EV Accessories and Mounting
Privacy Policy of 3Buy Solar
Buy-Solar.Online | Version: 2025.08 | Effective Date: 08 August 2025
Cookie & Privacy Notice
Our webshop uses essential cookies that are strictly necessary for security, login, checkout, and smooth operation. These cannot be disabled. We also use analytics and marketing cookies to improve our services and display relevant offers. By continuing to browse our website, you consent to the use of such cookies as described in this Privacy & Cookie Policy.
If you do not agree, you may disable cookies in your browser settings or refrain from using our site. Please note that disabling essential cookies will prevent the webshop from functioning.
Preamble
1.1 We are 3Buy Solar, a global provider of solar PV, energy storage, and renewable energy systems. Our EU operations are managed via:
Suncrest Ltd. (Hungary) as licensed webshop operator, and
Apelida s.r.o. (Slovakia) as content and GDPR data controller,
operating under brand license from 3Buy LLC (USA).
This Privacy Policy applies to all individuals and companies who visit our website(s), communicate with us, or use the services we offer — whether free, registered, B2B, or paid.
1.2 In particular, 3Buy Solar informs you below about what personal and technical data we collect, why we collect it, and how it is used or shared. All data is collected and stored electronically in accordance with the relevant data protection laws of the European Union, Hungary, and Slovakia. Where 3Buy Solar processes personal data, it does so exclusively for the purposes defined in this Privacy Policy and under the applicable legal bases outlined in the GDPR.
1. Legal Entities and Responsibility
Content & Data Controller
Apelida s.r.o.
Bastova Street 2301/16, 94501 Komárno, Slovakia
ICO: 43965318 | EU VAT: SK2022539002
📧 privacy@buy-solar.online
Platform Operator
Suncrest Ltd.
Registered Address: Nemzetőr u. 9, 2370 Dabas, Hungary
Office & Warehouse: Törökbálint DEPO, Raktárvárosi út 1, 2045 Törökbálint
EU VAT: HU32865963
📧 info@buy-solar.online
Joint Controllership as per Art. 26(1) GDPR and EDPB Guidelines 07/2020: Suncrest Ltd. (HU) and Apelida s.r.o. (SK) act as joint controllers within the meaning of Art. 26 GDPR. Apelida s.r.o. is designated as the primary contact for all data subject requests.
Joint Controller Responsibilities
Pursuant to Article 26 GDPR, Suncrest Ltd. and Apelida s.r.o. have concluded a joint controller agreement which allocates responsibilities as follows:
Suncrest Ltd.: webshop operation, customer registration, account management, invoicing, payment processing, logistics.
Apelida s.r.o.: content management, communications, CRM, GDPR compliance oversight.
Both jointly determine the purposes and means of processing personal data on the platform.
Apelida s.r.o. is designated as the primary point of contact for all GDPR-related inquiries.
The essence of this arrangement may be provided to data subjects upon request.
Licensor & Brand Owner
3Buy LLC
5011 Gate Parkway, Building 100, Jacksonville, FL, USA
📧 hello@3buy.org
🌐 https://3buy.org
Hosting Provider
CCHosting Inc. (ChemiCloud)
651 N. Broad Street, Suite 206, Middletown, DE 19709, USA
📍 Server Location: Frankfurt, Germany (EU)
📧 help@chemicloud.com
🌐 https://chemicloud.com
ChemiCloud may use EU-based sub-processors (e.g. Hetzner, Frankfurt) under GDPR-compliant DPAs
Data Protection Officer
3Buy EU Compliance Office
Bastova Street 2301/16, Komárno, Slovakia
📧 gdpr@buy-solar.online
2. Scope
This policy applies to:
All visitors and users of https://buy-solar.online
All features, accounts, transactions, and tools on the webshop
All social, email, and third-party platform communications
Both B2B and guest (public) user interactions
See also:
🔗 Terms for Buyers
🔗 Terms for Sellers
3. What Data We Collect
3.1 Technical (Non-Personal) Data
Automatically via cookies or scripts:
IP address (anonymized)
Device, browser, OS
Timestamp and visited URLs
Referrer URL, session duration
Used for security, load balancing, and technical optimization.
3.2 Personal & Company Data
Collected via registration, checkout, messaging:
Full name, company, VAT/tax ID
Billing/shipping details
Email, phone, login IP
Uploaded documents (KYC, licenses, forms)
Preferences, CRM communication logs
4. Legal Bases of Processing
We process your data in accordance with GDPR Article 6:
| Purpose | Legal Basis |
|---|---|
| Contractual handling | Art. 6(1)(b) GDPR |
| Legal obligations (invoicing) | Art. 6(1)(c) GDPR |
| Legitimate interest (security) | Art. 6(1)(f) GDPR |
| Marketing, cookies | Art. 6(1)(a) GDPR – Consent |
5. Cookies & Analytics Tools
5.1 Cookie Use
| Type | Examples |
|---|---|
| Essential | Session ID, checkout, login |
| Functional | Language, location, currency |
| Consent-based | Ads, tracking, social pixels |
Consent banner is shown on first visit and preferences can be managed.
