Privacy Policy

No data-processing social media plugins from social networks are used on our website. Our website only contains buttons labeled with the LinkedIn social networks or their logos. The buttons are qualified links to the respective social networks. When you click on the button, you will be redirected to the respective social network via links. In addition, a link to the website you are visiting is sent for the purpose of sharing on the social networks. Personal data of the user is not collected by the buttons or transmitted to the operators of the social networks.

Photonics Precision Engineering uses technical and organizational security measures to protect your personal data collected by us against accidental or intentional manipulation, loss, destruction or against access by unauthorized persons. Our security measures are continuously improved in line with technological developments. We would like to point out that data transmission on the Internet(e.g. when communicating by e-mail) can nevertheless have security gaps. Complete protection of data against access by third parties is not possible.

We host the content of our website with the following provider: Webflow

The provider is Webflow, Inc, 398 11th Street, 2nd Floor, San Francisco, CA 94103, USA (hereinafter referred to as Webflow). When you visit our website, Webflow collects various log files including your IP addresses. Webflow is a tool for creating and hosting websites. Webflow stores cookies or other recognition technologies that are required to display the page, to provide certain website functions and to ensure security (necessary cookies). Details can be found in Webflow's privacy policy: https://webflow.com/legal/eu-privacy-policy.

Webflow is used on the basis of Art. 6 para. 1 lit. f GDPR. We have a legitimate interest in displaying our website as reliably as possible. Insofar as corresponding consent has been requested, the processing is carried out exclusively on the basis of Art. 6 para. 1 lit. a GDPR and § 25 para. 1 TTDSG, insofar as the consent includes the storage of cookies or access to information in the user's terminal device (e.g. device fingerprinting) within the meaning of the TTDSG. Consent can be revoked at any time. Data transfer to the USA is based on the standard contractual clauses of the EU Commission.

Details can be found here: https://webflow.com/legal/eu-privacy-policy

The company is certified in accordance with the "EU-US Data Privacy Framework" (DPF). The DPF is an agreement between the European Union and the USA that guarantees compliance with European data protection standards for data processing in the USA. Every company certified under the DPF undertakes to comply with these data protection standards. Further information on this can be obtained from the provider at https://www.dataprivacyframework.gov/s/participant-search/participantdetail?contact=true&id=a2zt0000000TT9jAAG&status=Active

Order processing (in German: Auftragsverarbeitungsvertrag)

We have concluded a data processing agreement (DPA) for the use of the above-mentioned service. Concluded. This is a contract prescribed by data protection law, which guarantees that it will only process the personal data of our website visitors in accordance with our instructions and in compliance with the GDPR.

Insofar as we obtain the consent of the data subject for the processing of personal data, Art. 6 para. 1 lit. a EU General Data Protection Regulation (GDPR) serves as the legal basis for the processing of personal data.

When processing personal data that is necessary for the performance of a contract to which the data subject is a party, Art. 6 para. 1 lit. b GDPR serves as the legal basis. This also applies to processing operations that are necessary to carry out pre-contractual measures. Insofar as the processing of personal data is necessary to fulfill a legal obligation to which our company is subject, Art. 6 para. 1 lit. c GDPR serves as the legal basis. If the processing is necessary to safeguard a legitimate interest of our company or a third party and if the interests, fundamental rights and freedoms of the data subject do not outweigh the first-mentioned interest, Art. 6 para. 1 lit. f GDPR serves as the legal basis for the processing.

The user's personal data will be deleted or blocked as soon as the purpose of storage no longer applies. Data may also be stored if this has been provided for by the European or national legislator in EU regulations, laws or other provisions to which the controller is subject. The data will also be blocked or deleted if a storage period prescribed by the standards expires, unless there is a need for further storage of the data for the conclusion or fulfillment of a contract.

The user's personal data will be deleted or blocked as soon as the purpose of storage no longer applies. Data may also be stored if this has been provided for by the European or national legislator in EU regulations, laws or other provisions to which the controller is subject. The data will also be blocked or deleted if a storage period prescribed by the standards expires, unless there is a need for further storage of the data for the conclusion or fulfillment of a contract.

2.5.1 Log files

We process the following personal data, so-called log data, on the basis of Art. 6 (1) f) GDPR for the purpose of delivering the website, ensuring its functionality, optimizing the applications and ensuring the security of the websites: IP address of the user, date and time of access, pages/files accessed, protocol and status of access, volume of data transmission, referrer URL, information on the client/browser used.

Log data and its contents are stored for 30 days and then deleted or anonymized if necessary, unless they are required for the clarification or documentation of abusive or illegal use that has become known within the retention period.

