The controller within the meaning of the General data Protection Regulation (GDPR) and other national data protection laws of the member states and other data protection regulations is:
SCHWIND eye-tech-solutions GmbH
Telefon: +49 (0) 6027 508 0
The data protection officer of the controller is:
You can contact the data protection officer of the controller at:
Data protection officer
SCHWIND eye-tech-solutions GmbH
Telephone: +49 (0) 6027 508 249
We generally only process the personal data of our users insofar as necessary for the provision of a functioning website as well as our contents and services. The personal data of our users is routinely only processed with the user’s consent. Situations where it is genuinely impossible to obtain consent prior to processing the data and such processing is permitted by law form an exception to this rule.
In the event of us obtaining consent from the data subject for the processing of personal data, Art. 6 (1) lit. a GDPR serves as the legal basis. Art. 6 (1) lit. b GDPR serves as the legal basis for the processing of personal data which is required for the fulfilment of a contract to which the data subject is a contracting party. This also applies to processing activities required for the performance of pre-contractual measures. Art. 6 (1) lit. c GDPR serves as the legal basis for the processing of personal data which is required for the fulfilment of a legal obligation to which our company is subject. Art. 6 (1) lit. d GDPR serves as the legal basis in the event of vital interests of the data subject or another natural person making it necessary to process personal data.
If data needs to be processed to maintain a legitimate interest of our company or third party and this interest is not outweighed by the interests, basic rights and basic freedoms of the data subject, Art. 6 (1) lit. f GDPR serves as the legal basis for the processing.
The personal data of the data subject is erased or blocked as soon as the purpose for its storage ceases to exist. The data may be stored for longer periods if stipulated by European or national legislation in EU regulations and directives, laws or other regulations to which the controller is subject. The data is also blocked or erased upon expiry of a storage period stipulated in one of the above standards, unless the storage of the data remains necessary for the conclusion or fulfilment of a contract.
Each time our website is accessed, our system automatically collects data and information from the accessing computer system.
The following data is collected in this case:
The data is also stored in the log files of our system. This does not apply to the user’s IP address or other data that makes it possible to allocate the data to one specific user. This data is not stored together with other personal user data.
Art. 6 (1) lit.f GDPR is the legal basis for the temporary storage of data.
The temporary storage of the IP address by the system is necessary to make it possible to transmit the website to the user’s computer. The user’s IP address has to be stored for the duration of the session for this purpose.
These purposes also constitute our legitimate interest in processing of the data in accordance with Art. 6 (1) lit. f GDPR.
The data is erased as soon as it is no longer required for fulfilling the purpose for which it was collected. If the data is collected for the provision of the website, this is the case once each session has ended.
The collection of the data is crucial for the provision of the website and the storage of the data in log files for the operation of the website. The user therefore does not have any option to object.
You can largely decide which technologies we may employ. Some of them are technically necessary to ensure that our website functions properly. Others will only be used by us with your consent. Click here to read all the necessary information:
You can change the settings at any time there, e.g. withdraw your consent with future effect.
You can subscribe to a free of charge newsletter on our website. When you subscribe to the newsletter, the data from the input mask is transferred to us:
The following additional data is collected during the subscription process:
The data is not transferred to third parties in connection with the processing of the data for the sending of newsletters. The data is used exclusively for sending the newsletters.
Art. 6 (1) lit. a GDPR is the legal basis for the processing of the data upon the user subscribing to the newsletter if the user has given consent.
The user’s email address is collected in order to send the newsletter.
The other personal data is collected during the subscription process in order to prevent misuse of the services or email address used.
The data is erased as soon as it is no longer required for fulfilling the purpose for which it was collected. The user’s email address is therefore stored for as long as the user subscribes to the newsletter.
The other personal data collected during the subscription process is generally erased after seven days.
The affected user can unsubscribe from the newsletter at any time. An unsubscribe link is included in every newsletter.
This also makes it possible to withdraw consent to the storage of the personal data collected during the subscription process.
Users can register on our website. To do so, they need to provide personal data. The data is entered in an input mask, transferred to us and stored during this process. The data is not transferred to third parties. The following data is collected during the registration process:
The following data is also collected when registering:
Consent to the processing of this data is obtained from the user during the registration process.
