data privacy

Edisun Power takes the protection of personal data very seriously. For this reason, we inform you below about which data we store and how we use it.

 

1) General Information
Personal data refers to any information that relates to a specific or identifiable (natural or legal) person. This includes details such as first name and last name, salutation, postal address, e-mail address, telephone number, and similar information.

Data protection is very important to us. Therefore, we process your personal data («personal data») with great care and in accordance with the applicable legal requirements. Edisun Power Europe AG, Limmatquai 4, 8001 Zürich, Switzerland, processes your personal data for various purposes and hereby provides transparent information about these data processing activities. The term «personal data» refers to all information that can be associated with a specific or identifiable natural person. The term «processing» covers any handling of personal data, such as collecting, disclosing, storing, deleting, etc.

Please read the entire data protection declaration carefully. This way you will learn how and why we process your personal data and what rights you have in connection with these data processing activities.

This data protection declaration is based on the Swiss Data Protection Act (DSG). It also applies in accordance with the European General Data Protection Regulation (GDPR). The applicability of the GDPR depends on the individual case.
 

For whom and when does this data protection declaration apply?

  • if you receive services or products from us or are contractually connected with us
  • Visitors to our website www.edisunpower.com
  • if you contact us, e.g. via e-mail, letter, through our contact form or another contact tool
  • if you receive information or marketing communications from us
  • if you sign up for certain offers (e.g. events)
  • if you subscribe to our newsletter
  • if you apply to us
  • if you are involved in further data processing activities related to our offers

SSL- and TLS Encryption
When you enter your data on websites, place online orders, or send e-mails via the Internet, you must always assume that unauthorized third parties may access your data. There is no complete protection against such access. However, we do everything possible to protect your data and to close security gaps as far as possible. An important protective mechanism is the SSL- or TLS-encryption of our website, which ensures that data you transmit to us cannot be read by third parties. You can recognize the encryption by the lock icon before the entered internet address in your browser and by the fact that our internet address begins with https:// rather than http://.

2) Responsibility
The company responsible for processing personal data is the one that determines for which purpose and by which means the processing is carried out. For the data processing activities described in this data protection declaration, the following company or person is the «Controller» within the meaning of the DSG, i.e. the data protection authority, unless otherwise communicated in the specific individual case (identity):

Edisun Power Europe AG, Limmatquai 4, 8001 Zürich, Switzerland

If you have any concerns or questions regarding data protection, you can contact us at the following address: info@edisunpower.com
 

3) Personal Data Processed
We process different categories of personal data for various purposes. For contractual partners that are companies, we process less personal data – here we mainly process data of the company’s contact persons (e.g. name, e-mail address, role within the company, communication details). Many of the following personal data you provide to us yourself. In general, you are not obliged to do so. If you provide us with data about other persons, we assume that you are authorized to do so and that this data is correct. You automatically confirm this when you transmit data of these third parties to us. Please ensure that the affected third parties have been informed about this data protection declaration.

3.1) Basic Data and Contact Information

Basic data and contact information refer directly to your person and characteristics (e.g. to contact you). We process, for example, the following basic data:

  • Name, first name
  • E-mail address
  • Telephone number
  • Information on language preferences
  • Information on your job function and employment (e.g. type of employment, employer)

We receive these core data directly from you. Under certain conditions, however, we may also obtain personal data from third parties, such as our contractual partners, associations, and address brokers, as well as from publicly accessible sources like the internet.

3.2) Contract Data

Contract data are details collected in connection with the processing of a contract. We process the following data:

  • Information from the pre-contract phase and details regarding the conclusion of the contract itself (e.g. concerning the subject matter of the contract), as well as the data required or used for its execution
  • Date, details regarding the type and duration as well as the conditions of the respective contract, data regarding the termination of the contract
  • Customer history
  • Details on payments and payment modalities, mutual claims
  • Details on complaints, information regarding customer satisfaction, complaints, feedback
  • Responses to customer and satisfaction surveys

3.3) Application Data

Application data are data collected in connection with your application to us, e.g. the following data:

  • CV, cover letter
  • Employment and graduation certificates
  • Information about your current employment (e.g. notice period)
  • Salary expectations
  • Information in connection with an interview

3.4) Communication Data

Communication data are data that arise in connection with communication with you, e.g. the following data:

  • Contact details such as postal address, e-mail address, and telephone number
  • Content of the entire correspondence
  • Details on the type, time, and additional metadata of the communication

3.5) Location and Technical Data

When you visit our website, technical data is collected. This includes, for example, the following data:

  • Location and traffic data
  • IP address of the device and device ID
  • Information about your device, the operating system of your device
  • Information about your internet provider
  • Accessed content or logs in which the usage of our systems is recorded
  • Date and time of access to the website

3.6) Additional Possible Data

If necessary, we may also process the following additional data:

  • We may collect data about who participates in events and when.


