1. Responsible body in the sense of data protection law

OPTENDA GmbH
Hasenbergstraße 49B
70176 Stuttgart

optenda@iqony.energy
www.optenda.com

---

2. Contact details of our data protection officer

STEAG GmbH
Corporate Data Protection Officer
Rüttenscheider Straße 1–3
45128 Essen
datenschutz@steag.com

---

3. Information on the collection and storage of data

In principle, you can visit our website without disclosing your identity. If you use certain functions/areas of our website, it may be necessary to provide or collect personal data depending on the circumstances. In the following, we will go into the details of the respective data processing.

Please note: Applications are to be submitted exclusively via our separate career portal. All applications received by other means will be deleted immediately.

---

4. Collection of personal data when using the website

(1) If you only use the website to obtain information and do not send us any further information (e.g. via the contact form), the following data is collected to help us display your website correctly and to ensure stability and security (Legal basis: Art. 6 para 1 lit. f) DSGVO):

• IP address
• Date and time of the request
• Time zone difference from Greenwich Mean Time (GMT)
• Content of the request (specific page)
• Access status/HTTP status code
• Amount of data transferred in each case
• Website from which the request came
• Browser
• Operating system and its interface
• Language and version of the browser software

(2) Information you have provided

If you use contact forms on our website, we process the data you provide for the purpose you specify in the contact form on the basis of your consent (legal basis Art. 6 para. 1 lit. a) DSGVO).

If you book an online meeting with us, our service provider bookingtime GmbH, Robert-Koch-Str. 26, 20249 Hamburg, Germany, will process the data you provide by transmitting it to us for the purpose you specified in the booking on the basis of your consent (legal basis Art. 6 para. 1 lit. a) DSGVO). We have concluded an order processing agreement with the provider.

We store information that you send to us via contact form or via online meeting request. The information provided is used for the purpose of processing your enquiry or order. We transfer your contact information to our customer database and store it for a maximum of one year after the last time you contacted us. In this respect, we refer to your right of withdrawal.

(3) Data confidentiality

Your personal data and other transmitted information will not be passed on to third parties unless we are legally obliged to do so.

---

5. Cookies

We also use cookies in some areas of our website. Cookies are small data elements that an internet server can send to your computer. Such cookies can identify your computer for the duration of your visit to our website or make it easier for you to use our internet pages. We do not use cookies to collect personal data.

Our website uses different types of cookies. Some cookies are placed by third parties that appear on our pages.

By law, we may store cookies on your device if they are strictly necessary for the operation of our website. For all other cookie types we need your consent.

When you first visit our website, you will be asked whether you wish to actively consent to the use of cookies.

(1) Google Ads and Conversion Tracking

We use Google Ads Conversion on our website to draw attention to our attractive offers with the help of advertising media (so-called Google Ads) on external websites. In doing so, we pursue the interest of tracking how successful the individual advertising measures are, to show you advertising that is of interest to you and to make our website more interesting for you. Google AdWords is a service provided by Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland.

Insofar as you click on a Google ad and accept third-party cookies within our cookie notice, a cookie is set for conversion tracking. We only process your data with your consent, Art. 6 para. 1 lit. a DSGVO.

Additional note on data transfer to the USA: By selecting “Google Ads”, you also expressly consent in accordance with Art. 49 (1) sentence 1 lit. a DSGVO that your data collected by Google may also be transmitted to Google servers in the USA. The USA has been classified by the European Court of Justice (ECJ) as a country with a possibly insufficient level of data protection according to EU standards.

You can revoke your consent at any time with effect for the future by changing your cookie setting accordingly or deleting the cookies on your computer. You also have the option to activate or deactivate by installing the plug-in provided by Google under this link.

How it works: The ads are delivered by Google via so-called “ad servers”. For this purpose, we use ad server cookies, which can be used to measure certain parameters for measuring success, such as the display of the ads or clicks by users. If you access our website via a Google ad, Google Ads will store a cookie on your end device. These cookies usually lose their validity after 30 days and are not intended to identify you personally. The unique cookie ID, number of ad impressions per placement (frequency), last impression (relevant for post-view conversions) and opt-out information (marking that the user no longer wishes to be addressed) are usually stored as analysis values for this cookie.

These cookies enable Google to recognise your internet browser. If a user visits certain pages of an Ads customer’s website and the cookie stored on their computer has not yet expired, Google and the customer will be able to recognise that the user clicked on the ad and was redirected to that page. A different cookie is assigned to each Ads customer. Cookies can therefore not be tracked via the websites of Ads customers. We ourselves do not collect or process any personal data in the aforementioned advertising measures. We only receive statistical evaluations from Google. These evaluations enable us to recognise which of the advertising measures used are particularly effective. We do not receive any further data from the use of the advertising media; in particular, we cannot identify the users on the basis of this information.

Due to the marketing tools used, your browser automatically establishes a direct connection with the Google server. We have no influence on the scope and further use of the data collected by Google through the use of this tool and therefore inform you according to our state of knowledge: Through the integration of Ads Conversion, Google receives the information that you have called up the corresponding part of our website or clicked on an advertisement from us. If you are registered with a Google service, Google can assign the visit to your account. Even if you are not registered with Google or have not logged in, it is possible that the provider may obtain and store your IP address.

Recipient of the data: You can find more information about Google’s privacy policy here and here. Alternatively, you can visit the Network Advertising Initiative (NAI) website.

