> Bayerisches Laserzentrum GmbH
The security and privacy of your personal data are of great value to the Bayerisches Laserzentrum GmbH. Collecting and processing your personal data happens in consideration of current data-protection laws, in particular the European General Data Protection Regulation (DSGVO).
We collect and process your personal data in order to offer the website mentioned above and our services. This declaration explains how your personal data will be collected and for which purposes it will be used. We also inform you about your options considering your personal data.
1. Responsible body
The responsible body for the collection, processing and use of your personal data according to article 4 (7) DSGVO is
Bayerisches Laserzentrum gemeinnützige Forschungsgesellschaft mbH (blz)
Phone: +49 (0)9131 / 97790-0
2. General use of this website
The hosting services we make use of for this website help us to provide the following services: Infrastructure and platform services, computing capacity, memory capacity and database services, security services as well as technical maintenance services that are applied for the operation of this website.
On this occasion we process / our hosting provider processes inventory data, contact data, content data, contract data, usage data, metadata and communications data of our clients, prospective customers and visitors of this website based on our legitimate interest in efficiently and securely providing our website according to article 6 (1) (1) (f) DSGVO in conjunction with article 28 DSGVO.
2.2 Access data
We collect information about you when using this website. We automatically record information about your usage behavior and your interactions with us. Further, we register data to your computer or mobile device. We collect, save and use data of every access to our online offerings (so-called server log files). The access data include:
- Name and URL of the retrieved file
- Date and time of the access
- Data volume transferred
- Report on successful access (HTTP response code)
- Web browser and browser version
- Operating system
- Referrer URL ( that is the previous page you visited)
- Sites accessed through our website
- Internet service provider of the user
- IP address and requesting provider
We use the log data without correlations or references to persons and forego the profiling for statistical evaluations for the purpose of the operation, security and optimization of our online offerings. Also, the log data are used for the anonymous record of the number of visits to our website (traffic), as well as the extent and type of usage of our website and services. The log data are further used for accounting purposes and counting the number of clicks by our cooperation partners. On the basis of this information, we can provide personalized and location based contents and analyze the data traffic in order to locate and clear faults and optimize our services.
Herein, we have a legitimate interest according to article 6 (1) (1) (f) DSGVO.
We reserve the right to check the log data afterwards at any time if specific indicia point to the suspicion of illegal usage. We store IP addresses within the log files for a limited period of time if this is relevant for security purposes or necessary for the provision or settlement of our services, e.g. when you use one of our offerings. We delete the IP address after cancellation of the order process or the receipt of payment if it is no longer relevant for security purposes. IP addresses are further stored if we have a concrete suspicion of a crime being committed in connection with the usage of our website. Additionally, we store the date and time of your last visit as part of your online account (e.g. the registration, login, clicking on links etc.).
2.3 E-Mail contact
When contacting us (for example via contact form or e-mail), we save your data to process the request and in case there may be follow-up questions. We store and use additional personal data only if you agree to it or without special consent if it is permitted by law.
2.4 Google Web Fonts
This website uses so-called Web Fonts provided by Google in order to uniformly display fonts. When calling up a webpage, your browser will automatically download the necessary Web Fonts into the browser cache to correctly display texts and fonts.
For this purpose your browser has to establish a connection to Google servers. Hereby, Google obtains the information that our website has been called up via your IP address. The use of Google Web Fonts lies within our interest of a uniform and appealing presentation of our web presence. This represents a legitimate interest according to article 6 (1) (1) (f) DSGVO.
If your browser does not support Web Fonts, another standard font will be used by your computer.
Further information about Google Web Fonts can be obtained from
2.5 Legal basis and storage period
The legal basis for processing your data in accordance with the foregoing clause is constituted by article 6 (1) (1) (f) DSGVO. When processing your data our interests lie within assuring the operation and security of our website, analyzing the visitor’s manner while using our website and simplify the use of it.
If not specifically declared we store personal data as long as they are relevant for fulfilling the intended purposes.
3. Your rights as subject to data processing
You have various rights concerning your personal data under the applicable law. If you would like to enforce those rights please send your request via e-mail or post with a clear identification of your person towards the address that has been mentioned in clause 1.
An overview of your rights will be given within the subsequent clauses.
3.1 Right of confirmation and access
You have the right to obtain confirmation as to whether or not any of your personal data are being processed at any time. If this is the case, you have the right to acquire free-of-charge information about and a copy of the personal data that is being stored. Furthermore, you have the right to obtain following the information:
1. processing purposes;
2. categories of personal data that are being processed;
3. recipients or categories of recipients towards whom personal data have been or will be disclosed, in particular recipients from third countries and international organizations;
4. if possible, the planned period of time during which the personal data will be stored, or, if not possible, the criteria for the determination of this period;
5. the right of rectification or erasure of your personal data or the restriction of the processing by the person responsible as well as the right to object to the processing;
6. the existence of a right to appeal directed at a supervisory authority;
7. if your personal data are not directly collected from you, you are guaranteed access to the available information about the data’s origin;
8. the existence of an automatic decision making including profiling according to article 22 (1) and (4) DSGVO and – in those cases – significant information about the involved logic as well as the scope and intended effects of such processing for you;
If personal data are transferred to a third country or to an international organization you have the right to be informed about the given guarantees in connection with the transfer according to article 46 DSGVO.
