Data protection
This Privacy Policy informs you about the type, scope and purpose of the processing of personal data (hereafter simply “data”) within our website.
I Name and address of the controllers
The controllers as defined by the General Data Protection Regulation and other national data protection laws of the Member States as well as other legal data protection provisions are:
50Hertz Transmission GmbH
Heidestraße 2
10557 Berlin
Executive Board: Stefan Kapferer (CEO), Marco Nix, Dr. Dirk Biermann, Sylvia Borcherding
Phone: +49 30 5150 – 0
Email: info@50Hertz.com
Amprion GmbH
Robert-Schuman-Straße 7
44263 Dortmund
Executive Board: Dr. Hans-Jürgen Brick (CEO), Dr. Hendrik Neumann, Peter Rüth
Phone: +49 231 5849 – 0
Email: info@amprion.net
TenneT TSO GmbH
Bernecker Straße 70
95448 Bayreuth
Executive Board: Tim Meyerjürgens, Maarten Abbenhuis, Dr. Arina Freitag
Phone: +49 921 50740 – 0
Email: info@tennet.eu
TransnetBW GmbH
Pariser Platz
Osloer Straße 15–17
70173 Stuttgart
Executive Board: Dr. Werner Götz (Chairman), Michael Jesberger, Dr. Rainer Pflaum
Phone: +49 711 21858 – 0
Email: info@transnetbw.de
II Name and address of the Data Protection Officer
The Data Protection Officer of the controller is:
Christian Fritz
TenneT TSO GmbH
Bernecker Straße 70
95448 Bayreuth | Germany
Phone: 0921-50740-4050
Email: Datenschutz@tennet.eu
III General information on data processing
1. Scope of the processing of personal data
We process the personal data of our users only insofar as this is necessary to provide a functional website as well as our content and services. In general, the processing of the personal data of our users takes place only after the user has provided corresponding consent. An exception applies in such cases where obtaining prior consent is not possible for legitimate grounds and the processing of the data is permitted in accordance with legal regulations.
2. Legal basis of the processing of personal data
Insofar as we obtain consent from the data subject for the processing of personal data, Art. 6 (1)(a) of the EU General Data Protection Regulation (GDPR) serves as the legal basis.
In the case of the processing of personal data for the fulfilment of a contract to which the data subject is a contractual party, Art. 6 (1)(b) GDPR serves as the legal basis. This also applies to processing that is required for the performance of precontractual measures.
Insofar as the processing of personal data is required for the fulfilment of a legal obligation to which our companies are subject, Art. 6 (1)(c) GDPR serves as the legal basis.
In the event that processing is necessary to protect the vital interests of the data subject or of another natural person, Art. 6 (1)(d) GDPR serves as the legal basis.
If the processing is required to protect a legitimate interest of our companies or a third party and if this interest is not overridden by the interests, basic rights and basic freedoms of the data subject, Art. 6 (1)(f) GDPR serves as the legal basis for the processing.
3. Data erasure and storage duration
The personal data of the data subject shall be erased or restricted as soon as the purpose of the storage no longer applies. Storage can take place beyond this if this is stipulated by European or national legislators in Union regulations, laws or other rules to which the controller is subject. Restriction or erasure of the data shall also take place if a storage period mandated by the specified standards expires, unless there is a necessity for further storage of the data for the conclusion or fulfilment of a contract.
4. Cooperation with processors and third parties
Insofar as we disclose, transmit or otherwise grant access to data to other persons and companies (processors or third parties) in the course of our processing, this shall take place only on the basis of a legal authorisation, your consent, a legal obligation or our legitimate interests (e.g. when making use of agents, web hosts, etc.). If we contract with third parties to process data on the basis of a so-called “data processing agreement”, this shall take place on the basis of Art. 28 GDPR.
IV Provision of the website and creation of log files
1. Description and scope of the data processing
Upon every access of our internet site, our system automatically collects data and information from the computer system initiating the access. The following data are collected here:
- Information about the browser type and version used
- The operating system of the user
- The IP address of the user
- The date and time of access
- Websites from which the user’s system navigated to our internet site
- Websites that are accessed by the user’s system via our website
The data are also stored in log files of our system. These data together are never stored in conjunction with other personal data of the user.
2. Legal basis for the data processing
The legal basis for the temporary storage of the data and the log files is Art. 6 (1)(f) GDPR.
3. Purpose of the data processing
Temporary storage of the IP address by our system is necessary to enable delivery of the website to the computer of the user. For this purpose, the IP address of the user must be stored for the duration of the session.
