1. Controller and data protection officer
Within the meaning of the General Data Protection Regulation (GDPR) and other national data protection laws of EU Member States as well as any other provisions regarding data protection law, the provider and controller of the collection and processing of your personal data on this website is:
Iris Dynamics Ltd.
Unit 2-3948 Quadra Street
Victoria, British Columbia
Please contact our data protection officer via:
Every data subject can contact our above-mentioned data protection officer directly in case of any questions and suggestions regarding data protection.
2. General information on personal data and their processing
2.1 How do we treat personal data?
Using our web pages is generally possible without having to indicate any personal data. If a data subject wants to make use of special services (e.g. making contact using the contact form, newsletter subscription) on our website, however, processing personal data may become necessary.
If processing personal data is required and if there is no legal basis for such processing, e.g. fulfillment of a contract or fulfillment of a legal obligation, we will principally obtain the data subject’s consent. Furthermore, the personal data are always processed in conformity with the General Data Protection Regulation and with the country-specific data protection regulations applicable to our company.
By means of this Data Privacy Statement, we would like to inform the visitors of our website about the type, scope and purpose of the personal data collected, used and processed by us. In addition, we would like to inform you about your rights.
2.3 Technical and organizational measures
As the controller of the data processing we have implemented numerous technical and organizational measures in order to ensure complete protection (if possible) of the personal data processed via this website. Our website has an SSL certificate integrated in order to increase security. The SSL certificate is used to encrypt the data exchanged via HTTP. Nevertheless, internet-based data transmissions may principally have security gaps so that absolute protection cannot be guaranteed.
2.4 General information on the legal basis for the processing of personal data on our web pages
As far as we obtain your consent for the processing of personal data, Art. 6 (1) lit. a EU General Data Protection Regulation (GDPR) serves as a legal basis for the processing.
If the processing of personal data is required in order to fulfill a contract with you, which is the case with processing, for instance, required for a delivery of goods or the provision of other services or return services, the processing is based on Art. 6 (1) lit. b GDPR. The same applies to such processing which is required to perform pre-contractual measures, for example in case of inquiries about our products or services.
If we are subject to a statutory obligation requiring the processing of personal data, for example in order to fulfill tax obligations, the processing is based on Art. 6 (1) lit. c GDPR.
In rare cases the processing of personal data might become necessary in order to protect vital interests of you or any other natural person. This would be the case, for instance, if a visitor was injured in our company and consequently his/her name, age, health insurance data or other vital information would have to be passed on to a doctor, hospital or another third party. Then the processing would be based on Art. 6 (1) lit. d GDPR.
2.5 Contact Us & Request a Quote forms
Our website contains a contact us form and a request a quote form. These are used for fast electronic contacting. The following data is collected by using these contact forms in order to respond to your concern and to contact you in this respect:
- Your E-Mail Address
- Phone Number
- Project Information
If you provide us with personal data, these data are disclosed by you on an explicitly voluntary basis. Art. 6 (1) lit. a GDPR serves as a legal basis for the processing in this case. The data you enter in the contact form reach us in automated way in the form of an e-mail and will be deleted after the processing, unless the contact request results in a contract initiation or contract conclusion. In this case we can and must store your data on the basis of statutory periods. Your data will be treated as strictly confidential and will not be disclosed to any third parties.
3. Online marketing und digital communication with Hubspot
On our website and blog we use the HubSpot marketing automation software of the American company Hubspot Inc., 25 First Street, 2nd Floor Cambridge, MA 02141 United States (hereinafter referred to as “HubSpot”). HubSpot is an integrated software solution by which we cover different aspects of our digital marketing, sales and customer relation management. Furthermore we use the tool for analytical purposes of our web offer in order to optimize it and to offer you the best possible and user-friendly service.
We use HubSpot for:
- contacting us using the contact form and request a quote form
- evaluating the usage of our web pages (e.g. access, pages visited, dwelling time, etc.)
For detailed information on the scope of the data processing, the legal basis, the purpose, the storage period as well as possibilities of objection please refer to sections 3.1 to 3.6.
The contents of our web pages as well as your personal data which you provide, e.g. when using our contact form or subscribing to our newsletter, are stored on the servers of our software partner HubSpot.
Of course HubSpot also uses “cookies” which are saved on your computer and allow us to analyze your usage of the website. The information gathered (e.g. IP address, geographical location, type of browser, duration of the visit and pages viewed) is evaluated by HubSpot on our behalf so that we can generate reports on the visit and the pages viewed and can therefore improve our online presence. If you generally do not want HubSpot to record your activities on our website and our blog, you can deny it in the cookie message appearing during the first visit to our pages.
