Privacy Policy

Privacy policy

Inventronics GmbH attaches great importance to the protection of your privacy and your personal data as well as the necessary data security and therefore collects, processes and uses your personal data exclusively in accordance with the principles described below as well as the requirements of the EU General Data Protection Regulation (DSGVO) and the Federal Data Protection Act (BDSG) applicable to Inventronics GmbH.

Name and address of the person responsible

The personal data controller within the meaning of the EU General Data Protection Regulation (“DSGVO”) and other national data protection laws of the EU member states as well as other applicable data protection regulations for the operation of the website https://www.inventronics-light.com (hereinafter “Website”) is:

Inventronics GmbH
Parkring 31-33, 85748 Garching, Germany
Phone: +49 89 6213-0 | Email: contact@inventronicsglobal.com

If you wish to object to the collection, processing or use of your data by us in accordance with this data protection declaration, either as a whole or for individual measures, you can send your objection by e-mail, fax or letter to the aforementioned contact details or to our data protection officer. You can also obtain information regarding your personal data at any time and free of charge using the aforementioned contact details.

Name and address of the data protection officer

The data protection officer of the data controller can be reached as follows:

BAY GmbH, Wirtschaftsprüfungsgesellschaft Rechtsanwaltsgesellschaft.

Hultschiner Strasse 8, 86177 Munich, Germany

Phone: +49 (0)89 90 420 49 62

E-mail: privacy@inventronicsglobal.com .

Your personal data

Personal data is any information relating to an identified or identifiable natural person (hereinafter “data subject”). We process your personal data solely to enable us to provide you with the Website. We only collect personal data, such as your name and e-mail address, if you provide it to us voluntarily or if you have consented to its collection. For the technically required data, we refer to the execution under “Provision of the website and creation of log files / log files” and “Use of cookies”.

General information on data processing

We process personal data (hereinafter also referred to as “data”) of data subjects, i.e. visitors to the website, via our website to the extent that this is necessary to provide a functional website and our content and services. The processing of personal data of our users is regularly carried out only after the user has consented to the processing. An exception applies in those cases where processing of the data is permitted by legal regulations, required for the fulfillment of a contract or technically necessary.

What legal basis applies to the processing of your data?

Insofar as we obtain the consent of the data subject for processing operations of personal data, Art. 6 para. 1 lit. a) DSGVO in conjunction with. § Section 25 (1) TTDSG as the legal basis.

When processing personal data that is necessary for the performance of a contract to which the data subject is a party, Art. 6 (1) (b) DSGVO serves as the legal basis. This also applies to processing operations that are necessary for the performance of pre-contractual measures.

Insofar as processing of personal data is necessary for compliance with a legal obligation to which our company is subject, Art. 6 para. 1 lit. c) DSGVO in conjunction with. § 26 TTDSG as the legal basis.

In the event that vital interests of the data subject or another natural person make processing of personal data necessary, Art. 6 (1) (d) DSGVO serves as the legal basis.

If the processing is necessary to protect a legitimate interest of our company or a third party and the interests, fundamental rights and freedoms of the data subject do not override the first-mentioned interest, Art. 6 (1) f) DSGVO in conjunction with. § Section 25 (2) sentence 2 TTDSG as the legal basis for the processing.

How long do we store your data?

The personal data of the data subject will be deleted or blocked as soon as the purpose of storage ceases to apply. Storage may take place beyond this if this has been provided for by the European or national legislator in Union regulations, laws or other provisions to which the controller is subject. Blocking to further data processing or deletion of data also occurs when a legally prescribed storage period expires, unless there is a need for further storage of the data for contract performance.

Provision of the website and creation of log files / log files

1. description and scope of data processing

During the mere informational use of the website, we only collect the personal data that your browser transmits to our server or provider and that are technically necessary for the purpose of displaying our website to you and ensuring its stability and security.

