Personal Information You Provide | We receive and store any information you enter on our Website or give us in any other way.

We receive and store any information you enter on our Website or give us in any other way. When you contact us via the Website or register for one of our events or webinars (“Events”), we receive any information you provide us, for example:

• Information such as your name, address, email, job title, and telephone number which you provide to us through form submissions, events, feedback, and inquiries.
• Information you share with us as part of any event and webinar registrations.
• When you contact us via the ‘contact us’ forms or when you request to unlock a download section on our website, we collect the following information: your full name, email address, phone number, place of employment, job title, state/country of residence, and any other information you choose to provide us.

We may also receive certain contact information about you from organizers of Events that you have attended.

Personal Information We Collect | We automatically log ‘traffic/session’ information, such as the IP address that your device uses and your browser or operating system identifiers. We collect session durations and additional activity and usage information.

Like many websites, we use “cookies”, clear gifs, and similar technologies and obtain information when your browser interacts with our websites. For further information about cookies, please see our Cookies and Similar Tracking Technologies Policy.

Examples of the information we collect and analyze include the Internet Protocol (IP) address used by your device to connect your device to the Internet and automatically sent by your browser to our Services; login details; e-mail address; password; device and connection information such as browser type, version, and time zone setting, browser plug-in types and versions, operating system, and platform.

Other examples of usage information that we collect are your activity events, non-personal usage statistics (for example, time of usage, number of clicks on each link, etc.), crash reports, information regarding your browsing history and web activities, and other information regarding the use of the Service.

How We Use Personal Information | We use Personal Information to provide and maintain the Website, make it better and continue developing it, and protect us and the Website from misuse and law violations.

We collect and receive Personal Information to provide the Website, to enable the Website’s tools and features, to enhance users’ experience with the Website, to analyze the functionality of the Website and users’ activities, to provide support, to maintain the Website, and to continue making it better.

We will use your email address to contact you when necessary, send you reminders, and provide you with information and notices about the Website. We will include commercial and marketing information about our services.

We obey the law and expect you to do the same. If necessary, we will use Personal Information to enforce our terms, policies, and legal agreements, to comply with court orders and warrants, and assist law enforcement agencies, to collect debts, and prevent fraud, misappropriation, infringements, identity thefts, and any other misuse of the Service, and to take any action in any legal dispute and proceeding.

We commit to process Personal Information solely for the purposes described in this policy.

Sharing Personal Information With Others | We use service providers to operate, manage, and protect the Website. We will share personal data when we change our corporate structure, if required by law, judicial, or administrative order, or when necessary to protect individuals and public safety or to prevent violations of our rights.

We do not sell, rent or lease Personal Information. We will share Personal Information only subject to the terms of this policy or subject to your prior consent.

To support the purposes of using Personal Information under this policy, we will share Personal Information with service providers, business partners, and certain other third parties, including:

• Operations service providers that, for example, host and back up content, provide analytics related to the use of the Website, authentication, and secure logins, log activities, manage our production and development activities, operate our systems, networks, and databases, and enable cyber security and fraud detection and prevention. 
• Communications and marketing service providers, for example, we will use a service provider to manage our email message transmission or to enrich user data in order to improve your user experience.
• Our affiliates within the UVeye group.
• Law enforcement, courts, agencies, authorities, and other relevant entities. We will comply with court orders, search warrants, regulatory orders, and subpoenas and provide information in response to lawful requests by public authorities, including to meet national security or law enforcement requirements. We will also report uploaded content provided by you to us if we have a good-faith belief that the content or the sharing of the content is illegal, abusive, or violates third-party rights.
• Other entities as part of a merger, acquisition, or any other corporate structural change.

Any such third party will commit to protecting your privacy as required under applicable law and this policy. 

Note that the privacy practices of these service providers are subject to their own privacy policies, and they may further use Personal Information as detailed in their privacy policies.

Aggregated and Analytical Information | Aggregated data is not identifiable. We use it for legitimate business purposes.

We use standard analytics tools. The privacy practices of these tools are subject to their own privacy policies, and they use their own cookies to provide their service (for further information about cookies, please see the ‘Cookies’ section in this policy).

We use Google Analytics, and we will use additional or other analytics tools from time to time to learn about how users use the Website in support of our Website-related activities and operations. For further information about Google Analytics privacy practices, please read their Privacy Policy at: http://www.google.com/analytics/learn/privacy.html.

