Privacy Policy

1. Introduction

Below we provide information in accordance with Art. 13 and 14 GDPR on the processing of personal data when using:

  • Our website tesvolt.com
  • Our Partner Portal (https://tesvoltpartner.b2clogin.com/[JA1] )
  • Our portal myTESWORLD (https://mytesworld.tesvolt.com/)
  • Our services in the field of flexibility marketing for battery storage systems
  • Our profiles in social media

Personal data includes all data that can be linked to a specific natural person, e.g. their name or IP address.

1.1. Contact information

The controller responsible for data processing on this website in accordance with Art. 4 (7) of the EU General Data Protection Regulation (GDPR) is:

TESVOLT AG
Am Heideberg 31
06886 Lutherstadt Wittenberg
Germany

Email: info@tesvolt.com

The controller responsible is the natural or legal person who alone or jointly with others decides on the purposes and means of processing personal data (e.g. names, email addresses, etc.).

We have appointed a data protection officer for our company. They can be reached at the following address.

TESVOLT AG Data Protection Officer
Am Heideberg 31
06886 Lutherstadt Wittenberg
Germany

Phone: +49 (0) 3491 87 97 100
Email: datenschutz@tesvolt.com

1.2. Scope of data processing, purposes of processing and the legal bases

The scope of the data processing, the purposes of the processing, and the legal bases are explained in detail below. The following are generally considered to be the legal bases for data processing:

  • Art. 6 (1) (1) (a) GDPR serves as the legal basis for processing operations for which we obtain consent.
  • Art. 6 (1) (1) (b) GDPR is the legal basis if the processing of personal data is necessary for the fulfilment of a contract, e.g. if a website visitor purchases a product from us or we perform a service for them. This legal basis also applies to processing that is necessary for pre-contractual measures, such as enquiries about our products or services.
  • Art. 6 (1) (1) (c) GDPR applies if we fulfil a legal obligation by processing personal data, as may be the case in tax law, for example.
  • Art. 6 (1) (1) (f) GDPR serves as the legal basis if we can cite legitimate interests for the processing of personal data, e.g. for cookies that are required for the technical operation of our website.

1.3. Data processing outside the EEA

Where we transfer data to service providers or other third parties outside the EEA, adequacy decisions of the EU Commission pursuant to Art. 45 (3) GDPR guarantee the security of the data in the course of transfer where such decisions exist, as is the case for the UK, Canada and Israel, for example.

In the absence of an adequacy decision (e.g. for the USA), the legal basis for data transfer is standard contractual clauses in most cases, i.e. unless we indicate otherwise. These are a set of rules adopted by the EU Commission and form part of the contract with the respective third party. According to Art. 46 (2) (b) GDPR, they guarantee that the transfer of data is secure. Many of these providers have also issued contractual guarantees that go beyond standard contractual clauses, which provide even greater protection for data. These may include guarantees concerning the encryption of data or the obligation of a third party to inform the data subject if law enforcement agencies wish to access data.

1.4. Storage period

Unless expressly stated in this privacy policy, the data we store is deleted as soon as it is no longer required for its intended purpose, the customer has not consented to further storage in accordance with Art. 6 (1) (1) (a) GDPR, and there are no statutory retention obligations that prevent deletion. If the data is not deleted because it is required for other purposes permitted by law, its processing is restricted, i.e. the data is blocked and not processed for other purposes. This applies, for example, to data that we must retain for reasons of commercial or tax law.

1.5. Rights of data subjects

Data subjects have the following rights vis-à-vis us with regard to their personal data:

  • Right to information, right to correction or deletion

Within the framework of the applicable legal provisions, you have the right at any time to information, free of charge, about your stored personal data, its origin, the recipient and the purpose of the data processing and, if necessary, a right to correction or deletion of this data. You can contact us at any time at the address provided in the legal notice for this purpose or for any other questions on the subject of personal data.

