In principle, it is possible to use the Eye-Able® website at www.eye-able.com without providing any personal data.
However, if a data subject wants to use special company services via our website, processing of personal data could become necessary. If the processing of personal data is necessary and there is no legal basis for such processing, we generally obtain the consent of the person concerned.
Personal data is always processed in accordance with the General Data Protection Regulation (GDPR) and in accordance with the country-specific data protection regulations applicable to Eye-Able®.
As the person responsible for processing, Eye-Able has implemented numerous technical and organizational measures to ensure the most complete protection possible for the personal data processed via this website.
With our data protection declaration we inform you about the type, scope and purpose of the personal data we collect, process and use as well as about your rights in connection with the processing of your personal data by us.
1. Name and contact details of the person responsible
The websites www.eye-able.com are operated by the
Web Inclusion GmbH
Managing Director: Oliver Greiner
We are responsible for the collection, processing and use of your personal data, which may be collected from you during your visit to our website. If you have any questions, please do not hesitate to contact us using the contact details provided.
2. Your Rights
If we process your personal data, you have the right to information, correction, deletion, restriction of processing and data portability. In addition, you have a right of objection and a right of appeal.
To assert your rights, please contact us or our data protection officer using the contact details above.
You have the following rights in detail:
2.1. The right to confirmation and information, Article 15 GDPR
You can request confirmation as to whether we are processing your personal data. If we process your personal data, you are entitled to information about the following points:
- the processing purposes
- the categories of personal data being processed,
- the recipients or the categories of recipients to whom the personal data are disclosed, in particular recipients in third countries or international organizations,
- if possible, the planned duration for which the personal data will be stored or, if this is not possible, the criteria for determining this duration,
- the existence of a right to correction or deletion of the personal data concerning you or to restriction of processing by the person responsible or a right to object to this processing,
- the existence of a right of appeal to a supervisory authority,
- if the personal data are not collected from the data subject, all available information about the origin of the data,
- the existence of automated decision-making including profiling in accordance with Article 22 Paragraphs 1 and 4 GDPR and - at least in these cases - meaningful information about the logic involved and the scope and intended effects of such processing for the data subject.
2.2. The right to rectification, Article 16 GDPR
You have the right to demand that we correct any incorrect personal data concerning you without undue delay.
In addition, taking into account the purposes of the processing, you have the right to request the completion of incomplete personal data - also by means of a supplementary declaration.
2.3. The right to erasure, Article 17 GDPR
You can ask us to delete personal data concerning you immediately. In this case, we are obliged to delete personal data immediately if one of the following reasons applies:
- the personal data are no longer necessary for the purposes for which they were collected or otherwise processed;
- You withdraw your consent on which the processing was based and there is no other legal basis for the processing;
- you object to the processing and there are no overriding legitimate grounds for the processing, or you object to the processing;
- the personal data have been unlawfully processed;
- the personal data must be erased for compliance with a legal obligation in Union or Member State law to which we are subject;
- the personal data were collected in relation to information society services offered in accordance with Article 8 (1) GDPR.
The right to erasure exists exceptionally not, if processing
- to exercise the right to freedom of expression and information;
- to fulfill a legal compliance that requires processing under Union or Member State law to which we are subject or to perform a task that is in the public interest or in the exercise of official authority that has been delegated to us;
- for reasons of public interest in the field of public health;
- for archiving purposes in the public interest, scientific or historical research purposes or for statistical purposes pursuant to Article 89 (1) GDPR, insofar as the right to erasure makes it likely to be impossible or seriously impairs the achievement of the processing goals, or
- to assert, exercise or defend legal claims.
If we are obliged to delete according to the aforementioned principles and if we have made your personal data public, we will take appropriate measures, including technical ones, taking into account the available technology and the implementation costs, to inform the other persons responsible for data processing who are responsible for the personal data process data that you have requested them to delete all links to, or copies or replications of, that personal data.
2.4. The right to restriction of processing, Article 18 GDPR
Under the following conditions, you have the right to request us to restrict the processing of your personal data, namely if:
- the accuracy of the personal data is contested by you, for a period enabling us to verify the accuracy of the personal data;
- the processing is unlawful and you refuse to delete the personal data and instead request that the use of the personal data be restricted;
- we no longer need the personal data for the purposes of processing, but you need them to assert, exercise or defend legal claims, or
- You have lodged an objection to the processing, as long as it is not certain whether our legitimate reasons outweigh yours.
2.5. The right to data portability, Article 20 GDPR
You have the right to receive the personal data that you have provided to us in a structured, common and machine-readable format.
