Home Confidentiality

Confidentiality

This privacy policy (version: GDPR 1.0 of 18.05.2018) was created by:

Deutsche Datenschutzkanzlei data protection office, Munich – www.deutsche-datenschutzkanzlei.de

Privacy

We, HEINE Optotechnik GmbH & Co. KG, are responsible for this website. As a teleservice provider, it is our duty to inform you at the start of your visit to our website about the nature, scope and purpose of the collection and use of personal data in a precise, transparent, straightforward and accessible manner using clear and simple language. The content of this information must be available to you at any time. We are therefore required to inform you about what personal data is collected or used. ‘Personal data’ refers to any information relating to an identified or identifiable natural person.

We attach great importance to the security of your data and compliance with data protection regulations. The collection, processing and use of personal data is subject to the provisions of current European and national laws.

We would like to use the following privacy policy to explain how we handle your personal data and how you can contact us.

 

HEINE Optotechnik GmbH & Co. KG

Dornierstr. 6

82205 Gilching

Germany

Email: info@heine.com

Phone: +49 8105 7728 0

Commercial register no.: HRA 52039

Managing director: Oliver Heine, Timo Martin

 

Our data protection officer

If you have any questions, contact our data protection officer using the details below:

 

Sven Lenz

Deutsche Datenschutzkanzlei – Datenschutzkanzlei Lenz GmbH & Co. KG

Bahnhofstrasse 50

87435 Kempten

Germany

Email: dsb@heine.com

Website: www.deutsche-datenschutzkanzlei.de

 

Index:

 

A.  General information

For the sake of readability, no gender-specific terms appear in our privacy policy. Any reference to an individual applies equally to both sexes.

Definitions of the terminology used, such as ‘personal data’ or ‘processing’, can be found in article 4 of the EU General Data Protection Regulation (GDPR).

The personal data of users that is processed in the context of this website includes user-related information (e.g. name and addresses of customers), contractual information (e.g. services used, names of administrators, payment information), usage data (e.g. pages visited on our website, interest in our products) and content data (e.g. contact form entries).

The term ‘user’ includes every category of data subject affected by processing. These categories include, for example, our business partners, customers, potential customers and other website visitors.

 

B.  Specific information

Privacy policy

We guarantee that we only collect, process, store and use your relevant data in connection with managing your enquiries, for internal purposes and to provide you with requested services or content.

Legal basis of data processing

We process the personal data of users only in compliance with the relevant data protection regulations. Users’ data is only processed if legally permitted for the following reasons: 

  • to provide our contractual services (e.g. processing orders) and online services
  • processing is required by law
  • you have provided your consent
  • based on our legitimate interests (i.e. an interest in the analysis, optimisation, and cost-effective operation and security of our website in accordance with article 6(1) (f) of the GDPR, in particular with regard to measuring reach, creating profiles for advertising and marketing purposes, collecting access data and using third-party services)

We would like to point out where the legal basis of data processing is regulated in the GDPR:

Consent       Article 6(1)(a) and article 7 of the GDPR
Processing to perform our services and complete contractual measures  Article 6(1)(b) of the GDPR
Processing to fulfil our legal obligations  Article 6(1)(c) of the GDPR

Processing to protect our legitimate interests   

Article 6(1)(f) of the GDPR


Data transfers to third parties

We would also like to draw your attention to the fact that some data is shared when you use our website due to our use of Google Analytics.

Data transmission to third countries or international organisations

Third countries are those states in which the GDPR is not a directly applicable law. Essentially, this refers to all countries outside the EU or the European Economic Area.

Data is transmitted to a third country or an international organisation. Here it is taken into account that suitable, adequate guarantees are in place and that you are accordingly entitled to enforceable rights and effective legal remedies

A copy of the appropriate guarantees can be found under the following links:

Storage period of your personal data

We adhere to the principles of data economy and data avoidance. This means that we store the data you provide to us only for the length of time needed to fulfil the purposes mentioned above or in line with the various retention periods determined by local law. If a given purpose no longer applies, or after the respective deadline, your data is routinely blocked or deleted in accordance with legal regulations.

