Name and contact details of the responsible person
In accordance with the GDPR the data controller is
Orchard Hill, The Common, Potten End, Berkhamsted, Hertfordshire, United Kingdom, HP4 2QF
Company number 11632286
SNRG processes personal data in order to better understand the needs of its customers and thus to be able to improve its services. Personal data will only be used in the specific context of your customer relationship with SNRG to the extent permitted by law or on the basis of your prior express consent.
Legal basis for the processing of personal data
Insofar as we obtain the consent of the data subject for processing operations involving personal data, Article 6 (1) (a) of the GDPR serves as the legal basis.
When processing personal data that is necessary for the performance of a contract to which the data subject is a party, Art. 6 (1) (b) GDPR serves as the legal basis. This also applies to processing operations that are necessary for the performance of pre-contractual measures.
Insofar as processing of personal data is necessary for compliance with a legal obligation to which our company is subject, Art. 6 (1) lit. c GDPR serves as the legal basis.
In the event that vital interests of the data subject or another natural person make processing of personal data necessary, Art. 6 (1) (d) GDPR serves as the legal basis.
If the processing is necessary to protect a legitimate interest of our company or a third party and the interests, fundamental rights and freedoms of the data subject do not override the former interest, Art. 6 (1) lit. f GDPR serves as the legal basis for the processing.
General technical organisational measures
The SNRG website is behind a software firewall to prevent access from other networks connected to the Internet. In addition, only employees who need the information to perform a specific job are granted access to personally identifiable information. These employees are trained in security and privacy practices and treat your information confidentially.
Secure transfer of your data.
In order to best protect the data, we store against accidental or intentional manipulation, loss, destruction or access by unauthorised persons, we use appropriate technical and organisational security measures. The security levels are continuously reviewed in cooperation with security experts and adapted to new security standards.
The exchange of data to and from our website is always encrypted. We offer HTTPS as the transmission protocol for our website, in each case using the current encryption protocols.
In addition, we offer our users content encryption as part of the contact forms and for applications. The decryption of this data is only possible for us. In addition, there is the option of using alternative communication channels (e.g., the postal service).
Data processing in the context of our service provision
The protection of your data is particularly important to us in the performance of our services. We therefore only want to process as much personal data (for example, your name, address, e-mail address or telephone number) as is absolutely necessary. Nevertheless, we rely on the processing of certain personal data, in order to fulfil our contractual obligations to you or to carry out pre-contractual measures. This processing of personal data, will always be carried out in accordance with applicable data protection laws.
Administration, financial accounting, office organisation, contact management.
We process data in the context of administrative tasks as well as organisation of our operations, financial accounting and compliance with legal obligations, such as archiving. In this regard, we process the same data that we process in the course of providing our contractual services. The processing bases are Article 6 (1) (c) GDPR, Article 6 (1) (f) GDPR. Customers, interested parties, business partners and website visitors are affected by the processing. The purpose and our interest in the processing lies in the administration, financial accounting, office organisation, archiving of data, i.e., tasks that serve the maintenance of our business activities, performance of our tasks and provision of our services. The deletion of data with regard to contractual services and contractual communication corresponds to the data mentioned in these processing activities.
In this context, we disclose or transfer data to the tax authorities, consultants, such as tax advisors or auditors, as well as other fee offices and payment service providers.
Furthermore, based on our business interests, we store information on suppliers, event organisers and other business partners, e.g., for the purpose of contacting them at a later date. This data, most of which is company-related, is generally stored permanently.
Information in the context of the use of the website and our web application
In principle, it is possible to use the SNRG website without providing personal data. When a page of our website is accessed and each time a file is retrieved, access data about this process is stored in a log file. The corresponding log file contains: Your IP address, the page from which the file was requested, the name of the file, the date and time of the request, the amount of data transferred, the access status (file transferred, file not found, etc.), a description of the type of operating system and web browser used. The stored data does not allow any conclusions to be drawn about your identity and is evaluated exclusively for statistical purposes.
The collection and processing of this data is carried out in order to enable the use of the website at all, on the basis of Art. 6 para. 1 p. 1 f) GDPR, whereby our legitimate interest is the provision of our website. Incidentally, we store this aforementioned data, including the IP addresses, only in anonymised form and use it only in this anonymised form to analyse the use of the offer and the further development and optimisation of our website in your interest, also on the basis of Art. 6 para. 1 p. 1 f) GDPR. Our legitimate interest is the ongoing improvement of our online offer in order to provide you with the greatest possible user comfort.
If you contact us, your details including the contact details you provide, will be stored and used by us to fulfil the purpose associated with the transmission, e.g., to process your enquiry, to answer your questions or to prepare follow-up questions.
The basis for this storage and use of your personal data is your consent in accordance with Art. 6 Para. 1 S. 1 a) GDPR, which you give us separately before sending the contact form. Insofar as you provide us with your personal data for the purpose of responding to your questions, the entry of personal data is required within the meaning of Art. 13 (2) e) GDPR. Without this information, we cannot process your request.
