Fronius International Data Privacy Statement
- I. General
- 1. Preamble
- 2. Personal Data and Data Subjects (What does Fronius consider personal data?)
- 3. Storage Process, Storage Period, and Erasure (How is my data protected?)
- 4. Rights of Data Subjects (What can I do about my data in Fronius’ possession?)
- 5. Purpose or Use of Information (Why is my Data collected?)
- 6. Categories of Data Subjects and Data Collection (What is collected from me?)
- 7. Sharing of Data (Why is my data shared?)
- II. Specialized Categories of Data
- III. Contact details
1.1 We are Fronius International GmbH, Froniusstraße 1, 4643 Pettenbach, Austria, a technical leader in the fields of welding technology, photovoltaics and battery charging technology and a Controller and Processor of Data. Unless otherwise herein stated “Fronius” shall mean Fronius International GmbH and Fronius global subsidiaries. A list of the Fronius global subsidiaries outside of the European Economic Area (EEA), can be found here (https://www.fronius.com/en/about-fronius/locations/). This Data Privacy Statement applies to any form of processing of Personal Data by Fronius for Data Subjects outside of the EEA, including processing by third parties.
1.2 With the following International Data Privacy Statement, Fronius would like to inform you, the Data Subject, about the data Fronius processes, your rights as a Data Subject, for what purpose the data is used, why the data is shared, and other specialized information that might be relevant to you.
1.3 All data is processed by us in compliance with the relevant legal regulations on data protection and data security of the European Union (link to GDPR data statement) and when applicable the Data Subject’s nation state. For Data Subjects accessing a Fronius platform outside of the EEA, please refer this International Data Privacy Statement and to Schedule 1 for Jurisdiction Specific Terms. The Schedule 1 terms prevail with regards to jurisdiction specific compliance, as well as personal and procedural jurisdiction requirements, as it relates the Data Subject and Fronius’ use of Personal Data.
1.4 You can view, download or print our current International Data Privacy Statement any time at https://www.fronius.com. The Data Privacy Statement also represents an integral part of our Terms and Conditions of Use, Solar.Web Terms and Conditions, Web.Shop Terms and Conditions, and all other applications or platforms which Fronius uses all of which are available at https://www.fronius.com, herein Fronius Terms and Conditions.
2. Personal Data and Data Subjects (What does Fronius consider personal data?)
2.1 Personal Data is generally defined as any information that relates to an identified or identifiable living person, or individual. Examples of Personal Data include but are not limited to: contact information, such as the name of the Data Subject, e-mail address, phone number, address; personal information, such as, data of birth, social security number; account information, such as, information regarding creditworthiness, system data, service data; information of the data subject in connection with the fulfilment of the contractual relationship such as, documents and correspondence between a company, third parties and the data subject, delivery, sales and billing data.
2.2 All Personal Data is processed by Fronius exclusively for Fronius and its global subsidiaries. Personal Data is held as strictly confidential. Fronius only transfers or discloses Personal Data to third parties based on one or more of the reasons specified in Section 7. and only if the third party agrees to apply the same or greater level of data protection as Fronius has implemented. We may also process Personal Data of a Data Subject where express consent has been given by the Data Subject. Fronius executes written agreements with all third party processors of Personal Data to ensure our standards of protection are met.
2.3 Insofar as data is not provided directly by a Data Subject, Personal Data may be collected either in publicly accessible databases (e.g. land register, commercial register, central association register, edict database, central register of residents, creditworthiness databases), via search engines, social networks or various websites, at Fronius group companies or with cooperation partners or any funding agencies.
2.4 Fronius servers are located in the European Economic Area (EEA), which is governed by the General Data Protection Regulations (GDPR). Data Subjects outside of the EEA, should note their Persona Data will transfer from their country of origin to our Fronius servers in the EEA. In such cases, Fronius applies the standards of the GDPR, along with your country of origin’s legal standards when it is so required. Please see Schedule 5, Jurisdiction Specific Terms. Fronius only processes Persona Data for the reasons specified in Section III. and only transfers or discloses Personal Data to third parties based on one or more of the purposes specified in Section 7.