The storage in log files takes place in order to ensure the proper functioning of the website. The data also assists us with optimising the website and ensuring the security of our IT systems. No analysis of the data for marketing purposes takes place in this regard.
These purposes are the basis for our legitimate interest in data processing as per Art. 6 (1)(f) GDPR.
4. Duration of storage
The data will be deleted once they are no longer required for the purposes for which they were collected. For data collected for provision of the website, this is the case once the respective session has ended.
For data stored in log files, this is the case after no longer than 14 days. Storage beyond this time is possible. In this case, the IP addresses of the users are erased or anonymised such that an association with the accessing clients is no longer possible.
5. Option to object or remove
The collection of the data for provision of the website and the storage of the data in log files is absolutely essential for operation of the internet site. The user therefore has no option to object.
V Use of cookies
1. Description and scope of the data processing
Our website uses cookies. Cookies are text files saved in the internet browser or by the internet browser on the computer system of the user. When the user loads a website, a cookie can be saved in the operating system of the user. This cookie contains a characteristic sequence of characters that permits unique identification of the browser when the website is loaded again.
The user data collected in this way is pseudonymised via technical measures. An association of the data with the accessing user is therefore no longer possible. The data are not stored together with other personal data of the users.
2. Legal basis for the data processing
The legal basis for the processing of personal data via the use of cookies is Art. 6 (1)(f) GDPR.
3. Purpose of the data processing
The use of the analysis cookies takes place for the purpose of improving the quality of our website and its content. By means of the analysis cookies, we learn how the website is used, enabling us to continuously optimise our offering.
These purposes are also the basis for our legitimate interest in the processing of personal data as per Art. 6 (1)(f) GDPR.
4. Duration of storage, option to object or remove
Cookies are saved on the computer of the user and sent from there to our site. For this reason, you as user also have full control over the use of cookies. By changing the settings in your internet browser, you can deactivate or restrict the saving of cookies. Cookies that have already been saved can be deleted at any time. This can also be automated. If cookies are deactivated for our website, it may not be possible to use all functions of the website.
VI Newsletter
1. Description and scope of the data processing
1.1 Newsletter
Our website offers the option of subscribing to a free newsletter. During registration for the newsletter, the following data are sent to us from the input form:
- Form of address
- First name
- Last name
- Email address
- Address (street, house number, postal code, city, federal state) (if provided)
- Institution (if provided)
As part of the registration process, your consent for processing of the data is obtained and a reference to this Privacy Policy is provided. The registration for our newsletter takes place according to a double opt-in process. In other words, after registering you will receive an email asking you to confirm your registration. This confirmation is required so that no one can register with an email address that does not belong to them. The registrations for the newsletter are logged in order that the registration process can be documented according to the legal requirements. This includes saving of the time of registration and confirmation as well as the IP address. Changes to your data stored by the distribution service provider are also logged.
1.2 Distribution
The distribution of the newsletter is carried out by “Campaign Monitor”, a newsletter distribution platform of the provider Campaign Monitor Pty Limited, L38, 201 Elisabeth St, 2000 Sydney, Australia (“distribution service provider”). The privacy policy of the distribution service provider can be viewed here: https://www.campaignmonitor.com/policies/#privacy-policy.
In addition, the distribution service provider can, according to its own policy, make use of these data in pseudonymised form, i. e. without association with a user, for optimisation or improvement of its own services, e. g. for technical optimisation of the distribution and display of the newsletter or for statistical purposes to determine which countries the recipients are located in. However, the distribution service provider does not utilise the data of our newsletter subscribers to contact them on its own behalf or to share their data with third parties.
1.3 Success tracking
The newsletters contain a so-called “web beacon”, in other words a pixel-sized file that is accessed from the server of the distribution service provider upon opening of the newsletter. When this access takes place, technical information is collected, such as information about the browser and your system, including your IP address and the time of access. This information is used for technical improvement of the service based on the technical data or the target groups and their reading behaviour based on the access locations (which can be determined with the help of the IP address) or the access times. The statistical data collection also includes the determination of whether the newsletter was opened, when it was opened and which links were clicked. For technical reasons, it is possible to associate this information with the individual newsletter recipients. However, it is neither our wish nor that of the distribution service provider to observe individual users. Rather, the analyses serve to identify the reading habits of our users and to adapt our content accordingly or to send different content in accordance with the interests of our users.
2. Legal basis for the data processing
The legal basis for processing of the data after registration for the newsletter by the user and upon containing the consent of the user is Art. 6 (1)(a) GDPR.
