Privacy Policy Section 1
This privacy policy has been compiled to better serve those who are concerned with how their ‘Personally Identifiable Information’ (PII) is being used online. PII, as described in US privacy law and information security, is information that can be used on its own or with other information to identify, contact, or locate a single person, or to identify an individual in context. Please read our privacy policy carefully to get a clear understanding of how we collect, use, protect or otherwise handle your Personally Identifiable Information in accordance with our website.
What personal information do we collect from the people that visit our blog, website or app?
When ordering or registering on our site, as appropriate, you may be asked to enter your name, email address, mailing address, phone number or other details to help you with your experience.
When do we collect information?
We collect information from you when you register on our site, respond to a survey, fill out a form or enter information on our site.
How do we use your information?
We may use the information we collect from you when you register, make a purchase, fill out a form, sign up for our newsletter, respond to a survey or marketing communication, visit the website, or use certain other site features in the following ways:
To improve our website in order to better serve you.
To allow us to better service you in responding to your customer service requests.
To follow up with you after correspondence (email or phone inquiries).
Do we use ‘cookies’?
Yes. Cookies are small files that a site or its service provider transfers to your computer’s hard drive through your Web browser (if you allow) that enables the site’s or service provider’s systems to recognize your browser and capture and remember certain information. For instance, we use cookies to help us remember and process the items in your shopping cart. They are also used to help us understand your preferences based on previous or current site activity, which enables us to provide you with improved services. We also use cookies to help us compile aggregate data about site traffic and site interaction so that we can offer better site experiences and tools in the future.
We use cookies to:
Help remember and process the items in the shopping cart.
Understand and save user’s preferences for future visits.
Keep track of advertisements.
Compile aggregate data about site traffic and site interactions in order to offer better site experiences and tools in the future. We may also use trusted third-party services that track this information on our behalf.
You can choose to have your computer warn you each time a cookie is being sent, or you can choose to turn off all cookies. You do this through your browser settings. Since browser is a little different, look at your browser’s Help Menu to learn the correct way to modify your cookies.
If users disable cookies in their browser:
If you turn cookies off it will turn off some of the features of the site.
Third-party disclosure
We do not sell, trade, or otherwise transfer to outside parties your Personally Identifiable Information unless we provide users with advance notice. This does not include website hosting partners and other parties who assist us in operating our website, conducting our business, or serving our users, so long as those parties agree to keep this information confidential. We may also release information when it’s release is appropriate to comply with the law, enforce our site policies, or protect ours or others’ rights, property or safety.
However, non-personally identifiable visitor information may be provided to other parties for marketing, advertising, or other uses.
Third-party links
Occasionally, at our discretion, we may include or offer third-party products or services on our website. These third-party sites have separate and independent privacy policies. We, therefore, have no responsibility or liability for the content and activities of these linked sites. Nonetheless, we seek to protect the integrity of our site and welcome any feedback about these sites.
How We Respond to Do Not Track Signals
We do not respond to do not track signals.
Your Privacy Rights
Google https://policies.google.com/privacy
Google’s advertising requirements can be summed up by Google’s Advertising Principles. They are put in place to provide a positive experience for users. https://support.google.com/adwordspolicy/answer/1316548
We use Google AdSense Advertising on our website.
Google, as a third-party vendor, uses cookies to serve ads on our site. Google’s use of the DART cookie enables it to serve ads to our users based on previous visits to our site and other sites on the Internet. Users may opt-out of the use of the DART cookie by visiting the Google Ad and Content Network privacy policy.
We have implemented the following:
Remarketing with Google AdSense
Google Display Network Impression Reporting
Demographics and Interests Reporting
DoubleClick Platform Integration
We, along with third-party vendors such as Google use first-party cookies (such as the Google Analytics cookies) and third-party cookies (such as the DoubleClick cookie) or other third-party identifiers together to compile data regarding user interactions with ad impressions and other ad service functions as they relate to our website.
Opting out:
Users can set preferences for how Google advertises to you using the Google Ad Settings page. Alternatively, you can opt out by visiting the Network Advertising Initiative Opt Out page or by using the Google Analytics Opt Out Browser add on.
COPPA (Children Online Privacy Protection Act)
When it comes to the collection of personal information from children under the age of 13 years old, the Children’s Online Privacy Protection Act (COPPA) puts parents in control. The Federal Trade Commission, United States’ consumer protection agency, enforces the COPPA Rule, which spells out what operators of websites and online services must do to protect children’s privacy and safety online.
We do not specifically market to children under the age of 13 years old.
CAN SPAM Act
The CAN-SPAM Act is a law that sets the rules for commercial email, establishes requirements for commercial messages, gives recipients the right to have emails stopped from being sent to them, and spells out tough penalties for violations.