We have contracted the company SpaceNet AG, Joseph-Dollinger-Bogen 14, 80807 Munich, Germany (hereinafter “SpaceNet”) for the hosting and technical provision of our website. We have concluded the required data protection agreement with SpaceNet for commissioned processing in accordance with Art. 28 DSGVO. According to this agreement, SpaceNet undertakes to ensure the necessary protection of your data and to process it in accordance with the applicable data protection provisions exclusively on our behalf and in accordance with our instructions. For more information about SpaceNet, please visit the website: https://www.space.net/.

The following data in log files or log files provided by SpaceNet as part of hosting:

(1) the browser type and version used, if you have consented to transmission within your browser settings,

(2) the operating system as well as the internet service provider of the user,

(3) the date and time of the server request,

(4) the website previously visited, only if it linked to our website and the visitor clicked on this link,

(5) the IP address of the user,

(6) the amount of data sent/transmitted.

In the SSL request log additionally:

(7) SSL protocol (e.g. TLSv1.2)

(8) Cipher

The data is stored on SpaceNet servers hosted in Germany. SpaceNet uses this information for the specified purpose on our behalf. An independent use of the data by SpaceNet as well as an unauthorized transfer to third parties does not take place. A storage of this data together with other personal data of the user does not take place.

2. legal basis for the data processing

The legal basis for the temporary storage of the data and the log files is Art. 6 para. 1 lit. f) DSGVO in conjunction with. § 25 para. 2 sentence 2 TTDSG.

3. purpose of the data processing

The temporary storage of the IP address by the system is necessary to enable delivery of the website or content to the end device used by the user. For this purpose, the user’s IP address must remain stored for the duration of the session.

The storage of all the above information ((1) – (8)) in log files or log files is done to ensure the functionality of the website. In addition, we use the data to optimize the website and to ensure the necessary security of our information technology systems. An evaluation of the data for marketing purposes does not take place in this context. In these purposes also lies our legitimate interest in data processing according to Art. 6 para. 1 lit. f) DSGVO in conjunction with. § 25 para. 2 sentence 2 TTDSG.

4. duration of storage

The IP addresses of users are alienated as soon as they are no longer necessary to achieve the purpose of their collection. This is the case at the end of the user’s respective session. An assignment of the calling client is then no longer possible.

The storage period of the log files for the purposes listed above is 6 months.

5. possibility of objection and elimination

The collection of data for the provision of the website and the storage of the data in log files is absolutely necessary for the operation of a website. There is no possibility of objection on the part of the user.

Use of cookies

1. description and scope of data processing

Our website uses cookies. Cookies are text files that are stored in the Internet browser or by the Internet browser on the user’s computer system. Cookies cannot execute programs or transfer viruses to your computer. When a user calls up a website, a cookie may be stored on the user’s terminal device. This cookie contains a characteristic string of characters that enables the browser to be uniquely identified when the website is called up again. Some of the cookies we use are deleted at the end of the browser session, i.e. after you close your browser (so-called “session cookies”). Other cookies remain on your terminal device and allow us to recognize your browser the next time you visit, should you have consented to this.

In the following, we will give you an overview of the cookies used, their validity period and the respective opt-out options. If you allow us to use cookies through your browser settings, the following cookies may be used on our websites or in the store:

Cookie Name	Purpose
borlabs-cookie	Stores your privacy settings by the provider Borlabs Cookie CMP (validity period: 6 months)
pll_language	Saves the language setting on the website (validity period: 1 year)

Technically necessary, so-called essential cookies, are used to ensure that your visit to our website runs smoothly. This includes providing our website and ensuring page navigation. These cookies are necessary for a secure visit to our website and cannot be turned off.

In addition, due to the use of various plugins on our website, third-party providers may set so-called first/third party cookies on your terminal device. These providers are loaded only after the users have given their consent. For the description of the optional cookies, the functionality, the purpose as well as the objection options, we refer to the explanations of the respective providers under “Plugins & Tools” in addition to the following explanations.

