Legal Notice & Privacy Policy
Legal Notice (Imprint)
GIH Solar UG Haftungsbeschränkt
Eichenstraße 10
85402 Kranzberg
Managing Director: Michael Houillon
_____________________
Commercial Register: Amtsgericht München - Registergericht, HRB241931
VAT Identification Number: DE319317756
_____________________
E-Mail: gihsolar.ug@gmail.com
Phone: +49 (0) 8166 6719794
Responsible for the following content pursuant to Section 18 (2) RStV:
Michael Houillon
Eichenstraße 10
85402 Kranzberg
Disclaimer of Liability
The information provided on this website is carefully reviewed and updated regularly. However, we cannot guarantee that all information is complete, accurate, and up to date at all times. This applies in particular to all links to external websites that are referenced directly or indirectly. Therefore, we cannot assume any liability for such external content. The respective provider or operator of the linked pages is always responsible for their content.
Copyright Notice
The content and structure of the websites stay-bright.com and stay-bright.de are protected by copyright law. Any reproduction, editing, distribution, or any kind of use of copyrighted contributions, images, or other works requires the prior written consent of the provider or rights holder.
Dispute Resolution
The European Commission provides a platform for online dispute resolution (ODR). It can be accessed via the following link: http://ec.europa.eu/consumers/odr/ . We are neither willing nor obliged to participate in dispute resolution proceedings before a consumer arbitration board.
Privacy Policy
1. Introduction
This website is operated by GIH Solar UG (limited liability). It is very important to us to handle the data of our website visitors in a trustworthy manner and to protect it as best as possible. For this reason, we make every effort to comply with the requirements of the GDPR. Below we explain how we process your data on our website. We use clear and transparent language so that you can truly understand what happens to your data.
2. General Information
2.1 Processing of personal data and other terms Data protection applies to the processing of personal data. “Personal data” means any data that can be used to personally identify you. This includes, for example, the IP address of the device (PC, laptop, smartphone, etc.) you are currently using. Such data is “processed” whenever anything happens to it. For example, the IP address is transmitted by the browser to our provider and automatically stored there. This constitutes processing (pursuant to Art. 4(2) GDPR) of personal data (pursuant to Art. 4(1) GDPR). These and further legal definitions can be found in Art. 4 GDPR.
2.2 Applicable regulations / laws: GDPR, BDSG and TTDSG The scope of data protection is regulated by law. In this case, this includes the GDPR (General Data Protection Regulation) as a European regulation and the BDSG (German Federal Data Protection Act) as a national law. In addition, the TTDSG supplements the GDPR provisions insofar as it concerns the use of cookies.
2.3 The Controller The party responsible for data processing on this website within the meaning of the GDPR is the controller. This is the natural or legal person who alone or jointly with others determines the purposes and means of processing personal data. You can contact the controller at: GIH Solar UG (limited liability), Eichenstraße 10, 85402 Kranzberg, Email: gihsolar.ug@gmail.com
2.4 General processing of data on this website As already noted, certain data (e.g., IP address) is collected automatically. This data is mainly required for the technical provision of the website. If we use personal data beyond that or collect additional data, we will inform you accordingly and/or request your consent. Other personal data is provided by you knowingly. Detailed information is provided below.
2.5 Your rights The GDPR grants you extensive rights. These include, for example, the right to free information about the origin, recipient, and purpose of your stored personal data. You also have the right to request correction, restriction, or deletion of this data, or to lodge a complaint with the competent data protection supervisory authority. You can revoke any consent you have given at any time. Details of these rights and how to exercise them can be found in the final section of this privacy policy.
2.6 Data protection – our perspective For us, data protection is more than an annoying obligation. Personal data has great value, and careful handling should be a matter of course in our digitalized world. You as a website visitor should also be able to decide what happens to your data, when, and by whom. Therefore, we commit to complying with all legal provisions, collecting only the data we truly need, and treating it confidentially.
