JinkoSolar

Building Your Trust in Solar

Data privacy

Data privacy

Jinko Solar GmbH (hereinafter ‘we’) appreciates your visit to our website and your interest in our company.

We take the protection of your personal data very seriously and want you to feel safe and secure when visiting our website.

We therefore describe in this Privacy Policy which personal data we process when you visit our website, and what rights you have. For that reason, please carefully read the information below.

Personal data is any information relating to an identified or identifiable natural person. This includes your name, address and communication data, or e-mail address, for example. Processing refers to any operation or set of operations which is performed on personal data or on sets of personal data, whether or not by automated means, such as collection, recording, organization, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure, or destruction.

Data subject is any identified or identifiable natural person whose personal data is processed by the controller.

Controller means the natural or legal person, public authority, agency, or other body which, alone or jointly with others, determines the purposes and means of the processing of personal data.

User encompasses all categories of data subjects affected by data processing. This includes our business partners and other visitors to our website.

The terms we use are supplemented by the definitions set out in Article 4 of the General Data Protection Regulation (GDPR).

Privacy Policy

  1. The controller for the purposes of data protection law:

Jinko Solar GmbH
Freisingerstr. 9
85716 Unterschleißheim, Germany

Tel.: (+49 - 89) 143-32460
E-mail: datenschutz@jinkosolar.eu

  1. Data Protection Officer

Should you have any questions regarding the processing of your personal data, please contact our data protection officer who would also be pleased to assist you with matters regarding requests for information, requests, and complaints: datenschutz@jinkosolar.eu

  1. Scope and Processing of Personal Data

3.1. Your visit to our website

When you visit our website, your browser transmits certain data to our Web server for technical reasons. This information comprises the following data (known as ‘server log files’):

IP address
• Date and time of the request
• Difference in time zone from Greenwich Mean Time (GMT)
• Content of the request (specific page)
• Operating system and its access status/HTTP status code
• Volume of data transferred
• Website from which the request is sent (‘referrer URL’)
• Browser, language, and version of browser software

3.1.1. Purpose of data processing and legal basis

It is necessary to store this data in log files in order to ensure the functionality of the website. It helps us to optimize the website and ensure the security of our IT systems.

We collect this data on the basis of our legitimate interest pursuant to Article 6(1)(f) of the GDPR in order to display our website and guarantee its security.

3.1.2 Duration of data storage

Information in the log files is stored for security reasons (e.g., for the investigation of acts of misuse or fraud) for a maximum of seven days, after which it will then be deleted. Data that must be stored beyond this period for purposes of proof or where required to fulfill a legal obligation are exempted from erasure until the incident in question has been definitively resolved and for as long as the legal obligation exists.

3.2. Contact inquiries and newsletter

You can use the contact forms found on our website to contact us, in which case we will process the data entered in the forms. Alternatively, you can also contact us via our e-mail address. The personal data that is transmitted with the e-mail shall be processed in this case. You furthermore have the opportunity to subscribe to a free newsletter on our website. The data from the form will be transferred to us when you sign up for the newsletter. In addition, we also store your IP address as well as the date and time at which you contact us and register to receive the newsletter. We use the double opt-in procedure to document your consent. This means we will send you a confirmation e-mail containing a confirmation link to the e-mail address you provided after you register.

3.2.1. Data recipient

The data transmitted to us will be processed by the internal bodies at the company which are responsible for the respective business process. If your request is directed at another Jinko company, we shall forward this to the relevant company.

3.2.2. Purpose of data processing and legal basis

The processing of personal data from the form is used to handle your request. The other personal data that is processed during transmission or when you sign up for the newsletter (such as your IP address, the date and time, etc.) serve to prevent misuse of the contact form, to verify that you registered for the newsletter, to allow for the investigation of any potential misuse of your personal data, and to ensure our IT systems are secure.

When contacting us (via the contact form or by e-mail), your information shall be processed for the purpose of handling and processing your contact request pursuant to Art. 6(1)(f) of the GDPR. If contact is made for the purpose of concluding a contract, an additional legal basis for processing is Art. (6)(1)(b) of the GDPR.

When you register for our newsletter, we obtain your consent for the processing of data and make reference to this Privacy Policy. The legal basis for data processing is therefore Art. 6(1)(a) of the GDPR.