3. Storage Process, Storage Period, and Erasure (How is my data protected?)
3.1 Fronius stores personal data for as long as a purpose for the processing, as defined in Section 5, exists. For example data may be stored for the performance of a contract with the Data Subject; the fulfilment of a statutory or legal obligation; as long as is necessary for the establishment, exercise or defense of legal claims; or an overriding legitimate interest of Fronius in the processing exists.
3.2 In order to guarantee the security of the Personal Data of the Data Subjects, Fronius has implemented a number of technical and organizational measures, in particular encryption of the services using state-of-the-art encryption methods (e.g. SSL), user authentication controls, secured network infrastructures, internal restriction of access to Personal Data, network monitoring solutions, internal audits, employee trainings, area-restricted alarm systems, as well as video surveillance, employee administrative instructions, obligation to data secrecy.
3.3 In particular, when Fronius must comply with specific statutory retention obligations or limitation periods, such laws usually relate to:
a) Accounting, tax, and customs law
b) Contract administration
4. Rights of Data Subjects (What can I do about my data in Fronius’ possession?)
4.1 The Data Subject has the right to:
a) Know the purpose for the data collection access to personal Data processed by Fronius,
b) Rectify of the personal data in the case of incorrectness or incompleteness,
c) Restrict the processing of the personal data, where certain conditions are fulfilled, particularly in case of considerable suspicion of unlawful processing or contradiction data portability of the personal data in a common, structured and machine-readable format,
d) Erasure of the personal data in the case of any existing legal reasons,
e) Objection with regard to the processing of the personal data pertaining to you, unless Fronius provides compelling and legitimate reasons for data processing or retention,
f) Revocation in case of consent of the data subject to the processing of the personal data; and
g) Lodge a complaint to Fronius, if you believe that Fronius is unlawfully processing your Personal Data.
4.2 Data Subjects may contact Fronius in one of three ways. Data Subjects may:
a) Submit a e-form inquiring found at https://www.fronius.com/en-us/usa/data-privacy-request-form
b) Call the toll-free number provided by your national Fronius office found here: (https://www.fronius.com/en/about-fronius/locations/)
c) Mail a letter to the Fronius International GmbH global headquarters or national office of your choosing. Letters should include your contact information and suspected contact with Fronius services which are governed by data privacy laws. https://www.fronius.com/en-us/usa/data-privacy-request-form
4.3 Processing a Request: The processing of your request and our response time will be dictated by your country of residency, or the jurisdiction from which the request came. Furthermore your request does not affect the legitimacy of the processing already being carried out until we have received your request and verified its authenticity. The processing of your request or your data must be reasonably verified by Fronius before a transfer of data will occur. Verification instruction will be provided upon request by the Data Subject and are based on the governing jurisdiction of the Data Subject.
5. Purpose or Use of Information (Why is my Data collected?)
5.1 Fronius’ legal bases and purpose for processing data includes the following reasons:
a) It is necessary for the fulfilment of a contract:
Fronius processes Personal Data of a Data Subject: when requested; when in a business context with the Data Subject; when requested by a company which represents the Data Subject; when based on a contract relationship; or when in pre-contractual relationships. Contract data may comprises the name of the Data Subject, Data Subject’s contact information (such as e-mail address, phone number, address), account data, possibly information regarding creditworthiness, if necessary social security data, information of the data subject in connection with the fulfilment of the contractual relationship, in the form of system data, service data, documentation, documents and correspondence between Fronius, the contract partner, if need be the contractor and the data subject, delivery, sales and billing data.
b) For the fulfilment of a statutory or legal obligation;
The processing of Persona Data is carried out to the extent necessary to fulfil a statutory or legal obligation to which Fronius is subjected (e.g. retention and documentation obligations according to the Austrian Commercial Code (UGB), Internal Revenue Service obligations and others, reporting obligations as an employer toward social insurance) or the processing is necessary for the performance of a task carried out in the public interest. For example, business-related correspondence and all relevant tax documents relating to the contractual relationship with the Data Subject or the company represented by the Data Subject.
c) For the protection of the legitimate interests of Fronius or a third party;
The processing of Personal Data is also carried out for the necessary and proportionate protection of legitimate interests of Fronius such as for the protection of business interests. Examples include internal administration and optimization of the business process, enforcement of rights, exercise or defence of legal claims, , prevention of physical damage or financial losses, for the implementation of direct advertising (marketing and information measures, in particular on products and services offered by the controller), for IT security and technical administration as well as for the purposes of file, customer and supplier administration, and, if there is no reason to believe the Data Subject has an overriding or legitimate interest in preventing the disclosure of the data. The processing of data in this category includes all data processed within the context of the relationship between Fronius and the Data Subject, when it is necessary to execute the purpose of the relationship. The legitimate interest of Fronius or the Fronius Group and of recipients of communications also includes the ability to operate a group-wide customer and supplier management system for the purpose of administrative optimization and simplification.
d) Because the data subject has given his consent to the processing.