2.7 Disclosure and deletion Disclosure and deletion of data are important and sensitive topics. Data will only be disclosed on a legal basis and only if unavoidable. This may be the case, in particular, where a processor is involved and a data processing agreement pursuant to Art. 28 GDPR has been concluded. We delete your data when the purpose and legal basis for processing no longer apply and there are no statutory retention obligations. Art. 17 GDPR provides a good overview. Please refer to this privacy policy for further information and contact the controller with specific questions.
2.8 Hosting This website is hosted externally. The personal data collected on this website is stored on the host’s servers. This includes automatically collected and stored log files (see below) and any other data that website visitors provide. External hosting serves the purpose of providing our website securely, quickly, and reliably and thereby fulfilling our contractual obligations towards potential and existing customers. The legal basis is Art. 6(1)(a), (b) and (f) GDPR, as well as Section 25(1) TTDSG, insofar as consent covers the storage of cookies or access to information on the visitor’s/user’s device within the meaning of the TTDSG. Our host processes only the data necessary to fulfil its service obligations and acts as our processor, i.e., it is subject to our instructions. We have concluded a corresponding data processing agreement with our host. We use the following host: Smoobu.
2.9 Legal bases Processing personal data always requires a legal basis. Art. 6(1) sentence 1 GDPR provides the following options: a) consent; b) contract performance / pre-contractual measures; c) legal obligation; d) protection of vital interests; e) task carried out in the public interest / official authority; f) legitimate interests, provided the interests or fundamental rights and freedoms of the data subject do not override them (especially if the data subject is a child). In the following sections, we will specify the applicable legal basis for each processing activity.
3. What happens on our website
When you visit our website, we process your personal data. To protect this data as best as possible against unauthorized access by third parties, we use SSL/TLS encryption. You can recognize an encrypted connection by “https://” or a lock symbol in your browser’s address bar. Below you will learn which data is collected when visiting our website, for what purpose, and on which legal basis.
3.1 Data collection when accessing the website When you access the website, information is automatically stored in so-called server log files. This includes: browser type and version, operating system used, referrer URL, hostname of the accessing computer, time of the server request, IP address. This data is temporarily required to ensure that we can display our website continuously and without issues. In particular, it serves the following purposes: website system security, website system stability, troubleshooting, establishing a connection to the website, displaying the website. Processing is carried out pursuant to Art. 6(1)(f) GDPR based on our legitimate interest, especially in the functionality and security of the website. Where possible, this data is stored in pseudonymized form and deleted once the purpose has been achieved. If the log files allow identification of the data subject, the data is stored for a maximum period of 14 days, unless a security-related event occurs. In such a case, log files are stored until the event has been resolved and fully clarified. No merging with other data takes place.
3.2 Cookies
3.2.1 General This website uses cookies. Cookies are data records stored in your device’s browser and related to our website. Cookies help, in particular, to make website navigation easier.
3.2.2 Rejecting cookies You can prevent cookies from being set by adjusting your browser settings. Here are links for commonly used browsers: Mozilla Firefox: https://support.mozilla.org/de/kb/cookies-und-website-daten-in-fir efox-loschen?redirectslug=Cookies+|%C 3%B6schen&redirectlocale=de Google Chrome: https://support.google.c om/chrome/answer/95647?co=GENIE.P atform%3DDesktop&hl=de Microsoft Edge: https://support.microsoft . com/de-de/windows/|%C3%B6schen-un d-verwalten-von-cookies-168dab 11-0753-043d-7c16-ede5947fc64d Safari: https://support.apple.com/de-de/g uide/mdm/mdmf7d5714d4/web and https://support.apple.com/de-de/guide/safari/ sfri11471/Mac. If you use another browser, we recommend searching for “delete and manage cookies” along with the browser name and using the official link. Alternatively, you can manage cookie settings at www.aboutads.info/choices/ or www.youronlinechoices.com . Please note that comprehensive blocking/deleting of cookies may impair website functionality.
3.2.3 Technically necessary cookies We use technically necessary cookies to ensure our website functions properly and in compliance with applicable laws. They help to make the website user-friendly. Certain functions cannot be displayed without cookies. Depending on the case, the legal basis is Art. 6(1)(b), (c) and/or (f) GDPR.
