Data Protection

Our use of your data and your rights – Information in accordance with Articles 13, 14 and 21 of the General Data Protection Regulation (GDPR)

This Data Protection Declaration applies to the collection, processing and use of your personal data when you use our website: diginergy.ai

The issue of data protection has a high priority at DigiNergy GmbH (hereinafter referred to as “we” or “DigiNergy”). We therefore want to let you know how we implement data protection at our company, as well as about the information we record whenever you visit our website, how it is used, and what rights you have. Please note that your personal data will be used exclusively for the purposes described below and will not be processed otherwise or elsewhere without a legal basis.

The Data Privacy Statement describes how and for what purpose DigiNergy GmbH, Ludwig-Erhard-Straße 12
D-34131 Kassel, Germany (hereinafter also referred to as “DigiNergy” or “we”) processes personal data of its business partners and their employees.


I. General information

1. Controller

The controller responsible for processing your personal data is:

DigiNergy GmbH

Ludwig-Erhard-Straße 12
D-34131 Kassel

Handelsregister: HRB 19095

Amtsgericht Kassel

Umsatzsteuer ID: DE355194026

Online-Streitbeilegung:

Die Europäische Kommission stellt eine Plattform zur Online-Streitbeilegung (OS) bereit. Die Plattform finden Sie unter https://ec.europa.eu/consumers/odr. Verbraucher haben die Möglichkeit, diese Plattform für die Beilegung ihrer Streitigkeiten zu nutzen.

eMail: Info@diginergy.ai
Phone: 0561-43024783

2. Data Protection Officer

You can contact our Data Protection Officer at:/ our Data Protection team at:

DigiNergy GmbH, Data Protection Officer, Ludwig-Erhard-Straße 12
D-34131 Kassel

E-Mail: Info@diginergy.ai

3. What data do we process and from what sources?

We process personal data you provide voluntarily or is gathered as part of use of our website.

You can find more information on this subject in Section II “Processing of personal data.”

4. For what purpose do we process your data and what is the legal basis for that?

We process your personal data in compliance with the relevant data protection regulations, in particular the General Data Protection Regulation (GDPR) and national data protection legislation (for Germany e.g. the German Data Protection Act BDSG) and the Telecommunications Telemedia Data Protection Act (TTDSG), for various purposes.

In principle, the purposes for which we process your data are: to perform contractual obligations (Article 6 paragraph 1 point (b) GDPR), to safeguard legitimate interests (Article 6 paragraph 1 point (f) GDPR), for processing subject to your prior consent (Article 6 paragraph 1 point (a) GDPR) and/or to comply with statutory obligations (Article 6 paragraph 1 point (c) GDPR).

You can find more information on this subject in Section II “Processing of personal data.”

5. Who obtains my data?

5.1 Web hosting by processor

Service providers used by us and acting on our behalf (so-called processors, please refer to Art. 4 No. 8 GDPR) may receive personal data. We use IT service providers as processors.

The web host of this website isONOS SE, Elgendorfer Str. 57, 56410 Montabaur, www.ionos.de(hereinafter "IONOS").

The service provider stores this website on its servers (hosting). The provision of this website requires the commissioning of a web hosting service. The use of IONOS takes place in accordance with Art. 6 (1) (f) GDPR due to our legitimate economic interest in making our offer available on this website.

In connection with the hosting, IONOS processes personal data on our behalf, which is generated during the following actions of the user:

- when visiting our website

We have entered into a Data Processing Agreement with IONOS Through this agreement, IONOS ensures that they process the data in accordance with the General Data Protection Regulation and ensure the protection of the rights of the data subject.

5.2 Disclosure of data to third parties

We will only transfer your personal data to third parties if:

  • you have given your explicit consent in accordance with Art. 6 (1)(a) GDPR
  • it is necessary for the fulfilment of a contract with you in accordance with Art. 6 (1)(b) GDPR
  • in the event that there is a legal obligation to pass on the data pursuant to Art. 6 (1)(c) GDPR.

If there is a legitimate interest pursuant to Art. 6 (1) f GDPR and in compliance with the statutory regulations, DigiNergy may transfer personal data to affiliated companies within the meaning of Section 15 of the German Stock Corporation Act (AktG) within the European Economic Area to the extent permitted. The transfer is made in particular due to our legitimate interest in improving and coordinating our internal administration and for the use of shared data resources for jointly used infrastructures and services. Transfers are made to the following companies: DigiNergy Sales GmbH, DigiNergy Holding GmbH and, if applicable, other SEFE Securing Energy for Europe GmbH Group companies.

You can find more information on this in Section II - Processing of personal data.

5.3Third country transfer

A transfer of personal data to a third country or an international organisation will only take place if we inform you of this and if the conditions of Art. 44 et seqq. GDPR are given.

A third country is defined as a country outside the European Economic Area (EEA) in which the GDPR is not directly applicable. A third country is deemed to be unsafe if the EU Commission has not issued an adequacy decision for this country in accordance with Art. 45 (1) GDPR, confirming that adequate protection for personal data exists in the country.

The USA is a so-called unsafe third country. This means, that the US does not offer a level of data protection comparable to that in the EU. The risks involved in transferring personal data to the US are as follows: There is a risk that US authorities may gain access to personal data on the basis of the PRISM and UPSTREAM surveillance programmes based on Section 702 of the FISA (Foreign Intelligence Surveillance Act), and on the basis of Executive Order 12333 or Presidential Police Directive 28. EU citizens have no effective means of redress against such access in the US or the EU.

We will inform you in this privacy policy when and how we transfer personal data to the USA or other unsafe third countries. We will only transfer your personal data if

  • the recipient provides appropriate safeguards in accordance with Art. 46 GDPR for the protection of personal data,
  • you have explicitly agreed to the transmission, after we have informed you of the risks, in accordance with Art. 49 (1)(a) GDPR,
  • the transmission is necessary for the fulfilment of contractual obligations between you and us
  • or another exception from Art. 49 GDPR applies.

Safeguards under Art. 46 GDPR can be so-called standard contractual clauses. In these standard contractual clauses, the recipient assures to protect the data sufficiently and thus to ensure a level of protection comparable to that provided by the GDPR.

6. Security

We use technical and organizational security measures to ensure that the personal data you supply us with is protected against accidental or deliberate manipulation, loss, destruction and/or access by unauthorized persons. Whenever we collect and process personal data, the information is transmitted in encrypted form to prevent misuse of this data by third parties. Our security measures are subject to continual further development in line with technical advances.

All data transmitted by you personally is encrypted using the generally accepted and secure standard TLS (Transport Layer Security). TLS is a secure and proven standard that can also be used for online banking. You can recognize a secure TLS connection by the s attached to the http (https://..) in the address bar of your browser or by the lock symbol at the bottom of your browser.