The Controller

The responsible entity according to Art. 24 GDPR is:

Radviser
70, Panamount Drive, NW, Calgary, Alberta, Canada, T3K 6K6
www.radviser.com

Contact

You may contact us using our contact form or via email to info@radviser.com if you:

• have any questions about this Policy Statement,
• wish to file a complaint about a possible violation of data protection laws,
• have any requests related to your rights, and
• wish to access, correct incomplete, inaccurate or outdated data.

Please note that deletion of information essential to account management and services may result in termination of services provided to you.

We will make every effort to respond to your requests in the shortest possible time, and always in strict compliance with applicable law. In some cases, requests for deletion may not be honored immediately, due to a legal obligation.

Your Rights

First of all, we would like to inform you about your rights as a data subject. These rights are standardized in Art. 15 - 22 GDPR. This includes:

• The right to information (Art. 15 GDPR),
• The right to erasure (Art. 17 GDPR),
• The right to rectification (Art. 16 GDPR),
• The right to data portability (Art. 20 GDPR),
• The right to restriction of data processing (Art. 18 GDPR),
• The right to object to data processing (Art. 21 GDPR).

To assert these rights, please contact us using our contact form or via email to info@radviser.com. The same applies if you have questions about data processing in our company.

You also have the right to lodge a complaint with a data protection supervisory authority. The Office of the Privacy Commissioner of Canada (OPC) is the for Radviser relevant authority in matters of data protection. You have the right to make a complaint at any time to the OPC (www.priv.gc.ca/en). We would, however, appreciate the chance to deal with your concerns before you approach the OPC so please contact us in the first instance.

Legal Bases for Processing

The processing of your personal data may be based on the following legal grounds:

• Art. 6 (1) lit. a) GDPR serves as our legal basis for processing operations where we obtain your consent for a specific processing purpose.
• Art. 6 (1) lit. b) GDPR, insofar as the processing of personal data is necessary for the performance of a contract, e.g., if you purchase a product. The same applies to such processing operations that are necessary for the performance of pre-contractual measures, for example in the case of enquiries about our products or services.
• Art. 6 (1) lit. c) GDPR, insofar as we are subject to a legal obligation that requires the processing of personal data, such as for the fulfilment of tax obligations.
• Art. 6 (1) lit. f) GDPR applies on the basis of our legitimate interests, e.g., when using service providers as part of order processing, such as shipping service providers or when carrying out statistical surveys and analyses and logging registration procedures. Our interest is directed towards the use of a user-friendly, appealing, and secure presentation as well as optimization of our website, which serves our business interests as well as meeting your expectations.

Duration of Storage and Routine Deletion of Personal Data

We process and store your personal data only for the period of time required to fulfil the purpose of storage or if this has been provided for, in laws or regulations. After the purpose has ceased to exist or has been fulfilled, your personal data will be deleted or blocked.

In the case of blocking, deletion will take place as soon as legal, statutory, or contractual retention periods do not conflict with this, there is no reason to assume that deletion would impair your interests worthy of protection and deletion would not cause a disproportionately high expense due to the special nature of the storage.

Log Files

The legal basis for this data processing is Article 6 (1) lit. b) GDPR, as the collection and storage of this data is necessary for the operation of the website in order to ensure the functionality of the website and to deliver the content of our website correctly.

In addition, the data serve us to optimize our website and to ensure the security of our IT systems and the processing is based in this respect on Article 6 (1) lit. f) GDPR. For this reason, the data is stored for a maximum of 7 days as a technical precaution.

We also use this data for the purposes of advertising, market research and to design our services to meet your needs by creating and evaluating user profiles under pseudonyms, but only if you have not exercised your right to object to this use of your data (see information on the right to object under “Your rights“).

Contractual Relationship

In order to establish or implement the contractual relationship with our users, it is regularly necessary to process the personal master data and contract data provided to us. The legal basis for this processing is Art. 6 (1) lit. b) GDPR. We also process customer and prospect data for evaluation and marketing purposes. This processing is carried out on the legal basis of Article 6 (1) lit. f) GDPR and serves our interest in further developing our offer and informing you specifically about our offers. Further data processing may take place if you have consented (Article 6 (1) lit. f) GDPR) or if this serves the fulfilment of a legal obligation (Art. 6 (1) lit. c) GDPR).

