Data Privacy Statement
Article 1 Information about the collection of personal data
(1) The following provides information about how personal data is collected when you use our website. Personal data are all data that can be associated with you personally, e.g. name, address. e-mail address, user behaviour.
(2) Controller acc. to Art. 4 (7) of the General Data Protection Regulation (GDPR) is OmniVision® GmbH, Lindberghstrasse 9, 82178 Puchheim, Germany (see also Publication details). You can reach our data privacy officer at email@example.com or our postal address with the addition “Data Privacy Officer”.
(3) When you contact us via e-mail or a contact form, the data you convey to us (your e-mail address, possibly also your name and telephone number) are stored by us to answer your questions. We shall delete the data collected within this context when the storage is no longer necessary, or limit their processing if there are statutory retention obligations.
(4) If we want to use commissioned service providers to provide individual functions of our offer or want to use your data for commercial purposes, we will inform you below in detail of the respective processes. We will also state the specified storage duration criteria.
Article 2 Your rights
(1) You have the following rights towards us regarding the personal data concerning you:
- Right of access,
- Right of rectification or erasure,
- Right of restriction of data processing,
- Right of objection to data processing,
- Right of data portability.
(2) You have additionally the right to complain to a data privacy supervisory authority about the processing of your personal data by us.
Article 3 Collection of personal data when visiting our website
(1) In the case of merely informational use of the website, i.e. if you do not register or provide us with information otherwise, we will only collect the personal data that your browser sends to our server. If you wish to browse our website, we collect the following data that are technically required for us to display the website to you and to ensure its stability and security (the legal basis is Article 6 (1)(1)(f) GDPR):
- IP address
- Date and time of the request
- Time zone difference to Greenwich Mean Time (GMT)
- Content of the request (specific page)
- Access status/HTTP status code
- Amount of data transferred
- Website from which the request originated
- Operating system and its user interface
- Language and version of the browser software.
(2) In addition to the above data, cookies will be stored on your computer when using our website. Cookies are small text files that are stored on your hard drive and assigned to the browser you are using and which provide specific information to the entity placing the cookie (us in this case). Cookies cannot execute programmes or transfer viruses to your computer. They serve to make the internet offering more user-friendly and more effective.
a) This website uses the following types of cookies; their scope and functionality are explained below:
- Transient cookies (see b)
- Persistent cookies (see c).
b) Transient cookies are automatically deleted when you close the browser. These include session cookies in particular. These store a session ID with which different requests of from your browser can be assigned to the shared session. This will allow your computer to be recognised again when you return to our website. The session cookies are deleted when you log out or close the browser.
c) Persistent cookies are automatically deleted after a specified period of time, which may differ depending on the cookie. You can delete the cookies in the security settings of your browser at any time.
d) You can configure your browser setting according to your preferences and, for example, reject third-party cookies or all cookies. Please note that you may not be able to use all functions of this website if you do so.
Use of Google Analytics
b) The IP address transmitted by your browser as part of Google Analytics will not be combined with other Google data.
c) You can prevent the storage of cookies through a corresponding browser software setting; however we would like to point out to you that in this case you may not be able to fully use all functions of this website. You can also prevent Google from collecting the data generated by the cookie and related to your use of the website (including your IP address) as well as the processing of this data by downloading and installing the browser plug-in available at the following link: http://tools.google.com/dlpage/gaoptout?hl=de.
d) This website uses Google Analytics with the extension “_anonymizeIp()”. This way, IP addresses are truncated further, which makes it impossible to relate them to a specific person. If the data collected about you is personally identifiable, it is immediately excluded and the personal data is deleted immediately.
e) We use Google Analytics to analyse and regularly improve the use of our website. The collected statistical data allows us to improve our offering and make it more interesting for you as a user. For the exceptional cases in which personal data are transferred to the United States, Google has adopted the EU-US Privacy Shield, www.privacyshield.gov/EU-US-Framework. The legal basis for the use of Google Analytics is Article 6 (1)(1)(f) GDPR.
f) Information of the third-party service provider: Google Dublin, Google Ireland Ltd., Gordon House, Barrow Street, Dublin 4, Ireland, Fax: +353 (1) 436 1001. Usage conditions: www.google.com/analytics/terms/de.html, Data privacy overview: www.google.com/intl/de/analytics/learn/privacy.html, and the data privacy statement: www.google.de/intl/de/policies/privacy.
