Privacy Policy

Privacy Policy and Data Protection Information

In the following,

LUCID Vision Labs GmbH
Renntalstr. 14
D-74360 Ilsfeld
sales(a)thinklucid.com
1-833-465-8243

registered with the company register at the local court (Amtsgericht) Stuttgart, registry number: HRB 764125
legally represented by its managing directors Rod Barman and Victor Mok.

(hereafter “LUCID Vision Germany or we”)

provides information on its processing of personal data pursuant to Art. 13 and 14 of the European General Data Protection Regulation (“GDPR”).

The terms used in the following such as e.g. “controller” have the meaning as defined in GDPR, art. 4.

A.  Contact details of our Data Protection Officer

Please direct all questions to:

LUCID Vision Labs
Data Protection Officer
Address: 130-13200 Delf Place, Richmond B.C.
Phone: 1-833-465-8243
Email: privacy(a)lucidvisionlabs.com

Table of Contents

B.   Categories and Sources of Personal Data

We process the following (categories of) personal data :

Categories of personal data processed Types of personal data within category Source of personal data
Online Customer Data
a) Online Sales Inquiry forms
b) Online Marketing Email sign-up form
c) Online Technical Support form
d) Online Registration form
e) Online Checkout form		 a) First and Last Name, Email, Phone, Company Name, Country
b) First and Last name, Email, Company Name, Country
c) First and Last name, Email, Country, Subject Line, Message
d) First and Last name, Email, Company, Country, IP address
e) Billing and Shipping address		 a) https://thinklucid.com/contact-us/
b) https://thinklucid.com/sign-up/
c) https://thinklucid.com/support/
d) https://thinklucid.com/my-account/
e) https://thinklucid.com/checkout/
On Location Events
a) Badge Scanning
b) Business Card Collection		 a) First and Last Name, Email, Phone, Company Name, Job Title, Company Address, Company Industry
b) First and Last name, Email, Phone, Company Name, Job Title		 a, b) Trade shows, events, conferences
Website Usage Data
Google Analytics / Google Adsense Our site uses Google GA4 web analysis, product of Google Inc., 1600 Amphitheatre Parkway, Mountain View, CA 94043. Google analytics is set to anonymize IP addresses. The IP anonymization is enabled and your IP address is then abbreviated by Google before being transferred within the member states of the European Union or other parties to the Agreement on the European Economic Area. Accessing and using https://thinklucid.com, https://support.thinklucid.com, https://patents.thinklucid.com website.

C. Intended Purposes of Processing and Legal Basis for Processing

We process the (categories of) personal data (indicated above in section B.) for the following purposes and on the following legal basis. Where applicable, the legitimate interests pursued by us or by a third party are indicated as well.

Categories of personal data  Intended purpose of processing Legal basis for processing Recipients
Online Customer Data
All our online forms (a), (b), (c), (d), (e) are intended for managing business relationships with business partners and to further facilitate legitimate business interests.

For our (d) Online Registration form (https://thinklucid.com/my-account), we collect the IP address for security reasons and may choose to block website login entry based on the number of attempts or other security threats. IP addresses are kept for 15 days unless an address is added to our security blacklist.

For our (e) Online Checkout form (https://thinklucid.com/checkout/), we collect shipping and billing address and store them in our servers. However, credit card number, credit card expiry date, credit card CVS number and credit card name are not stored on our servers. Credit card information is processed by Global Payments for USD ($) currency orders and Saferpay by SIX Payment Services AG for EURO (€) orders.

 Art. 6 para. 1 lit. (f) GDPR; LUCID’s reasonable business interest is the facilitation of the management of its business relationships with business partners.
Recipients for this information are the Sales and Marketing departments of LUCID Vision Labs. This information is stored in ZOHO CRM Cloud services with servers located in the USA and EU. Company address of ZOHO Corporation is 4141 Hacienda Drive, Pleasanton, California 94588, USA. For more information of ZOHO GDPR compliance please visit https://www.zoho.com/lp/gdpr.html
For customers who follow through with a purchase either by phone, email or our online checkout (e), personal data is transferred to LUCID internal ERP system with servers located in the Canadian office. No credit card information is stored in our system. Online credit card information is processed either through Global Payments or Saferpay by SIX Payment Services through our site by a secure hosted payment portal (HPP) by an iFrame. Global Payments Realex Payments is a PCI DSS v3.2.1-compliant HPP solution and fully PCI level 1-compliant. Saferpay by SIX Payment Services is PCI DSS v3.2.1-compliant HPP. Both payment gateways employ 3-D Secure 2.0.
On Location Events
Badge scanning and business card collection (a), (b) are intended for managing business relationships with business partners and to further facilitate legitimate business interests.
 Art. 6 para. 1 lit. (f) GDPR; LUCID’s reasonable business interest is the facilitation of the management of its business relationships with business partners.
Recipients for this information are the Sales and Marketing departments of LUCID Vision Labs. This information is stored in ZOHO CRM Cloud services.
For customers who follow through with a purchase, personal data is transferred to LUCID internal ERP system with servers located in the Canadian office.