Commercial and business services

We process information of our contractual and business partners, e.g., users and interested parties in the context of contractual and comparable legal relationships as well as related measures and in the context of communication with contractual partners (or pre-contractual), e.g., to answer enquiries.

We process this information to fulfil our contractual obligations, to secure our rights and for the purposes of the administrative tasks associated with this information as well as for business organization. We only disclose the information of the contractual partners to third parties within the scope of the applicable law to the extent that this is necessary for the aforementioned purposes or for the fulfilment of legal obligations or with the consent of the contractual partners (e.g., to participating telecommunications, transport, and other auxiliary services as well as subcontractors, banks, tax and legal advisers or tax authorities).

Unless otherwise specified the purposes of processing are Contractual performance and service, contact requests and communication, office and organizational procedures, administration, and response to requests, visit action evaluation, interest-based and behavioral marketing. And the Legal bases are Art. 6 (1) lit. b) GDPR, Art. 6 (1) lit. c) GDPR, and Art. 6 (1) lit. f) GDPR.

Administration, financial accounting, office organization, contact management

We process data in the context of administrative tasks as well as organization of our operations, financial accounting and compliance with legal obligations, such as archiving. In this regard, we process the same data that we process in the course of providing our contractual services. The processing bases are Article 6 (1) lit. c) GDPR, Article 6 (1) lit. f) GDPR. Users, interested parties, business partners and website visitors are affected by the processing. The purpose and our interest in the processing lies in the administration, financial accounting, office organization, archiving of data, i.e., tasks that serve the maintenance of our business activities, performance of our tasks and provision of our services. The deletion of data with regard to contractual services and contractual communication corresponds to the data mentioned in these processing activities. In this context, we disclose or transfer data to the tax authorities, consultants, such as tax advisors or auditors, as well as other fee offices.

Furthermore, based on our business interests, we store information on suppliers, and other business partners, e.g., for the purpose of contacting them at a later date. This data, most of which is company-related, is generally stored permanently.

Information processing for the purpose of fraud prevention and optimization of our processes

Where applicable, we provide our service providers with further information, which they use together with the information necessary for fraud prevention and optimization of our processes This serves to protect our legitimate interests Article 6 (1) lit. f) GDPR in our protection against fraud or in efficient risk management, which outweigh our interests in the context of a balancing of interests.

Technical services

We process the data of our users and clients in order to enable them to select, purchase or commission the selected services as well as associated activities or to execute or provide them. The required information is identified as such in the context of the order, purchase order or comparable contract conclusion and includes the information required for the provision of services and billing as well as contact information.

Unless otherwise specified the purposes of processing are Contractual performance and service, contact requests and communication, office and organizational procedures, administration, and response to requests, visit action evaluation, interest-based and behavioral marketing. And, the Legal bases are Contractual performance and pre-contractual inquiries, Legal obligation, and our Legitimate interests. Art. 6 (1) lit. b) GDPR, Art. 6 (1) lit. c) GDPR, and Art. 6 (1) lit. f) GDPR.

Exercising our rights

Based on Art. 6 (1) lit. c) and Art. 6 (1) lit. f) GDPR, we use and store your personal data and technical information to the extent necessary to prevent or prosecute misuse or other illegal behavior on our website, e.g., to maintain data security in the event of attacks on our IT systems. This also takes place insofar as we are legally obliged to do so, for example due to official or court orders, and for the exercise of our rights and claims as well as for legal defense.

Enquiries by e-mail or contact form

When contacting us via the provided e-mail address or contact form, the personal data transmitted with the e-mail or contact form will be stored. This data is processed exclusively for the purpose of answering the enquiry. The legal basis for the processing is Art. 6 (1) lit. f.) GDPR or Art. 6 (1) lit. b) GDPR if the enquiry is aimed at concluding a contract. The data will be deleted when the purpose of the processing no longer applies, e.g., the enquiry has been conclusively answered. You can object to the processing of your personal data at any time by contacting us using our contact form or via email to info@radviser.com.

Use of customer data for direct marketing purposes

If you have provided us with your e-mail address when using our Services, we reserve the right to regularly send you e-mail offers for similar services. We do not need to obtain your separate consent for this. In this respect, the data processing is carried out solely on the basis of our legitimate interest Art. 6 (1) lit. f.) GDPR in personalized direct advertising. If you have initially objected to the use of your e-mail address for this purpose, we will not send you any e-mails.