If you purchase goods or services on our website and provide your e-mail address during the process, it may subsequently be used for mailing a newsletter. In such cases, the newsletter is limited exclusively to direct marketing of our own similar goods or services. The legal basis for sending the newsletter as a result of the sale of goods or services is Art. 95 of the GDPR in conjunction with Art. 7(3) of the German Unfair Competition Act (UWG).

3.2.3. Duration of data storage

We delete personal data when it is no longer required to achieve the purpose for which it was collected.

This also applies for personal data from the contact form and for personal data transmitted via e-mail if the relevant conversation with the user is terminated. The conversation is ended if it can be inferred from the circumstances that the issue in question or the request for information has been fully resolved.

The data that is voluntarily transferred by you in order to receive the newsletter shall be stored for as long as the newsletter subscription is active.

The other personal data collected when contact is made and during the registration process (e.g., IP address, date, and time) shall generally be deleted after seven days.

Data that must be stored beyond this period for purposes of proof or where required to fulfill a legal obligation are exempted from erasure until the incident in question has been definitively resolved and for as long as the legal obligation exists.

3.2.4. Right to withdraw consent

You can withdraw your consent to receive the newsletter and unsubscribe from it at any time. To withdraw your consent, click the link found in each newsletter or [the following link on our website [insert link]]. You can also send an e-mail to [insert e-mail address] or post a letter to the address in the contact details found in the imprint.

3.3. Cookies

3.3.1. Purpose and legal basis

Our website uses cookies. Cookies are small text files that are stored on your computer when you access our website. Cookies do not harm your computer, nor do they contain malware, e.g., viruses. Cookies contain a distinctive string of characters that allows your browser to be uniquely identified when it accesses the website again in the future. Some elements of our website require that it be possible to identify the requesting browser after switching to a new page.
This does not work by association with you personally, but rather by assigning an identification number to the cookie (‘cookie ID’). This cookie ID is not combined with your name, IP address, or similar data that would enable the cookie to be attributed to you.

This website uses transient and persistent cookies.

  1. a) Transient cookies are automatically deleted when you close the browser. This includes in particular session cookies that store a so-called session identifier that can be used to assign various inquiries from your browser during the shared session. This allows your computer to be recognized when it returns to the website. Session cookies are deleted when you log out or close your browser.
  2. b) Persistent cookies are automatically deleted after a prescribed time period, which can vary based on the cookie. You can delete these cookies in the security settings of your browser at any time.

We use cookies to make our website more attractive and user-friendly, to improve it, and to accelerate the handling of queries. Some elements of our website require that it be possible to identify the requesting browser after switching to a new page. In this regard, it is necessary for a browser to be recognized even after the user visits a different page.

The legal basis for the processing of personal data using cookies, which are necessary from a technical standpoint, is Art. 6(1)(f) of the GDPR.

3.3.2. Duration of data storage

Session cookies are deleted when the browser is closed.

Persistent cookies are deleted automatically [after a specified period of time].

Data that must be stored beyond this period for purposes of proof or where required to fulfill a legal obligation are exempted from erasure until the incident in question has been definitively resolved and for as long as the legal obligation exists.

3.4. Processing of customer data

3.4.1. Purpose and legal basis

We only collect, process, and use our customers’ personal data where this is required substantive arrangement or amendment of a legal relationship between Jinko and a customer or in order to provide customers with information and services.

This is done on the legal basis of Art. 6(1)(b) of the GDPR, which permits the processing of data for the purpose of fulfilling a contract or in order to take steps prior to entering into a contract.

We furthermore use personal data for reporting purposes, for example, in order to ensure a high level of customer satisfaction, to assess the quality of our products and services, for production processes and quality control, and to streamline internal administrative processes. We also use personal data on occasion to contact customers and to carry out surveys for purposes of marketing and quality assurance.

This is done on the legal basis of Art. 6(1)(f) of the GDPR.

3.4.2. Duration of data storage

Customer data that is collected shall be deleted upon conclusion of the contract or termination of the business relationship. Data that must be stored beyond this period for purposes of proof or where required to fulfill a legal obligation are exempted from erasure until the incident in question has been definitively resolved and for as long as the legal obligation exists.

