Menu
SprintRay Privacy and Data Protection Declaration
Effective July 28, 2022
We are SprintRay a company registered in Ireland (CRO: 689744) with a registered address at Regus Harcourt Centre, Harcourt Road, Dublin 2 and at Brunnenweg 11 DE-64331 Weiterstadt (“SprintRay”, “us“, “we“, or “our“).
At SprintRay we are committed to protecting and respecting your privacy. This Privacy Statement is addressed to our Customers (the “Customers” and each a “Customer”) who use our services (the “Services”), and to any Patients (“Patients”) of our Customers using our Services.
This Privacy Statement will let you know how we look after the personal data which we collect from you in connection with the use of our Services. This Privacy Statement also tells you about your privacy rights and how the law protects you.
It is important that you read this Privacy Statement together with any other privacy statement or fair processing policy that we may provide on specific occasions when we are processing personal data about you so that you are fully aware of how and why we are using your data. This Privacy Statement supplements other notices and privacy policies and is not intended to override them.
This Privacy Statement also informs you as to our obligations and your rights under data protection law.
1. Who is responsible for your personal data?
For the purposes of the EU General Data Protection Regulation (EU Regulation 679/2016) (the “GDPR”), the Customer is the data controller with regard to the personal data described in this Privacy Statement.
“Data controllers” are the people who or organisations which determine the purposes for which, and the manner in which, any personal data is processed, who/which make independent decisions in relation to the personal data and/or who/which otherwise control that personal data.
In particular, we have appointed a Data Protection Team within SprintRay to monitor compliance with our data protection obligations and with this Privacy Statement and related policies. See Section 11 below for the contact details for our Data Protection Team.
2. What Data do we collect when you visit our website?
When using our website for informational purposes, in circumstances when you do not register or otherwise provide us with information, we only collect data that your browser transmits to our server (so-called “server log files”). When you visit our website, we collect the following data that is technically necessary for us to display the website to you:
- Our visited website
- Date and time of the moment of access
- Amount of data sent in bytes
- Source/reference from which you came to the page
- Browser used
- Operating system used
- IP address used (if applicable and in anonymized form)
3. What data do we collect when you contact us?
When you contact us via the contact us form or email, personal data is collected. The data collected in the case of a contact form can be seen from the respective contact form. The data is stored and is used exclusively for the purpose of responding to your request or for establishing contact and for the associated technical administration. The legal basis for the processing of data is our legitimate interest in your request in accordance with Art. 6 (1) of the GDPR. Your data will be deleted after final processing of your enquiry if it can be inferred from the circumstances that the facts in question have been finally clarified, provided there are no legal storage obligations to the contrary.
4. What personal data do we collect when you register at the portal or forum?
Note: The legal basis for the below can be found in Article 6 (1) of GDPR.
You can register on our website or portal by entering your personal data. The personal data processed for registration is determined by the input mask used for registration. Our website uses a double opt-in procedure for registration, meaning that your registration is not complete until you have previously confirmed your registration via a confirmation email sent to you for this purpose by clicking the link therein. If you do not receive a confirmation within 24 hours, your registration will automatically be deleted from our database. You are obligated to provide the aforementioned data; all further information can be provided voluntarily using our portal.
If you are using our portal, we store your data necessary for the fulfilment of the contract as well as, if necessary, information on the method of payment, until you finally delete your access. Furthermore, we store the data provided voluntarily by you for the duration of your use of the portal, unless you delete it beforehand. You can manage and change all information in the protected customer area.
In addition, we store all content published by you, such as public contributions, bulletin board entries, and guestbook entries to operate the website. We have a legitimate interest in providing the website and complete user-generated content. If you delete your account, your public statements, especially in the forum, will remain visible to all readers. However, your account is no longer accessible and all other data will be deleted.
“Personal data” means any information relating to an identified or identifiable natural person. Personal data can be factual (for example, a name, address or date of birth) or it can be an opinion about that person, their actions and/or behaviour.
“Special categories of personal data” of particularly sensitive personal data require higher levels of protection. These special categories regroup personal data revealing racial or ethnic origin, political opinions, religious or philosophical beliefs, or trade union membership, and the processing of genetic data, biometric data for the purpose of uniquely identifying a natural person, data concerning health or data concerning a natural person’s sex life or sexual orientation.
When our Customers register and use our Services, we will collect the following personal data:
a) Customer data which include the following (the “Customer Data”):
- Customer dental practice name
- Customer email address
- Customer phone number
- Billing data
b) Patient data which include the following (the “Patient Data”):
- Patient name
- Patient identifier (ID assigned by the Customer, or randomly generated ID)
- Patient scans
- Treatment type requested
- Treatment plan and process
- Gender
- Age Range
5. How do we collect your personal data?
We collect personal data from the Customer. When using our Services the Customer can upload personal data to the SprintRay Dashboard which is a functionality of our Services.
6. How do we use your personal data and what is our legal basis?
We will only use your personal data when the law allows us to. Most commonly, we will use your personal data in the following circumstances:
- Where we need to perform the contract we are about to enter into or have entered into with a Customer.
- Where it is necessary for our legitimate interests (or those of a third party) and your interests and fundamental rights do not override those interests.
- Where we need to comply with a legal obligation.
Purposes for which we use your personal data
We have set out below, in a table format, a description of all the ways we plan to use your personal data, and which of the legal bases we rely on to do so. We have also identified what our legitimate interests are where appropriate.
Note that we may process your personal data for more than one lawful ground depending on the specific purpose for which we are using your data. Please contact us if you need details about the specific legal ground we are relying on to process your personal data where more than one ground has been set out in the table below.
