EET-cart-icon
EET-cart-icon

PRIVACY POLICY

Version: 1.0
Effective Date:18.08.2025
Last Updated: 21.08.2025

Introduction

EET – Efficient Energy Technology GmbH (“EET,” “we,” “us,” or “our”) is committed to protecting your privacy and personal data. This Privacy Policy explains how we collect, use, share, and protect your personal data when you use our connected battery storage systems, inverters, and associated services.
This policy applies to:
  • Our websites and online shop
  • Connected products (battery storage systems, solar inverters)
  • IoT services (cloud platform, mobile applications, web portals)
  • Customer support and warranty services

1. Who We Are

Data Controller:
EET – Efficient Energy Technology GmbH
Paula-Wallisch-Straße 14
8055 Graz, Austria
Email: info@eet.energy
Phone: +43 316 232203

2. What Data We Collect

2.1 Website and Online Shop Data

When you visit our website:
  • Technical data: IP address, browser type and version, device type, operating system, time zone setting, referring website
  • Cookie data: As described in our Cookie Policy (see Section 10)
When you create an account or make a purchase:
  • Identity data: Name, username, title
  • Contact data: Email address, telephone number, billing and delivery addresses
  • Financial data: Payment card type (we do not store full card details), bank account information for refunds
  • Transaction data: Order details, purchase history, warranty information
  • Marketing preferences: Your choices regarding marketing communications

2.2 Connected Product and IoT Data

Device identification and configuration:
  • Device serial number, model, firmware version
  • Installation date and location (country, postal code, time zone)
  • Network configuration
  • User-assigned device name and installation settings
Operational and performance data:
  • Battery metrics: State of charge, capacity, voltage, current, temperature, charge/discharge cycles, cell balancing data
  • Inverter metrics: Power output/input, frequency, voltage, efficiency, operating mode
  • Energy flow data: Solar production, grid consumption/feed-in, household consumption, battery charging/discharging patterns
  • System events: Error codes, warnings, safety shutdowns, firmware updates, system restarts
Diagnostic and maintenance data:
  • Fault logs, error histories, diagnostic test results
  • Remote troubleshooting session logs
  • Performance optimization data
Environmental data:
  • Ambient temperature (from device sensors)
  • General location data (postal code level for weather correlation and grid services)
Data processing location:
  • Real-time operational control is solely processed locally on your device (edge computing)
  • Historical data, analytics, and remote access features are hosted or processed in our EU-based cloud infrastructure

2.3 Communications and Support Data

When you contact us:
  • Your correspondence (emails, chat messages, support tickets)
  • Call recordings (with prior notice and consent)
  • Feedback and survey responses

2.4 Job Applications

If you apply for employment:
  • CV, cover letter, references
  • Interview notes and assessments
  • Information provided during the recruitment process

2.5 Business Partner Data

For installers, distributors, and suppliers:
  • Business contact details
  • Company information (VAT ID, commercial register data)
  • Contract and transaction records

3. How and Why We Use Your Data

3.1 Legal Bases for Processing

Under GDPR, we process your data based on:
  • a) Contractual necessity (Article 6(1)(b)) – to provide our products and services
  • b) Legal obligation (Article 6(1)(c)) – to comply with laws and regulations
  • c) Consent (Article 6(1)(a)) – where you have given explicit permission
  • d) Legitimate interests (Article 6(1)(f)) – for business operations that don’t override your rights

