Privacy Policy
SunMoney Solar Group, SunMoney Solar FZ LLE (License No: 4350/2014, address: P.O. Box: 4422, Creative Tower, Fujairah, UAE) (hereinafter referred to as SunMoney or Data Manager) as the data manager acting under the trademark SunMoney acknowledges the provisions of this Privacy Policy as binding for itself. SunMoney undertakes to manage and process data in accordance with this Policy and the existing laws.
The purpose of this Policy is to define the management, processing and security of the data transmitted to SunMoney.
This Privacy Policy is applicable to all data managed by SunMoney and to all persons connected to SunMoney who manage data.
The terms written in capitals in this Privacy Policy shall have the meaning ascribed to them in the Standard Service Policy of SunMoney and in this Privacy Policy which documents are learned by both parties.
1. Definitions
“Consent” means the voluntary and direct expression of the Partner’s will which is based on suitable information and with which it gives its unmistakeable consent to the – all-inclusive or to partial (including some operations) – management of the Personal Data;
Data Management” means any and all operations executed over the data with no respect to the applied method, especially but not limited to data collection, recording, systemisation, storage, change, use, getting, transmission, disclosure to the public, coordination or connection, lock-up, deletion and destroy, and preventing data’s further usage, making photographic or audio records and records of physical features that are suitable to identify a person;
“Data Manager” means SunMoney that individually or jointly with others defines the purpose and the method of Data Management and makes the decisions regarding the Data Management and executes such decesions or makes the Data Processor execute them;
“Data Processing” means the execution of technical tasks in connection with data processing, irrespectively to the the applied method or tool and the place of the application provided that the technical tasks are performed over the data;
“Data Processor” means such individual or legal person, or organisation having no legal personality that processes data based on a contract concluded with SunMoney, including also the contract concluded based on the provision of the laws.
“Data Recipient” means the data manager who receives the Personal Data;
“Data Transmission” means making available the data to a definite third person;
“Database” means all data managed in one record;
“Partner” means any person identified or – directly or indirectly – identifiable based on any Personal Data;
“Personal Data” means any data that can be connected to the Partner; especially the Partner’s name, identification code, and knowledge of one or more physical, physiological, mental, economic, cultural, or social identity characteristic of the Partner; and the conclusion regarding the Partner that can be derived from the data.
“Privacy Policy” means this Privacy Policy
“Third Person” means such individual or legal person, or organisation with no legal personality that is not identical with the Partner, the Data Manager or the Data Processor.
2. Data Management Principles
2.1. SunMoney manages the Personal Data only for defined, expressed and legal reason, for the purpose of exercising rights or fulfilling obligations.
2.2. SunMoney records and manages the Personal Data according to the principles of fairness and legality. SunMoney ensures during the Data Management that the Personal Data are accurate, full and up-to-date and also that the Partner may only be identified the period necessary for the purpose of the Data Management. SunMoney ensures that it will comply with the purpose of the Data Management in any and all sequence of the Data Management, the Personal Data are adequate, relevant and not beyond measure in respect of the purpose of their further processing. SunMoney performs all necessary actions to delete or correct false or incomplete Personal Data, taking into account the purpose of their collection and further processing.
2.3. SunMoney manages only such Personal Data which are necessary for the purpose of the Data Management and suitable for achieving the purpose of the Data Management. SunMoney manages the Personal Data only for the extent and period necessary to achieve the purpose. The Personal Data are stored in such form that enables the identification of the Partners only until the period necessary to achieve the purpose of the collection and further processing of the Personal Data.
3. Legal Basis of Data Management
3.1. SunMoney manages the Partner’s Personal Data with the Consent of the Partner according to this Privacy Policy.
3.2. The Data Manager manages the Personal Data without expressed Consent and after the withdrawal of the Partner’s Consent – in the absence of any deviating legal provision – for the purpose of fulfilling the legal obligation applicable to the Data Manager or for enforcing the lawful interest of the Data Manager – if the enforcement of such interest is proportional to the limitation of the right of the protection of the Personal Data.
4. Requirement of Data Security
4.1. The Data Manager plans and executes the data management tasks in a way that ensures the security of the Partner’s private sphere.