2.5.2 Cookies

Our Internet pages use so-called "cookies". Cookies are small data packets and do not cause any damage to your end device. They are stored on your device either temporarily for the duration of a session (session cookies) or permanently (permanent cookies). Session cookies are automatically deleted at the end of your visit. Permanent cookies remain stored on your device until you delete them yourself or they are automatically deleted by your web browser. Cookies may originate from us (first-party cookies) or from third-party companies (so-called third-party cookies). cookies). Third-party cookies enable the integration of certain services from third-party companies third-party companies within websites (e.g. cookies for processing payment services). Cookies have various functions. Many cookies are technically necessary, as certain website functions would not work without them (e.g. the shopping cart function or the display of videos). Other cookies can be used to evaluate user behavior or for advertising purposes. Cookies that are required to carry out the electronic communication process, to provide certain functions that you have requested (e.g. for the shopping cart function) or to optimize the website (e.g. cookies to measure the web audience) (necessary cookies) are stored on the basis of Art. 6 para. 1 lit. f GDPR, unless another legal basis is specified. The website operator has a legitimate interest in the storage of necessary cookies for the technically error-free and optimized provision of its services. If consent to the storage of cookies and comparable recognition technologies has been requested, the processing is carried out exclusively on the basis of this consent (Art. 6 para. 1 lit. a GDPR and § 25 para. 1 TTDSG); the consent can be revoked at any time. You can set your browser so that you are informed about the setting of cookies and allow cookies only in individual cases, exclude the acceptance of cookies for certain cases or in general and activate the automatic deletion of cookies when closing the browser. If cookies are deactivated, the functionality of this website may be restricted. You can find out which cookies and services are used on this website in this privacy policy.

2.5.3 Contact form

If you send us inquiries using the contact form, your details from the enquiry form, including the form, including the contact details you provide there, will be stored by us for the purpose of processing the inquiry and in the event of follow-up questions. We will not pass on this data without your consent.

2.5.4 E-mail contact, telephone, or fax

If you contact us by e-mail, telephone or fax, your inquiry, including all personal data resulting data (name, request) will be stored and processed by us for the purpose of processing your request. We will not pass on this data without your consent. This data is processed based on Art. 6 para. 1 lit. b GDPR if your request is related to the fulfillment of a contract or is necessary for the implementation of pre-contractual measures. In all other cases, the processing is based on our legitimate interest in the effective processing of the inquiries addressed to us (Art. 6 para. 1 lit. f GDPR) or on your consent (Art. 6 para. 1 lit. a GDPR) if this has been requested; consent can be revoked at any time. The data you send to us via contact requests will remain with us until you ask us to delete it, revoke your consent to storage or the purpose for data storage no longer applies (e.g. after your request has been processed). Mandatory statutory provisions - in particular statutory retention periods - remain unaffected.

2.5.5 Newsletter

If you would like to receive the newsletter offered on the website, we require an e-mail address from you as well as information that allows us to verify that you are the owner of the e-mail address provided and that you agree to receive the newsletter. No further data is collected, or only on a voluntary basis. We use this data exclusively for sending the requested information and do not pass it on to third parties. The data entered in the newsletter registration form is processed exclusively on the basis of your consent (Art. 6 para. 1 lit. a GDPR). You can revoke your consent to the storage of the data, the e-mail address and its use for sending the newsletter at any time, for example via the "Unsubscribe" link in the newsletter. The legality of the data processing operations that have already taken place remains unaffected by the revocation.

The data you provide us with for the purpose of subscribing to the newsletter will be stored by us or the newsletter service provider until you unsubscribe from the newsletter and deleted from the newsletter distribution list after you unsubscribe from the newsletter or after the purpose no longer applies. We reserve the right to delete or block e-mail addresses from our newsletter distribution list at our own discretion within the scope of our legitimate interest in accordance with Art. 6 para. 1 lit. f GDPR. Data stored by us for other purposes remains unaffected by this. After you unsubscribe from the newsletter distribution list, your e-mail address will be stored by us or the newsletter service provider newsletter service provider may be stored in a blacklist if this is necessary to prevent future mailings. The data from the blacklist will only be used for this purpose and will not be merged with other data. This serves both your interest and our interest in complying with the legal requirements when sending newsletters (legitimate interest within the meaning of Art. 6 para. 1 lit. f GDPR). Storage in the blacklist is not limited in time. You can object to the storage if your interests outweigh our legitimate interest.

When using third-party services, we always ensure that a valid legal basis for data transfer exists. To ensure the security of your personal data, we have entered into data processing agreements with all third-party providers in accordance with Article 28 of the General Data Protection Regulation (GDPR). For third-party providers located in third countries, we have also executed the standard contract clauses approved by the European Commission.