3.2 Right of rectification
You have the right to demand the immediate rectification of incorrect personal data. In consideration of the purposes, you have the right to demand the completion of incomplete personal data – this is also possible by an additional explanation that you provide for us.
3.3 Right of erasure (“right to be forgotten”)
You have the right to demand that your personal data are deleted immediately; we are also obligated to delete personal data if one of the following reasons applies:
1. The personal data is no longer relevant for the purposes for which they were originally obtained or processed in any way.
2. You revoke the consent on which the processing of your personal data, according to article 6 (1) (a) DSGVO or article 9 (2) (a) DSGVO, has been based and further legal basis for processing personal data is missing.
3. You appeal against the processing of your personal data according to article 21 (1) DSGVO and there are no prior legitimate reasons for the processing of your personal data; or you appeal against the processing of your personal data according to article 21 (2) DSGVO.
4. The personal data has been processed illegally.
8. The deletion of personal data is necessary to fulfill legal obligations under European Union law or under the law of member states which we are subjected to.
9. The personal data have been obtained regarding services provided by the information society according to article 8 (1) DSGVO.
If we have published personal data and are obligated to delete them according to article 17 DSGVO, we will take (technical) measures – in consideration of the available technology and implementation costs – to inform authorities who are responsible for the processing of personal data about your request of deletion of all links to your personal data or copies and replications of those personal data.
3.4 Right of restriction of data processing
You have the right to demand the restriction of the data processing if one of the following conditions is given:
1. You deny the accuracy of your personal data for a period of time which enables us to check the accuracy of the personal data,
2. the data processing is illegal and you reject the deletion of your personal data in order to demand the restriction of the usage of your personal data instead;
3. if we do no longer need the personal data for the purpose of processing, but you require the personal data for assertion, practice or defense of legal claims, or
4. if you have appealed against the data processing according to article 21 (1) DSGVO, as long as it is uncertain whether the legitimate reasons of our company outweigh yours.
3.5 Right of data portability
You have the right to receive the personal data that you have made available to us in a standardized machine-readable format; and you have the right to transfer the personal data to another authorized person without obstruction by us, as long as
1. the data processing is based on your consent according to article 6 (1) (a) DSGVO or article 9 (2) (a) DSGVO or contractually described according to article 6 (1) (b) DSGVO and
2. the processing takes place through automated systems.
In the exercise of the right of data portability, according to clause 1, you have the right to obtain the direct transfer of personal data to another authorized person by us, insofar as this is technically feasible.
3.6 Right of objection
You have the right to object to the legal processing of personal data by us if this is justified by your specific situation and if our interests in the processing of your personal data do not outweigh this situation.
You have the right to object to the processing of your personal data – which is effective on the basis of article 6 (1) (e) and (f) DSGVO – at any time if any reasons are given out of your specific situation; this also applies to profiling according to the afore mentioned regulations. We will no longer process your personal data unless we can prove compelling legitimate grounds for the data processing that outweigh your personal interests, rights and liberties or if the processing serves the assertion, practice or defense of legal claims.
If we process personal data in order to conduct direct advertising, you have the right to object to the processing of your personal data for the purpose of such advertisement at any time; this also applies for profiling, insofar it is linked to direct advertising.
You have the right to object to the processing of personal data concerning you – for scientific or historical research goals or statistical purposes according to article 89 (1) DSGVO – when legitimate reasons out of your specific situation are given unless the data processing is necessary to fulfill a public interest task.
3.7 Automatic decision making including profiling
You have the right to not be subjected to a decision, which is exclusively based automated processing – including profiling – that unfolds legal effects or that affects you substantially in any other way.
An automated processing on the basis of the collected personal data does not occur.
3.8 Right of withdrawal of a consent as required by data-protection law
You have the right to withdraw your consent to the processing of your personal data at any time.
3.9 Right of complaint to a supervisory authority
You have the right to complain to a supervisory authority, especially in the Member State of your place of residence, your workplace or the place of the suspected infringement, if you find that the processing of your personal data is against the law.
4. Data security
We make maximum efforts to secure your personal data in accordance with the current data-protection laws and our technical possibilities.
Your personal data will be encrypted by us before they are sent. This applies to your orders as well as to the customer login. We use the coding system SSL (Secure Socket Layer), but we would like to point out that the data transmission via internet (e.g. when communicating by e-mail) may have security vulnerability. The access to data by third parties cannot completely be secured.
To ensure the protection of your personal data we maintain technical and organizational security measures that are regularly adapted to fit the state-of-the-art.
We further cannot ensure that our offerings are available at certain times; disorders, interruptions or breakdowns cannot be precluded. The servers we use are carefully and regularly secured.
5. Passing on data to third parties, no transmission of data into non-European countries
Fundamentally, we use your personal data solely within our company.
If and insofar we call in third parties to execute trade contracts (e.g. logistic service providers), they will have access to your personal data to the extent in which the transmission is necessary in accordance with their services.
In the event of outsourcing certain parts of the data processing (“order processing”) we oblige external processors contractually to solely use your personal data in line with the requirements of the current data-protection laws and to guarantee the protection of the concerning person’s rights.
The data transmission to institutions or persons outside the European Union, except for the case of clause 2.4 as mentioned in this policy, does not take place and is not planned.
6. Data protection officer
If further questions or concerns about the data protection occur, please contact our data protection officer:
Phone: +49 (0)9131 / 97790-19