Our company has created an internal concept to ensure this procedure.

Contact

If you contact us by email, telephone, fax, contact form or any similar means, you agree to electronic communication. Personal data is collected when you contact us. The specific information that is collected when a contact form is used can be seen on the respective form. Your data is transmitted with SSL encryption. The details you provide will be stored solely for the purpose of processing the enquiry and any possible follow-up questions.

We would like to specify the legal basis of these activities:        

Processing to perform our services and complete contractual measures Article 6(1)(b) of the GDPR
Processing to protect our legitimate interests Article 6(1)(f) of the GDPR

 

We use software to manage customer data (a CRM system) or similar software based on our legitimate interests (efficient and fast processing of user enquiries).

We operate this system in-house, which means that no data is transferred to third parties.

We would like to point out that emails can be read or changed without authorisation while they are being transferred, and this may go unnoticed. Furthermore, we would like to note that we use software to filter unwanted emails (a spam filter). The spam filter may reject emails if they are incorrectly identified as spam due to certain features.

If documents (identity card, student card, etc.) are also requested via digital upload in the course of contacting us, these serve exclusively to check eligibility or identity. These documents will be viewed by the responsible staff member and destroyed immediately after verification.

What rights do you have?

a)            Right of access

You have the right to obtain free information about your stored data. Upon request, we will inform you in writing about the personal data we have stored about you in accordance with the applicable law. This also includes details of the origin and recipients of your data as well as the purpose of data processing.

b)           Right to rectification

You have the right to have any of your data stored by us rectified if it is incorrect. You can also request that processing be restricted if, for example, the accuracy of your personal data is contested. 

c)            Right to blocking

Furthermore, you can have your data blocked. In order to manage the blocking of your data at any time, this data must be kept in a lock file for control purposes.

d)           Right to erasure

You can also request that your personal data be deleted so long as there are no statutory retention requirements. If such an obligation exists, we will block your data on request. If the corresponding legal prerequisites are met, we will delete your personal data even if you have without receiving a corresponding request from you.

e)           Right to data portability

You are entitled to request that we provide the personal data transmitted to us in a format that allows it to be transferred to another location.

f)            Right to lodge a complaint with a supervisory authority

You have the opportunity to lodge a complaint to a data protection supervisory authority.

Bavarian Data Protection Authority (BayLDA)

Promenade 27, 91522 Ansbach, Germany

Phone: +49 (0)981 531 300

Fax: +49 (0)981 5398 1300

The BayLDA complaint form, which is in German, can be found under the following link: www.lda.bayern.de/de/beschwerde.html

g)            Right to object

You have the opportunity at any time to revoke your consent to the use of your data for internal purposes with future effect. It is sufficient in such cases to send an email to dsb@heine.com. However, such an objection does not affect the legality of processing operations already carried out by us. This does not affect data processing with respect to any other legal basis, such as negotiating contracts (see above).

Protection of your personal data

We have state-of-the-art contractual, organisational and technical safeguards in place to ensure compliance with data protection laws and to protect the data we process against accidental or intentional manipulation, loss or destruction as well as access by unauthorised persons.

A key security measure is encrypted data transfers between your browser and our server. A 256-bit SSL (AES 256) encryption method is used for this purpose.

Your personal data is protected under the following points (excerpt):

a)            Maintaining the confidentiality of your personal information

In order to maintain the confidentiality of your personal data stored by us, we have taken various measures to control physical entry and electronic access.

b)           Maintaining the integrity of your personal information

In order to maintain the integrity of your personal data stored by us, we have taken various measures to control sharing and data entry.

c)            Safeguarding the availability of your personal data

In order to safeguard the availability of your personal data stored by us, we have taken various measures to control data processing and availability.

The security measures used are continuously improved in line with technological developments. Despite these precautions, we are unable to guarantee the security of data transfers with respect to our website due to the unsafe nature of the Internet. Because of this, all data transfers from your system to our website take place at your own risk.