3.2.4 Technically non-necessary cookies We also use cookies that are not technically necessary. These cookies may be used to analyze browsing behavior or provide optional website functions. The legal basis is your consent pursuant to Art. 6(1)(a) GDPR. Such cookies are set only with your consent, which you can revoke at any time via the cookie consent tool.
3.3 Data processing through user input
3.3.1 Collection of data by us We offer the following service(s) on our website: rental/accommodation services. For this purpose, we collect the following data: name, email address, address, phone number. The legal basis is Art. 6(1)(b) GDPR. Data will be deleted once the purpose no longer applies and deletion is permissible under statutory requirements.
3.3.2 Contacting us
a) Email: If you contact us by email, we process your email address and any other data contained in the email. This data is stored on the mail server and partially on the respective end devices. Depending on the matter, the legal basis is generally Art. 6(1)(f) GDPR or Art. 6(1)(b) GDPR. Data will be deleted once the purpose no longer applies and deletion is permissible under statutory requirements.
b) Telephone: If you contact us by telephone, call data may be stored pseudonymously on the end device and by the telecommunications provider. Personal data collected during the call is processed solely to handle your request. Depending on the matter, the legal basis is generally Art. 6(1)(f) GDPR or Art. 6(1)(b) GDPR. Data will be deleted once the purpose no longer applies and deletion is permissible under statutory requirements.
c) Appointment scheduling tool (MEDIFOX DAN): We integrate functions of MEDIFOX DAN on our website. This service is provided by MEDIFOX DAN GmbH, Junkersstraße 1, 31137 Hildesheim, Germany. For the purpose of scheduling appointments, the following personal data is requested and entered: name, email address, telephone number, appointment time, and topic. The data is used for planning, conducting, and possibly follow-up of the appointment. The MEDIFOX DAN scheduling tool uses modern security measures to protect data during transmission and storage. All data is transmitted in encrypted form and stored securely. The personal data is used exclusively for appointment scheduling and is not disclosed to third parties without explicit consent, unless there is a legal obligation to do so. Processing is based on consent pursuant to Art. 6(1)(a) GDPR and on pre-contractual measures pursuant to Art. 6(1)(b) GDPR. Further information: https://www.medifoxdan.de/datenschutz/ . Smoobu www.smoobu.com
3.4 Website builder system
3.4.1 Smoobu www.smoobu.com
3.5 Mailing service
3.5.1 Smoobu www.smoobu.com
3.6 Social media profiles In addition to our website, we are also present on social networks. We use these platforms to present our company and to provide a way to contact us. We also use social media to place advertisements and job postings. Below we explain which data we and the respective social network process when you visit and interact with our profiles.
3.7 Instagram We operate an Instagram profile. This social media platform is provided by Meta Platforms Ireland Limited, 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland.
3.7.1 Interaction with our business profile When you visit our Instagram profile and interact with it, we process personal data. This includes publicly available profile information as well as personal data contained in posts, comments, or direct messages to us. Interactions such as likes or shares may allow us to view user profiles along with public information. The legal basis is Art. 6(1)(f) GDPR (legitimate interest in providing relevant content and enabling use and functionality of our Instagram profile). If a request relates to contract fulfilment or pre-contractual measures, processing is based on Art. 6(1)(b) GDPR.
