Privacy

Privacy notice

We highly value your confidence in us. Therefore, we respect the data protection regulations and inform you about all the recorded and saved data as well as about your rights.

The legal basis is the EU General Data Protection Regulation (EU-GDPR).

1. Provider and Controller for the purposes of EU General Data Protection Regulation is:

Carl Zeiss MES Solutions GmbH
Postgasse 1
89073 Ulm
Tel.: +49 731 880177 0
Web page: www.guardus-mes.de
E-mail: mes-info@zeiss.com

 

2. Name and Address of the Data Protection Officer

Every affected person can directly contact our corporate data privacy officer if there are questions about how we handle personal data.

Corporate Data Privacy Officer
Carl-Zeiss-Straße 22
73447 Oberkochen
Phone: +49 7364 20-0
E-Mail:
dataprivacy@zeiss.com (please do not send confidential content)

 

3. Collection and Saving of Data When on Our Website

If you access our website at www.guardus-mes.de, the browser which is used on your terminal device automatically submits information to the server of our website. This information is temporarily saved in the so-called server log files. The following information is collected:

  • • Name and URL of the visited website
  • • Referrer URL
  • • Date and time of the page call
  • • IP address
  • • Web browser and the used operation system of your terminal device
  • • Domain name.

The legal basis for data processing is Section 6, paragraph 1 sentence 1 lit. f GDPR. This data does not permit any conclusions to be drawn about your person. Such data is not linked to your personal data. We reserve the right to retroactively check this data if we become aware of clear indications of unlawful use.

The collection of this data is absolutely necessary to ensure the connection set-up of the website as well as the comfortable use, delivery, and representation of the contents of our website. Moreover, we use this data for the evaluation of the system security and stability as well as for statistical purposes, especially for the optimization of the website, technique, and our product range.

 

4. Use of Personal Data and Transfer to Third Parties

‘Personal data’ means any information relating to an identified or identifiable natural person such as name, address, e-mail address, phone number and gender.

We only collect, process, and use your personal data with your consent or if there is another legal basis consistent with the GDPR.

We will use the personal data that you voluntarily provided to us as part of your purchase order or when contacting us, in order to provide you with information, advertising material and invitations to our events with your consent or to subscribe to our newsletter with your corresponding separate consent. Your personal data will not be used for any other purposes. This shall not apply to the use of the data for statistical purposes if the data has been provided to us in an anonymous form.

Any transfer of your personal data to third parties will only be made if there is a legal obligation for disclosure, if this is required to process the order or for the establishment, exercise, or defense of legal claims, provided that this is necessary and that there is no reason to assume that you have an overriding and legitimate interest in the non-disclosure of your personal data. This data is only transferred to third parties on the basis of the GDPR. Some third parties which are necessary to be involved in the purchase order have their locations without the Federal Republic of Germany or they process your personal data abroad. The level of protection in other countries is potentially not as high as in Germany. However, we transfer your personal data only to countries, for which the EU Commission decided that they guarantee an adequate level of data protection, or we take measures to ensure that all the recipients provide an adequate level of data protection by setting standard contractual clauses.

 

5. Duration of Data Retention and Deletion

We only retain your personal data for as long as is necessary for the execution of contracts in order to fulfil our contractual and legal obligations and to defend ourselves against liability claims. The personal data that you disclose to us in order to receive our newsletters, information and advertising material or invitations to our events will be stored until you revoke your consent to this kind of use of personal data. If the storage purpose is no longer applicable, or a statutory retention period expires, the personal data will be blocked or deleted.

 

6. Data Security

Appropriate technical and organizational security precautions ensure the protection of your data against accidental or deliberate manipulation, partial or complete loss, destruction, or access by unauthorized persons. Our security procedures are continuously revised based on new technological developments. However, Internet-based data transmission may have security gaps so that absolute protection may not be guaranteed.

 

7. Cookies

Our website does not use cookies.

 

8. Newsletter and Contact Form

If you subscribed to our newsletter, we will use your e-mail address exclusively to periodically send our newsletter to you. No data will be transferred to third parties. For an effective subscription, we require a valid e-mail address. When subscribing to our newsletter, we will store your IP address as well as the date when you subscribed. We work with the double opt-in process to ensure that the owners of an email address have registered themselves.

You may revoke your consent to the collection of personal data for the purpose of receiving our newsletters at any time by unsubscribing from our newsletter. To declare that you want to unsubscribe, you may use the respective link included in all newsletters or you can communicate your wish to unsubscribe per e-mail to info@guardus.de.

If you have any questions, you can contact us via a contact form on our website. For this, you have to indicate a valid e-mail address so that we know where the question comes from and to be able to process your request or to contact you for possible follow-up questions. Some other personal information is optional. The processing of data for the purpose of contacting us is made with your voluntary consent pursuant to Section 6 paragraph 1 sentence 1 lit. a GDPR. This data will be deleted as soon as your request has been fulfilled.

 

9. Rights of the Data Subject

If you want to exercise any of your rights as set out below, you may at any time contact our data protection officer or any other employee of ours.