Protection of minors

Individuals under the age of 16 may not provide us with personal information unless they have the express consent of a legal guardian. This data is processed in accordance with our privacy policy.

Cookies

We use cookies. Cookies are small text files that are stored locally in the cache of your web browser. Cookies make it possible for your web browser to be recognised. These files are used to help the browser navigate the website and to allow full use of all its features.

Our website uses browser cookies.

Control of cookies by the user

Browser cookies: you can set all browsers to accept cookies on request only. The settings also make it possible to accept cookies only for the pages currently being visited. All browsers offer features that support the selective deletion of cookies. The acceptance of cookies can also be disabled at a general level, but users must be willing to tolerate certain limitations with respect to the user-friendliness of this website.

Use of first-party cookies (Google Analytics cookies)

Google Analytics cookies create a record of:

  • Distinct users – Google Analytics cookies record and group your data. All activities during a website visit are summarised together. A distinction is made between users and distinct users through the use of Google Analytics cookies.
  • User activities – Google Analytics cookies also store data about the start and end time of each visit to the website and the number of pages you have viewed. When the browser is closed or the user is idle for a long time (usually 30 minutes), the user session ends and the cookie records that the visit has been terminated. Furthermore, the date and time of the first visit are recorded. The total number of visits for each distinct user is also logged. External link: www.google.com/analytics/terms/gb.html

You can prevent information generated by cookies relating to use of the website (including your IP address) from being collected and sent to Google as well as the processing of this data by Google by downloading and installing the browser plug-in provided on the following link:

External link: tools.google.com/dlpage/gaoptout.

More detailed information can be found under ‘Google Analytics/Universal Analytics Web analysis service’ below.

Use of third-party cookies

On our website, third parties use (additional) third-party cookies to display editorial content or advertisements. Third-party providers are also subject to strict data protection requirements concerning the availability of personal data.

Lifespan of cookies used

Cookies are managed by the web server of our website. This website uses

transient cookies/session cookies (single usage).

Lifespan: until the website is closed.

Disabling or removing cookies (opt-out)

Every web browser offers options to restrict and delete cookies. More information can be found on the following websites:

  • Internet Explorer:

windows.microsoft.com/en-GB/windows7/How-to-manage-cookies-in-Internet-Explorer-9

  • Firefox:

support.mozilla.org/en-US/kb/cookies-information-websites-store-on-your-computer

  • Google Chrome:

support.google.com/chrome/answer/95647

  • Safari:

support.apple.com/en-gb/HT201265

Google Analytics/Universal Analytics Web analysis service

We use Google Analytics, a web analysis service provided by Google Inc. (‘Google’). Google Analytics uses cookies, which are text files that are stored on your computer to allow an analysis website use. Generally speaking, the information generated by the cookie about use of this website is sent to a Google server in the US and stored there. This means that data is transmitted to a third country. Here it is taken into account that suitable, adequate guarantees are in place and that you are accordingly entitled to enforceable rights and effective legal remedies

A copy of the appropriate guarantees can be found under the following links:

However, if IP anonymisation is activated on our website, Google will first shorten your IP address within EU member states or in other member states of the European Economic Area.

Only in exceptional cases is the full IP address sent to a Google server in the US, where it is then shortened. Google will use this information on our behalf to evaluate use of the website, to compile website activity reports and to provide us with additional services associated with the use of the website and the Internet in general. The IP address provided by your browser to Google Analytics will not be associated with any other information held by Google. You can prevent the storage of cookies by selecting the appropriate settings in your browser. In this case, however, we would like to point out that you may be unable to use all the website features to the full extent.

Please note that this website uses Google Analytics with the ‘_anonymizeIp()’ extension, which means that IP addresses are always shortened before being processed so that they cannot be directly associated with individual users.

Data sent by us and linked to cookies, user identifiers (e.g. user IDs) or advertising IDs is automatically deleted after 14 months. For data whose retention period has expired, deletion automatically takes place once a month. For more detailed information about terms of use and data protection, please visit www.google.com/analytics/terms/gb.html or policies.google.com.