3.7.2 Insights As explained in Meta’s privacy policy under “How do we use your information?” (https://privacycenter.instagram.com/policy/?entry_point=ig_help_center_data_policy_redirect ), Meta collects and uses information to provide analytics services (“Insights”) to page operators. This also applies to our Instagram profile. Insights are aggregated statistics created based on certain interactions by visitors with pages and related content, and logged by Meta servers. This includes, among other things: how many people see and interact with our content (posts, videos, ads, shops, etc.); how people interact with our content, websites, apps, and services; which groups of people interact with our content or use our services. Meta provides us with aggregated reports and insights, but we do not receive access to personal data—only aggregated reports. We can apply settings/filters for a certain period, specific posts, or demographic groupings. This data is anonymized; we cannot draw conclusions about individual persons. Processing serves the purpose of analyzing reach and adapting content and ads to user interests. The legal basis is Art. 6(1)(f) GDPR. Regarding the processing of personal data in the context of Insights, processing is carried out under joint controllership with Meta pursuant to Art. 26(1) GDPR. A corresponding agreement can be viewed here: https://www.facebook.com/legal/terms/page_controller_addendum . Meta contact details: Online contact: https://www.facebook.com/help/contact/1650115808681298 . By post: Meta Platforms Ireland Limited, ATTN: Privacy Operations, Merrion Road, Dublin 4, D04 X2K5, Ireland. For Facebook, you can contact the data protection officer here: https://www.facebook.com/help/contact/540977946302970 . More information about Insights: https://de-de.facebook.com/help/pages/insights . Instagram’s full privacy policy: https://privacycenter.instagram.com/policy
3.7.3 Processing of personal data and cookies by Meta When accessing an Instagram page, the IP address assigned to your device is transmitted to Meta. According to Meta, this IP address is anonymized (for “German” IP addresses). Meta also stores information about users’ devices (e.g., “login notification” function), which may allow Meta to assign IP addresses to individual users. If you are logged in to Instagram, a cookie containing your Instagram ID is stored on your device. This enables Meta to track that you visited this page and how you used it. Meta buttons embedded on websites allow Meta to record your visits to those websites and associate them with your Instagram profile. This data can then be used to offer tailored content or advertising. Further information: https://privacycenter.instagram.com/policy/?entry_point=ig_help_center_data_policy_redirect .
4. Additional important information
Finally, we would like to inform you comprehensively about your rights and how you will be informed about changes to data protection requirements.
4.1 Your rights in detail
4.1.1 Right of access (Art. 15 GDPR): You may request information on whether personal data relating to you is being processed. If so, you may request further information regarding the manner of processing. A detailed list can be found in Art. 15(1)(a)–(h) GDPR.
4.1.2 Right to rectification (Art. 16 GDPR): This includes the rectification of inaccurate data and the completion of incomplete personal data.
4.1.3 Right to erasure (Art. 17 GDPR): This “right to be forgotten” gives you the right, under certain conditions, to request erasure of personal data by the controller. This generally applies if the purpose of processing no longer exists, consent has been withdrawn, or processing was carried out without a legal basis. A detailed list of reasons can be found in Art. 17(1)(a)–(f) GDPR. This right also corresponds with the controller’s obligation under Art. 17(2) GDPR to take appropriate measures to ensure general erasure.
4.1.4 Right to restriction of processing (Art. 18 GDPR): This right is subject to the conditions set out in Art. 18(1)(a)–(d) GDPR.
4.1.5 Right to data portability (Art. 20 GDPR): You have the right to receive your data in a commonly used format and to transmit it to another controller. This applies only to data processed on the basis of consent or a contract (Art. 20(1)(a) and (b) GDPR) and insofar as technically feasible.
4.1.6 Right to object (Art. 21 GDPR): You may object to the processing of your personal data, in particular if your interest in objecting outweighs the controller’s legitimate interest, and especially where processing relates to direct marketing and/or profiling.
4.1.7 Right not to be subject to automated decision-making (Art. 22 GDPR): You have the right not to be subject to a decision based solely on automated processing (including profiling) which produces legal effects concerning you or similarly significantly affects you. This right is subject to limitations and supplements in Art. 22(2) GDPR.
4.1.8 Further rights: The GDPR includes extensive rights regarding the notification of third parties about the exercise of rights under Art. 16, 17, 18 GDPR, insofar as possible or feasible with reasonable effort. We also remind you of your right to withdraw consent (Art. 7(3) GDPR). Withdrawal does not affect the lawfulness of processing carried out up to that point. We also refer to your rights under Sections 32 et seq. BDSG, which largely correspond to the rights described above.
4.1.9 Right to lodge a complaint (Art. 77 GDPR): You have the right to lodge a complaint with a data protection supervisory authority if you believe that the processing of personal data relating to you violates the GDPR.
5. What if the GDPR is abolished tomorrow or other changes occur?
The current version of this privacy policy is 03 February 2026. From time to time, it may be necessary to amend the privacy policy in order to respond to actual and legal changes. We therefore reserve the right to change this privacy policy at any time. We will publish the amended version in the same place and recommend that you review the privacy policy regularly.