Cookie Name	Provider	Purpose
_ga	Google Analytics	A unique, randomly generated user ID that is used to identify the user on the website. (Validity period: 13 months)
_ga_*	Google Analytics	A unique, randomly generated user ID that is used to identify the user on the website. (Validity period: 13 months)

2. legal basis for the data processing

The legal basis for the processing of personal data using technically necessary cookies is Art. 6 para. 1 lit. f DSGVO in conjunction with. § Section 25 (2) sentence 2 TTDSG.

The legal basis for the processing of personal data using optional cookies after user consent is Art. 6 para. 1 lit. a DSGVO in conjunction with. § Section 25 (1) TTDSG.

3. purpose of data processing

The purpose of using technically necessary cookies is to enable users to use our websites. Some functions of our website cannot be offered without the use of cookies. For these, it is necessary that the browser is recognized even after a page change. The user data collected through technically necessary cookies are not used to create user profiles.

Further information on optionally used measures can be found in the section of the respective provider under the item “Plugins & Tools”.

4. duration of storage, possibility of objection and elimination

Cookies are stored on the user’s computer and transmitted from it to our site. Therefore, you as a user also have full control over the use of cookies. By changing the settings in your Internet browser, you can disable or restrict the transmission of cookies. Cookies that have already been stored can be deleted at any time. This can also be done automatically. If cookies are deactivated for our website, it may no longer be possible to use all website functions to their full extent.

For more information, please refer to the section of the respective provider under the item “Plugins & Tools”.

Third-party transfer of your data

If personal data is transmitted to service providers or group companies outside the European Economic Area (EEA), the transmission will only take place if the EU Commission has confirmed that the third country has an adequate level of data protection, you have separately consented to the transmission or other appropriate data protection guarantees (e.g. the agreement of EU standard contractual clauses) are in place.

Plugins & Tools

We use extensions, plugins and offers from third-party providers on our website for the uniform presentation of our website. In the process, personal data is often passed on to the third-party providers or transmitted automatically. The type, scope and purpose of this processing of personal data are listed and explained below:

Use of Borlabs cookie for consent management.

1. description and scope of data processing

We use for the provision of a Consent Management Platform (in short: “CMP”), i.e. a system that regulates the use of third-party providers, technical measures as well as cookies via a granted or rejected consent, the services of Borlabs GmbH, Benjamin A. Bornschein, Rübenkamp 32, 22305 Hamburg, Germany (hereinafter “Borlabs”). CMP ensures that no actions are set or executed without previously granted consent that are subject to a consent requirement.

Borlabs processes the following data to provide and manage the CMP:

Your given consents or individual privacy settings.

The content of our CMP is based on the rules and overviews as defined in the current IAB-TCF standard. We always use the current “Transparency & Consent Framework” of the IAB Europe. For more information on the IAB-TCF standard, please visit https://iabeurope.eu/transparency-consent-framework/.

Borlabs uses the borlabs-cookie cookie in our configuration to store the user’s privacy settings with a retention period of 6 months.

The retention period is the time period during which the data processed by the CMP is stored for the purpose of consent management. The consent data (consent given and withdrawal of consent) is kept for 6 months. Within this period, no renewed consent is required, unless new systems are introduced or due to legal or regulatory frameworks, it is necessary to obtain renewed consent.

For more information on data processing by Borlabs, please see its privacy policy at https://de.borlabs.io/datenschutz/.

2. purpose and legal basis for data processing.

The purpose of data processing by Borlabs is to provide as well as manage the consents given by our website visitors in a data protection compliant manner. The use of Borlabs serves the purpose of providing informed consent by the website visitor, proof of consent given and not given, as well as the management of the individual privacy settings of our website visitors. The processing is carried out for the purpose of obtaining the website visitor’s consent, providing revocation and objection options, providing evidence of the consent received (time of consent, end device used), and identifying the user to manage their individual privacy settings.

