Privacy Policy - Inova Technology GmbH

Thank you for showing interest in our enterprise. Data protection is of a particularly high priority for the management of Inova Technology GmbH. The use of the Internet pages of Inova Technology GmbH is possible without any indication of personal data; however, if a data subject wants to use special enterprise services via our web site, processing of personal data could become necessary. If the processing of personal data is necessary and there is no statutory basis for such processing, we generally obtain consent from the data subject.

The processing of personal data, such as the name, address, e-mail address, or telephone number of a data subject, shall always be in line with the General Data Protection Regulation (GDPR) and in accordance with the country-specific data protection regulations applicable to Inova Technology GmbH. By means of this data protection declaration, our enterprise informs the general public of the nature, scope and purpose of the personal data we collect, use and process. Furthermore, data subjects are informed of the rights to which they are entitled.

As the controller, Inova Technology GmbH has implemented numerous technical and organisational measures to ensure the most complete protection of personal data processed through this web site. However, Internet-based data transmissions may, in principle, have security gaps, so absolute protection cannot be guaranteed. For this reason, every data subject is free to transfer personal data to us via alternative means, e.g. by telephone.

1. Definitions

The data protection declaration of Inova Technology GmbH is based on the terms used by the European legislator for the adoption of the GDPR. It should be legible and understandable for the general public, as well as our customers and business partners. To ensure this, we first explain the terminology used.

• a) Personal Data — Personal data means any information relating to an identified or identifiable natural person (“data subject”).
• b) Data Subject — Any identified or identifiable natural person whose personal data is processed by the controller.
• c) Processing — Any operation performed on personal data (e.g. collection, storage, use, disclosure, erasure).
• d) Restriction of Processing — Marking stored personal data to limit its processing in the future.
• e) Profiling — Any automated processing of personal data to evaluate personal aspects (e.g. preferences, behaviour, location).
• f) Pseudonymisation — Processing so that data cannot be attributed to a person without additional, separately kept information.
• g) Controller — The person or body that determines the purposes and means of processing personal data.
• h) Processor — The person or body that processes personal data on behalf of the controller.
• i) Recipient — A person or body to whom personal data are disclosed; public authorities in specific inquiries are not recipients.
• j) Third Party — Any person or body other than the data subject, controller, processor, and those authorised to process under their authority.
• k) Consent — Any freely given, specific, informed and unambiguous indication by which a data subject agrees to processing.

2. Name and address of the controller

Controller for the purposes of the GDPR and other applicable data protection laws is:

Inova Technology GmbH, Zeppelinstr. 283, 88048 Friedrichshafen, Deutschland

Phone: +49 7541 9506222

Email: info@endoscopesonline.com

Web site: www.endoscopesonline.com

3. Cookies

The Internet pages of Inova Technology GmbH use cookies. Cookies are text files stored in a computer system via an Internet browser.

Many cookies include a unique cookie ID that allows servers to recognise a specific browser. This enables functions and user convenience.

Cookies help us provide more user-friendly services that would not be possible without cookie settings.

Information and offers can be optimised with the user in mind. For example, access data may be remembered or a shopping cart retained.

Users can prevent or delete cookies at any time via browser settings. If cookies are deactivated, not all functions may be fully usable.

Cookiebot Consent Management Platform

This site uses third-party web site tracking technologies to improve services and display advertisements according to users’ interests. Consent can be given, revoked or changed at any time with effect for the future.

Data processing purposes:

• Compliance with legal obligations
• Storage of consent

Technologies used:

• Local storage
• Cookies

Data attributes:

• Consent Yes or No
• Protocol file data (IP anonymised)

Data collected:

• Device information
• Browser information
• Anonymised IP address
• Opt-in and opt-out data
• Date and time of visit
• Request web site URLs
• Page path of the web site
• Geographical location

Legal basis: Art. 6 para. 1 sentence 1 lit. c GDPR.

Place of processing: European Union (consent database in Denmark).