4.2. In their activity the Data Manager and the Data Processor ensure the security of the Personal Data. The Data Manager performs such technical and organizational tasks and works out such procedures which guarantee the data security. The Data Manager and the Data Processor perform adequate actions to especially protect the Personal Data against unauthorized access, change, transmission, public disclosure, deletion or destroy, and accidental perishing and damage and inaccessibility deriving from the change of the applied technics.
4.3. In the interest of securing the databases managed electronically in separate records, the Data Manager ensures by the application of an adequate technical solution that the Personal Data may not be linkable and assignable to the Partners, except if the laws enable.
4.4. During the automatic processing of the Personal Data, the Data Manager and the Data Processor ensure by further actions:
a, the prevention of unauthorized data input;
b, the prevention of the usage of automatic data processing systems by unauthorized persons with the assistance of data transmission devices;
c, the controllability and definability of the fact to which organisations the Personal Data were transmitted or may be transmitted by the application of a data transmission device;
d, the controllability and definability of the fact which Personal Data, when and by whom were put into the automatic data processing systems;
e, the restorability of the installed system in case of malfunction;
f, the preparation of a report about the upcoming errors during the automatic processing.
The Data Manager and the Data Processor consider the state of development of the technology when defining and applying the actions serving the security of the Personal Data. They choose a method from the available data management methods that ensures the higher level security of the Personal Data, except if it would cause disproportionate difficulties to the Data Manager.
5. Data Transmission to Authorities
The Data Manager transmits the Personal Data managed by the Data Manager to the authorities based on and in accordance with the content of their request. The Data Manager transmits the necessary Personal Data in accordance with the authority’s request in order to fulfil its legal obligation.
6. Data Transmission Abroad
6.1. The Personal Data may only be transmitted to a Third Country for a purpose, with the conditions and in the data circle stipulated in the laws.
7. Limits of Data Management
7.1. If based on the provision of a statute, international agreement the Data Manager receives Personal Data in such way that the transmitting Data Manager indicates simultaneously with the data transmission
a, the possible purpose of management of the Personal Data;
b, the possible period of the management of the Personal Data;
c, the possible recipients of the transmission of the Personal Data
d, the limitation of the Partner’s rights ensured by law; or
e, other limitation of the management of the Personal Data (“Limitation of Data Management”), then the Data Recipient manages the Personal Data in accordance with the extent and method set forth in the Limitation of Data Management and ensures the Partner’s rights in accordance with the Limitation of Data Management.
7.2. The Data Manager notifies the Data Recipient about the applicable Limitation of Data Management simultaneously with the transmission of the Personal Data.
7.3. The Data Manager notifies the Data Recipient about the applicable Limitation of Data Management simultaneously with the transmission of the Personal Data.
8. Data Processing
8.1. The Data Processor’s rights and obligations connected to processing of the Personal Data are determined by the Data Manager. The Data Manager is liable for the legality of the instructions given by the Data Manager.
8.2. The Data Processor cannot make any material decision concerning the Data Management, may only use the received Personal Data in accordance with the instructions of the Data Manager, may not process any data for its own purpose. Further, the Data Processor shall store and keep the Personal Data according to the Data Manager’s instructions.
8.3. SunMoney concludes a written contract with the Data Processor. SunMoney does not mandate an organisation with data processing that is interested in business activity using the Personal Data to be processed.
9. Partners’ Rights and the Enforcement of the Partners’ Rights
9.1. The Partner may request from the Data Manager that the Data Manager
a, informs the Partner about the management of his Personal Data;
b, corrects his Personal Data;
c, deletes or locks his Personal Data with the exception of the mandatory data management.
9.2. To the request of the Partner, the Data Manager informs the Partner about the data of the Partner managed by the Data Manager and the Personal Data of the Partner managed by the Data Manager or processed by the Data Processor mandated by the Data Manager, the source of such, the purpose of the Data Management, its legal basis, period, the name and address of the Data Processor and its activity in connection with the Data Management, further – in case of the transmission of the Personal Data of the Partner – about the legal basis and addressee of the Data Transmission. The Data Manager provides information in writing to the Partner on the request of the Partner within 30 days from the receipt of such request. This information is free of charge.