4) Purposes of Our Data Processing
We process your personal data, as far as permitted, for various purposes for which we have a legitimate interest corresponding to the purpose:

  • For contract fulfillment
  • To improve our services and products
  • For communication (e.g. to respond to your messages)
  • For marketing and informational purposes (so that we can, for example, inform you about offers or new activities according to your personal interests)
  • Evaluation of your application (so that we can assess whether you are suitable for a position with us)
  • To maintain our IT security (in particular to monitor the performance of our website)
  • For internal administration (e.g. in the context of accounting or data archiving)
  • To comply with legal requirements (e.g. to process complaints, prevent and clarify offenses or other misconduct)
  • Assertion of legal claims (if necessary, we also process personal data to enforce claims in court, out-of-court, and before authorities domestically and abroad or to defend against legal claims)
  • For corporate development (e.g. for corporate management, for the processing of the buying and selling of business units, and the associated transfer of personal data)

5) Online Advertising Techniques
On our website, we use online advertising techniques such as cookies. This enables us to measure the user-friendliness and success of the website and the online advertising campaigns.

 

5.1) What are Online Advertising Techniques such as Cookies?

When we track you, we can distinguish your accesses from those of other users, thereby ensuring the functionality of the website and enabling statistical evaluations. With each page view, you are recognized as an individual visitor and can thus be distinguished from other persons, for example, by the server assigning your browser a unique identification number (this is then referred to as a so-called «cookie»). Cookies are automatically stored on your device when you visit our website. We use cookies, for example, to save settings between your visits to the website or to collect statistical and technical data.
 

5.2) Which Cookies or Online Advertising Techniques Do We Use?

We use analytical services to optimize our website. In the following, we explain by way of example the functioning of our most important analytical service providers. Other third-party providers of corresponding tools generally process personal data in a similar manner.

  • Google Analytics, an analysis service provided by Google LLC and Google Ireland Ltd. Google Ireland Ltd. is responsible for the processing of personal data. Google uses cookies and online advertising techniques to analyze certain information about the behavior of individual users on the website. Based on the analyzed data, Google provides us with evaluations, but also processes data for its own purposes. Information on data protection for Google Analytics can be found here: https://policies.google.com/privacy
  • LinkedIn, within our online offering we use the marketing services of the social network LinkedIn provided by LinkedIn Ireland Unlimited Company, Wilton Plaza, Wilton Place, Dublin 2, Ireland («LinkedIn»). These use cookies, i.e. text files stored on your computer. This enables us to analyze your use of the website. For example, we can measure the success of our advertisements and show users products for which they have previously shown interest. This collects, for example, information on the operating system, the browser, the previously accessed webpage (referrer URL), which pages the user visited, which offers the user clicked on, and the date and time of your visit to our website. The information generated by the cookie regarding your use of this website is pseudonymized and transmitted to a LinkedIn server in the USA where it is stored. LinkedIn does not store the name or e-mail address of the respective user. The above data is instead assigned only to the individual for whom the cookie was generated. This does not apply if the user has allowed LinkedIn to process data without pseudonymization or has a LinkedIn account. You can prevent the storage of cookies by configuring your browser software accordingly; however, please note that in this case you may not be able to use all the functions of this website to the full extent. You can also object to the use of your data directly with LinkedIn: https://www.linkedin.com/psettings/guest-controls/retargeting-opt-out. We use LinkedIn Analytics to analyze and regularly improve the use of our website. The statistics obtained allow us to improve our offering and design it more appealingly for you as a user. All LinkedIn companies have adopted the standard contractual clauses to ensure that the data traffic necessary for the development, execution, and maintenance of the services takes place lawfully in the USA and Singapore. If we ask users for consent, the legal basis for the processing is Art. 6 para. 1 lit. a GDPR. Otherwise, the legal basis for the use of LinkedIn Analytics is Art. 6 para. 1 sentence 1 lit. f GDPR. Information from the third-party provider: LinkedIn Ireland Unlimited Company, Wilton Place, Dublin 2, Ireland; User Agreement and Privacy Policy.
  • YouTube, on this website functions of the «YouTube» service are integrated. «YouTube» is owned by Google Ireland Limited, a company registered and operated under Irish law with its headquarters at Gordon House, Barrow Street, Dublin 4, Ireland, which operates the services in the European Economic Area and Switzerland. Your legal agreement with «YouTube» consists of the terms and conditions available at the following link: https://www.youtube.com/static?gl=DE&template=terms&hl=de. These terms form a legally binding agreement between you and «YouTube» regarding the use of the services. In Google's privacy policy, it is explained how «YouTube» handles your personal data and protects your data when you use the service.

