Accountability for content
The contents of our pages have been created with the utmost care. However, we cannot guarantee the contents’ accuracy, completeness or topicality. According to statutory provisions, we are furthermore responsible for our own content on these web pages. In this context, please note that we are accordingly not obliged to monitor merely the transmitted or saved information of third parties, or investigate circumstances pointing to illegal activity. Our obligations to remove or block the use of information under generally applicable laws remain unaffected by this as per §§ 8 to 10 of the Telemedia Act (TMG).

Accountability for Links
Responsibility for the content of external links (to web pages of third parties) lies solely with the operators of the linked pages. No violations were evident to us at the time of linking. Should any legal infringement become known to us, we will remove the respective link immediately.

Copyright
Our web pages and their contents are subject to German copyright law. Unless expressly permitted by law (§ 44a et seq. of the copyright law), every form of utilizing, reproducing or processing works subject to copyright protection on our web pages requires the prior consent of the respective owner of the rights. Individual reproductions of a work are allowed only for private use, so must not serve either directly or indirectly for earnings. Unauthorized utilization of copyrighted works is punishable (§ 106 of the copyright law).

Privacy policy

Thank you very much for visiting our website or for having contacted us in any other way.

For us, personal data protection is particularly important. In principle, the use of the website is possible without any indication of personal data. However, if you wish to make use of an offer from our company online, processing of personal data may be required.

If the processing of personal data is necessary and there is no legal basis for such processing, we generally obtain the consent of the data subject.

The processing of personal data, such as the name, address, e-mail address or telephone number of a data subject, is always in accordance with the current Federal Data Protection Act (BDSG), the EU General Data Protection Regulation (GDPR) effective from 25.05.2018 and the TMG.

With this data protection declaration, our company wants to inform about the nature, scope and purpose of the personal data we process and to inform data subjects about the rights to which they are entitled.

Our company has implemented numerous technical and organisational measures to ensure the most complete protection of the processed personal data. However, Internet-based data transmissions can generally have security gaps, so absolute protection cannot be guaranteed.

Ⅰ.        Definitions

Our company’s privacy policy is based on the GDPR. Our privacy policy should be easy to read and understandable. To ensure this, we will explain the terms used in advance:

1. Personal data

Personal data is “any information relating to an identified or identifiable natural person (hereinafter referred to as the “data subject”); Identifiable is a natural person who can be identified directly or indirectly, in particular by association with an identifier such as a name, identification number, location data, an online identifier or one or more specific characteristics which are an expression of the physical, physiological, genetic, psychological, economic, cultural or social identity of that natural person’ (Article 4(1) GDPR).

2. Affected persons

The data subject is any identified or identifiable natural person whose personal data is processed by the controller.

3. Processing

Processing is any operation or series of operations carried out with or without the help of automated procedures in connection with personal data such as the collection, collection, organisation, ordering, storage, adaptation or modification, reading, querying, use, disclosure by transmission, dissemination or any other form of provision, comparison or linking, restriction, deletion or destruction.

4. Restriction of processing

Restriction of processing is the marking of stored personal data with the aim of restricting their future processing.

5. Profiling

Profiling is any type of automated processing of personal data in which such personal data is used to evaluate certain personal aspects relating to a natural person, in particular to analyse or predict aspects relating to work performance, economic situation, health, personal preferences, interests, reliability, behaviour, place of residence or location of that natural person.

6. Pseudonymisation

Pseudonymisation is the processing of personal data in which the personal data can no longer be assigned to a specific data subject without the use of additional information. This additional information shall be kept separately, subject to technical and organisational measures and thus ensure that the personal data are not assigned to an identified or identifiable natural person.

7. Controller or controller of the processing

The person responsible for processing or the controller is the natural or legal person, authority, body or other body which decides, alone or jointly with others, on the purposes and means of processing personal data.

