1. Introduction
This privacy policy informs you about the type, scope and purpose of the collection and use of personal data when using the web shop at sunsharetek.com (hereinafter "web shop") of Sunshare Technology Co. Ltd. (hereinafter "we" or "us"). We are the responsible party for all personal data collected on the web shop, unless this privacy policy contains different information.
Personal data is information that can be used to identify a person, i.e. information that can be traced back to a person. This typically includes the name, email address or telephone number. In addition, purely technical data that can be assigned to a person is also considered personal data.
2. Contact details of the person responsible
Email: support@sunsharetek.com
3. Overview of the procedures
This webshop processes personal data as part of the following procedures:
server log files
contact
use of cookies
execution and processing of orders
3.1 Automatic collection of access data/server log files
Every time you access our webshop, we automatically collect a number of technical data that constitute personal data. These are:
user's IP address
Name of the webshop or file accessed
date and time of access
amount of data transferred
message about successful retrieval
browser type and version
user's operating system
device used by the user, including MAC address
Referrer URL (the previously visited page)
This data will not be merged with other personal data that you actively provide in the web shop. We collect server log files for the purpose of administering the web shop and detecting and preventing unauthorized access.
legal basis
The personal data in log files are processed on the basis of Art. 6 Paragraph 1 Letter f of GDPR. This permission permits the processing of personal data within the scope of the "legitimate interest" of the controller, unless your fundamental rights, freedoms or interests outweigh this. Our legitimate interest lies in easier administration and the ability to detect and track hacking. You can object to this data processing at any time if there are reasons that exist in your particular situation and that speak against the data processing. All you need to do is send an email to info@sunsharetek.com.
What are IP addresses?
IP addresses are assigned to every device (e.g. smartphone, tablet, PC) that is connected to the Internet. Which IP address this is depends on which Internet access your device is currently using to connect to the Internet. This can be the IP address assigned to you by your Internet provider, for example if you are connected to the Internet at home via your WiFi. It can also be an IP address assigned to you by your mobile provider or the IP address of a provider of a public or private WiFi or other Internet access. In its most common form (IPv4), the IP address consists of four blocks of digits. As a private user, you will usually not use a constant IP address, as this is only assigned to you temporarily by your provider (so-called "dynamic IP address"). With a permanently assigned IP address (so-called "static IP address"), it is in principle easier to clearly assign user data. Except for the purpose of tracking unauthorized access to our website, we do not use this data on a personal basis, but only evaluate on an anonymous basis which of our web shops are favored, how many accesses occur daily, and similar.
Our webshop already supports the new IPv6 addresses. If you already have an IPv6 address, you should also know the following: The IPv6 address consists of eight blocks of four. The first four blocks, as with the entire IPv4 address, are typically assigned dynamically for private users. The last four blocks of an IPv6 address (so-called "interface identifier") are determined by the end device that you use to browse the webshop. Unless otherwise set in your operating system, the so-called MAC address is used for this. The MAC address is a type of serial number that is assigned uniquely to every IP-capable device worldwide. We therefore do not save the last four blocks of your IPv6 address. In general, we recommend that you activate the so-called "Privacy Extension" on your end device in order to better anonymize the last four blocks of your IPv6 address. Most common operating systems have a "Privacy Extension" function, although in some cases this is not preset by default.
duration of data storage
The server log files with the above data are automatically deleted after 180 days. We reserve the right to store the server log files for longer if there are facts that suggest unauthorized access (such as an attempted hacking or a so-called DDOS attack).
3.2 Data collection when contacting us
When you contact us by email or telephone, the data you provide (your email address, if applicable your name and your telephone number) will be stored by us in order to answer your questions.
legal basis
The personal data from contacts are processed on the basis of Art. 6 Paragraph 1 Letter b of GDPR. This permission allows the processing of personal data if this is necessary to fulfill a contract to which the data subject is a party or to carry out pre-contractual measures that are carried out at the request of the data subject.
duration of data storage
We delete the data collected in connection with a contact after storage is no longer required to process your request, or restrict processing if there are statutory retention periods.
3.3 Use of cookies
Our webshop uses cookies for analysis purposes to make visiting our webshop more attractive and to improve the quality of our webshop and its content. Our webshop currently uses the following cookies for analysis purposes:
to analyze interactions with and performance of our products;
for troubleshooting, to analyze interactions with our products and their performance;
to troubleshoot and identify errors that affect functionality;
to detect security incidents and protect against malicious, fraudulent or illegal activities;
for research purposes related to technological development and demonstration;
to improve or expand our products or our website.
If you do not accept cookies, the functionality of our web shop may be limited.
Notes on Cookies
Cookies are small text files that are stored on your device by the browser you are using when you visit our web shop. In this way, individual services of a web shop can "recognize" you and "remember" which settings you have made. On the one hand, this serves to make web shops more user-friendly and therefore easier for users (e.g. storing login data). On the other hand, cookies are typically used to collect statistical data on web shop usage and to use the data obtained in this way for analysis and advertising purposes.
Some cookies are automatically deleted from your device as soon as you leave the webshop (so-called session cookies). Other cookies are stored for a specific period of time, which does not exceed two years (so-called persistent cookies). We also use so-called third-party cookies, which are managed by third parties in order to offer certain services.
You can influence the use of cookies. Most browsers have an option to restrict or completely prevent cookies from being saved. However, please note that the use and in particular the comfort of use will be restricted without cookies.
legal basis
The technical structure of the webshop requires that we use technologies, in particular cookies, without which the webshop cannot be used (completely correctly) or the support functions cannot be enabled. You cannot deselect such essential cookies if you want to use our webshop. The legal basis for this processing is our legitimate interest Art. 6 Para. 1 Clause 1 Letter f of GDPR, which consists in being able to operate our webshop smoothly and in a customer-friendly manner.