  • Right to restriction of processing

You have the right to request that the processing of your personal data be restricted. You can contact us at any time at the address provided in the legal notice for this purpose. The right to restrict processing exists in the following cases:

- If you dispute the accuracy of your personal data that we have stored, we generally need time to review the issue. You have the right to request that processing of your personal data be restricted for the period of this review.

- If the processing of your personal data was/is unlawful, you can request that the processing of your data be restricted instead of deleted.

- If we no longer need your personal data, but you need it to exercise, defend or assert legal claims, you have the right to request that the processing of your personal data be restricted instead of deleted.

- If you have filed an objection in accordance with Art. 21 (1) GDPR, a balance must be struck between your interests and ours. You have the right to request that the processing of your personal data be restricted while the prevailing interest is being determined.

If you have restricted the processing of your personal data, this data – with the exception of its storage – may only be processed with your consent or for the establishment, exercise or defence of legal claims or for the protection of the rights of another natural or legal person or for reasons of important public interest of the European Union or of a member state.

  • Right to object to processing

If data is processed on the basis of Art. 6 (1) (1) (e) or (f) GDPR, you have the right to object to the processing of your personal data at any time for reasons related to your particular situation. You can find the respective legal basis on which processing is based in this privacy policy. If you file an objection, we cease processing your personal data unless we can demonstrate that we have compelling and legitimate grounds for such processing that override your interests, rights and freedoms, or for the establishment, exercise or defence of legal claims (objection pursuant to Art. 21 (1) GDPR).

If your personal data is processed for the purpose of direct marketing, you have the right to object at any time to the processing of personal data concerning you for the purpose of such marketing. If you object, your personal data will no longer be used for the purpose of direct marketing (objection pursuant to Art. 21 (2) GDPR).

  • Right to data portability

You have the right to request that data that we process automatically on the basis of your consent or in fulfilment of a contract be handed over to you or to a third party in a commonly used, machine-readable format. If you request the direct transfer of the data to another controller, we will only fulfil your request if it is technically feasible.

  • Right to withdraw consent at any time

Many data processing operations are only possible with your express consent. You can revoke your consent at any time. In the event of revocation, the legality of the processing prior to revocation remains unaffected.

  • Right to file a complaint with the responsible supervisory authority

Data subjects also have the right to file a complaint with a data protection supervisory authority about the processing of their personal data. Contact information for the data protection supervisory authorities can be found at https://www.bfdi.bund.de/EN/Service/Anschriften/Laender/Laender-node.html.

1.6. Duty to provide data

As part of a business relationship or other relationship, customers, interested parties and third parties only have to provide us with the personal data that is necessary for the establishment, implementation and termination of the business or other relationship, and the data we are legally obligated to collect. Without this data, we will normally refuse to conclude a contract or provide a service, or will no longer able to fulfil an existing contract or other relationship. Mandatory information is marked as such.

1.7. No automated decision-making in individual cases

Generally, we do not use fully automated decision-making in accordance with Article 22 of GDPR to establish or implement business relationships or any other form of relationship. Should we use these procedures in individual cases, we will inform you separately if this is required by law.

1.8. Contacting us

When you contact us, e.g. by email or telephone, we store the data provided to us (e.g. names and email addresses) in order to answer questions. The legal basis for data processing is our legitimate interest (Art. 6 (1) (1) (f) GDPR) in responding to enquiries addressed to us. We delete the data collected for this purpose after storage is no longer required, or restrict processing if we have a legal obligation to retain the data.

1.9. Customer surveys

From time to time we conduct customer surveys to get to know our customers and their needs better. In each case, we collect the requested data. We have a legitimate interest in better understanding our customers and their wishes, therefore the legal basis for the corresponding data processing is Art. 6 (1) (1) (f) GDPR. We delete the data after the results of the surveys have been analysed.

1.10. SSL and/or TLS encryption

This site uses SSL and/or TLS encryption for security reasons and to protect the transmission of confidential content, such as orders or enquiries that you send to us, the site operator. You can recognise an encrypted connection by the browser address line changing from “http://” to “https://” and by the lock symbol in your browser line.
If SSL or TLS encryption is activated, the data you transmit to us cannot be read by third parties.

