Data protection

The use of the Internet pages of Eye-Able® at www.eye-able.com is possible without any indication of personal data.

However, if a data subject wants to use special services of our enterprise via our website, processing of personal data could become necessary. If the processing of personal data is necessary and if there is no legal basis for such processing, we will generally obtain the consent of the data subject.

The processing of personal data is always in accordance with the Data Protection Regulation (DSGVO) and in compliance with the country-specific data protection regulations applicable to Eye-Able®.

As the controller, Eye-Able has implemented numerous technical and organisational measures to ensure the most complete protection of personal data processed through this website.

Our data protection declaration informs you about the type, scope and purpose of the personal data we collect, process and use, as well as about your rights in connection with the processing of your personal data by us.

1. name and contact details of the responsible person

The websites www.eye-able.com are operated by

Web Inclusion GmbH

Garden Street 12c

97276 Margetshöchheim

info@eye-able.com

Managing Director: Oliver Greiner

 

We are responsible for the collection, processing and use of your personal data that may be collected from you when you visit our website. If you have any questions, please do not hesitate to contact us using the contact details provided.

2. your rights

If we process your personal data, you have the right to information, correction, deletion, restriction of processing and data portability. Furthermore, you have a right of objection and a right of appeal.

To exercise your rights, please contact us or our Data Protection Officer using the contact details above.

You are entitled to the following rights in detail:

2.1 The right of confirmation and access, Article 15 GDPR

You can request confirmation as to whether we are processing personal data about you. If we process personal data about you, you are entitled to information about the following:

  • the processing purposes
  • the categories of personal data that are processed,
  • the recipients or categories of recipients to whom the personal data are disclosed, in particular in the case of recipients in third countries or international organisations,
  • if possible, the planned duration for which the personal data will be stored or, if this is not possible, the criteria for determining this duration,
  • the existence of a right to rectification or erasure of personal data concerning you or to restriction of processing by the controller or a right to object to such processing,
  • the existence of a right of appeal to a supervisory authority,
  • if the personal data are not collected from the data subject, any available information on the origin of the data,
  • the existence of automated decision-making, including profiling, pursuant to Article 22(1) and (4) of the GDPR and, at least in those cases, meaningful information about the logic involved and the scope and intended effects of such processing for the data subject.

2.2 The right of rectification, Article 16 GDPR

You have the right to request that we correct any inaccurate personal data relating to you without delay.

Furthermore, taking into account the purposes of the processing, you have the right to request the completion of incomplete personal data, including by means of a supplementary declaration.

2.3 The right to erasure, Article 17 GDPR

You may request us to delete personal data relating to you without delay. In this case, we are obliged to delete personal data immediately if one of the following reasons applies:

  • the personal data are no longer necessary for the purposes for which they were collected or otherwise processed;
  • You withdraw your consent on which the processing was based and there is no other legal basis for the processing;
  • You object to the processing and there are no overriding legitimate grounds for the processing, or you object to the processing;
  • the personal data have been processed unlawfully;
  • the deletion of the personal data is necessary for compliance with a legal obligation under Union or Member State law to which we are subject;
  • the personal data have been collected in relation to information society services offered in accordance with Article 8(1) of the GDPR.

The right to erasure does not exist by way of exception if the processing is

  • to exercise the right to freedom of expression and information;
  • for compliance with a legal obligation which requires processing under Union or Member State law to which we are subject or for the performance of a task carried out in the public interest or in the exercise of official authority vested in us;
  • for reasons of public interest in the field of public health;
  • for archiving purposes in the public interest, scientific or historical research purposes or statistical purposes pursuant to Article 89(1) of the GDPR, insofar as the right to erasure is likely to render impossible or seriously prejudice the achievement of the purposes of the processing, or
  • for the assertion, exercise or defence of legal claims.

If we are obliged to erase in accordance with the aforementioned principles and we have made your personal data public, we will take reasonable steps, including technical measures, having regard to the available technology and the cost of implementation, to inform the other data controllers that process the personal data that you have requested that they erase all links to, or copies or replications of, that personal data.

2.4 The right to restriction of processing, Article 18 GDPR

Under the following conditions, you have the right to demand that we restrict the processing of your personal data, namely if:

  • the accuracy of the personal data is contested by you for a period of time that enables us to verify the accuracy of the personal data;
  • the processing is unlawful and you refuse to erase the personal data and instead request the restriction of the use of the personal data;
  • we no longer need the personal data for the purposes of processing, but you need them for the assertion, exercise or defence of legal claims, or
  • you have objected to the processing as long as it has not yet been determined whether our legitimate grounds outweigh yours.

2.5 The right to data portability, Article 20 GDPR

You have the right to receive the personal data relating to you that you have provided to us in a structured, commonly used and machine-readable format.

