Data privacy notice

ZEISS Optical Inserts are designed with protection of your privacy in mind and to ensure you keep in control of your data. It's important to know that when you order ZEISS Optical Inserts, we process certain personal data about you and your product, including refraction values and order details. Take a moment to read through and fully understand how your data is managed and protected.

To process an order for ZEISS Optical Inserts and to provide related support services ZEISS Vision International GmbH and Apple concluded a Joint Controller Agreement to share certain responsibilities for compliance with data protection laws.

In connection with your order for ZEISS Optical Inserts, Carl Zeiss Vision International GmbH (“ZEISS Vision Care”, “We”) processes personal data received from our partner Apple and provided by you which includes the eyeglass prescription, order information and other personal information.

This section of the privacy notice refers specifically to the processing of your personal data by Zeiss Vision Care in connection with your order for ZEISS Optical Inserts. If you wish to contact us, use the ZEISS privacy contact form.

What types of personal data do we process?

In connection with your order for ZEISS Optical Inserts we will collect and process the following categories of your personal data:

• Identity Data including first name and last name, delivery address, contact email address, phone number and your approximate age range.
• Health Data including your refraction values provided in the order form or contained in your eyeglass prescription (which also may include your address and date of birth).
• Order Data including the contents of your ZEISS Optical Inserts order such as frame personalization values.
• Support and Warranty Data including details about any product support requests you make along with relevant details of the request and resolution, details of your product warranty cover and of any claims you have made under the product warranty.

We only process your data if there is a legal basis for the processing. This is either your consent, because it is necessary for the performance of a contract concluded with you or where it is necessary for our compliance with a legal obligation.

Processing of Health Data

Your eyeglass prescription and refraction values are personal health data. We may process this data only with your explicit consent. This processing is required to fulfill your order, e.g. for manufacturing purposes as well as for other purposes related to the preparation and future servicing of ZEISS Optical Inserts, including for quality control, and for customer and warranty support. For manufacturing, only the refraction values are required. These values will be tied to a unique identifier, but not to any data that directly identifies you during the manufacturing of the ZEISS Optical Inserts in our production entity in China. This allows us to manufacture your individual optical inserts while safeguarding your privacy.

Withdrawal of Consent

You may withdraw your consent to further use and disclosure of your personal data by ZEISS Vision Care at any time by completing the ZEISS privacy contact form.

Consequences of consent withdrawal

The withdrawal of the consent you have given to process your health data to produce the ZEISS Optical Inserts has the following effects:

• If your withdrawal reaches us before the initiation of, or during the production of your ZEISS Optical Inserts, this may prevent ZEISS from completing your ZEISS Optical Insert order (if not yet complete) or providing related services.
• If the ZEISS Optical Inserts have already been manufactured and prepared for dispatch, the delivery will take place.

What happens if you refuse to provide us with your personal data?

We need certain personal data to be able to fulfill the contract with you. We also have to process certain personal information to comply with our legal obligations. As a result, if you do not provide the requested mandatory information we will not be able to fulfill your order.

Where do we receive your personal data from?

We receive identity information from Apple, as well as eyeglass prescription data or your refraction values uploaded by you via Apple's platform in order to manufacture and deliver the ZEISS Optical Inserts. We do not collect any other personal data about you from third parties.

We will subsequently collect personal data directly from you if necessary, including when:

• You submit a product support request.
• You submit a warranty claim.

Why do we process your personal data?

We will process your personal data for different purposes at different stages. However, we will only process your personal data for one of the following purposes:

• Processing and delivery of your order, including the analysis of your eyeglass prescription to check if it can be used in the subsequent manufacturing process,
• Generating and providing pairing data and the unique pairing code to pair Apple Vision Pro to the ZEISS Optical Inserts,
• Processing of your personal data as may be necessary to comply with the law,
• Handling your support and warranty requests.

We use appropriate technical and organizational measures to ensure the security and confidentiality of your personal data during our processing actions.

We further ensure that your personal data shall not be kept for longer than is necessary after the purpose(s) of processing have been completed.

Automated decision making

We do not make decisions about you based solely on automated processing in connection with your purchase of ZEISS Optical Inserts.

As a website or webshop operator, ZEISS collects data about accesses to our websites and webshops and stores this data as so-called "server log files". The legal basis for this data processing is to safeguard the legitimate interests of ZEISS.

In some cases, ZEISS has an interest in the secondary use of certain data. In order to be able to use this data, it is anonymized prior to secondary use. In general this processing is based on the legitimate interests of ZEISS or the consent of the affected persons for sensitive data.

In some cases, there is a desire to use data originating from our customers for purposes other than those originally intended. To enable this, the data must be anonymized before it can be reused. This means that all personal information is removed or altered so that it is no longer possible to identify individual persons. This procedure ensures that it is no longer possible to identify individual persons. In this way, we can use anonymized data to improve our products or analyze trends without identifying individual persons.