You can also read How Google uses data when you use Google partners’ sites or apps at: www.google.com/policies/privacy/partners/.

We use anonymous, statistical, or aggregated information and will share it with our partners for legitimate business purposes. It has no effect on your privacy because there is no reasonable way to extract data from such information that we or others can associate specifically with you.

We will share Personal Information related to you only subject to the terms of this policy or subject to your prior consent.

Your Choice | You may opt out of our mailing lists and terminate your use of the Website. Our Website does not respond to Do Not Track (DNT) signals.

We provide you with choice and control over how we use Personal Information in connection with various aspects of our processing, as follows: 

Please contact us via our contact form available at: https://www.uveye.com/contact-us/ if you would like to stop receiving our newsletter or marketing emails. At any time, you can also unsubscribe from our mailing lists or newsletters by following the unsubscribe instructions included in these emails.

You can manage your preferences relating to cookies and similar technologies on our Website by following the instructions in our Cookies and Similar Tracking Technologies Policy.

At any time, you can stop using the Website, and we will stop collecting any respective Personal Information from you or about you. However, we will store and continue using or making available certain personal information that is related to you. For further information, please read the section titled “Data Retention” in this policy.

Some web browsers offer a “Do Not Track” (“DNT”) signal to indicate your preference for tracking your activities on the Website or through cross-site online activities. These features are varied, with no uniform or common standard adopted yet by industry groups or regulators. Therefore, our Website does not currently respond to DNT signals. We continue to monitor developments around DNT technology and the implementation of a standard.

If you wish to exercise any of your rights in relation to Personal Information related to you, including exercising your choices or opt-out rights, please contact us via our contact form available at: https://www.uveye.com/contact-us/.

Accessing Personal Information related to you | At any time, you can request access to Personal Information related to you that we keep by contacting us.

If you find that Personal Information related to you is inaccurate, incomplete, or not up to date, please provide us the necessary information to correct it.

At any time, you can contact us via our contact form available at: https://www.uveye.com/contact-us/ and request to access Personal Information related to you that we keep. We will ask you to provide us with certain credentials to make sure that you are who you claim to be and will make good-faith efforts to locate Personal Information related to you that you request to access.

Under your right of access, you can obtain confirmation from us of whether we are processing personal information related to you, and receive a copy of that data so that you can:: 

• verify its accuracy and the lawfulness of its processing.
• Request the correction, amendment, or deletion of Personal Information related to you if it is inaccurate or if you believe that the processing of Personal Information related to you is in violation of applicable law.

We will use judgment and due care to redact Personal Information related to others from the information which we will make available to you.

Your EU Data Subject Rights | If EU data protection laws and regulations apply to the processing of Personal Information related to you by us, further terms apply to our processing in relation to your rights as a data subject under EU data protection laws.

If EU data protection laws apply to the processing of personal information related to you by us, then the following terms apply:

The term “Personal Data”, as used under this chapter, will have the same meaning as under Regulation (EU) 679/2016 (“GDPR”), and will also include the term “Personal Information”, as such term is used under the other sections of this policy.

We process Personal Data related to you for the following lawful grounds: 

• All processing of Personal Data related to you which is not based on the lawful grounds indicated below are based on your consent. 
• We process your account and payment details to perform the contract with you. 
• We will process Personal Data related to you to comply with a legal obligation and to protect your and others’ vital interests. 
• We will further rely on our legitimate interests, which we have a good-faith belief that are not overridden by your fundamental rights and freedoms, for the following purposes:

• Communications with you, including direct marketing where you are our client or a user of our client, or where you contact us through our Website or other digital assets. 
• Cyber security.
• Support, customer relations, service operations.
• Enhancements and improvements to your and other users’ experience with our Website.
• Fraud detection and misuse of the Website.

