The following data protection information provides an overview of the collection and processing of your data as well as the specific type of data collected.
The complete information can also be found in the data protection declaration together with an explanation of the terminology.

Data protection notices

Which data is collected?

1. When calling and using this page

Access data:
IP address,
Date and time or time stamp of the access,
queried resource,
Origin of your page impression,
Name and version of the browser software
URL of the accessed website,
Message in case of erroneous retrieval,
the user's operating system,
every single page call with time stamp.
The server log data is kept for 90 days.
The ECS uses the protocol data only for statistical evaluations for the purpose of operation, security and optimisation of the offer. However, ECS reserves the right to check the log data subsequently if there is a justified suspicion of illegal use based on concrete evidence.

2. Based on your entries in public forms

Phone number,
E-mail address

3. Due to your registration as a contact person for a code

First name,
House number,
Phone number,
E-mail address,

4. After successful registration at a later login into the login area of the BDEW code allocation portal

First name,
House number,
Phone number,
E-mail address


In addition, ECS uses the tracking tool Google Analytics to measure website traffic. Your IP address will only be processed and transmitted anonymously.
How is your data collected?
When accessing the ECS website, the access data is automatically logged. Otherwise, all other data will only be collected through your entries.
What is your data used for?
The data is used to provide ECS products and services and to optimize and protect the website. With your consent, ECS will use your data to respond to your contact inquiries/messages. Only in special exceptions will your data be passed on to third parties, e.g. for criminal prosecution in the event of misuse or attack on our IT systems.

What are your rights:

You have the standardized right to confirmation whether personal data about you are processed.
You have the standardized right to information about the personal data stored about you.
You have a right to have your personal data corrected if ECS has stored it incorrectly.
You have the right that the ECS deletes your data if they may no longer be stored.
You have the right to object and can contact the ECS.
Revocation of your consent:
You have the right to revoke your consent to the processing of personal data at any time.
If you wish to exercise any of these rights, you can contact at any time.

Data protection declaration of the ECS

Thank you for visiting our website and for your interest.
The protection and security of our users' data is important to us. We have therefore designed our website and our business processes in such a way that as little personal data as possible is collected or processed.
The following privacy statement explains which information is collected during your visit to our website and which parts of this information may be used in which way.
the name and address of the controller
The person responsible within the meaning of the Basic Data Protection Regulation, other data protection laws in force in the Member States of the European Union and other provisions of a data protection nature is:
Energy Codes and Services GmbH
Reinhardtstr. 32
10117 Berlin
Phone: 030/300199-6500

Personal data

Personal data such as name, address, telephone number or e-mail address are only collected if you provide this information voluntarily, e.g. when registering as a contact person or via the contact form.
Your voluntarily provided data will only be used for the purpose for which you have given it to us. Only if you have given your consent for use in the context of further offers or for marketing purposes, your data will also be used for these purposes.

Standard data

When you use our website, the web server always records the following information in the server log files for security reasons: IP, client information (browser and operating system) and the URL request. This data is not linked to other data.
In case of abuse attempts or server errors, however, it may be possible that a so-called log file is started for error analysis. In detail, the IP address, the specific address of the page accessed, if applicable the page from which you reached us (link source), the transmitted browser ID, as well as the system date and time of the page visit are recorded here. This data is deleted from our servers immediately after the error has been corrected and is used exclusively to analyze the error. ECS is not able to link the log data with a person.


When contacting ECS (for example via contact form or e-mail), the user's details are stored for the purpose of processing the request and in the event that follow-up questions arise.

Technical Control - Cookies

So-called "cookies" are used on our site. These simplify and accelerate the control of your visit to our website. If you do not wish our website to use cookies on your computer, you can deactivate the cookies in your browser setting and select the browser setting so that you are informed when cookies are used on a website
You can manage many corporate online ad cookies through the US site or the EU site

Google Analytics

When you visit our websites, we transfer data to our service provider Google Inc. as part of the Google Analytics solution. Google Analytics is configured in such a way that your IP address is transmitted to Google anonymously ( anonymous IP ). Google processes your usage data on our behalf, on our website, to compile website activities in the form of reports. We use these reports to measure your interest in our offers and to improve them.
The IP address transmitted by your browser in the context of Google Analytics is not merged with other Google data. Users may refuse the use of cookies by selecting the appropriate settings on their browser. If you do not want tracking by Google Analytics, you can install a browser add-on to prevent tracking by Google Analytics.
Further information on data use for advertising purposes by Google, possible settings and objections can be found on the Google websites: ("Data use by Google when using our partners' websites or apps"), ("Data use for advertising purposes"), ("Manage information that Google uses to show you advertising") and ("Determine which advertising Google shows you").


