We attach great importance to the protection of your data and the protection of your privacy. This statement describes how and for what purpose your data is collected and used and what choices you have in connection with personal data.
What is personal data? This term is defined in the Federal Data Protection Act (BDSG) and the EU Basic Data Protection Regulation (DSGVO). Accordingly, this is data which can be assigned to a specific or identifiable person and which provides insight into their physical, physiological, economic, cultural or social identity (Article 4 No. 1 DSGVO). For example, this includes your civil name, your date of birth, health data, your address, your telephone number, your email address or online data such as your IP address.
1. Responsible body
Responsible authority for the collection, processing and use of your personal data in the sense of the DSGVO is
Caterna Vision GmbH
David Gilly Street 1
2. General use of the website
2.1 Access data (server log files)
When you use our website, general information about your use and interaction with us is automatically collected. This information (so-called access data or server log files) includes the name and URL of the retrieved file, date and time of the retrieval, transferred data volume, notification of successful retrieval (HTTP response code), browser type and browser version, operating system, referrer URL (i.e. the previously visited page), IP address and the requesting provider.
We do not use these general log data to draw conclusions about your person. The purpose of recording the server log files is, among other things, statistical evaluations for the purpose of operation, security and optimisation of our online services, but also for anonymous recording of the number of visitors to our website (traffic) and the scope and type of use of our website and services. On the basis of this information, we can provide personalised and location-related content and analyse data traffic, search for and correct errors and improve our services. We reserve the right to subsequently check the log data if there is a justified suspicion of illegal use on the basis of concrete indications. We store IP addresses in the log files for a limited period of time if this is necessary for security purposes or for the provision or billing of a service, e.g. if you use one of our services.
Our website uses so-called “cookies”. Cookies are small text files that are stored on your computer system and make it possible to store certain information about your usage behaviour. This includes data such as your IP address, the browser used and your operating system. With these cookies we can make it easier for you to navigate the website, increase user-friendliness and ensure that our website runs optimally and smoothly. Some of these cookies are so-called “session cookies”, which are deleted after the browser session. Others remain on your system and allow us to recognize you the next time you visit our website.
2.3 Google Analytics
We use Google Analytics, a web analysis service provided by Google Inc. (“Google”). Google Analytics uses “cookies”, which are text files placed on your computer, to help the website analyze how users use the site. The information generated by the cookie about the use of this website by website visitors is generally transmitted to a Google server in the USA and stored there.
However, if IP anonymisation is activated on this website, your IP address will be shortened by Google in advance within member states of the European Union or in other signatory states to the Agreement on the European Economic Area. Only in exceptional cases will the full IP address be transmitted to a Google server in the USA where it will be shortened. IP anonymization is active on this website. Google will use this information on our behalf to evaluate your use of the website, to compile reports on website activity and to provide us with other services relating to website activity and internet usage. For this purpose, we have concluded a contract with Google for order data processing.
The IP address transmitted by your browser as part of Google Analytics is not combined with other data from Google.
As an alternative to the browser plug-in or within browsers on mobile devices, you can click on the following link to set an opt-out cookie that will prevent Google Analytics from collecting this data within this website in the future (this opt-out cookie only works in this browser and only for this domain). If you delete the cookies in your browser, you must click this link again): Deactivate Google Analytics
Google Analytics cookies are set on the basis of Art. 6 Para. 1 lit. f DSGVO. As the operator of this website, we have a legitimate interest in analysing user behaviour in order to optimise our website and, if necessary, advertising.
2.4 Google TagManager
For reasons of transparency, we would like to point out that we use the Google Tag Manager. The Google Tag Manager itself does not collect any personally identifiable information. The Tag Manager makes it easier for us to integrate and manage our tags. Tags are small pieces of code used, among other things, to measure traffic and visitor behavior, capture the impact of online advertising and social channels, set up remarketing and targeting, and test and optimize websites. We only use Google Analytics and DoubleClick. If you have made a opt-out, the Google Tag Manager will take that opt-out into account. For more information about the Google Tag Manager, please visit: https://www.google.com/intl/de/tagmanager/use-policy.html
2.5 Google AdWords
To draw attention to our services, we place ads on Google AdWords. These are displayed on Google after search queries. In the area of our contact forms, cookies are used to register how many users have found us via one of our ads. The resulting anonymous statistics enable us to optimize our ads. The cookie is stored by Google when you click on an advertisement and can be prevented via the settings of your browser In this case, your visit to our website will not be included in the anonymous user statistics. Further information can be found in the Google website statistics.