  1. Data Security

We take technical, contractual, and organizational measures to safeguard the security of data processing in accordance with the state of the art in technology. In doing so, we ensure that the provisions of data protection law, and the General Data Protection Regulation in particular, are complied with, and that the data processed by us is protected against destruction, loss, modification, and unauthorized access. These security measures include the encrypted transmission of data between your browser and our servers. Please note that SSL encryption for transmissions carried out over the Internet is only activated when the key symbol appears in the bottom menu bar of your browser window and the address begins with https://. Using SSL (Secure Socket Layer) means that the data transmission is protected against the illegal access of third parties by means of encryption technology. Should this option not be available, you may also decide not to send certain data over the Internet.

All the information that you send to us is stored and processed on our servers in the Federal Republic of Germany.

  1. Forwarding Data to Third Parties and Third-Party Providers

Data is only forwarded to third parties in line with statutory regulations. We pass the data of users on to third parties only where this is required, for example, for the performance of a contract to which you are party or in order to take steps at your request prior to entering into a contract on the basis of Art. 6(1)(b) of the GDPR or on the grounds of our legitimate interests within the meaning of Art. 6(1)(f) of the GDPR for the economic and effective operation of our business.

Within the course of processing orders, we rely on subcontractors for the provision of our services, especially the operation, maintenance, and hosting of the website pursuant to Art. 28 of the GDPR. We have taken appropriate legal precautions and suitable technical and organizational measures to ensure the protection of personal data in accordance with the relevant statutory regulations.

  1. External Services and Content on Our Website

We include third-party services and/or content on our website.

6.1. Google Maps

Our website uses Google Maps to display interactive maps and to generate route plans. Google Maps is a map service of Google Inc., 1600 Amphitheatre Parkway, Mountain View, California 94043, USA (‘Google’).

If you access a page on our website that contains a map from Google Maps, your browser will establish a direct link to Google servers. The map content is transmitted by Google directly to your browser, which integrates it into the website. Google may process in particular the following information from you:

  • Date and time of the visit to our website
  • Internet address or URL of our website
  • IP address
  • (Origin) address entered for route planning
  • Device-specific information such as your hardware model, operating system version, unique device identifiers, and mobile network information including phone number
  • Information on how you used Google services, such as your search queries
  • Location information, such as, potentially, your actual location

This takes place regardless of whether you have a Google user account or whether you are logged on to your user account. If you have a Google account and you are logged on, the data transmitted to Google can be linked to your Google account. You can find more information on how to view, manage, or delete data linked to your Google account in the Google Privacy Policy (https://policies.google.com/privacy).

We have no influence over the processing and use of data by Google and therefore cannot assume any responsibility for it.

You may also set your browser to block all cookies, including cookies associated with Google services, or to indicate when a cookie is being set by Google. In this case, however, maps from Google Maps may not be displayed properly.

The Google Privacy Policy (https://policies.google.com/privacy) as well as the additional terms of service of Google Map/Google Earth (http://www.google.com/intl/de_de/help/terms_maps.html) shall apply for the processing and use of data by Google as well as your associated rights and settings options to protect your privacy.

The use of Google Maps takes place on the basis of Art. 6(1)(f) of the GDPR.

6.2. Google Fonts

In order to present our content correctly and in a graphically appealing manner on all browsers, we use script and font libraries made available by Google as Google Web Fonts (https://www.google.com/webfonts/) on this website. The Web Fonts are integrated by way of a server call to Google servers.  Google Web Fonts are transferred to your browser’s cache to prevent multiple loading. Google may process your data here. If your browser does not support Google Web Fonts or does not allow access, content will be displayed in a default font. We have no influence over the processing and use of data by Google and therefore cannot assume any responsibility for it.

Go to https://developers.google.com/fonts or view the Google Privacy Policy at https://policies.google.com/privacy to find out more about Google Web Fonts.

The legal basis for the use of Google Fonts is Art. 6(1)(f) of the GDPR.

6.3. YouTube

We embed YouTube videos on some pages on our website. YouTube, LLC, 901 Cherry Ave., San Bruno, CA 94066, USA (‘YouTube’) is the operator of the corresponding plug-ins. When you visit a page on our website with the YouTube plug-in, a connection to YouTube servers is established. In the process, YouTube will be informed which pages you visit. This takes place regardless of whether you have a YouTube user account and are logged on to this account. If you are logged into your YouTube user account, YouTube can assign your surfing behavior to you personally. You can prevent this by logging out of your YouTube account beforehand. If you are logged on to Google, the data collected on you will also be attributed to your Google user account. You can prevent this by logging out of your Google user account beforehand.

