Privacy Policy

Ilumae GmbH respects individual privacy and values the confidence of its customers, employees, vendors, consumers, business partners and others. Ilumae GmbH strives to collect, use and disclose Personal information in a manner consistent with the laws of the countries in which it does business, and has a tradition of upholding the highest ethical standards in its business practices. Ilumae GmbH abides by the EU General Data Protection Regulation (GDPR). This GDPR sets forth the privacy principles that Ilumae GmbH follows with respect to transfers of Personal information anywhere in the world, including transfers from the European Economic Area (EEA) to the rest of the world.

1. Scope

This Policy applies to all Personal information received by Ilumae GmbH in any format including electronic, paper or verbal. Ilumae GmbH collects and processes Personal information concerning current and former employees and their respective family members, as well as applicants for employment through its Internet Web sites, electronic mail and manually. Ilumae GmbH is the sole owner of information it collects from current and former employees, applicants for employment, customers, vendors and others. Ilumae GmbH will not sell or share this information with third parties in ways different than what is disclosed in this Policy.

Personal information collected by Ilumae GmbH from employees and applicants for employment is maintained at its corporate offices in 01099 Dresden, Bautzner Str. 104 as well as the local office of the employee or applicant. Ilumae GmbH collects Personal information for, among other things, legitimate human resource business reasons such as payroll administration; filling employment positions; administration and operations of its benefit programs; meeting governmental reporting requirements; security, health and safety management; performance management; company network access; and authentication. Ilumae GmbH does not request or gather information regarding political opinions, religion, philosophy, sexual preference or any other discriminatory factors. To the extent Ilumae GmbH maintains information on an individual’s medical health or ethnicity (as legally required), Ilumae GmbH will protect, secure and use that information in a manner consistent with this Policy and applicable law.

Personal information collected by Ilumae GmbH from prospective customers, consumers, vendors, business partners and others may be maintained at its corporate offices in 01099 Dresden, Bautzner Str. 104 or in other Ilumae GmbH facilities. Ilumae GmbH collects Personal information for, among other things, legitimate business reasons such as customer service; product, warranty and claims administration; meeting governmental reporting and records requirements; maintenance of accurate accounts payable and receivable records; internal marketing research; safety and performance management; financial and sales data; and contact information. All Personal information collected by Ilumae GmbH will be used for legitimate business purposes consistent with this Policy.

2. Definitions

For purposes of this Policy, the following definitions shall apply:

„Data Processor“ means any third party that uses Personal information provided by Ilumae GmbH to perform tasks on behalf of or at the instruction of Ilumae GmbH.

„Ilumae GmbH“ means Ilumae GmbH, its predecessors, successors, subsidiaries, divisions and groups.

„Personal information“ means any information or set of information that identifies or could be used by or on behalf of Ilumae GmbH to identify an individual. Personal information does not include information that is encoded or anonymized, or publicly available information that has not been combined with non-public Personal information.
„Sensitive Personal information“ means Personal information that reveals race, ethnic origin, trade union membership, or that concerns health. In addition, Ilumae GmbH will not collect Sensitive Personal Information unless required by law. However, Ilumae GmbH will treat as sensitive Personal information any information legitimately received from a third party where that third party treats and identifies the information as sensitive.

3. Privacy Principles

The privacy principles in this Policy are based on seven principles.

3.1 NOTICE

Where Ilumae GmbH collects Personal information directly from individuals, it will inform them about the purposes for which it collects and uses Personal information about them, the types of third parties to which Ilumae GmbH discloses that information, and the choices and means, if any, Ilumae GmbH offers individuals for limiting the use and disclosure of their Personal information. Notice will be provided in clear and conspicuous language when individuals are first asked to provide Personal information to Ilumae GmbH, or as soon as practicable thereafter, and in any event before Ilumae GmbH uses the information for a purpose other than that for which it was originally collected. Ilumae GmbH may disclose Personal information if required to do so by law or to protect and defend the rights or property of Ilumae GmbH.

3.2 CHOICE

Ilumae GmbH will require individuals to explicitly consent (a) for the provision of their Personal information to Ilumae GmbH where not already authorized by law, (b) if such Personal information can be disclosed to a third party, and (c) if such Personal information can be used for a purpose other than the purpose for which it was originally collected or subsequently authorized by the individual. Ilumae GmbH will provide individuals with reasonable mechanisms to exercise their choices should requisite circumstances arise.

3.3 DATA INTEGRITY

Ilumae GmbH will use Personal information only in ways that are compatible with the purposes for which it was collected or subsequently authorized by the individual. Ilumae GmbH will take reasonable steps to ensure that Personal information is relevant to its intended use, accurate, complete and current.

