RESPONSIBLE

SunHybrid GmbH

Eisenbahnstr. 36
73235 Weilheim an der Teck

E-mail address:  info@sunfruits.eu

Imprint:  www.sunfruits.eu/impressum

OVERVIEW OF THE PROCESSING OPERATIONS

The following overview summarizes the types of data processed and the purposes of their processing and refers to the data subjects.

TYPES OF DATA PROCESSED

• Contact data.
• Usage data.
• Content data.
• Inventory data.
• Meta, communication and process data.

CATEGORIES OF DATA SUBJECTS

• Customers.
• Users.
• Communication partners.

PURPOSES OF THE PROCESSING

• Contact requests and communication.
• Security measures.
• Range measurement.
• Tracking.
• Managing and responding to inquiries.
• Feedback.
• Marketing.
• Profiles with user-related information.
• Provision of our online services and user-friendliness.
• Information technology infrastructure.

RELEVANT LEGAL BASIS

Below you will find an overview of the legal bases of the GDPR on the basis of which we process personal data. Please note that in addition to the provisions of the GDPR, national data protection regulations may apply in your or our country of residence or domicile. Should more specific legal bases also apply in individual cases, we will inform you of these in the privacy policy.

• Consent (Art. 6 para. 1 sentence 1 lit. a) GDPR) – The data subject has given their consent to the processing of their personal data for a specific purpose or several specific purposes.
• Performance of a contract and pre-contractual inquiries (Art. 6 para. 1 sentence 1 lit. b) GD PR) – Processing is necessary for the performance of a contract to which the data subject is party or in order to take steps at the request of the data subject prior to entering into a contract.
• Legitimate interests (Art. 6 para. 1 sentence 1 lit. f) GD PR) – Processing is necessary for the purposes of the legitimate interests pursued by the controller or by a third party, except where such interests are overridden by the interests or fundamental rights and freedoms of the data subject which require protection of personal data.

In addition to the data protection regulations of the GDPR, national data protection regulations apply in Germany. These include, in particular, the Act on the Protection against Misuse of Personal Data in Data Processing (Federal Data Protection Act – BDSG). In particular, the BDSG contains special regulations on the right to information, the right to erasure, the right to object, the processing of special categories of personal data, processing for other purposes and transmission as well as automated decision-making in individual cases, including profiling. It also regulates data processing for the purposes of the employment relationship (Section 26 BDSG), in particular with regard to the establishment, implementation or termination of employment relationships and the consent of employees. The data protection laws of the individual federal states may also apply.

SECURITY MEASURES

We take appropriate technical and organizational measures in accordance with the legal requirements, taking into account the state of the art, the implementation costs and the nature, scope, circumstances and purposes of the processing as well as the different probabilities of occurrence and the extent of the threat to the rights and freedoms of natural persons, in order to ensure a level of protection appropriate to the risk.

The measures include, in particular, safeguarding the confidentiality, integrity and availability of data by controlling physical and electronic access to the data as well as access, input, disclosure, safeguarding availability and separation of the data. Furthermore, we have established procedures that ensure the exercise of data subject rights, the deletion of data and responses to data threats. Furthermore, we take the protection of personal data into account as early as the development or selection of hardware, software and procedures in accordance with the principle of data protection, through technology design and data protection-friendly default settings.

TLS encryption (https): We use TLS encryption to protect your data transmitted via our online offering. You can recognize such encrypted connections by the prefix https:// in the address bar of your browser.

TRANSMISSION OF PERSONAL DATA

As part of our processing of personal data, the data may be transmitted to other bodies, companies, legally independent organizational units or persons or disclosed to them. The recipients of this data may include, for example, service providers commissioned with IT tasks or providers of services and content that are integrated into a website. In such cases, please note