The use of a consent management platform as well as the management and storage of your consents to the processing of your personal data is based on our legal obligation to provide a website that complies with data protection requirements (Art. 6 para. 1 p. 1 lit. c) DSGVO in conjunction with. § 26 TTDSG). The legal basis for the use of the service provider Borlabs is also Art. 6 para. 1 p. 1 lit. f) DSGVO in conjunction with. § Section 25 (2) sentence 2 TTDSG. Our legitimate interest lies in the legally secure documentation and verifiability of consents as well as the control of our analysis campaigns on the basis of your consent through the use of specialized processors and the associated technical implementation.

3. possibility of objection, revocation and elimination

The processing of data to provide a CMP solution is mandatory for the operation of the website. There is no possibility for the user to object as long as there is a legal obligation for us to obtain the user’s consent to certain data processing operations.

Use of Koko Analytics

This website uses Koko Analytics, a privacy-friendly analytics plugin to anonymously track visitor numbers and page views. It does not use cookies or external services, so data about our visitors is never shared with third parties. In addition, it does not identify returning users or collect personal data or other information that can be traced back to a specific visitor. As a visitor to our website, you can also easily prevent anonymized tracking by enabling “Do Not Track” in your browser. The provider of Koko Analytics is https://ibericode.com/

Use of Google Tag Manager

1. description and scope of data processing

This website uses Google Tag Manager, a service provided by Google Ireland Limited, Gordon House, 4 Barrow St, Dublin, D04 E5W5, Ireland (hereinafter “Google”). Through this service, website tags can be managed. The Google Tag Manager only implements tags. No cookies are used and no personal data is collected within the tags. The Google Tag Manager triggers tags, which in turn may collect data. The Google Tag Manager does not access this data. If a deactivation has been made at domain or cookie level, it remains in place for all tracking tags, insofar as these are implemented with the Google Tag Manager.

Each time the Google Tag Manager is called up, a direct connection is established between your browser and a Google server (usually to a Google server in the USA). In the process, information about your visit and your IP address is processed on Google’s server. The temporary storage of the IP address by the system is necessary to enable delivery of the functions of the Google Tag Manager.

We have concluded the required data protection agreement with Google for order processing in accordance with Art. 28 DSGVO. According to this agreement, Google undertakes to ensure the necessary protection of your data and to process it exclusively on our behalf in accordance with the applicable data protection regulations. For more information on data processing by Google, please see Google’s privacy policy at https://policies.google.com/privacy?hl=de&gl=de/. In addition, Google is certified according to the Data Privacy Framework. You can find proof of this in the list of US companies that have been voluntarily certified.

2. purpose and legal basis for data processing

The legal basis for the processing of personal data using the Google Tag Manager is, on the basis of your consent in this regard via the cookie settings or our cookie banner, Art. 6 para. 1 lit. a) DSGVO in conjunction with. § 25 para. 1 TTDSG.

3. possibility of objection, revocation and elimination

You can object to the collection, storage and use of information by Google at any time with effect for the future via the following channels:

You can revoke your consent to the collection of your data by Google at any time by deactivating the slider under Cluster “Statistics” in our cookie settings.

However, we would like to point out that in the case of deactivation or opt-out, you may not be able to use all functions of the website to their full extent.

Use of Google Analytics with IP anonymization

1. description and scope of data processing

This website uses Google Analytics, a web analytics service provided by Google Inc, 1600 Amphitheatre Parkway Mountain View, CA 94043, USA (hereinafter “Google”). The use includes the Universal Analytics mode of operation. Via Google Analytics, it is possible to assign data, sessions and interactions across multiple devices to a pseudonymous user ID and thus analyze the activities of a user across devices.

Google Analytics uses so-called cookies, text files that are stored on your computer and enable an analysis of your use of the website. You can view the cookies set in the section “Use of cookies”.

