Data protection declaration / duty to provide information according to §5 TMG & Art. 13/14 GDPR
At HOYA Surgical Optics GmbH, we believe the protection of personal data involves far more than just complying with legislation. We are therefore happy that you are interested in how we handle personal data.
We always process personal data such as a person’s name, address, e-mail address, or phone number in accordance with applicable privacy law.
With this privacy notice, we would like to inform everyone about the nature, scope, and purpose of the personal data that we collect, use, and process. Furthermore, we would like to explain to the persons concerned the rights to which they are entitled.
HOYA Surgical Optics GmbH has implemented numerous technical and organizational measures to ensure that the personal data processed via this Web site is protected as comprehensively as possible.
Despite the care we take, Internet-based data transmission is vulnerable to security flaws and, consequently, absolute protection can never be guaranteed. For this reason, you of course have the option of transmitting your personal data by alternative means, for example, by telephone or post.
Name, Address, and Contact Details of the Entity Responsible
HOYA Surgical Optics GmbH
Mads Bjerre Andersen
60549 Frankfurt am Main
Phone: +49 69 664 268 0
Fax: +49 69 664 268 399
Privacy Officer Contact Details
The Privacy Officer for the data controller is:
DDI – Deutsches Datenschutz Institut GmbH
You can contact our Privacy Officer by sending a letter to the attention of “Privacy Officer” at the address above or by sending an e-mail to: email@example.com
Purposes and Legal Grounds for Processing Data – When Visiting Our Web Site in General
Should you use our Web site purely for informational purposes, not register yourself, or convey information to us in some other way (e.g. by e-mail), we will only collect the data that your browser transfers to our server (“server log files”). This data is processed in accordance with GDPR art. 6(1)(f) on the basis of our legitimate interest in improving the stability and functionality of our Web site. This data is not used in any other way and in no way shared with third parties. However, we do reserve the right to analyze log files at a later date if there are reasons to suspect unlawful usage.
Purposes and Legal Grounds for Processing Data – Contact Form
When you contact us (e.g. using our contact form or by e-mail), we collect personal data. This data is stored and used exclusively for the purposes of answering your inquiry and for the associated technological administration. Our legitimate interest in responding to your inquiry forms the legal grounds for processing this data, in accordance with GDPR art. 6(1)(f). If you contact us for the purpose of entering into a contract, there are additional legal grounds for processing provided in GDPR art. 6(1)(b). Your data will be erased once your inquiry has been conclusively resolved. This is the case if it can be assumed that the relevant matter has been completely resolved and if there are no statutory retention periods barring us from erasing the data.
Purposes and Legal Grounds for Processing Data – Comment Function
When using the comment function on this Web site, details about the time you wrote the comment and the user name you have selected will be stored and published on the Web site alongside the comment. Furthermore, your IP address will also be recorded and stored. We store your IP address for security reasons and in case a comment that is left violates third-party rights or leads to illicit content being posted. The legal grounds for storing your data are provided in GDPR art. 6(1)(b) and (f). We reserve the right to delete comments if third parties contend that they are unlawful or harmful.
Purposes and Legal Grounds for Processing Data – Newsletter Function
Upon registering for our e-mail newsletter, we will regularly send you information about our company and our offers. The only information that is required for us to send the newsletter is your e-mail address. You may provide other data voluntarily so that we can address you by name. We use the double opt-in method to send out our newsletter. This means that we will only send you an e-mail newsletter if you have explicitly confirmed that you give your consent to us sending newsletters. We will then send you a confirmation e-mail asking you to confirm your desire to receive future newsletters by clicking on a corresponding a link.
By clicking on the confirmation link, you grant us permission to use your personal data in accordance with GDPR art. 6(1)(a). When you register for our newsletter, we save the IP address assigned by your Internet service provider (ISP) along with the date and time of registration so that we can trace any misuse of your e-mail address at a later point in time. The data that we collect when you register for the newsletter is used exclusively for promotional purposes in the form of our newsletter. You can unsubscribe from the newsletter at any time by using the link provided for this in every newsletter. When you unsubscribe, your e-mail address will be immediately deleted from our newsletter mailing list, provided that you have not given your explicit consent to us continuing to use your data or that we do not reserve the right to use the data beyond the given scope in a manner legally allowed and about which we inform you in this notice.
Recipients or Categories of Recipients
providers, IT service providers, Google Inc., Fonticons Inc.
Transfer to Non-EU/EEA Country
Google Inc., Fonticons Inc. OR
The controller processes and stores the data subject’s personal data only for the period of time required to achieve the purpose for which it is stored or only if the controller is required to store data on account of legislation or regulations that are passed by European Union legislators and regulators, or other legislators, and the controller is subject to this legislation or these regulations.
Should there no longer be any reason to store the data or if a retention period prescribed by a European Union directive or regulation or by other relevant law expires, the personal data will be restricted from processing or deleted as a matter of routine and in accordance with statutory regulations.