The processing of Personal Data occurs on the basis of a Data Subject's consent for processing that can be cancelled at any time. For example, the Personal Data of Data Subjects is processed, for which the Data Subject has given prior consent, such as the publication of photographs of the data subject for documentation or advertising purposes.
5.2 Depending on your user experience, we may collect different categories of Personal Data of the Data Subject. The purpose of collection of the data is limited to the categories listed here.
a) Rendering or improving our products and services
b) Creating and managing your account
c) Administering the website and apps
d) Improving the use and content of our platforms (web and apps)
e) Safety and security
g) Online advertising
h) Personalizing and tailoring your experience
i) Providing a consistent experience across devices and platforms
j) Providing customer service and managing any complaints or requests
k) To make necessary disclosures and law enforcement
l) Administering a sale, transfer or reorganization.
For information regarding Fronius’ reasons for sharing data we collect with third parties, please see section 7 for more details.
6. Categories of Data Subjects and Data Collection (What is collected from me?)
|Data Subject||Definition||Potential Data Collected||Specific Information Regarding the Data Category|
|General Visitor||Visitors to the Fronius websites, who do not purchase directly from Fronius and who do not login to a Fronius platform which requires a sign-on or account.||Connection Data and System Data||Fronius processes the data for any of the purposes listed in Section 5.|
|Registered User (Solar.Web)||Once the Data Subject has successfully registered on a Fronius platform, the Data Subject becomes a Registered User. Registration requires your consent to disclose your personal data. A direct reference to your person, personal identifiers, or to the respective user’s personal data can only be established by Fronius after successful registration on a Fronius platform which uses and supports such data (e.g. Solar.Web).||Connection Data, System Data, Registered User Data, Site Data, and Operator Data||
Fronius uses the data for any of the purposes listed in Section 5.
Additional Release: After registering, you can make your user name visible to other members. In addition, you can share or release more data of your profile or your system and make it visible to other members. Within your profile, you have the option to adjust the settings to the extent to which your data will be released. It is entirely at your discretion to decide which and to what extent this data will be shared with other users or released. Details are further explained by the respective function on the websites.
|Job Applicants||Data Subjects, become job applicants when they submit their employment application for consideration through a Fronius job portal, or directly to a Fronius hiring manager.||
Connection Data and Registered User Data
Uncategorized auxiliary data which is provided by consent by the Job Applicant
This data is used to evaluate the applicant’s fitness for an employment relationship with Fronius.
Data from job applicants who are not employed will be erased seven months after completion of the application procedure, unless consent for record keeping has been given. In the case of a consent (in particular when sending electronic messages), the storage takes place until the Data Subject’s revocation which is possible at any time, whereby the revocation does not affect the processing carried out up to the date of the request.
When an employment relationship is established, the applicant data will be stored until termination of the employment relationship or beyond when required for a purpose stated in section 5.
|Newsletter Subscribers||If you subscribe to our newsletter, you have given consent for the subscription. We use the data necessary or separately provided by you to regularly send you our e-mail newsletter according to your consent.
The following information is tracked: Time of delivery, time of opening, duration of opening, IP address of the opening, e-mail program used (mail client), which link was clicked and the time of the click.
Connection Data and System Data
We use the e-mail marketing software mailworx to send and analyse our newsletters, which records the opening and clicking behaviour. The storage and processing of this data takes place exclusively for the purpose of being able to send the recipients tailored and relevant content.