The information generated by the cookies about your use of this website is usually processed to a Google server in the USA. Before this, however, it is anonymized beforehand within the member states of the European Union or in other contracting states of the Agreement on the European Economic Area. For this purpose, we have activated the IP anonymization function. Only in exceptional cases will the full IP address be transmitted to a Google server in the USA and shortened there. The IP address transmitted by your browser as part of Google Analytics will not be merged with other data from Google.

On our behalf, Google will use this information for the purpose of anonymously evaluating your use of the website, compiling reports on website activity and providing other services relating to website activity and internet usage to the website operator.

By default, sessions are terminated after 30 minutes without activity and campaigns after six months. The time limit for campaigns can be a maximum of two years.

For more information on terms of use and privacy, please visit https://www.google.com/analytics/terms/de.html or https://policies.google.com/?hl=de.

You can prevent the storage of cookies by selecting the appropriate settings on your browser software.

You can also prevent the collection of data generated by the cookie and related to your use of the website (including your IP address) to Google and the processing of this data by Google by downloading and installing the browser add-on at https://tools.google.com/dlpage/gaoptout?hl=de.

For more information on terms of use and data protection, please visit http://www.google.com/analytics/terms/de.html or http://www.google.com/intl/de/analytics/privacyoverview.html.

We use the analysis and tracking technologies or third-party technologies of Google Analytics based on your consent via our CMP in accordance with Art. 6 para. 1 lit. a) DSGVO in conjunction with. § Section 25 (1) TTDSG:

For the purpose of monitoring the correct functioning of our website or our offer.
For the purpose of automated content playout.
For the purpose of statistical recording of usage and carrying out data analyses in order to optimize the usability, performance and content of our website.
For the purpose of debugging technical errors.
For the purpose of evaluating control metrics.
You can revoke your consent to data processing by Google Analytics made via our CMP at any time for the future. By changing the Google Analytics slider in the “Statistics” cluster in the CMP, you prevent technical measures from being executed as well as cookies from being set.

Use of Salesforce

We use Salesforce Sales Cloud to manage customer data. This service is provided by salesforce.com Singapore Pte Ltd., 5 Temasek Boulevard, #13-01Suntec Tower 5, Singapore 038985, (“Salesforce”).

Salesforce Sales Cloud is a CRM system and enables us, among other things, to manage existing and potential customers as well as customer contacts and to organize sales and communication processes. Furthermore, the CRM system enables us to analyze relevant customer processes. In this context, the customer data is stored on the servers of Salesforce, with the possibility that data may be transferred from salesforce.com Singapore Pte Ltd to salesforce.com inc, Salesforce Tower, 415 Mission Street, San Francisco, CA94105, USA.

Salesforce Sales Cloud is used internally for the most efficient customer management and communication possible, which results in a legitimate interest on our part pursuant to Art. 6 (1) lit. f DSGVO. Insofar as a corresponding consent has been requested, the processing is carried out exclusively on the basis of Art. 6 (1) lit. a DSGVO, whereby you can revoke your consent at any time.

Salesforce has Binding Corporate Rules (BCR) that have been approved by the French data protection authority. These are binding corporate rules that legitimize corporate data transfers to third countries outside the EU and EEA. Details can be found here: https://www.salesforce.com/de/blog/2020/07/die-binding-corporate-rules-von-salesforce-erfuellen-hoechste-da.html.

For more details, please see Salesforce’s privacy policy: https://www.salesforce.com/de/company/privacy/.

General contact requests

1. description and scope of data processing

On our website, it is possible to contact us via a provided telephone number or e-mail address. In all cases, the transmitted personal data of the user are processed. The scope of the processed personal data as well as which personal date is processed in each individual case may vary depending on the contact. In particular, this includes the following data :

(1) Your first and last name*;

(2) Company name;

(3) Your communication data (e-mail address*, telephone number);

(4) subject*;

(5) resulting correspondence.