Purpose/Activity | Type of data | Lawful basis for processing |
To register you as a new Customer | Customer Data | a) Performance of our contract with our Customers |
To communicate with our Customers with regard to queries about our Services | Customer Data
Patient Data |
a) Necessary for our legitimate interests
b) Performance of our contract with our Customers
|
To process and deliver a Customer’s order including:
a) Delivery of our Services
b) Managing billing, payments, fees and charges; and
c) Collecting and recovering money owed to us |
Customer Data
Patient Data |
a) Performance of a contract with our Customers
b) Necessary for our legitimate interests (to recover debts due to us) |
To manage our relationship with our Customers which will include:
a) Notifying you about changes to our terms or privacy policy
b) Asking you to leave a review or take a survey |
Customer Data | a) Performance of a contract with our Customers
b) Necessary to comply with a legal obligation
c) Necessary for our legitimate interests (to keep our records updated and to study how Customers use our services) |
To administer and protect our business and the SprintRay Dashboard (including troubleshooting, data analysis, testing, system maintenance, support, reporting and hosting of data in relation to our Services) | Customer Data
Patient Data |
a) Necessary for our legitimate interests (for running our business, provision of administration and IT services, network security, to prevent fraud and in the context of a business reorganisation or group restructuring exercise)
b) Necessary to comply with a legal obligation |
Change of purpose. We will only use your personal data for the purposes for which we collected it, unless we reasonably consider that we need to use it for another reason and that reason is compatible with the original purpose. If you wish to get an explanation as to how the processing for the new purpose is compatible with the original purpose, please contact us.
If we need to use your personal data for an unrelated purpose, we will notify you and we will explain the legal basis which allows us to do so.
Please note that we may process your personal data without your knowledge or consent, in compliance with the above rules, where this is required or permitted by law.
If you require further detail about the specific legal basis we rely on to process your personal data please do not hesitate to contact us.
Data processing is carried out in accordance with Art. 6 (1) of the GDPR on the basis of our legitimate interest in improving the stability and functionality of our website. The data will not be passed on or used in any other way. However, we reserve the right the review the server log files at any time, if there are any concrete indications of illegal use.
7. Do we share your personal data with anyone else?
We may share your personal data with the following parties in connection with our processing of your personal data for the purposes set out in the above table. These will include:
- SprintRay’s affiliate companies, SprintRay Europe Ltd and SprintRay Europe GmbH;
- SprintRay affiliate companies; and
- third party service providers such as appliance design service providers.
We require all third parties to respect the security of your personal data and to treat it in accordance with the law. We do not allow our third-party service providers to use your personal data for their own purposes and only permit them to process your personal data for specified purposes and in accordance with our instructions.
Under certain circumstances, SprintRay may be required to disclose your personal data if required to do so by law or in response to valid requests by public authorities (e.g. a court or a government agency).
8. Keeping your personal data secure
We take appropriate security measures against unlawful or unauthorised processing of personal data, and against the accidental loss of, or damage to, personal data. We limit access to your personal data to those employees, agents and other third parties who are required to have access to your personal data and where they have agreed that they are subject to a duty of confidentiality.
We have put in place procedures and technologies to maintain the security of all personal data from the point of collection to the point of destruction. We have procedures in place to deal with actual and suspected data breaches which include an obligation on us to notify the supervisory authority and/or you, the data subject, where legally required to do so.
9. Transferring personal data out of the EEA
Certain of our third-party service providers are based outside the European Economic Area (“EEA”) so their processing of your personal data will involve a transfer of data outside the EEA and the UK.
If circumstances arise in which we have to transfer your personal data out of the EEA, we will always ensure that there are appropriate safeguards in place to protect your personal data such as:
a) the European Commission has issued a decision confirming that the country to which we transfer the personal data ensures an adequate level of protection for the data subjects’ rights and freedoms;
b) appropriate safeguards are in place such as binding corporate rules (BCR), standard contractual clauses approved by the European Commission, an approved code of conduct or a certification mechanism, a copy of which can be obtained from us on request; and
c) you have provided explicit consent to the proposed transfer after being informed of any potential risks.
10. For how long do we keep your personal data?
We will only retain your personal data for as long as reasonably necessary to fulfil the purposes we collected it for, including for the purposes of satisfying any legal, regulatory, tax, accounting or reporting requirements. We may retain your personal data for a longer period in the event of a complaint or if we reasonably believe there is a prospect of litigation in respect to our relationship with you.
To determine the appropriate retention period for personal data, we consider the amount, nature and sensitivity of the personal data, the potential risk of harm from unauthorised use or disclosure of your personal data, the purposes for which we process your personal data and whether we can achieve those purposes through other means, and the applicable legal, regulatory, tax, accounting or other requirements.
11. Hosting & Content Delivery Network
Cloudflare
On our website, we use the Content Delivery Network (“CDN”) of the technology service provider Cloudflare Inc, 101 Townsend St., San Francisco, CA 94107, USA (“Cloudflare”). A Content Delivery Network is an online service used to deliver large media files, such as graphics, page content or scripts, through a network of regionally distributed servers connected via the internet. The use of Cloudflare’s content delivery network helps SprintRay to optimise the loading speeds of our website. The processing takes place in accordance with Art. 6 (1) point of GDPR on the basis of our legitimate interest in secure and efficient provision, as well as the improvement of the stability and functionality of our website. For more information about Cloudfare’s privacy policy, please visit https://www.cloudfare.com/privacypolicy/
12. Cookies
In order to make your visit to our website attractive and to enable the use of certain functions, we use so-called cookies on various pages. These are small text files that are stored on your end device. Some of the cookies we use are deleted after the end of the browser session; i.e. closing your browser (“session cookies”). Other cookies remain on your terminal and enable us or our partner companies (“third-party cookies”) to recognize your browser on your next visit (“persistent cookies”). If cookies are set, they collect and process specific user information such as browser and location data as well as IP address values according to individual requirements. Persistent cookies are automatically deleted after a specified period, which may vary depending on the cookie. You can check the duration of the respective cookie storage in the overview of the cookie settings of your web browser.
In some cases, cookies are used to simplify the ordering process by saving settings (e.g. remembering the content of a virtual shopping basket for a later visit to the website). If personal data are also processed by individual cookies set by us, the processing is carried out in accordance with Art. 6 (1) point b GDPR either for the execution of the contract or in accordance with Art. 6 (1) point f GDPR to safeguard our legitimate interests in the best possible functionality of the website and a customer-friendly and effective design of the page visit.