Any information gathered by us is subject to this Data Privacy Statement. HubSpot is certified under the terms of the “EU – U.S. Privacy Shield Frameworks” and is subject to the TRUSTe’s Privacy Seal as well as “U.S. – Swiss Safe Harbor” framework. This means that any processing of personal data by certified companies in the non-European region conforms to European data protection standards.
More information on HubSpot’s data protection regulations can be found here.
More information by HubSpot regarding the EU data protection regulations can be found here.
More information on the cookies used by HubSpot can be found here.
3.1 Request a quote form on landing pages
Our product-specific landing pages comprise a request a quote form which you can use for fast electronic contacting. Art. 6 (1) lit. f GDPR (legitimate interest) is the legal basis for the processing of contact requests. For our legitimate interest in the processing is to communicate with you and to answer your inquiries in a fast way. If you provide us with your personal data using the contact form, these data are always disclosed on an explicitly voluntary basis. Art. 6 (1) lit. a GDPR serves as a legal basis for the processing in this case. If we process your data in order to perform any pre-contractual measures, Art. 6 (1) lit. b GDPR is the legal basis.
The following data are collected when using the contact form:
- Your e-mail address as well as the project description are mandatory items in order that we can process it and send you an answer.
- Your surname, first name, phone number, and the company name are optional fields. The information is voluntary and is used for a correct and optimal personal address.
Your personal data will exclusively be used to process the conversation and will not be passed on to any unauthorized third parties. The data is stored in our marketing automation tool HubSpot for such a long time until your inquiry or the issue concerned has finally been clarified. Then the data will be deleted, unless the contact request results in an initiation or conclusion of contract. In this case we can and must store your data on the basis of statutory periods. You always have the possibility to withdraw your consent to the processing of your data. All personal data stored in the context of contacting will immediately be deleted in this case.
3.2 Analytical data and reporting
Using Hubspot we can carry out the following analytical collections and evaluations, among other things:
- the activity on our website
- number of page views and dwelling time of the website visitor
- click path of the respective visitor
- downloads of files provided via the website
- visits to landing pages
- opening rates of e-mails
By using the website you declare your consent to the collection of analytical data. You can always unsubscribe from the HubSpot tracking using the “DO NOT TRACK” button in the cookie message.
3.3 Hubspot logfiles
Whenever calling up websites/landing pages created using HubSpot, HubSpot automatically generates so-called logfiles. Among other things, the logfiles can contain the following information: IP address, browser, operating system, internet provider, pages visited, etc. The collection of data serves to optimize the pages, to ensure the security of the web pages as well as to create general statistics on the use of pages created with HubSpot. The data collected automatically are linked with personal data stored in HubSpot. The legal basis for the storage of the data in logfiles is Art. 6 (1) lit. f GDPR. The data will be deleted after 180 days and during this period, only authenticated IT personnel of HubSpot has access to the logfiles.
Cookies are small text files that are stored on your computer. Cookies are used by us to recognize you automatically the next time you visit our website. Cookies do not cause any damage on your computer and do not contain any viruses. Cookies serve to make our offer securer, more user-friendly and more effective. Furthermore cookies allow us to analyse the use of the website.
You can distinguish between first-party cookies and third-party cookies. First-party cookies are those set for our website. All other cookies are third-party cookies. Our web pages use both first-party and third-party cookies.
Not all cookies collect personal data.
Among others, the following personal data can be collected by cookies:
- IP address
- Login information
Among others, the following non-personal data can be collected by cookies:
- Browser language
- Session information
Most of the cookies used by us are so-called “session cookies”. They are automatically deleted after the end of your visit. Other cookies remain stored on your terminal device until you delete them. Furthermore we use analytical cookies. They are used to monitor the anonymized user behavior on the website, e.g. to record the number of visits per page. The data collected will exclusively be used to optimize the performance and design of this website. These cookies are third-party cookies (e.g. Google Analytics). However, the data are collected in anonymized form and are exclusively used by us.
If you principally do not want cookies to be used, you can view and delete the stored cookies in your browser settings and can generally control the handling of cookies. For more detailed information on this please refer to the help function of your browser or the manufacturer of your browser. It cannot be ruled out, however, that important parts of our web pages and the services offered there will no longer work faultlessly if you do not permit any cookies.
