Book a demo
We, ison GmbH (hereafter referred to as “ison”), take the protection of your personal data seriously and strictly adhere to the legal provisions of the relevant data protection laws, in particular the European General Data Protection Regulation (GDPR).
The information on this page covers the offers and services of ison and its partner companies, including all products, services and digital services such as websites, online order processes, apps and social media profiles where personal data is processed.
1. Controller
The controller responsible for processing your personal data is:
ison GmbH, Klostertor 1, 20097 Hamburg
E-mail: contact@ison-energy.com
You can contact our data protection officer at the above postal address with the addition “To the data protection officer” or at the e-mail address datenschutz@lichtblick.de.
2.1. Purpose and nature of the processing of personal data
We process your data in order to manage the contractual relationships between you, our partners and us and to be able to provide you with tailored contract offers. The collection of data is carried out in particular for:
We always make sure that we only process the personal data that is absolutely necessary. This includes data such as your name, address, contact details, meter number and market location number, information about PV systems, wallboxes, batteries, smart meters or other energy-related consumption data, as well as payment data, so that we can provide you with the services and products you want.
The collection of data that is not absolutely necessary but in which we are interested is only optional and, if necessary, based on your consent or our legitimate interest. If you would like to receive our newsletter or advertising, you can register with your e-mail address, for example. Of course, you can revoke your consent at any time or object to our processing.
2.2. etracker
We use services provided by etracker GmbH, Hamburg, Germany (www.etracker.com) to analyze usage data. We do not use cookies for web analysis by default. The data generated by etracker is processed and stored exclusively in Germany on behalf of the provider of this website.
Data processing is carried out on the basis of the legal provisions of Art. 6 para. 1 sentence 1 lit. f GDPR. Our legitimate interest lies in the optimization of our online offering and our website. Since the privacy of our visitors is important to us, data that may allow a connection to an individual person, such as IP addresses, login or device IDs, are anonymized or pseudonymized as soon as possible. No other use, merging with other data, or transfer to third parties takes place.
4. Duration of data storage
In principle, we delete your data as soon as it is no longer required for the above-mentioned purposes. Unless temporary storage is still necessary. For example, we store your data due to legal obligations to provide evidence and retention requirements, which arise, among other things, from the German Commercial Code and the German Fiscal Code. The storage periods are then up to ten full years. In addition, we store your data for the period in which claims can be asserted against our company (statutory limitation period of three to 30 years).
5. Data security and transmission
Your personal data is transmitted securely encrypted by us. We use the SSL (Secure Socket Layer) coding system for this. You can recognize an encrypted connection by the fact that the address line of the browser changes from “http://” to “https://” and a lock symbol is displayed in your browser line. Furthermore, we secure our websites and other systems through technical and organizational measures against loss, destruction, access, modification or dissemination of your data by unauthorized persons. ison may also transfer personal data to service providers that are based outside the European Union and the European Economic Area (“third country”). Such a transfer only takes place to the extent permitted by law, for example on the basis of your consent, an adequacy decision or other suitable guarantees in accordance with Art. 46 ff. DSGVO. A copy of the standard contractual clauses prescribed by the EU Commission can be found on the Internet at: https://eur-lex.europa.eu. Our service providers in third countries process the data in accordance with our instructions and are contractually bound. As part of the administration, development and operation of IT systems, we transfer personal data to service providers based outside the European Union and the European Economic Area (“third country”). We use IT service providers for our server infrastructure, to conduct surveys, to process requests via social media channels and to process certain payment methods (credit card, PayPal), which transfer data to the USA, Australia, Switzerland and the United Kingdom. The European Commission has issued an adequacy decision for the United Kingdom and Switzerland. When data is transferred to the USA, Australia or other third countries, we ensure the necessary level of data protection with suitable guarantees (so-called standard contractual clauses) within the meaning of Art. 46 GDPR. In addition, we try to prevent such transfers if possible. For example, server locations within the EU are preferred and access from third countries is restricted by additional technical and organizational measures. In addition, we ensure that our service providers also comply with these measures and requirements when using sub-service providers to process personal data.
6. Rights of data subjects
Within the framework of the applicable legal provisions, you have the right to request information free of charge and at any time about your stored personal data, its origin, the recipients and the purpose of the data processing and, if applicable, a right to correct, block or delete this data.
You may also have the right to restrict the processing of your data and the right to have the data you have provided released in a structured, common and machine-readable format.
If you have given us permission to process personal data for specific purposes, you can revoke your permission at any time with effect for the future. You can object to the processing of your data for direct marketing purposes. You can also object to the use of your data for market and opinion research at any time, either in whole or for specific measures.
If we process your data to protect legitimate interests, you can object to this processing for reasons arising from your particular situation.
You can contact us at any time with questions about this or any other data protection issues at datenschutz@lichtblick.de.
You also have the right to contact a data protection supervisory authority (right of appeal). The authority responsible for us is: The Hamburg Commissioner for Data Protection and Freedom of Information, Ludwig-Erhard-Straße 22, 20459 Hamburg.
April 2025 | Version: DSH_ONL_ISON_002