3. Purpose of the data processing
The collection of the email address of the user serves for delivery of the newsletter. The collection of other personal data in the course of the registration process serves to prevent misuse of the services or the email address used.
4. Duration of storage
The data will be deleted once they are no longer required for the purposes for which they were collected. The email address of the user will therefore be stored for as long as the subscription to the newsletter is active. The other personal data collected in the course of the registration process are described in sections IV and VIII.
5. Option to object or remove
The subscription to the newsletter can be terminated at any time by the specific user. A corresponding link is provided in every newsletter for this purpose. This also enables a withdrawal of the consent to the storage of the personal data collected during the registration process.
Alternatively, the subscription to the newsletter can also be terminated by sending an email to abmeldung@netzentwicklungsplan.de.
VII Consultation on the Network Development Plan Electricity
1. Purpose of the data processing
Paragraphs 12a-d of the Energy Industry Act (EnWG) regulate the creation of the joint German Network Development Plan Electricity (GDP) by the transmission system operators (TSOs). The NDP contains all active measures for the demand-based optimisation, enhancement and expansion of the grid that are necessary within the period under consideration for ensuring secure and reliable grid operations.
After publication of the first draft of the Network Development Plan Electricity, the transmission system operators are obliged according to EnWG Section 12b (3) to offer the public, including the actual or potential grid users, the downstream grid operators, public interest groups and the energy supervisory authorities of the states, an opportunity to express themselves.
For the purpose of processing and considering the consultation comments, the comments themselves as well as personal data supplied by the consultation participants are collected.
The received comments are reviewed by the transmission system operators and enter into the second draft of the Network Development Plan Electricity. A summary in the second draft of the Network Development Plan Electricity provides information on how the results of the consultation have been taken into account.
2. Description and scope of the data processing
In collection of the consultation comments received by email to konsultation@netzentwicklungplan.de or via the form on the website www.netzentwicklungsplan.de, the following personal data are transmitted to us and stored together with the consultation comment insofar as they are provided by the consultation participant upon submission of the consultation comment:
- Form of address
- Last name
- First name
- Email address
- Private person / organisation
- Name of the organisation
- Address (street, house number, postal code, city)
- Federal state
The comments are collected electronically in a database for further processing and consideration in the NDP process together with the personal data, tagged with key words and evaluated by the transmission system operators.
For processing purposes, a data record is created upon inclusion of each comment. This requires the prior creation of a user account. In order to meaningfully process and associate the comment with the submitting party, personal data are requested during the user registration process on the website.
The received comments are reviewed by the transmission system operators and enter into the second draft of the Network Development Plan Electricity. A summary in the second draft of the Network Development Plan Electricity provides information on how the results of the consultation have been taken into account.
Comments for which a declaration of consent has been received and that were submitted by email or via the contact form on the website are published in anonymised form on the website www.netzentwicklunsplan.de. The publication takes place anonymously and only with the express prior declaration of consent by the consultation participant. Consultation participants can provide their consent either by accepting publication in the input form on the website or, in the case of participation by email, by means of a written declaration.
We therefore ask that you expressly state along with your comment whether you consent to publication.
Please note that the publication of comments received by post is not possible. It is also not possible to individually respond to any of the received comments.
If a consultation participant would like to have portions of the comment handled confidentially, this must be made clear in the form of a written instruction. When sharing confidential documents, portions can also be blacked out. Passages marked as confidential or blacked out will be published in an undecipherable manner.
3. Legal basis of the data processing
The legal basis for the processing of the data is the legal obligation of the transmission system operators as per Section 12b (3) after publication of the first draft of the Network Development Plan Electricity to offer the public, including actual or potential grid users, the downstream grid operators, public interest groups and the energy supervisory authorities of the states, an opportunity to express themselves. (GDPR Art. 6 (1)(c))
Upon submission of the consultation comments, the consultation participants consent to the data processing described above. (GDPR Art. 6 (1)(a))
4. Duration of storage
The consultation comments will be erased, together with the personal data of the consultation participants, when the legally mandated process of the Network Development Plan Electricity is concluded or the erasure of the personal data is desired by the consultation participants.
5. Options to object or remove
Consultation participants have the right for their personal data provided and stored in connection with a consultation comment to be corrected or erased at any time. For this purpose, an email must be sent to info@netzentwicklungsplan.de containing the objection to the storage of the data or the desired correction.
The publication of anonymised consultation comments can also be objected to even after the provision of consent. For this purpose, an email must be sent to info@netzentwicklungsplan.de.