Art. 6 (1) lit. a GDPR is the legal basis for the processing of the data if the user has given consent.
The user has to register for accessing certain contents and services on our website. The contents of the SCHWIND portal are aimed exclusively at our SCHWIND users and sales partners.
The data is erased as soon as it is no longer required for fulfilling the purpose for which it was collected.
This is the case for the data collected during the registration process if the registration is withdrawn or amended on our website.
As a user, you can cancel your registration at any time. You can request for your personal data stored to be modified at any time.
You can manage your data yourself within the portal in the "My Account" area. If you wish to delete your account, please inform us by e-mail.
Our website contains a contact form that can be used for making contact via this electronic medium. If a user uses this option, the data entered in the input mask is transferred to, and stored by, us. This data comprises:
The following data is also collected when sending the message:
Alternatively, you can contact us using the email address provided. In this case, the user’s personal data transmitted in the email is stored.
The data is not transferred to third parties in this case. The data is used exclusively for processing the conversation.
Art. 6 (1) lit. a GDPR is the legal basis for the processing of the data if the user has given consent.
Art. 6 (1) lit. f GDPR is the legal basis for the processing of the data which is transferred during email transmission. If contact is made via email in order to conclude a contract, the additional legal basis for the processing is Art. 6 (1) lit. b GDPR.
The personal data entered in the input mask is processed exclusively for processing the contact. If contact is made via email, this also constitutes the required legitimate interest in processing the data.
The other personal data processed during the message sending process serves to prevent misuse of the contact form and ensure the security of our IT systems.
The data is erased as soon as it is no longer required for fulfilling the purpose for which it was collected. For the personal data from the input mask of the contact form and the personal data sent via email, this is the case when the respective conversation with the user has been concluded. The conversation has been concluded when the circumstances show that the matter in question has been clarified in full and final.
The additional personal data collected during the message sending process is erased no later than after seven days.
The user may withdraw their consent to the processing of the personal data at any time. If the user contacts us via email, the user may object to the storage of their personal data at any time. In this case, the conversation cannot be continued.
Please inform us in writing, by post or e-mail if you wish to object to the storage of your personal data.
All personal data stored during the contacting process is deleted in this case.
You can search for sales partners for our products on our website. When using the sales partner search, we as the manufacturer receive a copy of your inquiry to the sales partner, so that we can support the sales partner in finding the best technical solution for you in a timely manner. The legal basis for the storage of data is Art. 6 para. 1 lit. f GDPR. We have a legitimate interest in the storage of data for the optimized provision of our services, in particular in the storage of data for the optimized provision of our services, especially in the configuration and planning of our products and the recording of market demand trends. . If we conclude a contract with a manufacturer's guarantee, the additional legal basis is Art. 6 para. 1 lit. b GDPR.
The data is transmitted to the selected sales partner. The legal basis for this is Art.6 para. 1 lit. b GDPR, as the search for distribution partners is aimed at the conclusion of a contract.
If the distribution partner is in a non-secure third country, the data will be transferred with the consent of the applicant pursuant to Art. 49 para. 1 lit. a GDPR after the applicant has been informed about the risks of data transfer due to the lack of comparable data protection levels in the recipient country and the lack of guarantees for data security by the data transfer authorities involved. Furthermore, when searching for a distribution partner in a non-safe third country, the transfer is necessary for the fulfilment of the search request, so that Art. 49 para. 1 lit. b GDPR also serves as the legal basis.
The data of the inquirer will be deleted as soon as the inquiry of the user has been finally clarified, without the conclusion of a contract with the user. If a manufacturer's warranty contract is concluded, the data will be deleted when the data is no longer required for the execution of the contract. Mandatory statutory provisions - in particular retention periods within the framework of possible business correspondence or for tax reasons - remain unaffected by this.
On our website we offer the free download of product and advertising brochures for our laser systems. For this purpose, we collect the cash on delivery, the email address and the country of the interested party in a form before the download. The offer is directed exclusively at commercial customers for the purpose of initiating a contractual relationship as well as for advertising information of our products. After entering the data, the interested party receives a download link by email, with which he can then download the documents.