2. Newsletter

We reserve the right to periodically inform customers who have already used our services or purchased goods from us about our offers by email or other electronic means if they have not objected to this. The legal basis for this data processing is Art. 6 (1) (1) (f) GDPR. Our legitimate interest relates to direct marketing (Recital 47 GDPR). Customers can object to the use of their email address for advertising purposes at any time at no additional cost, for example via the link at the end of each email or by sending an email to our email address above.

Interested parties have the option of subscribing to a free newsletter. We process the data provided upon registration exclusively for the purpose of sending the newsletter. Interested parties can register by selecting the corresponding field on our website, by ticking the corresponding field in a paper document or by another distinct action, thus declaring their consent to the processing of their data, therefore the legal basis is Art. 6 (1) (1) (a) GDPR. Consent can be revoked at any time, for example by clicking on the corresponding link in the newsletter or by sending a message to the email address provided above. In the event of revocation, the legality of the processing prior to revocation remains unaffected.

Based on the consent of the recipients (Art. 6 (1) (1) (a) GDPR), we also measure the opening and click rate of our newsletters in order to understand which content is relevant for our subscribers.

We send newsletters using the Microsoft Dynamics 365 tool from the provider Microsoft Corporation, One Microsoft Way, Redmond, WA 98052-6399, USA (privacy policy: https://privacy.microsoft.com/en-gb/privacystatement?culture=de-de&country=DE). The provider processes content data, usage data, meta/communication data and contact data in the EU.

We send newsletters with Microsoft Dynamics 365 CRM (on servers in the EU). The provider processes content data, usage data, meta/communication data and contact data.

3. Data processing on our website tesvolt.com

3.1. Notice for website visitors from Germany

Our website stores information on the end device of website visitors (e.g. cookies) or accesses information that is already stored on the end device (e.g. IP addresses). This information can be found in detail in the following sections.

This storage and access takes place on the basis of the following provisions:

  • This storage or access is based on Section 25 (2) (2) Telecommunications and Telemedia Data Protection Act (TTDPA), to the extent it is absolutely necessary that we provide the service expressly requested by website visitors (e.g. to run a chatbot used by the website visitor or to ensure the IT security of our website).
  • Otherwise, this storage or access is based on the consent of the website visitor (Section 25 (1) TTDPA).

Downstream data processing is carried out in accordance with the following sections and on the basis of the provisions contained in the GDPR.

3.2. Use of the website for informational purposes

When the website is used for informational purposes, i.e. when visitors to the site do not transmit information to us separately, we collect the personal data that the browser transmits to our server in order to ensure the stability and security of our website. This is our legitimate interest, therefore the legal basis is Art. 6 (1) (1) (f) GDPR.

This data includes:

  • IP address
  • Date and time of the request
  • Time zone difference to Greenwich Mean Time (GMT)
  • Content of the request (specific page)
  • Access status/HTTP status code
  • Amount of data transferred in each case
  • Website from which the request originates
  • Browser
  • Operating system and its interface
  • Language and version of the browser software

This data is also stored in log files. It is deleted when storage is no longer required, no more than 14 days.

3.3. Web hosting and provision of the website

Our website hosts All-Inkl.com. The provider is René Münnich (“ALL-INKL.COM - Neue Medien Münnich”), Hauptstraße 68, 02742 Friedersdorf, Germany. The provider processes the personal data transmitted via the website, e.g. content data, usage data, meta/communication data and contact data, in the EU. Additional information can be found in the provider’s privacy policy at https://all-inkl.com/datenschutzinformationen/.

Our website hosts Cicero. The provider is Werbeagentur Cicero, Kagenhofer Weg 3, 90556 Seukendorf, Germany. The provider processes the personal data transmitted via the website, e.g. content data , usage data, meta/communication data and contact data, in the EU. Additional information can be found in the provider’s privacy policy at https://www.werbeagentur-cicero.de/166/datenschutzerklaerung.

