Thank you very much for your interest in our company. Data protection has especially high priority for the management of icgood GmbH. A use of the Internet pages of the icgood GmbH is basically possible without any indication of personal data. Provided one person concerned special services provided by our company via our website in pretension but may require the processing of personal data in order to be carried out. Is the processing of personal data and exists for such processing.
If there is no legal basis for this, we generally obtain the consent of the person concerned.
The person responsible within the meaning of the Basic Data Protection Regulation and other national data protection laws of the member states as well as other data protection regulations is the:
The responsible body alone or jointly with others shall decide on the purposes and means of the Processing of personal data (e.g. names, contact data, etc.).
For security reasons and to protect the transmission of confidential content, which you send to us as the site operator our website uses SSL or TLS encryption. This means that data that you have transmitted via this Website, not readable by third parties. You recognize an encrypted connection by the „https://“ address line of your browser and the lock symbol in the browser line.
We process personal data of our users in principle only, as far as this is necessary for the provision of an website as well as our content and services. The processing personal data of our users is regularly only provided with the consent of the user. An exception in cases where prior consent has not been obtained for factual reasons, the following shall apply and the processing of the data is permitted by legal regulations.
Insofar as we obtain the consent of the data subject for processing personal data, Art. 6 Para. 1 lit. a EU Data Protection Basic Regulation (DSGVO) serves as the legal basis.
Art. 6 para. 1 lit. b DSGVO serves as the legal basis for the processing of personal data required for the performance of a contract to which the data subject is a party. This also applies to processing operations that are necessary for the implementation of pre-contractual measures.
Insofar as the processing of personal data is necessary to fulfil a legal obligation to which our company is subject, Art. 6 para. 1 lit. c DSGVO serves as the legal basis.
If the processing is necessary to safeguard a legitimate interest of our company or a third party and if the interests, fundamental rights and fundamental freedoms of the data subject do not outweigh the first-mentioned interest, Art. 6 para. 1 lit. f DSGVO serves as the legal basis for the processing.
The personal data of the person concerned will be deleted or blocked as soon as the purpose of storage no longer applies. In addition, the data may be stored if the European or national legislator has provided for this in Union regulations, laws or other provisions to which the person responsible is subject. The data shall also be blocked or deleted if a storage period prescribed by the aforementioned standards expires, unless it is necessary for further storage of the data for the conclusion or performance of a contract.
Each time you access our website, our system automatically collects data and information from the computer system of the accessing computer.
The following data is collected:
The data is also stored in the log files of our system. These data are not stored together with other personal data of the user.
The legal basis for the temporary storage of data and log files is Art. 6 para. 1 lit. f DSGVO.
The temporary storage of the IP address by the system is necessary to enable delivery of the website to the user’s computer. For this purpose, the IP address of the user must remain stored for the duration of the session.
The data is stored in log files to ensure the functionality of the website. The data is also used to optimise the website and to ensure the security of our information technology systems. An evaluation of the data for marketing purposes does not take place in this context.
These purposes also include our legitimate interest in data processing pursuant to Art. 6 para. 1 lit. f DSGVO.
The data will be deleted as soon as they are no longer necessary to achieve the purpose for which they were collected. In the case of the collection of data to provide the website, this is the case when the session in question has ended.
If the data is stored in log files, this is the case after seven days at the latest. A storage going beyond this is possible. In this case the IP addresses of the users are deleted or alienated, so that an assignment of the calling client is no longer possible.
The collection of data for the provision of the website and the storage of data in log files is mandatory for the operation of the website. Consequently, there is no possibility for the user to object.
The provider collects data about each access to the online offer (so-called server log files). The access data includes the name of the website accessed, file, date and time of access, amount of data transferred, notification of successful access, browser type and version, the user’s operating system, referrer URL (the previously visited page), IP address and the requesting provider. The provider uses the protocol data without allocation to the person of the user or other profiling according to the legal regulations only for statistical evaluations for the purpose of operation, security and optimization of the online offer. However, the provider reserves the right to subsequently check the log data if there are concrete indications of justified suspicion of illegal use.
