On the basis of the decision of the European Court of Justice of 16th of July 2020, we hereby inform our customers, business partners, employees, website visitors and other communication partners that it may not be possible to maintain an adequate level of data protection comparable to that required by EU regulations when using US service providers such as Amazon, Asana, Facebook, Google, MailChimp, Twitter, TeamViewer, YouTube, etc. and their respective european subsidiaries within the scope of communication. Due to national laws, a non-european provider may be forced by national law to surrender communication data to national security authorities without the possibility of such surrender being reviewed for its legality in an independent judicial procedure at the request of the data subject. Since this finding of the court also applies to companies based and processing data in Europe under the so-called EU-US Privacy Shield, as well as the Standard Contractual Clauses and the Binding Corporate Rules, we must now examine all data transfers to third-party providers on a case-by-case basis and, if necessary, discontinue them or replace them with EU-based providers. We are currently in discussions with our service providers and the supervisory authorities.

Personal data will be generated when you visit our websites. These are data that are required in order to enable you to use our websites or to enable us to consider your settings. Apart from this, they are information that you provide to us via the contact options offered on these pages.

We use these data in order to ensure proper operation of our website and to answer your queries.

Below, we inform you concerning the data collected on our website and the purposes for which they are processed. We will inform you about the use of "cookies" and the analysis tools used on our websites, and the option for approving or rejecting them. We will inform you concerning your rights and the contact details of our data protection officer at the end of the data protection statement.

Cookies

We use cookies. Cookies are text files that are filed and stored on a computer system via a web browser.

Many websites and servers use cookies. Many cookies contain a cookie ID. A cookie ID is a unique identifier of the cookie. It consists of a string of characters through which websites and servers can be associated with the specific web browser in which the cookie was stored. This enables the visited websites and servers to distinguish your individual browser from any other web browser that contains any other cookies. A specific web browser may be recognised and identified by a unique cookie ID.

By use of cookies, we may provide users of this website with user-friendly services that would be impossible without setting the cookie. A cookie may optimise the information and offers on our website in the user’. Cookies enable us, as mentioned before, to recognise the users of our website. The purpose of this recognition is making it easier for users to use our website. For instance, the user of a website that uses cookies does not have to enter his access data again every time when he visits the website because this is taken care of by the website and the cookie stored on the user's computer system.

You may prevent setting of cookies by our website at any time by making the corresponding setting in the web browser used and thereby permanently object to setting of cookies. Furthermore, cookies already set may be erased at any time via a web browser or other software programs. This is possible in all common web browser. If the data subject deactivates setting of cookies in the web browser used, not all functions of our website may be fully usable.

Server log files

The provider of our website will automatically collect and store information in server log files that your browser submits to us automatically. The recorded data may include

1. browser types and versions used,
2. the operating system used by the accessing system,
3. the website from which an accessing system reaches our website (referrers),
4. sub-webpages that are controlled via an accessing system on our website,
5. the data and time of an access to the website,
6. an internet protocol address (IP address),
7. the internet service provider of the accessing system and
8. other similar data and information that serve to defend against attacks on our information-technical systems.

We do not draw any conclusions concerning you when using these general data and information. Instead, this information is needed to

1. properly deliver the contents of our website,
2. optimise the contents of our website and advertisements for it,
3. ensure permanent function of our information-technology systems and the technology of our website
4. provide the criminal prosecution authorities with the information required for criminal prosecution in case of a cyberattack.

These data and information are therefore evaluated by us statistically and with the target of increasing data protection and data security in our company, in order to finally ensure an optimal protection level for the personal data processed by us. The anonymous data of the server log files are stored separately from any other personal data you indicate. These data will not be combined with any other data sources. If there are any indications of illegal use of our website, however, we are able to subsequently inspect these data.

Newsletter subscription

1. Newsletter subscription:

On our website, users can subscribe to our company's newsletter. Which personal data of the data subject are transmitted for processing when ordering the newsletter results from the input mask used for this purpose.