We have a legitimate interest in providing a website, therefore the legal basis for the data processing described is Art. 6 (1) (1) (f) GDPR.

3.4. Contact form

When you contact us via the contact form on our website, we store the data requested there and the content of the message.
The legal basis for data processing is our legitimate interest in responding to enquiries addressed to us. Therefore, the legal basis for the data processing is Art. 6 (1) (1) (f) GDPR.
We delete the data collected for this purpose after storage is no longer required, or restrict processing if we have a legal obligation to retain the data.

3.5. Job advertisements and applications

We publish vacant positions in our company on our website, on pages linked to the website and on third-party websites.
The data provided is processed as part of the application process. Where this is necessary for our decision to establish an employment relationship, the legal basis is Art. 88 (1) GDPR in conjunction with Section 26 (1) Federal Data Protection Act. We have marked or referred to the data required to carry out the application process accordingly. If applicants do not provide this information, we cannot process the application.
Any additional data is voluntary and not required for the application. If applicants provide further information, this is based on their consent (Art. 6 (1) (1) (a) GDPR).

We ask applicants to refrain from providing information on political opinions or religious beliefs or similarly sensitive data in their CVs and cover letters. This type of information is not required for a job application. If applicants nevertheless provide such information, we cannot prevent this information from being processed as part of the CV or cover letter. The processing of this data is then also based on the consent of the applicants (Art. 9 (2) (a) GDPR).

If applicants have granted consent, we process their data for other employment applications. In this case, the legal basis is Art. 6 (1) (1) (a) GDPR.

We pass on the applicant’s data to the relevant employees in the HR department, to our recruitment personnel, and to the other employees involved in the application process.

If we enter into an employment relationship with the applicant following the application process, we only delete the data after the employment relationship has ended. Otherwise, we will delete the data no later than six months after the rejection of an applicant, unless consent has been given for further use in the talent pool and for consideration in further job applications.

3.6. Payment service providers

To process payments, we use payment processors who are themselves data controllers within the meaning of Art. 4 No. 7 GDPR. Where they receive the data and payment data we enter in the course of the ordering process, we fulfil the contract concluded with our customers (Art. 6 (1) (1) (b) GDPR).

These payment service providers are:

  • PayOne GmbH, Frankfurt am Main, Germany (general payment portal and SEPA direct debit) and, if applicable, one of the following at the customer’s discretion:
  • Klarna Bank AB (publ), Sweden (“instant bank transfer”)
  • Visa Inc., USA
  • Mastercard Europe SA, Belgium
  • PayPal (Europe) S.à r.l. et Cie, S.C.A., Luxembourg (if available)
  • Stripe Payments Europe, Ltd., Ireland

3.7. Cookies required for technical reasons

Our website uses cookies. Cookies are small text files that are stored in the web browser on the end device of a website visitor. Cookies help to make the website more user-friendly, effective and secure. To the extent that these cookies are necessary for the operation of our website or its functions (hereinafter referred to as “Cookies required for technical reasons”), the legal basis for the corresponding data processing is Art. 6 (1) (1) (f) GDPR. We have a legitimate interest in providing customers and other site visitors with a functional website.
More specifically, we place cookies that are technically necessary for the following purpose or purposes:

  • Cookies that apply language settings
  • Cookies that save the shopping cart
  • Cookies that store log-in data
  • Cookies that payment providers use for payment processing but not for analysing user behaviour
  • Flash cookies that are used to play media content

3.8. Third-party providers

3.8.1. ​LinkedIn Insight Tag​

We use LinkedIn Insight Tag for conversion tracking. The provider is LinkedIn Ireland Unlimited Company, Wilton Place, Dublin 2, Ireland. The provider processes usage data (e.g. websites visited, interest in content, access times) and meta/communication data (e.g. device information, IP addresses) in the EU.