*mandatory

Your data or the resulting correspondence will be processed exclusively by us. Beyond that, the data will not be passed on to third parties. The data will be used exclusively for the conversation started by the user to contact you by phone, mail, telephone or e-mail regarding your request.

2. legal basis for data processing

The legal basis for the processing of data transmitted in the course of sending an e-mail or via telephone is Art. 6 para. 1 lit. a) DSGVO in conjunction with. § 25 para. 1 TTDSG. If the contact by the user aims at the conclusion of a contract, the legal basis for the processing is Art. 6 para. 1 lit. b) DSGVO.

3. purpose of data processing

The processing of your personal data voluntarily provided to us by e-mail or telephone, serves us solely to process the contact or to answer your questions about our productions.

4. duration of storage

All contact inquiries are forwarded to the responsible contact person at our company.

The data is deleted as soon as it is no longer required to achieve the purpose for which it was collected. For personal data transmitted by e-mail or by telephone, this is the case when the respective conversation with the user has ended. The conversation shall be deemed to have ended when it is clear from the circumstances that the matter in question has been conclusively clarified.

5. revocation and elimination options

The user has the possibility to revoke his consent to the processing of personal data at any time. If the user contacts us by e-mail, he can object to the storage of his personal data at any time. In such a case, the conversation cannot be continued. The revocation can be made at any time via the contact details. All personal data stored in the course of contacting us will be deleted in this case.

Use of the e-mail newsletter

On our website you have the opportunity to register for a newsletter to receive news, developments and information about the content and topics of our website and new products. Likewise, we use the newsletter to offer you topic-related advertising and content. Individual content in the newsletter is only included if you voluntarily provide us with additional information beyond the mandatory fields.

For statistical purposes, we track whether a newsletter has reached the customer, been opened and clicked on.

If you register for our newsletter, we will only use the information that you voluntarily provide to us for this purpose in the context of the consent granted within the meaning of Art. 6 para. 1 sentence 1 lit. a) DSGVO in conjunction with. § 25 para. 1 TTDSG.

In the context of our newsletter, we use software and in particular the remarketing functions of salesforce inc. or Salesforce Marketing Cloud and the B2B automation service (“Salesforce Marketing Cloud”), Salesforce Tower, 415 Mission Street, San Francisco, CA94105, USA. If you expressly agree to receive our newsletter (double opt-in procedure), cookies are set that help us to track interest in our newsletter.

In addition, when sending the newsletter, Salesforce uses so-called web beacons, which are used in e-mails to give senders a better understanding of how interested parties interact with the newsletter. Web beacons function like cookies, but are not noticeable to the user. However, they record, for example, whether an e-mail has been opened. In this way, they enable us as the sender to increase the relevance and optimize the newsletter, which results in a legitimate interest pursuant to Art. 6 (1) lit. f DSGVO.

Your data will only be processed after your express consent. The data collected in this process will be used exclusively for the provision of our newsletter in accordance with Art. 5 (1) lit. b DSGVO. Should you wish to revoke the consent granted for the storage of your data and its use for sending our newsletter, you can simply unsubscribe via the corresponding link at the end of each newsletter. Alternatively, you can also send your revocation request to the above contact address.

The following data are processed within the scope of the newsletter:

(1) the IP address of the user,

(2) the e-mail address of the user

(3) Optional: title, first and last name and company name.

This information is only collected through your participation and under no circumstances automatically. The data is collected exclusively for the purpose described. Data that is particularly sensitive under data protection law (so-called special categories of data according to Article 9 DSGVO) – such as your state of health, ethnicity, ideology, genetics or intimacy – is not requested by us at any point.

The registration for our e-mail newsletter is carried out in a double opt-in process, i.e. after providing your data, you will receive an e-mail to the e-mail address provided to us with a confirmation link. This confirmation e-mail serves to authorize the receipt of the newsletter by the owner of the specified e-mail address. Only after successful confirmation, the e-mail address will be included in the distribution list. Stored are: Registration data, registration, confirmation, unsubscription time, IP address as well as changes to the stored data. The collection of this data is necessary, among other things, to be able to trace any misuse of the e-mail address of the data subjects and to safeguard the data controller.