The legal basis of data processing in the initiation of a contractual relationship is Art. 6 para. 1 lit. b GDPR. For general advertising purposes, Art. 6 para. 1 lit. f GDPR is the legal basis. Our legitimate interest results from the security of preventing misuse of our advertising material and enabling the download of brochures in the applicable language.
We store and use the data for advertising purposes until we receive an objection. If data is stored for contract fulfilment or contract initiation, it is deleted when the data is no longer required for these purposes. The statutory retention periods remain unaffected by this.
Within the scope of the physician inquiry, direct communication with the requested physician takes place via your email program after your selection of the responsible physician. To do this, select the country or place where you are looking for a doctor. Another filter criterion is the specific treatment method. After selection, we will communicate directly without receiving any personal data as part of your communication with the selected physician.
Click here to read all the necessary information on web analysis:
You can modify the settings at any time there, e.g. you can withdraw your consent with future effect and/or object to the use of the web analysis tool by deactivating it.
If you have given your consent, this website uses Google Analytics 4, a web analytics service provided by Google LLC. The responsible party for users in the EU/EEA and Switzerland is Google Ireland Limited, Google Building Gordon House, 4 Barrow St, Dublin, D04 E5W5, Ireland ("Google").
Google Analytics 4 has IP address anonymization enabled by default. Due to IP anonymization, your IP address will be shortened by Google within member states of the European Union or in other states party to the Agreement on the European Economic Area. Only in exceptional cases will the full IP address be transferred to a Google server in the USA and shortened there. According to Google, the IP address transmitted by your browser as part of Google Analytics will not be merged with other Google data.
During your website visit, your user behavior is recorded in the form of "events". Events can be:
Purposes of processing
On behalf of the operator of this website, Google will use this information to evaluate your [pseudonymous] use of the website and to compile reports on website activity. The reports provided by Google Analytics serve to analyse the performance of our website and the success of our marketing campaigns.
Recipients of the data are/may be:
It cannot be ruled out that US authorities may access the data stored by Google.
Third country transfer
Insofar as data is processed outside the EU/EEA and there is no level of data protection corresponding to the European standard, we have concluded EU standard contractual clauses with the service provider to establish an appropriate level of data protection. The parent company of Google Ireland, Google LLC, is based in California, USA. A transfer of data to the USA and access by US authorities to the data stored by Google cannot be ruled out. The USA is currently considered a third country from a data protection perspective. You do not have the same rights there as within the EU/EEA. You may not be entitled to any legal remedies against access by authorities.
Duration of storage
The data sent by us and linked to cookies are automatically deleted after 2 [OR: 14] months. The deletion of data whose retention period has been reached occurs automatically once a month.
The legal basis for this data processing is your consent pursuant to Art.6 para.1 p.1 lit. a GDPR.
You can revoke your consent at any time with effect for the future by accessing the cookie settings [LINK TO CONSENT TOOL SETTINGS HERE] and changing your selection there. The lawfulness of the processing carried out on the basis of the consent until the revocation remains unaffected.
You can also prevent the storage of cookies from the outset by setting your browser software accordingly. However, if you configure your browser to reject all cookies, this may result in a restriction of functionalities on this and other websites. In addition, you can prevent the collection of data generated by the cookie and related to your use of the website (including your IP address) to Google and the processing of this data by Google, by
a. not giving your consent to the setting of the cookie or
b. downloading and installing the browser add-on to disable Google Analytics HEREhttps://marketingplatform.google.com/about/analytics/terms/en/.
If your personal data is being processed, you are the data subject within the meaning of the GDPR and you have the following rights against the controller:
You can request confirmation from the controller if your personal data is being processed by us.
If such processing is taking place, you can request the following information from the controller:
You have the right to request information if your personal data is transferred to a third country or international organisation. In this context, you may request to be informed about the suitable guarantees in accordance with Art. 46 GDPR in connection with the transfer.
This right to information may be restricted insofar as it would be likely to prevent the implementation of research and statistical purposes, or if it would significantly impair the latter, and the restriction is necessary for fulfilling the research or statistical purposes.
You have the right to rectification and/or completion against the controller if your personal data that is being processed is incorrect or incomplete. The controller must rectify the data immediately.
This right to rectification may be restricted insofar as it would be likely to prevent the implementation of research and statistical purposes, or if it would significantly impair the latter, and the restriction is necessary for fulfilling the research or statistical purposes.