In addition, you have the right to transmit this data to another controller without hindrance from the controller to whom the personal data was provided, provided that

  • the processing is based on consent or on a contract and
  • the processing is carried out with the aid of automated procedures.

When exercising your right to data portability, you have the right to obtain that your personal data be transferred directly from one controller to another controller where this is technically feasible.

2.6. Right to object to data processing, Article 21 GDPR

You have the right to object at any time, on grounds relating to your particular situation, to the processing of personal data concerning you which is carried out on the basis of your consent or on the basis of our legitimate interest; this also applies to profiling.

After your objection, we will no longer process your personal data unless we can demonstrate compelling legitimate grounds for the processing which override your interests, rights and freedoms, or the processing is for the establishment, exercise or defence of legal claims.

Direct mail

If personal data are processed for the purpose of direct marketing, you have the right to object at any time to the processing of personal data concerning you for the purpose of such marketing; this also applies to profiling insofar as it is related to such direct marketing. If you object to the processing for direct marketing purposes, the personal data will no longer be processed for these purposes.

You have the right to object, on grounds relating to your particular situation, to the processing of personal data concerning you which is carried out for scientific or historical research purposes or for statistical purposes, unless the processing is necessary for the performance of a task carried out in the public interest.

2.7 Right to withdraw consent

If you have given us your consent to process your personal data (e.g. for sending newsletters), you also have the right to revoke this consent at any time with effect for the future. The revocation does not affect the lawfulness of the processing carried out on the basis of the consent until the revocation.

The revocation is possible informally.

2.8 Right of appeal to a supervisory authority, Article 77 GDPR

In addition, you also have the right to lodge a complaint against us with a data protection supervisory authority, in particular in the member state of your habitual residence, place of work or place of the alleged infringement, if you believe that our processing of your personal data violates applicable data protection law.

The supervisory authority responsible for us is the

[adapt depending on federal state] Bayerische Landesamt für Datenschutzaufsicht, Promenade 27 (Schloss), 91522 Ansbach, phone: +49 (0) 981 53 1300, fax: +49 (0) 981 53 98 1300, e-mail: poststelle@lda.bayern.de.

3. data processing when visiting our websites

The use of our website is generally possible without the active provision of personal data. However, every time our website is accessed, i.e. even for purely informational use, various data and information is collected by us for technical reasons and stored in so-called log files or server log files (log files) on our server.

Captured and stored:

  • the IP address (Internet Protocol address),
  • the date and time of access to our website,
  • the browser software/browser types (computer programs for displaying web pages) used to access our website, as well as their versions and language,
  • the operating system accessed by our system and its version,
  • the Internet service provider (ISP) of the accessing system,
  • Content of the request (content of the specific pages accessed),
  • Access status/HTTP status code (response delivered by the server to each HTTP request, representing the status of the request),
  • the website from which our website is accessed,
  • Time zone difference from Greenwich Mean Time (GMT).

The storage of the IP address - even if only for a short time - is technically necessary due to the way the internet works. However, before we process and store your IP address, it is shortened and only used in this unrecognisable (anonymous) form. The complete IP address is not stored. An assignment to you is no longer possible after the shortening.

The other information and data mentioned above will also not be used by us to draw conclusions about you and/or to identify you. Data that makes it possible to identify you personally will be anonymised as soon as possible.

The data and information listed above are collected by us exclusively to display our websites to you and to ensure their stability and security and to optimise our websites in this respect. The collection of the aforementioned data thus serves the purpose of improving the data security of the programmes and systems we use. In addition, we use the data for the anonymous, statistical evaluation of your movements on our websites.

The log files are stored separately from your other personal data that you may have provided to us yourself during your visit to our website and are not merged with them. The log files are deleted after 7 days.

The legal basis for the collection of the aforementioned data is our legitimate interest (Article 6 para. 1 lit. f DSGVO) in the functionality and security of our websites. In addition, we have a legitimate interest in using the anonymous or anonymised data to evaluate user behaviour on our pages in order to be able to assess the effectiveness of our website design and structure.

4. cookies

We use so-called cookies on our websites. Cookies are small text files that are sent to your browser by our server the first time you or your browser access our website together with the website you are visiting. Your browser stores the cookie(s) on the hard drive of your end device.

Cookies cannot be used to transfer malware or viruses to your end device, run programmes or open pop-up windows. They are also not used to send spam. Rather, cookies are used to obtain certain information.

We distinguish between technically necessary cookies, which enable the operation of the website in the first place, and voluntary cookies. Voluntary cookies are only set with your consent. Please note that if you only allow the technically necessary cookies, some functionalities of the websites are only limited or cannot be used.