You can also prevent information generated by cookies relating to your use of the website (including your IP address) from being collected and sent to Google as well as the processing of this data by Google by downloading and installing the browser plug-in provided on the following link: tools.google.com/dlpage/gaoptout.

Use of Google Maps

We use Google Maps to display maps and to create route plans. Google Maps is operated by Google Inc., 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA. By using this website, you agree to the collection, processing and use of data that is automatically recorded or entered by you (including your IP address) by Google and any of its representatives or third parties. The terms of service for Google Maps can be found at the following link:

policies.google.com/terms

Extensive details about transparency and the choices available to users as well as the privacy policy can be found in Google’s data protection centre: policies.google.com/privacy

DoubleClick by Google Web analytics service

We use the online marketing tool DoubleClick by Google, provided by Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA (‘DoubleClick’).

DoubleClick uses cookies to display advertisements that are relevant to users, to improve campaign performance reports or to prevent a user from seeing the same advertisements multiple times. Google uses a cookie ID to record which advertisements are being displayed in which browser and can prevent them from being shown multiple times.

Additionally, DoubleClick can use cookie IDs to track conversions, which are related to advertisement enquiries. For example, a user may see a DoubleClick advertisement and later visit the advertiser’s website using the same browser and buy something there. According to Google, DoubleClick cookies do not contain personal data. Due to the marketing tools used, your browser automatically establishes a direct connection to a Google server. We have no control over the scope and further use any data that is collected by Google through use of this tool, and we therefore provide you with this information to the best of our knowledge. The integration of DoubleClick means that Google is informed that you have accessed the relevant part of our website or have clicked on one of our advertisements. If you have registered for a service provided by Google, Google may associate this visit with your account. Even if you have not registered with Google or have not logged in, it is possible that the provider will find out and store your IP address.

You can object to participating in this tracking process by turning off cookies for conversion tracking. To do this, set your browser to block cookies from the domain www.googleadservices.com, www.google.com/settings/ads – although do note that this setting will be reset if you delete your cookies. Alternatively, you can visit the Digital Advertising Alliance at www.aboutads.info to find out about the use of cookies and how to make the appropriate settings. Finally, you can set your browser to inform you when cookies are being used and decide on a case-by-case basis whether to accept or not, or to refuse cookies in specific cases or in general. If cookies are not enabled, some functions and features of our website may not work properly.

Google LLC, based in the United States, is certified under the EU-US Privacy Shield agreement, which ensures compliance with the level of data protection required in the EU. For more information about the privacy policy of DoubleClick by Google, visit the following website: policies.google.com/privacy

Use of YouTube

Our website includes features of the YouTube video viewing and playback service. These features are offered by YouTube LLC, 901 Cherry Ave., San Bruno, CA 94066 USA. For more detailed information, please refer to YouTube’s privacy policy.

On our website, the extended privacy mode is used, which according to information from the provider means that user data is not stored until a video is played.

Once the playback of an embedded YouTube video begins, YouTube uses cookies to gather information about user behaviour. According to YouTube, this information helps to record video statistics, to improve user-friendliness and to prevent misuse, among other things. Independent of embedded video playback, a connection is made to the Google network ‘DoubleClick’ every time you access our website, which may trigger further data processing without our influence.

For more details about the use of cookies on YouTube, please refer to YouTube’s privacy policy at: www.youtube.com/t/privacy_at_youtube
 

Social networks

In addition to this website, we also maintain presences on various forms of social media, which you can access by clicking on the corresponding buttons on our website. When you visit one of our social media pages, personal data may be transmitted to the social network provider. In addition to storing the data you specifically enter into this social medium, it is also possible that the social network provider will also process further information.

Furthermore, the social network provider may process the most important data about the computer system you are using to visit it – such as your IP address, the type of processor you are using and the browser version and plug-ins you are using.

If you are logged in with your personal user account for the respective network when you visit such a page, this network can assign your visit to this account.