You are entitled to object to the use of your e-mail address for the aforementioned advertising purpose at any time with effect for the future by notifying the responsible person named at the beginning. After receipt of your objection, the use of your e-mail address for advertising purposes will cease immediately. If you wish to object to the data analysis for statistical evaluation purposes, you must unsubscribe from the marketing.

Cookies

We use cookies on our websites. Cookies are small text files that are stored on your device and can be read. A distinction is made between session cookies, which are deleted as soon as you close your browser, and permanent cookies, which are stored beyond the individual session. Cookies can contain data that make it possible to recognise the device used. In some cases, however, cookies only contain information on certain settings that cannot be related to a specific person.

We use session cookies and permanent cookies on our websites. The processing is carried out on the basis of Art. 6 (1) lit. f.) GDPR and in the interest of optimizing or enabling user guidance and adapting the presentation of our website. You can set your browser to inform you about the placement of cookies. This makes the use of cookies transparent for you. You can also delete cookies at any time using the appropriate browser settings and prevent the setting of new cookies. Please note that our websites may then not be displayed optimally, and some functions may no longer be technically available.

Insofar as you have given your consent to this in accordance with Art. 6 (1) lit. f.) GDPR, we use the following cookies and other technologies from third-party providers on our website. After the end of the purpose and the end of the use of the respective technology by us, the data collected in this context will be deleted. You can revoke your consent at any time with effect for the future. For further Information on the cookies we use, please refer to our Cookie Policy.

Disclosure of personal data to third parties

Your personal data will only be passed on if there is a legal obligation to do so or to service providers and partner companies that have been carefully selected in advance and are contractually obliged to comply with the requirements of data protection law.

a) Disclosure within affiliated companies pursuant to Art. 6 (1) lit. b) GDPR We pass on your personal data for the conclusion and processing to our affiliated companies. This is particularly necessary so that you can use all our offers. If you contact us with questions, complaints, they will also receive access to your order data in order to be able to process your request.

b) Disclosure to service providers according to Art. 6 (1) lit. b) and f) GDPR For the operation and optimization of our website and our services and for the processing of contracts, various service companies work for us, e.g., for central IT services or the hosting of our website, for the delivery of services or for the dispatch of newsletters, to whom we pass on the data required for the fulfilment of the task (e.g., name, address).

Some of these companies act for us by way of commissioned processing and may therefore use the data provided exclusively in accordance with our instructions. In this case, we are legally responsible for appropriate data protection precautions at the companies we commission. We therefore agree on specific data security measures with these companies and monitor them regularly.

c) Disclosure to other third parties pursuant to Art. 6 (1) lit. c) and f) GDPR We will disclose your data to third parties or government agencies within the framework of existing data protection laws if we are legally obliged to do so, e.g., due to official or court orders, or if we are entitled to do so, e.g., because this is necessary for the prosecution of criminal offences or for the exercise and enforcement of our rights and claims.

Data transfer to third countries

As a Company based in Canada, we take additional measures to ensure an adequate level of data protection for the transfer of personal data in accordance with Art. 44 of the GDPR and thus ensure that the transfer is generally permissible and that the special requirements for a transfer to a third country are met (e.g., by concluding EU standard contracts and additional guarantees, supplementary technical and organizational measures such as encryption or anonymization).

General technical organizational measures

We have taken a variety of security measures to protect personal data to an appropriate extent and adequately. All information held by us is protected by physical, technical, and procedural measures that limit access to the information to specifically authorised persons in accordance with our Privacy Policy and this Statement.

Our website is behind a software firewall to prevent access from other networks connected to the Internet. In addition, only employees who need the information to perform a specific job are granted access to personally identifiable information. These employees are trained in security and privacy practices and treat your information confidentially.

The transmission of your personal data during an order transaction in the online shop is encrypted using industry standard Secure Socket Layer (“SSL“) technology, (SSL encryption version 3).

Changes

This Policy Statement and our commitment to protecting the privacy of your personal data can result in changes to this Policy Statement. Please regularly review this policy to keep up to date with any changes.

Queries and Complaints

Any comments or queries on this Policy Statement should be directed to us. If you believe that we have not complied with this Policy Statement or acted otherwise than in accordance with data protection law, then you should notify us using our contact form or via email to info@radviser.com.