VIII Email contact
1. Description and scope of the data processing
It is possible to contact us via the provided email addresses. In this case, the personal data of the user transmitted with the email will be saved. No sharing of the data with third parties will take place in connection with this. The data will be used exclusively for the processing of the conversation.
2. Legal basis for the data processing
The legal basis for the processing of data transmitted in the course of sending an email is Art. 6 (1)(f) GDPR. If the purpose of the email contact is the conclusion of a contract, Art. 6 (1)(b) GDPR serves as an additional legal basis for the processing.
3. Purpose of the data processing
The processing of the personal data from the email serves us solely for processing of the contact. This is also the basis for the necessary legitimate interest in the processing of the data.
4. Duration of storage
The data will be deleted once they are no longer required for the purposes for which they were collected. For the personal data that were transmitted by email, this is the case when the respective conversation with the user is finished. The conversation is finished when it is clear from the circumstances that the subject at hand has been conclusively addressed.
5. Option to object or remove
The user has the option at any time to revoke his or her consent to the processing of the personal data. If the user contacts us by email (abmeldung@netzentwicklungsplan.de), he or she can object to the storage of his or her personal data at any time. In such a case, the conversation cannot be continued.
All personal data stored in the course of the contact will in this case be erased.
IX Web analysis by Matomo (formerly PIWIK)
1. Scope of the processing of personal data
On our website, we make use of the open source software tool Matomo (formerly PIWIK) for analysis of the surfing behaviour of our users. The software places a cookie on the computer of the user (regarding cookies, see above). If individual pages of our website are accessed, the following data are saved:
- Two bytes of the IP address of the accessing system of the user
- The accessed web page
- The website from which the user arrived at the accessed web page (referrer)
- The sub-pages that are accessed from the accessed web page
- The time spent on the web page
- The frequency of accessing the web page.
The software runs exclusively on the servers of our web site. Storage of the personal data of the users only takes place there. No sharing of the data with third parties takes place.
The software is configured such that the IP addresses are not saved in their entirety; rather, two bytes of the IP address are masked (e.g.: 192.168.xxx.xxx). This makes it impossible to associate the shortened IP address with the accessing computer.
2. Legal basis of the processing of personal data
The legal basis of the processing of the personal data of the users is Art. 6 (1)(f) GDPR.
3. Purpose of the data processing
The processing of the personal data of the users enables us to analyse the surfing behaviour of our users. By analysing the data obtained, we are able to compile information about the use of the individual components of our website. This helps us to continuously improve our website and its user-friendliness. These purposes are also the basis for our legitimate interest in the processing of data as per Art. 6 (1)(f) GDPR. The anonymisation of the IP address takes place in consideration of the interests of the users in the protection of their personal data.
4. Duration of storage
The data are erased as soon as they are no longer needed for our logging purposes. In our case, this is the case after 3 months.
5. Option to object or remove
Cookies are saved on the computer of the user and sent from there to our page. For this reason, you as user also have full control over the use of cookies. By changing the settings in your internet browser, you can deactivate or restrict the saving of cookies. Cookies that have already been saved can be deleted at any time. This can also be automated. If cookies are deactivated for our website, it may not be possible to use all functions of the website.
You can decide whether a unique web analysis cookie may be saved in your browser in order to enable the operator of the website to collect and analyse various statistical data. If you would like to refuse this, click on the link at the end of the page to store the Matomo deactivation cookie in your browser.
More information on the privacy settings of the Matomo software can be found under the following link: https://matomo.org/docs/privacy/.
X Vimeo
1. Purpose and scope of the processing of personal data
We integrate videos of the platform “Vimeo” of the provider Vimeo Inc. (555 West 18th Street New York, New York 10011, USA) into our website in order to improve our offering. When you access a page of our website containing such a video, your browser establishes a direct connection to the servers of Vimeo. In this way, Vimeo receives the information that your browser has accessed the corresponding page of our website even if you do not have a Vimeo profile or are not currently logged into Vimeo. This information (including your IP address) will be transmitted from your browser directly to a server of Vimeo in the USA and saved there. If you are logged into Vimeo, Vimeo can directly associate the visit to our website with your Vimeo account. If you do not wish for Vimeo to directly associate the data collected via our website with your Vimeo account, you must log out of Vimeo before visiting our website. More information on the privacy settings of Vimeo can be found under the following link: https://vimeo.com/privacy/.
2. Legal basis of the processing of personal data
The legal basis of the processing of the personal data of the users is Art. 6 (1)(f) GDPR.
