Optical Control
Privacy policy

You can normally use our website without having to provide personal information. As far as is possible, we ensure that the personal data (e.g. name, address or email address) collected on our website can be provided by you on a voluntary basis. This personal data will not be shared with third parties without your prior consent.

Please be advised that the transmission of data over the internet (e.g. communication via email) cannot be entirely secure. It is not possible to protect this data completely from access by third parties.

1. Name and contact details for the responsible authority for processing and the data protection officer
This privacy policy applies to data processing by:

Responsible authority:
optical control GmbH & Co. KG
Im Neuacker 1
D-91367 Weissenohe
Email:  info@optical-control.de
Tel.: +49 9192 9282 600
Fax: +49 9192 9282 30

The data protection officer for optical control GmbH & Co. KG can be contacted as follows:
Mr Markus Stock
Kanzlei Schorr Eggert Stock & Kasanmascheff
Chartered Accountants, Tax Advisers and Lawyers
Rathsberger Strasse 6
D-91054 Erlangen
Email: datenschutz@schorr-partner.de
Tel.: +49 9131 7880 0
Fax: +49 9131 7880 80

2. Collection and storage of personal data and nature and purpose of its use
a) When visiting the website
When accessing our website http://www.optical-control.de, your browser automatically sends information to our website’s server. This information is temporarily saved in a “log file”. The following information is collected and stored without any action on your part until it is automatically deleted:

  • the inquiring computer’s IP address;
  • the date and time of access;
  • the name and URL of the file accessed;
  • website from which you are visiting us (referrer URL); and
  • the browser used and, where appropriate, your computer’s operating system and the name of your access provider.
  • The aforementioned data will be processed by us for the following purposes:
  • to ensure a seamless connection to the website;
  • to ensure you are able to use our website properly;
  • to assess system security and stability;
  • for other administrative purposes.

The legal basis for data processing is Article 6(1)(1)(f) of the GDPR. The aforementioned purposes of data collection provide the basis for our legitimate interests. Under no circumstances do we use collected data to draw conclusions about your person.
We also use cookies and analytics services when you use our website. More information about this is provided later in this privacy policy.

b) When using our contact form
For questions of any kind, we provide you with the option of using a form on our website to contact us. It is necessary to provide a valid email address and your first and last names, including your title, so that we know who the request has come from and can provide a personal answer. You may provide further details voluntarily.
Data processing for the purposes of you contacting us is in accordance with Article 6(1)(1)(a) of the GDPR and based upon you voluntarily granting us permission to do so.
The personal data we collect during the use of the contact form is automatically deleted after your request has been dealt with.

c) When using our support ticket system
We provide you with helpdesk access at https://support.optical-control.com/ via our customer login. It is necessary to register with an email address and name in order to use the osTicket open source support ticket system. You can find details about how osTicket uses your data in osTicket’s data protection notice at https://www.osticket.com.de/datenschutz.php.

3. Transmission of data
There will be no transfer of your personal data to third parties for reasons other than those listed below.
We will only transmit your personal data to third parties if:
you have given your express permission for us to do so, in accordance with Article 6(1)(1)(a) of the GDPR;
the transfer of data is necessary for the establishment, exercise or defence of legal claims in accordance with Article 6(1)(1)(f) of the GDPR, and there is no reason to assume that you have an overriding interest worthy of protection in not disclosing your data;
there is a legal obligation for the transfer of data, in accordance with Article 6(1)(1)(c) of the GDPR;
this is legally permissible and necessary for the settlement of the terms of the contract with you, in accordance with Article 6(1)(1)(b) of the GDPR.

4. Cookies
We use cookies on our website. These are small files that are automatically generated by your browser. They are stored on your end device (laptop, tablet, smartphone, etc.) when you visit our website. Cookies do not cause harm to your end device, and do not contain viruses, Trojans or other malware.
Information relating to the specific end device used is included in the cookie. However, this does not mean we are immediately informed of your identity.
One reason we use cookies is to make the use of our services more convenient for you. This is why we use session cookies so we can tell when you have visited individual pages on our website. These are deleted automatically when you leave the website.
We also use temporary cookies, which are stored on your end device for a limited period to optimise user friendliness. If you visit our website again to use our services, it automatically recognises that you have already visited and which settings and adjustments you have selected, meaning you do not need to do so again.
We also use cookies to gather statistical data on your use of our website and analyse this to optimise our services for you (see Section 5). These cookies enable us to recognise automatically that you have already visited when you return to our website. These cookies are deleted automatically after a defined period.
The data processed using cookies for the aforementioned purposes is necessary for the safeguarding of our legitimate interests and those of third parties in accordance with Article 6(1)(1)(f) of the GDPR.
Most browsers accept cookies automatically. However, you can configure your browser so that no cookies are stored on your computer, or so that you are always notified before new cookies are stored. However, completely deactivating cookies may mean you are unable to use the full functionality of our website.