8. Processor

Processor is a natural or legal person, authority, body or other body that processes personal data on behalf of the controller.

9. Recipient

Recipient is a natural or legal person, authority, body or other body to which personal data are disclosed, whether or not it is a third party. However, authorities which may receive personal data under Union or Member State law under a particular investigative mission shall not be deemed to be recipients.

10. Third party

A third party is a natural or legal person, authority, body or other body other than the data subject, the controller, the processor and the persons authorised to process the personal data under the direct responsibility of the controller or processor.

11. Consent

Consent is any statement of intent voluntarily made by the data subject in an informed and unequivocal manner in the form of a declaration or other unambiguous affirmative act in which the data subject indicates that he or she agrees to the processing of the personal data concerning him or her.

Ⅱ.  Name and address of the person responsible

The controller within the meaning of the General Data Protection Regulation and other national data protection laws of the member states as well as other data protection regulations is:

Dr Walter Rosenbaum

Address: Mevo ha’OlehJerusalem, Israel

Phone: (+97)2547874390

E-Mail: walter.rosenbaum@imageautomationltd.com

Iii.     Name and address of the Data Protection Officer

There is no obligation under Article 37 GDPR and Section 38 of the German Data Protection Act (BDSG) to appoint a data protection officer

Iv.    General information on data processing

1. Scope of processing of personal data

In principle, we only collect and use personal data of our users insofar as this is necessary for the provision of a functional website as well as our content and services. The collection and use of personal data of our users takes place regularly only with the consent of the user. An exception applies in cases where prior consent is not possible for actual reasons and the processing of the data is permitted by statutory provisions.

2. Legal basis for the processing of personal data

Insofar as we obtain the consent of the data subject for processing transactions of personal data, Art. 6 sec. 1 lit. a serves as the legal basis for processing of personal data.

In the case of the processing of personal data necessary for the performance of a contract to which the data subject is a party, Art. 6 sec. 1 lit. b GDPR serves as the legal basis. This also applies to processing operations necessary for the implementation of pre-contractual measures.

Insofar as processing of personal data is necessary for the fulfilment of a legal obligation to which our company is subject, Art. 6 sec. 1 lit. c GDPR serves as the legal basis.

In the event that vital interests of the data subject or another natural person require the processing of personal data, Art. 6 sec. 1 lit. d GDPR serves as the legal basis.

If the processing is necessary to safeguard a legitimate interest of our company or a third party and the interests, fundamental rights and fundamental freedoms of the data subject do not outweigh the first interest, Article 6 (1) lit. f GDPR serves as the legal basis for the processing.

3. Data erasure and storage time

The personal data of the data subject will be deleted or blocked as soon as the purpose of the storage is omitted. Storage may also take place if this has been provided for by the European or national legislator in EU regulations, laws or other regulations to which the controller is subject. The data shall also be blocked or deleted if a storage period prescribed by the aforementioned standards expires, unless there is a need for further storage of the data for the conclusion of a contract or a fulfilment of the contract.

Provision of the website and creation of log files

1. Description and scope of data processing

Every time you access our website, our system automatically collects data and information from the computer system of the calling computer.

The following data is collected:

• Information about the browser type and version used
• The user’s operating system
• The user’s Internet service provider
• The user’s IP address
• Date and time of access
• Websites from which the user’s system enters our website

The data is also stored in the log files of our system. This data is not stored together with other personal data of the user.

2. Legal basis for data processing

The legal basis for the temporary storage of data and log files is Art. 6 sec. 1 lit. f GDPR.

3. Purpose of data processing

The temporary storage of the IP address by the system is necessary in order to enable the delivery of the website to the user’s computer. To do this, the user’s IP address must be stored for the duration of the session.

The storage in log files is done to ensure the functionality of the website. In addition, the data is used to optimize the website and to ensure the security of our information technology systems. An evaluation of the data for marketing purposes does not take place in this context.