4.1. Technically necessary cookies

We use this data and the technically necessary cookies we use to make our website more effective, safer and more user-friendly overall and, for example, to find out which goods are already in your shopping basket or whether a pop-up window has already been displayed to you.

4.1.1 Mode of use

We use the following technically necessary cookies:

Name of the cookieIntended useExpiry of the cookie
Viewed _cookie_policyStorage of user settings, used exclusively for the proper functioning of the website.12 months
cookielawinfo-checkbox-necessaryStorage of user settings, used exclusively for the proper functioning of the website.1 hour
cookielawinfo-checkbox-non-necessaryStorage of user settings, used exclusively for the proper functioning of the website.12 months
PHPSESSIDStorage of user settings, used exclusively for the proper functioning of the website.End of session
allowCookie:Storage of user settings, used exclusively for the proper functioning of the website.6 months
__csrf_token-1Safety mechanismEnd of session
Session-1Storage of user settings, used exclusively for the proper functioning of the website.End of session

4.1.2 Legal basis for use

There is a legitimate interest for us (Article 5 (1) lit. f DSGVO) in the use of cookies. This applies to cookies that are required to use the functions of our websites (e.g. shopping cart function), as these are necessary for the functionality and best possible provision of our services.

4.2. Voluntary cookies

4.2.1 Legal basis

Voluntary cookies are only set with your consent (Article 6 para. 1 lit. a DS-GVO). Please note that if you only allow the technically necessary cookies, some functionalities of the websites are only limited or cannot be used.

4.3 Further possibilities to influence the setting of cookies through settings in your browser

If you do not wish cookies to be stored in general or individual cookies to be stored on your end device, you can configure your browser settings according to your preferences via the corresponding menu item.

At this point we would like to point out that this may mean that not all functions of our websites are available or can be used.

Cookies that are stored on your terminal device over the course of the respective session can - in addition to the option of blocking them - also be removed from your terminal device; regardless of whether their use is time-limited or unrestricted.

To do this, you can call up the corresponding functions in your browser and delete the chronicle.

Flash cookies can be prevented by installing an appropriate "add-on", e.g. "Better Privacy" for Mozilla Firefox or the Adobe Flash Killer Cookie for Google Chrome.

By selecting private mode in your browser, you can prevent the setting or use of HTML5 Storage Objetcs.

In general, we recommend that you regularly delete your browsing history and cookies.

5. data processing when using the contact form You have the option of sending us an enquiry via our contact form.

5.1 Use of the contact form

If you use this option, only the personal data that you provide as part of your enquiry will be collected. Your e-mail address is required information, without which it is unfortunately not possible to send your enquiry to us. You are also welcome to provide us with your first name, surname or title (Ms/Mr) so that we can address you correctly in our reply.

5.2 Data processing

The processing of your data, which you provide as part of your enquiry via our contact form, is based on the consent to processing (Article 6 (1) (a) DSGVO), which you give us by sending us your enquiry, or on our legitimate interest (Article 6 (1) (f) DSGVO) in being able to respond to enquiries directed to us.

If a contractual relationship is established between us as a result of you contacting us, the data will be processed for the purpose of carrying out pre-contractual measures (Article 6 para. 1 lit. b DSGVO).

5.3 Storage period

We store the data we receive from you via the contact form until your enquiry has been fully processed. Subject to your consent to store your data for further purposes (e.g. newsletter dispatch), we will delete your data after completing the processing of your enquiry, unless a contractual relationship has come into being between us as a result of the contact being made. In this case, we store the data, as far as necessary, until the expiry of the retention periods under commercial and tax law.

5.4. Right of withdrawal of consent

You can revoke this consent at any time with effect for the future. Your revocation will not result in the lawfulness of the processing of your personal data ceasing to apply until your revocation.

In the event that a contract is concluded between you and us as a result of contacting us, the data storage is based on the contract or on necessary pre-contractual measures.

To exercise your right of withdrawal, simply write us a short e-mail or choose another form of contact. You will find the contact details in our imprint or at the beginning of this statement.

 

6. data processing for enquiries by e-mail, telephone or fax 

If you contact us by e-mail, telephone or fax, we collect and process the personal data that you provide to us in this context (name, enquiry, telephone number, e-mail address, fax number, if applicable, e.g. e-mail signature, your address, if provided as part of the enquiry). We use your personal data exclusively for processing your request. The data will not be passed on to third parties without your consent.

6.1 Data processing

The processing of your data, which you provide as part of your enquiry via our contact form, takes place on the basis of the consent to processing (Article 6 (1) (a) DSGVO), which you give us by sending us your enquiry, or on the basis of our legitimate interest (Article 6 (1) (f) DSGVO) in the possibility of responding to enquiries directed to us.