Please note that you can set your browser in such a way that you are informed about setting of cookies and you can decide individually about their acceptance or exclude the acceptance of cookies for certain cases or generally. Each browser differs in the way it manages the cookie settings. This is described in the help menu of each browser, which explains how you can change your cookie settings. You will find these for the respective browsers at the following links:
– Internet Explorer:
https://support.microsoft.com/en-us/windows/delete-and-manage-cookies-168dab11-0753-043d-7c16-ede5947fc64d
– Firefox:
https://support.mozilla.org/en-US/kb/enhanced-tracking-protection-firefox-desktop
– Chrome:
https://support.google.com/chrome/answer/95647?hl=en&hlrm=en
– Safari:
https://support.apple.com/en-gb/guide/safari/sfri11471/mac
– Opera:
https://help.opera.com/en/latest/web-preferences/#cookies
Please note that the functionality of our website may be limited if cookies are not accepted.
13. Use of Client Data for Direct Advertising
Subscribe to our e-mail newsletter:
If you register for our e-mail newsletter, we will regularly send you information about our offers. The only mandatory data for sending the newsletter is your e-mail address. The provision of further data is voluntary and will be used to address you personally. We use the so-called double opt-in procedure for sending the newsletter. This means that we will only send you an e-mail newsletter once you have expressly confirmed that you consent to receiving newsletters. We will then send you a confirmation e-mail asking you to confirm that you wish to receive the newsletter in future by clicking on an appropriate link.
By activating the confirmation link, you give us your consent for the use of your personal data pursuant to Art. 6 (1) point a GPPR. When you register for the newsletter, we store your IP address entered by your Internet service provider (ISP) as well as the date and time of registration for the purpose of tracing any possible misuse of your e-mail address at a later date. The data collected by us when you register for the newsletter is used exclusively for the promotional purposes by way of the newsletter. You can unsubscribe from the newsletter at any time via the link provided for this purpose in the newsletter or by sending a corresponding message to the responsible person named at the beginning. After unsubscribing, your e-mail address will be deleted from our newsletter distribution list immediately, unless you have expressly consented to further use of your data, or we reserve the right to a more extensive use your data which is permitted by law and about which we inform you in this declaration.
14. Web Analysis Services
Matomo as cloud solution with cookies:
Data is collected and stored on this website using the Matomo web analysis service software (www.matomo.org), a service of InnoCraft Ltd., 150 Willis St, 6011 Wellington, New Zealand, (“Matomo”). Pseudonymized user profiles can be created and evaluated from this data for the same purpose. To this end, cookies may be used. Cookies are small text files that are stored locally in the cache of the visitor’s Internet browser. The cookies allow, among other things, the internet browser to be recognized. The data collected using Matomo technology (including your pseudonymized IP address) is transferred to Matomo servers in New Zealand and processed for usage analysis. For New Zealand, the European Commission has issued a so-called adequacy decision which certifies compliance with European data protection standards for international data transfers.
The pseudonymized information generated by the cookie is not used to personally identify the visitor to this website and is not merged with personal data about the holder of the pseudonym.
All processing described above, in particular the reading of information on the end device used, is only carried out if you have given us your express consent to do so in accordance with Art. 6 (1) point a GPDR. Without this consent, Matomo will not be used during your visit to the website.
15. Retargeting/Remarketing/ Referral Advertising
15.1. Google Ads Remarketing
This website uses the online advertising program “Google Ads” and, within the scope of Google Ads, the conversion tracking of Google Ireland Limited, Gordon House, 4 Barrow St, Dublin, D04 E5W5, Ireland (“Google”). We use Google Ads to draw attention to our attractive offers on external websites with the help of advertising media (so-called Google Adwords). We can determine how successful the individual advertising measures are in relation to the data of the advertising campaigns. In this way, we pursue the concern of showing you advertising that is of interest to you, making our website more interesting for you and achieving a fair calculation of the advertising costs incurred the conversion tracking cookie is set when a user clicks on an ad placed by Google. Cookies are small text files that are stored on your terminal device. These cookies usually lose their validity after 30 days and are not used for personal identification. If the user visits certain pages of this website and the cookie has not yet expired, Google and we can recognize if the user has clicked on the ad and has been directed to this page. Each Google Ads customer receives a different cookie. Cookies therefore cannot be tracked across Google Ads customers’ websites. The information obtained using the conversion cookie is used to create conversion statistics for Google Ads customers who have chosen conversion tracking. Customers learn the total number of users who clicked on their ad and who were redirected to a page tagged with a conversion tracking tag. However, they do not receive any information that can be used to personally identify users. The use of Google Ads may also result in the transmission of personal data to the servers of Google LLC. in the USA.
Details on the processing operations initiated by Google Ads conversion tracking and on Google’s handling of data collected from websites can be found here: https://policies.google.com/technologies/partner-sites?hl=en
All processing described above, in particular the setting of cookies for the reading of information on the end device used, will only be carried out if you have given us your express consent to do so in accordance with Art. 6 (1) point a GDPR. Without this consent, Google Conversion Tracking will not be used during your visit to the website. You can permanently disable the setting of cookies by Google Ads Conversion Tracking for advertising preferences. You may download and install the browser plug-in available at the following link: https://support.google.com/ads/answer/7395996? Please note that certain functions of this website may not be available or may be restricted if you have deactivated the use of cookies.
Further information about Google’s privacy policy can be viewed at:
http://www.google.com/policies/technologies/ads/
15.2. Microsoft Advertising
This website uses the conversion tracking technology “Microsoft Advertising” from Microsoft (Microsoft Corporation, One Microsoft Way, Redmond, WA 98052-6399, USA). Microsoft sets a cookie on your computer if you have accessed our website via a Microsoft Adveristing ad. Cookies are small text files that are stored on your terminal device. These cookies lose their validity after 180 days and are not used for personal identification. If the user visits certain pages of this website and the cookie has not yet expired, Microsoft and we can recognise that the user clicked on the ad and was redirected to this page (conversion page).
The information collected using the conversion cookie is used to create conversion statistics, i.e. to record how many users reach a conversion page after clicking on an ad. This tells us the total number of users who clicked on our ad and were redirected to a page tagged with a conversion tracking tag. However, we do not receive any information that can be used to personally identify users.
All processing described above, in particular the setting of cookies for reading out information on the end device used, is only carried out if you have given us your express consent to do so in accordance with Art. 6 (1) a GDPR. Without this consent, Microsoft Advertising will not be used during your visit to the site.