It may happen that contents of third parties, such as videos from YouTube, RSS feeds or graphics from other websites are integrated within this online offer. This always presupposes that the providers of this content (hereinafter referred to as „third-party providers“) use the IP address of the user. Without the IP address, they would not be able to send the content to the browser of the respective user. The IP address is therefore required for the presentation of this content. We make every effort to use only those contents whose respective providers only use the IP address to deliver the contents. However, we have no influence on whether the third party providers store the IP address for statistical purposes, for example. As far as this is known to us, we inform the users about it.
Personal data will only be collected and used by the provider if this is permitted by law or if the user consents to the collection of such data. As a rule, when using the service, users can see which data is stored, such as name, e-mail address and message when using the registration form for newsletter registration or use of the contact form. The personal data provided for the purpose of registration for online eye training (such as name, e-mail address, address, payment data) will be used by the provider to fulfill and process the contract. This data is treated confidentially, transmitted in encrypted form and not passed on to third parties who are not involved in the ordering, delivery or payment process. When contacting the provider (by email), the user’s details are stored for the purpose of processing the enquiry and in the event that follow-up questions arise. The provider has taken organizational, contractual and technical security measures to ensure that the provisions of data protection laws are complied with and that accidental or intentional manipulation, loss, destruction or access by unauthorized persons are prevented.
User data will only be forwarded to third parties if this is permitted by law or if a user has consented to this forwarding. This is the case, for example, if the forwarding of data serves the fulfilment of contractual obligations towards the user. Or if the data is requested by competent authorities such as law enforcement authorities. The personal data of the users are not sold or passed on to third parties for advertising purposes or for the purpose of creating user profiles.
The user data collected in this way is pseudonymised by technical precautions. It is therefore no longer possible to assign the data to the calling user. The data are not stored together with other personal data of the user.
The legal basis for the processing of personal data using cookies is Art. 6 para. 1 lit. f DSGVO.
We need cookies for the following applications:
The user data collected by technically necessary cookies are not used to create user profiles.
In these purposes, our legitimate interest lies in the processing of personal data in accordance with Art. 6 para. 1 lit. f DSGVO.
A contact form is available on our website, which can be used for electronic contact. If a user makes use of this possibility, the data entered in the input mask will be transmitted to us and stored. These data are:
The following data will also be stored at the time the message is sent:
Alternatively, you can contact us via the e-mail address provided. In this case, the personal data of the user transmitted with the e-mail will be stored.
The data will not be passed on to third parties in this context. The data will be used exclusively for the processing of the conversation.
The legal basis for the processing of the data is Art. 6 para. 1 lit. a DSGVO if the user has given his consent.
The legal basis for the processing of data transmitted in the course of sending an e-mail is Art. 6 para. 1 lit. f DSGVO. If the purpose of the e-mail contact is to conclude a contract, the additional legal basis for the processing is Art. 6 para. 1 lit. b DSGVO.
The processing of the personal data from the input mask serves us exclusively for the processing of the establishment of contact. If you contact us by e-mail, this is also the necessary legitimate interest in the processing of the data.
The other personal data processed during the sending process serve to prevent misuse of the contact form and to ensure the security of our information technology systems.
The data will be deleted as soon as they are no longer necessary to achieve the purpose for which they were collected. For the personal data from the input mask of the contact form and those sent by e-mail, this is the case when the respective conversation with the user has ended. The conversation is terminated when it can be inferred from the circumstances that the relevant facts have been conclusively clarified.
The additional personal data collected during the sending process will be deleted after a period of seven days at the latest.
The user has the possibility to revoke his consent to the processing of personal data at any time. If the user contacts us by e-mail, he can object to the storage of his personal data at any time. In such a case, the conversation cannot be continued.
E-mails with general, topic-specific and advertising information about the provider and its services will only be sent with the express consent of the user. Users may object to the receipt of the newsletter at any time. An objection possibility can be found, among other things, in every e-mail. Before the newsletter is sent, the e-mail owner receives a confirmation e-mail in which he must confirm the newsletter registration. Subscriptions that have not been confirmed are automatically deleted. Messages within the framework of the contractual relationship with the user do not belong to advertising information. This includes the dispatch of technical information, information on payment processing, queries on orders and comparable messages. Users can subsequently request to be removed from the notification list by sending an e-mail to the above-mentioned contact person. Within the scope of registration, the provider stores the registration and confirmation time as well as the IP address of the user. The provider is legally obliged to log the registrations in order to be able to prove a proper registration.