Rights of the data subject

If personal data is processed by you, you are a data subject within the meaning of the GDPR and you are entitled to the following rights vis-à-vis the controller or the responsible party:

1. right to information

You may request confirmation from the controller as to whether personal data concerning you are being processed by us. If such processing is taking place, you may request information from the controller about the following:

(1) the purposes for which the personal data are processed;

(2) the categories of personal data which are processed;

(3) the recipients or categories of recipients to whom the personal data concerning you have been or will be disclosed;

(4) the planned duration of the storage of the personal data concerning you or, if concrete information on this is not possible, criteria for determining the storage period;

(5) the existence of a right to rectification or erasure of the personal data concerning you, a right to restriction of processing by the controller or a right to object to such processing;

(6) the existence of a right of appeal to a supervisory authority;

You have the right to request information on whether the personal data concerning you is transferred to a third country or to an international organization. In this context, you may request to be informed about the appropriate safeguards pursuant to Art. 46 DSGVO in connection with the transfer.

To exercise your right to free information, please contact us directly using the contact details in our imprint or contact our data protection officer (see sections I and II).

2. right to rectification

You have a right to rectification and/or completion vis-à-vis the controller if the processed personal data concerning you are inaccurate or incomplete. The controller shall carry out the rectification without undue delay.

3. right to restriction of processing

Under the following conditions, you may request the restriction of the processing of personal data concerning you:

(1) you contest the accuracy of the personal data concerning you for a period enabling the controller to verify the accuracy of the personal data;

(2) the processing is unlawful and you object to the erasure of the personal data and request instead the restriction of the use of the personal data;

(3) the controller no longer needs the personal data for the purposes of the processing, but you need it for the establishment, exercise or defense of legal claims; or

(4) if you have objected to the processing pursuant to Article 21(1) of the GDPR and it is not yet clear whether the controller’s legitimate grounds override your grounds.

If the processing of personal data concerning you has been restricted, such data may – apart from being stored – only be processed with your consent or for the establishment, exercise or defense of legal claims or for the protection of the rights of another natural or legal person or for reasons of important public interest of the Union or a Member State.

If the restriction of processing has been restricted in accordance with the above conditions, you will be informed by the controller before the restriction is lifted.

4. right to erasure

a) Obligation to erasure

You may request the controller to erase the personal data concerning you without undue delay, and the controller is obliged to erase such data without undue delay, if one of the following reasons applies:

(1) The personal data concerning you are no longer necessary for the purposes for which they were collected or otherwise processed.

(2) You revoke your consent on which the processing is based pursuant to Art. 6 Para. 1 lit. a in conjunction with. § Section 25 (1) TTDSG and there is no other legal basis for the processing.

(3) You object to the processing pursuant to Art. 21 (1) DSGVO and there are no overriding legitimate grounds for the processing, or you object to the processing pursuant to Art. 21 (2) DSGVO.

(4) The personal data concerning you have been processed unlawfully.

(5) The erasure of the personal data concerning you is necessary for compliance with a legal obligation under Union or Member State law to which the controller is subject.

(6) The personal data concerning you has been collected in relation to information society services offered pursuant to Article 8(1) DSGVO.

b) Information to third parties

If the controller has made the personal data concerning you public and is obliged to erase it pursuant to Article 17(1) of the GDPR, it shall take reasonable steps, including technical measures, having regard to the available technology and the cost of implementation, to inform data controllers that process the personal data that you, as the data subject, have requested them to erase all links to or copies or replications of such personal data.

c) Exceptions

The right to erasure does not exist to the extent that the processing is necessary

(1) for the exercise of the right to freedom of expression and information;

(2) for compliance with a legal obligation which requires processing under Union or Member State law to which the controller is subject, or for the performance of a task carried out in the public interest or in the exercise of official authority vested in the controller;

(3) for the establishment, exercise or defense of legal claims.