In addition to your rights under other sections in this policy, you have the following rights:

• AT AMY TIME, CONTACT US IF YOU WANT TO WITHDRAW YOUR CONSENT TO THE PROCESSING OF PERSONAL DATA RELATED TO YOU. PLEASE NOTE, HOWEVER, THAT EXERCISING THIS RIGHT WILL NOT AFFECT THE LAWFULNESS OF PROCESSING BASED ON CONSENT BEFORE ITS WITHDRAWAL.
• Request to delete or restrict access to Personal Data related to you. We will review your request and use our judgment, pursuant to the provisions of the applicable law, to reach a decision about your request. 
• If you exercise one (or more) of the above-mentioned rights in accordance with the provisions of applicable law, you may request to be informed that third parties that hold Personal Data related to you, in accordance with this policy, will act accordingly.
• You may ask to transfer Personal Data related to you in accordance with your right to data portability.
• You may object to the processing of Personal Data related to you for direct marketing purposes. Additional information about this right is available under the section titled “Choice” in this policy.
• You have the right not to be subject to a decision based solely on automated processing, including profiling, which produces legal effects concerning you or similarly significantly affects you.
• You have a right to lodge a complaint with a data protection supervisory authority of your habitual residence, place of work, or of an alleged infringement of the GDPR.

A summary and further details about your rights under EU data protection laws are available on the EU Commission’s website at: https://ec.europa.eu/info/law/law-topic/data-protection/reform/rights-citizens_en.

Note that when you send us a request to exercise your rights, we will need to reasonably authenticate your identity and location. We will ask you to provide us with credentials to make sure that you are who you claim to be and will ask you further questions to understand the nature and scope of your request.

If we need to delete Personal Data related to you following your request, it will take some time until we completely delete residual copies of Personal Data related to you from our active servers and from our backup systems.

Please note, however, that if we delete certain Personal Data related to you or if you object to the processing of Personal Data related to you, you may not be able to access all portions or features of the Website.

If you have any concerns about the way we process Personal Data related to you, you are welcome to contact us via our contact form available at: https://www.uveye.com/contact-us/. We will investigate your inquiry and make good-faith efforts to respond promptly. 

EU Representative

If you are located in the European Economic Area (EEA), please note that we have authorized our affiliated company, UVeye GmbH, which may be reached at UVEye GmbH, Plug & Play München, Haus 10, Balanstraße 73,81541 München, as our designated representative.

Specific Provisions For U.S. residents | If you reside in the United States, further terms apply to our processing in relation to your rights as a data subject under US Privacy Laws.

This section applies solely to all users of the Website who reside within the United States of America (“U.S.”). We adopted this section to comply with U.S. state privacy laws (“U.S. Privacy Laws”), and any terms defined under U.S. Privacy Laws will have the same meaning when used in this section. This chapter supersedes any contradicting provisions under the other sections of this policy.

Personal Information That We Collect

We have collected the Personal Information related to you, which is described above under the section titled “Personal Information You Provide” and “Personal Information We Collect” in this policy, and includes inferences drawn from any of the above-mentioned information.

We obtain the categories of Personal Information related to you listed above from the following categories of sources:

• Directly and indirectly from you and your activity on the Website.
• Third parties such as reliable service providers.

We use the Personal Information related to you that we collect or receive for the purposes mentioned under the section titled “How We Use Personal Information” in this policy.

We disclose personal information related to you to third parties for business purposes as described under the section titled “Sharing Personal Information With Others” in this policy.

Please note that the above list includes the categories of Personal Information that we are aware of. We may have been collecting other categories of Personal Information which you have uploaded to our Service, as further described above under the section titled “Personal Information You Provide”.

Sensitive Personal Information

We do not knowingly collect sensitive Personal Information, we do not collect or process sensitive Personal Information for the purpose of inferring characteristics about you, and we do not sell sensitive Personal Information or share sensitive Personal Information for cross-context behavioral advertising. 

For the purpose of applicable laws under this section of the policy, Sensitive Personal Information means: 

• A consumer’s social security, driver’s license, state identification card, or passport number.
• A consumer’s account log-in, financial account, debit card, or credit card number in combination with any required security or access code, password, or credentials allowing access to an account.
• A consumer’s precise geolocation.
• A consumer’s racial or ethnic origin, religious or philosophical beliefs, or union membership.
• The contents of a consumer’s mail, email, and text messages unless we are the business that is the intended recipient of the communication.
• A consumer’s genetic data.
• The processing of biometric information for the purpose of uniquely identifying a consumer.
• Personal Information collected and analyzed concerning a consumer’s health.
• Personal Information collected and analyzed concerning a consumer’s sex life or sexual orientation.

