Privacy notice
Privacy notice
We appreciate your visit on our website and your interest in our offer.
We want you to feel comfortable and safe with regards to how we process your personal data. Data protection and transparency are very important to us. The Privacy Notice is meant to understand our privacy practices, including which personal data we collect, why we collect it, what we do with it and how we protect it, as well as knowing your individual rights. This information will enable you to always be in full control of your personal data.
1. Controller
Controller legally responsible for data processing:
HumanOptics Holding AG
Spardorfer Straße 150
91054 Erlangen
2. Categories of data, purpose and legal basis
It’s possible to visit our website without disclosing any personal data besides the technical data provided for the operation of the website itself. For transparency reasons, our privacy notice can be found on every page.
a) Operation of the website
We use your personal data like your IP address and technical data of your device (e. g. service provider and operating system, etc.) as well as data concerning the use of our website, only to run and improve our website.
We never save this data beyond the fulfilling of its purpose or legal retention periods.
We need this data to run the website. If you object to processing, you won’t be able to use our online offer. We evaluate this kind of information in order to make using our website even more comfortable. We don’t connect this information to any other data we have collected previously. It’s only meant to improve the performance and attractiveness of our website and its content. Data collected when using our website will be deleted at the latest after 14 months. In some cases, we might be allowed to safe data in order to enforce or defend any legal claims.
Art. 6. 1 f GDPR is legal basis for processing data in order to take care of information and network security. According to this article processing of personal data is legal if necessary for the purpose of the legitimate interests pursued by the controller or by a third party, except where such interests are overridden by the interests or fundamental rights of the data subjects.
According to Art. 13. 2 e GDPR you are not obliged to provide us with your personal data when using our website. Nevertheless, it’s just not possible to run a website without this kind of data.
b) Contact form
Using our contact form, you provide us with your personal data. This includes salutation, name, e-mail address, telephone number, company, request, role. We will use this information only for your particular claims and requests and for providing you with information.
The legal basis for the processing of general enquiries is your consent in accordance with Art. 6 Para. 1 S. 1 lit a GDPR.
In the case of inquiries about contracts or in the context of contract initiation, the legal basis is Art. 6 Para. 1 S. 1 lit. b GDPR.
The legal basis for inquiries about data protection is Art. 6 Para. 1 S. 1 lit. c GDPR.
Submitting the form constitutes your consent to the processing of the data.
We will retain your personal data for the period necessary to fulfill the purposes described in this statement or the statutory warranty obligations are fulfilled.
c) Offer form
If you are interested in one of our products and fill out the corresponding offer form, we process the following personal data from you: Company, contact person’s name, billing and delivery address, email address, phone number.
We then process your personal data for the purpose of sending the offer in our CRM and email systems.
The legal basis for processing is the initiation of a contract according to Art. 6 1 b) GDPR.
If you decide to subscribe to our newsletter, we will send it to your provided email address. The verification is done via a double opt-in. The data you have deposited with us for the purpose of receiving the newsletter will be stored by us until you unsubscribe from the newsletter and will be blocked after the newsletter has been cancelled.
The sending of newsletters is carried out by WordPress. WordPress is a service that can organise and analyse the sending of newsletters.
Our newsletters sent with WordPress enable us to analyse the behaviour of newsletter recipients. This can include analysis of how many recipients have opened the newsletter message and how often each link in the newsletter was clicked. With the help of so-called conversion tracking, it can also be analysed whether a previously defined action (e.g., purchase of a product on our website) has taken place after clicking the link in the newsletter. More information about data analysis by WordPress can be found at: www.wordpress.com
The data processing is based on your consent in accordance with Art. 6 Para. 1 S. 1 lit. a DSGVO. You can revoke this consent at any time by cancelling the newsletter. The legality of the data processing operations already carried out remains unaffected by the revocation. If you do not wish to be analysed by WordPress, you must unsubscribe from the newsletter. For this purpose, we provide you with a link in each newsletter message.
We store your personal data for the period necessary to fulfil the above-mentioned purpose and beyond within the framework of legal retention periods.
d) Online certification course for CUSTOMFLEX® ARTIFICIALIRIS
On our website, you can register for an online certification course for CUSTOMFLEX®ARTIFICIALIRIS.