2.6.1 Usercentrics

For consent management, we utilize the Cookiebot service by Usercentrics. The recipient of your data under Article 13(1)(e) of the GDPR is Usercentrics GmbH. Within the scope of data processing, Photonics Precision Engineering transfers personal data (consent data) to Usercentrics GmbH, Sendlingerstr. 7, 80331 Munich, as a data processor. Consent data includes the following information: date and time of the visit or consent/refusal, device information.

Data processing is carried out for the purpose of compliance with legal obligations (proof of consent under Article 7(1) of the GDPR) and the associated documentation of consents, based on Article 6(1)(c) of the GDPR. Local storage is used for data storage. Consent data is retained for 1 year. The data is stored within the European Union. For more information about the collected data and contact options, please refer to https://usercentrics.com/privacy-policy/

2.6.2 Google Services

Controller of all Google services: Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland. The legal basis for data processing is usually your consent granted under Article 6(1)(a) of the GDPR. In exceptional cases, we rely on our legitimate interest. We have entered into a data processing agreement with Google, including standard contract clauses. For further information on data protection and storage duration with Google, please refer to Google's Privacy Policy:
https://policies.google.com/privacy

2.6.2.1 Google Fonts (Local Hosting)

This page uses Google Fonts provided by Google for a consistent display of fonts. Google Fonts are locally installed, and there is no connection to Google servers. For more information about Google Fonts, please visit https://developers.google.com/fonts/faq and consult Google's Privacy Policy: https://policies.google.com/privacy?hl=en

2.6.2.2 Google reCAPTCHA

We use "Google reCAPTCHA" (hereinafter referred to as "reCAPTCHA") on this website. The provider is Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland. reCAPTCHA is used to determine whether data input on this website (e.g., in a contact form) is being done by a human or an automated program. To do this, reCAPTCHA analyzes the behavior of the website visitor based on various characteristics. This analysis starts automatically as soon as the website visitor enters the website. reCAPTCHA evaluates various pieces of information during the analysis (e.g., IP address, duration of the website visitor's stay on the website, or mouse movements made by the user). The data collected during the analysis is forwarded to Google. The reCAPTCHA analysis runs entirely in the background, and website visitors are not notified that an analysis is taking place. The storage and analysis of data are based on Article 6(1)(f) of the GDPR. The website operator has a legitimate interest in protecting its web offerings from abusive automated data collection and spam. If consent has been requested, processing is carried out solely on the basis of Article 6(1)(a) of the GDPR and § 25(1) of the German Telemedia Act (TTDSG), to the extent that the consent includes the storage of cookies or access to information on the user's device (e.g., Device Fingerprinting) within the meaning of the TTDSG. Consent can be revoked at any time.

For further information on Google reCAPTCHA, please refer to Google's Privacy Policy and Google's Terms of Service at https://policies.google.com/privacy?hl=en and https://policies.google.com/terms?hl=en

The company is certified under the "EU-US Data Privacy Framework" (DPF). The DPF is an agreement between the European Union and the United States that aims to ensure compliance with European data protection standards for data processing in the United States. Every company certified under the DPF commits to adhering to these data protection standards. For more information, please visit https://www.dataprivacyframework.gov/s/participant-search/participantdetail?contact=true&id=a2zt000000001L5AAI&status=Active

2.6.3 Vimeo

This website uses plugins from the video portal Vimeo. The provider is Vimeo Inc., 555 West 18th Street, New York, New York 10011, USA.

When you visit one of our pages that is equipped with a Vimeo video, a connection to Vimeo's servers is established. Vimeo's server is informed about which of our pages you have visited. Vimeo also obtains your IP address. This applies even if you are not logged in to Vimeo or do not have a Vimeo account. The information collected by Vimeo is transmitted to Vimeo's server in the United States. If you are logged into your Vimeo account, you allow Vimeo to directly associate your browsing behavior with your personal profile. You can prevent this by logging out of your Vimeo account.

Vimeo uses cookies or similar recognition technologies (e.g., Device Fingerprinting) for recognizing website visitors. The use of Vimeo is in the interest of presenting our online offerings in an appealing manner. This represents a legitimate interest within the meaning of Article 6(1)(f) of the GDPR. If consent has been requested, processing is carried out solely based on Article 6(1)(a) of the GDPR and § 25(1) of the German Telemedia Act (TTDSG), to the extent that the consent includes the storage of cookies or access to information on the user's device (e.g., Device Fingerprinting) within the meaning of the TTDSG. Consent can be revoked at any time. The data transfer to the USA is based on the standard contractual clauses of the European Commission and, according to Vimeo, on "legitimate business interests." Details can be found here: https://vimeo.com/privacy.

