Data protection information from ISRA VISION AG for www.isravision.com
Valid as of May 25, 2018
We take your privacy very seriously and we process your personal data in accordance with the respectively applicable statutory data protection requirements. Personal data in the meaning of this information includes all information that can infer a reference to you, hence, for example, your name, address, email and IP address, and usage behavior.
In the following data protection information we would like to inform you on how we process your personal data. In addition, we will provide you with an overview of your data protection rights. Which data is specifically processed and in which form significantly depends on the used, requested or agreed services.
1. Controller and data protection officer
(1) The controller in accordance with Article 4 Para. 7 of the EU General Data Protection Regulation (GDPR) or service provider in accordance with § 13 of the German Telemedia Act (TMG) is:
ISRA VISION AG
(2) The data protection officer for the controller can be contacted at:
ISRA VISION AG
The Data Protection Officer
2. Source of personal data
We process your personal data which we receive from you during the course of your visit to our website, as part of your contacting us by email or via a contact form.
3. Categories of the processed personal data
(1) If you visit or use our website strictly for informative purposes, i.e. if you do not register or provide us with information in another form, we only collect the personal data which your browser passes on to our server. When you want to view our website, we collect the following data which is required from a technical standpoint to display our website to you and which ensures its stability and security:
- your IP address,
- date, time and duration of your visit,
- content of your request (specific page),
- respectively transmitted data volume and access status (files transmitted / not transmitted),
- website from which the request comes,
- your browser type,
- your operating system,
- your device type.
This data is solely used for internal statistical purposes.
(2) In addition to the above-mentioned data, cookies are stored on your computer when you use our website. Cookies are small text files which are stored on your hard disk in such a way that they are associated with the browser you are using and which provide certain information to the party placing the cookie. Cookies cannot execute programs or transmit viruses to your computer. They are used to make the internet more user-friendly and more efficient as a whole.
(4) Most browsers are set so that they accept cookies. You can deactivate the saving of cookies at any time in your browser or set your browser such that you receive a message as soon as cookies are sent. However, we would like to point out that if you do this you may not be able to use all the functions of the website to their full extent.
(5) This stored information is stored separately from other data possibly provided to us. In particular, the cookie data is not linked to your other data.
4. Other functions and offers on our website
(1) Along with the purely informative use of our website, we also offer different services which can be used when of interest to you. This generally requires that you provide additional personal data, which we then use to perform the respective service and to which the previously defined principles on data processing apply.
(2) When contacting us by email or via a contact form, the following personal data must be given: name, company, market, country and email address.
The following data must be provided when using our service request and when signing up for our information events (customer-specific training courses, seminars and workshops): title, name, company, project number, country, request and email address. All other personal data is provided voluntarily.
Furthermore, you are given the opportunity to download product information. In order to provide you with the product information, the following personal data must be provided: email address.
This personal data is saved by us for the purpose of responding to your request.
5. Google Universal Analytics with IP anonymization
(1) This website uses Google Universal Analytics with IP anonymization, a web analysis service provided by Google Inc. (“Google”). Google Universal Analytics uses “cookies”. The information on your use of the website generated by the cookie is usually transmitted to a Google server in the USA and stored there. Through the activation of IP anonymization on this website, however, Google will, prior to transmission, shorten your IP address within the member states of the European Union or in other contracting states of the Treaty on the European Economic Area. On behalf of the operator of this website, Google will use this information to evaluate your use of the website, to compile reports of the website activities and to provide additional services associated with use of the website and internet to the website operator.
(2) The IP address transmitted by your browser in the context of Google Universal Analytics will not be combined with other Google data.
(3) Using the cookie settings of your browser, you can prevent the forwarding of the collected data created by the cookie which is related to your use of the website (incl. your IP address) to Google as well as preventing the processing of this data by Google by downloading and installing the browser plug-in provided at the following link: https://tools.google.com/dlpage/gaoptout?hl=en.
(4) We would like to point out that Google Universal Analytics used on this website has the extension code “ga('set', 'anonymizeIp', true);” to ensure the anonymized collection of IP addresses (so-called IP masking). Due to this, IP addresses are shortened before further processing, so that a direct reference to a person can be ruled out.
(5) We use Google Analytics to analyze and regularly improve the use of our website. We can use the obtained statistics to improve our offerings and make them more interesting for you, the user. In exceptional cases in which personal data is transferred to the USA, Google has signed up to the EU-US Privacy Shield, https://www.privacyshield.gov/EU-US-Framework.
(6) Information on the third-party provider: Google Dublin, Google Ireland Ltd., Gordon House, Barrow Street, Dublin 4, Ireland, Fax: +353 (1) 436 1001. User terms and conditions: https://www.google.com/analytics/terms/us.html, overview on data protection: https://www.google.com/analytics/learn/privacy.html?hl=en-GB, and the data protection declaration: https://policies.google.com/privacy/update?hl=en&gl=en.
