privacy policy

1.1. This privacy policy describes how neoom international gmbh ("neoom", "we", "us"), FN 421620 f, Industriestraße 6, 4240 Freistadt, processes the personal data collected from you when using the neoom app.

1.2. neoom treats your data confidentially and handles it responsibly. We comply with the applicable legal provisions on the protection, lawful handling and confidentiality of personal data, as well as on data security, in particular the General Data Protection Regulation (DSGVO), the Austrian Data Protection Act (DSG) and the Telecommunications Act (TKG).

1.3. Personal data is any information relating to an identified or identifiable individual. This includes, for example, your name, your e-mail address, and your IP address or device number.

 

2.1. We process the following data for the initiation and processing of business transactions relating to the services offered in the app:

• name or business name or description;
• Date of birth;
• Address;
• Telephone number and e-mail address
• UID / tax number;
• Electricity consumption, electricity generation, electricity purchase from energy community, electricity purchase from grid, electricity storage as well as heat consumption (each on 1 and 15 minutes basis)
• Energy profiles and statistics on a customer basis (e.g. monthly report, annual report) and aggregated
• User's electricity bill (energy costs, grid operator, energy supplier and customer number at the energy supplier)
• data concerning gateway (IP address of the gateway, manufacturer and serial number)
• Data on energy concepts (expected consumption as well as savings)
• technical location data (metering point number, transformer station, substation, connected load of the grid access, grid level as well as grid connection, data on device locations, roof pitch and orientation of the building and smart meter data);
• IP Keys for access to site and energy data
• Fault data for devices
• Log Data Gateway
• Log Data App
• Statistical data regarding available equipment (esp. electric car incl. mileage, air source heat pump, wellness (sauna, pool, AC, heating), PV system, charging station, storage, meter for electricity and heat quantity as well as heat pump / heating element).
• Records (history, archive) of user data exports

2.1.1. We receive some of the data from EDA Energiewirtschaftlicher Datenaustausch GmbH, in particular the energy data as well as the technical location data.

2.1.2. The processing of the data provided is carried out for the fulfilment of the contract with you (Art 6 para 1 lit b DSGVO) - without the use of this data we cannot provide the services selected by you..

2.1.3. The personal data will be stored until the expiry of the guarantee, warranty, limitation and statutory retention periods applicable to us (usually 7 years, maximum 30 years) or beyond this until the end of any legal disputes in which the data is required as evidence.

2.2. We process the following data for accounting purposes relating to the services offered in the app:

• name or business name or description
• date of birth (if necessary for identification)
• Telephone number and e-mail address
• Address
• Bank details
• Tax liability and tax calculation data
• UID / tax number
• data on the payment behavior of the concerned person
• account and record data
• Credit card numbers and companies
• Billing details (esp. time period, user's electricity bill, metering point number and electricity consumption, electricity generation, electricity purchase from energy community as well as electricity purchase from grid, each on a 1 and 15 minutes basis)

2.2.1. The processing of the data provided is therefore also carried out for the fulfilment of your contract (Art 6 para 1 lit b DSGVO) as well as for the compliance with legal obligations (Art 6 para 1 lit c DSGVO).

2.2.2. The personal data shall be stored until the termination of the business relationship with the customer or until the expiry of the warranty, guarantee, limitation and statutory retention periods applicable to us (generally 7 years, maximum 30 years) or, in addition, until the termination of any legal disputes in which the data are required as evidence.

 

3.1. For the improvement of the neoom app we process the following data:

• Electricity consumption, electricity generation, electricity purchase from energy community, electricity purchase from grid, electricity storage as well as heat consumption (each on 1 and 15 minutes basis)
• Information about user behaviour in the app (number of visits, duration of visit and path of the user during visit incl. clicks).

3.1.1. The processing of the data provided is based on the following legitimate interests (Art 6 para 1 lit f DSGVO): Further development and improvement of the user-friendliness of the neoom app and the neoom products (usability), ensuring the stability, security and availability of the neoom app and neoom products.

