Privacy Statement

Last updated: 18-09-2024

Zonnedimmer B.V. (“Zonnedimmer”, “we”, “our”, or “us”) is committed to protecting your personal data. This Privacy Statement explains how we collect, use, and safeguard your personal data when you visit our website.

Data Controller

We are the controller responsible for the processing of your personal data when you use our website. If you have any questions regarding the processing of your personal data, you may contact us at the following address:

• Organization: Zonnedimmer B.V.
• Address: Pastoriestraat 53
• Postal code: 7721CV
• City: Dalfsen

Personal Data We Process

When you visit our website, we collect and process various types of personal data. This may include data you provide directly to us as well as data automatically collected through your use of the website. The personal data we process includes:

• First and last name
• Email address and/or telephone number
• Address details
• Data relating to solar panel generation
• If you use the Zonnedimmer Dongle: data relating to energy consumption and grid feed-in (smart meter P1 data)

Our website uses cookies to enhance functionality and improve your user experience. Cookies enable the website to recognize your device. You can configure your browser to block cookies or to notify you when cookies are being sent. Please refer to our Cookie Policy for details on the types of cookies we use and the purposes for which they are used.

Purposes of Processing

Your personal data is processed solely for the following purposes:

• Creating and managing user accounts
• Providing live insights in the app and enabling solar panel curtailment
• Communicating with you by email, post, or telephone
• Delivering products
• Improving our products and services

Legal Basis for Processing

We process your personal data on one or more of the following legal bases: (i) your consent (e.g., when you agree to receive questionnaires); (ii) the performance of a contract (e.g., processing and delivering a product or service ordered via our website); (iii) compliance with a legal obligation; or (iv) our legitimate interests (e.g., to improve our website). Where processing is based on legitimate interests, we carefully balance our interests against your fundamental rights and freedoms.

If you have given consent, you may withdraw it at any time by contacting us (see contact information on our website). Withdrawal of consent does not affect the lawfulness of processing carried out prior to withdrawal.

Sharing of Personal Data

We only share your personal data with third parties where this is necessary for the performance of our services. This may include, for example, IT service providers, software vendors, or parties managing and hosting our website.

Where we engage third-party processors, we enter into appropriate written agreements to ensure the secure and lawful processing of your personal data.

If you register via a link provided by a partner (e.g., a grid operator or energy supplier), we may also share your personal data with that partner. The relevant partner will be identified during each step of the online registration process.

International Data Transfers

We seek to process your personal data only within the European Economic Area (EEA). If data is transferred outside the EEA, we implement appropriate organizational, technical, and contractual safeguards to ensure an adequate level of protection in accordance with applicable data protection laws.

Data Security

We implement appropriate technical and organizational measures to protect your personal data against unauthorized access, loss, misuse, or unlawful processing. We regularly review these measures to ensure they remain effective and appropriate.

Data Retention

We retain your personal data only for as long as necessary to fulfil the purposes for which it was collected. If you discontinue the use of our services, we apply the following retention periods:

• First and last name: 24 months
• Telephone number and/or email address: 24 months
• Address details: 24 months
• Data relating to solar panel generation and energy consumption/grid feed-in: 24 months

You may also request deletion of your personal data. In such case, we will erase your personal data along with all data linked to your address or Zonnedimmer account.

Your Rights

Under the General Data Protection Regulation (GDPR), you have the right to access the personal data we hold about you, to correct inaccurate data, to request the erasure of your personal data, to restrict processing, and to object to processing. Under certain circumstances, you also have the right to data portability.

To exercise your rights, please contact us. You can find our contact details here.

If you are dissatisfied with how we handle your personal data and we are unable to resolve the matter together, you have the right to lodge a complaint with the Dutch Data Protection Authority (Autoriteit Persoonsgegevens).

Other Provisions

This Privacy Statement does not apply to third-party websites that may be accessed through our website. We recommend reviewing the privacy and cookie policies of those third parties before using their websites.

We may update this Privacy Statement from time to time. We encourage you to review it regularly to stay informed about how we process your personal data.