We inform our customers and business partners at regular intervals by means of a newsletter about offers from our company. The newsletter of our company can only be received by you if

1. you have a valid e-mail address and
2. you have registered for the newsletter.

For legal reasons, a confirmation e-mail is sent in the double opt-in procedure to an e-mail address registered for the newsletter dispatch the first time. This confirmation e-mail serves to check whether the owner of the e-mail address has authorized the receipt of the newsletter as the data subject.

When registering for the newsletter, we also store the IP address assigned to you as well as the date and time of registration. The collection of this data is necessary in order to be able to trace any misuse of the e-mail address of a data subject at a later point in time and therefore serves our legal protection.

The personal data collected when registering for the newsletter will be used exclusively for sending our newsletter. Furthermore, subscribers to the newsletter may be informed by e-mail if this is necessary for the operation of the newsletter service or for registration, as could be the case in the event of changes to the newsletter offer or changes in the technical conditions. The personal data collected in the context of the newsletter service will not be transferred to third parties.

You can cancel your subscription to our newsletter at any time. You can revoke your consent to the storage of personal data that you have given us for sending the newsletter at any time. For the purpose of revoking your consent, you will find a corresponding link in every newsletter. It is also possible at any time to unsubscribe directly from the newsletter dispatch on our website or to inform us of this in another way.

2. Newsletter-Tracking:

Our newsletters may contain so-called tracking pixels. A tracking pixel is a miniature graphic embedded in e-mails sent in HTML format to enable log file recording and analysis. This allows us to perform a statistical evaluation of the success or failure of online marketing campaigns. On the basis of the embedded tracking pixels we can see whether and when an e-mail was opened by a recipient and which links in the e-mail were called up.

Such personal data collected via the tracking pixels contained in the newsletters is stored and evaluated by us in order to optimise our newsletter dispatch and to adapt the content of future newsletters even better to the interests of recipients. This personal data will not be transferred to third parties.

Data subjects are entitled at any time to revoke the respective separate declaration of consent given via the double opt-in procedure. After revocation, this personal data will be deleted, unless the right to erasure is restricted by law. If you unsubscribe from receiving the newsletter, we automatically interpret this as a revocation of your consent.

Contact form

Due to legal regulations, our website contains information that enables quick electronic contact to our company as well as direct communication with us, which also includes a general address of the so-called electronic mail (e-mail address). If you contact us by e-mail or via a contact form, the personal data you provide will be automatically stored. Such personal data transmitted on a voluntary basis will be stored for the purposes of processing or contacting you. There is no disclosure of this personal data to third parties.

Application options

We collect and process the personal data of applicants for the purpose of conducting the application procedure. Processing may also take place electronically. This is specifically the case if an applicant transmits the corresponding application documents to us electronically, e.g. by email or via a web form on the website.

If we conclude an employment contract with an applicant, the transmitted data will be saved for the purpose of the employment, under observation of the legal requirements. If we do not conclude an employment contract with the applicant, the application documents will be deleted automatically six months after disclosure of the negative decision if deletion is not opposed by any other legitimate interests on our side.

Other legitimate interests in this meaning shall include evidence obligations in proceedings under the general law on equal treatment (Allgemeines Gleichbehandlungsgesetz; AGG). If any applicants and employers are interested in being included in an applicant pool and accordingly in longer-term storage of the data, the applicant must give his or her consent to this. In such a case, the applicant will be informed of the data protection statement of the company and the specific provisions of the company's applicant data protection. Subsequently, a written declaration of consent to processing activities is collected for the purpose of the application to ensure documentation and the applicant will at the same time be informed that he or she may revoke the consent at any time, effective for the future.

Password protected service partner area

On our website it is possible for our service partners to log in with a login assigned by us. This login leads to a download area which is exclusively made available to our service partners. Personal data such as the browser types and versions used, the operating system used by the accessing system, date and time of access to the site, IP address, Internet service provider and other similar data and information used to avert dangers in the event of attacks on our information technology systems can be collected here.