You have the right to revoke your consent to the data processing described above at any time with effect for the future. In this case, we will no longer process your data. Your personal data will be deleted even without your revocation in any case if we have processed your request or if the storage is inadmissible for other legal reasons.
You cannot be personally identified from any of the information we collect. The use of the cookies we use is necessary in order to be able to provide the online offer of SNRG at all and, moreover, to be able to optimise it on an ongoing basis. The data processing in this context is therefore based on Art. 6 para. 1 p. 1 f) GDPR. Our legitimate interest is to provide visitors to our website with a functioning online service and to make visiting and using the website as pleasant and efficient as possible.
It is also possible for you to register an account (https://snrgconnect.com/registration). For this purpose, you will need to present your registration code and provide us with the following: Full Name, Telephone Number, Address, E-mail Address and Password. Providing those will enable you to log in more easily without having to enter your data again when you use our services next. SNRG stores the data you enter to set up a customer account. We will hold your data for further orders as long as you maintain your registration. You have the right to access, correct or delete your registration data at any time. The legal basis for the storage is Art. 6 (1) (a) GDPR.
Storage period and deletion
We store your personal data for as long as is necessary to fulfil the intended purpose (e.g., contract fulfilment, answering your enquiries) or for as long as legal retention periods make storage necessary. As long as legal storage obligations, such as tax and commercial law regulations, or other justified reasons within the meaning of Art. 17 (3) of the GDPR prevent the deletion of your personal data, we will restrict the processing of your data; your data will then be deleted in accordance with the legal regulations.
Transfer of personal data
We work closely with affiliated businesses. We provide services jointly with or on behalf of these businesses through links that may lead to the businesses where purchases may be made. We will transfer your data to third parties if you have consented to this in accordance with Art. 6 para. 1 p. 1 a) GDPR, or in the following cases:
Contractors: SNRG may engages other companies and individuals in certain cases to fulfil its obligations to its customers on its behalf. This may involve sharing your data with these third parties in order to provide products or services to you. Examples include customer service, payment data processing and marketing support. In these cases, data is transferred to such service providers and contractors (such as payment service providers, advertising providers, technical service providers) for the purpose of fulfilling the contract in accordance with Art. 6 para. 1 p. 1 b) GDPR.
It goes without saying that SNRG ensures that the respective service provider guarantees data security before passing on personal data. SNRG will therefore only commission companies that can guarantee secure and proper data processing based on their qualifications and their technical and organisational capabilities.
All your data collected on the SNRG website for the purpose of market research will be used exclusively for SNRG internal purposes and will not be passed on to third parties. They will be deleted when their knowledge is no longer necessary for market research.
Data processing due to legal requirements / protection against misuse / rights of third parties
SNRG is entitled to process your personal data insofar as this is necessary to fulfil legal obligations. For this purpose, SNRG may transfer this data in particular to authorities, law enforcement agencies and courts. In this case, the transfer of your data is required by Art. 6 para. 1 p. 1 c) GDPR for compliance with a legal obligation to which we are subject. SNRG is further entitled to process personal data if and to the extent necessary to detect or prevent misuse of this website or to enforce claims of SNRG, its employees or users, whereby the data processing in these cases is necessary to protect these aforementioned legitimate interests of SNRG pursuant to Art. 6 para. 1 p. 1 f) GDPR. Insofar as the disclosure of health data is necessary for the assertion of claims or the defence against claims, the related data processing is based on Art. 9 (2) f) GDPR.
Your personal data will not be transferred to countries outside the EU, with the exception of the transfer of information generated by the cookie.
Automated decision-making including profiling pursuant to Art. 22 (1) and (4) GDPR does not take place on the part of SNRG.
Direct marketing in the context of a customer relationship
We use the data you provide to fulfil and process our contract and to respond to your enquiries in accordance with Art. 6 para. 1 p. 1 b) GDPR or on the basis of your consent in accordance with Art. 6 para. 1 p. 1 a) GDPR. Insofar as you have also given us separate consent to process your data for consulting, quotation and advertising purposes, SNRG is entitled to contact you for these purposes via the communication channels you have ticked in this consent.
The Supervisory Authority
The Information Commissioner’s Office (ICO) in the UK is the for us relevant authority in matters of data protection. You have the right to make a complaint at any time to the ICO (www.ico.org.uk). We would, however, appreciate the chance to deal with your concerns before you approach the ICO so please contact us in the first instance.
Your rights as a data subject
You have the right to free information about the data stored about you at any time. In addition, you have the right to correct incorrect data, if necessary to delete your personal data and to restrict data processing.
If the basis for the data processing is Art. 6 para. 1 p. 1 f) GDPR (safeguarding legitimate interests), you have the right to object to the processing of your personal data at any time in accordance with Art. 21 GDPR, provided that there are grounds for doing so which arise from your particular situation, or if the objection is directed against data processing for direct marketing purposes. In the latter case, you have a general right of objection, which will be implemented by us without giving reasons arising from your particular situation (Art. 21 (2) GDPR). If you object on grounds arising from your particular situation, we will no longer process your personal data unless we can demonstrate compelling legitimate grounds for the processing which override your interests, rights and freedoms, or the processing serves to assert, exercise or defend legal claims (Art. 21 (1) GDPR).