5.2 Tools Used and Their Privacy Links
| Tool | Type | Purpose | Policy |
|---|---|---|---|
| Google Analytics 4 | Analytics | IP-anonymized usage stats | ✅ |
| Bing Analytics | Analytics | Microsoft advertising | ✅ |
| Yandex Metrica | Analytics | RU insights | ✅ |
| Baidu Tongji | Analytics | CN usage stats | ✅ |
| Meta Pixel | Ads/Tracking | Retargeting (FB/IG) | ✅ |
| Pinterest Tag | Marketing | Audience engagement | ✅ |
| X (Twitter) | Ads/Tracking | Retargeting and analytics | ✅ |
6. Anti-Spam & Security Tools
| Tool | Purpose | Policy |
|---|---|---|
| CleanTalk | Bot/spam detection | ✅ |
| Google reCAPTCHA v3 | Form security | ✅ |
7. Newsletter & Communications
Opening and maintaining a webshop account with 3Buy Solar requires acceptance of mandatory electronic communications, which include:
System and transactional messages (order confirmations, invoicing, recalls, security notices, account updates), and
Commercial communications (product updates, promotions, price lists, and market news relevant to solar PV, energy storage, and related solutions).
These communications are a condition of account registration and use. Customers who do not wish to receive such communications may withdraw by closing their account at any time.
By applying for and maintaining an account, you acknowledge that receipt of these communications is integral to the operation of our platform and your business relationship with us.
8. Third-Party Data Processors
We share minimal data only when necessary with:
Payment: Stripe, Wise Bank, MHB Bank
Delivery: GLS, DPD, DHL, Dachser Logistics
Compliance: Accountants, Tax Advisors and Audit Frims
IT partners: NDA-bound developers
All external processors are under valid DPAs and GDPR Art. 28.
8.1 Disclosure to Public Authorities or Legal Obligations
We may disclose personal data to third parties, including government authorities, law enforcement agencies, courts, or regulators, where:
We are legally required to do so (e.g., under criminal, tax, or consumer protection laws),
It is necessary to detect, prevent, or prosecute criminal offenses,
It is required for the execution of sentences, or
It serves to protect public security or prevent threats to public order.
Such disclosures are carried out strictly in accordance with GDPR Article 6(1)(c) and Article 23, as well as applicable national laws in Hungary, Slovakia, and the European Union.
9. International Data Transfers
We transfer some anonymized or scoped data to:
3Buy LLC (USA) – Brand support
Yandex (RU) and Baidu (CN) – Market analytics as per their T&C
Protected under:
Standard Contractual Clauses (SCCs)
Art. 46 GDPR + documented user consent
⚠️ Please note: despite the safeguards applied (SCCs, consent), transfers to certain jurisdictions (e.g., Russia, China) may involve residual risks due to differing local data protection standards and potential state access. By continuing to use analytics features, you acknowledge this risk.
10. Retention Periods
| Data Type | Retention |
|---|---|
| Orders, Invoices | 10 years (HU law) |
| Account Data | 5 years after inactivity |
| Newsletter | Until withdrawn |
| Analytics Logs | 26 months |
| Contact Messages | Max 2 years |
11. Your GDPR Rights
You may request at any time:
Data Access (Art. 15)
Rectification (Art. 16)
Erasure (Art. 17)
Restriction (Art. 18)
Portability (Art. 20)
Objection (Art. 21)
Withdraw Consent (Art. 7)
📧 Contact: privacy@buy-solar.online
Supervisory Authorities: You have the right to lodge a complaint with your local data protection authority, or directly with:
– The Hungarian National Authority for Data Protection and Freedom of Information (NAIH), or
– The Office for Personal Data Protection of the Slovak Republic.
12. Security Measures
HTTPS SSL across platform
Role-based access and audit logs
EU-based encrypted backups
CleanTalk bot protection + reCAPTCHA v3
Logging, anomaly detection, offsite storage
13. Policy Updates
Last update: 08 August 2025
Next review: August 2026 or earlier if laws change.
Users will be notified via:
Website banners
Email alerts (if subscribed)
Cookie banner reset
14. Social Media, Email & External Platforms
We use and receive messages via:
Meta: Facebook, Instagram, Messenger
LinkedIn
TikTok
X (Twitter)
Pinterest
YouTube
WhatsApp Business
Google My Business
Email: info@buy-solar.online and other e-mail addresses listed on our site.
What we may collect from these channels:
Public profile name or username
Email, phone (if submitted)
Message content
Uploaded documents, pictures and videos
Platform and timestamp metadata
Legal Basis:
| Context | Legal Basis |
|---|---|
| Inquiry / order / support | Art. 6(1)(b) GDPR |
| Marketing follow-up | Art. 6(1)(a) GDPR |
| Brand presence & replies | Art. 6(1)(f) GDPR |
We do not share or publish any submitted materials unless:
You give written consent, or
They were publicly posted/tagged
You can request deletion at any time:
📧 privacy@buy-solar.online
15. Legal Contact & Jurisdiction
📧 Legal Contact:
privacy@buy-solar.online
gdpr@buy-solar.online
Jurisdiction:
Contracts and transactions concluded via the webshop are governed by Hungarian law. GDPR compliance matters fall under the joint controllership of Apelida s.r.o. (Slovakia) and Suncrest Ltd. (Hungary), in accordance with Art. 26 GDPR. For GDPR-related disputes, Apelida s.r.o. (Slovakia) acts as the primary contact and supervisory jurisdiction, without prejudice to your right to lodge a complaint with your local authority.