In the case of the use of these general data we do not draw any conclusions about you. Rather, this information is required in order to correctly deliver the contents of our website, to optimise the contents of our website, to guarantee the long-term functionality of our information technology systems and to provide law enforcement authorities with the information they need for criminal prosecution in the event of a cyber attack. This data is therefore evaluated statistically by us with the aim of increasing data protection and data security.

We do not merge the data with data from other data sources. However, if there are indications of illegal use of our Internet pages, we may subsequently check this data.

Google Maps

In the context of our Internet offer, for example to find branches and/or locations of our company, interactive maps of the map service "Google Maps API" of Google LLC are used.

The operating company is Google LLC; 1600 Amphitheatre Parkway; Mountain View, CA 94043; USA. When using this service, information about the use of our website as well as your IP address are transmitted to Google LLC. servers in the USA and stored. The EU Commission's adequacy decision 2016/1250 determines an appropriate level of data protection for the USA due to the EU-US Privacy Shield.

In principle, Google undertakes not to transmit any information to third parties in its own data protection declaration, however, exceptions are possible. We can not exclude the transfer of your data to third parties, for example in the case of legally required transfers or the processing of data by third parties on behalf of Google LLC. You can find Google's privacy policy here: http://www.google.com/policies/privacy/.

If you do not wish the data to be transmitted, you can deactivate the map service and thus prevent the transfer of data to Google LLC. To do this, you must deactivate the Java Script in the browser.

Facebook

We have integrated components of Facebook on this website. Facebook is a social network.

A social network is an Internet-based social meeting place, i.e. an online community that generally enables users to communicate with each other and to interact in virtual space. A social network can serve as a platform for the exchange of views and experiences or enables the Internet community to provide personal or business-related information. Among other things Facebook enables social network users to create private profiles, upload photos and socialize via friendship requests.

By clicking on third party websites such as Facebook takes you to the respective third party over which we have no control.

The operating company of Facebook is Facebook Inc. 1 Hacker Way, Menlo Park, CA 94025, USA. The controller for the processing of personal data if a data subject lives outside the USA or Canada is Facebook Ireland Ltd, 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland.

Each time you access one of the individual pages of this website operated by us and on which a Facebook component (Facebook plug-in) has been integrated, the Internet browser on your system is automatically triggered by the respective Facebook component to download a depiction of the corresponding Facebook component from Facebook. An overview of all Facebook plug-ins can be found at developers.facebook.com/docs/plugins/. As part of this technical process, Facebook is informed about which specific subpage of our website you are visiting.

If you are simultaneously logged in to Facebook, Facebook recognizes which specific subpage of our website you are visiting each time you visit our website and for the entire duration of your stay on our website. This information is collected by the Facebook component and allocated to your Facebook account by Facebook. If you click one of the Facebook components integrated on our website, for example the "Like" button, or enter a comment, Facebook allocates this information to your personal Facebook user account and stores this personal data. Depending on your privacy settings, your preferences may become visible to your Facebook friends.

Facebook always receives information via the Facebook component that you have visited our website whenever you are simultaneously logged in to Facebook at the time you visit our website, regardless of whether you click on the Facebook component or not.

If you do not want this information to be sent to Facebook, you can prevent it from being sent by logging out of your Facebook account before visiting our website.

The data policy published by Facebook, which is available at de-de.facebook.com/about/privacy/, provides information about the collection, processing and use of personal data by Facebook. It also explains what settings Facebook offers to protect your privacy. In addition, various applications are available that make it possible to suppress data transmission to Facebook, for example the Facebook blocker of the provider Webgraph, which can be obtained at webgraph.com/resources/facebookblocker/. Such applications can be used by you to suppress data transmission to Facebook.

YouTube

We have integrated components of YouTube on our website. YouTube is an internet video portal that enables video publishers to publish video clips free of charge and other users to view, evaluate and comment on them free of charge as well. YouTube permits publication of any kind of videos, so that complete film and TV programs, as well as music videos, trailers or videos produced by the users directly can be called up via the internet portal.

The operator company of YouTube is YouTube, LLC, 901 Cherry Ave., San Bruno, CA 94066, USA. YouTube, LLC is a subsidiary of Google LLC, 1600 Amphitheatre Pkwy, Mountain View, CA 94043-1351, USA.