3.2 Purposes of Processing

Purpose
Legal Basis
Data Categories
Product functionality and service delivery
Contractual necessity
Device data, operational metrics, user settings
Cloud platform and mobile app operation
Contractual necessity
Account data, device configuration, historical energy data
Remote monitoring and diagnostics
Contractual necessity & Legitimate interest (product improvement)
Performance data, error logs, system events
Firmware updates and security patches
Contractual necessity & Legitimate interest (security)
Device identification, firmware version, installation data
Safety and grid compliance
Legal obligation (EU regulations, national grid codes)
Operational data, grid frequency, voltage levels
Customer support and warranty services
Contractual necessity
Contact data, device data, fault logs, correspondence
Billing and payment processing
Contractual necessity & Legal obligation
Transaction data, payment information, invoices
Fraud prevention and security
Legitimate interest
Access logs, transaction patterns, device authentication
Product improvement and R&D
Legitimate interest
Anonymized/pseudonymized performance data, usage patterns
Marketing communications
Consent (opt-in required)
Contact data, purchase history, preferences
Website analytics
Consent (via cookie banner)
Browsing behavior, technical data
Legal compliance (tax, accounting)
Legal obligation
Financial records, invoices, contracts

3.3 Primary Data Storage

IoT and device data is stored exclusively in EU/EEA data centers (primary: Germany, Austria). Your operational and consumption data does not leave the European Economic Area.

4. Who We Share Your Data With

We do not sell your personal data. We share data only when necessary with the following entities

4.1 Service Providers (Data Processors)

(as under GDPR Article 28 agreements)
Cloud infrastructure and hosting:
  • AWS Europe (Frankfurt, Ireland) or equivalent EU/EEA providers
  • Database and storage services
IT and security services:
  • Authentication services
  • Cybersecurity monitoring
  • Backup and disaster recovery
E-commerce and logistics:
  • Shipping carriers (DHL, local postal services)
  • Order management systems (Billbee, Odoo)
  • Warehouse and fulfillment partners
Payment processing:
  • Payment service providers (Saferpay, Stripe, PayPal) – note: these may act as independent data controllers
  • Fraud detection services
Marketing and analytics:
  • Email service providers (with explicit consent)
  • Analytics platforms (Google Analytics, with anonymization)
Customer support:
  • Help desk and ticketing systems
  • Live chat providers

4.2 Legal and Regulatory Authorities

When required by law:
  • Law enforcement and regulatory bodies
  • Courts and dispute resolution bodies
  • Tax authorities and auditors

4.3 Business Transfers

In the event of a merger, acquisition, or asset sale, your data may be transferred to the successor entity, subject to the same privacy protections.

5. How Long We Keep Your Data

We retain your data only as long as necessary:
Data Category
Retention Period
Reason
Support and service data
Duration of service + 90 days
Ongoing service provision and transition period
Historical energy data
3 years after service termination
Warranty support, performance analysis, dispute resolution
Device diagnostic logs
2 years
Safety compliance, warranty claims
Financial and tax records
7 years
Austrian tax law (BAO) requirements
Customer account data
Until account deletion + retention periods above
Contract fulfillment and legal obligations
Marketing consent data
Until consent withdrawn + 6 months
Processing consent withdrawal
Job application data
6 months after rejection (or with consent, up to 2 years)
Future opportunities
Website cookies
Session to 24 months (depending on type)
As specified in Cookie Policy
After expiry: We ensure that data is securely deleted or anonymized to prevent the identification of any natural person.

6. Your Rights Under GDPR and EU Data Act

6.1 GDPR Rights

You have the right to:
1. Access (Article 15): Obtain confirmation of what data we process about you and receive a copy.
2. Rectification (Article 16): Correct inaccurate or incomplete data.
3. Erasure/”Right to be Forgotten” (Article 17): Request deletion of your data where:
  • It’s no longer necessary for the purposes collected
  • You withdraw consent (where processing is based on consent)
  • You object to processing and there are no overriding legitimate grounds
  • The data has been unlawfully processed
  • Legal obligations require deletion
Limitations: We may retain data where required by law (e.g., tax records) or for legal claims.
4. Restriction of Processing (Article 18): Request we limit how we use your data while verifying accuracy or assessing objections.
5. Data Portability (Article 20): Receive your data in a structured, commonly used, machine-readable format and transmit it to another controller.
6. Objection (Article 21):
  • Object to processing based on legitimate interests (we will cease unless we have compelling legitimate grounds)
  • Object to direct marketing (we will always comply)
7. Withdraw Consent (Article 7(3)): Where processing is based on consent, you can withdraw it anytime (doesn’t affect lawful processing before withdrawal).
8. Not be Subject to Automated Decision-Making (Article 22): Right to human review of automated decisions with legal effects (note: our automated systems are operational functions, not decision-making with legal effects).