To execute the course, we create an account for you and collect the following personal data: Name, E-Mail-Address, Address, hospital. Further, you must choose a password in order to log in with your E-Mail-Address and your password.
Legal basis for processing is the performance of a contract as per Art. 6 Para. 1 S. 1 lit. b GDPR. With your registration you enter a contract with HumanOptics Holding AG. We also store your IP-address and your test results.
Your personal data will be deleted after termination of the contract, provided there are no legal retention obligations.
We will use your E-Mail Address to send you the latest news or our customer newsletter from time to time. Legal basis is our legitimate interest as per Art. 6 Para. 1 S. 1 lit. f GDPR in conjunction with § 7 Para. 3 UWG. You can object to your E-mail Address being used for that purpose at any time without costs arising by virtue thereof, other than transmission costs in accordance with the basic rates.
e) Registration for HumanOptics information pool
On our website you can register for our HumanOptics information pool. Therefore, we collect the following personal data: Name, E-Mail-Address, Gender. We use those personal data only for the execution of your registration for the information pool. Legal basis for processing is your consent as per Art. 6 (1) b GDPR. By registering, you consent to the sending of information to your specified e-mail address.
We will only add you to the distribution list after you have confirmed the double opt-in.
You can revoke your consent at any time without giving reasons with effect for the future.
f) Reporting according to the German Whistleblower Protection Act (HinSchG)
We set up an internal whistleblowing office. If you submit a report, we process your personal data, which you may provide to us with your report, such as your name and e-mail address, as well as any personal data resulting from the report. The purpose of the processing is to follow up on the reports and thus support the detection and elimination of grievances.
The legal basis for the processing is our legal obligation pursuant to Art. 6 para. 1 (c) GDPR in conjunction with § 13 HinSchG.
In general, the personal data processed by reporting to us will not be passed on to third parties. Exceptions exist in cases where we are legally obliged to do so, such as in criminal proceedings.
The processor involved is Gesellschaft für Datenschutz who offers the reporting software.
We will retain your personal data for the period necessary to fulfil the purposes described above. In addition, we store the data processed in connection with the report for three years after the conclusion of the procedure and then delete it, provided that the deletion does not conflict with any further statutory retention obligations.
g) Cookies
We use session cookies on our website. In the following, we would like to briefly explain the purpose of these cookies. Cookies are short snippets of text that we store on your computer. Cookies do not execute commands on your computer, so they do not pose a security risk.
Session cookies store certain information while you browse our website and are not stored permanently but are deleted when you leave our website.
The use of session cookies is based on Article 6 (1) (f). The operation of the website is in the legitimate interest of the controller.
You can control the handling of cookies in your browser, you can even reject cookies altogether or configure your browser so that cookies are deleted regularly. You will find sufficient information on this on the Internet.
h) Live Chat
We offer you the opportunity to get in touch with us via a live chat-module on our website. Therefore, we use tawk.to, a Tool by tawk.to Inc., 187 East Warm Springs Rd, SB298, Las Vegas, Nevada, 89119, USA, that is integrated in our website via a plug-in.
Data of visitors from the European Economic Area (EEA) are processed by the affiliate tawk.to Ltd., UK.
We entered into a data processing addendum that contains the Standard Contractual Clauses.
More information on how tawk.to processes your personal data can be found here: https://www.tawk.to/privacy-policy/
If you access Internet pages of our website that are provided with such a plug-in your browser establishes a direct connection to the servers of tawk.to. The content of the plug- in is transmitted directly to your browser and integrated into the page. Through the integration of the plug-in, tawk.to receives the information that your browser has accessed the corresponding page of our website. This information (including your IP-address) is transmitted from your browser directly to a server of tawk.to and stored there for 90 days. Legal basis for processing is our legitimate interest in accordance with Art. 6 Para. 1 S. 1 lit. f GDPR.
Tawk.to also uses so-called cookies, small text files placed on your computer to help the website analyze how users use the site.
The legal basis for using cookies is your consent in accordance with Art. 6 Para. 1 S. 1 lit. a GDPR.