(2) Google Analytics

Insofar as you have declared your consent (Art. 6 para. 1 p. 1 lit. a) DSGVO), Google Analytics, a web analytics service provided by Google LLC, is used on this website. The responsible service provider in the EU is Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland (“Google”).

Scope of the processing
Google Analytics uses cookies that enable an analysis of your use of our website. The information collected by means of the cookies about your use of this website is generally transmitted to a Google server in the USA and stored there.

The use includes the Universal Analytics mode of operation: this makes it possible to assign data, sessions and interactions across multiple devices to a pseudonymous user ID and thus to analyse the activities of a user across devices.

We use the function ‘anonymizeIP’ (so-called IP masking): Due to the activation of IP anonymisation on this website, your IP address will be truncated by Google within Member States of the European Union or in other contracting states to the Agreement on the European Economic Area. According to Google, the IP address transmitted by your browser as part of Google Analytics will not be merged with other Google data.

During your visit to the website, Google Analytics collects the following data, among others:

• The pages you visit, your “click path”.
• Achievement of “website goals” (e.g. newsletter sign-ups, downloads)
• Your user behaviour (e.g. clicks, dwell time, bounce rates)
• Your approximate location (city in country X)
• Your IP address (in abbreviated form)
• Technical information about your browser and the end devices you use (e.g. language setting, screen resolution)
• Your internet service provider
• Website from which the request comes (“bounce page”)

Purposes of the processing
On behalf of the operator of this website, Google will use this information for the purpose of evaluating your use of the website, and compiling reports on website activity. The reports provided by Google Analytics are used to analyse the performance of our application and the success of our marketing campaigns.

Receiver
The recipient of the data is Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland as an order processor. We have concluded an order processing agreement with Google for this purpose. Google has confirmed to us that they process your data in the European Economic Area. We cannot rule out the possibility that Google LLC, based in California, USA, and possibly US authorities may access the data stored by Google. Please also read our risk notice on chapter 5 “Recipients of your data”.

Storage time
The data is automatically deleted after 14 months. The deletion of data whose retention period has been reached takes place automatically once a month.

Legal basis and possibility of revocation
This data processing is subject to your consent, Art. 6 para. 1 sentence 1 lit. a) DSGVO. You can revoke your consent at any time with effect for the future. To do so, follow the link provided under chapter 4.3 “Cookies”.

You can find more information on the terms of use of Google Analytics and on data protection at Google at https://marketingplatform.google.com/about/analytics/terms/de/ and at https://policies.google.com/?hl=en.

(3) Social Networks and Social Media

Icons
Our website has integrated the icons of social networks from Youtube, LinkedIn, Instagram and Twitter. You can only access these networks via an external link. These are not share buttons, but merely hyperlinks.

YouTube embeds

Furthermore, we use so-called embeds or embeds from the Youtube platform for videos that you find on our website. Youtube is a service of Google Ireland Limited Gordon House, Barrow Street Dublin 4 Ireland. The embedding is carried out using the technical process known as framing. Framing involves the simple insertion of an HTML link provided by Youtube into the code of a website to create a playback frame on our website (so-called third-party presence), thus enabling the video stored on Youtube servers to be played. We use the framing codes generated by Youtube in the so-called “extended data protection mode”. According to Youtube, usage data is only transmitted when the user clicks on the play button and the video starts. If you visit our pages without using the video offer, no data is transferred to Youtobe We offer videos in our legitimate interest in providing you with lively insights into our company and explaining our products (Art. 6 para. 1 p. 1 lit. f) DSGVO).

Information on what data is processed by YouTube and for what purposes this data is used can be found in YouTube’s privacy policy.

Präsenz in sozialen Medien
We maintain presences in the “social media”. You can find more information about this here.

---

7. Microsoft Advertising

We use Universal Event Tracking (UET) on our website via the Microsoft Advertising (formerly Bing Ads) service of Microsoft Corporation (USA). Via UET, Microsoft stores a cookie in your browser to enable an analysis of the use of our online offer. The prerequisite for this is that you have reached our website via an advertisement from Microsoft Advertising. In this way, Microsoft and we can recognise that someone has clicked on an advertisement, been redirected to our online offer and reached a previously determined target page (so-called conversion measurement). No IP addresses are stored for this purpose. No further personal information about the identity of the user is provided.

If you click on an ad from Microsoft Advertising and accept third-party cookies within our cookie notice, a cookie is set for conversion tracking. We only process your data with your consent, Art. 6 para. 1 lit. a DSGVO. Additional note on data transfer to the USA: By selecting “Microsoft Advertising”, you also expressly consent in accordance with Art. 49 para. 1 sentence 1 lit. a DSGVO that your data collected by Microsoft may also be transferred to Microsoft servers in the USA. The USA has been classified by the European Court of Justice (ECJ) as a country with an insufficient level of data protection according to EU standards.

---

8. Borlabs-Cookie Explanation

This website uses borlabs cookie, which sets a technically necessary cookie (borlabs-cookie) to store your cookie consents.

We are legally obliged to document the consents you have declared, Art. 6 para. 1 c DSGVO and § 24 TTDSG.

Borlabs cookie does not process any personal data.

The following information is stored in the borlabs-cookie cookie:

• Cookie runtime
• Cookie version
• Domain and path of the website
• Consents
• User identification number (UID)

The UID is a randomly generated ID and not personal information. We store this data on our domain.

The cookie borlabs-cookie stores the consent you gave when entering the website. We store this setting for one year. If you wish to revoke these consents, simply delete the cookie in your browser. When you then re-enter/reload the website, you will be asked again for your cookie consent.