The legal basis for processing is Art. 6 (1) (1) (a) GDPR. Data is processed on the basis of consent. Data subjects can revoke their consent at any time, e.g. by contacting us via the contact information provided in our privacy policy. In the event of revocation, the legality of the processing prior to revocation remains unaffected.

The data is deleted when the purpose for which it was collected no longer applies and there is no obligation to retain it. Additional information can be found in the provider’s privacy policy at https://www.linkedin.com/legal/privacy-policy.

3.8.2. ​Google Webfonts​

We use Google Webfonts for fonts on the website. The provider is Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland. However, data is only processed on our servers. We process meta/communication data (e.g. device information, IP addresses) in the EU.

The legal basis for processing is Art. 6 (1) (1) (f) GDPR. We have a legitimate interest in using readily applicable and cost-effective fonts on our website.

Additional information can be found in the provider’s privacy policy at https://policies.google.com/privacy.3.8.3. ​Hotjar​

We use Hotjar for analysis purposes. The provider is Hotjar Ltd, Dragonara Business Centre, 5th Floor, Dragonara Road, Paceville St Julian’s, STJ 3141, Malta. The provider processes usage data (e.g. websites visited, interest in content, access times) and meta/communication data (e.g. device information, IP addresses) in the EU.

The legal basis for processing is Art. 6 (1) (1) (a) GDPR. Data is processed on the basis of consent. Data subjects can revoke their consent at any time, e.g. by contacting us via the contact information provided in our privacy policy. In the event of revocation, the legality of the processing prior to revocation remains unaffected.

The data is deleted when the purpose for which it was collected no longer applies and there is no obligation to retain it. Additional information can be found in the provider’s privacy policy at https://www.hotjar.com/legal/policies/privacy/.

3.8.4. ​YouTube Videos​

We use YouTube videos for videos on the website. The provider is Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland. The provider processes usage data (e.g. websites visited, interest in content, access times) and meta/communication data (e.g. device information, IP addresses) in the USA.

The legal basis for processing is Art. 6 (1) (1) (a) GDPR. Data is processed on the basis of consent. Data subjects can revoke their consent at any time, e.g. by contacting us via the contact information provided in our privacy policy. In the event of revocation, the legality of the processing prior to revocation remains unaffected.

The legal basis for transferring data to a country outside the EEA is consent.

Additional information can be found in the provider’s privacy policy at https://policies.google.com/privacy.

3.8.5. ​Calendly​

We use Calendly to plan appointments. The provider is Calendly LLC, BB&T Tower, 271 17th St NW, Atlanta, GA 30363, USA. The provider processes usage data (e.g. websites visited, interest in content, access times), contact data (e.g. email addresses, telephone numbers) and master data (e.g. names, addresses) in the USA.

The legal basis for processing is Art. 6 (1) (1) (a) GDPR. Data is processed on the basis of consent. Data subjects can revoke their consent at any time, e.g. by contacting us via the contact information provided in our privacy policy. In the event of revocation, the legality of the processing prior to revocation remains unaffected.

The legal basis for transferring data to a country outside the EEA is standard contractual clauses. The security of the data transferred to the third country (i.e. a country outside the EEA) is guaranteed by standard data protection clauses issued in accordance with the review procedure pursuant to Art. 93 (2) GDPR (Art. 46 (2) (c) GDPR) that we have agreed with the provider.

We delete the data when the purpose for which it was collected no longer applies. Additional information can be found in the provider’s privacy policy at https://calendly.com/pages/privacy.

3.8.6. ​Google Ads​

We use Google Ads as an online advertising programme to analyse user behaviour on our website (e.g. clicking on certain products, or “remarketing”). The provider is Google Ireland Limited (“Google”), Gordon House, Barrow Street, Dublin 4, Ireland. Google Ads enables us to display advertisements in the Google search engine or on third-party websites when the user enters certain search terms into Google (keyword targeting). Furthermore, targeted advertisements can be displayed based on the user data available to Google (e.g. location data and interests) (target group targeting). As website operators, we can evaluate this data quantitatively by analysing, for example, which search terms led to the display of our advertisements and how many advertisements led to corresponding clicks.
The legal basis for processing is Art. 6 (1) (1) (f) GDPR. As the website operator, we have a legitimate interest in marketing our services and products as effectively as possible.

