Last update: October 20, 2022
Zendar GmbH (“Zendar” or “We” or “Us”) is a technology company developing high-definition radars and related technology. We consider your privacy a top priority and are committed to protecting your privacy at all times. Please read this Policy carefully to understand our policies and practices regarding your information and how we will treat it.
- Scope and Applicability
This Policy describes the types of information we may collect from you or that you may provide when you visit the website Zendar.io (the “Website”), communicate with us through a “zendar.io” email address, or otherwise provide us with information, including through a third party on your behalf (e.g., recruiter) (collectively, the “Communications”), and our practices for collecting, using, maintaining, protecting, and disclosing that information.
- Responsible Party
88239 Wangen im Allgäu, Baden-Württemberg, DE
You can contact our Data Protection Officer by e-mail at [email protected] or by mail at the address shown above.
- Information We Collect About You and How We Collect It
Most of the information we collect from you is in the context of receiving and responding to your inquiries (either through our Website or otherwise through a zendar.io email address), job applications, or in connection with providing you with employment. In particular, we collect Personal Data from the following sources:
- Directly From You: We collect information when you send an inquiry through the “Contact” page on our Website, subscribe for a newsletter, email us directly, submit a job application or resume, in the scope of your employment with the Company, or from your computer when you visit our Website.
- From Third Parties: We collect information from our service providers, such as recruiters, job listing platforms, or HR or payroll platforms.
- Combining Information: We may combine information received from third parties with information already stored.
From these sources, we may collect the following categories of Personal Data in the manner described:
- General identification information – We may process your name, contact information (including home address and phone number), citizenship, and country of residence, date of birth, gender, and languages spoken, when you provide such information to us through the “Contact” page on our Website, when you email us directly, or when you subscribe to receive our newsletter through our Website. We may also receive such information from our third party service providers on your behalf (e.g., recruiters or job listing websites).
- Professional information – We may process information related to your profession including (without limitation) your job title, professional email address and phone number and your role/responsibility when you provide such information to us or apply for a job within the Company either directly or indirectly through a third party on your behalf.
- Information relating to sourcing and procurement – We may process information necessary for the provision of the services or the selling of the products including (without limitation) your contact details and financial details when you provide services or sell products to the Company or when the Company provides services or sells products to you.
- Other Information you choose to share with the Company – We may process Personal Data you choose to share with us, including (without limitation) information you share when you contact us for information about products or services, or inquire about job openings. This includes information provided at the time of requesting information from us, including name, email addresses, employment history, and any attachments.
- IP Address - We may process your IP address, which is necessarily sent from your device to our Website server each time you visit our Website.
- Visitor information – We may process your name, contact details, and car license plate when you visit our premises for the Company’s security.
- Survey results – We may process your responses to questions in our customer surveys upon your consent and/or voluntary submission.
- Proof of identity – We may, in certain circumstances, ask for a copy of your identity card or other proof of your identity (e.g. driver’s license) when you send a data privacy request to us or visit our premises for the Company’s security.
You are not obliged to provide us with your Personal Data and no consequences will arise from not providing it.
- How We Use Your Information and the Legal Basis For Such Use
We only process your Personal Data as described in Section 3 above and when we have a valid legal basis for processing under applicable data protection laws. For example, the main information collected and processed from our Website is information you submit in a request for information or when you subscribe to our newsletter. In both cases, we obtain your consent to collect and process your Personal Data for the purposes submitted (Art. 6 (1) (a) GDPR). Our Website server may collect information, such as your IP address, from your device when you visit our Website. The legal basis for processing this data is the proper and secure provision of the Website as a legitimate interest (Art. 6 (1) (f) GDPR).
We also collect and process information received from our third party recruitment/job listing service providers when you submit information to apply for a job with Zendar. In such cases, we or our service providers obtain your consent to collect and process your Personal Data for the purposes you submitted (Art. 6 (1) (a) GDPR) or, alternatively, have a legal basis under (Art. 6 (1) (b) GDPR), to fulfill our obligations in considering you for employment with the Company.
Similarly, we collect and process your Personal Data when you become employed with Zendar. In that case, we process your Personal Data in order to perform under our employment contract (Art. 6 (1) (b) GDPR). See our Notice at Collection for Applicants and Employees (available under “Privacy Policies” on our Website) for more information on our collection practices for applicant and employee Personal Data.
We may also have a legitimate interest in collecting and processing your Personal Data to, for example, operate our business, purchase or sell goods and services, provide customer service, or to protect Company property or personnel (Art. 6 (1) (f) GDPR).
Finally, we may process your Personal Data when we are required to do so by national or European law (Art. 6 (1) (c) GDPR).
- Disclosure of Your Information
Zendar treats personal data with care and confidentiality. We only pass data to our affiliates and third parties to the extent described here and within the scope of the purpose limitation under data protection law.
Zendar may disclose personal data as described in this Policy to the following categories of recipients:
- To Zendar affiliates: Zendar Inc. is the corporate parent of Zendar GmbH. Due to shared corporate IT systems, and because of the international nature of our business, personal data collected and processed by Zendar GmbH can be shared with or accessed by Zendar Inc. and its subsidiaries for the purposes above.