You can revoke your consent at any time with effect for the future. To exercise your revocation, please deactivate this service in the “Cookie Consent Tool” provided on the website.
You can obtain further information about Microsoft’s data protection policy at the following Internet address: https://privacy.microsoft.com/en-us/privacystatement
16. Site functionalities
16.1. Use of Vimeo Videos
On our website, plugins of the video portal Vimeo of Vimeo, LLC, 555 West 18th Street, New York, New York 10011, USA are embedded. When you access a page of our website that contains such a plugin, your browser establishes a direct connection to Vimeo’s servers. The content of the plugin is transmitted by Vimeo directly to your browser and integrated into the page. Through this integration, Vimeo receives the information that your browser has called up the corresponding page of our website, even if you do not have a Vimeo account or are not currently logged in to Vimeo. This information (including your IP address) is transmitted directly from your browser to a Vimeo server in the USA and stored there.
If you are logged in to Vimeo, Vimeo can immediately assign your visit of our website to your Vimeo account. If you interact with the plugins (e.g., pressing the start button of a video), this information is also transmitted directly to a Vimeo server and stored there. If you do not want Vimeo to assign the data collected via our website directly to your Vimeo account, you must log out of Vimeo before visiting our website. The purpose and scope of the data collection and the further processing and use of the data by Vimeo as well as your related rights and privacy settings can be found in Vimeo’s privacy policy: https://vimeo.com/privacy
For videos from Vimeo that are embedded on our site, the tracking tool Google Analytics of Google Ireland Limited, Gordon House, 4 Barrow St, Dublin, D04 E5W5, Ireland, is automatically integrated. This relates to Vimeo’s own tracking which we do not have access to, and which cannot be influenced by our site. Google Analytics uses “cookies”, which are text files placed on your computer, to help the website analyze how users use the site. The information generated by the cookie about your use of the website will generally be transmitted to and stored by Google on servers in the United States, where it may also be transmitted to servers of Google LLC.
All processing described above, in particular the setting of cookies for the reading of information on the end device used, will only be carried out if you have given us your express consent to do so in accordance with Art. 6 (1) point a GDPR. Without this consent, Vimeo-Videos will not be used during your visit to the website.
You can revoke your consent at any time with effect for the future. To exercise your revocation, please deactivate this service in the “Cookie Consent Tool” provided on the website.
16.2. Use of YouTube Videos
This website uses the YouTube embedding function for display and playback of videos offered by the provider YouTube, which belongs to Google Ireland Limited, Gordon House, 4 Barrow St, Dublin, D04 ESW5, Ireland (“Google”).
To this end, the extended data protection mode is used to ensure, according to provider information, that user information will only be stored once the playback function of the video is started. When the playback of embedded YouTube videos is started, the provider sets “YouTube” cookies to collect information about user behavior. According to indications from YouTube, the use of those cookies is intended, among other things, to record video statistics, to improve user-friendliness and to avoid improper actions. If you are logged in to Google, your information will be directly associated with your account when you click on a video. If you do not wish to be associated with your profile on YouTube, you must log out before activating the button. Google saves your data (even for users who are not logged in) as usage profiles and evaluates them. You have the right to object to the creation of these user profiles, whereby you must contact YouTube to exercise this right. When using YouTube, personal data may also be transmitted to the servers of Google LLC. in the USA.
Regardless of whether the embedded video is played back, a connection to the Google network “double click” is established when visiting this website. This may trigger further data processing beyond our control.
All processing described above, in particular the setting of cookies for the reading of information on the end device used, will only be carried out if you have given us your express consent to do so in accordance with Art. 6 (1) point a GDPR. Without this consent, Youtube-Videos will not be used during your visit to the website. You can revoke your consent at any time with effect for the future. To exercise your revocation, please deactivate this service in the “Cookie Consent Tool” provided on the website. Further information on YouTube’s privacy policy can be found at: www.google.com/policies/privacy/
16.3. Zoom
We use the Zoom service of Zoom Video Communications Inc, 55 Almaden Blvd, Suite 600, San Jose, CA 95113, USA (hereinafter “Zoom”) to conduct online meetings, video conferences and/or webinars.
When using Zoom, different data will be processed. The extend of the processed data depends on the data you provide before or during your participation in an online meeting, video conference or webinar. When using Zoom, data of the communication participants is processed and stored on Zoom servers. This data may include your registration data (name, e-mail address, telephone (optional) and password) and meeting data (topic, participant IP address, device information, description (optional)). In addition, visual and audio contributions of the participants, as well as voice inputs can be processed in chats.
When processing personal data necessary for the performance of a contract with you (this also applies to processing operations which are necessary for the performance of pre-contractual measures), Art. 6 (1) point b GDPR constitutes the legal basis. If you have given us your consent for the processing of your data, the processing will be carried out based on Art. 6 (1) point a GDPR. Consent granted can be revoked at any time with effect for the future.
Otherwise, the legal basis for the processing of data when conducting online meetings, videoconferences or webinars is our legitimate interest pursuant to Art. 6 (1) point f GDPR in the effective conduct of online meetings, webinars or videoconferences. For more information about Zoom’s use of data, please refer to Zoom’s privacy policy at https://zoom.us/docs/de-de/privacy-and-legal.html
16.4. Applications for job advertisements using a form
On our website, we offer those interested in a job the possibility to apply online using an appropriate form. In order to be included in the application process, applicants must provide us with all personal data required for a well-founded and informed assessment and selection. The required data includes general personal information (name, address, telephone or electronic contact details) as well as performance-specific evidence of the qualifications required for a position. Where appropriate, health-related information may also be required, which, in the interests of social protection, must be given special consideration in the applicant’s own person under labour and social law. In the course of sending the form, the applicant’s data will be encrypted according to the state of the art, transmitted to us, stored by us and evaluated exclusively for the purpose of processing the application.
The legal basis for these processing operations is generally Art. 6 Para. 1 lit. b, in the sense of which passing through the application procedure is considered to be the initiation of an employment contract.