5. Social media plug-ins
We use social media plug-ins on our website, the legal basis for which is Article 6(1)(1)(f) of the GDPR. We currently use plug-ins from the social networks Xing, Facebook and LinkedIn in order to promote our company via these channels. The underlying advertising purpose should be viewed as legitimate interest in the context of the GDPR. The responsibility for data protection should be assured by their own relevant service providers. Our use of these plug-ins involves the “two-click” method to provide the best possible protection for visitors to our website.
By using this process, each page on www.optical-control.de has inactive buttons that do not transmit data to social networks. However, the user may activate the buttons manually and thereby establish a connection to their preferred social network (= first click). The user can then provide permission in a second step (= second click). The activation of a button during the first step signifies that the user has provided their permission for data to be transmitted to the relevant operator of the social network from this single page and for the selected service.
We have no influence over whether the service providers use this data for analysis.
You can find information on this in the relevant service providers’ privacy policies:
a) XING: The provider of this service is XING AG, Dammtorstrasse 29–32, D-20354 Hamburg, Germany. You can find XING’s privacy policy at https://privacy.xing.com/en/privacy-policy.
b) Facebook: The provider of this service is Facebook Ireland Limited, 4 Grand Canal Square, Dublin 2, Ireland. You can find Facebook’s privacy policy here: https://de-de.facebook.com/policy.php
c) LinkedIn: The provider of this service is LinkedIn Corporation, 2029 Stierlin Court, Mountain View, CA 94043, USA. You can find LinkedIn’s privacy policy at https://www.linkedin.com/legal/privacy-policy.

6. Plug-ins and Tools
a) Google reCAPTCHA
We use “Google reCAPTCHA” (henceforth “reCAPTCHA”) on our website. The provider of this service is Google Inc., 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA (“Google”).
reCAPTCHA is used to check whether data has been entered on our website (e.g. in a contact form) by a person or by an automated program. reCAPTCHA analyses various aspects of the website visitor’s behaviour. This analysis begins automatically as soon as the website user accesses the website. reCAPTCHA analyses various information (e.g. IP address, duration of the website visit by the website visitor, or mouse movements by the user). Data captured during analysis is transmitted to Google.
reCAPTCHA analysis takes place entirely in the background. Website visitors are not informed that analysis is taking place.
The basis for data processing is Article 6(1)(f) of the GDPR. The website operator has a legitimate interest in protecting its website services from improper automated surveillance and SPAM.
You can find more information about Google reCAPTCHA and Google’s privacy policy at the following links: https://policies.google.com/privacy?hl=en&gl=en and https://www.google.com/recaptcha/intro/android.html.

b) Google Maps
This website uses the map service Google Maps via an API. The provider of this service is Google Inc., 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA.
To make use of the functions of Google Maps, it is necessary to save your IP address. This information is usually transmitted to and stored on a Google server in the United States. The provider of this website has no influence on this data transmission.
The use of Google Maps is in the interests of providing an attractive design for our online services and to ease the finding of locations that we indicate on our website. This represents a legitimate interest in accordance with Article 6(1)(f) of the GDPR.
You can find more information about how user data is processed in Google’s privacy policy: https://policies.google.com/privacy?hl=en&gl=en.

c) Google Web Fonts
This website uses Google’s Web Fonts to ensure fonts are rendered uniformly. When accessing a website, your browser downloads the required Web Fonts to your browser cache so that text and fonts are displayed correctly.
For this to happen, your browser must connect to Google’s servers. This means Google is informed that our website was accessed via your IP address. The use of Google Web Fonts is in the interests of providing online services with a unified, attractive design. This represents a legitimate interest in accordance with Article 6(1)(f) of the GDPR.
If your browser does not support Web Fonts, your computer will use a standard font.
For further information on Google Web Fonts, please see https://developers.google.com/fonts/faq and Google’s privacy policy: https://policies.google.com/privacy?hl=en.

7. Rights as a data subject
You have the following rights:
a) Right to confirmation in accordance with Article 15(1) of the GDPR
b) Right to information in accordance with Article 15 of the GDPR
c) Right to rectification in accordance with Article 16 of the GDPR
d) Right to erasure (“right to be forgotten”) in accordance with Article 17 of the GDPR
e) Right to restriction of processing in accordance with Article 18 of the GDPR
f) Right to data portability in accordance with Article 20 of the GDPR
g) Right to object in accordance with Article 21 of the GDPR
h) Automated individual decision-making, including profiling in accordance with Article 22 of the GDPR
i) Right to withdraw declaration of consent in accordance with Article 7(3) of the GDPR
You may contact our data protection officer at any time to enforce the aforementioned rights. Our data protection officer will resolve your request without delay.

8. Right to object
Insofar as your personal data is processed on the basis of legitimate interests in accordance with Article 6(1)(1)(f) of the GDPR, you have the right to object to the processing of your personal data in accordance with Article 21 of the GDPR as long as there are reasons relating to your particular situation, or if your objection is to direct advertising. In the latter case, you have a general right to object, which we will accept without you having to provide details of your particular situation.
If you wish to exercise your right of withdrawal or right to object, an email to info@optical-control.de will suffice.

9. Data security
During your visit to our website, we use the well-established SSL (Secure Socket Layer) process along with the highest level of encryption supported by your browser. This is usually 256-bit encryption. If your browser does not support 256-bit encryption, we use 128-bit v3 technology instead. You can tell if a particular page on our website is being transmitted in encrypted form by the key or lock symbol in your browser’s bottom status bar.
We also use appropriate technical and organisational security measures to protect your data from accidental or deliberate manipulation, partial or complete loss or destruction, or unauthorised access by third parties. We are constantly improving our safety measures in keeping with technological developments.
As of: May 2018