In these purposes lies also our legitimate interest in data processing in accordance with Art. 6 sec. 1 lit. f GDPR.

4. Duration of storage

The data will be deleted as soon as they are no longer necessary for the purpose of their collection. In the case of the collection of data for the provision of the website, this is the case when the respective session is terminated.

In the case of the storage of the data in log files, this is the case after seven days at the latest. Additional storage is possible. In this case, the IP addresses of the users are deleted or alienated, so that an assignment of the calling client is no longer possible.

5. Possibility of opposition and disposal

The collection of data for the provision of the website and the storage of the data in log files is absolutely necessary for the operation of the website. Consequently, there is no possibility of objection on the part of the user.

Vi.    Use of cookies

1. Description and scope of data processing

Our website uses cookies. Cookies are text files that are stored in the internet browser or the internet browser on the user’s computer system. When a user accesses a website, a cookie can be stored on the user’s operating system. This cookie contains a characteristic string that allows the browser to be uniquely identified when the website is re-accessed.

We use cookies to make our website more user-friendly. Some elements of our website require that the calling browser can be identified even after a page change.

2. Legal basis for data processing

The legal basis for the processing of personal data using technically necessary cookies is Art. 6 sec. 1 lit. f GDPR.

3. Purpose of data processing

The purpose of using technically necessary cookies is to simplify the use of websites for users. Some functions of our website cannot be offered without the use of cookies. For these, it is necessary that the browser is recognized even after a page change.

We require cookies for the following applications:

• Consent Cookie Use – Cookie Consent
• Sitzungsverfolgung – Session Cookie

The user data collected by technically necessary cookies will not be used to create user profiles. In these purposes, our legitimate interest lies in the processing of personal data in accordance with Art. 6 sec. 1 lit. f GDPR.

4. Duration of storage, possibility of appeal and disposal

Cookies are stored on the user’s computer and transmitted by the user to our site. Therefore, as a user, you also have full control over the use of cookies. By changing the settings in your internet browser, you can disable or restrict the transmission of cookies. Cookies that have already been saved can be deleted at any time. This can also be done automatically. If cookies are deactivated for our website, all functions of the website may no longer be fully utilized.

Vii.  E-mail contact

1. Description and scope of data processing

It is possible to contact us via the e-mail address provided. In this case, the personal data of the user transmitted by the e-mail will be stored.

In this context, the data will not be passed on to third parties. The data is used exclusively for the processing of the conversation.

2. Legal basis for data processing

The legal basis for the processing of the data is Art. 6 sec. 1 lit. a GDPR in the presence of the consent of the user.

The legal basis for the processing of data transmitted in the course of sending an e-mail is Art. 6 sec. 1 lit. f GDPR. If the e-mail contact is aimed at concluding a contract, the additional legal basis for the processing is Art. 6 sec. 1 lit. b GDPR.

3. Purpose of data processing

When contacted by e-mail, the necessary legitimate interest in the processing of the data lies.

4. Duration of storage

The data will be deleted as soon as they are no longer necessary for the purpose of their collection. For the personal data sent by e-mail, this is the case when the respective conversation with the user is finished. The conversation ends when it can be inferred from the circumstances that the facts in question have been finally clarified.

The additional personal data collected during the sending process will be deleted at the latest after a period of seven days.

5. Possibility of opposition and disposal

The user has the possibility to revoke his/her consent to the processing of personal data at any time. If the user contacts us by e-mail, he can object to the storage of his personal data at any time. In such a case, the conversation cannot be continued.

In the event of a revocation, please contact the above-mentioned contact details of our data protection officer by telephone or in writing.

All personal data stored in the course of contacting us will be deleted in this case. The basis for the processing of the data transmitted in the course of sending an e-mail is Art. 6 sec. 1 lit. f GDPR. If the e-mail contact is aimed at concluding a contract, the additional legal basis for the processing is Art. 6 sec. 1 lit. b GDPR.

