Privacy Policy

1) Introduction and general information

This privacy policy (as of August 2025) gives you a transparent overview of which personal data we process as the controller and the processors commissioned by us.

We are subject to German data protection law and the provisions of the European General Data Protection Regulation (GDPR).

Further data protection notices and other legal documents may apply to individual or additional activities and operations.

2) Contact details of the person responsible

Responsible for data processing is:

AMP ENERGY SOLUTIONS GmbH
Schlossgarten 16
74544 Michelbach
Germany

E-Mail: contact@ampenergysolutions.de

We explicitly point out at the appropriate place if there are other controllers for the processing of personal data in individual cases.

3) Scope of application

This privacy policy applies to all online presences, including all websites.

4) Terms and legal bases

Personal data is all data that can be used to directly or indirectly identify you personally („data subject“). In this context, we process in particular information that a data subject voluntarily and personally transmits to us when contacting us - for example by post, e-mail, contact form or telephone. We may store such information in an address book or with comparable electronic/digital tools, for example.

We only process personal data if at least one of the following legal bases applies.

Art. 6 para. 1 lit. a GDPR for the processing of personal data with the consent of the data subject. In the event of express consent to the transfer of personal data to third countries, data processing is also carried out on the basis of Art. 49 para. 1 lit. a GDPR. If you have consented to the storage of cookies or access to information in your end device (e.g. via device fingerprinting), the data processing is also carried out on the basis of Section 25 (1) TDDDG. Consent can be revoked at any time. The legality of the data processing carried out until the revocation remains unaffected by the revocation.
Art. 6 para. 1 lit. b GDPR for the necessary processing of personal data for the fulfilment of a contract with the data subject and for the implementation of pre-contractual measures.
Art. 6 para. 1 lit. c GDPR for the necessary processing of personal data to fulfil a legal obligation.
Art. 6 para. 1 lit. d GDPR for the necessary processing of personal data in order to protect the vital interests of the data subject or another natural person.
Art. 6 para. 1 lit. e GDPR for the necessary processing of personal data for the performance of a task carried out in the public interest.
Art. 6 para. 1 lit. f GDPR for the necessary processing of personal data in order to protect the legitimate interests of us or third parties, unless the fundamental freedoms and rights and interests of the data subject prevail. Legitimate interests are, in particular, our interest in being able to carry out the activities and operations when visiting our website or in our joint business relationship in a permanent, user-friendly, secure and reliable manner. In addition, our interest in simple communication, ensuring information security, protection against misuse, the enforcement of our own legal claims and compliance with applicable law.

5) Type, scope, purpose and duration of data processing

The personal data processed by us may fall into the categories of inventory and contact data, browser and device data, content data, meta or marginal data, usage data and location data and payment data.

We process personal data for the duration required for the respective purpose(s) or as required by law. Personal data whose processing is no longer required is deleted or anonymised.

We may have personal data processed by third parties. We may process personal data jointly with third parties or transfer it to third parties. Such third parties are, in particular, specialised providers whose services we use. We also guarantee data protection for such third parties.

If you transmit personal data to us via third parties, you are obliged to guarantee data protection vis-à-vis such third parties and to ensure the accuracy of the personal data.

We also process personal data that we receive from third parties, obtain from publicly accessible sources or collect in the course of our activities and operations, if and to the extent that such processing is permitted by law.

6) Rights of data subjects

Data subjects whose personal data we process have so-called data subject rights in accordance with the GDPR. These include in particular the following rights in your favour:

