, 22-24 Boulevard Royal, L-2449 Luxemburg). This corresponds to our legitimate interest in offering an efficient and secure payment method (Art. 6 Para. 1 lit. f GDPR). In this context, we pass on the following data to PayPal insofar as this is necessary for fulfilling the contract (Art. 6 Para. 1 lit b. DGPR).

First name,
Last name,
Address,
Email address,
Phone.

Processing the data specified under this section is not required by law or contract. We cannot carry out a payment via PayPal without transmitting your personal data. You have the option of choosing a different payment method.

PayPal carries out a credit check for various services, such as payment by direct debit, in order to ensure your willingness and ability to pay. This corresponds to PayPal’s legitimate interest (according to Art. 6 Para. 1 lit. f GDPR) and serves to execute the contract (according to Art. 6 Para. 1 lit. b GDPR). Your data (name, address, date of birth, and bank account details) will be passed on to credit agencies for this purpose. We have no influence on this process and only receive the result of whether the payment was made, rejected, or is pending verification.

You can find more information on how to object to and remove PayPal at: https://www.paypal.com/de/webapps/mpp/ua/privacy-full.

Your data will be stored until the payment has been processed. This includes the time it takes to process refunds, claims management, and fraud prevention.

8. Online application

When you apply online, i.e., by email or via our web form, we collect and process your personal data for the purpose of handling the application process and carrying out pre-contractual measures. The following data is transmitted when you submit an application on our careers page:

First name,
Last name,
Email address,
How you found out about us.

You can also upload pertinent documents such as a cover letter, curriculum vitae, and certificates. These documents may contain other personal data such as date of birth, address, etc.

Your data will initially be processed exclusively for the purpose of carrying out and reviewing the application process. The legal basis is Art. 6 para. 1 lit. b GDPR. As a rule, we do not require any special categories of personal data for the application process (e.g., information on a severe disability) within the meaning of Art. 9 GDPR. However, if you voluntarily provide us with such data, the processing is carried out on the legal basis of Art. 9 para. 2 lit. b GDPR.

If there is an employment relationship between you and us, we will process your data in accordance with Art. 88 GDPR in conjunction with Section 26 BDSG. § Section 26 BDSG for the performance of the employment relationship with you.

8.1. Data Erasure

We store your personal data as long as necessary until a decision is made regarding your application. If you are not hired, your personal data or application documents will be deleted six months after the end of the application process unless longer storage is legally required or permitted (e.g., to assert, exercise, or defend legal claims for the duration of a legal dispute, travel expense reports, etc.). Your data is then only available to us as metadata without any direct personal reference to you for statistical evaluations (e.g., proportion of women or men in applications, number of applications per period, etc.).

If you are not hired, we reserve the right to store your data in our talent pool for 12 months after the end of the application process so that we can continue to consider you in the future when we hire for suitable vacancies. This also applies, for example, to applications for an apprenticeship or internship. By accepting the data privacy declaration, you agree to the possible further storage of your data and to be included in our talent pool.

If there is an employment relationship following the application process, we will store your data for the duration of the employment relationship with you. However, you will receive further information about the processing of your data in the employment relationship as soon as the employment relationship begins with us.

9. Social Media Channels

We also advertise our presence on the social networks listed below on our website.

Facebook: https://www.facebook.com/pvmagazine.de
LinkedIn: https://www.linkedin.com/company/pv-magazine-deutschland
Podigee: https://pvmagazine-de.podigee.io/
Soundcloud: https://soundcloud.com/pv-magazine-deutschland
Spotify: https://open.spotify.com/show/524qL4bNFd5mDIEZ97JRLn
Twitter: https://twitter.com/pvmagazine_de
YouTube: https://www.youtube.com/channel/UCLLk-6W-65X8wagJdqiGW3w

The integration takes place via a linked graphic of the respective network. The use of this linked graphic prevents the automatic establishment of a connection to the respective social network server when the website is accessed.