- To IT and collaboration service providers and other service providers: For technical reasons, we use external IT and related collaboration service providers who provide server infrastructure, IT maintenance tasks, IT solutions (such as cloud services), and/or software solutions on behalf of Zendar. We also use other service providers to support our business. These service providers may have access to the personal data to the extent necessary to perform such services for Zendar. When disclosing your personal data to third parties that will process your personal data on Zendar’s behalf, your personal data will only be disclosed to carefully selected data processors acting on the basis of Zendar’s instructions to comply with the applicable legal and contractual obligations. Such service providers will process the data on our behalf in accordance with this Policy as “processors.”
- If Zendar is under a duty to disclose or share your personal data in order to comply with any legal obligation or to protect the rights, property or safety of Zendar, its customers or others. This includes exchanging personal data with public authorities (including judicial and police authorities) or insurance companies, in the event of, for example, a cyber security incident.
Zendar does not share, sell, rent, or trade personal data for any promotional purposes.
- Data Security
Zendar has implemented appropriate technical and organizational measures to ensure an appropriate security level for the risk involved. The risk analysis takes into account the risk of infringing against the rights of individuals concerned, the costs for implementation, as well as the type, extent, context and purposes of the data processing.
These measures include:
- Monitoring of the Company’s IT systems in order to detect and prevent misuse.
- Storing Personal Data on secure servers behind firewalls.
- Continuous testing, assessing, and reviewing of the Company’s security measures to ensure ongoing confidentiality, integrity, availability, and resilience of processing systems and services in connection with the processing, as well as the effectiveness of the technical and organizational measures for ensuring the security of the processing.
Unfortunately, the transmission of information via the internet is not completely secure. Although we do our best to protect your Personal Data, we cannot guarantee the security of your Personal Data transmitted through the Communications. Any transmission of Personal Data is at your own risk. We are not responsible for circumvention of any privacy settings or security measures contained on the Website or with respect to any Communications.
- How Long is Your Data Stored
Zendar will not retain your Personal Data for longer than is allowed under the applicable data protection laws and regulations or for longer than is justified for the purposes for which it was originally collected. Zendar will delete the personal data when we no longer need it for the purposes for which it was collected, unless Zendar is required by law to keep data for a certain period of time.
- International Data Transfers
Personal Data collected in Germany is stored in Germany or otherwise within the European Economic Area (“EEA”). In addition, due to shared corporate systems, and because of the international nature of our business, Personal Data collected and processed by Zendar GmbH may be shared with, accessed by, and/or stored with Zendar GmbH’s corporate parent, Zendar Inc. and its subsidiaries and service providers, and/or may be collected directly by Zendar Inc., outside of the EEA and UK, including the United States of America (and, specifically, within the State of California).
Where personal data is collected, transferred, and/or stored outside of the EEA and the UK, Zendar guarantees compliance with the current standard contractual clauses of the European Commission. Appropriate safeguards are thus established to ensure an appropriate level of data protection outside the European Union as well.
If you wish to receive more information relating to the transfers of your personal data outside the EEA and the UK and/or the safeguards that have been implemented, you can contact the Zendar Data Privacy Officer or [email protected].
- Your Data Privacy Rights Under the GDPR
In the context of the processing of personal data, data subjects are entitled to the following rights under GDPR:
- Right of access: The right pursuant to Art. 15 GDPR to obtain information from the data controller as to whether or not personal data conercing you are being processed. Where that is the case, you have the right to obtain access to the personal data and information on how they are processed.
- Right to rectification: The right pursuant to Art. 16 GDPR to obtain from the controller without undue delay the rectification of inaccurate personal data as well as the right to have incomplete personal data completed.
- Right to erasure (“right to be forgotten”): The right to pursue Art. 17 DSGVO to obtain from the controller the erasure of personal data concerning you without undue delay, if the conditions of this provision are met.
- Right to object: The right pursuant to Art. 21 GDPR to object at any time to processing of personal data which is based on legitimate interests pursuant to Article 6 (1) 1 (f) GDPR. In case of an objection to the processing, the personal data will no longer be processed for these purposes, unless compelling legitimate grounds for the processing can be demonstrated which override the interests, rights, and freedoms of the data subject.
- Right to restriction of processing: The right pursuant to Art. 18 GDPR to obtain restriction of processing, if the conditions of this provision are met.
- Right to data portability: The right pursuant to Art. 20 GDPR to receive the personal data in a structured, commonly used and machine-readable format, and the right to transmit those data to another controller, if the conditions of this provision are met.
- Right to lodge a complaint with a supervisory authority: Without prejudice to any other administrative or judicial remedy, the data subject that considers the processing of personal data relating to him or her infringes the General Data Protection Regulation has the right pursuant to Art. 77 GDPR to lodge a complaint with a supervisory authority, in particular in the Member State of his or her habitual residence, place of work or place of the alleged infringement.
You can exercise the foregoing rights at any time by contacting us (see contact details above under Section 2).
- Right to Object
You also have the right to object to the processing of your personal data that we process based on legitimate interests as described in Section 4 above. If you file an objection, we will, based on the information provided, re-evaluate the grounds for the processing and whether they outweigh your interests, rights and freedoms or the processing, e.g. where the processing is necessary to assert, exercise, or defend legal claims or to fulfill a legal obligation, and, if possible, stop further processing and delete your data if this is not the case. You can exercise this right by contacting us (see contact details above under Section 2).
- Contact Information
If you have any questions or comments about this notice, the ways in which the Company collects and uses your information described here, your choices and rights regarding such use, or wish to exercise your rights under applicable privacy law, please do not hesitate to contact us as set forth in Section 2.