With every call of an individual page of our website on which a YouTube component (YouTube video) was integrated, the web browser on your system will automatically be caused by the respective YouTube component to download a presentation of the corresponding components from YouTube. Within the context of this technical process, YouTube and Google will be informed of which specific sub-page of our website you visit.

If you are logged in with YouTube at the same time, YouTube will recognise the specific sub-page you visit during every call of the website by you and throughout the duration of your respective stay on our website. This information will be collected by the YouTube component and assigned to your YouTube account by YouTube. If you activate any YouTube component integrated on our website, the data and information transmitted by it will be assigned to your personal YouTube user account and stored and processed by YouTube and Google.

YouTube and Google will be informed via the YouTube component that you have visited our website if you are logged in with YouTube at the same time at which you call up our website; this is done independently of whether you click the YouTube component or not.

If this kind of transmission of such information to YouTube and Google is not desired by you, you may prevent transmission by logging out of your YouTube account before calling up our website.

For further information and the applicable provisions on data protection of YouTube see https://www.google.de/intl/de/policies/privacy/.

Instagram

We have integrated components of the service Instagram on our website. Instagram is a service that qualifies as an audiovisual platform and allows users to share photos and videos and also to redistribute such data in other social networks. Data processing on our website by Instagram is carried out with your prior consent pursuant to Art. 6 (1) lit. a DSGVO. You can revoke your consent at any time.

The operating company of the Instagram services is Instagram LLC, 1 Hacker Way, Building 14 First Floor, Menlo Park, CA, USA. Instagram is a subsidiary of Meta Platforms Inc, 1 Hacker Way, Menlo Park, CA 94025, USA, represented in the EU by Meta Platforms Ireland Ltd, 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland.

Each time you call up one of the individual pages of our website on which an Instagram component (Insta button) has been integrated, the internet browser on your system is automatically prompted by the respective Instagram component to download a representation of the corresponding component from Instagram. As part of this technical process, Instagram receives knowledge of which specific subpage of our website is visited by you.

If you are logged in to Instagram at the same time, Instagram recognizes which specific subpage you are visiting each time you call up our website and for the entire duration of your respective stay on our website. This information is collected by the Instagram component and assigned to your Instagram account by Instagram. If you click on one of the Instagram buttons integrated on our website, the data and information thus transmitted will be assigned to your personal Instagram user account and stored and processed by Instagram.

Instagram always receives information via the Instagram component that you have visited our website if you are simultaneously logged into Instagram at the time of calling up our website; this takes place regardless of whether you click on the Instagram component or not.

If you do not want this information to be transmitted to Instagram, you can prevent the transmission by logging out of your Instagram account before accessing our website.

According to the COMMISSION'S IMPLEMENTING DECISION (EU) 2021/914 of June 4, 2021 on standard contractual clauses for the transfer of personal data to third countries under Regulation (EU) 2016/679 of the European Parliament and of the Council, the transfer of data to the United States is based on standard contractual clauses, see here www.facebook.com/help/566994660333381?ref=dp.

Further information and the applicable privacy policy of Instagram can be found at www.instagram.com/about/legal/privacy/.

Other providers

If any links are placed to websites of other providers beyond the information contained here, this data protection statement shall not apply to their contents. Collection of data by the operators of the respective pages is not within our knowledge or influence. Please note the data protection notes on the respective page.

Google Analytics (with anonymisation function)

We have integrated the component Google Analytics (with anonymisation function) on our website.

Google Analytics is a web analysis service. Web analysis means the collection, aggregation and evaluation of data concerning the behaviour of visitors on websites. A web analysis service collects, among others, data regarding from which website a data subject came to a website (referrers), which sub-pages of the website were accessed or how often and for how long a subpage was viewed.

The operator company of the Google Analytics component is Google LLC, 1600 Amphitheatre Pkwy, Mountain View, CA 94043-1351, USA.