3.8.7. ​Google Analytics​

We use Google Analytics for analysis purposes. The provider is Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Dublin, Ireland. The provider processes usage data (e.g. websites visited, interest in content, access times) and meta/communication data (e.g. device information, IP addresses) in the USA.
We have activated the IP anonymisation function on this website. As a result, your IP address is shortened by Google within member states of the European Union or in other signatory states to the Agreement on the European Economic Area before being transmitted to the USA. Only in exceptional cases will the full IP address be transmitted to a Google server in the USA and truncated there. On behalf of the operator of this website, Google uses this information to evaluate your use of the website, to compile reports on website activity, and to provide other services related to website activity and internet usage to the website operator. The IP address transmitted by your browser as part of Google Analytics is not merged with other Google data.

This website uses the “demographic characteristics” function of Google Analytics to display suitable advertisements to website visitors within the Google advertising network. This allows reports to be created that contain information on the age, gender and interests of website visitors. This data comes from interest-based advertising from Google and third-party visitor data. This data cannot be assigned to a specific person. You can deactivate this function at any time via the ad settings in your Google account or generally prohibit the collection of your data by Google Analytics as described in the section “Objection to data collection”.

The legal basis for processing is Art. 6 (1) (1) (a) GDPR. Data is processed on the basis of consent. Data subjects can revoke their consent at any time, e.g. by contacting us via the contact information provided in our privacy policy. In the event of revocation, the legality of the processing prior to revocation remains unaffected.

The legal basis for transferring data to a country outside the EEA is standard contractual clauses. The security of the data transferred to the third country (i.e. a country outside the EEA) is guaranteed by standard data protection clauses issued in accordance with the review procedure pursuant to Art. 93 (2) GDPR (Art. 46 (2) (c) GDPR) that we have agreed with the provider.

Data stored by Google at user and event level that is linked to cookies, user IDs or advertising IDs (e.g. DoubleClick cookies, Android advertising ID) is anonymised or deleted after 14 months. Additional information can be found in the provider’s privacy policy at https://policies.google.com/privacy.

3.8.8. ​Google reCAPTCHA​

We use “Google reCAPTCHA” (hereinafter referred to as “reCAPTCHA”) on our websites. The provider is Google Inc., 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA (“Google”).

The purpose of reCAPTCHA is to check whether the data input on our websites (e.g. in a contact form) is made by a human or by an automated program. For this purpose, reCAPTCHA analyses the behaviour of the website visitor based on various characteristics. This analysis begins automatically as soon as the website visitor enters the website. For its analysis, reCAPTCHA evaluates various information (e.g. IP address, time spent on the website by the website visitor or mouse movements made by the user). The data collected for the analysis is forwarded to Google.

Data processing is carried out on the basis of Art. 6 (1) (1) (f) GDPR. The website operator has a legitimate interest in protecting its website from abusive automated spying or improper use.

Additional information about Google reCAPTCHA and Google’s privacy policy can be found here: https://policies.google.com/privacy and https://www.google.com/recaptcha/about/.

3.8.9. ​Meta Pixel​

We use Meta Pixel for analysis purposes. The provider is Meta Platforms Ireland Ltd., 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland. The provider processes usage data (e.g. websites visited, interest in content, access times) in the USA.

The legal basis for processing is Art. 6 (1) (1) (a) GDPR. Data is processed on the basis of consent. Data subjects can revoke their consent at any time, e.g. by contacting us via the contact information provided in our privacy policy. In the event of revocation, the legality of the processing prior to revocation remains unaffected.

The legal basis for transferring data to a country outside the EEA is standard contractual clauses. The security of the data transferred to the third country (i.e. a country outside the EEA) is guaranteed by standard data protection clauses issued in accordance with the review procedure pursuant to Art. 93 (2) GDPR (Art. 46 (2) (c) GDPR) that we have agreed with the provider.