We collect your email address in order to:
Send information, respond to inquiries, and/or other requests or questions.
Process orders and to send information and updates pertaining to orders.
Send you additional information related to your product and/or service.
Market to our mailing list or continue to send emails to our clients after the original transaction has occurred.
To be in accordance with CANSPAM, we agree to the following:
Not use false or misleading subjects or email addresses.
Identify the message as an advertisement in some reasonable way.
Include the physical address of our business or site headquarters.
Monitor third-party email marketing services for compliance, if one is used.
Honor opt-out/unsubscribe requests quickly.
Allow users to unsubscribe by using the link at the bottom of each email.
If at any time you would like to unsubscribe from receiving future emails, follow the instructions at the bottom of each email, and we will promptly remove you from ALL correspondence.
Contacting Us
If there are any questions regarding this privacy policy, you may contact us using the information below.
Fifth Street, industrial Area,
Kampala, Uganda.
Contact information:
If you would like to contact us to understand more about this Policy or wish to contact us concerning any matter relating to individual rights and your Personal Information, you may send an email to info@gritengineers.com.
Privacy Policy Section 2
Grit takes the protection of personal information seriously, and we do what we can to give you insight into how we use and process personal information. Below you will find information on how we collect and process your personal information, distributed across our various products and services.
Last modified: June 27, 2024
Who is responsible for data processing?
Grit Engineering Limited , with registered premises at Fifth Street, Industrial Area Kampala and with the e-mail address info@gritengineers.com (“Grit”), is the data controller for the information collected through Grit's website and/or Grit's application ( collectively called the “Platform”).
Purpose and legal basis for data processing
All the personal information collected through the Platform may be processed on the following legal basis:The solar energy agreement signed with Grit (the “Agreement”).A calculation of the potential for solar cells at an address upon request from the customer.Consent to receive emails regarding the calculation of the potential for solar cells.Consent to receive personalized communications regarding financial support, product benefits, special offers and other Grit products and services.
Personal information about you that we process
When you investigate your roof's potential for solar cells, we collect your home address, as well as your email address if you have given your consent for this purpose. We may also ask for other information to calculate an estimate of your electricity consumption, so that we can give you customized sizes of the installations. The purpose is for us to be able to give a price estimate for the installation of solar cells on your roof, as well as manage your customer relationship and complete the delivery. The email address is used to communicate with you in the form of personal follow-up, newsletters and any other communication regarding Grit's products and services that you may be interested in. If you do not wish to receive newsletters, you can unsubscribe from them here (https ://gritengineers.us12.list-manage.com/unsubscribe?u=62ba42cf7823e6f79f13ddfd9&id=0991f5ac72).
We collect and store information about the address where you get the potential for solar cells calculated, such as the azimuth, slope, area and height of the roof, in order to give you an estimate of the energy potential from solar cells on your roof as well as a price estimate. We store this information for analytical use, so that we can make better calculations in the future.If you wish to proceed to a quote, we will ask for your name, telephone number and email address so that we can contact you to clarify any questions and, if appropriate, send you a formal offer. All the requested information is necessary to enter into the Agreement. If you do not provide this information, or refuse to provide it, Grit cannot enter into a contract with you.If you accept the offer, we may send your name and telephone number as well as the contract to one of our partners for digital signatures, such as Scrive (www.scrive.com/no/privacy-notice/), which will act as a data processor.If you choose to use a solar loan to finance the solar installation, you will be forwarded to our bank partner for this purpose. The bank partner will ask you directly for personal information in order to carry out a credit assessment and offer the loan. The bank partner acts as data controller in this case. With the exception of the application status, the banking partner does not share any of the personal information they receive with Grit.In cases where this information is required, we may also ask for your social security number. In that case, the purpose will either be to complete applications where this information is needed, or to forward it to the bank partner if you have applied for a loan. Your social security number will be stored encrypted.
How long will we store your personal information?
The length of time we will store your personal information depends on the purpose for which it was collected. If your information is used for several purposes that require different storage times, we will use the longest one.Personal information that is processed on the basis of your consent will be stored until you withdraw your consent or request the deletion of or complain about your information.Personal information that is processed for the Agreement or the loan agreement to be executed will remain stored throughout the relevant contractual relationship.Personal data processed under Grit's legitimate interests will remain stored as long as Grit has to comply/achieve them.Once these periods have ended or your request to delete your personal information has been fulfilled, we will only continue to store your personal information, properly blocked, for the time periods required by law. This means that they cannot be processed, for any purpose other than making them available to courts or competent public authorities, to comply with any claim arising from the processing and only during the limitation period. When this period has expired, the information will be deleted.
Who can we share your personal information with?