Website Usage Data

 

 To evaluate your use of the LUCID website, to compile reports about website activity, and to provide further information about the website use and the services connected to Internet use with respect to LUCID Vision Labs. Art. 6 para. 1 lit. (f) GDPR; LUCID’s reasonable business interest is the improvement of LUCID’s website and user experience therein. The Marketing department of LUCID, located in the Canadian office, will be the recipient of this information.

D. Transfer of personal data to third countries and / or international organizations

We intend to transfer personal data to the following third countries (countries outside the European Economic Area) and / or international organisations:

Categories of personal data Third country / international organization Recipient(s) Existence or absence of adequacy decision / appropriate or suitable safeguard
Online Customer Data, On Location Events Canada

Sales, Marketing, and Accounting Departments of LUCID Vision Labs, inc.

 There is an adequacy decision by the Commission on the basis of Directive 95/46, art. 25, para 6 for Canada (2002/2/EC: Commission Decision of 20 December 2001; http://data.europa.eu/eli/dec/2002/2(1)/oj)
Customer Order Number Global Payments or SIX Payment Services

Global Payments – Realex Payment Gateway
SIX Payment Services – Saferpay

 LUCID Vision Labs stores no credit card details on our web servers. All credit card information is processed through either Global Payment Realex Payments or Saferpay by SIX Payment Services. Global Payments Realex Payments is a PCI DSS v3.2.1-compliant redirect solution and fully PCI level 1-compliant. Saferpay by SIX Payment Services is a PCI DSS v3.2.1-compliant redirect solution using 3-D Secure 2.0
Online Customer Data, On Location Events Japan

Sales and Marketing Departments of LUCID Vision Labs, G.K.

 EU Standard Contractual Clauses ‘controller-to-controller’. Adequacy talks are ongoing with Japan
Website Usage Data Canada

Marketing Department of LUCID Vision Labs, inc

 There is an adequacy decision by the Commission on the basis of Directive 95/46, art. 25, para 6 for Canada (2002/2/EC: Commission Decision of 20 December 2001; http://data.europa.eu/eli/dec/2002/2(1)/oj)

E.  Automated decision-making, including profiling

We do not use any automated decision-making or automated profiling. We use general profiling: e.g. segmentation, and non-automated decision-making based on general profiling.

F. Period for which personal data will be stored

The period for which personal data will be stored is listed in the following or is determined by the following criteria:

Categories of personal data
(refer to section B above for category details)		 Period for which personal data will be stored / criteria determining time period
Online Customer Data 6 years unless requested by user. IP address collected from (d) Online registration form is kept for 15 days.
On Location Events 6 years unless requested by user.

Website Usage (Google Analytics)

 Website usage data will be kept for 50 months.

G.   Requirement or obligation to provide personal data and consequences of failure to provide such data

The provision of the following personal data is a statutory or contractual requirement/obligation, or a requirement necessary to enter into a contract:

Categories of personal data processed Requirement / obligation Possible consequences of failure to provide such data
Online Customer Data, On Location Events We require this customer data to respond to your product or company inquiry from the closest corresponding LUCID Sales region and LUCID Sales Specialist. Without this data, LUCID will be unable to communicate with you or will be unable to communicate with relevant information or wrong regional language.
Website Usage Data This data is needed to continuously improve and update the website experience for users. LUCID will be unable to improve the website user experience.

H.   Cookies Use and Cookie Policy

Refer to our cookie policy for North American users: https://thinklucid.com/cookie-policy-ca/

Refer to our cookie policy for EU users: https://thinklucid.com/cookie-policy-eu/

I.   Rights of the data subject

I.    Access, rectification, erasure, restriction, data portability

With regard to the processing of personal data, you have the following rights:

Right to access means the right to obtain from us whether your data are being pro-cessed and, where applicable, have access to further information on the processing (GDPR, art. 15).

Right to rectification and right to erasure means the right to obtain the rectification of inaccurate and/or incomplete personal data concerning you, as well as the erasure of data when the request is legitimate (GDPR, art. 16 and 17).

Right to restriction of processing means the right to request suspension of the processing when the request is legitimate (GDPR, art. 18).

Right to data portability means the right to obtain personal data concerning you in a structured format, ordinary used and readable, as well as the right to transfer such data to other controllers (GDPR, art. 20).

II.     Right to object

You have the right to object on grounds relating to your particular situation, at any time to processing of personal data concerning you which is based on Art. 6(1) (e) or (f) GDPR (see section C above), including profiling based on those provisions pursuant to Art. 21 (1) GDPR.

Where personal data are processed for direct marketing purposes (see section C above), you have the right to object at any time to processing of personal data concerning you for such marketing, which includes profiling to the extent that it is related to such direct marketing pursuant to Art. 21 (2) GDPR.

III.     Right to withdraw consent

Where the processing is based on your consent (GDPR, art. 6, para. 1, subpapara (a) or GDPR, art. 9, para. 2, subpara (a); see section C above), you have the right to withdraw consent at any time, without affecting the lawfulness of processing based on consent before its withdrawal.

IV.     Right to lodge a complaint

You have the right to lodge a complaint with a supervisory authority if you consider that the processing of personal data relating to you infringes the GDPR (Art. 77 GDPR).

Please visit our Opt Out Preferences to make changes and/or request any of the above.

As of: May 28th, 2024