We have taken extensive technical and operational precautions to protect your personal data stored with us against unauthorized access and misuse. Our security procedures are regularly reviewed and adapted to technological progress. Nevertheless, Internet-based data transmissions can have security gaps, so that absolute protection cannot be guaranteed. Our employees are obliged to maintain confidentiality.

Links to other websites

If you call up an external website from our site (external link), the external provider may receive from your browser the information from which of our websites you came to it. The external provider is responsible for this data. ECS, like any other website provider, is not in a position to influence this process.

Further Information

If you have any further questions, e.g. about data we have stored about you, please contact us at
Within this framework we naturally also fulfil your standardised right to information as well as the other rights mentioned above.
As of: May 2018

The data protection declaration of ECS is based on the terms used by the European Directive and Regulation Giver when the Basic Data Protection Regulation (DS-GMO) was issued. Our privacy policy should be easy to read and understand for the public as well as for our code owners and their employees. To ensure this, we would like to explain the terms used.
In this data protection declaration we use the following terms among others:

  1. Personal data
    Personal data are all information relating to an identified or identifiable natural person (hereinafter "data subject"). Identifiable is a natural person who can be identified directly or indirectly, in particular by assignment to an identifier such as a name, an identification number, location data, an online identifier or one or more special characteristics that express the physical, physiological, genetic, psychological, economic, cultural or social identity of that natural person.

  2. Person concerned
    Data subject is any identified or identifiable natural person whose personal data are processed by the controller.

  3. Processing
    Processing means any operation or series of operations carried out with or without the aid of automated procedures in relation to personal data, such as the collection, collection, organisation, sorting, storage, adaptation or alteration, reading, retrieval, use, disclosure by transmission, dissemination or any other form of provision, comparison or linking, restriction, erasure or destruction.

  4. Limitation of processing
    Restriction of processing is the marking of stored personal data with the aim of restricting their future processing.

  5. Profiling
    Profiling is any form of automated processing of personal data consisting in the use of such personal data to evaluate certain personal aspects relating to a natural person, in particular to analyse or predict aspects relating to the performance of work, economic situation, health, personal preferences, interests, reliability, behaviour, location or relocation of that natural person.

  6. Pseudonymization
    Pseudonymisation is the processing of personal data in such a way that the personal data can no longer be assigned to a specific data subject without the use of additional information, provided that this additional information is kept separately and is subject to technical and organisational measures which ensure that the personal data are not assigned to an identified or identifiable natural person.

  7. Data controller
    The data controller or controller is the natural or legal person, public authority, institution or other body which alone or jointly with others decides on the purposes and means of processing personal data. Where the purposes and means of such processing are laid down by Union law or by the law of the Member States, the controller or the specific criteria for his appointment may be laid down in accordance with Union law or the law of the Member States.

  8. Contractors
    Processor is a natural or legal person, authority, institution or other body that processes personal data on behalf of the data controller.

  9. Receiver
    Recipient is a natural or legal person, authority, institution or other body to which personal data is disclosed, regardless of whether it is a third party or not. However, authorities which may receive personal data under Union law or the law of the Member States within the framework of a particular investigation mandate shall not be regarded as recipients.

  10. Third
    A third party is a natural or legal person, authority, institution or other body other than the data subject, the data processor, the data processor and the persons authorised to process the personal data under the direct responsibility of the data processor or the data processor.

  11. Consent
    Consent shall mean any informed and unequivocal expression of will voluntarily given by the data subject in the particular case in the form of a declaration or other clear affirmative act by which the data subject indicates his or her consent to the processing of personal data concerning him or her.

Last updated: May 2018