The purpose of the Google Analytics component is analysis of the visitor flows on our website. Google uses the data and information gained among others to evaluate use of our website, in order to compile online reports for us that indicate the activities on our websites and in order to render further services connected to use of our website.

Google Analytics places a cookie in your system. By every call of a single page of this website on which a Google Analytics component was integrated, the Google Analytics component will automatically cause your web browser to transmit data to Google for the purpose of online analysis. Within the context of this technical procedure, Google will gain knowledge of personal data, such as your internet protocol address, in order to track the origin of the visitors and clicks. The cookie is used to store personal data, such as the access time, place from which an access took place and frequency of visits to our website by you. At every visit to our websites, these personal data, including the internet protocol address used by you, will be transmitted to Google in the United States of America. These personal data are stored by Google in the United States of America. Google may pass on such personal data collected with technical means to third parties.

You may prevent setting of cookies at any time by making the corresponding setting in the web browser used and thereby permanently object to setting of cookies.

You are also able to object to recording of the data generated by Google Analytics referring to use of this website and processing of such data by Google and prevent this. For this, you must download a browser add-on under the link tools.google.com/dlpage/gaoptout and install it.

For further information and the applicable provisions on data protection of Google, see https://www.google.de/intl/de/policies/privacy/. Google Analytics is explained in more detail under the link https://www.google.com/intl/de_de/analytics/.

Google-AdWords

We have integrated components of Google Adwords on our website.

Google AdWords is an Internet advertising service that enables advertisers to place ads in both Google's search engine results and the Google Advertising Network. Google AdWords enables an advertiser to pre-define certain keywords to display an ad in Google's search engine results only when the user uses the search engine to retrieve a keyword-relevant search result. On the Google Network, ads are distributed to thematically relevant websites using an automatic algorithm and using the previously defined keywords.

The operator of Google AdWords services is Google LLC, 1600 Amphitheatre Pkwy, Mountain View, CA 94043-1351, USA.

If you access our website via a Google ad, Google will place a so-called conversion cookie on your system. A conversion cookie loses its validity after thirty days and is not used for your identification. If the cookie has not yet expired, the conversion cookie is used to determine whether certain sub-pages, such as the shopping basket of an online shop system, have been called up on our website. The conversion cookie enables us and Google to track whether you accessed our website via an AdWords ad and generated revenue, i.e. completed or cancelled a purchase of goods.

The data and information collected through the use of the conversion cookie is used by Google to generate visit statistics for our website. We use these visit statistics to determine the total number of users who have been referred to us via AdWords ads, i.e. to determine the success or failure of the respective AdWords ad and to optimize our AdWords ads for the future. Neither our company nor other Google AdWords advertisers receive information from Google that could identify you.

The conversion cookie is used to store personal information, such as the websites you visit. Accordingly, personal data, including your IP address, is transferred to Google in the United States of America each time you visit our Internet website. This personal data is stored by Google in the United States of America. Google may disclose personal data collected through the technical process to third parties.

You can prevent the setting of cookies at any time by means of an appropriate setting of the Internet browser used and thus permanently object to the setting of cookies.

Furthermore, the data subject has the possibility to object to interest-based advertising by Google. Please use the following link: www.google.de/settings/ad.

Further information and Google's current privacy policy can be found at https://www.google.de/intl/de/policies/privacy/.

Mailchimp

As part of our website we use the email dispatch service provider Mailchimp.

The operating company is Rocket Science Group, LLC; 675 Ponce de Leon Ave NE; Suite 5000; Atlanta, GA 30308 USA.

In addition to sending newsletters, Mailchimp also serves to measure the success of sending newsletters and evaluates subscriber usage data. In this regard, we are also able to track the opening of the newsletter or the use of links within the newsletter with the help of the email dispatch service provider.