6. Involvement of Google Maps
(1) On this website we use the offer of Google Maps. This allows us to show you interactive maps directly on the website, allowing you to conveniently use the map feature.
(2) By visiting the website, Google receives the information that you have accessed the corresponding underside of our website. In addition, the data specified in section 3 of this data protection information will be transmitted. This is done regardless of whether Google provides a user account that you are logged in to, or if there is no user account. When you're logged in to Google, your data will be assigned directly to your account. If you do not wish to be associated with your profile on Google, you must log out before activating the button. Google stores your data as usage profiles and uses them for purposes of advertising, market research and / or custom design of its website. Such an evaluation is done in particular (even for non-logged in users) to provide needs-based advertising and to inform other users of the social network about your activities on our website. You have the right to object to the creation of these user profiles, whereby you must contact Google.
(1) With your consent, you can subscribe to our newsletter which we use to inform you on our current offers. The advertised goods and services in particular include information on products, trade fairs, events and other services.
(2) We use the so-called double opt-in procedure for signing up to receive our newsletter. This means that once you have registered, we send an email to the specified email address in which we request your confirmation that you wish to receive the newsletter. In addition, we store the used IP addresses and the times of registration and confirmation. The purpose of the procedure is to verify your registration and, if necessary, resolve any possible misuse of your personal data.
(3) To satisfy your legitimate interests, your email address and the requested market you wish to be informed of are the sole obligatory information required for receiving the newsletter. The provision of other, separately highlighted data, is voluntary and is used to address you personally. Following confirmation, we store your email address for the purpose of sending you the newsletter.
(4) You can revoke your consent to receive the newsletter and unsubscribe from the newsletter at any time. The revocation can be issued by clicking the link provided in every newsletter, or via the website, or by sending a message by email to the contact data provided in the imprint. You also have the option of unsubscribing from the newsletter directly on our website.
8. Investor Relations Contact Form and Information subscription
(1) When contacting us via our investor relations contact form, the following personal data must be given: title, sir name, company, country and email address. The purpose of this mandatory information is to be able to clarify a possible misuse of personal data and our company information.
(2) With your consent, you can subscribe to receive information from us via our investor relations contact form; you will then regularly receive reports and notifications from us via email. These reports and notifications in particular involve quarterly and annual reports, company news and press releases.
(3) We use the so-called double opt-in procedure for signing up to receive our information subscription. This means that once you have registered, we send an email to the specified email address in which we request your confirmation that you wish to receive the newsletter. In addition, we store the used IP addresses and the times of registration and confirmation. The purpose of the procedure is to verify your registration and, if necessary, resolve any possible misuse of your personal data.
(4) You can revoke your consent to receive the information subscription and unsubscribe from the information subscription at any time. The revocation can be issued by clicking the link provided in every email or by sending a message by email to the contact data provided in the imprint. You also have the option of unsubscribing from the information subscription and deleting your entry relating to this directly on our website. There you also have the possibility to change your personal data.
9. Integration of Google reCAPTCHA
(1) Our website uses the reCAPTCHA service from Google to protect your queries via internet form. The query is designed to differentiate whether the entry is made by a human being or is being misused by an automated machine process (e.g. so-called bots). The query includes the forwarding of the IP address and possibly other data to Google which Google needs to provide the service. Your entry is forwarded to Google and processed there for this purpose.
(2) By using reCAPTCHA you agree that the identification provided by you shall be included in the digitalization of old works. Through the activation of IP anonymization on this website, Google will, prior to transmission, shorten your IP address within the member states of the European Union or in other contracting states of the Treaty on the European Economic Area. Only in exceptional cases will the complete IP address be transmitted to a Google server and shortened there. On behalf of the operator of this website, Google will use this information to evaluate your use of this service. The IP address transmitted by your browser in the context of reCAPTCHA will not be combined with other Google data. Deviating from this are the data protection provisions of Google Inc., which are applicable to this data. Additional information on Google’s data protection guidelines are available at: https://policies.google.com/privacy?hl=en.
10. Categories of recipients of personal data
(1) Some of the above-mentioned processes and services are performed on our behalf by third-party service providers which have been carefully selected according to data protection principles. These external service providers are bound to our instructions and are checked on a regular basis.
(2) With regard to transferring data to other recipients, we shall only provide information on you when legal provisions require this, you have consented or when we are authorized to transfer such data. If these requirements are met, recipients of personal data may include:
- public bodies and institutions (e.g. financial authorities, law enforcement authorities) when there is a legal or official obligation,
- other companies within the Group.
11. Purposes for which personal data is to be processed and legal basis for processing
We process your personal data in compliance with the respectively applicable statutory data protection regulations. The processing is lawful when the following conditions are met:
- Consent (Article 6, Para. 1 (a) of the GDPR):
The processing of personal data is lawful when the consent to process the data for defined purposes (e.g. processing of your query, use of the data for marketing purposes) has been given. The granted consent can be revoked at any time with effect for the future. This also applies to the revocation of declarations of consent that were issued to us before the GDPR entered into force, hence before May 25, 2018.
