profileSOLAR.com Data Protection Goals

At profileSOLAR.com, we understand the importance of protecting your personal data and ensuring its security. As a trusted platform in the solar energy industry, our primary goal is to maintain a strong foundation of trust with our users. To achieve this, we have established clear Data Protection Goals that guide all aspects of how we handle your personal information on our website. The following section outlines these goals, demonstrating our commitment to maintaining the highest standards of privacy and data protection for every user who interacts with profileSOLAR.com. We encourage you to read this section carefully to gain insight into our dedication towards safeguarding your personal information and fostering a secure online environment.

Our Data Protection Goals at profileSOLAR.com are to:

• Deliver a safe user experience
• Deliver a private user experience
• Protect the integrity of the information database(s)
• Ensure users are aware of all data collected
• Ensure users always explicitly consent to how their personal data is used
• Ensure compliance with the European General Data Protection Regulation (GDPR) and Data protection Act (DPA) 2018

About profileSOLAR

The founder of profileSOLAR consulting services is Aaron Robinson. Aaron Robinson is a registered Freelancer in Germany and is the responsible party for the software and for the profileSOLAR.com website and profileSOLAR consulting services.

profileSOLAR provides consulting services and develops software, to help commercial sites around the world figure out the viability of installing solar PV.

Consent

By utilizing our website, you provide your consent to our Privacy & Data Protection Policy and affirm your agreement with its terms and conditions.

Contacting profileSOLAR

Your privacy is important to us. It is profileSOLAR's policy to respect your privacy regarding any information we may collect from you across our website, https://profilesolar.com.

If you have a privacy concern or complaint, please contact us in writing at this address:

Or, email: [email protected]

We can also be reached by phone, please see our Impressum for details.

Security Policy

At profileSOLAR, we value the privacy and security of our users' personal information. As part of our ongoing commitment to safeguard your data, we have implemented a comprehensive Security Policy which outlines the measures we take to protect your information from unauthorized access, disclosure, alteration, or destruction. The following section details the key elements of our Security Policy designed to uphold the highest standards in maintaining a secure environment for all users on our website. Please read this section carefully to understand how we strive to ensure the safety and confidentiality of your personal data at all times.

Cookie Policy: Essential Cookies Only

We pledge to only use Cookies essential for us to deliver the profileSOLAR.com website experience to you. We aim to provide full transparency, so that you can make an informed decision about your consent and using the profileSOLAR.com website. We respect your privacy and are happy for you to reach out to us with any questions or concerns.

• profileSOLAR.com
• Session Cookies
• Google (google.com, www.google.com, doubleclick.net, youtube.com)
• Cookies essential to delivering a secure experience (e.g. reCAPTCHA to protect form submissions)
• Cookies required to display YouTube video(s) explaining profileSOLAR services

Note: Acceptance of our Cookies Policy was recorded for your ip address: 18.224.58.24 at 2024-05-17 04:51:50 on this browser. Options: Revoke.

Commitment to Continuous Improvement

We are committed to continually improving our data protection capabilities. To this end, we regularly review our software and test for any vulnerabilities and/or other potential problems; comparing our practices to up-to-date industry practices and the technologies we employ with any newer technologies which may become available over time.

If you notice anything that may help us improve our data protection capabilities, please write to us directly on the details below, email us, or message us via LinkedIn.

Email: [email protected]

Types of data stored

All data that can reasonably be kept encrypted without impacting app performance is kept encrypted. Authentication data is always encrypted.

Essential data to deliver regular visitor experience

Data stored for a maximum of 1 month

• IP Address
• The closest location listed on profileSOLAR.com to where you are visiting from (to provide you with more relevant information)
• Time and date of page requests
• Session information

Data stored for a maximum of 6 months

• IP Address
• Consent to Cookies

Essential data to deliver the profileSOLAR SaaS application to an authenticated user

• IP Address
• User Contact & Billing Information (Stripe)
  • Name
  • Email Address
  • Address
  • Phone Number
  • Invoice Details
• User Authentication Information
  • Username
  • Password
• Interval / Metering Data (supplied by user)
• Solar PV project site address and/or latitude/longitude (supplied by user)
• Time and date of page requests
• Session information

How we use your information

We utilize the collected information for multiple purposes, such as:

• Providing, operating, and maintaining profileSOLAR.com
• Enhancing, customizing, and broadening the scope of profileSOLAR.com
• Comprehending and examining your usage of profileSOLAR.com
• Creating new products, services, features, and functionalities
• Communicating with you directly or via our partners for customer support, updates on website-related information, as well as marketing and promotional initiatives
• Delivering emails to you
• Detecting and preventing fraudulent activities

Existing technical and organisational measures (TOM)

Wherever appropriate within reasonable constraints of implementation costs & time, TOM will be reviewed and enhanced to deliver better data protection to the user.