You may request for the processing of your personal data to be restricted in the following circumstances:
If the processing of your personal data has been restricted, this data may, with the exception of its storage, only be processed with your consent or for the assertion, enforcement or defence of legal claims or for the protection of the rights of another natural person or legal entity or for reasons of important public interests of the European Union or one of its member states.
If the restriction of the processing has been restricted according to the above conditions, you will be informed by the controller before rescinding the restriction.
Your right to restriction of processing may be restricted insofar as it would be likely to prevent the implementation of research and statistical purposes, or if it would significantly impair the latter, and the restriction is necessary for fulfilling the research or statistical purposes.
You may request for the controller to erase your personal data immediately. In this case, the controller must erase this data immediately if one of the following reasons applies:
If the controller has published your personal data and is obliged to erase it in accordance with Art. 17 (1) GDPR, the controller shall, whilst taking into consideration the available technology and implementation costs, take reasonable measures, including technical measures, to inform all persons responsible for the processing of the personal data of the fact that you, the data subject, have requested the erasure of all links to, or all copies or duplicates of, this personal data.
The right to erasure does not exist if the processing is required
If you have asserted your right to rectification, erasure or restriction of processing against the controller, the latter must inform all recipients to which your personal data has been disclosed of the rectification or erasure of this data or restriction of its processing, unless this proves to be impossible or would incur unreasonable expenses.
You have the right against the controller to be informed about these recipients.
You have the right to be given your personal data that you provided to the controller in a structured, standard and machine-readable format. You further have the right to transfer this data to another controller without the controller who was entrusted with the personal data attempting to stop you, if
When executing this right, you further have the right to effect that your personal data is transferred directly from one controller to another, insofar as this is technically possible. This must not impair the freedoms and rights of other persons.
The right to data portability does not apply to the processing of personal data required for the fulfilment of a task that is in the interest of the public or a task that is performed in execution of public powers that have been transferred to the controller.
You have the right to object at any time against the processing of your personal data in accordance with Art. 6 (1) lit. e or f GDPR for reasons arising from your particular situation. This also applies to any profiling based on these provisions.
The controller shall no loner process your personal data, unless the controller can provide evidence of mandatory, protectable reasons for the processing which outweigh your interests, rights and freedoms, or the processing serves the assertion, enforcement or defence of legal claims.
If your personal data is processed for direct advertising purposes, you have the right to object to the processing of your personal data for the purpose of such advertising at any time. This also applies to any profiling linked to such direct advertising.
If you object to the processing for direct advertising purposes, your personal data will no longer be processed for such purposes.
You may exercise your right to object using automated processes which use technical specifications in connection with the use of services of the information provider, regardless of Directive 2002/58/EC.
You further have the right to object to the processing of your personal data for scientific or historical research purposes or statistical purposes in accordance with Art. 89 (1) GDPR for reasons arising from your specific situation.
Your right to object may be restricted insofar as it would be likely to prevent the implementation of research and statistical purposes, or if it would significantly impair the latter, and the restriction is necessary for fulfilling the research or statistical purposes.
You have the right to withdraw your consent in accordance with data protection law at any time. The withdrawal of your consent shall not affect the legitimacy of the processing based on the consent given until the time of withdrawal.
You have the right not to be subjected to a decision solely based on automated processing, including profiling, which has a legal effect against you or has other similar severe consequences for you. This does not apply if the decision
However, such decisions must not be based on specific categories of personal data in accordance with Art. 9 (1) GDPR, unless Art. 9 (2) lit. a or g GDPR apply and reasonable measures for the protection of rights and freedoms as well as your legitimate interests have been implemented.
With regard to the cases mentioned in paragraphs (1) and (3), the controller shall implement reasonable measures to maintain the rights and freedoms as well as your legitimate interests, which includes, at a minimum, the right to effect intervention by a person of the controller, the right to state your own opinion, and the right to appeal against the decision.
Notwithstanding any other legal remedy under administrative law or before a court, you have the right to complain to a supervisory authority, particularly in the member states of your domicile, place of work or place of alleged violation if you are of the opinion that the processing of your personal data violates the GDPR.