In addition, you have the right to transmit this data to another person in charge without hindrance from the person in charge to whom the personal data was provided, provided that
- the processing is based on consent or on a contract and
- the processing is carried out using automated procedures.
When exercising your right to data portability, you have the right to have your personal data transmitted directly from one controller to another, where technically feasible.
2.6. Right to object to data processing, Article 21 GDPR
You have the right, for reasons arising from your particular situation, to object at any time to the processing of your personal data, which is based on your consent or on the basis of our legitimate interest; this also applies to profiling.
After your objection, we will no longer process your personal data unless we can demonstrate compelling legitimate grounds for processing that outweigh your interests, rights and freedoms, or the processing serves to assert, exercise or defend legal claims.
If personal data is processed in order to operate direct advertising, you have the right to object at any time to the processing of your personal data for the purpose of such advertising; this also applies to profiling insofar as it is associated with such direct advertising. If you object to the processing for direct marketing purposes, the personal data will no longer be processed for these purposes.
You have the right, for reasons arising from your particular situation, to object to the processing of your personal data for scientific or historical research purposes or for statistical purposes, unless the processing is necessary for fulfilment a task in the public interest.
2.7. Right to withdraw consent
If you have given us your consent to the processing of your personal data (e.g. to send the newsletter), you also have the right to revoke this consent at any time with effect for the future. The revocation does not affect the legality of the processing carried out on the basis of the consent up to the time of revocation.
The revocation is informal possible.
2.8. Right of appeal to a supervisory authority, Article 77 GDPR
In addition, you also have the right to lodge a complaint against us with a data protection supervisory authority, in particular in the member state of your habitual residence, your place of work or the place of the alleged infringement, if you believe that our processing of your personal data violates applicable data protection law violates.
This is the supervisory authority responsible for us
[adjust depending on the federal state] Bavarian State Office for Data Protection Supervision, Promenade 27 (Schloss), 91522 Ansbach, phone: +49 (0) 981 53 1300, fax: +49 (0) 981 53 98 1300, e-mail: email@example.com.
3. Data processing when visiting our websites
Our website can generally be used without actively providing personal data. Every time our website is called up, i.e. also for purely informational use, various data and information are recorded by us for technical reasons and stored in so-called log files or server log files (log files) of our server. This is only personal or person-related data that your browser transmits to our server.
Recorded and stored:
- the IP address (internet protocol address),
- the date and time of access to our website,
- the browser software/browser types used to access our website (computer programs for displaying websites) and their versions and language,
- the operating system accessing our system and its version,
- the Internet service provider (Internet service provider) of the accessing system,
- Content of the request (contents of the specifically accessed pages),
- access status/HTTP status code (response provided by the server to each HTTP request, representing the status of the request),
- the website from which our website is accessed,
- Time zone difference from Greenwich Mean Time (GMT).
The storage of the IP address - even if only for a short time - is technically necessary due to the way the internet works. However, before we process and store your IP address, it will be shortened and only used in this unrecognizable (anonymous) form. The complete IP address is not stored. An assignment to you is no longer possible after the reduction.
The other information and data mentioned above are also not used by us to draw conclusions about you and/or to identify you. Data that make it possible to identify your person will be anonymized as soon as possible.
The data and information listed above are collected by us exclusively to show you our websites and to ensure their stability and security and to optimize our websites in this regard. The collection of the data mentioned serves the purpose of improving the data security of the programs and systems we use. In addition, we use the data for the anonymous, statistical evaluation of your movements on our websites.
The log files are stored separately from your other personal data, which you may have made available to us yourself when visiting our website, and are not merged with them. The log files are deleted after 7 days.
The legal basis for collecting the data mentioned is our legitimate interest (Article 6 (1) (f) GDPR) in the functionality and security of our websites. In addition, we have a legitimate interest in using the anonymous or anonymized data to evaluate user behavior on our pages in order to be able to evaluate the effectiveness of our website design and our website structure.
We use so-called cookies on our websites. Cookies are small text files that our server sends to your browser together with the website accessed when you or your browser first access our website. Your browser saves the cookie(s) on the hard drive of your end device.
Cookies cannot transfer malware or viruses to your end device, run programs or open pop-up windows. They are also not used to send spam. Rather, cookies are used to obtain certain information.
We distinguish between technically necessary cookies, which enable the operation of the website in the first place, and voluntary cookies. The voluntary cookies are only set with your consent. Please note that if you only allow the technically necessary cookies, some functionalities of the website can only be used to a limited extent or not at all.
4.1. Technically necessary cookies
We use this data or the technically necessary cookies we use to make our website more effective, safer and more user-friendly overall and, for example, to get information about which goods are already in your shopping cart or whether you already have a pop-up window was displayed.