If you want to use the live chat we will collect and process the following personal data: Name, e-mail-address, clinic/doctor’s office. In the course of the chat, we will process only the personal data you provide us with. Immediately after termination of the conversation the chat record will be deleted.
The legal basis for processing is your consent according to Art. 6 Para. 1 S. 1 lit. a GDPR. By using the chat, you consent to the data processing described here.
i) Visitor’s book
When you enter one of our sites as a visitor, we collect the following personal data: Name, company, length of visit, visited person. Legal basis is our legitimate interest (Art. 6 (1) f) GDPR). It is our legitimate interest in case of a(n) (security)-incident to be able to retrace which persons have been at our premises at what times.
Those data won’t be linked with other data stored in our system and will be deleted after 6 months.
j) Trade fair
Our sales representatives record conversation and contact information during your visit to our trade fair stand. This information is used to inititate a business relationship and based on our legitimate interest in accordance with Art. 6 para. 1 sentence 1 lit. b and f GDPR. The trade fair minutes are digitized and stored in our CRM system.
Subject to your consent, we will send you the information you requested by e-mail. The legal basis for this Art. 6. para. 1 sentence 1 lit. a GDPR. You can revoke your consent at any time with effect for the future.
We store your personal data as long as necessary to fulfill the above-mentioned purposes.
3. Recipients of the data
a) Google Ireland Limited
Google Analytics
This Website uses Google Analytics, a web analysis service by Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland (“Google”). Google Analytics uses so-called “Cookies” – small text files that are placed on your computer and which allow an analysis of the use of our website by you.
Among other things, the following data is collected from you: IP address, time spent on the website, language, location, and the browser you are using. The analysis is carried out by means of an algorithm (machine learning) that measures and analyzes your user behavior based on the collected data and can recognize it on other devices you use. By default, your IP address is anonymized by shortening it before it is transmitted to Google.
We’ve also disabled the collection of accurate location, location, and device data.
You can find more detailed information about how Google uses those data here: https://policies.google.com/privacy/partners?hl=de
The transfer of data to the USA is based on the Data Privacy Framework.
Google Analytics will only be used if you have given your consent. The legal basis is Art. 6 Para. 1 S. 1 lit a GDPR and § 25 TTDSG.
You can revoke this consent at any time by clicking on the “Cookie settings” button under “Cookies” and saving a new selection.
The data collected with Google Analytics is passed on internally to our marketing department and IT department and processed there.
Google recaptcha
This website uses Google reCAPTCHA (“reCAPTCHA” in the following) by Google Ireland Limited (“Google”), Gordon House, Barrow Street, Dublin 4, Ireland.
ReCAPTCHA is supposed to confirm whether a data entry (e. g. contact form) has been done by a human being or an automated program. For this purpose, reCAPTCHA analyses the visitor’s behavior by certain characteristics. The analysis starts automatically as soon as the visitor visits the website.
For the analysis reCAPTCHA assesses different information (e. g. IP-address, how long the visitor stays on the website and mouse movements). The data collected will be transferred to Google. The reCAPTCHA analyses are carried out completely in the background. Website visitors are not informed about the analyses.
Legal basis for the storage and analysis of the data is Art. 6 Para. 1 S. 1 lit. f GDPR. The operator of the website’s legitimate interest is protecting his web content from abusive automated spying and SPAM.
More information about reCAPTCHA can be found in the Google data protection notice and the terms of service:
https://policies.google.com/privacy?hl=de and
https://policies.google.com/terms?hl=de
By using this service, Google also loads so-called web fonts (Google Fonts). For this purpose, the browser you are using must connect to Google’s servers. As a result, Google learns that our website has been accessed via your IP address. For more information about Google Web Fonts, see:
https://developers.google.com/fonts/faq
and Google’s privacy policy:
https://www.google.com/policies/privacy/.
We have no influence on this data collection.
b) Further recipients
Your data will not be disclosed to any other third parties, except if there is a legal obligation to transfer the data. Art. 6 (1) c GDPR in connection with the respective instructions or the legal obligation we are subject to in the individual case, is the legal basis for processing data. Categories of recipients of the data are public authorities in case of a legal obligation and processors that process the data collected online on our behalf. Processors involved are hosting providers of the website.