The supervisory authority where you submit your complaint will inform the complainant about the status and results of the complaint, including the option of legal remedy before a court in accordance with Art. 78 GDPR.
We maintain publicly available profiles in social networks. The individual social networks we use can be found below.
Social networks such as Facebook, Twitter etc. can generally analyze your user behavior comprehensively if you visit their website or a website with integrated social media content (e.g. like buttons or banner ads). When you visit our social media pages, numerous data protection-relevant processing operations are triggered. In detail:
If you are logged in to your social media account and visit our social media page, the operator of the social media portal can assign this visit to your user account. Under certain circumstances, your personal data may also be recorded if you are not logged in or do not have an account with the respective social media portal. In this case, this data is collected, for example, via cookies stored on your device or by recording your IP address.
Using the data collected in this way, the operators of the social media portals can create user profiles in which their preferences and interests are stored. This way you can see interest-based advertising inside and outside of your social media presence. If you have an account with the social network, interest-based advertising can be displayed on any device you are logged in to or have logged in to.
Our social media appearances should ensure the widest possible presence on the Internet. This is a legitimate interest within the meaning of Art. 6 (1) lit. f GDPR. The analysis processes initiated by the social networks may be based on divergent legal bases to be specified by the operators of the social networks (e.g. consent within the meaning of Art. 6 (1) (a) GDPR).
If you visit one of our social media sites (e.g., Facebook), we, together with the operator of the social media platform, are responsible for the data processing operations triggered during this visit. You can in principle protect your rights (information, correction, deletion, limitation of processing, data portability and complaint) vis-à-vis us as well as vis-à-vis the operator of the respective social media portal (e.g. Facebook).
Please note that despite the shared responsibility with the social media portal operators, we do not have full influence on the data processing operations of the social media portals. Our options are determined by the company policy of the respective provider.
The data collected directly from us via the social media presence will be deleted from our systems as soon as you ask us to delete it, you revoke your consent to the storage or the purpose for the data storage lapses. Stored cookies remain on your device until you delete them. Mandatory statutory provisions - in particular, retention periods - remain unaffected.
We have a profile on Facebook. The provider of this service is Facebook Ireland Limited, 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland. According to Facebook’s statement the collected data will also be transferred to the USA and to other third-party countries.
We have signed an agreement with Facebook on shared responsibility for the processing of data (Controller Addendum). This agreement determines which data processing operations we or Facebook are responsible for when you visit our Facebook Fanpage. This agreement can be viewed at the following link: https://www.facebook.com/legal/terms/page_controller_addendum.
You can customize your advertising settings independently in your user account. Click on the following link and log in: https://www.facebook.com/settings?tab=ads.
Data transmission to the US is based on the Standard Contractual Clauses (SCC) of the European Commission. Details can be found here: https://www.facebook.com/legal/EU_data_transfer_addendum and https://de-de.facebook.com/help/566994660333381.
We use the short message service Twitter. The provider is Twitter International Company, One Cumberland Place, Fenian Street, Dublin 2, D02 AX07, Ireland.
You can customize your Twitter privacy settings in your user account. Click on the following link and log in: https://twitter.com/personalization.
Data transmission to the US is based on the Standard Contractual Clauses (SCC) of the European Commission. Details can be found here: https://gdpr.twitter.com/en/controller-to-controller-transfers.html.
We have a profile on Instagram. The provider is Instagram Inc., 1601 Willow Road, Menlo Park, CA, 94025, USA.
Data transmission to the US is based on the Standard Contractual Clauses (SCC) of the European Commission. Details can be found here: https://www.facebook.com/legal/EU_data_transfer_addendum, https://help.instagram.com/519522125107875 and https://de-de.facebook.com/help/566994660333381.
We have a LinkedIn profile. The provider is the LinkedIn Ireland Unlimited Company, Wilton Plaza, Wilton Place, Dublin 2, Ireland. LinkedIn uses advertising cookies.
If you want to disable LinkedIn advertising cookies, please use the following link: https://www.linkedin.com/psettings/guest-controls/retargeting-opt-out.
Data transmission to the US is based on the Standard Contractual Clauses (SCC) of the European Commission. Details can be found here: https://www.linkedin.com/legal/l/dpa und https://www.linkedin.com/legal/l/eu-sccs.