The data is deleted when the purpose for which it was collected no longer applies and there is no obligation to retain it. Additional information can be found in the provider’s privacy policy at https://www.facebook.com/policy.php.

3.8.10. ​Zoom​

We use Zoom to conduct webinars, online meetings and video and telephone conferences. The provider is Zoom Video Communications Inc, 55 Almaden Blvd, Suite 600, San Jose, CA 95113, USA. The provider processes usage data in the USA.

The legal basis for processing the personal data of registered participants in the context of organising webinars is Art. 6 (1) (b) GDPR. The legal basis is Art. 6 (1) (f) GDPR if there is no contractual relationship (registration for a webinar). We are also interested in the effective organisation of webinars and conferences. The legal basis for transferring data to a country outside the EEA is standard contractual clauses. The security of the data transferred to the third country (i.e. a country outside the EEA) is guaranteed by standard data protection clauses issued in accordance with the review procedure pursuant to Art. 93 (2) GDPR (Art. 46 (2) (c) GDPR) that we have agreed with the provider.

The data is deleted when the purpose for which it was collected no longer applies and there is no obligation to retain it. Additional information can be found in the provider’s privacy policy at https://explore.zoom.us/en/privacy/.

4. Data processing in our Partner Portal

4.1. Partner account

Visitors to the website can open an account on the Partner Portal of our website – available at tesvoltpartner.b2clogin.com. We process the data requested in this context based on the consent of the site visitor. Therefore, the legal basis for the data processing is Art. 6 (1) (1) (a) GDPR.

Consent can be revoked at any time, e.g. via the contact details provided in our privacy policy. In the event of revocation, the legality of the processing prior to revocation remains unaffected. If consent is withdrawn, we delete the data unless we are obligated or authorised to retain it.

In addition to the data entered upon registration, we also process IP addresses for registration purposes.

4.2. Goods and services offered

We offer goods and services via our partner portal. We process the following data as part of the order:

  • Name
  • Email address
  • Address

The data is processed to fulfil the contract concluded with the respective website visitor (Art. 6 (1) (1) (b) GDPR).

We pass on the aforementioned data to the service providers if this is required as part of the order. This data includes in particular:

  • Dachser Logistics SE, Thomas-Dachser-Allee 2, 12529 Schönefeld, Germany
  • DHL Paket GmbH, Sträßchensweg 10, 53113 Bonn, Germany
  • UPS Europa SA, Ave Ariane 5, Brussels, 1200, Belgium
  • GO! Express & Logistics (Nordost) GmbH, Adam-von-Trott-Str. 1, 13627 Berlin, Germany
  • Euler Hermes SA, Gasstraße 29, 22761 Hamburg, Germany

The legal basis for the data processing is Art. 6 (1) (1) (b) GDPR because it is necessary for the fulfilment of the contract.

5. Data processing in myTESWORLD portal

Certain TESVOLT battery storage systems are sold by TESVOLT in combination with the TESVOLT Energy Manager. The TESVOLT Energy Manager is an energy management system consisting of a small box with the TESVOLT Energy Manager software, which enables optimised management of the TESVOLT battery storage system. Users can open an account via TESVOLT’s web-based myTESWORLD portal, which can be accessed at mytesworld.tesvolt.com. We process the data requested in this context to make the portal available to users and to enable the individual configuration and management of TESVOLT battery storage systems and the resulting energy flows.

The legal basis for the data processing is Art. 6 (1) (b) GDPR because it is necessary for the performance of the contract.

If legally permitted and required for the performance of contractual relationships with users pursuant to Art. 6 (1) (1) (b) GDPR, personal data of users is disclosed to third parties. In particular, this includes disclosure within the framework of providing the portal and disclosure of payment details to payment service providers or credit institutions in order to carry out a payment process. The personal data disclosed may only be used by the third party for the specified purposes.