- Based on compliance with contractual obligations (Article 6, Para. 1 (b) GDPR):
We process personal data in order to fulfill our contractual obligations or to carry out precontractual measures performed upon request. The purposes of the data processing primarily arise from your query.
- Based on compliance with legal obligations (Article 6, Para. 1 (c) GDPR):
ISRA VISION AG is subject to various legal obligations. These include:
- Commercial and tax-related retention regulations in accordance with the German Commercial Code and Tax Code.
- Compliance with tax law-related control and notification obligations.
- For the purposes of legitimate interests (Article 6, Para. 1 (f) GDPR):
If required, we process your personal data beyond the actual fulfillment of the contract to safeguard our legitimate interests or those of third parties. Examples:
- Assertion of legal claims and defense in case of legal disputes,
- Ensuring IT security and IT operations,
- For the analysis and improvement of the use of our website.
12. The intention of transferring personal data to a third country or an international organization
An active transferring of personal data to a third country shall only take place when this has been explicitly pointed out as part of the above-mentioned services.
13. Criteria for specifying the duration for which the personal data is stored
(1) The data is stored in accordance with legal provisions governing data processing and in consideration of statutory retention periods. We process and use your personal data exclusively for the purposes you have authorized and for as long as the data is required for these purposes.
(2) If the personal data is no longer needed for the purpose or to comply with legal obligations, such data will generally be deleted unless their temporary and possibly restricted processing is required for the following purposes:
- Compliance with commercial and tax-related retention obligations: The German Commercial Code (HGB) and the Tax Code (AO) shall be named in this regard. These stipulate retention or documentation periods of up to 10 years.
- The preservation of evidence under the statutory limitation regulations. In accordance with §§ 195 et seq. of the German Civil Code (BGB), the regular limitation period is three years; however, this can be up to 30 years under special circumstances.
14. Your data protection rights
(1) Every affected person has the right of access in accordance with Article 15 GDPR, the right to rectification in accordance with Article 16 GDPR, the right to erasure in accordance with Article 17 GDPR, the right to restriction of processing in accordance with Article 18 GDPR, the right to object in accordance with Article 21 GDPR and the right to data portability as per Article 20 GDPR. The restrictions in accordance with §§ 34 and 35 of the German Federal Data Protection Act (BDSG) apply to the right of access and the right to erasure. Furthermore, there is a right to lodge a complaint with a responsible data protection supervisory authority (Article 77 GDPR in conjunction with § 19 BDSG).
(2) You can revoke the consent granted to us for the processing of personal data at any time with effect for the future. This also applies to the revocation of declarations of consent that were issued to us before the General Data Protection Regulation entered into force, hence before May 25, 2018.
(3) You have the right, based on reasons arising from your special situation, to assert your objection to the processing of data related to your person, collected based on Article 6, Para. 1 (e) GDPR (data processing carried out in the public interest) and Article 6, Para. 1 (f) GDPR (data processing for the purposes of legitimate interests) at any time.
Should you file an objection, we shall no longer process your personal data, unless we can provide verification of the legitimate grounds for the processing that override your interests, rights and freedoms, or when the processing serves the assertion, execution or defense of legal claims.
The objection is free of form and should be directed to:
ISRA VISION AG
The Data Protection Officer
15. Obligation for the provision and possible consequences of a non-provision of personal data
Within the scope of using our offers, you must provide the personal data which is required to fulfill the purpose or which we are obligated to collect by law. Without this data, we will generally not be able to conclude the contract with you or execute such contract.
16. Data security
We also use technical and organizational security measures to protect incoming or collected personal data, in particular against accidental or intentional manipulation, loss, destruction or against attacks by unauthorized persons. Our security measures are continuously improved in line with technological advances.
17. Changes to the data protection information
We develop and optimize our services on an ongoing basis. Therefore, new functionalities may be added. Should this influence the way we process your personal data, we will inform you of this in our data protection information in a timely manner.
The following rules apply to the processing of personal data in connection with an application to ISRA VISION.
ISRA VISION is the controller for the processing of your personal data in connection with your application in accordance with Art. 4 No. 7 EU General Data Protection Regulation (GDPR). Further information can be found in our imprint. You can reach our data protection officer at email@example.com.
We process all application documents that you send us by post, e-mail or our online application format exclusively for the purpose of processing your application. Your application documents will be forwarded internally to the responsible departments. The legal basis for this processing of your personal data is Art. 6 para. 1 sentence 1 lit. b GDPR, § 26 Abs. 1 BDSG 2018.
After completing the application process, we will delete your application documents in compliance with data protection, provided that further storage of your data is no longer required.
You have the following rights with respect to the personal data relating to you:
- Right to information,
- Right to rectification or erasure,
- Right to restriction of processing,
- Right to object to the processing,
- Right to data portability.
To assert your rights, please contact our data protection officer at firstname.lastname@example.org. You may always exercise your rights free of charge. You also have the right to complain about the processing of your personal data at a data protection supervisory authority.