3.1.2. The personal data shall be stored for three years for these purposes.

3.2. For the creation of statistics and for profiling your user behavior, we process the following data:

• Number of people per household
• Classification of the user type (e.g. private, business)
• Electricity consumption, electricity generation, electricity purchase from energy community, electricity purchase from grid, electricity storage as well as heat consumption (each on 1 and 15 minutes basis)
• Energy profiles and statistics on a customer basis (e.g. monthly report, annual report) and aggregated
• User's electricity bill (energy costs, grid operator, energy supplier and customer number at the energy supplier)
• Technical location data (transformer station, substation, connected load of the grid access, grid level as well as grid connection and smart meter data)
• Data regarding available equipment (esp. electric car incl. mileage, air source heat pump, wellness (sauna, pool, AC, heating), PV system, charging station, storage, meter for electricity and heat quantity as well as heat pump / heating element).
• Data on municipalities (number of inhabitants and buildings)
• Data on companies (industry and energy consumption)
  
  

3.2.1. The processing of the data provided is based on the following legitimate interests: We compile statistics and carry out profiling in order to individualize our products and offers, to tailor them to specific users and their behavior and to analyze the electricity and energy market on this basis. We therefore look at, for example, electricity consumption in relation to a specific region (postcode) based on their usage data in order to analyze user behavior and electricity consumption on an aggregated basis. In addition, the individualized analysis allows us to detect unusual load peaks and profiles as well as product faults at an early stage and to react accordingly.

3.2.2. The personal data collected for the compilation of the statistics will be aggregated and thus anonymised immediately after the finalisation of the respective statistics. The personal data collected through profiling are stored for three years and then overwritten with the current values..

3.3. For direct marketing purposes (in particular e-mail newsletters and telephone calls) we process the following data:

• name or business name or description
• Telephone number and e-mail address
• Classification of the user type (e.g. private, business)
• Energy profiles and statistics on a customer basis and aggregated
• Data regarding available devices (esp. electric car incl. mileage, air source heat pump, wellness (sauna, pool, AC, heating), PV system, charging station, storage, meter for electricity and heat quantity as well as heat pump / heating element)
• People per household
• Municipal data (number of residents and buildings)
• Data on companies (sector and energy consumption)

3.3.1. The processing of the data provided takes place exclusively on the basis of your voluntary consent (Art 6 para 1 lit a DSGVO).

3.3.2. The personal data will be deleted for this purpose after any revocation of consent or after three years of inactivity in the neoom app.

 

4.1. We provide your personal data to the extent necessary to the following external service providers (processors) who assist us in providing our services. All our processors process your data only on our behalf and on the basis of our instructions so that we can provide you with our services. These are the following service providers:

• IT service providers and/or providers of data hosting solutions or similar services; and
• other service providers, tool providers and software solution providers who also assist us in the provision of our services and act on our behalf (including marketing tool providers, communication service providers).

4.2. In addition, we transmit your personal data to the following recipients (responsible parties) to the extent necessary:

• EDA Energiewirtschaftlicher Datenaustausch GmbH and the respective grid operator for the processing of the electricity supply and the feed-in into the electricity grid as well as for the billing of the energy consumption (execution of the contract)
• Sparkasse Oberösterreich Bankaktiengesellschaft for payment processing (execution of the Agreement)
• Legal representatives in case of cause, courts as well as collection agencies and credit protection association (our legitimate interests)
• Auditors, authorities, courts and other public bodies to the extent required by law (e.g. financial or data protection authorities).

4.3. Personal data will only be transferred to recipients in third countries outside the EEA area if an adequacy decision has been issued by the European Commission for these countries, we have provided suitable guarantees for the protection of personal data by concluding a legally binding document or you have explicitly given your consent for individual cases as defined in Art 49 (1) lit a DSGVO.

 

5.1. The personal data will be protected by neoom as best as possible against unauthorised access, unauthorised use or publication by third parties.

5.2. The personal data collected is stored on a server of Microsoft Ireland Operations Limited, 70 Sir John Rogerson's Quay, Dublin 2, Ireland as a processor in the European Union. In this context, Neoom refers to the Terms and Certifications of Microsoft in the currently valid version, available at https://azure.microsoft.com/de-de/support/legal/.

 

6.1. You have the right to receive information in a clear, transparent and easily understandable way about how we process personal data and about your rights as a data subject (Art. 12 et seq. GDPR):

6.2. You therefore have a right to information about the personal data we process about you. In addition, you have the right to have incorrect data corrected and your personal data deleted (right to be forgotten). Furthermore, you can revoke any consent you may have given at any time with effect for the future without giving reasons. You also have the right to restrict processing, to receive the data you have provided in a structured, common and machine-readable format (data portability) and the right to object.

6.3. In order for us to be able to process your request regarding your above-mentioned rights, please send the request directly to us, e.g. by post or via e-mail:

neoom international gmbh

Industriestraße 6

4240 Freistadt

Austria

mail: privacy@neoom.com

6.4. You also have the right to complain to the competent supervisory authority. In Austria, this is the data protection authority, Barichgasse 40-42, 1030 Vienna.