If you would like to receive the newsletter, free test or free exercise offered on the website, we need an e-mail address from you as well as information which allows us to check that you agree with the owner of the e-mail address provided and with the receipt of the subsequent newsletter.
We use the so-called double opt-in procedure to ensure that the newsletter is sent in an agreed manner. In the course of this procedure, the potential recipient can be added to a mailing list. The user then receives a confirmation e-mail to confirm the registration in a legally secure manner. Only if the confirmation takes place, the address is taken up actively in the distributor.
We use these data exclusively for the dispatch of the requested information and offers.
You can revoke your consent to the storage of data, e-mail address and their use to send the newsletter at any time, for example via the „Unsubscribe“ link in the newsletter.
For this reason, we ask you to inform yourself about our data protection measures at regular intervals by inspecting our data protection declaration.
This website uses the services of MailChimp and Sendinblue to send newsletters. Providers are Rocket Science Group LLC, 675 Ponce De Leon Ave NE, Suite 5000, Atlanta, GA 30308, USA and Sendinblue SAS, 55 Rue dÁmsterdam, 75008 Paris, France.
MailChimp and Sendinblue are services that can be used, among other things, to organize and analyze the sending of newsletters. If you enter data for newsletter subscription purposes (e.g. e-mail address), it will be stored on the MailChimp and Sendinblue servers.
MailChimp is certified according to the „EU-US-Privacy-Shield“. The „Privacy Shield“ is an agreement between the European Union (EU) and the USA which is intended to ensure compliance with European data protection standards in the USA.
With the help of MailChimp and Sendinblue we can analyze our newsletter campaigns. When you open an e-mail sent with MailChimp or Sendinblue, a file contained in the e-mail (so-called web beacon) connects to the servers of MailChimp or Sendinblue. This allows you to determine whether a newsletter message has been opened and which links have been clicked. Technical information is also recorded (e.g. time of retrieval, IP address, browser type and operating system). This information cannot be assigned to the respective newsletter recipient. It is used exclusively for the statistical analysis of newsletter campaigns. The results of these analyses can be used to better adapt future newsletters to the interests of the recipients.
If you do not want an analysis by MailChimp or Sendinblue, you must unsubscribe from the newsletter. For this purpose, we provide a corresponding link in every newsletter message. You can also unsubscribe directly on the website.
Data processing is based on your consent in accordance with Art. 6 Para. 1 lit. a DSGVO. You can revoke this consent at any time by unsubscribing the newsletter. The legality of the data processing operations that have already taken place remains unaffected by the revocation.
The data you have stored with us for the purpose of subscribing to the newsletter will be stored by us until you unsubscribe from the newsletter and will be deleted both from our servers and from the servers of MailChimp and Sendinblue after unsubscribing from the newsletter. Data stored by us for other purposes (e.g. e-mail addresses for the member area) remain unaffected by this.
You can find more details in the data protection regulations of MailChimp and Sendinblue.
You can revoke your consent to the storage of your data and its use to send the newsletter at any time. You can revoke your consent at any time by sending an e-mail to firstname.lastname@example.org or by clicking on the link provided for each newsletter.
Google will use this information on our behalf in order to evaluate the use of our online offer by users, to compile reports on the activities within this online offer and to provide us with further services associated with the use of this online offer and the use of the Internet. Pseudonymous user profiles can be created from the processed data.
We use Google Analytics only with activated IP anonymization. This means that the IP address of the user is shortened by Google within member states of the European Union or in other contracting states of the Agreement on the European Economic Area. Only in exceptional cases is the full IP address transmitted to a Google server in the USA and shortened there.
Further information about the use of data by Google, setting and objection possibilities can be found on the web pages of Google:https://www.google.com/policies/privacy/partners/(„Use of data by Google when using websites or apps of our partners“), https://www.google.com/policies/technologies/ads(„Use of data for advertising purposes“), https://www.google.com/settings/ads(„Manage information that Google uses to show you advertising“)
Due to our legitimate interests in the analysis, optimisation and economic operation of our online service, the so-called „Facebook pixel“ of the social network Facebook, which is operated by Facebook Inc., 1 Hacker Way, Menlo Park, CA 94025, USA, or if you are resident in the EU, Facebook Ireland Ltd., 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland („Facebook“), is used within our online service for these purposes.