You may opt out of Hotjar’s storage of a user profile and information about your visit to our website and Hotjar’s use of tracking cookies on other websites by clicking this opt-out link.
2.7 Facebook Plug-In
This website uses Facebook Social Plugins, which are provided by Facebook Inc. (1 Hacker Way, Menlo Park, California 94025, USA). The embeddings are recognizable by the Facebook logo or by the terms “like”, “like”, “share” in the colors Facebooks (blue and white). Information about all Facebook plugins can be found in the following link: https://developers.facebook.com/docs/plugins/
The plugin establishes a direct connection between your browser and the Facebook servers. The website operator has no influence whatsoever on the nature and extent of the data that the plugin transmits to the Facebook Inc. servers. You can find more information here: https://www.facebook.com/help/186325668085084
The plugin informs Facebook Inc. that you have visited this website. It is possible that your IP address will be saved. If you are logged into your Facebook account during your visit to this website, this information is linked to this account.
If you use the functions of the plugin – for example by sharing or “linking” a post – the corresponding information is also transmitted to Facebook Inc.
Would you like to prevent Facebook. Inc. links this data to your Facebook account, please log out of Facebook before visiting this website.
2.8 Contact Form and Email Contact
When you contact us (e.g. via contact form or e-mail), we store your details for processing the enquiry and in the event that follow-up questions arise. We store and use the data you enter in the contact form such as name, e-mail, telephone number, diagnosis or visual acuity values, name of the attending physician and the information you have learned from us for the purpose of individual communication with you. These data will not be passed on without your consent.
The processing of the entered data takes place exclusively on the basis of your consent (Art. 6 para. 1 lit. a DSGVO). A revocation of your consent is possible at any time. An informal notification by e-mail is sufficient for the revocation. The legality of the data processing operations carried out until the revocation remains unaffected by the revocation.
2.9 Use of Web Fonts
2.10. Legal basis and storage period
The legal basis for data processing in accordance with the above paragraphs is Article 6(1)(f) of the DSGVO. Our interests in data processing are, in particular, ensuring the operation and security of the website, investigating the manner in which visitors use the website, and simplifying the use of the website.
Unless specifically stated, we will only store personal data for as long as is necessary to fulfill the purposes for which it was collected.
3. Data security and encryption
In order to protect the security of your data during transmission, we use an encryption procedure on our site. Your personal data will therefore be transmitted in encrypted form. We use the SSL (Secure Socket Layer) coding system. This means that data that you transmit via this website cannot be read by third parties. You can recognize such an encrypted connection by the “https://” address line of your browser and by the lock symbol in the browser line.
However, we would also like to point out that data transmission over the Internet (e.g. when communicating by e-mail) can be subject to security gaps. A complete protection of the data against access by third parties is not possible.
To secure your data, we maintain technical and organizational security measures, which we constantly adapt to the state of the art.
4. Passing on data to third parties
In principle, we use your personal data only within our company.
If and to the extent that we involve third parties in the performance of contracts (such as logistics service providers), this personal data will only be received to the extent that the transmission is necessary for the corresponding service.
In the event that we outsource certain parts of the data processing (“order processing”), we contractually oblige order processors to use personal data only in accordance with the requirements of the data protection laws and to guarantee the protection of the rights of the person concerned.
5. Your rights as a data controller
Under the applicable laws, you have various rights with respect to your personal information. If you wish to exercise these rights, please send your request by e-mail or by post, clearly identifying yourself, to the address given in point 1.
Below you will find an overview of your rights.
5.1 Right to confirmation and information
You have the right at any time to receive confirmation from us as to whether personal data concerning you will be processed. If this is the case, you have the right to obtain from us free information about the personal data stored about you together with a copy of this data. Furthermore, you have the right to be informed about the origin and categories of the stored data, the processing purposes, the recipients of personal data and the (planned) duration of the storage. You can also request information from us about your rights to correction and deletion and your rights of objection and complaint.