9.3. The Data Manager keeps data transmission record for the purpose of the control of the legality of the Data Transmission and the information of the Partner which contains the date of the transmission of the Personal Data managed by the Data Manager, the legal basis and addressee of the Data Transmission, the determination of the transmitted Personal Data, and any other data determined by the laws regarding Data Management. The Personal Data recorded in the data transmission record are kept for a period of 5 years.
9.4. The Data Manager denies to inform the Partner only in the following cases:
a, for the purpose of the protection of the Partner’s rights in accordance with the Limitation of Data Management; or
b, for the purpose of the internal and external security of the state, such as national defence, national security, prevention or pursuit of criminal acts, the security of the enforcement of penalties, further from economic or financial purpose of the state or municipality, the material economic or financial purpose of the European Union and the disciplinary and ethical misdemeanour in connection with the practice of professions, for the purpose of the prevention and revelation of labour law and labour protection obligations, including in all cases the control and supervision, further for the purpose of the protection of the Partner’s or someone else’s rights.
9.5. In case the provision of information to the Partner is denied, the Data Manager notifies the Partner in writing based on which point of Section 9.4 was the provision of information denied. In case the provision of information to the Partner is denied, the Data Manager notifies the Partner about the possibilities for remedy.
9.6. If the Personal Data are not correct and the Data Manager has the correct Personal Data, the Data Manager corrects the Personal Data.
9.7. The Data Manager deletes the Personal Data if
a, their management is unlawful;
b, the Partner requests its deletion pursuant to Section 9.1 of this Privacy Policy;
c, they are incomplete or false – and this status cannot be cured lawfully – provided that the deletion is not forbidden by law;
d, the purpose of the Data Management terminated or the storage period of the data
expired;
e, the court or the competent authority ordered it.
9.8. The Data Manager locks the Personal Data instead of the deletion if the Partner requests so or if according to the available information, it can be assumed that the deletion would harm the legitimate interests of the Partner. The Personal Data locked this way may only be managed as long as the purpose of the data management exists which excludes the deletion of the Personal Data.
9.9. The Data Manager marks the Personal Data managed by the Data Manager if the Partner argues its correctness or accuracy but the incorrectness or inaccuracy of the argued Personal Data cannot be unambiguously determined.
9.10. SunMoney notifies the Partner about the correction, lock-up, marking and deletion, and all persons to whom the Personal Data were transmitted for Data Processing. The notification can be omitted if its omission does not violate the Partner’s legitimate interest with respect to the purpose of the Data Management.
9.11. If the Data Manager does not fulfil the Partner’s request concerning the correction, lock-up or deletion of data, the Data Manager notifies the Partner in writing about the factual and legal reasons of the rejection of the request regarding the correction, lock-up or deletion within 30 days from the receipt of such request.
10 The Partner’s Objection to the Personal Data Management
10.1. The Partner may object to the management of his Personal Data,
a, if the management or transmission of the Personal Data are only necessary for fulfilling the legal obligation of the Data Manager or for the enforcement of the lawful interest of the Data Manager, Data Processor or Third Person, except for the case of mandatory data management;
b, if the Personal Data are used or transmitted for the purpose of direct business acquisition, option poll or scientific research; and
c, any other events determined by law.
10.2. The Data Manager investigates the objection within the shortest period of time after the submission of the request but at most within 15 days, decides whether it is confirmed and notifies the Partner in writing about the decision.
10.3. If the Data Manager establishes that the objection of the Partner was confirmed, the Data Manager terminates the Data Management – including also further data recording and transmission – and locks the Personal Data. It also informs all persons to whom the Data Manager earlier transmitted the Personal Data concerned with the objection and who shall make arrangements for the purpose of the enforcement of the objection right about the objection and the actions taken based on that.
10.4. The Partner may start a court procedure if the Partner does not agree with the decision of the Data Manager made according to Section 10.2 or if the Data Manager does not keep the deadline specified in Section 10.2.