Notice of Right to Object When Consent Is Selected as Legal Grounds
You have the right at any time to withdraw any consent given to the processing of your data. If you withdraw your consent, we will immediately delete the data concerned, provided there are no other legal grounds to support further processing. If you withdraw your consent, it will not affect the legality of the processing operations conducted until the time of the withdrawal.
Notice About Profiling and Scoring
DoubleClick, Google Analytics
Rights of the Data Subject
You can request information about the personal data concerning you that we have stored by writing to the above address. Moreover, in certain situations you can request to have your data rectified or erased.
You may additionally have the right to have the processing of your data restricted as well as the right to obtain the data you have provided in a structured, commonly used, and machine-readable format.
Right to Complain to Data Protection Supervisory Authority
If you believe that the processing of your personal data violates the GDPR, GDPR art. 77 provides you the option of filing a complaint with the Privacy Officer named above or with a supervisory authority for data protection. The supervisory authority with jurisdiction over us is:
Der Hessische Datenschutzbeauftragte
By using cookies, HOYA Surgical Optics GmbH can provide Web site users with more user-friendly services that would otherwise not be possible.
The data subject can at any time stop cookies being saved by our Web site by activating the corresponding settings in his/her Web browser and, in doing so, permanently object to cookies being saved. Furthermore, cookies that have already been saved can be deleted at any time using the Web browser or other software programs. This is a function available in all common Web browsers. If the data subject deactivates his/her Web browser’s cookie-saving function, it may in some cases no longer be possible to use the complete functionality of our Web site.
Data Protection Provisions for the Use of Google Analytics (with Anonymization Function)
The controller has integrated the Google Analytics component into this Web site (using the anonymization function). Google Analytics is a Web analytics service. Web analytics involves the collection, storage, and analysis of data regarding the behavior of Web site visitors. A Web analytics service records data that includes the Web site from which a data subject has arrived at another (called the “referrer”), the sub-sites that are accessed on a Web site, and the length of time spent on a sub-site. Web analytics is used primarily to optimize Web sites and for cost-benefit analyses on Internet advertising.
The company operating the Google Analytics component is Google Inc., 1600 Amphitheatre Pkwy, Mountain View, CA 94043-1351, United States.
The controller adds the “_gat.anonymizelp” feature for the Web analytics service provided by Google Analytics. This extension abbreviates and anonymizes the IP address of the data subject’s Internet connection when our Web site is visited from a member state of the European Union or European Economic Area.
The purpose of the Google Analytics component is to analyze visitor traffic to our Web site. Google uses the acquired data and information for purposes such as analysis of our Web site’s usage, composing online reports for us that display the activities on our Web site, and rendering other services associated with the usage of our Web site.
Google Analytics saves a cookie on the data subject’s information technology system. There is an explanation of what cookies are earlier in this notice. Saving cookies enables Google to analyze how our Web site is used. Every time an individual page is visited on this Web site, the latter being operated by the controller and featuring an integrated Google Analytics component, the relevant Google Analytics component automatically causes the Web browser on the data subject’s information technology system to transfer data to Google for online analysis. As part of this technological operation, Google gains knowledge of personal data such as the data subject’s IP address, which is used to enable Google to perform actions such as tracking visitor origin and clicks, which is in turn used to calculate commission.
The cookie is used to save personal information, for example time of visit, place the visit was from, and frequency of the data subject’s visits to our Web site. Every time our Web site is visited, this personal data, including the IP address for the data subject’s Internet connection, is transferred to Google in the United States. This personal data is stored by Google in the United States. In some cases, Google shares the personal data collected through these technological processes with third parties.
As already explained above, the data subject can at any time stop cookies being saved by our Web site through his/her Web browser’s corresponding settings and at the same time permanently object to cookies being saved. Web browser settings along these lines generally also prevent Google from saving cookies on the data subject’s information technology system. Furthermore, cookies that have already been saved by Google Analytics can be deleted at any time using the Web browser or other software programs.
You can find more information and Google’s applicable privacy provisions at https://www.google.de/intl/en/policies/privacy/ and http://www.google.com/analytics/terms/us.html. Google Analytics is explained in more detail at https://www.google.com/intl/en_us/analytics/.
Data Protection Provisions for the Use of Google Fonts
The controller has integrated Google Fonts into this Web site. Google provides free fonts that can be used when designing Web sites.
So that fonts can be displayed consistently, this Web site uses Web fonts that are provided by Google LLC., 1600 Amphitheatre Parkway, Mountain View, CA 94043, United States (“Google”). When visiting a page on our Web site, the data subject’s browser loads the required Web fonts into its cache so that it can display text and fonts correctly.
For this purpose, the browser used by the data subject must establish a connection with Google’s servers. This process informs Google of the corresponding page being visited from the data subject’s IP address. We use Google Web fonts in the interest of presenting our online offering consistently and appealingly. This represents a legitimate interest as provided in GDPR art. 6(1)(f). If the data subject’s browser does not support Web fonts, the data subject’s computer will use a default font.
Google LLC., based in the United States, has been certified for the purposes of the U.S.-EU “Privacy Shield” data protection framework, which ensures compliance with the level of privacy required in the EU.