4. Social Media Profiles
We use a LinkedIn account operated by LinkedIn Ireland Unlimited Company, Wilton Plaza, Wilton Place, Dublin 2, Ireland. In order to modify your settings concerning advertising measures in your profile at LinkedIn, please use the following link:
https://www.linkedin.com/psettings/guest-controls/retargeting-opt-out
We have entered into a joint controllership agreement with LinkedIn. This agreement specifies which data processing operations we or LinkedIn are responsible for when you visit our LinkedIn presence. LinkedIn Ireland assumes primary responsibility under the GDPR for the processing of Insights data. You can view this agreement at the following link: https://legal.linkedin.com/pages-joint-controller-addendum
The data protection notice of LinkedIn can be found here:
https://www.linkedin.com/legal/privacy-policy
Youtube
WeuseaYouTubechanneloftheoperatorGoogle Ireland Limited, GordonHouse, BarrowStreet, Dublin4,Ireland.
When you visit a page on which a Youtube video is embedded, your IP address and various technical data of your device such as operating system, browser used, etc. is stored by Youtube on servers in the USA.
The legal basis for the processing of your data is your consent in accordance with Art. 6 Para. 1 S. 1 lit. a GDPR.
When you visit our YouTube channel, the operator processes, among other things, your personal data such as IP address and information about your device. If you are logged in with your Google account, this data can be linked to your account.
For optimizing reach and improving our offer, we use the statistical data provided by Google about the use of the channel. In particular, we can view the following data:
Number of views on our videos
Number of subscribers to our channel
Traffic Source
Endpoint information
Demographic data
Categories of other videos viewed by viewers of our videos.
We have no influence on the generation of these statistics.
Further information on data processing and storage duration by and at Google can be found at:
https://policies.google.com/privacy?hl=de
In addition, we may process your personal data to respond to inquiries or for other communication via our channel.
The legal basis for the processing is your consent, which you give us by visiting our channel and writing a comment or entering into other communication with us (Art. 6 para. 1 p. 1 lit. a GDPR).
Vimeo
We use a Vimeo account of the operator Vimeo Inc., 555 West 18th Street New York, New York 10011, USA.
When you visit a page on which a Vimeo video is embedded, your IP address and various technical data of your device such as operating system, browser used, etc. is stored by Vimeo on servers in the USA.
The legal basis for the processing of your data is your consent in accordance with Art. 6 Para. 1 S. 1 lit. a GDPR.
For more information on data processing by Vimeo, please visit:
5. Your rights with regards to your personal data
According to GDPR you have the following rights with regard to your personal data. You can find more detailed information in Art. 15 to 21 GDPR as well as in §§ 32 to 37 German Federal Data Protection Act.
You have the right to access your personal data. You may also request the rectification of inaccurate data. Under certain conditions you have the right to erasure, the right to restriction and the right to data portability. Further, you have the right to object to processing of personal data which is based on point (e), (f) of Art. 6(1), including profiling based on those provisions. You may withdraw your consent at any time and without giving reasons with effect for the future.
You may assert these rights directly with the controller. Therefore, informal contact is sufficient. You may send an Email or a letter.
You also have the right to lodge a complaint with a supervisory authority if you find our processing of your personal data to be inconsistent with applicable data protection law. A list of federal Data Protection Commissioner and contact data can be found here:
https://www.bfdi.bund.de/DE/Infothek/Anschriften_Links/anschriften_links-node.html
In case of any further questions please feel free to contact our officer for data protection:
David Gabel – E-Mail: david.gabel@your-insider.com
General information concerning data protection and processing of personal data can be found at https://www.dsgvo-support.de
This post is also available in: German
OUR
CUSTOMER SERVICE
YOUR
QUESTIONS
Our experts support you with your questions at any time.
HumanOptics launches new disposable surgical knives at DOC 2024
News
At this year’s DOC Congress from June 20-22, 2024, HumanOptics will be presenting a completely new image and launching the new EXTRA IN VISION campaign as well as new disposable surgical knives for ophthalmic procedures. HumanOptics is presenting itself with a new image at the DOC Congress 2024 in Nuremberg. In addition to the new […]