XI Rights of the data subject
If your personal data are processed, you are a data subject as defined by the GDPR and you have the following rights with respect to the controller:
1. Right of access
You can request a confirmation from the controller of whether personal data concerning you are being processed by us. If such processing exists, you can request the following information from the controller:
(1) the purposes for which the personal data are processed;
(2) the categories of personal data that are processed;
(3) the recipients and categories of recipients with whom the personal data concerning you have been disclosed or will be disclosed;
(4) the planned duration of the storage of the personal data concerning you or, if no concrete information on this is possible, criteria for determination of the storage duration;
(5) the existence of a right to request from the controller rectification or erasure of personal data concerning you, a right to restriction of processing of personal data concerning you or to object to such processing;
(6) the existence of a right to lodge a complaint with a supervisory authority;
(7) all available information about the origin of the data if the personal data are not collected from the data subject;
(8) the existence of automated decision-making, including profiling, referred to in Art. 22 (1) and(4) GDPR and, at least in those cases, meaningful information about the logic involved, as well as the significance and the envisaged consequences of such processing for the data subject.
You have the right to request information about whether the personal data concerning you are transferred to a third country or to an international organisation. In this regard, you can request to be informed about the appropriate safeguards pursuant to Art. 46 GDPR relating to the transfer.
2. Right to rectification
You have a right to rectification and/or completion with respect to the controller insofar as the processed personal data concerning you are incorrect or incomplete. The controller must carry out this rectification immediately.
3. Right to restriction of processing
Under the following conditions, you can request the restriction of processing of the personal data concerning you:
(1) if you contest the accuracy of the personal data concerning you for a period enabling the controller to verify the accuracy of the personal data;
(2) if the processing is unlawful and you oppose the erasure of the personal data and request the restriction of their use instead;
(3) if the controller no longer needs the personal data for the purposes of the processing, but these are required by you for the establishment, exercise or defence of legal claims, or
(4) if you have objected to the processing pursuant to Art. 21 (1) GDPR and it has not yet been established whether the legitimate grounds of the controller override your grounds.
Where processing of the personal data concerning you has been restricted, such personal data shall, with the exception of storage, only be processed with your consent or for the establishment, exercise or defence of legal claims or for the protection of the rights of another natural or legal person or for reasons of important public interest of the European Union or of a Member State.
If the processing has been restricted according to the above conditions, you will be informed by the controller before the restriction of processing is lifted.
4. Right to erasure
a) Erasure obligation
You can request from the controller the erasure of personal data concerning you without undue delay, and the controller shall have the obligation to erase these data without undue delay where one of the following grounds applies:
(1) The personal data concerning you are no longer necessary in relation to the purposes for which they were collected or otherwise processed.
(2) You withdraw your consent on which the processing is based according to Art. 6 (1)(a) or Art. 9 (2)(a) GDPR, and there is no other legal ground for the processing.
(3) You object to the processing pursuant to Art. 21 (1) GDPR and there are no overriding legitimate grounds for the processing, or you object to the processing pursuant to Art. 21 (2) GDPR.
(4) The personal data concerning you have been unlawfully processed.
(5) The personal data concerning you have to be erased for compliance with a legal obligation in Union or Member State law to which the controller is subject.
(6) The personal data concerning you have been collected in relation to the offer of information society services referred to in Article 8 (1) GDPR.
b) Exceptions
The right to erasure does not exist to the extent that the processing is necessary
(1) for exercising the right of freedom of expression and information;
(2) for compliance with a legal obligation which requires processing by European Union or Member State law to which the controller is subject or for the performance of a task carried out in the public interest or in the exercise of official authority vested in the controller;
(3) for reasons of public interest in the area of public health in accordance with points (h) and (i) of Art. 9 (2) as well as Article 9 (3) GDPR;
(4) for archiving purposes in the public interest, scientific or historical research purposes or statistical purposes in accordance with Art. 89 (1) GDPR insofar as the right referred to in section a) is likely to render impossible or seriously impair the achievement of the objectives of that processing; or
(5) for the establishment, exercise or defence of legal claims.
5. Right to be informed
If you have exercised the right to rectification, erasure or restriction of processing with respect to the controller, the controller is obligated to inform all recipients to whom it has disclosed the personal data concerning you of this rectification or erasure of the data or restriction of the processing, unless this proves to be impossible or involves disproportionate effort.
You have the right with respect to the controller to be informed of these recipients.
6. Right to object
You have the right to object, on grounds relating to your particular situation, at any time to processing of the personal data concerning you which is based on point (e) or (f) of Art. 6 (1) GDPR, including profiling based on those provisions.