In addition, the data generated via the portal can be used and analysed in pre-anonymised form for research purposes and also passed on to third parties in the same form for commercial use.

6. Data processing as part of flexibility marketing

As part of the flexibility marketing of battery storage on behalf of customers, we process the following personal data:

· Name

· Address

· Email address

· Company name and designation

· Storage data/storage availability

· Energy data

The legal basis for the data processing is Art. 6 (1) (b) GDPR because it is necessary for the performance of the contract.

If legally permitted and required for the performance of contractual relationships with users pursuant to Art. 6 (1) (1) (b) GDPR, the personal data of users is disclosed to third parties. The personal data disclosed may only be used by the third party for the specified purposes.


7. Data processing on social media platforms

We are present on social media networks to represent our organisation and our services. The operators of these networks regularly process their users’ data for advertising purposes. This includes creating user profiles from their online behaviour which are used, for example, to display advertising on the network pages and elsewhere on the internet that corresponds to the interests of the users. For this purpose, the operators of the networks use cookies to store information about user behaviour on the user’s computer. Furthermore, it cannot be ruled out that the operators will merge this information with other data. Additional information and instructions on how users can object to processing by the site operators can be found in the privacy policy declarations of the respective operators listed below. It is also possible that the operators or their servers are located in non-EU countries, which means that they can process data there. This can result in risks for users, e.g. because it makes it more difficult to enforce their rights or because government authorities have access to the data.

When users of the networks contact us via our profiles, we process the data provided to us in order to respond to the enquiries. This is our legitimate interest, therefore, the legal basis is Art. 6 (1) (1) (f) GDPR.

7.1. Facebook

We maintain a profile on Facebook. The operator is Meta Platforms Ireland Ltd., 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland. The privacy policy is available at: https://www.facebook.com/policy.php. One way to object to data processing is via the advertising settings: https://www.facebook.com/settings?tab=ads.
Based on an agreement within the meaning of Art. 26 GDPR, we are jointly responsible with Facebook for processing the data of visitors to our profile. Facebook explains exactly which data is processed at https://www.facebook.com/legal/terms/information_about_page_insights_data. Data subjects can exercise their rights against both us and Facebook. However, according to our agreement with Facebook, we are obligated to forward enquiries to Facebook. This means that data subjects receive feedback faster if they contact Facebook directly.

7.2. Instagram

We maintain a profile on Instagram. The operator is Facebook Ireland Ltd., 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland. The privacy policy is available at: https://help.instagram.com/519522125107875.

7.3. YouTube

We maintain a profile on YouTube. The operator is Google Ireland Limited Gordon House, Barrow Street Dublin 4. Ireland. The privacy policy is available at: https://policies.google.com/privacy?hl=en.

7.4. X (formerly Twitter)

We maintain a profile on X (formerly Twitter). The operator is X Corp., 1355 Market Street, Suite 900, San Francisco, CA 94103, USA. The privacy policy is available at: https://twitter.com/en/privacy. One way to object to data processing is via the advertising settings: https://twitter.com/personalization.

7.5. LinkedIn

We maintain a profile on LinkedIn. The operator is LinkedIn Ireland Unlimited Company, Wilton Place, Dublin 2, Ireland. The privacy policy is available at: https://www.linkedin.com/legal/privacy-policy.[JA2] One way to object to data processing is via the advertising settings: https://www.linkedin.com/psettings/guest-controls/retargeting-opt-out.

7.6. Xing

We maintain a profile on Xing. The operator is New Work SE, Dammtorstraße 29-32, 20354 Hamburg, Germany. The privacy policy is available at: https://privacy.xing.com/en/privacy-policy.

8. Changes to this privacy policy

We reserve the right to amend this privacy policy at any time with future effect. A current version is available at https://www.tesvolt.com/en/privacy.html.

9. Questions and comments

If you have any questions or comments regarding this privacy policy, please do not hesitate to contact us using the contact information provided above.

Last revised: 25 January 2024