Guideline for the rights of data subjects

profileSOLAR respects the rights of data subjects. Authenticated users of the profileSOLAR SaaS application will be provided with a section within the app to manage their own personal data.

If you are not an authenticated user of profileSOLAR, you can still make a request if we have retained pesonal data of yours, per below.

We want to ensure that you are fully informed about your data protection rights. As a user, you have the following entitlements:

1. Access right - You can request copies of your personal data, and we will only charge a nominal fee for this service if it is manifestly unfounded or excessive, or if an individual requests further copies of their data.
2. Right to rectification - If you believe any information is incorrect, you can ask us to correct it. Similarly, if you think information is incomplete, you can request its completion.
3. Right to erasure - Under specific conditions, you can ask for your personal data to be deleted.
4. Right to restrict processing - In certain circumstances, you can request limitations on the processing of your personal data.
5. Right to object to processing - Under specific conditions, you have the right to oppose our processing of your personal data.
6. Right to data portability - You can ask us to transfer the collected information either directly or through another organization under certain circumstances.

We will respond within one month upon receiving a request from you. To exercise any of these rights, please get in touch with us.

Communication security

profileSOLAR.com employs a valid SSL (Secure Sockets Layer) Certificate and operates over HTTPS (Hyper Text Transfer Protocol Secure) to guarantee the safe encryption of data transmitted during regular use of the application. SSL Certificates are digital certificates that authenticate a website's identity, ensuring users that their information is being sent to the intended server. HTTPS is an internet communication protocol that protects the integrity and confidentiality of data between a user's computer and the site they're visiting by encrypting data in transit.

Please be aware that profileSOLAR will never request personal information via email.

CSP (Content Security Policy) Enforced

To enhance security and establish trust for end-users, profileSOLAR.com enforces a stringent CSP (Content Security Policy). A CSP is a security feature implemented by web browsers to help prevent cross-site scripting (XSS), code injection attacks, and other web-based threats by defining approved sources of content. This policy upholds high safety standards while promoting user confidence in our platform.

WAF (Web Application Firewall) Deployed

At profileSOLAR, we take data security seriously. To ensure the protection of our customers' data, we have implemented a Web Application Firewall (WAF). This WAF offers protection against malicious attacks and helps safeguard confidential information.

The WAF operates as an additional layer of defense against malicious traffic and automated attacks on our website, such as SQL injection attempts, cross-site scripting (XSS), directory traversal attempts, malicious bots, and much more. It is constantly monitoring for suspicious activity and blocking any requests that could potentially harm your data or interfere with the normal operation of our systems.

We strive to provide you with a secure online experience when accessing profileSOLAR services.

Two-Factor Authentication (2FA)

At profileSOLAR.com, we implement two-factor authentication for every login to enhance security. All login attempts and access activities on our website are systematically recorded and monitored.

Two-factor authentication (2FA) is a security measure that requires users to provide two separate forms of identification in order to access an account, service, or system. This additional layer of security helps protect sensitive information and minimize the risk of unauthorized access.

Two-factor authentication adds an extra line of defense against potential cyber threats and is essential for protecting personal information and maintaining the overall security of online accounts and services.

Upon each login attempt, we will create a distinct 2FA code and deliver it to your registered email address. To authenticate your identity and finalize the login process, simply copy and paste the provided code into the designated prompt.

Privacy and protection of personal information

profileSOLAR services are always designed around privacy and protection of personal information. Multiple safeguards are put in place to help protect your personal data.

EU Data Hosting Location

Our hosting partner Hostinger, securely hosts our website in their Netherlands data center.

Data Transmission via NASA POWER API

We are immensely appreciative of the opportunity to access data from the NASA POWER (The Prediction of Worldwide Energy Resources) API.

Please note: Our utilization of data from the NASA POWER API does not imply any endorsement by NASA regarding our products or services.

NASA is a registered trademark belonging to the National Aeronautics and Space Administration in the United States of America.

To procure data from the NASA POWER API, we solely transmit latitude and longitude coordinates, our unique API key, and specific parameters for requested information. We do not share any of your personal information with NASA when obtaining solar and meteorological data corresponding to a set of coordinates.

For more details, kindly refer to our Policy on Sharing User Data with Third Parties provided below.

Policy on Sharing User Data with Third Parties

Unless explicitly requested and accepted by the user, profileSOLAR will never transmit or sell any personal user data to any third party.