The controller shall no longer process the personal data concerning you unless the controller demonstrates compelling legitimate grounds for the processing which override your interests, rights and freedoms or the processing serves for the establishment, exercise or defence of legal claims.
Where personal data concerning you are processed for direct marketing purposes, you have the right to object at any time to processing of the personal data concerning you for such marketing, which includes profiling to the extent that it is related to such direct marketing.
Where you object to processing for direct marketing purposes, the personal data concerning you shall no longer be processed for such purposes.
In the context of the use of information society services, and notwithstanding Directive 2002/58/EC, you may exercise your right to object by automated means using technical specifications.
7. Right to withdrawal of the declaration of consent pursuant to data protection law
You have the right to withdraw your declaration of consent pursuant to data protection law at any time. The withdrawal of consent shall not affect the lawfulness of processing based on consent before its withdrawal.
8. Right to lodge a complaint with a supervisory authority
Without prejudice to any other administrative or judicial remedy, you have the right to lodge a complaint with a supervisory authority, in particular in the Member State of your habitual residence, place of work or place of the alleged infringement, if you consider that the processing of the personal data concerning you infringes the GDPR.
The supervisory authority with which the complaint has been lodged shall inform the complainant on the progress and the outcome of the complaint including the possibility of a judicial remedy pursuant to Art. 78 GDPR.
XII Data protection information in accordance with GDPR for the digital event “Information and Dialogue Event for the Network Development Plan Electricity 2037/2045”
This data protection information informs you about the type, scope and purpose of the processing of personal data (hereafter simply “data”) in connection with the performance of the digital event “Information and Dialogue Event for the Network Development Plan Electricity 2037/2045” (hereafter simply “event”).
1. Name and address of the controller
The controller as defined by the General Data Protection Regulation and other national data protection laws of the Member States as well as other legal data protection provisions is:
50Hertz Transmission GmbH
Heidestraße 2
10557 Berlin
Executive Board: Stefan Kapferer (CEO), Marco Nix, Dr. Dirk Biermann, Sylvia Borcherding
Commercial registry: Amtsgericht Charlottenburg, HRB 84446
VAT ID number: DE 813473551
Phone: +49 30 5150 – 0
Email: info@50Hertz.com
Amprion GmbH
Robert-Schuman-Straße 7
44263 Dortmund
Executive Board: Dr. Hans-Jürgen Brick (CEO), Dr. Hendrik Neumann, Peter Rüth
Commercial registry: Amtsgericht Dortmund, HRB 15940
VAT ID number: DE 813761356
Phone: +49 231 5849 – 0
Email: info@amprion.net
TenneT TSO GmbH
Bernecker Straße 70
95448 Bayreuth
Executive Board: Tim Meyerjürgens, Maarten Abbenhuis, Dr. Arina Freitag
Commercial registry: Amtsgericht Bayreuth, HRB 4923
VAT ID number: DE 815073514
Phone: +49 921 50740 – 0
Email: info@tennet.eu
TransnetBW GmbH
Pariser Platz
Osloer Straße 15–17
70173 Stuttgart
Executive Board: Dr. Werner Götz (Chairman), Michael Jesberger, Dr. Rainer Pflaum
Commercial registry: Registergericht Stuttgart, HRB 740510
VAT ID number: DE 191008872
Phone: +49 711 21858 – 0
Email: info@transnetbw.de
2. Name and address of the Data Protection Officer
The Data Protection Officer of the controller is:
Christian Fritz
TenneT TSO GmbH
Bernecker Straße 70
95448 Bayreuth | Germany
Phone: +49 921-50740-4050
Email: Datenschutz@tennet.eu
3. General information on data processing
3.1 Scope of the processing of personal data
We process personal data of the participants only insofar as this is necessary for the performance of the event. In general, the processing of the personal data of the participants takes place only after the participants have provided corresponding consent. An exception applies in such cases where obtaining prior consent is not possible for legitimate grounds and the processing of the data is permitted in accordance with legal regulations.
3.2 Legal basis of the processing of personal data
Insofar as we obtain consent from the data subject for the processing of personal data, Art. 6 (1)(a) of the EU General Data Protection Regulation (GDPR) serves as the legal basis.
In the case of the processing of personal data for the fulfilment of a contract to which the data subject is a contractual party, Art. 6 (1)(b) GDPR serves as the legal basis. This also applies to processing that is required for the performance of precontractual measures.
Insofar as the processing of personal data is required for the fulfilment of a legal obligation to which our company is subject, Art. 6 (1)(c) GDPR serves as the legal basis.
In the event that processing is necessary to protect the vital interests of the data subject or of another natural person, Art. 6 (1)(d) GDPR serves as the legal basis.