Retention: Consent data (consent and revocation) are kept for three years. Data export takes place after contract termination.

Further information and opt-out: https://www.cookiebot.com/de/privacy-policy/

4. Collection of general data and information

When our web site is accessed, general data and information are collected and stored in server log files (e.g. browser type and version, operating system, referrer, sub-pages, date and time of access, IP address, ISP, similar data).

We use this information to deliver content correctly, optimise content and advertising, ensure long-term viability of IT systems and provide information to authorities in case of cyber-attacks. Anonymous server log data are stored separately from personal data.

5. Registration on our web site

Users may register by providing personal data requested in the registration form. Data are collected and stored for internal purposes and may be transferred to processors acting on our behalf.

On registration, the IP address and the date and time are stored to prevent misuse and enable investigation of offences. No transfer to third parties unless required by law or for criminal prosecution.

Registered users may change their personal data at any time or request deletion. We provide information about stored personal data on request and correct or erase where no statutory storage obligations exist.

6. Contact via the web site

Our web site enables quick electronic contact and direct communication (including a general e-mail address). Data transmitted via e-mail or contact forms are stored for processing or contacting and are not transferred to third parties.

7. Routine erasure and blocking of personal data

We process and store personal data only as long as necessary for the purpose or as permitted by law. When the purpose ceases or a period expires, data are blocked or erased in accordance with legal requirements.

8. Rights of the data subject

• a) Right of confirmation — to know whether personal data concerning them are being processed.
• b) Right of access — to obtain information and a copy, including purposes, categories, recipients, storage period or criteria, rights, complaint right, source and automated decision-making.
• c) Right to rectification — to correct inaccurate personal data and complete incomplete data without undue delay.
• d) Right to erasure — under Article 17 GDPR where conditions apply.
• e) Right to restriction of processing — under Article 18 GDPR where conditions apply.
• f) Right to data portability — to receive data in a structured, commonly used, machine-readable format and transmit to another controller.
• g) Right to object — to processing under Article 6(1)(e) or (f) GDPR, including profiling, and to object at any time to direct marketing.
• h) Automated decisions including profiling — not to be subject to a decision based solely on automated processing that produces legal effects or similar.
• i) Right to withdraw consent — to withdraw consent at any time.

9. Legal basis for processing

Art. 6(1)(a) GDPR consent; Art. 6(1)(b) contract performance or pre-contractual measures; Art. 6(1)(c) legal obligations; Art. 6(1)(d) vital interests; Art. 6(1)(f) legitimate interests, except where overridden (see Recital 47).

10. Legitimate interests pursued

Where processing is based on Art. 6(1)(f) GDPR, our legitimate interest is to carry out our business in favour of our employees and shareholders.

11. Storage period

Storage periods are determined by statutory retention. After expiry, data are routinely deleted if no longer necessary for contract performance or initiation.

12. Provision of personal data

Provision of personal data may be required by law or contract. In some cases, a contract cannot be concluded without certain data. We will clarify whether provision is required and the consequences of non-provision on request.

13. Automated decision-making

We do not use automatic decision-making or profiling. In case of credit risk, data may be transmitted to IHD Gesellschaft für Kredit und Forderungsmanagement mbH and cooperating credit agencies for credit assessment, address verification and debt collection under Art. 6(1)(b) and Art. 6(1)(f) GDPR. Probability values may be used. Details at www.ihd.de/datenschutz/Artikel14.html and www.ihd.de/datenschutz#vertragspartner.

Market analysis

For analysis and marketing purposes, Inova Technology GmbH uses products and services provided by Visable GmbH. Counting-pixel technology may be used to create pseudonymised or anonymised usage profiles. Visitors are not personally identified and no other personal data are merged with usage profiles.

This Privacy Policy was generated by the Privacy Policy Generator of the DGD – Your External DPO in cooperation with German lawyers from WILDE BEUGER SOLMECKE, Cologne.