This means that you are only forwarded to the service of the respective social network when you click on the corresponding graphic. After forwarding, the respective network will collect information about you. Initially, this data includes IP address, date, time, and page visited. It cannot be ruled out that the data collected in this way will be processed in the USA.

If you are logged into your user account of the respective network during this time, the network operator may be able to assign the information collected to your personal account. If, for example, you interact via a “Share” button of the respective network, this information can also be stored in your personal user account and published if necessary.

If you want to prevent the information collected from being directly assigned to your user account, you must log out before clicking on the graphic or configure the respective user account accordingly. For further information on how to process your data, please refer to our social media information.

10. Your rights as a data subject

With regard to the data processing listed here, you have various data subject rights, which are regulated in the GDPR.

10.1. Right to information

According to Art. 15 EU GDPR, you have the right to request confirmation from us as to whether personal data relating to you is being processed. If this is the case, you have a right to information about this personal data and the information specified in Art. 15 Para. 1 Hs. 2 EU GDPR information. This includes, in particular, the purpose of the processing, the categories of the processed data, the recipients to whom data has been or will be disclosed, as far as possible, the planned duration of storage, or the criteria for the duration of storage.

10.2. Right to Rectification

Pursuant to Art. 16 EU GDPR, you have the right to demand that we immediately correct any incorrect personal data concerning you. Taking the processing purposes into account, you have the right to request the completion of incomplete personal data —also by means of a supplementary declaration.

10.3. Right to Erasure

According to Art. 17 EU GDPR, you have the right to demand that personal data concerning you be deleted immediately. We are obligated to delete personal data immediately if one of the provisions of Art. 17 Para. 1 EU GDPR applies. These reasons include, for example, that the data is no longer necessary for the purposes for which it was collected or otherwise processed.

10.4. Right to restricted processing

According to Art. 18 EU GDPR, you have the right to demand that we restrict processing if one of the conditions specified in Art. 18 EU GDPR is met. This includes, for example, that you contest the accuracy of the personal data. If this is the case, then we are only allowed to process the data to a limited extent for as long as it takes to check the accuracy of that personal data.

10.5. Right to data portability

According to Art. 20 EU GDPR, you have the right to receive the personal data concerning you that you have provided to us in a structured, common, and machine-readable format. You have the right to transmit this data to another responsible, i.e., another body that processes data, without hindrance, provided that the original processing was based on consent or was necessary for executing a contract.

10.6. Right to lodge a complaint with a supervisory authority

Pursuant to Art. 77 EU GDPR, you have the right to lodge a complaint with a supervisory authority, in particular in the member state of your place of residence, your place of work, or the place of the alleged infringement, without prejudice to any other administrative or judicial remedy, if you believe that processing your personal data violates this regulation. In the present case, the responsible supervisory authority is:

Berlin Commissioner for Data Privacy and Freedom of Information (Berliner Beauftragte für Datenschutz und Informationsfreiheit)

Alt-Moabit 59-61

10555 Berlin

Eingang: Alt-Moabit 60

Tel.: +49 (0)30 13889-0

E-Mail: mailbox@datenschutz-berlin.de

11. Data privacy officer

Our external data privacy officer will be happy to provide you with information on the subject of data privacy under the following contact details:

Ali Tschakari, LL.M.

Bitkom Servicegesellschaft mbH

Albrechtstraße 10

10117 Berlin

Email: datenschutz@bitkom-consult.de

If you contact our data privacy officer, please indicate the responsible body, which is named in the imprint.

12. Final Provisions

pv magazine group GmbH & Co. KG reserves the right to adapt this data privacy declaration at any time so that it always corresponds to the current legal requirements or to implement changes to the services in the data privacy declaration, e.g., when introducing new services or changes to the website. If you visit this website again, the new data privacy policy will apply.

As of: August 2023

Back to www.pv-magazine.com.