If the processing is required to protect a legitimate interest of our company or a third party and if this interest is not overridden by the interests, basic rights and basic freedoms of the data subject, Art. 6 (1)(f) GDPR serves as the legal basis for the processing.
3.3 Data erasure and storage duration
The personal data of the data subject shall be erased or restricted as soon as the purpose of the storage no longer applies. Storage can take place beyond this if this is stipulated by European or national legislators in Union regulations, laws or other rules to which the controller is subject. Restriction or erasure of the data shall also take place if a storage period mandated by the specified standards expires, unless there is a necessity for further storage of the data for the conclusion or fulfilment of a contract.
3.4 Cooperation with processors and third parties
Insofar as we transmit or otherwise grant access to data to other persons and companies (processors or third parties) in the course of our processing, this shall take place only on the basis of a legal authorisation, your consent, a legal obligation, for the processing of contractual relationships with you or based on our legitimate interest in the data transmission (e.g. when making use of agents, web hosts, etc.). If we contract with third parties to process data on the basis of a so-called “data processing agreement”, this shall take place on the basis of Art. 28 GDPR.
4. Participation in the event
If you participate in the digital event “Scenario Framework Draft for the Next Network Development Plan Electricity” within the framework of the performance of the event, your usage data and possibly also your personal data may be processed by third-party providers of the respective individual technical platforms utilised (see item 5.).
5. Performance of the event via “Sweap”, data collection
For the performance of our event, we utilise the external webinar platform provider Sweap (Sweap Development GmbH, Rankestraße 9, 10789 Berlin). Upon accessing of the webinar platform Sweap, the browser used on your device automatically sends information to the server of Sweap. This information is temporarily stored in a log file for the following purpose:
- Ensuring the smooth establishment of a connection to the webinar platform,
- Ensuring the convenient use of the webinar platform,
- Performance of events in an online format with the help of conferencing and streaming tools,
- Handling of participants within the context of the performance of the event;
- Evaluation of the system security and stability, and
- For other administrative purposes.
The processing of the data takes place on the basis of your consent pursuant to Article 6 (1)(a) GDPR. You can withdraw your consent at any time by sending an email to info@netzentwicklungsplan.de. The legality of the processing based on your provided consent remains unaffected until the receipt of your withdrawal of consent.
In no case shall we or Sweap use the collected data for the purpose of drawing conclusions concerning your person. In addition, cookies are used during the visit to Sweap. More information on this can be found in item VI of this Privacy Policy and in the privacy policy of Sweap, which you can view here.
6. Use of cookies
In the context of the use of the webinar platform Sweap, cookies are set which identify you as a legitimate participant of the event. These are small files that are automatically created by your browser and saved on your device (laptop, tablet, smartphone, etc.) when you visit Sweap. Cookies do not cause any damage to your device and contain no viruses, trojans or other malware. Information is stored in the cookie that is associated with the specific device used. However, this does not mean that we or Sweap thereby receive direct knowledge of your identity.
The use of cookies by Sweap is absolutely necessary in order to even provide you with the services required for your participation in the event.
Insofar as these cookies are technically essential, the above purposes are the basis for our legitimate interest in the data processing. In these cases, the legal basis is Art. 6 (1)(f) GDPR.
Most browsers accept cookies automatically. However, you can configure your browser such that no cookies are saved on your computer or such that a message always appears before a new cookie is created. Complete deactivation of cookies may, however, make you unable to utilise all the functions of Sweap and possibly unable to participate in the event.
7. Registration for participation in the event
The access link provided to you will take you to the registration page of Sweap, where you can register for participation in the event “…”. During registration for the event, the following data are sent to Sweap from the input form:
- Form of address
- Title
- First name
- Last name
- Email address
- Company
- Function
The purpose for the collection of these data is to ensure the performance of the event and for the handling of participants in the course of the performance of the event.
During your registration for events or subsequently during the performance of the event, you can consent to a portion of your personal data provided during registration (first name, last name, company) being displayed to other registered and logged-in participants in a digital participants list in order for you to network with these persons.
The legitimate purposes of this data processing are the fundamental ability to implement the digital event format (proper fulfilment of a contract, Art. 6 (1)(b) GDPR), in other words enabling your interactive participation in the event, and securing potential legal claims of the event holder in the event of damages. If you do not wish these data to be saved, you may not be able to participate in the event. The data will be deleted once they are no longer required for the purposes for which they were collected – in other words for the period of the performance and follow-up of the event.