in accordance with Art. 15 GDPR, to request information about your personal data processed by us. In particular, you can request information about the processing purposes, the category of personal data, the categories of recipients to whom your data has been or will be disclosed, the planned storage period, the existence of a right to rectification, erasure, restriction of processing or objection, the existence of a right to lodge a complaint, the origin of your data if it was not collected by us, and the existence of automated decision-making including profiling and, if applicable, meaningful information about its details;
in accordance with Art. 16 GDPR, to immediately request the correction of incorrect or incomplete personal data stored by us;
to demand the erasure of your personal data stored by us in accordance with Art. 17 GDPR, unless the processing is necessary for exercising the right of freedom of expression and information, for compliance with a legal obligation, for reasons of public interest or for the establishment, exercise or defence of legal claims;
in accordance with Art. 18 GDPR, to demand the restriction of the processing of your personal data if the accuracy of the data is disputed by you, the processing is unlawful but you refuse to delete it and we no longer need the data, but you need it for the assertion, exercise or defence of legal claims or you have lodged an objection to the processing in accordance with Art. 21 GDPR;
in accordance with Art. 20 GDPR, to receive your personal data that you have provided to us in a structured, commonly used and machine-readable format or to request that it be transmitted to another controller;
pursuant to Art. 21 GDPR to object to the processing of your personal data if your personal data are processed on the basis of legitimate interests pursuant to Art. 6 para. 1 sentence 1 lit. f GDPR and if there are reasons arising from your particular situation or if the objection is directed against direct advertising. In the latter case, you have a general right to object, which will be implemented by us without specifying a particular situation. If you object, your personal data will no longer be used for the purpose of direct advertising;
in accordance with Art. 7 para. 3 GDPR, to revoke your consent once given to us at any time. As a result, we may no longer continue the data processing that was based on this consent in the future; and
to lodge a complaint with a supervisory authority pursuant to Art. 77 GDPR.

7) Note on data transfer to the USA and other third countries

Among other things, we also use tools from companies based in the USA or other third countries that are not secure under data protection law. We would like to point out that no level of data protection comparable to that in the EU can be guaranteed in these countries.

With regard to data transfer to the USA, the USA is considered a safe third country on the basis of the „EU-US Data Privacy Framework“ if the recipient of the data based in the USA is certified under the EU-US Data Privacy Framework or other suitable guarantees (e.g. standard contractual clauses of the EU Commission) are in place.

Where possible, we endeavour to use tools from EU providers and, if not, to at least select server locations within the EU if this option is provided by the tool providers.

8) Security of data processing

We take suitable technical and organisational measures to ensure data security appropriate to the respective risk. Unfortunately, however, we cannot guarantee absolute data security.

Our website is accessed using transport encryption (SSL/TLS, in particular with the Hypertext Transfer Protocol Secure, abbreviated to HTTPS). Most browsers indicate transport encryption with a padlock in the address bar.

9) Ninja Firewall

We use the firewall plugin Ninja Firewall to protect our website. The provider is NinTechNet Limited, Unit 1603, 16th Floor, The L. Plaza 367-375 Queen's Road Central, Sheung Wan, Hong Kong.

Ninja Firewall protects our website from unauthorised access, brute force attacks and other security-related threats. Among other things, the IP address, the time of the page access and the referrer are recorded.

To protect your privacy, the IP address is anonymised by removing the last three characters. The data collected is stored exclusively on our own web server, automatically deleted after 45 days and not transmitted to the provider of Ninja Firewall or other third parties.

Further information on data processing by Ninja Firewall can be found in the provider's privacy policy at:
https://nintechnet.com/about/ and
https://blog.nintechnet.com/ninjafirewall-general-data-protection-regulation-compliance/

The processing is carried out on the basis of Art. 6 para. 1 lit. f GDPR (legitimate interest in the secure and trouble-free provision of our website).

10) Cookies

We may use cookies. Our own cookies (first-party cookies), as well as cookies from third parties whose services we use (third-party cookies), are data that are stored in your browser. Cookies are not software programmes and do not contain viruses, Trojans or other „malware“. Cookies also cannot access information on your PC or end device.

Cookies can be stored temporarily in your browser as „session cookies“ or for a certain period of time as so-called permanent cookies. „Session cookies“ are automatically deleted when you close your browser. Permanent cookies have a specific storage period. In particular, cookies make it possible to recognise your browser the next time you visit our website and thus, for example, to measure the reach of our website. Permanent cookies can also be used for online marketing, for example.

