Data
protection information from 3D-Shape GmbH for www.3d-shape.com
Valid as of May 25, 2018
We take your privacy very seriously and we process
your personal data in accordance with the respectively applicable statutory
data protection requirements. Personal data in the meaning of this information
includes all information that can infer a reference to you, hence, for example,
your name, address, email and IP address, and usage behavior.
In the following data protection information we would like to inform you
on how we process your personal data. In addition, we will provide you with
an overview of your data protection rights. Which data is specifically processed
and in which form significantly depends on the used, requested or agreed
services.
1. Controller and data protection officer
(1) The controller in accordance with Article 4 Para. 7 of the EU General
Data Protection Regulation (GDPR) or service provider in accordance with
§ 13 of the German Telemedia Act (TMG) is:
3D-Shape GmbH
Am Weichselgarten 21
91058 Erlangen
(2) The data protection officer for the controller can be contacted at:
ISRA VISION AG
The Group Data Protection Officer
Industriestraße 14
64297 Darmstadt
Email: dataprivacy@isravision.com
2. Source of personal data
We process your personal data which we receive from you during the course
of your visit to our website, as part of your contacting us by email or
via a contact form.
3. Categories of the processed personal data
(1) If you visit or use our website strictly for informative purposes,
i.e. if you do not register or provide us with information in another
form, we only collect the personal data which your browser passes on to
our server. When you want to view our website, we collect the following
data which is required from a technical standpoint to display our website
to you and which ensures its stability and security:
- your IP address,
- date, time and duration of your visit,
- content of your request (specific page),
- respectively transmitted data volume and access status (files transmitted
/ not transmitted),
- website from which the request comes,
- your browser type,
- your operating system,
- your device type.
This data is solely used for internal statistical purposes.
4. Other functions and offers on our website
(1) Along with the purely informative use of our website, we also offer
different services which can be used when of interest to you. This generally
requires that you provide additional personal data, which we then use
to perform the respective service and to which the previously defined
principles on data processing apply.
(2) When contacting us by email, the following personal data must be given:
name, telephone number and email address.
This personal data is saved by us for the purpose of responding to your
request.
5. Categories of recipients of personal data
(1) Some of the above-mentioned processes and services are performed on
our behalf by third-party service providers which have been carefully
selected according to data protection principles. These external service
providers are bound to our instructions and are checked on a regular basis.
(2) With regard to transferring data to other recipients, we shall only
provide information on you when legal provisions require this, you have
consented or when we are authorized to transfer such data. If these requirements
are met, recipients of personal data may include:
public bodies and institutions (e.g. financial authorities, law enforcement
authorities) when there is a legal or official obligation,
other companies within the Group.
6. Purposes for which personal data is to be processed and legal basis
for processing
We process your personal data in compliance with the respectively applicable
statutory data protection regulations. The processing is lawful when the
following conditions are met:
Consent (Article 6, Para. 1 (a) of the GDPR):
The processing of personal data is lawful when the consent to process
the data for defined purposes (e.g. processing of your query, use of the
data for marketing purposes) has been given. The granted consent can be
revoked at any time with effect for the future. This also applies to the
revocation of declarations of consent that were issued to us before the
GDPR entered into force, hence before May 25, 2018.
Based on compliance with contractual obligations (Article 6, Para. 1 (b)
GDPR):
We process personal data in order to fulfill our contractual obligations
or to carry out precontractual measures performed upon request. The purposes
of the data processing primarily arise from your query.
Based on compliance with legal obligations (Article 6, Para. 1 (c) GDPR):
3D-Shape GmbH is subject to various legal obligations. These include:
Commercial and tax-related retention regulations in accordance with the
German Commercial Code and Tax Code.
Compliance with tax law-related control and notification obligations.
For the purposes of legitimate interests (Article 6, Para. 1 (f) GDPR):
If required, we process your personal data beyond the actual fulfillment
of the contract to safeguard our legitimate interests or those of third
parties. Examples:
Assertion of legal claims and defense in case of legal disputes,
Ensuring IT security and IT operations,
For the analysis and improvement of the use of our website.
7. The intention of transferring personal data to a third country
or an international organization
An active transferring of personal data to a third country shall only
take place when this has been explicitly pointed out as part of the above-mentioned
services.
8. Criteria for specifying the duration for which the personal data
is stored
(1) The data is stored in accordance with legal provisions governing data
processing and in consideration of statutory retention periods. We process
and use your personal data exclusively for the purposes you have authorized
and for as long as the data is required for these purposes.
(2) If the personal data is no longer needed for the purpose or to comply
with legal obligations, such data will generally be deleted unless their
temporary and possibly restricted processing is required for the following
purposes:
Compliance with commercial and tax-related retention obligations: The
German Commercial Code (HGB) and the Tax Code (AO) shall be named in this
regard. These stipulate retention or documentation periods of up to 10
years.
The preservation of evidence under the statutory limitation regulations.
In accordance with §§ 195 et seq. of the German Civil Code (BGB),
the regular limitation period is three years; however, this can be up
to 30 years under special circumstances.
9. Your data protection rights
(1) Every affected person has the right of access in accordance with Article
15 GDPR, the right to rectification in accordance with Article 16 GDPR,
the right to erasure in accordance with Article 17 GDPR, the right to
restriction of processing in accordance with Article 18 GDPR, the right
to object in accordance with Article 21 GDPR and the right to data portability
as per Article 20 GDPR. The restrictions in accordance with §§
34 and 35 of the German Federal Data Protection Act (BDSG) apply to the
right of access and the right to erasure. Furthermore, there is a right
to lodge a complaint with a responsible data protection supervisory authority
(Article 77 GDPR in conjunction with § 19 BDSG).
(2) You can revoke the consent granted to us for the processing of personal
data at any time with effect for the future. This also applies to the
revocation of declarations of consent that were issued to us before the
General Data Protection Regulation entered into force, hence before May
25, 2018.
(3) You have the right, based on reasons arising from your special situation,
to assert your objection to the processing of data related to your person,
collected based on Article 6, Para. 1 (e) GDPR (data processing carried
out in the public interest) and Article 6, Para. 1 (f) GDPR (data processing
for the purposes of legitimate interests) at any time.
Should you file an objection, we shall no longer process your personal
data, unless we can provide verification of the legitimate grounds for
the processing that override your interests, rights and freedoms, or when
the processing serves the assertion, execution or defense of legal claims.
The objection is free of form and should be directed to:
ISRA VISION AG
The Group Data Protection Officer
Industriestraße 14
64297 Darmstadt
Email: dataprivacy@isravision.com
10. Obligation for the provision and possible consequences of a non-provision
of personal data
Within the scope of using our offers, you must provide the personal data
which is required to fulfill the purpose or which we are obligated to
collect by law. Without this data, we will generally not be able to conclude
the contract with you or execute such contract.
11. Data security
We also use technical and organizational security measures to protect
incoming or collected personal data, in particular against accidental
or intentional manipulation, loss, destruction or against attacks by unauthorized
persons. Our security measures are continuously improved in line with
technological advances.
12. Changes to the data protection information
We develop and optimize our services on an ongoing basis. Therefore, new
functionalities may be added. Should this influence the way we process
your personal data, we will inform you of this in our data protection
information in a timely manner.
|