The legal basis for the processing of personal data by technically required cookies is Art. 6 (1) lit. f GDPR. The legal basis for the processing of personal data by cookies not technically required (analytical cookies) is Art. 6 (1) lit. a GDPR.
5. Integration of third-party services and contents
On our page we use the component “Google Maps” by Google Inc., 1600 Amphitheatre Parkway, Mountain View, CA 94043 USA (hereinafter referred to as “Google”).
Whenever calling up the “Google Maps” component, Google sets a cookie in order to process user settings and data for displaying the page on which the “Google Maps” component is integrated. This cookie is usually not erased by closing the browser but expires after a certain period, provided you do not manually delete it before.
If you disagree with this processing of your data, you have the possibility to deactivate the service of “Google Maps” and to prevent the transmission of data to Google in this way. For this purpose you have to deactivate the Java Script function in your browser. We would like to point out that you cannot use “Google Maps” in this case or only to a limited extent.
We use “Google reCAPTCHA” (hereinafter referred to as “reCAPTCHA”) on our websites. The provider is Google Inc., 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA (“Google”).
reCAPTCHA serves to check whether the data input on our websites (e.g. in a contact form) is carried out by a person or an automated program. For this purpose, reCAPTCHA analyzes the behavior of the website visitor by means of various characteristics. This analysis starts automatically as soon as the website visitor accesses the website. For the analysis, reCAPTCHA evaluates certain information (e.g. IP address, dwelling time of the website visitor on the website or mouse movements effected by the user). The data acquired during the analysis are passed on to Google.
The reCAPTCHA analyses run completely in the background. Website visitors are not made aware that an analysis is taking place. The data processing is based on Art. 6 (1) lit. f GDPR. The website owner has a legitimate interest in protecting their web offers against abusive automated spying and against SPAM.
Further information on Google reCAPTCHA as well as the data privacy statement of Google can be found at the following links: www.google.com/intl/de/policies/privacy/and www.google.com/recaptcha/intro/android.html.
Our website links to our Facebook appearance as well as to our profiles on LinkedIn. By linking to the respective pages using the icons, no data are transferred to Facebook or LinkedIn.
We would like to point out that you use our Facebook and LinkedIn pages as well as their functions on your own responsibility. This particularly applies to the use of interactive functions (e.g. commenting, sharing, rating). We would like to make you aware that the data collected about you in this context will be processed by Facebook Ltd., and LinkedIn Inc. and in this context might be transmitted to countries outside the European Union.
Which information Facebook or LinkedIn receive and how it is used is described by the providers in general form in their data usage policies. There you can also find information about contact possibilities as well as the setting options for advertisements.
Here you can view the data usage policies:
Our website uses the provider YouTube LLC , 901 Cherry Avenue, San Bruno, CA 94066, USA, represented by Google Inc., 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA, for the integration of videos. Your IP address is sent to YouTube and Cookies are installed on your computer when you call up a page with embedded videos.
Our website may contain hyperlinks to other websites which are not operated by us. We do not monitor these websites and do not assume any responsibility for their contents nor their treatment of personal data.
Whenever calling up our page, our hosting partner (AWS) gathers automated protocols (so-called logfiles). The access data include, among others:
- website visited
- date and time of the website visit
- amount of data transferred
- message about successful retrieval
- browser type
- website visitor’s operating system
- referrer URL (page visited before)
- IP address
The fundamental legal basis for the storage of the data in logfiles is Art. 6 (1) lit. f GDPR. The acquisition of data in order to provide the web pages and the storage of data in logfiles is stringently required for the operation of our internet presence. Therefore you do not have the possibility to object.
8. Your right of access, to erasure, blocking, data portability, objection, to lodge a complaint
At any time you have the right granted by the European legislative and regulatory authority:
- To gratuitous access to your personal data stored, their origin and recipients or categories of recipients to whom the data have been disclosed or will be disclosed, the purpose of the data processing, the storage period or, if that is not possible, the criteria used to determine that period, as well as information on whether your personal data have been transferred to a third country or international organization. Where this is the case, you have the right to get information on the appropriate guarantees related to the transfer.
- To rectification, completion or immediate erasure of your data
- To restriction of processing
- Not to be subject to a decision based solely on automated processing, including profiling, which produces legal effects concerning you or similarly significantly affects you
- To lodge a complaint with a supervisory authority
- Furthermore you can withdraw your consent to the collection and storage of data at any time with future effect.
- On your request we can deliver the personal data stored about you in a commonly used format or transmit them to another controller.