To find out about the purpose and extent of the respective medium’s data collection activities and the further processing of your data there, plus your rights in this regard, please refer to the respective provisions set forth by the respective controller, e.g. at:  

Twitter:            https://twitter.com/en/privacy 

Instagram:       https://help.instagram.com/155833707900388

Google:            https://policies.google.com/privacy?hl=en  

YouTube:          https://policies.google.com/privacy?hl=de&gl=de

Facebook:         https://en-gb.facebook.com/full_data_use_policy

LinkedIn:          https://www.linkedin.com/legal/privacy-policy?_l=EN

Xing:                https://www.xing.com/app/share?op=data_protection 

Kununu:           https://www.kununu.com/us/privacy 

We would also like to point out that our website contains other links to external third-party websites, on which we have no influence over data processing activities.  

Facebook fan page:

When you visit our Facebook fan page, Facebook will collect statistical data that we can access. Such data includes categories such as the total number of page views, ‘Like’ information, page activities, interactions with posts, video views, the reach of posts, comments, shared content, responses, proportion of men and women, origin by country and town/city, language, clicks on route planners, etc.

Click on the following link to find out more information about Facebook’s data collection activities:

https://www.facebook.com/about/privacy/.  

In this respect, Facebook and Heine Optotechnik GmbH & Co. KG are joint controllers according to Article 26 of the General Data Protection Regulation (GDPR) and are jointly and severally liable. You will find the agreement with Facebook at the following link:

https://www.facebook.com/legal/terms/page_controller_addendum

Facebook pixels
This website uses Facebook’s visitor action pixel to measure conversion. The provider of this service is Facebook Ireland Limited, 4 Grand Canal Square, Dublin 2, Ireland. However, according to Facebook, the data collected is also transferred to the USA and other third countries.
This allows site visitors’ behaviour to be tracked after they have been redirected to the provider’s website by clicking on a Facebook ad. The effectiveness of Facebook ads can thus be evaluated for statistical and market research purposes and future advertising measures can thus be optimised.
The collected data is anonymous for us as the operator of this website; we cannot draw any conclusions about the users’ identity. However, the data is stored and processed by Facebook so that a connection to the relevant user profile can be established and Facebook can use the data for its own advertising purposes in accordance with the Facebook data usage policy. This allows Facebook to enable the placement of ads on pages both on and outside of Facebook. We as site operators have no influence over how this data is used.
Facebook pixels are used based on Art. 6 (1) (f) of the GDPR. The website operator has a legitimate interest in implementing effective advertising measures, including social media. If corresponding consent has been requested (e.g. consent for storing cookies), processing is carried out exclusively based on Art. 6 (1) (a) of the GDPR; consent can be revoked at any time.
You will find more information on how to protect your privacy in Facebook’s privacy policy at: en-gb.facebook.com/about/privacy/. You may also disable the ‘Custom Audiences’ remarketing feature in the Advertising Settings section of www.facebook.com/ads/preferences/. You must be logged into Facebook to do this. If you do not have a Facebook account, you can disable usage-based advertising from Facebook on the European Interactive Digital Advertising Alliance website: https://www.youronlinechoices.com/uk/your-ad-choices.


LinkedIn plugin
This website uses features of the LinkedIn network. The provider is LinkedIn Corporation, 2029 Stierlin Court, Mountain View, CA 94043, USA.
Each time you view a page on this website that contains LinkedIn features, a connection to LinkedIn’s servers is established. LinkedIn is informed that you have visited this website with your IP address. When you click on LinkedIn’s ‘Recommend’ button and are logged into your LinkedIn account, LinkedIn can assign your visit to this website to you and your user account. We would like to point out that we, as the provider of the web pages, are not aware of what content the transmitted data contains or how it is used by LinkedIn.
The LinkedIn plugin is used based on Art. 6 (1) (f) of the GDPR. The website operator has a legitimate interest in ensuring the widest possible visibility on social media. If corresponding consent has been requested, processing is carried out exclusively based on Art. 6 (1) (a) of the GDPR; consent can be revoked at any time.
For more information, please refer to the LinkedIn privacy policy at: www.linkedin.com/legal/privacy-policy.