Should a contractual relationship arise as a result of you contacting us (membership), the data processing is carried out for the implementation of pre-contractual measures (Article 6 para. 1 lit. b) DSGVO).

6.2 Storage period

We store the data we receive from you via the contact form until your enquiry has been fully processed. Subject to your consent to store your data for further purposes (e.g. newsletter dispatch), we will delete your data after completing the processing of your enquiry, unless a contractual relationship has come into being between us as a result of the contact being made. In this case, we store the data, insofar as necessary, until the expiry of the retention periods under commercial and tax law.

6.3 Right of withdrawal of consent

You can revoke your consent to data processing at any time with effect for the future. Your revocation does not result in the lawfulness of the processing of your personal data ceasing to apply until your revocation.

To exercise your right of withdrawal, simply write us a short e-mail or choose another form of contact. You will find the contact details in our imprint or at the beginning of this declaration.

7. SSL or TLS encryption

We use the encryption technology TLS (Transport Layer Security) on our websites through which personal data can be entered (in particular the ordering process, logging into the customer account, registration for our newsletter). This is a protocol for encrypting data transmissions in order to prevent unauthorised access by third parties to your personal data, in particular your bank or financial data. You can recognise the encryption by the designation "https://".

8 Google Web Fonts and Google Material Icons

We use so-called web fonts and material icons on our websites in order to display the content on our websites in an appealing, correct and uniform manner across all browsers. The appealing and correct display of our content represents a legitimate interest.

The web fonts and material icons we use are web fonts and material icons of Google LLC (Google), Amphitheatre Parkway, Mountain View, CA 94043, USA.

Web fonts and material icons make it possible to use fonts and icons that are not stored on the PC of the visitor to our site or the device used to visit our site.

The fonts and icons used on the website you are visiting are loaded into your browser cache by your browser when you visit this page, so that the content (texts and characters, icons) is displayed correctly. During this process, the browser you are using establishes a connection with Google's servers. As part of this connection between your browser and Google, Google learns that your IP address has accessed our website. However, according to Google's presentation, there is no combination of otherwise known personal data (e.g. if you are logged into your Google account at the time of accessing our website) and the fact that your IP address is transmitted to Google when you access a website.

The CSS (Cascading Style Sheets - a programming or stylesheet language that gives the content on our site its appearance, e.g. the colour display of individual words or paragraphs) are stored in the cache for 24 hours, according to Google.

According to Google, the font files and icons themselves are stored in the cache for one year. You can find more information on data storage and Google Web Fonts at the following link: https://developers.google.com/fonts/faq.

Further information on data use by Google can be found here: https://policies.google.com/privacy?hl=de.

If your browser does not support Google Web Fonts or if access is prevented, the content is displayed in a standard font that is stored on the terminal device you are using.

9. explanation of terms

The following definitions are based on the General Data Protection Regulation (GDPR) of the European Union (Regulation EU 2016/679 of the European Parliament and of the Council).

9.1 "Responsible person

The controller is the natural or legal person, public authority, agency or other body which alone or jointly with others determines the purposes and means of the processing of personal data; where the purposes and means of such processing are determined by Union or Member State law, the controller or the specific criteria for its designation may be provided for under Union or Member State law.

Thus, the controller is in principle the natural person or the undertaking which, alone or together with others, determines the purposes and methods of the processing of personal data.

9.2 "personal data

Personal data means any information relating to an identified or identifiable natural person ("data subject"); an identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person. Personal data includes first and last name, address, telephone number, email address, date of birth, etc., as well as the IP address used, information about the devices you use, voice recordings, your customer card number, your account data, your credit card numbers, as well as, for example, physical characteristics such as your gait or your appearance.

9.3 "Processing

Processing means any operation or set of operations which is performed upon personal data, whether or not by automatic means, such as collection, recording, organisation, filing, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure or destruction. Your data is also processed, for example, when you present your customer card at the checkout as part of the payment process or make a payment with your EC card.

9.4 "Third party

Third party means a natural or legal person, public authority, agency or other body, other than the data subject, the controller, the processor and the persons authorised to process the personal data under the direct responsibility of the controller or the processor.

9.5 "Restriction of processing".

Restriction of processing is the marking of stored personal data with the aim of limiting their future processing.

9.6 "Pseudonymisation

The processing of personal data in such a way that the personal data can no longer be assigned to a specific data subject without the use of additional information is called pseudonymisation. This additional information is. In addition, technical and organisational measures shall be taken to ensure that the personal data are not attributed to an identified or identifiable natural person.

9.7 "Consent

Consent shall be understood as any freely given specific, informed and unambiguous indication of his or her wishes in the form of a statement or other unambiguous affirmative act by which the data subject signifies his or her agreement to the processing of personal data relating to him or her.