We use the following technically necessary cookies:
|name of the cookie||purpose of use||Expiration of the cookie|
|Viewed_cookie_policy||Storage of user settings, use solely for the proper functioning of the website||12 months|
|cookielawinfo-checkbox-necessary||Storage of user settings, use solely for the proper functioning of the website||1 hour|
|cookielawinfo-checkbox-non-necessary||Storage of user settings, use solely for the proper functioning of the website||12 months|
|PHPSESSID||Storage of user settings, use solely for the proper functioning of the website||session end|
|allowCookie:||Storage of user settings, use solely for the proper functioning of the website||6 months|
|__csrf_token-1||safety mechanism||session end|
|session-1||Storage of user settings, use solely for the proper functioning of the website||session end|
4.1.2. Legal Basis for Use
4.2. Voluntary cookies
4.2.1. legal basis
The voluntary cookies are only set with your consent (Article 6 (1) (a) GDPR). Please note that if you only allow the technically necessary cookies, some functionalities of the website can only be used to a limited extent or not at all.
4.3. Further options for influencing the setting of cookies through settings in your browser
If you do not want cookies to be stored in general or individual cookies on your end device, you can configure your browser settings according to your preferences via the corresponding menu item.
At this point we would like to point out that this can mean that not all functions of our website are available or can no longer be used.
In addition to blocking cookies, which are stored on your end device for the duration of the respective session, you can also remove them from your end device; regardless of whether the use is limited in time or unlimited.
To do this, you can call up the corresponding functions in your browser and delete the history.
Flash cookies can be prevented by installing a corresponding "add-on", e.g. "Better Privacy" for Mozilla Firefox or the Adobe Flash Killer cookie for Google Chrome.
By selecting private mode in your browser, you can prevent the setting or use of HTML5 Storage Objects.
In general, we recommend that you regularly delete your browser history and cookies.
5. Data processing when using the contact form You have the option of sending us an inquiry via our contact form.
5.1. Use of the contact form
If you use this option, only the personal data that you provide as part of your inquiry will be collected. The specification of your e-mail address represents necessary information, without which it is unfortunately not possible to send your request to us. You are also welcome to tell us your first name, surname or title (Ms./Mr.) so that we can address you correctly in our reply.
5.2. data processing
The processing of your data, which you provide as part of your inquiry via our contact form, takes place on the basis of the consent to processing (Article 6 Para. 1 lit. a DSGVO) that you give us by sending your inquiry, or on the basis of ours legitimate interest (Article 6 Para. 1 lit. f GDPR) in the possibility of answering inquiries addressed to us.
If a contractual relationship is established between us as a result of you contacting us, the data will be processed to carry out pre-contractual measures (Article 6 (1) (b) GDPR).
5.3. storage duration
We store the data that we receive from you via the contact form until your request has been fully processed. Subject to your consent to the storage of your data for other purposes (e.g. newsletter dispatch), we will delete your data after the processing of your request has been completed, unless a contractual relationship has come about between us as a result of the contact. In this case, we store the data, if necessary, until the end of the commercial and tax retention periods.
5.4. Right to withdraw consent
You can revoke this consent at any time with effect for the future. Your revocation does not mean that the legality of the processing of your personal data is no longer applicable up to your revocation.
In the event that a contract should come about between us and you as a result of the contact being made, the data storage is based on the contract or on necessary pre-contractual measures.
To exercise your right of withdrawal, simply send us a short email or choose another form of contact. You can find the contact details in our imprint or at the beginning of this statement.
6. Data processing for inquiries via e-mail, telephone or fax
If you contact us by e-mail, telephone or fax, we will collect and process the personal data that you make available to us in this context (name, request, telephone number, e-mail address, fax number, if applicable, if communicated in the context of the request, e.g. e-mail signature, your address). We only use your personal data to process your request. The data will not be passed on to third parties without your consent.
6.1. data processing
The processing of your data, which you make available as part of your inquiry via our contact form, takes place on the basis of the consent to processing (Article 6 Para. 1 lit. a) DSGVO), which you grant and when you send your inquiry, or on the basis of our legitimate interest (Article 6 Para. 1 lit. f) GDPR) in the possibility of answering inquiries addressed to us.
If you enter into a contractual relationship (membership) as a result of contacting us, the data will be processed to carry out pre-contractual measures (Article 6 (1) (b) GDPR).