Insofar as special categories of personal data within the meaning of Art. 9 para. 1 GDPR (e.g. health data such as information on the status of severely disabled persons) are requested from applicants in the context of the application procedure, processing is carried out in accordance with Art. Art. 9 para. 2 lit. b. GDPR so that we can exercise the rights arising from labour law and social security and social protection law and fulfil our obligations in this respect.
Cumulatively or alternatively, the processing of the special categories of data may also be based on Art. 9 para. 1 lit. h GDPR, if it is carried out for purposes of preventive health care or occupational medicine, for the assessment of the applicant’s ability to work, for medical diagnosis, care or treatment in the health or social field or for the management of systems and services in the health or social field.
If, in the course of the evaluation described above, the applicant is not selected, or if an applicant withdraws his or her application prematurely, the data submitted on the application form will be deleted after 6 months at the latest after notification. This period is calculated on the basis of our legitimate interest in being able to answer any follow-up questions about the application and, if necessary, to comply with our obligation to provide evidence in accordance with the regulations on the equal treatment of applicants.
In the event of a successful application, the data provided will be further processed on the basis of Art. 6 para. 1 lit. b GDPR for the purposes of the employment relationship.
16.5. Font Awesome
This site uses so-called web fonts from “FontAwesome”, a service of Fonticons, Inc, 710 Blackhorn Dr, Carl Junction, 64834, MO, USA (“FontAwesome”), for the uniform display of fonts. When you call up a page, your browser loads the required web fonts into its browser cache in order to display texts and fonts correctly.
For this purpose, the browser you are using must connect to FontAwesome’s servers. This may also result in the transmission of personal data to FontAwesome’s servers in the USA. In this way, FontAwesome becomes aware that our website has been accessed via your IP address. The use of FontAwesome fonts is in the interest of a uniform and appealing presentation of our online offers. This represents a legitimate interest within the meaning of Art. 6 Para. 1 lit. f GDPR. If your browser does not support web fonts, a standard font from your computer will be used. You can find more information about FontAwesome at: https://fontawesome.com/privacy
On this website we also use the reCAPTCHA function of Google Ireland Limited, Gordon House, 4 Barrow St, Dublin, D04 E5W5, Ireland (“Google”). This function is mainly used to distinguish whether an entry is made by a natural person or misused by automatic and automated processing. The service includes the sending of the IP address and possibly other data required by Google for the reCAPTCHA service to Google. The use of Google reCAPTCHA may also result in the transmission of personal data to the servers of Google LLC. in the USA and is carried out in accordance with Art. 6 (1) point f GDPR, on the basis of our legitimate interest in determining the individual willingness of actions on the Internet and avoiding misuse and spam.
Further information about Google reCAPTCHA and Google’s privacy policy can be found at: https://policies.google.com/privacy?hl=en-GB
17. Tools and Miscellaneous
17.1. This website uses a so-called “cookie consent tool” to obtain effective user consent for cookies and cookie-based applications that require consent. The “cookie consent tool” is displayed to users in the form of an interactive user interface when they access the page, on which consent for certain cookies and/or cookie-based applications can be given by ticking the appropriate box. Through the use of the tool, all cookies/services requiring consent are only loaded if the respective user provides the corresponding consent by ticking the corresponding box. This ensures that such cookies are only set on the respective end device of the user if consent has been granted.
The tool sets technically necessary cookies to save your cookie preferences. Personal user data is generally not processed. If, in individual cases, personal data (such as the IP address) is processed for the purpose of storing, assigning or logging cookie settings, this is done in accordance with Art. 6 (1) point GDPR on the basis of our legitimate interest in legally compliant, user-specific and user-friendly consent management for cookies and thus in a legally compliant design of our website. Further legal basis for the processing is Art. 6 (1) point c GDPR. As the responsible party, we are subject to the legal obligation to make the use of technically unnecessary cookies dependent on the respective user consent. Further information on the operator and the setting options of the cookie consent tool can be found directly in the corresponding user interface on our website.
17.2 – Google Maps
Our website uses Google Maps (AP’I) of Google Ireland Limited, Gordon House, 4 Barrow St, Dublin, D04 E5W5, Ireland (“Google”). Google Maps is a web service for displaying interactive (country) maps in order to display geographical information visually. Using this service will show you our location and will make it easier for you to find us. When you access the sub-pages that contain the Google Maps map, information about your use of our website (such as your IP address) is transmitted to and stored by Google on servers. When using Google Maps, personal data may also be transmitted to the servers of Google LLC. in the USA. This is regardless of whether Google provides a user account that you are logged in with or whether no user account exists. If you are logged in to Google, your information will be directly associated with your account. If you do not wish to be associated with your profile on Google, you must log out before activating the button. Google saves your data (even for users who are not logged in) as usage profiles and evaluates them. Such an evaluation takes place according to Art. 6 (1) point f GDPR, on the basis of the legitimate interests of Google in the insertion of personalized advertising, market research and/or demand-oriented design of its website. You have the right to object to the creation of these user profiles. If you want to do so, you must contact Google to exercise this right.
If you do not agree to the future transmission of your data to Google in the context of using Google Maps, you may completely deactivate the Google Maps web service by switching off the JavaScript application in your browser. In this case, Google Maps as well as the map display on this website cannot be used.
The Google terms of use can be found at: https://policies.google.com/terms?hl=en. The additional terms of use can be found at:
https://www.google.com/intl/en-US_US/help/terms_maps.html.
You can find detailed information on data protection in connection with the use of Google Maps on Google’s website (“Google Privacy Policy”) at:
https://policies.google.com/privacy?hl=en.
To the extent required by law, we have obtained your consent to the processing of your data as described above in accordance with Art. 6 (1) point a GDPR. You can revoke your consent at any time with effect for the future. In order to exercise your revocation, please follow the procedure described above for submitting an objection.
18. Your data protection rights
Under certain circumstances, by law you have the right to:
- Request information about whether we hold personal information about you, and, if so, what that information is and why we are holding/using it.
- Request access to your personal information (commonly known as a “data subject access request”). This enables you to receive a copy of the personal information we hold about you and to check that we are lawfully processing it.
- Request correction of the personal information that we hold about you. This enables you to have any incomplete or inaccurate information we hold about you corrected, though we may need to verify the accuracy of the new data you provide to us.