11. Cookies, other Service Providers and Websites
11.1. During the use of a Website, SunMoney sends small-sized unique text information package (cookies) to the Partner’s browser program for the purpose of data recording, identifying the Partner and to ease the Partner’s future visits. The Partner can adjust in his browser used for browsing in the internet that he receives notification if SunMoney or other service providers wish to place cookies on his computer and may forbid cookies any time. However, if the cookies are not accepted some websites do not function properly and it may occur that the Partner does not obtain the right to access some data.
11.2. By visiting the Website, the Partner acknowledges and gives his Consent to SunMoney to send one or more cookies to the Partner’s computer during his visit on the Website so that the Partner’s browser will be uniquely identified. SunMoney sends these cookies to the Partner’s computer only in case of visiting some subpages, so SunMoney stores only the fact and period of the visit of the subpage and no further information.
11.3. SunMoney is entitled to enter into contracts occasionally with individuals or legal persons to complete tasks and provide services in its name (e.g. the system administrator tasks of the Website or its development, message sending tasks). If it is unavoidable that these persons learn Personal Data during the provision of their task, then SunMoney ensures that these persons act in accordance with data protection laws in force from time to time and this Privacy Policy.
11.4. The Website contains links pointing to other websites, the data management policy of which cannot be influenced by SunMoney. If you leave the Website by using these links, then the data management policy of the so visited website’s operator is applicable.
12. Enforcement, Compensation
12.1. The Partner can initiate a court procedure against the Data Manager in case of the violation of his rights. The Data Manager shall prove the lawfulness of the Data Management.
12.2. Anybody may initiate an investigation at the data protection authority of the United Arab Emirates with respect to the violation of rights or the direct danger of that at the below address:
12.3. The Data Manager compensates for the damage caused to someone else by unlawful management of the Partner’s Personal Data or the violation of the requirements for data protection. The Data Manager is liable for the damage caused by the Data Processor towards the Partner.
13. Data Manager
SunMoney Solar Group, trade as SunMoney Solar (License No: 4350/2014, address: P.O. Box: 4422, Creative Tower, Fujairah, UAE)
14. Data Processor
SunMoney Solar Group, trade as SunMoney Solar (License No: 4350/2014, address: P.O. Box: 4422, Creative Tower, Fujairah, UAE)
15. Data Management during the Registration into SunMoney
If the Partner registers as set forth in the Standard Service Policy, then the following provisions apply to the Data Management:
Purpose of the Data Management: SunMoney manages the Personal Data of the Partners to record the Partners, to send information material to the Partners in connection with the activity of SunMoney and – in case of separate, relevant Consent of the Partners – to send proposals regarding further services.
Legal Basis of the Data Management: The Data Management is based on the Partners’ Consent, the visitors of the Website provide the Personal Data voluntarily and by using the Website they give their Consent regarding the recording their navigation on the Website.
The Managed Personal Data: The Personal Data given by the Partners during the registration or under the menu “Change of Data” in the Weboffice.
Period of the Data Management: SunMoney manages the Partner’s Personal Data during the existence of the registration.
Persons Having Access to Personal Data: Persons mandated by the Data Manager with the Data Management.
16. Data Management in the Course of Entering into Contracts with SunMoney
If the Partner buys a Package as set forth in the Standard Service Policy and enters into contracts with SunMoney then the following provisions shall apply to the Data Management:
Purpose of the Data Management: SunMoney manages the Partners’ Personal Data for the purpose of fulfilling the contracts entered into with the Partners and for making payments to the Partners.
Legal Basis of the Data Management: The Data Management is based on the Partners’ Consent, the visitors of the Website provide the Personal Data voluntarily and by using the Website they give their Consent regarding the recording their navigation on the Website.
The Managed Personal Data: The Personal Data given by the Partners in the course of entering into contracts.
Period of the Data Management: Five years from the settlement following the termination of the legal relationship between the Partner and SunMoney.
Persons Having Access to Personal Data: Persons mandated by the Data Manager with the Data Management.
17. Data Transmission
The Data Manager does not undertake liability for the accuracy of the data provided by the Partners to the Data Manager.