Your e-mail address will not be disclosed to other companies. The consent for the use of your e-mail address for advertising purposes may be withdrawn at any time with effect for the future by clicking on the "Unsubscribe" link at the bottom of the newsletter or by sending a message to email@example.com. The data will not be disclosed to third parties or merged with other data. The data storage is done until cancellation of the newsletter subscription.
|Social Media Followers||You may choose to follow Fronius on social media accounts throughout the world. Social media platforms (i.e. Facebook, Instagram) have their own specific data collection policies. Fronius typically has access to your social media identifier (i.e. account name) and the media which is publically posted and associated with your account.
||Publically accessible information which has been shared by the Data Subject on the social media platform.||Fronius uses the data for any of the purposes listed in Section 5.|
|Events with Fronius
||When you sign up to participate in an event organized by Fronius, event specific data may be collected in order to ensure the equal enjoyment and success of the event for Fronius and the event participants. (i.e. dietary preference for catering)
Uncategorized auxiliary data which is provided by consent, including your name and company affiliation may disclosed to other participants (e.g. in a list of participants).
In addition, account data (for fee-based events), time data or attendance times during the event, may also be collected and processed.
As part of events, we regularly create visual and audio recordings to document the event, which may be published in media or in publications about the event. We will only process recordings based on your consent.
The processing of the listed personal data is necessary to achieve the stated purposes of the event. If the data is not provided by you or is not made available to the required extent, participation in the event may not take place.
Additionally, Fronius may use the data for any of the purposes listed in Section 5.
6.1 Connection Data: Our websites and apps, which can be visited at any time track the following information known as “Connection Data:”
a) Browser type and version
b) Operating system
c) Referrer URL (the specific visited website)
d) Host name of the accessing computer (IP address)
e) Time and date of the server request
f) Device (as in mobile or desktop)
6.1.2 Purpose of Connection Data: Connection Data is evaluated and used in an anonymous form by Fronius or in an anonymous form by a third party for the proper functioning of our website, for the provision of its contents, for the detection and tracking of misuse as well as for the improvement of our offer (e.g. by means of scientific research, data analysis, etc.) and any other purpose which is listed in section 5. Connection Data may be shared for valuable consideration with third parties and for any of the reasons listed in section 7.
6.2 System Data: Fronius collects clustered PV system and Fronius product data of Data Subjects who are registered or activated on a Fronius platform, such as Solar.Web. System Data refers to non-personal anonymized data from a PV system or product arising from the use of Fronius websites, Fronius apps, and Fronius services by registered or activated users. An identification of Data Subjects based on System Data is only possible through the process of elimination.
6.2.1 Purpose of System Data: System Data is evaluated and used in an anonymous form by Fronius or in an anonymous form by a third party for analysis of product effectiveness, efficiencies, statistical research or any of the purposes listed in section 5. When System Data is shared with third parties for valuable consideration, it is shared as a large data cluster or data package, so as to prevent the disclosure of Personal Information of a Data Subject through System Data. System Data may also be shared for any of the reasons listed in section 7.
6.3 Registered User Data: Registered User Data includes any data necessary for establishing an account on a Fronius platform. This data may include, but is not limited to: title, first name, last name, company, street, house number, postal code, city, state, country, time zone, phone number, fax number, e-mail address, date of birth, customer number, user name, password
6.3.1. Purpose of Registered User Data: Registered User Data is necessary to establish a personalized account of the Data Subject, the Data Subject’s PV system, Fronius products, or any purpose listed in section 5. Registered User Data is never shared with third parties for valuable consideration without the express written consent of the Data Subject. Registered User Data may be shared with third parties for any of the reasons listed in section 7.
6.4 Site Data: Site Data includes any data necessary for the proper tracking, monitoring, and maintenance of Fronius products on a Data Subject’s Site. This data may include, but is not limited to: site or system name, system identifier, commissioning date/time, company, street, house number, postal code, city, state, country, time zone, longitude, latitude, height, system performance, manufacturer, module type, system description, system image.
6.4.1 Purpose of Site Data: Site Data is necessary for the effective monitoring and servicing of Fronius products or for any of the reasons listed in section 5. Site data is never shared with third parties for valuable consideration without the express written consent of the Data Subject. Site Data may be shared with third parties for any of the reasons listed in section 7.