Xi.    Rights of the data subject

If personal data is processed by you, you are a data protection in the social security of the GDPR and you have the following rights towards the controller:

1. Right of access

You may request confirmation from the controller as to whether personal data concerning you is processed by us.

If such processing is available, you may request the following information from the controller:

(1) the purposes for which the personal data are processed;

(2) the categories of personal data processed;

(3) the recipients or categories of recipients to whom the personal data concerning you has been or is still being disclosed;

(4) the planned duration of the storage of the personal data concerning you or, if specific information is not possible, criteria for determining the storage period;

(5) the existence of a right to rectification or erasure of personal data concerning you, a right to restrict processing by the controller or a right to object to such processing;

(6) the existence of a right of appeal to a supervisory authority;

(7) all available information on the origin of the data where the personal data are not collected from the data subject;

(8) the existence of automated decision-making, including profiling, in accordance with Article 22(1) and (4) GDPR and, at least in such cases, meaningful information on the logic involved and the scope and intended effects of such processing for the data subject.

You have the right to request information as to whether the personal data concerning you will be transferred to a third country or to an international organisation. In this context, you may request that you be informed of the appropriate guarantees in accordance with Article 46 GDPR in connection with the transmission.

2. Right to correction

You have the right to rectification and/or completion to the controller if the personal data processed concerning you is inaccurate or incomplete. The controller must make the correction without delay.

3. Right to restrict processing

You may request the restriction of the processing of personal data concerning you under the following conditions:

(1) if you dispute the accuracy of the personal data concerning you for a period that enables the controller to verify the accuracy of the personal data;

(2) the processing is unlawful and you refuse to delete the personal data and instead request the restriction of the use of the personal data;

(3) the controller no longer needs the personal data for the purposes of the processing, but you need it to assert, exercise or defend legal claims, or

(4) if you have objected to the processing in accordance with Art. 21 sec. 1 GDPR and it is not yet clear whether the legitimate reasons of the controller outweigh your reasons.

Where the processing of personal data concerning you has been restricted, such data may be processed, except for its storage, only with your consent or for the assertion, exercise or defence of legal claims or for the protection of the rights of another natural or legal person or for reasons of an important public interest of the Union or a Member State.

If the restriction of processing has been restricted according to the above conditions, you will be informed by the controller before the restriction is lifted.

Right to erasure

a)     Obligation of erasure

You may require the controller to immediately delete the personal data concerning you, and the controller is obliged to delete such data immediately, provided that one of the following reasons applies:

(1) The personal data concerning you is no longer necessary for the purposes for which it was collected or otherwise processed.

(2) You revoke your consent, on which the processing was based in accordance with Art. 6 sec. 1 lit. a or Art. 9 sec. 2 lit. a GDPR, and there is no other legal basis for the processing.

(3) You object to the processing in accordance with Art. 21 sec. 1 GDPR and there are no primary legitimate reasons for the processing, or you object to the processing in accordance with Art. 21 sec. 2 GDPR.

(4) The personal data concerning you have been processed unlawfully.

5. The erasure of personal data concerning you is necessary to fulfil a legal obligation under Union law or the law of the Member States to which the controller is subject.

(6) The personal data concerning you have been collected in relation to information society services offered in accordance with Article 8(1) GDPR.

b) Information to third parties

If the controller has made the personal data concerning you public and is obliged to delete them in accordance with Art. 17 sec. 1 GDPR, he shall take appropriate measures, including technical measures, taking into account the available technology and implementation costs, to inform data controllers who process the personal data that you, as a data subject, have requested from them the deletion of all links to such personal data or from copies or replications of that personal data.

c) Exceptions

The right to erasure does not exist if the processing is necessary

(1) to exercise the right to freedom of expression and information;

2. to fulfil a legal obligation required by the law of the Union or the Member States to which the controller is subject, or to carry out a task which is in the public interest or in the exercise of official authority delegated to the controller;

(3) for reasons of public interest in the field of public health in accordance with Article 9(2) lit. h and i and Article 9(3) GDPR;

(4) for archival purposes in the public interest, for scientific or historical research purposes or for statistical purposes in accordance with Article 89(1) GDPR, insofar as the law referred to in section (a) is likely to make the achievement of the objectives of such processing impossible or seriously impairs, or

(5) to assert, exercise or defend legal claims.