- Request erasure of your personal information. This enables you to ask us to delete or remove personal information where there is no good reason for us continuing to process it. You also have the right to ask us to delete or remove your personal information where you have exercised your right to object to processing (see below), where we may have processed your information unlawfully or where we are required to erase your personal data to comply with local law. Note, however, that we may not always be able to comply with your request of erasure for specific legal reasons which will be notified to you, if applicable, at the time of your request.
- Object to processing of your personal information where we are relying on a legitimate interest (or those of a third party) and there is something about your particular situation which makes you want to object to processing on this ground as you feel it impacts on your fundamental rights and freedoms. You also have the right to object where we are processing your personal data for direct marketing purposes. In some cases, we may demonstrate that we have compelling legitimate grounds to process your information which override your rights and freedoms.
- Object to automated decision-making including profiling, that is not to be the subject of any automated decision-making by us using your personal information or profiling of you. We do not engage in any automated decision making.
- Request the restriction of processing of your personal information. This enables you to ask us to suspend the processing of personal information about you, for example if you want us to establish its accuracy or the reason for processing it.
- Request transfer of your personal information in an electronic and structured form to you or to another party (commonly known as a right to “data portability”). This enables you to take your data from us in an electronically useable format and to be able to transfer your data to another party in an electronically useable format. Note that this right only applies to automated information which you initially provided consent for us to use or where we used the information to perform a contract with you.
- Withdraw consent at any time where we are relying on consent to process your personal data. However, this will not affect the lawfulness of any processing carried out before you withdraw your consent. If you withdraw your consent, we may not be able to provide certain products or services to you. We will advise you if this is the case at the time you withdraw your consent.
In the event that you wish to make a complaint about how your personal data is being processed by SprintRay, or how your complaint has been handled, you have the right to lodge a complaint directly with the supervisory authority who can be contacted as follows. We would, however, appreciate the chance to deal with your concerns before you approach the supervisory authority so please contact us in the first instance:
Contact | Data Protection Commission |
Telephone | +353 57 8684800 / +353 761 104 800 |
info@dataprotection.ie | |
Post | Data Protection Commission
21 Fitzwilliam Square South Ireland |
19. Contact us
The data controller for SprintRay Europe Limited and SprintRay Europe GmbH are listed below. The data controller is in charge of processing of personal data and is the natural or legal person who alone or jointly with others determines the purposes and means of the processing of personal data. You can contact us with any queries, complaints or requests to exercise your data protection rights using the details below:
Contact: | Data Protection Manager-Europe |
Telephone: | +49 6150 978948-153 |
Email: | Legal@sprintray.com |
Post: | Regus Harcourt Centre, Harcourt Road, Dublin 2 |
Contact: | Data Protection Manager-Germany |
Telephone: | +49 6150 978948-153 |
Email: | privacy@sprintray.eu |
Post: | SprintRay Europe GmbH, Brunnenweg 11, 64331 Weiterstadt, Deutschland, Tel: 06150 978948-153 |
In accordance with German Law and the General Data Protection Regulation (GDPR), SprintRay Europe GmbH has appointed a Data Protection Officer (DPO). The DPO for this website is “ONPRIVACY externer Datenschutz, 65207 Wiesbaden, www.onprivacy.de, privacy@sprintray.eu”
20. Updates to this Privacy Statement
Our Privacy Statement may change from time to time, and we will provide you with a new privacy notice when we make any substantial updates. We may also notify you in other ways from time to time about the processing of your personal information.
PRIVACY POLICY
At SprintRay Europe GmbH (”SprintRay“, “we”), the protection of personal data of our users (“you”) is very important. Your personal data will only be processed in accordance with this privacy policy (“Policy”) and the relevant statutory provisions, in particular the European General Data Protection Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 (”GDPR“).
The following Policy applies to the processing of your personal data when using our website (the ”Website“).
1. Use of our offers
1.1 General information about the use of the Website
When using the Website, we process such personal data that your browser transmits to our server. These include the IP address, date and time of the request, Greenwich mean time (GMT) time zone difference, content of the request (the specific page), the access status or HTTP status code, the amount of data transmitted, the website from which the requirement comes, the browser used, the operating system and its interface as well as language and version of the browser software. Processing is based on Art. 6(1)(f) GDPR, as it enables the presentation of our website and serves in particular to ensure its stability and security.
1.2 Cookies
(a) General:
Cookies are small text files placed on your device to store data that can be recalled by a web server. We use cookies [and similar technologies] for storing and fulfilling your preferences and settings, enabling you to sign in, providing interest-based advertising, analyzing how our products perform, and fulfilling other legitimate purposes.
We provide a transparent explanation to enable you to control the use of your personal data by adapting your cookie settings.
(b) Types of Cookies
We differentiate between cookies that are essential for the technical functions of the Website and optional cookies, including statistical, marketing or third party
media cookies.
“Essentials”
These are necessary for the technical operation of the Website. Some functions on our website cannot be offered without these cookies.
“Statistics”
In order to further improve our offer and our website, we collect anonymized data for statistics and analysis. With the help of these cookies we can, for example, determine the number of visitors and the effect of certain pages on our website and optimize our content. Analysis cookies and tags enable us to generate overall statistics, e.g., about the number of views, which areas of the website are viewed most often and information about locations and the duration of the average stay on the website. This allows us to improve the quality and content of our website.
“Marketing”
Allow us to follow visitors on the Website, to show you relevant and appealing advertisements or to have them shown by third parties.
“Third Party Media”
Contents of video, streaming and social media networks are blocked by default. If you accept these cookies you will be able to access these contents without giving manual further permission. As they are placed not by us but other parties, these companies use and process the data they obtain in accordance with their own privacy policies, which may enable them to collect and combine information about your activities across websites, apps, or online services.
Some of the cookies we use are automatically deleted after the browsers are closed (so-called session cookies), others remain permanently on your device and allow us to recognize your browser (so-called persistent cookies).
(c) Controlling Cookies / Legal Basis / Consent:
The use of marketing, tracking or analysis cookies requires your prior express consent without which they will not be stored. We request this via the cookie banner when you start using the Website, which informs you about our cookie policy and gives you the option of refusing or granting your consent for all or certain types of cookies.