8. Use of the interaction tool Slido (surveys & chats), transmission of personal data to a third country
During the event, the participants can participate in surveys via the interaction tool Slido – a service of sli.do s.r.o., Vajinorska 100/A, 831 04 Bratislava, Slovakia. Use of this tool is optional; the event can also be attended without Slido. You can find additional information on data protection in the associated Privacy Policy of Slido: https://www.sli.do/terms#privacy-policy.
The legal basis for the processing of data transmitted in the course of utilising Slido is Art. 6 (1)(f) GDPR.
9. Streaming
The “live streaming” of an event is a special form of publication consisting of simultaneous publishing in the form of a live broadcast. The streaming of the event takes place via the provider Whitelabel. These platforms each have their own privacy policies, in which you can inform yourself about the handling of the corresponding data. The individual event holders will inform you of the specific platforms used for a stream; the privacy policies of the most commonly used platforms can be found here: https://sweap.io/de/datenschutz
Additional information on data protection and the usage conditions of Google Analytics can be found under: https://www.google.com/intl/de_de/help/terms_maps.html
10. Rights of the data subject
If your personal data are processed, you are a data subject as defined by the GDPR and you have the following rights with respect to the controller:
10.1 Right of access
In accordance with Art. 15 GDPR, you can request information from us concerning your personal data that are processed by us. In particular, you can request from us the processing purposes, the category of the personal data, the categories of recipients to whom your data have been or will be disclosed, the planned storage duration, the existence of a right to rectification, erasure, restriction of processing or objection, the existence of a right to lodge a complaint, the origin of your data if it was not collected by us, and the existence of automated decision-making, including profiling and potentially informative information on the details of such profiling.
10.2 Rectification
In accordance with Art. 16 GDPR, you can request the immediate correction or completion of incorrect or incomplete personal data concerning you that are stored by us.
10.3 Erasure
In accordance with Art. 17 GDPR, you can request the erasure of your personal data that are stored by us insofar as the processing is not required for exercising the right of freedom of expression and information, for compliance with a legal obligation, on the grounds of public interest or for the establishment, exercise or defence of legal claims.
10.4 Restriction
In accordance with Art. 18 GDPR, you can request the restriction of the processing of your personal data insofar as you contest the correctness of the data, insofar as the processing is illegal but you decline its erasure and we no longer require the data but you require the data for the establishment, exercise or defence of legal claims or insofar as you have issued an objection to the processing in accordance with Art. 21 GDPR.
10.5 Data portability
In accordance with Art. 20 GDPR, you can request the receipt of your personal data that you have provided to us in a structured, commonly used and machine-readable format or that these data be transmitted to another controller.
10.6 Right of withdrawal
According to Art. 7 (3) GDPR, you have the right at any time to withdraw any consent previously issued to us. We will then no longer carry out any data processing that was based on this consent. The withdrawal of consent shall not affect the lawfulness of processing based on consent before its withdrawal.
10.7 Right to object
Insofar as we process your data on the basis of legitimate interests as per Art. 6 (1)(f) GDPR, you have the right according to Art. 21 GDPR to object to the processing of your data and inform us of the grounds arising from your particular situation that in your consideration speak in favour of your compelling interests overriding ours. In the case of an objection to data processing for purposes of direct marketing, you have a general right to object that can be exercised even without informing us of the grounds. If you would like to exercise your right to withdraw or object, an informal notification to our Data Protection Officer is sufficient.
10.8 Right to lodge a complaint
In accordance with Art. 77 GDPR, you can lodge a complaint with a supervisory authority if you are of the opinion that the processing of the personal data concerning you violates provisions of data protection law. In general, you can lodge your complaint with the supervisory authority of your habitual residence or place of work or of the registered office of our company. The supervisory authority with which you have lodged the complaint shall inform you on the progress and the outcome of the complaint, including the possibility of a judicial remedy pursuant to Art. 78 GDPR.
The supervisory authority that is competent with respect to us is:
Der Bayerische Landesbeauftragte für den Datenschutz (BayLfD)
Prof. Dr. Thomas Petri
Postfach 22 12 19, 80502 München
Wagmüllerstraße 18, 80538 München (please only after prior appointment)
Phone: 089 212672-0
Fax: 089 212672-50
Email: poststelle@datenschutz-bayern.de
11. Validity of the Privacy Policy
This Privacy Policy is currently valid and originates from March 2023. It may be necessary to modify this Privacy Policy due to the further development of our digital event offerings or due to changes to legal or public authority requirements. You can access and print out the respectively valid Privacy Policy under https://www.netzentwicklungsplan.de/en/datenschutzhinweise.