If you subscribe to a newsletter, your e-mail address will be stored in the e-mail list to confirm your membership ("Double-Opt-In"). Furthermore, the email dispatch service provider stores your IP address, time of retrieval, browser type, operating system language information and conducts geolocalization based on the e-mail address. The data is collected exclusively pseudonymised and is not linked to your other personal data; direct relation to a person is excluded. This data is used exclusively for statistical analysis of newsletter campaigns. The results of these analyses can be used to better adapt future newsletters to the interests of the recipients. Please refer to the respective registration form for further data stored during the registration process. Consequently, the data is stored on the servers of The Rocket Science Group in the USA, the email dispatch service provider is certified according to the requirements of the EU/Switzerland-USA Privacy Shield (https://www.privacyshield.gov/participant?id=a2zt000000000TO6hAAG), consequently the requirements for data transmission to a third country in the sense of Art. 45 DSGVO are met. Processing by the email dispatch service provider is thus permitted under data protection law.

The processing of your personal data in the USA is based on a balancing of interests within the meaning of Art. 6 para. 1 letter f) DSGVO, i.e. on a legitimate interest in the demand-oriented design and optimisation of the service as well as for market research purposes.

Further information and Mailchimp's privacy policy can be found at: https://mailchimp.com/legal/privacy/affilinet.

Yumpu

We use the provider i-magazine AG ("Yumpu"), Gewerbestrasse 3, 9444 Diepoldsau, Switzerland, to display our online magazine on our website.

Switzerland is recognised by the European Commission as a country with an adequate level of data protection. The European Commission's adequacy decision allows the transfer of personal data from the EU without further safeguards. For more information, please visit https://ec.europa.eu/info/law/law-topic/data-protection/data-transfers-outside-eu/adequacy-protection-personal-data-non-eu-countries_en.

This enables the display of PDF files as a so-called browsing catalogue directly in the web browser without downloading PDF files.

To perform the service, the content of the files is retrieved directly from YUMPU. In this way YUMPU gains access to your IP address as well as information about your web browser, the operating system, date and time of the call and the so-called referrer data, provided that the referrer data is not obscured by your browser. This data is only used to display the scrolling catalogue; no further processing takes place. For more information, please see Yumpu's privacy policy at www.yumpu.com/de/info/privacy_policy.

We shall only use your personal data provided to us for the purposes for which they are intended. The legal basis for processing of your data may specifically be preparation and processing of a contract, advertising, quality assurance, fraud prevention or keeping statistics.

Another legal basis for processing of your data may be consent given by you for use and forwarding of your personal data. You may withdraw your consent informally again at any time.

Personal data shall only be transmitted to state facilities and authorities based on mandatory national provisions. The persons charged by us with processing of the data are obligated to secrecy and lawful processing of the data. In case of further processing of your personal data for any other purpose than the initial one, we will inform you accordingly.

We use support from external service providers (processors) for certain technical processes concerning data analysis, processing and/or storage.

Both we and the processor are obligated to comply with the technically-organisational measures according to sect. 32 GDPR and the external service provider is obligated to confidentiality in addition to this. Processing takes place only on our order and upon our instruction. Processing of your personal data beyond these processing activities shall only take place with your explicit consent or in the cases required by authority or court.

Data transmission to third countries (countries outside of the European Economic Area – EEA) shall only take place as far as this is necessary to perform the contract, required by law or if you have given your consent to this. We will inform you separately concerning any details if required by law.

We store the personal data collected by you from the time of their collection. The data collected in this manner are stored by us for the term of our business relationship, among others comprising the initiation and processing of a contract. Beyond this, we are subject to different storage and documentation obligations by law applicable to us. Finally, the storage duration in light of the possibility of defending against legal claims is also determined according to the statutory expiration periods.

This data privacy statement shall apply to the website of

SmartHeat Deutschland GmbH
Am Augraben 10, 18273 Güstrow
E-Mail: infosmartheatde
Phone: +49 3843 - 2279120
Fax: +49 3843 - 683132

You can reach our data protection officer as follows:

ECOVIS Keller Rechtsanwälte PartG mbB
Legal Lawyer Axel Keller / Senior Associate Karsten Neumann
Am Campus 1 – 11, 18182 Rostock
Phone: +49 381 12 88 49-0 - Fax: +49 381 12 88 49-69
E-Mail: dsb-nordecoviscom - Internet: www.ecovis.com/datenschutzberater