6.2 EU Data Act Rights (Connected Products)

As a user of IoT-enabled products, you have additional rights under Regulation (EU) 2023/2854:
Right to access product data (Article 4): Access data generated by or related to your use of the connected product.
Right to data portability (Article 5): Request transmission of your product data:
  • Directly to you in a structured, machine-readable format (e.g., CSV, JSON)
  • Directly to a third-party service provider of your choice
Right to real-time access: Where technically feasible, access your data in real-time through our app or web portal.
Scope of data: This includes operational data, usage history, performance metrics, and diagnostic information generated by your device.
No fees: We provide this data free of charge unless requests are manifestly unfounded or excessive.

6.3 How to Exercise Your Rights

Online: Through your account settings in our mobile app or web portal (for some rights)
Email: info@eet.energy
Post: EET – Efficient Energy Technology GmbH, Paula-Wallisch-Straße 14, 8055 Graz, Austria
Response time: We will respond within one month (extendable by two months for complex requests, with explanation).
Verification: We may request proof of identity to protect your data from unauthorized access.

6.4 Right to Complain

If you’re unhappy with how we handle your data:
Austrian Data Protection Authority (Österreichische Datenschutzbehörde)
Barichgasse 40-42, 1030 Vienna, Austria
Website: www.dsb.gv.at, Email: dsb@dsb.gv.at
You may also lodge a complaint with the supervisory authority in your EU country of residence or workplace.

7. Data Security

We implement appropriate technical and organizational measures to protect your data.
Technical measures:
  • End-to-end TLS/SSL encryption for all data transmission outside of your private network
  • Multi-factor authentication for administrative access
  • Regular security audits and penetration testing
  • Secure software development lifecycle (SSDLC)
  • Regular firmware security updates
Organizational measures:
  • Role-based access controls (principle of least privilege)
  • Employee training on data protection
  • Confidentiality agreements with all staff and contractors
  • Data breach response procedures
  • Regular review of data processors’ security
  • ISO 27001 certified infrastructure partners
Device-level security:
  • Encrypted local storage
  • Secure credential management
Despite our efforts, no system is 100% secure. If you become aware of a security issue, please contact software@eet.energy immediately.

8. Cookies and Tracking Technologies

Our website uses cookies and similar technologies.
Summary:
  • Essential cookies: Necessary for website functionality (no consent required)
  • Analytics cookies: Help us understand how visitors use our site (requires consent)
  • Marketing cookies: Used for targeted advertising (requires consent)
You can manage your cookie preferences through our cookie banner or browser settings.

9. Third-Party Links

Our website may contain links to third-party sites. We are not responsible for their privacy practices. Please review their privacy policies before providing personal data.

10. Marketing Communications

Email marketing: With your consent, we may send promotional emails about products, services, and offers. You can unsubscribe anytime via the link in emails or by contacting us.
Legitimate interest marketing: We may send service-related communications (e.g., product updates, safety notices) based on legitimate interest as an existing customer.
Preferences: Manage your communication preferences in your account settings or contact info@eet.energy.

11. Changes to This Privacy Policy

We may update this policy to reflect changes in our practices, legal requirements, or products.
Notification of changes:
  • Material changes: We will notify registered users via email or in-app notification at least 30 days before the change takes effect
  • Minor changes: Posted on our website with updated “Last Updated” date
Acceptance: Continued use of our services after changes take effect constitutes acceptance of the updated policy.
Version history: Previous versions are available upon request.

12. Contact Us

For questions, concerns, or to exercise your rights:
General inquiries: info@eet.energy
Data protection matters: software@eet.energy
Security issues: software@eet.energy
Postal address:
EET – Efficient Energy Technology GmbH
Paula-Wallisch-Straße 14
8055 Graz, Austria
Austria