Data privacy information for business customers
Our information obligation according to Articles 13 and 14 GDPR
I) Details of the responsible body
82178 Puchheim, Germany
II) Contact details of the data privacy officer
You can reach our data privacy officer at the e-mail address firstname.lastname@example.org or under the postal address stated under I, with the addition “Data privacy officer”.
III) Information about the responsible supervisory authority
The responsible supervisory authority for data privacy is:
Bayerisches Landesamt für Datenschutzaufsicht
91522 Ansbach, Germany
Tel.: +49 (0) 981 180093-0
Fax: +49 (0) 981 180093-800
Data privacy information/information obligations according to Article 13 and 14 for business partners
These information obligations are aimed at:
- Medical specialists with whom we are establishing or maintaining a relationship
- Our customers or interested parties who may be or are natural persons (pharmacists, opticians, doctors)
- Representatives or contacts of our customers or interested parties that are legal entities (hospitals, large pharmacists)
You are receiving this data privacy statement because OmniVision processes information concerning you that is personal data and OmniVision considers the protection of your personal data and your privacy to be very important. OmniVision is responsible for processing your personal data, as they decide how and why they are processed and then acts as the controller. Reference is made to OmniVision in this data privacy information/these information obligations.
If you have further questions regarding the processing of your personal data please contact email@example.com
1. Which of your data are processed:
Information about you can originate either directly from you, from our business partners, third parties or trustworthy publicly accessible sources, that may have obtained your consent under applicable law to pass on this personal information to us.
For example, we collect different types of personal data about you.
- General information and personal data about you (e.g. family name, first name, gender, e-mail address and/or postal address, landline or mobile phone number)
- If required your function (title, position, name of the hospital of the employer)
- If required payment information (credit card details, bank information, value-added tax or other tax numbers)
- A unique customer number and customer profile
- Your identification data for our web shop if you initiate delivery of products via the web shop. These are in particular login data such as ID and password
- Information or data regarding which information we will display for you and for how long on your devices.
- Data that you make available to us, for example when filling out forms during events in which you have participated or when answering questions in a survey (trade fairs and congresses)
- Usage data about our service or web portal from where you order our products
- Data related to our products and
- information about your scientific or medical work (publications, memberships, etc.) and about your co-operation with us, including possible future co-operation (lectures, publications, studies, etc.)
2. Purpose of the data processing
2.1 Legal basis for the data processing
We will not process your personal data if we do not have the appropriate legal basis for the particular intended use. Therefore, your personal data will only be processed if:
- The processing is necessary to fulfil our contractual obligations to you or to conduct pre-contractual steps at your request.
- We have obtained your prior consent
- The processing is legally required and we are meeting a legal obligation
- The processing is due to a legitimate interest of ours and your interests or basic rights and freedoms are not limited. Therefore, please note that when processing your personal data based on weighing of interests we always attempt to create a balance between our legitimate interests and your privacy or your basic freedoms. A legitimate interest of ours exists:
- To benefit from cost-effective services we can use the platforms of suppliers for data processing
- To offer you or our customers products and services
- To prevent fraud attempts or criminal activities and to protect our products and our IT systems and architecture from misuse
2.2 Purpose of the data processing
Your personal data will always be processed for a specific purpose, therefore we can in particular process your personal data for the following purposes:
- To implement tasks for the preparation or fulfilment of existing contracts.