For further information on the handling of user data, please refer to Vimeo's Privacy Policy: vimeo.com/privacy

We use tools from companies located in data protection non-secure third countries and US-based tools whose providers are not certified under the EU-US Data Privacy Framework (DPF). When these tools are active, your personal data may be transferred to and processed in these countries. We would like to point out that in data protection non-secure third countries, a level of data protection comparable to that of the EU cannot be guaranteed. It should be noted that the USA, as a generally safe third country, does provide a level of data protection comparable to that of the EU. Data transfer to the USA is permissible if the recipient holds certification under the "EU-US Data Privacy Framework" (DPF) or possesses suitable additional guarantees. Information regarding transfers to third countries, including data recipients, can be found in this privacy policy.

During our business activities, we collaborate with various external entities. Sometimes, the transfer of personal data to these external entities is necessary. We only disclose personal data to external entities when it is necessary for the fulfillment of a contract, when we are legally obligated to do so (e.g., sharing data with tax authorities), when we have a legitimate interest according to Article 6(1)(f) of the GDPR in the disclosure, or when another legal basis permits data sharing. When using data processors, we disclose personal data of our customers only based on a valid data processing agreement. In the case of joint processing, a joint processing agreement is concluded.

For security reasons and to protect the transmission of confidential content such as orders or inquiries that you send to us as the site operator, this site uses SSL/TLS encryption. You can recognize an encrypted connection by the change of the browser's address bar from "http://" to "https://" and the padlock icon in your browser's address bar. When SSL/TLS encryption is activated, the data you transmit to us cannot be read by third parties.

3.2.1 Contract Initiation and Contract fulfillment

When we are in the process of initiating a contract or fulfilling a contract, the processing of your personal data is based on Article 6(1)(b) of the GDPR. After the contract has been fulfilled, we process the data based on our legitimate interest in protecting ourselves against legal claims or asserting them, in accordance with Article 6(1)(f) of the GDPR.

3.2.2 Advertising

If you wish to receive advertising from us, the processing of your personal data is based on your consent, as granted under Article 6(1)(a) of the GDPR.

Your data will not be processed beyond the described purposes. Typically, your data will be deleted once it is no longer usable for asserting or defending claims, or when we are no longer legally obligated to retain the data (e.g., due to tax regulations).

Within Photonics Precision Engineering, only employees have access to the data. Data will only be shared with recipients outside our company if regulations allow, mandate, or if we are otherwise authorized to do so. Under these circumstances, recipients of personal data may include:

- Contact management systems for better data processing and personalized communication.
- Microsoft Corporation, One Microsoft Way, Redmond, WA 98052-6399, USA ("Microsoft").
- Public authorities and institutions, in cases of legal or regulatory obligations.
- In rare individual cases, support partners for hardware or software maintenance or troubleshooting.

As part of data processing, Microsoft may have access to the above-mentioned data in order to process it. All data traffic is encrypted (MTLS, TLS, or SRTP). According to Microsoft, data is primarily processed within the EU. In cases where data is processed in the USA, an adequate level of data protection outside the EU/EEA is ensured through the EU Standard Contractual Clauses that we have agreed upon with Microsoft.

For more information, please refer to Microsoft's privacy policy, available at:
‍https://privacy.microsoft.com/en-us/privacystatement

The legal basis for data processing after registration by the user is the user's consent, in accordance with Article 6(1)(a) of the GDPR.

The collection of the user's email address is intended to inform or invite the user via email to events. The collection of other personal data during the registration process is intended to prevent misuse of the services or the email address used. We also require this information for the entire invitation management process.

Personal data will be processed until revoked or objected to. To comply with legal requirements, it may be necessary to continue storing your personal data. This may also be necessary for asserting, exercising, or defending legal claims.

The user can terminate event registration at any time without providing reasons. For this purpose, a corresponding link can be found in every mailing.

We only share your personal data with authorized data processors responsible for mailing and event organization. The transfer of your personal data will only be carried out in accordance with applicable data protection regulations. Furthermore, we will not transmit your personal data to other third parties without your consent or legal authorization.

If we process data in third countries (countries outside the EU/EEA) or transmit it to companies in third countries, we will do so only if authorized to do so. If there is no adequacy decision by the Commission pursuant to Article 45 of the GDPR for the respective third country, i.e., if there is no adequate level of data protection in the third country, we will ensure that your privacy and personal data are protected in a manner that is adequate and legally provided for, either through contractual arrangements (EU standard contractual clauses for data protection) or other suitable guarantees within the meaning of Article 46 of the GDPR.