5.2 Right of rectification
You have the right to demand from us immediately the correction of incorrect personal data concerning you. You have the right to request the completion of incomplete personal data – also by means of a supplementary declaration – taking into account the purposes of the request.
5.3 Right to cancellation (“right to be forgotten”)
You have the right to request that we delete any personal information about you immediately and we are obligated to delete any personal information immediately if any of the following reasons apply:
Personal data is no longer necessary for the purposes for which it was collected or otherwise processed.
- you revoke your consent on which the processing was based pursuant to Article 6 paragraph 1 DSGVO letter a or Article 9 paragraph 2 letter a DSGVO and there is no other legal basis for the processing.
- you object to the processing pursuant to Article 21(1) DS Block Exemption Regulation and there are no overriding legitimate reasons for the processing or you object to the processing pursuant to Article 21(2) DS Block Exemption Regulation.
- the personal data have been processed unlawfully.
- the deletion of the personal data is necessary to fulfil a legal obligation under Union law or the law of the Member States to which we are subject.
- the personal data were collected in relation to information society services offered pursuant to Article 8(1) DSGVO.
If we have made the personal data public and we are obliged to delete them in accordance with Art. 17 DSGVO, we shall take appropriate measures, including technical measures, taking into account the technology available and the implementation costs, to inform the data controllers processing the personal data that you have requested them to delete all links to this personal data or copies or replications of this personal data.
5.4 Right to limitation of processing
You have the right to demand that we restrict processing if one of the following conditions is met:
- the accuracy of the personal data is disputed by you for a period of time that allows us to verify the accuracy of the personal data,
- the processing is unlawful and you refused to delete the personal data and instead requested the restriction of the use of the personal data;
- we no longer need the personal data for the purposes of processing, but you need the data to assert, exercise or defend legal claims, or
- you have lodged an objection against the processing pursuant to Article 21 paragraph 1 DSGVO, as long as it has not yet been established whether the legitimate reasons of our company outweigh yours.
5.5 Right to Data Transferability
You have the right to receive the personal data concerning you that you have provided to us in a structured, common and machine-readable format, and you have the right to transfer such data to another responsible person without interference by us, provided that
- the processing is based on a consent pursuant to Article 6(1)(a) DS Block Exemption Regulation or Article 9(2)(a) DS Block Exemption Regulation or on a contract pursuant to Article 6(1)(b) DS Block Exemption Regulation; and
- the processing is carried out by automated means.
When exercising your right to data transfer in accordance with paragraph 1, you have the right to obtain that the personal data is transferred directly by us to another responsible person, insofar as this is technically feasible.
5.6 Right of objection
You have the right to object at any time, for reasons related to your particular situation, to the processing of your personal data under Article 6(1)(e) or (f) of the DS Block Exemption Regulation, including profiling based on those provisions. We will no longer process the personal data unless we can prove compelling reasons for the processing worthy of protection which outweigh your interests, rights and freedoms, or the processing serves the assertion, exercise or defence of legal claims.
If personal data is processed by us for the purpose of direct advertising, you have the right to object at any time to the processing of your personal data for the purpose of such advertising; this also applies to profiling, insofar as it is connected with such direct advertising.
You have the right to object to the processing of your personal data concerning you for scientific or historical research purposes or for statistical purposes pursuant to Article 89 paragraph 1 DSGVO for reasons arising from your particular situation, unless such processing is necessary for the performance of a task in the public interest.
5.7 Right to revoke consent under data protection law
You have the right to revoke your consent to the processing of personal data at any time.
5.8. right of appeal to a supervisory authority
You have the right to complain to a supervisory authority, in particular in the Member State in which you are staying, at your place of work or at the place where the alleged infringement is alleged, if you consider that the processing of your personal data is unlawful.
6. Amendments to the privacy statement
All information contained on our website has been checked with great care.
If there are any relevant changes relating to the collection, processing and use of your personal data, we will update this privacy statement. Therefore, you should visit this website regularly in order to inform yourself about the current status of the data protection declaration.
The current status is 01 January 2019.
7. Further information and contacts
If you have any further questions or concerns about data protection, please send us an e-mail or contact the person responsible for data protection directly:
Caterna Vision GmbH
David Gilly Street 1
Phone: +49 (331) 86 75 08-88