Our Business Purpose for Collecting Personal Information Related to You

We collect Personal Information related to you for various business purposes, such as to provide you with the Website and make it better, all as described under the section titled “How We Use Personal Information” in this policy.

The Categories of Sources from Which Personal Information related to you is Collected

We obtain the categories of Personal Information listed above from various sources, including directly from you and from your Website activities, and from third-party service providers, as further described above under the sections titled “Personal Information You Provide” and “Personal Information We Collect” in this policy. 

The categories of Personal Information collected by these third parties in the preceding 12 months include identifiers, online activities, and inferences drawn from such activities.

Selling and Sharing Personal Information

We may share Personal Information related to you with various third parties, such as our service providers and our affiliates, as further described under the section titled “Sharing Personal Information with Others” in this policy. 

We do not sell or share Personal Information. However, we engage third parties to provide us with services such as analytics, marketing automation, and user experience and allow them to collect personal information on our Website.

We do not knowingly sell or share the Personal Information of consumers who are under 16 years of age.

These third parties do not pay us for collecting such information, but the right granted to them to collect Personal Information may be considered as disclosure for the purpose of sale or sharing for cross-context behavioral advertising under U.S. Privacy Laws. At any time, you can opt out of the collection of Personal Information by such service providers by contacting us.

Your rights as a U.S. Resident

In addition to your rights under other sections under this policy, if you are a resident of the U.S., you are also entitled to the following specific rights under U.S. Privacy Laws regarding Personal Information related to you:

• Access to specific Personal Information and data portability rights: You have the right to request that we disclose certain information to you about our collection and use of Personal Information related to you over the past 12 months. Upon verification of your request, we will disclose to you:

• The categories of Personal Information we collected about you.
• The categories of sources for the Personal Information we collected about you.
• Our business or commercial purpose for collecting such Personal Information.
• The categories of Personal Information that we disclosed for a business purpose and the categories of third parties with whom we disclosed that particular category of Personal Information.
• The specific pieces of Personal Information that we collected about you.
• If we disclose Personal Information related to you for a business purpose, we will provide you with a list that will identify the Personal Information categories that each category of recipient obtained.

• Deletion rights: You have the right to request that we delete any portion of Personal Information related to you. Upon confirmation of your request, we will delete such Personal Information related to you from our records unless an exception under U.S. Privacy Laws applies.
• Non-discrimination: You also have the right not to be discriminated against for exercising your rights under U.S. Privacy Laws.

Exercising Your Rights

To exercise the rights described above, please submit your request to us via our contact form available at: https://www.uveye.com/contact-us/. Only you or a person authorized to act on your behalf may make a request related to Personal Information related to you. A request for access can be made by you only twice within a 12-month period.

The verifiable consumer request must provide sufficient information that allows us to reasonably verify you are the person about whom we collected Personal Information or an authorized representative and describe your request with sufficient detail that allows us to properly understand, evaluate, and respond to it.

We cannot respond to your request or provide you with the requested Personal Information if we cannot verify your identity or authority to make the request and confirm the Personal Information related to you. We will only use the Personal Information provided in your request to verify your identity or authority to make the request.

We will do our best to respond to your request within 30 days of its receipt. If we require more time (up to additional 30 days), we will inform you of the reason and extension period in writing. 

Any disclosures we provide will only cover the 12-month period preceding receipt of your request. The response we provide will also explain the reasons we cannot comply with a request, if applicable.

We do not charge a fee to process or respond to your request unless it is excessive, repetitive, or manifestly unfounded. If we determine that the request warrants a fee, we will inform you of the reasons for such a decision and provide you with a cost estimate before completing your request.

We will not require that you create an account in order to exercise your rights under this policy, and we will not increase the cost of any relevant service we provide you or decrease the availability, of our Website, based solely on the fact that you have chosen to exercise one of your rights under U.S. Privacy Laws.

After receiving our reply, you may appeal our decision by contacting us. We will review your appeal and provide you with our answer and our explanation of the reasons for our decision(s) within 60 days of receiving it. We will also provide you with a link (to the extent available) where you may submit a complaint with the relevant competent supervising authority.

Data Retention | We retain personal information to provide the Website and for legitimate and lawful purposes.

We retain different types of Personal Information for different periods, depending on the purposes for processing the information, our legitimate business purposes, as well as pursuant to legal requirements under applicable law.