5. Right to information

If you have asserted the right to rectification, erasure or restriction of the processing against the controller, the controller is obliged to notify all recipients to whom the personal data concerning you have been disclosed, this rectification or deletion of the data or restriction of the processing, unless this proves impossible or involves a disproportionate effort.

You have the right to be informed of these recipients in respect of the controller.

6. Right to data portability

You have the right to receive the personal data concerning you that you have provided to the controller in a structured, common and machine-readable format. You also have the right to transfer this data to another controller without hindrance by the controller to whom the personal data was provided, provided that:

(1) the processing is based on a consent in accordance with Art. 6 sec. 1 lit. a GDPR or Art. 9 sec. 2 lit. a GDPR or on a contract pursuant to Art. 6 sec. 1 lit. b GDPR and

(2) processing is carried out using automated procedures.

In exercising this right, you also have the right to obtain that the personal data concerning you be transferred directly from one controller to another controller, insofar as this is technically feasible. The freedoms and rights of other persons must not be affected by this.

7. Right of objection

You have the right, for reasons arising from your particular situation, to object at any time to the processing of personal data concerning you, which takes place pursuant to Article 6 (1) lit. e or f GDPR; this also applies to profiling based on these provisions.

The controller no longer processes the personal data concerning you, unless he can prove compelling legitimate grounds for the processing that outweigh your interests, rights and freedoms, or the processing serves to assert, exercise or defend legal claims.

If the personal data concerning you is processed for direct marketing purposes, you have the right to object at any time to the processing of personal data concerning you for the purpose of such advertising; this also applies to profiling in so far as it is related to such direct marketing.

If you object to the processing for direct marketing purposes, the personal data concerning you will no longer be processed for these purposes.

You have the opportunity to exercise your right to object in connection with the use of information society services, notwithstanding Directive 2002/58/EC, by means of automated procedures using technical specifications.

8. Right to revoke the declaration of consent under data protection law

You have the right to revoke your declaration of consent under data protection law at any time. The revocation of consent does not affect the legality of the processing carried out on the basis of the consent until the revocation.

9. Automated decision-making on a case-by-case basis, including profiling

You have the right not to use an automated processing

including profiling – a decision that has legal effect against you or similarly significantly affects you.

This does not apply if the decision

(1) is necessary for the conclusion or performance of a contract between you and the controller;

(2) is permitted by Union or Member State legislation to which the controller is subject and that legislation contains appropriate measures to safeguard your rights and freedoms and legitimate interests;

(3) with your express consent.

However, such decisions may not be based on specific categories of personal data under Article 9(1) GDPR, unless Article 9(2) lit. a or g applies and appropriate measures have been taken to protect the rights and freedoms and your legitimate interests.

With regard to the cases referred to in (1) and (3), the controller shall make appropriate

measures to safeguard rights and freedoms and your legitimate interests,

at least the right to obtaining the intervention of a person by the

responsible, on presentation of their own position and on appeal of the decision.

10. Right to complain to a supervisory authority

Without prejudice to any other administrative or judicial remedy, you shall have the right to lodge a complaint with a supervisory authority, in particular in the Member State of your place of residence, place of work or place of the alleged infringement, if you consider that the processing of personal data concerning you is in breach of the GDPR.

The supervisory authority to which the complaint was lodged shall inform the complainant of the status and results of the complaint, including the possibility of a judicial remedy under Article 78 GDPR.

As of 20.10.2020