Using the Facebook pixel, Facebook is able to determine the visitors of our offer as a target group for the display of ads, so-called „Facebook ads“. Accordingly, we use the Facebook pixel to display the Facebook ads placed by us only to Facebook users who have shown an interest in our website or who have certain features that we transmit to Facebook (also referred to as „pixel events“ and e.g. including the e-mail address of the users). This means that by using the Facebook pixel, we want to ensure that our Facebook ads match the potential interest of users and are not annoying. The Facebook pixel also enables us to track the effectiveness of Facebook ads for statistical and market research purposes by seeing if users were directed to our website after clicking on a Facebook ad.
The Facebook pixel is directly integrated by Facebook when our web pages are accessed and can store a so-called cookie, i.e. a small file, on your device. If you then log in to Facebook or visit Facebook when logged in, the visit to our offer is noted in your profile. The data collected about you is anonymous to us and does not give us any information about the identity of the user. However, the data is stored and processed by Facebook so that a connection to the respective user profile is possible. If we transmit data to Facebook for comparison purposes, this data is encrypted locally on the browser and only then sent to Facebook via a secure https connection. This is done solely for the purpose of comparing it with the data encrypted by Facebook.
If we transmit data to Facebook for comparison purposes, this data is encrypted locally on the browser and only then sent to Facebook via a secure https connection. This is done solely for the purpose of comparing the data with the data encrypted by Facebook.
Facebook processes the data in accordance with Facebook’s data usage guidelines. Accordingly, general information on the presentation of Facebook ads can be found in Facebook’s data usage guideline: https://www.facebook.com/policy.php. Specific information and details about Facebook pixels and how they work can be found in the Facebook help section: https://www.facebook.com/business/help/651294705016616.
You may opt out of Facebook pixel collection and use of your information to display Facebook ads. To do this, you can go to the page set up by Facebook and follow the instructions there on the settings for usage-based advertising: https://www.facebook.com/settings?tabs=adsoder the contradiction about the EU page https://www.youronlinechoices.com/uk/your-ad-choices/erklären. The settings are platform-independent, i.e. they are adopted for all devices, such as desktop computers or mobile devices.
On our pages functions of the service Instagram are integrated. These functions are offered by Instagram Inc., 1601 Willow Road, Menlo Park, CA, 94025, USA. If you are logged into your Instagram account, you can link the contents of our pages to your Instagram profile by clicking the Instagram button. This allows Instagram to associate visiting our pages with your user account. We would like to point out that, as the provider of the pages, we do not have any knowledge of the content of the transmitted data or its use by Instagram.
Legal basis: Art. 6 (1) b DSGVO
The user has the right, upon request and free of charge, to obtain information about the personal data stored about him by the provider. Contact data can be found in the imprint of the provider. In addition, the user has the right to correction of incorrect data, blocking and deletion of his personal data, unless there is no legal obligation to retain.
The provider reserves the right to change the data protection declaration in order to adapt it to changed legal circumstances or in the event of changes to the service or data processing.
On our website we offer payment via PayPal. The provider of this payment service is PayPal (Europe) S.à.r.l. et Cie, S.C.A., 22-24 Boulevard Royal, L-2449 Luxembourg (hereinafter „PayPal“).
If you choose to pay via PayPal, the payment details you enter will be sent to PayPal.
The transfer of your data to PayPal is based on Art. 6 Para. 1 lit. a DSGVO (consent) and Art. 6 Para. 1 lit. b DSGVO (processing to fulfil a contract). You have the possibility to revoke your consent to data processing at any time. A revocation has no effect on the effectiveness of past data processing operations.
If personal data is processed by you, you are the data subject within the meaning of the DSGVO and you are entitled to the following rights vis-à-vis the person responsible.
You can request confirmation from the person responsible as to whether personal data relating to you will be processed by us.