6) Disclosure of Data to Other Companies and Further Recipients
We disclose your personal data to service providers. This concerns in particular IT service providers, but can – where necessary – also include analytical service providers, debt collection agencies, credit bureaus, marketing service providers, etc. As far as these service providers process personal data as data processors, they are obliged to process personal data exclusively according to our instructions and to take measures to ensure data security. Data may also be disclosed to other recipients, e.g. to courts and authorities in the context of legal proceedings.

In individual cases, it is possible that we also pass on personal data to other third parties for their own purposes, e.g. if you have given us your consent for this or if we are legally obliged or entitled to disclose the data.

 

7) Duration of Data Processing
We store and process your personal data as long as it is necessary for the purpose of processing (for data related to contracts, this is usually for the duration of the contractual relationship), as long as we have a legitimate interest in storing the data (e.g. to enforce legal claims or to ensure IT security), and as long as data is subject to a statutory retention obligation (for certain data, a ten-year retention period applies which we must strictly adhere to). We will delete or anonymize your personal data after the storage or processing period expires, unless legal or contractual obligations prohibit this.

 

8) Legal Bases under the GDPR for the Data Processing
Depending on the case, data processing is only permitted if the applicable law specifically allows it. This does not apply under Swiss data protection law, but does under the European GDPR, insofar as it is applicable. In this case, we base the processing of your personal data on the following legal bases:

  • based on your consent (Art. 6 para. 1 lit. a and Art. 9 para. 2 lit. a GDPR);
  • that the processing is necessary for contract fulfillment or for pre-contractual measures (Art. 6 para. 2 lit. b GDPR)
  • the processing is necessary for a legitimate interest in the data processing (Art. 6 para. 1 lit. f GDPR)
  • that the processing is necessary for the assertion or defense of legal claims or civil proceedings (Art. 6 para. 1 lit. f and Art. 9 para. 2 lit. f GDPR)
  • that the processing is necessary for compliance with domestic or foreign legal regulations (Art. 6 para. 1 lit. c and lit. f as well as Art. 9 para. 2 lit. g GDPR)

9) Rights of the Data Subject
Under the applicable data protection law, you have certain rights that allow you to obtain further information about our data processing and to influence it. These include in particular the following rights:

  • You have the right to obtain information. This means you can request information about our data processing. We are happy to provide you with this information. You can also submit a so-called access request if you wish to obtain further information and a copy of your data.
  • You have the right to data portability. This means you have the right to receive the personal data you have provided to us in a structured, commonly used, and machine-readable format or to have it transmitted to a third party, provided that the corresponding data processing is based on your consent or is necessary for contract fulfillment.
  • You have the right to deletion and objection. This means you can object to our data processing so that we no longer process your data. You can then request that we delete your personal data. However, please note that we will continue to process and store your data if we are obliged to do so.
  • You have the right to rectification. This means you can correct or complete incorrect or incomplete personal data or have it marked with a so-called objection notation.
  • You have the right to withdraw consent. This means you can withdraw your consent at any time, provided that you have previously given your consent for data processing. The withdrawal takes effect from that moment, i.e. only for the future and not for the past. It may be that we continue to process your data based on another legal basis in the event of your withdrawal.

If you exercise your rights as a data subject, we must verify your identity (this is done, for example, by sending a copy of your ID). The rights listed above are subject to legal requirements and limitations. This means that the exercise of the rights may not be fully possible in every case. For example, we may still need to process your personal data to fulfill an order with you, to protect our own legitimate interests, or to comply with legal obligations. As far as it is legally permissible (e.g. to protect the privacy of third parties as well as to safeguard our own legitimate interests such as the protection of trade secrets), we may restrict or refuse the exercise of your rights. It should also be mentioned that you have the possibility of addressing your concerns to the competent data protection authority.

 

10) Status of the Data Protection Declaration
This data protection declaration is up to date and dated August 31, 2023.