We will maintain your contact details to help us stay in contact with you. At any time, you can contact us via our contact form available at: https://www.uveye.com/contact-us/ and request to delete your contact details. Note that we may keep your details without using them unless necessary, and for the necessary period, for legal matters.

We will keep aggregated non-identifiable information without limitation, and to the extent reasonable, we will delete or de-identify potentially identifiable information when we no longer need to process the information.

In any case, as long as you use the Website, we will keep information about you unless the law requires us to delete it or if we decide to remove it at our discretion, according to the terms of this policy.

Transfer of Personal Information Outside Your Territory | We store and process information in various sites throughout the globe, including in Israel, the EU, and the U.S. Our service providers provide us with adequate security and confidentiality commitments.

We store and process information in various sites throughout the globe, including in Israel, the EU, and the U.S., and in sites operated and maintained by cloud-based service providers in the United States and the EU and from time to time, we will make operational decisions which will have an impact on the sites in which we maintain personal information.

We make sure that our third-party service providers provide us with adequate confidentiality and security commitments in accordance with applicable data protection laws, and we will take all steps reasonably necessary to ensure that Personal Information related to you is treated securely and in accordance with this policy.

If you are a resident in a jurisdiction where the transfer of Personal Information related to you to another jurisdiction requires your consent, then you provide us your express and unambiguous consent to such transfer. You can contact us via our contact form available at: https://www.uveye.com/contact-us/ for further information about data transfers.

If you are located in the EEA, note that we will transfer personal data related to you to other jurisdictions which are not deemed to provide an adequate level of data protection. In such cases, we will use appropriate safeguards, in particular, by way of entering into the European Union (EU) Standard Contractual Clauses as amended from time to time with the relevant recipients or by adhering to equivalent data transfer regulations to protect the security and confidentiality of such Personal Information. You can obtain a copy of the suitable safeguards that we use when transferring Personal Information as described above or receive further information about data transfers from the EEA by contacting us via our contact form available at: https://www.uveye.com/contact-us/.

Information Security | We implement systems, applications, and procedures to secure Personal Information related to you, to minimize the risks of theft, damage, loss of information, or unauthorized access or use of information.

We and our hosting services implement systems, applications, and procedures to secure Personal Information related to you to minimize the risks of theft, damage, loss of information, or unauthorized access or use of information.

These measures provide sound industry-standard security. However, although we make efforts to protect your privacy, we cannot guarantee that the Website will be immune from any wrongdoings, malfunctions, unlawful interceptions or access, or other kinds of abuse and misuse.

Should, despite our security measures, a security breach occurs that is likely to result in a risk to the data privacy of a data subject, we will inform the relevant data subjects and other affected parties, as well as relevant authorities, when required by applicable data protection and privacy laws, about the security breach as soon as reasonably possible.

The measures we take include:

• Safeguards: Physical, electronic, and procedural safeguards we employ to protect Personal Information such as secure servers, firewalls, antivirus, and SSL encryption of data. 
• Access Control: We dedicate efforts to the proper management of system entries and limit access only to authorized personnel on a need-to-know basis of least privilege rules, review permissions quarterly, and revoke access following employee termination.
• Internal Policies: We maintain and regularly review and update our privacy and information security-related policies. 
• Personnel: We require new employees to sign non-disclosure agreements according to applicable law and industry customary practice. 
• Encryption: We encrypt the data in transit using secure https protocols. 
• Standards and Certifications: We hold and maintain ISO 27001 (Information Security Management) certification.
• Database Backup: Our databases are backed up on a periodic basis for certain data and are verified regularly. Backups are encrypted and stored within the production environment to preserve their confidentiality and integrity, are tested regularly to ensure availability, and are accessible only by authorized personnel.

Changes to This Policy | We will update our policy from time to time after giving proper notice.

We will update this policy from time to time. If the updates have minor, if any, consequences, they will take effect 10 days after we post a notice on our Website. Substantial changes will be effective 30 days after we initially posted the notice.

Until the new policy takes effect, if you believe that it materially reduces the protection of your privacy rights under the then-existing policy, you can choose not to accept it and terminate your use of the Website. Continuing to use the Website after the new policy takes effect means that you agree to the new policy. Note that if we need to adapt the policy to legal requirements, the new policy will become effective immediately or as required by law.