If we use cookies and to the extent necessary, we will obtain your express consent for the use of cookies. If consent to the storage of cookies has been requested, the processing takes place exclusively on the basis of this consent (Art. 6 para. 1 lit. a GDPR and § 25 para. 1 TDDDG); the consent can be revoked at any time for the future.

Necessary cookies are stored on the basis of Art. 6 para. 1 lit. f GDPR (our legitimate interest in cookies for the technically error-free and optimised provision of our services) if no other legal basis is specified.

You can completely or partially deactivate or delete cookies in your browser settings at any time. Without cookies, our website and some functions may no longer be fully available.

11) Hosting

Our website is hosted by IONOS. The provider is IONOS SE, Elgendorfer Str. 57, 56410 Montabaur, Germany.

When you visit our website, IONOS collects various log files such as browser type and browser version, operating system used, referrer URL, host name of the accessing computer, time of the server request, IP address, and much more.

Details can be found in the IONOS privacy policy at: https://www.ionos.de/terms-gtc/datenschutzerklaerung/

IONOS is used on the basis of Art. 6 para. 1 lit. f GDPR (our legitimate interest in a stable and reliable presentation of our website) or on the basis of Art. 6 para. 1 lit. a GDPR (your consent) and § 25 para. 1 TDDDG); consent can be revoked at any time for the future.

We have concluded an order processing contract (AVV) with the above-mentioned provider.

12) Contact via e-mail and telephone

If you contact us by e-mail or telephone, your enquiry including all personal data (name, e-mail address, telephone number, etc.) will be processed for the purpose of handling your contact. The data will not be passed on without your consent.

All data sent to us by you in connection with a contact enquiry or other communication will remain with us until you request us to delete it, revoke your consent to store it or the purpose for storing the data no longer applies. Mandatory statutory provisions - in particular statutory retention periods - remain unaffected.

13) Microsoft Teams

We use the video conferencing service Microsoft Teams. The provider is Microsoft Ireland Operations Ltd, One Microsoft Place, South County Business Park, Leopardstown, Dublin 18, D18 P521, Ireland.

If you take part in a video conference with us via Microsoft Teams, your personal data will be stored on Microsoft's servers. You can find out which data Microsoft processes here in Microsoft's privacy policy at https://privacy.microsoft.com/de-de/privacystatement.

The processing is carried out on the basis of Art. 6 para. 1 lit. b GDPR (fulfilment of a contract or implementation of pre-contractual measures) or on the basis of Art. 6 para. 1 lit. f GDPR (our legitimate interest in quick and easy communication with customers, interested parties, employees or business partners) or on the basis of Art. 6 para. 1 lit. a GDPR (your consent), if applicable together with § 25 para. 1 TDDDG. Consent can be revoked at any time with effect for the future.

The data collected from you will be transferred to the USA and stored there on Microsoft Corporation servers. Microsoft Corporation is certified in accordance with the EU-U.S. Data Privacy Framework (data protection framework between the EU and the USA). With this certification, Microsoft Corporation undertakes to comply with the data protection standards of the EU.

We have concluded an order processing contract (AVV) with the above-mentioned provider.

14) Google Fonts

We use „Google Fonts“ on our website for the appealing and uniform presentation of fonts. Google Fonts is a product of the provider Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland.

The Google fonts are installed locally. This prevents a connection to Google's servers when you visit our website.

Further information on Google Fonts in general can be found at: https://developers.google.com/fonts/faq/privacy?hl=de or in Google's privacy policy at: https://policies.google.com/privacy.

Google Fonts are used on the basis of Art. 6 para. 1 lit. f GDPR (our legitimate interest in an appealing and uniform presentation of the typeface on our website) or on the basis of Art. 6 para. 1 lit. a GDPR (your consent) and § 25 para. 1 TDDDG. Consent can be revoked at any time with effect for the future.

We may amend and supplement this privacy policy at any time. We will inform you of such amendments and additions in an appropriate form, in particular by publishing the current privacy policy on our website.