Insofar as you provide us with personal data and we process this data on the basis of your consent, you may freely revoke the corresponding consent at any time with effect for the future.
If you provide us with data relating to you and we process this data on the basis of your consent or for the performance of a contract, you may also demand that we provide you with this data in a structured, common and machine-readable format or that we transfer this data to another controller, insofar as this is technically possible (so-called right to data portability).
In addition, you have the right to lodge a complaint with a supervisory authority if you are of the opinion that the data processing by us violates legal regulations.
In order to assert your rights listed here, as well as for further questions on the subject of processing of your personal data, you can contact us at any time using the contact details provided above.
When you send a data subject access request
The legal basis for the processing of your personal data in the context of handling your data subject access request is our legal obligation and the legal basis for the subsequent documentation of t data subject access request is both our legitimate interest and our legal obligation.
The purpose of processing your personal data in the context of processing data when you send a data subject access request is to respond to your request. The subsequent documentation of the data subject access request serves to fulfil the legally required accountability.
Your personal data will be deleted as soon as they are no longer required to achieve the purpose for which they were collected. In the case of the processing of a data subject access request, this is three years after the end of the respective process.
You have the possibility at any time to object to the processing of your personal data in the context of the processing of a data subject access request for the future. In this case, however, we will not be able to further process your request. The documentation of the legally compliant processing of the respective data subject access request is mandatory. Consequently, there is no possibility for you to object.
Legal defence and enforcement of our rights
The legal basis for the processing of your personal data in the context of legal defence and enforcement of our rights is our legitimate interest.
The purpose of processing your personal data in the context of legal defence and enforcement of our rights is the defence against unjustified claims and the legal enforcement and assertion of claims and rights. Your personal data will be deleted as soon as they are no longer necessary to achieve the purpose for which they were collected.
The processing of your personal data in the context of legal defence and enforcement is mandatory for legal defence and enforcement of our rights. Consequently, there is no possibility for you to object.
To protect the security of your data during transmission, we use state-of-the-art encryption procedures (e.g., SSL) via HTTPS.
The data you enter on our social media pages, such as comments, videos, pictures, likes, public messages, etc. are published by the social media platform and are not used or processed by us for any other purpose at any time. We only reserve the right to delete content if this should be necessary. Where applicable, we share your content on our site if this is a function of the social media platform and communicate with you via the social media platform. The legal basis is our legitimate interest. The data processing is carried out in the interest of our public relations and communication.
If you wish to object to certain data processing over which we have an influence, please contact us. We will then examine your objection. If you send us a request on the social media platform, we may also refer you to other secure communication channels that guarantee confidentiality, depending on the response required. You always have the option of sending us confidential enquiries to our address stated in the imprint.
As already stated, where the social media platform provider gives us the opportunity, we take care to design our social media pages to be as data protection compliant as possible. With regard to statistics that the provider of the social media platform makes available to us, we can only influence these to a limited extent and cannot switch them off. However, we make sure that no additional optional statistics are made available to us.
SNRG uses the technical platform and services of LinkedIn. We would like to point out that you use this LinkedIn page and its functions on your own responsibility. This applies in particular to the use of the interactive functions (e.g., commenting, sharing, rating). Alternatively, you can also access parts of the information offered via our website.
When you visit our LinkedIn page, LinkedIn and the associated company Microsoft collect, among other things, your IP address and other information that is stored on your device in the form of cookies. This information is used to provide us, as operators of the LinkedIn pages, with statistical information about the use of the LinkedIn page. Microsoft provides more detailed information on this here
We have no influence on the data collection and further processing by LinkedIn. Furthermore, it is not apparent to us to what extent, at which location and for how long the data is stored, to what extent LinkedIn and Microsoft comply with existing deletion obligations, what evaluations and links are made with the data and to whom the data is passed on. If you would like to avoid LinkedIn and Microsoft processing personal data that you have transmitted to us, please contact us by other means.
The data collected about you in this context is processed by Microsoft and may be transferred to countries outside the European Union. LinkedIn/Microsoft describes in general terms in its data usage guidelines what information LinkedIn/Microsoft receives and how it is used. There you will also find information on how to contact Microsoft and on the setting options for advertisements. The data usage guidelines are available here.
In which way LinkedIn & Microsoft use the data from the visit of LinkedIn pages for their own purposes, to what extent activities on the LinkedIn and Microsoft page are assigned to individual users, how long LinkedIn & Microsoft store this data and whether data from a visit to the LinkedIn page is passed on to third parties, is not conclusively and clearly stated by LinkedIn & Microsoft and is not known to us.
Data processing by the operator of the social media platform
The operator of the social media platform uses web tracking methods. The web tracking can also take place regardless of whether you are logged in or registered with the social media platform. As already explained, we can unfortunately hardly influence the web tracking methods of the social media platform. We cannot, for example, switch this off.
Please be aware: It cannot be ruled out that the provider of the social media platform uses your profile and behavioural data, for example to evaluate your habits, personal relationships, preferences, etc. We have no influence on this. In this respect, we have no influence on the processing of your data by the provider of the social media platform.