6.5 Operator Data: Operator Data includes any data necessary for the facilitation of support services by a third party on behalf of Data Subject or the PV system. This data may include, but is not limited to: Title, first name, last name, company, street, house number, postal code, city, state, country, time zone, phone number, fax number, e-mail address, customer number, sales tax identification number
6.5.1 Purpose of Operator Data: Operator Data is necessary for servicing the PV systems of Data Subjects and for any of the purposes listed in section 5. Operator Data is never shared with third parties for valuable consideration without the express written consent of the Data Subject. Operator Data may be shared with third parties for any of the reasons listed in section 7.
7. Sharing of Data (Why is my data shared?)
7.1 Fronius shares Personal Data with third parties for any or all of the following reasons:
a) Rendering Services: when we use a service provider to facilitate or offer our services;
b) Compliance: to ensure compliance with, and enforce, our Fronius Terms and Conditions.
c) Legal Obligation: when required by a court order or any legal or regulatory requirement;
d) Protection of Fronius Rights: to protect our rights and property and the rights and property of others
e) Consent: when explicitly requested by you (e.g., with social media networks); and
f) Safety and Security: to ensure the safety and security of our users, consumers and others
7.2 Fronius does not process Personal Data for automatic decision-making or profiling purposes.
II. Specialized Categories of Data
9. Google Analytics: Data protection and opt-out option
9.1 The Fronius website uses Google Analytics, a web analysis service provided by Google Inc. ("Google"). Google Analytics uses so-called "cookies", text files that are stored on your computer and which help analyse your use of the website. The information generated by the cookie about your use of the website is usually transmitted to a Google server in the USA and stored there. However, if IP anonymisation is enabled on the website, your IP address will first be truncated by Google within the member states of the European Union or other states party to the agreement on the European Economic Area. Only in exceptional cases will the full IP address be transferred to a Google server in the USA and truncated there. On behalf of the operator of the website, Google will use the information to evaluate your use of the website in order to compile reports about the website activity for us as website operators and to provide other services associated with the use of the website. The IP address that your browser transmits within the scope of Google Analytics will not be associated with any other data held by Google.
9.2 You can refuse the storing of cookies by selecting the appropriate settings on your browser software; however, we must point out that in t case you may not be able to use all the features of t website. You can also prevent the data generated by cookies concerning your use of the website (including your IP address) from being passed on to Google as well as the processing of these data by Google by downloading and installing the browser plugin available at the following link: https://tools.google.com/dlpage/gaoptout?hl=en
9.4 The Google tracking codes of t website use the extension "_anonymizeIP()" so that IP addresses are only processed in abbreviated form in order to prevent direct personal references.
10 Google Analytics Remarketing
10.1 The Fronius websites use the features of Google Analytics Remarketing combined with the cross-device capabilities of Google AdWords and Google DoubleClick. The provider is Google Inc., 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA.
This function enables the advertising target groups created with Google Analytics Remarketing to be linked with the cross-device functions of Google AdWords and Google DoubleClick. This allows advertising messages to be displayed based on your personal interests, identified from your previous usage and surfing behaviour on one device (e.g. your mobile phone), on other devices (such as a tablet or computer).
10.2 Once you have given your consent, Google will associate your web and app browsing tory with your Google Account for t purpose. That way, any device that signs in to your Google Account can use the same personalized advertising messages.
10.3 To support this feature, Google Analytics collects Google-authenticated IDs of users, which are temporarily linked to our Google Analytics data to define and create target groups for cross-device advertising. You can permanently object to cross-device remarketing/targeting by deactivating personalized advertising in your Google account; follow the link: https://www.google.com/settings/ads/onweb/
10.4 The summary of the data collected in your Google Account is based solely on your consent, which you can submit or revoke to Google. For data collection operations that are not merged into your Google Account (for example, because you do not have a Google Account or have opposed the merge), the collection of data is based on governing laws of your country of domicile. The legitimate interest arises from the fact that the website operator has an interest in anonymous analysis of website visitors for advertising purposes. Further information and the privacy policies can be found in Google's Data Privacy Statement at: https://www.google.com/policies/technologies/ads/
11. Hotjar: Data protection and opt-out option
11.2 You can object to the storage of a user profile and information about your visit to our website by Hotjar and the setting of Hotjar tracking cookies on other websites.
III. Contact details
Fronius International GmbH
Phone: +43 7242 241-0
Fax: +43 7242 241-3013
For any inquiries related to data protection or data security, please contact us at the e-mail address firstname.lastname@example.org.
For country specific information please click this link.