9.1 Right to access (Art. 15 GDPR)

You are entitled, free of charge, to receive from us information as to your personal data which has been stored by us as well as a copy of this information. Moreover, you are entitled to receive information on the purposes of processing, the categories of personal data concerned, the recipients or categories of recipients to whom the personal data have been or will be disclosed, in particular recipients in third countries or international organizations, where possible, the envisaged period for which the personal data will be stored, or, if not possible, the criteria used to determine that period, the existence of the right to request from the controller rectification or erasure of personal data or restriction of processing of your personal data or to object to such processing, the right to lodge a complaint with a supervisory authority where the personal data are not collected from the data subject, any available information as to their source, the existence of automated decision-making, including profiling and, at least in those cases, meaningful information about the logic involved, as well as the significance and the envisaged consequences of such processing for the data subject. Moreover, you are entitled to receive information as to whether personal data are transferred to a third country or to an international organization. In such a case, you will have the right to be informed of the appropriate safeguards relating to the transfer.

9.2 Right to rectification (Art. 16 GDPR)

You are entitled to obtain from the controller without undue delay the rectification of inaccurate personal data. Considering the purposes of the processing, you shall have the right to have incomplete personal data completed.

9.3 Right to erasure (right to be forgotten) (Art. 17 and 19 GDPR)

You are entitled to obtain from us the erasure of personal data concerning you without undue delay if one of the following grounds applies and unless the processing is necessary for exercising the right of freedom of expression and information, for compliance with a legal obligation or for the performance of a task carried out in the public interest or for the establishment, exercise, or defense of legal claims.

  • • the personal data are no longer necessary in relation to the purposes for which they were collected or otherwise processed.
  • • you withdraw your consent on which the processing is based according to point (a) of Art. 6 (1), or point (a) of Art. 9 (2), GDPR and where there is no other legal ground for the processing.
  • • you object to the processing pursuant to Art. 21 (1) GDPR and there are no overriding legitimate grounds for the processing, or you object to the processing pursuant to Art. 21 (2) GDPR.
  • • the personal data have been unlawfully processed.
  • • the personal data have to be erased for compliance with a legal obligation in Union or Member State law to which the controller is subject.
  • • the personal data have been collected in relation to the offer of information society services referred to in Art. 8 (1) GDPR.

If we have made the personal data public and we are obliged pursuant to Art. 17 (1) GDPR to erase the personal data, taking account of available technology and the cost of implementation, we shall take reasonable steps, including technical measures, to inform controllers who are processing the disclosed personal data that you have requested the erasure of this data unless the processing is necessary. Our data protection officer or any other employee of ours will take the necessary steps for that.

9.4 Right to the restriction of processing (Art. 18 GDPR)

You are entitled to obtain the restriction of processing if the accuracy of the personal data is contested by you, the processing is unlawful, but you oppose the erasure of the personal data, we no longer need the personal data for the purposes of the processing but they are required by you for the establishment, exercise or defense of legal claims, or you have objected to processing pursuant to Art. 21(1) GDPR.

9.5 Right to data portability (Art. 20 GDPR)

You are entitled to receive the personal data concerning you, which you have provided to us, in a structured, commonly used, and machine-readable format and to transmit those data to another controller, where technically feasible and unless this right shall adversely affect the rights and freedoms of others.

9.6 Right to object (Art. 21 GDPR)

You are entitled to object, on grounds relating to your particular situation, at any time to the processing of your personal data, including profiling based on these provisions. We shall no longer process the personal data unless we can demonstrate compelling legitimate grounds for the processing which override your interests, rights, and freedoms or for the establishment, exercise, or defense of legal claims. Where personal data are processed for direct marketing purposes, you shall have the right to object at any time to the processing of your personal data for such marketing, which includes profiling to the extent that it is related to such direct marketing. If you object to the processing for direct marketing purposes, the personal data shall no longer be processed for such purposes. Where personal data are processed for scientific or historical research purposes or statistical purposes pursuant to Article 89(1) GDPR, you will be entitled, on grounds relating to his or her particular situation, to object to the processing of your personal data, unless the processing is necessary for the performance of a task carried out for reasons of public interest.

9.7 Automated individual decision-making, including profiling (Art. 22 GDPR)

You are entitled not to be subject to a decision based solely on automated processing, including profiling, which produces legal effects concerning you or similarly significantly affects you. This shall not apply if the decision (i) is necessary for entering into, or performance of, a contract between us or (ii) is authorized by Union or Member State law to which we are subject, and which also lays down suitable measures to safeguard your rights and freedoms and legitimate interests; or (iii) is based on your explicit consent.

If the decision is either necessary for entering into, or the performance of, a contract between us or it is based on your explicit consent, we shall implement suitable measures to safeguard your rights and freedoms and legitimate interests, at least the right to obtain human intervention on the part of the controller, to express their point of view and to contest the decision.

9.8 Right to withdraw your consent relating to data protection (Art. 7 (3) GDPR)

You are entitled to withdraw your given consent at any time. The consequence of this withdrawal is that we no longer process your personal data based on this consent.

9.9 Right to lodge a complaint with a supervisory authority (Art. 77 GDPR)

You are entitled to lodge a complaint with a supervisory authority, in particular in your habitual place of residence or place of work or our registered office.

  

10. Validity and changes of the Privacy Notice

This privacy notice is currently valid and was last updated in December 2022. Because of the further development of our website and our services or the modifications of the legal provisions, we reserve the right to change this privacy notice at any time. The currently valid privacy notice can at any time be accessed on our website at https://www.guardus-mes.de/datenschutz/.