Cookie Consent

We use the application "Cookiebot" from Cybot A/S, Havnegade 39, 1058 Copenhagen, Denmark. This is a so called plugin, which can be used to obtain consent to use cookies and/or tracking technologies. "Cookiebot" does not collect any personal data itself. Details about this tool can be found at https://www.cookiebot.com/de/.

Matomo

Our website uses the web analysis service Matomo. Matomo is an open source project and is legally represented by its founder Matthieu Aubry. Matomo uses "cookies", which enable an analysis of the use of the website. For this purpose the usage information recorded in the cookie (including your anonymised / abbreviated IP address) is transferred to our server and stored for usage analysis purposes. With Matomo no data is transmitted to servers that are beyond our control. Your IP address is immediately anonymised during this process so that you are not identifiable to us as a user. The information collected about your use of this website is not passed on to third parties. Our interest in and purpose of data processing lies in the optimisation of our website, the adaptation of the contents and the improvement of our offer. The interests of the users are sufficiently protected by anonymisation.


Purposes of processing
We use the collected data for statistical analysis of user behaviour for the purpose of optimising the functionality and stability of the website and for marketing purposes.


Legitimate interests
Our interest in and purpose of data processing lies in the optimisation of our website, the adaptation of the contents and the improvement of our offer. The interests of the users are sufficiently protected by anonymisation.


Legal basis
The legal basis for the use of Matomo is Art. 6 Para. 1 S.1 lit. f DSGVO.


Recipients / categories of recipients
None


Transfer to third countries
None


Possibility of appeal
You may refuse the use of cookies (individually or collectively) by selecting the appropriate settings on your browser, however please note that if you do this you may not be able to use the full functionality of this website.
If you do not agree with the storage and evaluation of your usage data from your visit to our website, you can also prevent your data collection by Matomo at any time by clicking here. An opt-out cookie is then set via your browser, which has the consequence that Matomo does not collect any session data. Please note: If you delete your cookies, the opt-out cookie is also deleted and must be set again by you.

 

Newsletter

If you subscribe to our email newsletter, personal data will be collected. We use this data for our own advertising purposes in the form of your e-mail newsletter, provided that you have expressly agreed to the following: "Yes, I would like to subscribe to the newsletter! The information I provide will be stored in accordance with our data protection regulation." You have the possibility to unsubscribe from the newsletter at any time via the link provided for this purpose in the newsletter or by sending us an unsubscribe message, e-mail request(at)heine.com. Once you have unsubscribed, your e-mail address will immediately be deleted from our newsletter distribution list and included in a blocking file to ensure revocation. The data is stored internally at HEINE Optotechnik GmbH & Co. KG. R.

Newsletter tracking:

If you have previously provided your express consent, newsletter tracking (also known as web beacons or tracking pixels) will be used. When the newsletter is delivered, the external server can then record certain data from the recipient, for instance the time of retrieval. The name of the image file is individualised for each mail recipient by furnishing it with a unique ID. The mail sender can identify which ID belongs to which email address and thus determine which newsletter recipient has just opened the email when the image is retrieved.

Changes to our data privacy policy

We reserve the right to adjust our privacy policy on occasion so that it always complies with current legal requirements or in order to reflect changes to our services in the privacy policy. This may happen, for instance, when new services are introduced. The new privacy policy will be valid for your next visit in such cases.

Trademark protection

Each brand or trademark mentioned here is the property of the respective company. Brands and names are used in the document for purely informative purposes.

C.  Specific terms for Russia

The following applies to users resident in the Russian Federation:

The above services provided through our website are not intended for citizens of the Russian Federation who are resident in Russia.

If you are a Russian citizen based in Russia, we hereby explicitly inform you that any personal data you provide to us through this website is your sole responsibility and risk. Furthermore, you agree not to hold us responsible for any failure to comply with the laws of the Russian Federation.