When you start a YouTube video, the provider uses cookies that collect data on user behavior. If you have disabled the storage of cookies for the Google Ad program, you can assume that no such cookies will be set when you watch YouTube videos. However, YouTube stores further, non-personal user data in other cookies. If you want to prevent this, you will need to disable cookies in your browser settings.

For more information on data protection at YouTube, refer to the provider’s privacy policy here: https://www.google.com/intl/en/policies/privacy/ Google processes your personal data also in the USA and is subject to the EU-U.S. Privacy Shield, https://www.privacyshield.gov/EU-US-Framework.

The use of YouTube takes place on the basis of Art. 6(1)(f) of the GDPR.

  1. Google Analytics

7.1. Google Analytics cookies

Our website uses Google Analytics, a Web analytics service from Google. Google Analytics uses cookies, which are text files stored on your computer to help the website analyze how you use the website. The information generated by the cookie about your use of this website is typically transmitted to and stored by Google on servers in the USA. [However, our website uses Google Analytics with the ‘_anonymizeIP()’ add-on. Because IP anonymisation is activated on our website, your IP address will be shortened by Google beforehand within the member states of the European Union or in other signatories to the Agreement on the European Economic Area (EEA). This prevents your IP address from being directly linked to you personally. Only in exceptional cases will the full IP address be sent to a Google server in the USA and be shortened there.]  Google uses this information, on behalf of the operator of this website, for the purpose of evaluating your use of the website, compiling reports on website activity, and providing other services relating to website activity and Internet usage for the website operator. The IP address transferred to us by your browser as part of Google Analytics shall not be combined with any other data held by Google.

You may prevent the storage of cookies by selecting the appropriate settings on your browser software. However, please note that if you do this you may not be able to use the full functionality of this website. You can also prevent the recording of data generated by the cookie about your use of the website (including your IP address) by Google and the processing of this data by Google by downloading and installing the browser plug-in available at the following link: Google Analytics Opt-out Browser Add-on. In addition or as an alternative to the browser add-on, you can prevent tracking by Google Analytics on our websites by clicking this link. An opt-out cookie will be installed on your device. This will prevent the collection by Google Analytics for this website and for this browser in the future, as long as the cookie remains installed in your browser.

We use Google Analytics to analyze our website and make regular improvements to it. Using the generated statistics allows us to improve our website and to make it more interesting for you as a user. For those exceptional cases in which personal data is transferred to the United States, Google is subject to the EU-U.S. Privacy Shield: https://www.privacyshield.gov/EU-US-Framework.

The legal basis for the use of Google Analytics is Art. 6(1)(f) of the GDPR.

[7.2. Use of Google Remarketing 

This website uses Google’s remarketing function. It is used to present website visitors within the Google ad network with advertisements based on their personal interests. This application makes it possible for our advertisements to be displayed to you when you continue to browse the Internet after visiting our website. This is made possible by cookies saved on your browser, with which your user behavior is recorded and analyzed by Google when you visit various websites. This way, Google can identify your previous visit to our website. According to Google, data collected within the framework of the remarketing application is not merged with your personal data, which may be stored by Google. Google particularly asserts that remarketing data is first pseudonymized before processing.

However, if you do not wish to use Google's remarketing feature, you can disable it by making the appropriate settings under http://www.google.com/settings/ads. Alternatively, you can disable the use of cookies for interest-based advertising through the Advertising Network Initiative by following the instructions at http://www.networkadvertising.org/managing/opt_out.asp.]

  1. Social Media Plug-ins

We use the following social media plug-ins on our website:

Facebook Inc. (1601 S. California Ave, Palo Alto, CA 94304, USA)
Twitter Inc. (795 Folsom St., Suite 600, San Francisco, CA 94107, USA)
LinkedIn Ireland Unlimited Company (Wilton Place,
Dublin 2, Ireland)

Google Plus/Google  (1600 Amphitheatre Parkway, Mountain View, CA 94043, USA)WhatsApp Ireland Limited (4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland)

 

You can recognize the social media plug-ins based on the accompanying logo.