3.4 TRANSFERS TO DATA PROCESSORS

Ilumae GmbH will obtain assurances from its Data Processors that they will safeguard Personal information consistently with this Policy. Examples of appropriate assurances that may be provided by Data Processors include: a contract obligating the Data Processor to provide at least the same level of protection as is required by the GDPR. Where Ilumae GmbH has knowledge that a Data Processor is using or disclosing Personal information in a manner contrary to this Policy, Ilumae GmbH will take reasonable steps to prevent or stop the use or disclosure. Ilumae GmbH holds it Data Processors accountable for maintaining the trust our employees and customers place in the company.

3.5 ACCESS AND CORRECTION

Upon request, Ilumae GmbH will grant individuals reasonable access to Personal information that it holds about them. In addition, Ilumae GmbH will take reasonable steps to permit individuals to correct, amend or delete information that is demonstrated to be inaccurate or incomplete, as well as permit individuals to discretionary request the deletion of their Personal data. Any employees that desire to review or update their Personal information can do so by contacting Ilumae GmbH relevant representative.

3.6 SECURITY

Ilumae GmbH will take reasonable precautions to protect Personal information in its possession from loss, misuse and unauthorized access, disclosure, alteration and destruction. Ilumae GmbH protects data in many ways. Physical security is designed to prevent unauthorized access to database equipment and hard copies of sensitive Personal information. Electronic security measures continuously monitor access to our servers and provide protection from hacking or other unauthorized access from remote locations. This protection includes the use of firewalls, restricted access and encryption technology. Ilumae GmbH limits access to Personal information and data to those persons in Ilumae GmbH’s organization, or as Data Processors of Ilumae GmbH, that have a specific business purpose for maintaining and processing such Personal information and data. Individuals who have been granted access to Personal information are aware of their responsibilities to protect the security, confidentiality and integrity of that information and have been provided training and instruction on how to do so.

3.7 ENFORCEMENT

Ilumae GmbH will conduct compliance audits of its relevant privacy practices to verify adherence to this Policy. Any employee that Ilumae GmbH determines is in violation of this Policy will be subject to disciplinary action up to and including termination of employment.

4. Dispute Resolution

Any questions or concerns regarding the use or disclosure of Personal information should be directed to the Ilumae GmbH at the address given below. Ilumae GmbH will investigate and attempt to resolve complaints and disputes regarding use and disclosure of Personal information in accordance with the principles contained in this Policy. For complaints that cannot be resolved between Ilumae GmbH and the complainant, Ilumae GmbH has agreed to participate in any relevant dispute resolution procedures.

5. Internet Privacy

Ilumae GmbH sees the Internet, intranets and the use of other technologies as valuable tools for communicating and interacting with consumers, employees, vendors, business partners and others. Ilumae GmbH recognizes the importance of maintaining the privacy of Personal information collected through Web sites that it operates. Ilumae GmbH’s sole purpose for operating its Web sites is to provide information concerning products and services to the public. In general, visitors can reach Ilumae GmbH on the Web without revealing any Personal information. Visitors on the Web may elect to voluntarily provide Personal information via Ilumae GmbH Web sites but are not required to do so. Ilumae GmbH collects information from visitors to the Web sites who voluntarily provide Personal information by filling out and submitting online questionnaires concerning feedback on the Web site, requesting information on products or services, or seeking employment. The Personal information voluntarily provided by Web site users is contact information limited to the user’s name, home and/or business address, phone numbers and email address. Ilumae GmbH collects this information so it may answer questions and forward requested information. Ilumae GmbH does not sell or share this information with non-Data Processor third parties.

Ilumae GmbH is committed to complying with applicable laws and requirements for the protection of children under the age of 16 years old. Ilumae GmbH Web site users have the option to request that Ilumae GmbH not use information previously provided, correct information previously provided, or remove information previously provided to Ilumae GmbH. Those that would like to correct or suppress information they have provided to Ilumae GmbH should forward such inquiries to: 

Ilumae GmbH
Privacy Representative
Bautzner Str. 104
D-01099 Dresden

The inquiries should include the individual’s name, address, and other relevant contact information (phone number, email address). Ilumae GmbH will use all reasonable efforts to honor such requests as quickly as possible.

Ilumae GmbH Web sites may contain links to other „non-Hitaltech SA“ Web sites. Ilumae GmbH assumes no responsibility for the content or the privacy policies and practices on those Web sites. Ilumae GmbH encourages all users to read the privacy statements of those sites; their privacy practices may differ from those of Ilumae GmbH.

6. Changes to this privacy Policy

The practices described in this Policy are current Personal data protection policies as of 1st May, 2018. Ilumae GmbH reserves the right to modify or amend this Policy at any time consistent with the requirements of the applicable Directives, Regulations, national and local laws’ principles. Appropriate public notice will be given concerning such amendments.