We only use non-essential cookies with your consent, which you can select via the consent manager when you first visit our web shop. The functions are only activated if you consent and can be used in particular to enable us to analyze and improve the use of our web shop, to make it easier for you to use it across different browsers or devices, to recognize you during a visit or to display advertisements (if necessary also to tailor advertising to your interests, measure the effectiveness of advertisements or show you interest-based advertising). The legal basis for this processing is Art. 6 Para. 1 Clause 1 Letter a of GDPR. You can revoke your consent at any time without affecting the legality of the processing up to the time of revocation.
duration of data storage
Session cookies are automatically deleted when you close your browser. You can find out how long persistent cookies are stored for in the overview in the cookie settings of your web browser.
3.4 Execution and processing of orders
When you place an order in our web shop, we collect various personal data (name, address, contact information, payment information) that we need to carry out and process the order.
legal basis
The personal data from the execution and processing of orders are processed on the basis of Art. 6 Paragraph 1 Letter b of GDPR. This permission allows the processing of personal data if this is necessary to fulfill a contract to which the data subject is a party.
duration of data storage
We delete the data collected in connection with the execution and processing of an order after storage is no longer required to process the order, or restrict processing if there are statutory retention periods.
4. Your rights
You have the right to receive information about the personal data that has been stored about you free of charge upon request. In addition, you have the right to correct incorrect data, the right to request the restriction of processing of data that has been processed in excess and the right to delete personal data that has been processed unlawfully or stored for too long (provided that this is not contrary to a statutory retention period or other reasons under Art. 17 Para. 3 GDPR). In addition, you have the right to transfer all data that you have provided to us in a common file format (right to data portability), provided that you have provided the data to us as part of a declaration of consent or to fulfill a contract.
In addition, you also have the right to lodge a complaint with a data protection supervisory authority. A list of German and European data protection officers and their contact details can be found at the following link: https://www.bfdi.bund.de/DE/Infothek/Anschriften_Links/anschriften_links-node.html.
5. Objection to our processing of your data, Art. 21 GDPR
If personal data is processed to perform tasks in the public interest (Article 6 (1) (e) GDPR) or to protect legitimate interests (Article 6 (1) (f) GDPR), you have the right to object to the processing of your personal data at any time. The personal data will then no longer be processed unless we can demonstrate compelling legitimate grounds for the processing which outweigh your interests, rights and freedoms, or if the processing serves to assert, exercise or defend legal claims.
If you have a right to object to the processing of individual procedures, we will point this out in the description of the individual procedures.
To exercise your rights, simply send an email to info@sunsharetek.com.
6. Revocation of consent
revocation of consent
If you have given us your consent to process your personal data, you can revoke this consent at any time and without giving reasons with effect for the future. All you need to do is send an email to the following email address. The legality of the processing carried out on the basis of the consent until the revocation is not affected by the revocation.
To exercise your rights, simply send an email to info@sunsharetek.com.
7. Recipients of data
As a general rule, we do not pass on personal data unless we expressly mention this in this privacy policy.
Personal data will be passed on to the following categories of recipients:
Service providers.We may share personal information with our suppliers and service providers who perform services on our behalf. These third parties are authorized to use your personal information only to the extent necessary to provide those services to us, such as fulfilling orders, processing payments, sending and improving communications, developing and improving our products, detecting, preventing and remediating fraud or other prohibited activities, and providing other support for the provision of our products.
We may access, preserve, and disclose your personal information, other account information, and content if we believe it is necessary or appropriate to comply with law enforcement requests and legal processes, such as a court order, government request, or subpoena. We may also access, preserve, and disclose your personal information, other account information, and content if we have a good faith belief that disclosure is necessary to protect yours, ours, or others' rights, property, or safety, or to investigate fraud.
Mergers, Sales or Other Transfers of Assets: If we are involved in a merger, acquisition, financing due diligence, reorganization, bankruptcy, insolvency, receivership, sale of company assets, or transition of services to another provider, your information may be sold or transferred as part of such transaction, as permitted by law and/or contract. Use of your personal information after any of the foregoing events will be subject to the terms of the Privacy Policy in effect at the time such personal information was collected.
8. Transfer to recipients outside the EEA
As part of our business relationships, your personal data may be passed on or disclosed to third parties. These may also be located outside the European Economic Area (EEA), i.e. in third countries. Such processing is carried out exclusively to fulfill contractual and business obligations and to maintain your business relationship with us.
The European Commission has certified that some third countries have data protection comparable to the EEA standard through so-called adequacy decisions (a list of these countries and a copy of the adequacy decisions can be found here: https://commission.europa.eu/law/law-topic/data-protection/international-dimension-data-protection/adequacy-decisions). In other third countries to which personal data may be transferred, however, there may not be a consistently high level of data protection due to a lack of legal provisions. Where this is the case, we ensure that data protection is adequately guaranteed. This is possible through binding company regulations, standard contractual clauses of the European Commission for the protection of personal data, certificates or recognized codes of conduct.
9. No obligation to provide personal data
We do not make the conclusion of contracts with us dependent on you providing us with personal data beforehand. As a customer, you are generally under no legal or contractual obligation to provide us with your personal data; however, we may only be able to provide certain offers to a limited extent or not at all if you do not provide the necessary data. If this should exceptionally be the case within the scope of the products we offer presented below, you will be informed of this separately.
10. No automated decision-making
There is no automated decision-making, including profiling, in accordance with Art. 22 (1) and (4) GDPR.