These plug-ins may be used to send information, which may include personal data, to the service provider where it may then be used by them. [We use a 2-click solution  to prevent the unintentional and unwanted collection and transmission of data to the relevant provider. The social media plug-in you wish to install will not be activated until you click on the accompanying logo. The collection of information and its transmission to the relevant provider will not be triggered until the social media plug-in has been activated.] We do not collect any personal data by way of the social media plug-in or through its use.

We have no influence over which data is collected by the relevant provider if the social media plug-in is activated or over how it is used by the provider. It must be assumed at the moment that a direct link will be established to the services of the relevant provider and that the IP address and device-specific information, at minimum, will be collected and utilized. It is also possible that the providers will attempt to store cookies on your computer. Please refer to the following privacy policy of the respective provider to find out which specific data is collected and how it is used.

  1. Your Rights

If we process your personal data, this means that you are a data subject pursuant to the General Data Protection Regulation (GDPR), and that you have the following rights regarding us in relation to the personal data in question:
• Right of access (Art. 15 GDPR)
• Right to rectification (Art. 16 GDPR)
• Right to erasure (Art. 17 GDPR)
• Right to restriction of processing (Art. 18 GDPR)
• Right to data portability (Art. 20 GDPR)
• Right to object to processing (Art. 21 GDPR)

where the corresponding legal requirements to assert such claims are met. The restrictions set out in Sections 34 and 35 of the German Federal Data Protection Act (BDSG) apply regarding the right of access pursuant to Art. 15 GDPR and regarding the right to erasure pursuant to Art. 17 GDPR.

You furthermore have the right to lodge a complaint with a data protection supervisory authority regarding our processing of your data (Art. 77 of the GDPR in conjunction with Art. 19 of the BDSG).

  1. Changes to the Privacy Policy

We reserve the right to make changes to the Privacy Policy in order to update it in line with changed legal conditions or in the event of changes to the service or data processing. However, this only applies with regard to clarifications relating to data processing. Where consent is required from the user or elements of the Privacy Policy contain provisions concerning the contractual relationship with the user, these changes will only be made with the user’s consent.

Please review the contents of the Privacy Policy periodically.

  1. Right to Object

You have the right to object at any time to the processing of your personal data which is based on Art. 6(1)(f) of the GDPR.

Once you object, we shall no longer process the data concerning you, unless we can demonstrate compelling legitimate grounds for the processing which override the interests, rights, and freedoms of the data subject or for the establishment, exercise, or defense of legal claims.

As the user, you have complete control over the use of cookies. By modifying the settings for your Internet browser, you can set the browser so that cookies are never stored or are automatically deleted at the end of your browsing session. To do so, select ‘Do not accept cookies’ in the settings for your browser. In Microsoft Internet Explorer, select ‘Options > Internet Options > Privacy > Settings’ to do this; in Firefox, select ‘Options > Settings > Privacy > Cookies’); if you are using a different Internet browser, please check your browser’s help function for instructions on how to block and delete cookies. However, please note that if you block or delete cookies, you may not be able to use of all the features on this website.

Where your personal data is processed for direct marketing purposes, you shall have the right to object at any time to processing of your personal data for such marketing, which includes profiling to the extent that it is related to such direct marketing. If you object to processing for the purpose of direct marketing, your personal data shall no longer be processed for this purpose.

 

We assume that Jinko stores personal data of customers in a customer relationship management system ("CRM system"), which can also be accessed by other Jinko entities. As far as Jinko entities from third countries can access customer data via a CRM system, data processing does not only take place in Germany.

With regard to the use of Google Analytics legal risks could be reduced by activating the IP anonymization function. Please check whether Jinko has activated the IP anonymization function. Furthermore it is recommended to agree to a data processing agreement with Google. It also should be ensured that a functional opt-out option for the data subject exists when visiting the website via browser from a mobile device. Additionally, the German supervisory authorities demanded based on the law applicable before 25 May 2018, that all old data obtained before implementation of the measures mentioned has to be deleted.

It is doubtful whether Google Remarketing is legally permissible under the GDPR, since usually personal data are processed with the use of retargeting tools. In order to reduce this risk, it is recommend to obtain consent from the data subjects at least via a corresponding cookie banner. However, this does not guarantee the exclusion of existing legal risks.

Please check if Jinko could reduce legal residual risks by using the privacy enhanced mode.

 

© 2019 Jinko Solar GmbH & ADVIGA GmbH