- To maintain our relationship with you or via our databases in which we combine data about you from various sources to gain an overview of the co-operation. In addition, we want to improve our understanding of your preferences and our communication with you and customise it
- To maintain proof of transactions
- To provide you with appropriate and current information about research, illnesses, medications as well as our product range in a suitable waynbsp
- To improve the quality of our products
- To reply to enquiries you send us and to offer you efficient support
- To provide you with surveys, for example to improve the future co-operation between you and us
- To provide you with information about products and product upgrades or products we are promoting
- To administer the co-operation and communication with you and to promote it among medical specialists
- To trace activities from our side, e.g. to measure the co-operation, sales, number of meetings, discussed topics, presented documents and products
- To assess and estimate how often you prescribe our products, which products you are interested in, under which conditions you prescribe our products and how we address you each time, or to conduct a market observation of the degree of effectiveness of our products
- To measure your expert and scientific depth and to assess your attitude towards new research projects
- To invite you to events and congresses that are sponsored by us or where we present our products or medications to you
- For the management of our IT resources and infrastructure
- For invoicing and financial accounting as well as for other purposes that are legally and officially required
- Access authorisation and transfer of your personal data
Your personal data will not be sold, passed on or otherwise transferred to third parties by us. Except for the group of people stated in this data privacy statement. Within the scope of our activities and for the purposes stated in this data privacy statement, your personal data can be accessed by or passed on to the following recipient categories insofar as this is necessary for achieving the respective purpose.
- Our staff
- Our independent agents or brokers, if we employ such
- Suppliers and service providers offering us services and products
- Send the information to IQ and VIA
- Our IT system providers, database providers, cloud service providers and advisers
- Our business partners
- Third parties to whom we relinquish or transfer our rights and obligations
- If we pass on data to third parties, they are contractually obligated to maintain the confidentiality/integrity as well as the security of your personal data in line with the applicable law of the GDPR and the German Federal Data Privacy Act (BDSG) in the version of 25 May 2018.
Your personal data can also be accessed by or transferred to national/international agencies, law enforcement authorities, public institutions or courts of law if we are obligated by law to allow this.
- Protection of personal data
OmniVision shall apply appropriate technical and organisational measures to ensure a suitable level of security and confidentiality of your personal data. These measures take the following into account:
- The state of technology
- The costs of implementation
- The type of data and
- The risk of processing
In addition, we shall comply with the following rules when handling your personal data:
- It is ensured that your personal data are current and remain accurate
- We only collect such personal data that are suitably relevant to fulfil the above purposes and not too extensive
To ensure the topicality and correctness of your data we would like to ask you at this point to confirm your personal data. You can also inform us any time if anything changes in your personal status to allow us to keep your personal data current at all times.
- Storage duration of your personal data
Your personal data is only stored as long as necessary for fulfilling the purpose for which they were collected or for fulfilling statutory, regulatory or internal requirements.
For contracts, the storage duration is equal to the duration of the contract with us plus the period of time until the legal requirements of said contract fall under the statute of limitations unless a longer or shorter storage duration is required due to binding laws or other specified times. When the statutory or official storage time has expired, your personal data will be removed from our IT systems.
- What rights do you have
You can exercise the following rights under the conditions below and the legally prescribed limitations
- The right to request erasure of your personal data or their limitation to specific processing categories
- The right to withdraw your consent at any time, while the legitimacy of the processing is not affected by this withdrawal
- The right to fully or partially object to the processing of your personal data
- The right to refuse the processing for marketing purposes and a communication channel used for this purpose and the right to data portability, i.e. that the personal data you have made available is returned or handed over to you in a structured, commonly used and machine-readable format unhindered by us and in accordance with your confidentiality commitment.
If you want to exercise the above rights and have questions concerning them, please write an e-mail to: firstname.lastname@example.org
If you are not satisfied with the processing of your personal data by us, address your complaint to email@example.com or send it via post to OmniVision at the above address with the addition “Data privacy officer”. In addition, you have the right beyond the above stated rights to lodge a complaint with the responsible supervisory authority (see above for the address and contact details).