6.2. storage duration
We store the data that we receive from you via the contact form until your request has been fully processed. Subject to your consent to the storage of your data for other purposes (e.g. newsletter dispatch), we will delete your data after the processing of your request has been completed, unless a contractual relationship has come about between us as a result of the contact. In this case, we store the data, if necessary, until the end of the commercial and tax retention periods
6.3. Right to withdraw consent
You can revoke your consent to data processing at any time with effect for the future. Your revocation does not mean that the legality of the processing of your personal data is no longer applicable up to your revocation.
To exercise your right of withdrawal, simply send us a short email or choose another form of contact. The contact details can be found in our imprint or at the beginning of this statement.
7. SSL or TLS encryption
We use TLS (Transport Layer Security) encryption technology on our websites through which personal data can be entered (in particular the ordering process, logging into the customer account, subscribing to our newsletter). This is a protocol for encrypting data transmissions in order to prevent unauthorized access by third parties to your personal data, in particular your bank or financial data. You can recognize the encryption by the designation "https://".
8. Google Web Fonts and Google Material Icons
We use so-called web fonts and material icons on our websites in order to display the content on our websites in an appealing, correct and uniform manner across browsers. The appealing and correct presentation of our content represents a legitimate interest.
The web fonts and material icons we use are web fonts and material icons from Google LLC (Google), Amphitheater Parkway, Mountain View, CA 94043, USA.
Web fonts and material icons make it possible to use fonts and icons that are not stored on the visitor's PC or the device used to visit our site.
The fonts and icons used on the website you have accessed are loaded from your browser into your browser cache when you access this page, so that the content (text and characters, icons) is displayed correctly. The browser you are using connects to the Google servers. As part of this connection between your browser and Google, Google is informed that your IP address has accessed our website. According to Google's representation, however, there is no combination of otherwise known personal data (e.g. if you are logged into your Google account at the time you visit our website) and the fact that your IP address is transmitted to Google when you visit a website.
According to Google, the CSS (Cascading Style Sheets - a programming or style sheet language used to give the content on our site its appearance, e.g. the color representation of individual words or paragraphs) are stored in the cache for 24 hours.
According to Google, the font files and icons themselves are cached for one year. You can find more information on data storage and Google Webfonts under the following link: https://developers.google.com/fonts/faq.
Further information on the use of data by Google can be found here: https://policies.google.com/privacy?hl=de.
If your browser does not support Google Webfonts or if access is blocked, the content will be displayed in a standard font that is stored on the end device you are using.
9. Definition of terms
The basis for the following definitions of terms is the General Data Protection Regulation (GDPR) of the European Union (Regulation EU 2016/679 of the European Parliament and of the Council).
The person responsible is the natural or legal person, authority, institution or other body that alone or jointly with others decides on the purposes and means of processing personal data; if the purposes and means of this processing are specified by Union law or the law of the Member States, the person responsible or the specific criteria for his naming can be provided for by Union law or the law of the Member States.
Thus, the person responsible is basically the natural person or the company, which alone or together with others, determines the reason for and the way in which personal data is processed.
9.2. "Personal Data"
Personal data is any information relating to an identified or identifiable natural person (“data subject”); an identifiable natural person is one who, directly or indirectly, in particular by association with an identifier such as a name, an identification number, location data, an online identifier or one or more special features, expresses the physical, physiological, genetic, psychological, economic, cultural or social identity of this natural person can be identified. In addition to the first and last name, address, telephone number, email address, date of birth, etc., personal data also includes the IP address used, information about the devices you use, voice recordings, your customer card number, your account details, your credit card numbers , as well as, for example, physical characteristics such as your gait or your appearance.
Processing is any process carried out with or without the help of automated procedures or any such series of processes in connection with personal data such as collecting, recording, organizing, arranging, storing, adapting or changing, reading out, querying, using, disclosure by transmission, distribution or any other form of making available, matching or linking, restriction, deletion or destruction. Your data will also be processed, for example, if you present your customer card at the checkout as part of the payment process or make a payment with your EC card.
9.4. "third party"
Third party is a natural or legal person, public authority, agency or body other than the data subject, controller, processor and persons who, under the direct responsibility of the controller or processor, are authorized to process the personal data.
9.5. "Restriction of processing"
The restriction of processing is the marking of stored personal data with the aim of restricting their future processing.
The processing of personal data in such a way that the personal data can no longer be assigned to a specific data subject without the use of additional information is called pseudonymisation. This is additional information. In addition, technical and organizational measures must be taken to ensure that the personal data is not assigned to an identified or identifiable natural person.
Consent is understood as any voluntary, informed and unequivocal expression of will in a specific case in the form of a declaration or other clear affirmative action by which the data subject indicates that they consent to the processing of their personal data is.