5. right to information

If you have asserted the right to rectification, erasure or restriction of processing against the controller, the controller is obliged to inform all recipients to whom the personal data concerning you have been disclosed of this rectification or erasure of the data or restriction of processing, unless this proves impossible or involves a disproportionate effort.

You have the right against the controller to be informed about these recipients.

6. right to data portability

You have the right to receive the personal data concerning you that you have provided to the controller in a structured, common and machine-readable format. You also have the right to transfer this data to another controller without hindrance from the controller to whom the personal data was provided, provided that.

(1) the processing is based on consent pursuant to Art. 6 para. 1 lit. a DSGVO in conjunction with. § Section 25 (1) TTDSG and

(2) the processing is carried out with the aid of automated procedures.

In exercising this right, you also have the right to have the personal data concerning you transferred directly from one controller to another controller, insofar as this is technically feasible. Freedoms and rights of other persons must not be affected by this.

The right to data portability does not apply to processing of personal data necessary for the performance of a task carried out in the public interest or in the exercise of official authority vested in the controller.

7. right to object

You have the right to object at any time, on grounds relating to your particular situation, to the processing of personal data concerning you which is carried out on the basis of Article 6(1)(e) or (f) DSGVO. This also applies to profiling based on these provisions.

In addition, you have the right to object at any time to the processing of your personal data concerning you for the purposes of direct marketing; this also applies to profiling, insofar as it is associated with such direct marketing.

The controller will no longer process the personal data concerning you unless it can demonstrate compelling legitimate grounds for the processing which override your interests, rights and freedoms, or the processing serves the purpose of asserting, exercising or defending legal claims.

8. right to revoke the declaration of consent under data protection law.

You have the right to revoke your declaration of consent under data protection law at any time. The revocation of consent does not affect the lawfulness of the processing carried out on the basis of the consent until the revocation.

9. right to complain to a supervisory authority

Without prejudice to any other administrative or judicial remedy, you have the right to lodge a complaint with a supervisory authority, in particular in the Member State of your residence, workplace or the place of the alleged infringement, if you consider that the processing of personal data concerning you infringes the GDPR.

The supervisory authority to which the complaint has been lodged will inform the complainant of the status and outcome of the complaint, including the possibility of a judicial remedy under Article 78 GDPR.

The data protection authority responsible for us is the Bavarian State Office for Data Protection Supervision, home address, Promenade 18, 91522 Ansbach, Germany, postal address: P.O. Box 1349, 91504 Ansbach, Germany, further information on the Internet at www.lda.bayern.de.

Automated decision-making and profiling

As a responsible company, we do not carry out profiling or use automated decision-making.

Links to other Internet sites

This privacy statement applies exclusively to our Internet presence. The Internet pages in this presence may contain links to third-party Internet pages as well as social media platforms. Our data protection declaration does not extend to these Internet pages or providers. When you leave the website, it is recommended that you carefully read the privacy policy of each Internet site that collects personal data.

Security

We take the necessary security measures to protect your personal data against unlawful or accidental access or deletion, alteration or loss and against unauthorized disclosure. We encrypt your data during transmission via our website and use so-called SSL (Secure Socket Layer) or TLS (Transport Layer Security) connections. We secure our website and our other systems and personal data by appropriate technical and organizational measures, in particular against loss, destruction, unauthorized access, modification or disclosure to third parties.

Availability and changes

You can view this privacy statement at https://www.inventronics-light.com/privacy-policy. In addition, you can save or print this data protection declaration by using the corresponding functions of your browser.

We reserve the right to change this privacy policy from time to time or to adapt it to legal requirements and therefore ask you to make sure that you are aware of the current privacy policy each time you visit our website.

Version: April 2023