You can make or change your cookie settings or revoke the consent you have given without stating reasons at any time: [borlabs-cookie type=”btn-cookie-preference” title=”Cookie Options” element=”link”/]
If you give us your consent, the legal basis for the processing of personal data is Art. 6(1)(a) GDPR. We use essential or technically necessary cookies based on our legitimate interest of being able to operate and provide a functioning website.
You also have a variety of technical tools to fully control the use of cookies. For example, you can use control settings of your internet browser to limit how the websites you visit are able to use cookies, delete cookies in your browser, disable the storage of cookies completely or selectively accept certain cookies and withdraw your consent by clearing or blocking cookies.
This may limit the functionality of our Website.
1.3. Google Analytics
On our Website we use Google Analytics with the extension “anonymizeIp”, a service provided by Google Inc., 1600 Amphitheater Parkway, Mountain View, CA 94043, USA (” Google“) reporting us details about how you and others use our Website. As a result, IP addresses from within the member states of the European Union or the European Economic Area will be truncated before further processing by Google. Only in exceptional cases will the full IP address be sent to a Google server in the USA and truncated there. A personal identification can thus be excluded. Insofar as the data collected about you becomes identifiable, it will be immediately excluded and the personal data will be deleted immediately.
The legal basis for our use of Google Analytics is Art. 6(1)(f) GDPR. On our behalf, Google will use the data obtained to evaluate your use of our website, to compile reports on Website activity and to provide us with other services related to website usage and internet usage. The purpose of the processing is to analyze and optimize our Website.
You can prevent the storage of cookies through appropriate settings in your browser, for example by generally deactivating the automatic setting of cookies. In this case, functions of this website may no longer be used properly. In addition, you may prevent the collection of the data related to your use of the website (including your IP address) as well as their transmission to and processing by Google by downloading and installing the browser plug-in available under the following link: https://tools.google.com/dlpage/gaoptout?hl=en
Google may also processes your personal information in the United States and has submitted to the EU-US Privacy Shield, https://www.privacyshield.gov/EU-US-Framework. For more information about Google’s data collection and processing, please refer to Google’s Privacy Policy, which can be found at https://policies.google.com/privacy.
1.4 Social Media
We do not use social media plug-ins. However, at various points on our website, we offer you the opportunity to visit our social networking sites such as Facebook, Twitter, Instagram, Youtube, Vimeo and LinkedIn. If you click on the respective logo or the name of a social network, you will be forwarded via a link to our page on the respective social media website.
Before you click on the respective logos or links, no personal data will be transmitted to the social media. The possibility of personal data being transmitted to and processed by the respective social network only exists from the moment you click on the logo on our website and are forwarded to the social media website. In particular, if you are logged in with your respective social media account at the time of forwarding, personal data processing will occur. In addition, however, data – such as your IP address – can be processed if you do not have a social media account.
We have no influence on the collected data and data processing operations, nor are we aware of the full extent of data collection, the purpose of the processing, the retention periods or the deletion of the data, by the respective social media.
1.5 HubSpot
For various parts of our online marketing, we use the integrated software solution of HubSpot, a software company from the USA with a branch office in Ireland. Contact: HubSpot, 2nd Floor 30 North Wall Quay, Dublin 1, Ireland, Telephone: +353 1 5187500. HubSpot is certified under the conditions of the EU-US Privacy Shield Framework. You can find Hubspot’s Privacy Policy here: https://legal.hubspot.com/privacy-policy.
This includes, among others: Email marketing (newsletter and automated mailings, e.g., to provide downloads), social media publishing & reporting, reporting (e.g., traffic sources, access, etc. …), contact management (e.g., user tracking, preferences, segmentation & CRM), landing pages and contact forms. Our registration service allows visitors to our website to learn more about us, download content and provide their contact information and other demographic information. This information, as well as the content of our website, is stored on servers of HubSpot. We may use this information to contact users and to determine which of our products and services are of interest to them. All information collected by us is subject to this Privacy Policy, and is used solely to optimize our marketing efforts.
The legal basis for the processing of the data is Art. 6(1)(f)GDPR, as it serves to optimize our offer, and/or Art. 6(1)(a)GDPR, where consent is given.
1.6 Vimeo Videos
Our website integrates and allows to directly view videos that are stored on the video platform www.vimeo.com, operated by Vimeo.com, Inc., 555 West 18th Street, New York, NY 10011, USA (“Vimeo”).
When you visit a page on our website that incorporates a Vimeo video, you will be connected to the Vimeo servers in the United States. This will communicate data to Vimeo, such as which page on our site the video was viewed by you. If you have an account with Vimeo and are logged in, the aforementioned information will be assigned to your user account. If you use the Vimeo video embedded on our website, for example by clicking on “Play”, this information will also be assigned to your user account. You can prevent this assignment by logging out of your user account before using our website and deleting corresponding cookies from Vimeo.
For more information on the purpose and scope of data processing by Vimeo, see the Vimeo Privacy Policy. There you will also find more information about your rights and settings options for protecting your privacy: https://www.vimeo.com/privacy . Vimeo also processes your personal data in the USA.
The legal basis for the processing of the data is Art. 6(1)(f) GDPR, as it serves to optimize our offer.
1.7 YouTube
Our website integrates and allows to directly view videos that are stored on the video platform https://www.youtube.com offered by Google. [We have turned on “Privacy-Enhanced Mode” for YouTube videos displayed on the Service. According to Google, this means that YouTube does not place cookies or track viewing behavior for advertising purposes.
However, a transfer of your data to third parties may take place, e.g., (a) YouTube connects to the Google DoubleClick network] (b) upon your starting a video, a connection is made to the YouTube servers, disclosing to Google which of our pages you have visited. If you are logged into your YouTube-Account, you enable Google to add your browsing history to your personal profile – which you can prevent by logging out of such account; (c) Google may set cookies on your device or use other recognition technologies to obtain information about the visitors of our Website for statistics and improving the Website functionality; and (d) upon the start of a video, Google may perform additional processing actions beyond our control.