If you have chosen to change electricity supplier to one of our partners in connection with an order for a solar cell system, we will send your contact information to your chosen electricity supplier so that they can contact you.After Grit has planned your installation in detail, we share your contact information, address and project details with our installer.When your installation is connected to the grid, we share your contact information and details of the solar installation with your grid provider.Once the installation is operational and connected to the network, production data from your inverter will be shared with the inverter manufacturer for analysis and potential troubleshooting. This data says nothing about the general energy consumption of your home, only whether the sun is shining on your installation.The production data from the installation will also be collected by Grit. This information is used for analysis and potential troubleshooting. The data serves as the basis for the statistics on My page and in the Grit apps.Grit may use production data associated with addresses to improve calculation models, both internally and in collaboration with others in the solar energy industry, and share this publicly. When the data is shared, it will be anonymized as much as possible, but location is an important element in the analysis of the production data.We use OpenAI to improve our services and user experience. We may share personal information, such as name and contact information, with OpenAI to provide and improve services. OpenAI protects your personal data and complies with data protection laws. For more information, visit their privacy policy (https://openai.com/policies/privacy-policy).
We use the Google service and the Google Advertising service in particular to show you personalized and non-personalised ads, provided that you accept targeted cookies and scripts. We may share personal data, when possible we may share information such as name, email and telephone with Google. This enables us to better target our ads. If you want to learn more about how Google uses your data, you can see Google's privacy policy and terms.Your personal information may be shared with data processors who provide services to Grit. Grit will ensure that they all comply with the relevant legislation regarding data protection by signing a data processing agreement in accordance with Article 28 of the Personal Data Protection Regulation .
Chat and email
When you communicate with us by e-mail at one of our support or sales e-mail addresses, or the chat function on the website, the exchange of messages is saved so that we can provide you with the best possible service over time. Both chat messages and emails are stored by Hubspot (https://legal.hubspot.com/privacy-policy).We currently use MailChimp (https://mailchimp.com/legal/privacy/) to send out our newsletter. In connection with this, your e-mail address will be stored together with information such as which product you showed interest in and which region you live in. If you choose to unsubscribe from the newsletter, your e-mail address will still be in the system in order to prevent you from being added again. All other information will be deleted.These companies act as data processors.
Error tracking
In order to improve our software, we log exceptions and errors that occur on our website and apps. These error events, as well as the data regarding the state the system was in when the error occurred, are collected by an external service. We currently use Sentry for this. The information is stored for 90 days.
Data storage and backup systems
The website and Grit apps use several Grit services in the back-end. These services run only in the cloud and therefore use several third-party systems. Servers, databases and data storage are provided by Amazon (https://aws.amazon.com/privacy/) and Heroku (www.salesforce.com/company/privacy/), which is a service provider on top of Amazon, owned by Salesforce. We use data centers in Europe, if possible, primarily in Ireland and Germany.
Automatic SMS and emails
We use Mailgun (www.mailgun.com/privacy-policy) to send automated emails, and Twilio (www.twilio.com/legal/privacy) for both emails and SMS. These may, for example, contain information about changes regarding the installation, etc. The services store metadata for tracking and debugging.
Internal communication
For internal communication we use Slack (https://slack.com/privacy-policy). Our back-end systems send updates to this service in the context of events related to customer behaviour. Among other things, these updates may contain name, address and contact information.For email and file storage, we use Titan Business email system google G Suite (https://gsuite.google.com/security/). Read about “Password Procedures” below to see how we manage access to these services.The above-mentioned companies act as data processors.
Access to sensitive information
In cases where our systems process sensitive information, this is only accessible to Grit's developers and other employees with an appropriate need for access. Encryption codes, which are one of several things used when storing sensitive information, are only available to Grit's developers. All the machines used for development, and which may have copies of information from production systems, have an encrypted file system.All data communication with external partners is encrypted.
Password routines
All Grit employees are required to use two-factor authentication when logging into Grit's systems, as well as password-protected phones and devices. All external partners (installers, etc.) who have access to Grit's systems use personal accounts with access only to relevant parts of the system.
Your rights
You can at any time ask us for access, copy, creation, restriction or deletion of the personal information about you that we have stored. For such requests, one must contact Grit with a written request to the business address or by e-mail to privacy@Grit.com, with identification (e.g. a copy of your passport). Under certain circumstances, you can also object to the processing of the information, as well as make use of the right to data portability.
Changes to the privacy policy
We will keep your privacy policy up to date as the service offer changes. At the top of the page you will find a date stamp showing when we last updated the content. If we make any major changes that affect registered customers, you will be notified of this by e-mail.You also have the right to submit a complaint to the Uganda Data Protection Authority, in Kampala. Grit has its own privacy representative who can be contacted by sending an email to support@gritengineers.com.