In the event of such processing, you may request the following information from the data controller:
You have the right to request information as to whether the personal data concerning you will be transferred to a third country or to an international organisation. In this context, you may request to be informed of the appropriate guarantees pursuant to Art. 46 DSGVO in connection with the transfer.
You have the right to have your personal data corrected and/or completed by the data controller if the personal data processed concerning you is inaccurate or incomplete. The data controller must carry out the rectification immediately.
Under the following conditions, you may request that the processing of your personal data be restricted:
If the processing of personal data concerning you has been restricted, such data – apart from their storage – may only be processed with your consent or for the assertion, exercise or defence of legal claims or for the protection of the rights of another natural or legal person or for reasons of an important public interest of the Union or a Member State.
If the processing restriction has been limited in accordance with the above conditions, you will be informed by the controller before the restriction is lifted.
You may request the data controller to delete the personal data concerning you immediately and the data controller is obliged to delete this data immediately if one of the following reasons applies:
Personal data relating to you shall no longer be necessary for the purposes for which they were collected or otherwise processed.
If the person responsible has made the personal data concerning you public and is obliged to delete them in accordance with Art. 17 (1) DSGVO, he shall take appropriate measures, including technical measures, taking into account the available technology and the implementation costs, to inform the persons responsible for data processing who process the personal data that you, as the person concerned, have requested them to delete all links to this personal data or copies or replications of this personal data.
The right to deletion does not exist insofar as processing is necessary:
If you have exercised your right to rectify, cancel or limit the processing of your personal data against the controller, the latter is obliged to notify all recipients to whom the personal data concerning you have been disclosed of such rectification, cancellation or limitation, unless this proves impossible or involves a disproportionate effort.
You have the right to be informed of such recipients by the data controller.
You have the right to receive the personal data concerning you that you have provided to the responsible person in a structured, common and machine-readable format. In addition, you have the right to communicate these data to another data controller without being hindered by the controller to whom the personal data was provided, provided that
In exercising this right, you also have the right to request that the personal data concerning you be transferred directly from one responsible person to another responsible person, insofar as this is technically feasible. Freedoms and rights of other persons must not be affected by this.
The right to data transfer does not apply to the processing of personal data necessary for the performance of a task carried out in the public interest or in the exercise of official authority vested in the controller.
You have the right, for reasons arising from your particular situation, to object at any time to the processing of your personal data on the basis of Art. 6 para. 1 lit. e or f DSGVO; this also applies to profiling based on these provisions.
The person responsible will no longer process the personal data concerning you unless he can prove compelling grounds for processing worthy of protection which outweigh your interests, rights and freedoms, or the processing serves to assert, exercise or defend legal claims.
If the personal data concerning you are processed for the purpose of direct marketing, you have the right to object at any time to the processing of the personal data concerning you for the purpose of such advertising; this also applies to profiling insofar as it is connected with such direct marketing.
If you object to processing for direct marketing purposes, the personal data concerning you will no longer be processed for such purposes.
You have the possibility to exercise your right of objection through automated procedures using technical specifications in connection with the use of Information Society services, notwithstanding Directive 2002/58/EC.
You have the right to revoke your declaration of consent under data protection law at any time. The revocation of your consent does not affect the legality of the processing carried out on the basis of your consent until you revoke it.
You have the right not to be subject to any decision based solely on automated processing, including profiling, that has any legal effect on you or similarly significantly affects you. This does not apply if the decision
However, these decisions may not be based on special categories of personal data pursuant to Art. 9 para. 1 DSGVO unless Art. 9 para. 2 lit. a or g DSGVO applies and appropriate measures have been taken to protect the rights and freedoms as well as your legitimate interests.
With regard to the cases referred to in (1) and (3), the person responsible shall take appropriate measures to protect the rights and freedoms as well as your legitimate interests, including at least the right to obtain the intervention of a person on the part of the person responsible, to state his own position and to challenge the decision.
Without prejudice to any other administrative or judicial remedy, you shall have the right to complain to a supervisory authority, in particular in the Member State of your residence, place of work or place of presumed infringement, if you consider that the processing of your personal data is in breach of the DSGVO.
The supervisory authority with which the complaint was lodged shall inform the complainant of the status and outcome of the complaint, including the possibility of a judicial remedy under Article 78 DSGVO.
Status November 2019