Our user-facing content does not embed any YouTube videos that are not part of our content. [We disabled certain functionality on YouTube (called “rel” functionality), so that content outside of our content is not played.]
The legal basis for such processing of the data is Art. 6(1)(f) GDPR, as it serves to optimize our online offer. If you have given consent, the legal basis is Art. 6(1)(a) GDPR, allowing you to revoke such consent at any time. Further information about YouTube privacy can be found at the link in 1.3 above.
1.7 Google Maps
On this website we use the offer of Google Maps. This allows us to show you interactive maps directly in the website and allow you to conveniently use the map feature.
By visiting the website, Google receives the information that you have accessed the corresponding subpage of our website. In addition, the data referred to in point 1.1 of this Policy will be transmitted. This happens regardless of whether you have a user account on Google and if you are logged into this user account. When you’re logged in to Google, your data will be assigned directly to your account. If you do not wish to be associated with your profile on Google, you must log out before activating the button. Google stores your data as usage profiles and uses them for purposes of advertising, market research and / or tailor-made website design. Such evaluation will be carried out in particular (even for users who are not logged in) to provide appropriate advertising and to inform third parties about your activities on our Website. You have a right to object to the formation of these user profiles, and you must contact Google to exercise this right.
For more information on the purpose and scope of Google’s data collection and processing, as well as your rights and privacy settings please refer to the links set out in 1.3 above.
The legal basis for the processing of the data is Art. 6(1)(f) GDPR. It serves to optimize our offer.
1.8 Newsletter
The Website provides the opportunity to subscribe to our newsletter. Our newsletter contains specific information about our range of products and services, information in connection with 3D applications and other information we deem useful. To register, only your e-mail address is required. You may also voluntarily provide additional information, such as your name.
The registration for the newsletter follows the so-called double-opt-in procedure. After entering your e-mail address and, if necessary, your other data, we will send you an e-mail to this address, with which we ask you to confirm your registration for the newsletter. Only when you do so by clicking on a corresponding link, you will be included in our distribution list and receive from this point our newsletter. If confirmation of registration is not received within 24 hours, we will block your information and delete it after one month.
When registering, we store the IP address you used, the time of registration and the time of the confirmation of the registration. This is done on the basis of Art. 6(1)(f) GDPR and has the purpose of documenting your application and, if necessary, to be able to clarify possible misuse of your personal data
In the case of confirmation of registration for the newsletter, we will store your e-mail address and, if applicable, your other voluntary information in accordance with Art. 6(1)(a) GDPR to send you our newsletter.
You can revoke your consent to the receiving of the newsletter at any time and unsubscribe from the newsletter. You can declare the cancellation by clicking on the link provided in each newsletter e-mail, by e-mail to info.eu@sprintray.com or by sending a message to the contact details stated in the Imprint.
We point out that when you send the newsletter, we evaluate your user behavior in order to constantly optimize and improve our newsletter. For this evaluation, the e-mails sent include so-called web beacons or tracking pixels. With the data obtained in this way, we create a user profile to tailor the newsletter to your individual interests. In doing so, we record when you read our newsletters, which links you click, and your personal preferences and interests.
Processing is based on Art. 6(1)(f) GDPR and serves to optimize our services and our offer.
You can prevent the tracking of opening our newsletter if you have disabled the display of images in your e-mail program by default. In this case the newsletter will not be displayed completely and you may not be able to use all the features. If you manually view the images, the tracking will proceed.
1.9 Contact by e-mail or contact form
Should you contact us by e-mail, the information you choose to provide (e.g., your e-mail address, your name and telephone number if applicable) will be stored by us to answer your questions. We delete the data that arises in this context after the storage is no longer required, or limit the processing if there are statutory retention requirements. The same applies if you use our contact form. All you need to do to contact us is to provide your name and e-mail address. Further information – such as your organization and telephone number are optional. Data that you enter in our contact form will be encrypted (SSL) between your browser and our server.
Processing is based on Art. 6(1)(a) GDPR. It is exclusively for processing and answering your query.
2. Disclosure of data
We do not transfer personal data collected by us to third parties unless this is permissible under data protection regulations. Specific information on the scope and recipients of such transfer can be found in the above provisions. We only disclose your personal information to such parties performing specific tasks and services for us, and only to the extent necessary to carry out such activities. These companies are similarly bound by the data protection regulations, have been carefully selected by us and are regularly monitored by us. Beyond that, we only provide your personal data to third parties if we are obliged to do so under applicable law or a court order.
3. Data security
We take measures to protect your personal data from unauthorized access, loss, misuse or destruction. Be advised, however, that absolute protection of data from third party access is not guaranteed, e.g., when transmitting data via email or otherwise via the Internet, there is the possibility of security gaps.
Personal data will only be stored for the period required to achieve the purpose of such storage or as provided by law. Accordingly, personal data is routinely blocked or deleted when there is no more purpose or upon the expiration of regulatory periods.
4. Your rights / contact
You have the following rights vis-à-vis us regarding the personal data we collected from you:
- Right to access information
- Right to rectification or erasure
- Right to restriction of processing
- Right to object to the processing
- Right to data portability.
If you have given consent to the processing of your personal data, you can revoke it at any time. This does not affect the legality of the processing carried out on the basis of the consent until the revocation.
Where we process your personal data on the basis of Art. 6(1)(f) GDPR, you may object to such processing. In this case, we request that you give the reasons against our processing your personal data, allowing us to examine the matter. We will then discontinue or adapt the data processing or demonstrate compelling legitimate grounds for the processing which override your reasons.
You may also object to the processing of your personal data for advertising and data analysis purposes at any time and without giving a reason.
To do so, you can inform us as follows:
SprintRay Europe GmbH,
Brunnenweg 11, DE-64331 Weiterstadt,
Phone: +49 6150 97 89 48-0,
E-Mail: info.eu@sprintray.com
You also have the right to complain to a data protection supervisory authority concerning our processing of your personal data.
Data controller within the meaning of Art. 4(7) GDPR is SprintRay Europe GmbH, Managing Director Patrick Thurm, Brunnenweg 11, DE-64331 Weiterstadt, Phone: +49 6150 97 89 48-0, E-Mail: info.eu@sprintray.com.