The anonymization of personal data is based on ZEISS's legitimate interest in improving the quality of our products and services.

The anonymization of sensitive data, such as health data, religious beliefs, or origin, is only carried out exclusively with the express consent of the user.

When you apply to ZEISS, you necessarily provide us with personal data and consent to the processing of this data as part of the application process. The legal basis for this data processing is the fulfillment of a contract or the implementation of pre-contractual measures, unless otherwise described in the individual process steps.

Categories of data

As part of the application process, we process the following categories of personal data about you:

• Information that you provide to us when setting up your candidate home account, including your full name, login credentials, contact information, curriculum vitae, additional documents, work experience, qualifications and skills (“Profile Data”).
• Publicly available professional data about you, such as data that are published in business and employment oriented social networks or websites such as LinkedIn and Xing (“Professional Social Network Data”).
• Information that you actively provide to us further in the application process for a specific open position and related information collected by us from you during your interviews and (online) assessments (“Application Data”).

We do not ask you to provide us with special categories of personal data (i.e. information about racial or ethnic origin, political opinions, religious or philosophical beliefs, trade-union membership, health or sexual orientation) as part of your Data, unless explicitly required or permitted by law in each case. In case you provide us with special categories of personal data, you hereby explicitly consent to the processing of this data as described herein.

Purposes of Processing and Legal Basis

Application & Referral Process

During the application & referral process, we process your personal data for several key purposes:

• Application Processing: To manage and evaluate your application effectively.
• Qualifications Assessment: To assess your qualifications and personal experience relevant to the position.
• Information and Invitations: To provide you with information, materials, and invitations related to your profile and potentially interesting positions.

The processing of your personal data for these purposes is based on the fulfillment of a contract or the implementation of pre-contractual measures.

Candidate Pool Database

Your data may also be stored in our candidate pool database for broader recruitment purposes (e.g. contacting you regarding new, interesting job opportunities):

• Profile Storage: To store your candidate profile, including all information provided in your CV and other application materials.
• Data Sharing: To share your data with relevant stakeholders within ZEISS locations globally for recruitment purposes.
• Communication: To contact you via email or other communication channels to inform you about new job openings that match your profile.

This processing is based on your consent. You have the right to withdraw your consent at any time without any disadvantage to current applications. Please contact the recruiting team for any questions or to exercise your right to withdraw. The legality of the data processing carried out until the revocation remains unaffected by the withdrawal.

Job Alert

By setting up a job alert, you can receive notifications via email about relevant job openings without having to manually search for them.

The processing of your data for Job Alert purposes is based on your consent. You have the right to withdraw your consent at any time. The legality of the data processing carried out until the revocation remains unaffected by the withdrawal.

Pre-Employment Screening

ZEISS companies may conduct pre-employment screening for individual job applications to ensure compliance with existing sanctions and to prevent industrial espionage:

• Security Checks: Publicly available data on the internet may be used to identify critical connections to states listed on the SMBS list according to §13(1)(17) SÜG (including Russia, North Korea, Iran, China).
• Validation Checks: Your application details may be authenticated to verify their accuracy.

The data processing for pre-employment screening is legitimized based on the legitimate interests of the ZEISS company.

Recipients of Processing

You have the choice to decide to which ZEISS company your data is disclosed. By default, access is granted only to those who require it to fulfill their responsibilities related to filling positions within the company. With your consent your profile data is shared with relevant stakeholders within the ZEISS locations globally for recruitment purposes.

Personal data may be disclosed to carefully selected IT suppliers and other service providers acting as processors on behalf of ZEISS. These partners are required to implement reasonable security measures to protect your personal information and are prohibited from using it beyond the specified purposes.

Data processing primarily occurs on servers located in the European Union. Occasionally, processing may occur in countries outside Europe, as permitted by law.

Storage of Data

Depending on the purpose of processing, your data will be retained for a period ranging from 1 month to 3 years. All data will be securely deleted or anonymized after the retention period, unless further retention is required by law or necessary for the establishment, exercise, or defense of legal claims.

ZEISS offers apps for mobile devices that can collect personal data. This data processing is based on your consent. You have the right to revoke your consent at any time with effect for the future.

ZEISS offers various apps for mobile devices (iOS and/or Android) that can collect personal data. This personal data is required for the function of the respective app.

Apps on mobile devices can gain access to functions of the end device if required and with the consent of the user. Each app that ZEISS offers will ask you for consent to use the required functions. These functions may include, but are not limited to, the following:

• Calendar
• Contacts
• Camera
• Location
• Audio (output & microphone)
• Phone
• SMS/MMS
• Memory
• Possibly other sensors

This processing is based on your consent. You have the right to revoke your consent at any time with effect for the future.

arivis Cloud (formerly APEER) is a cloud-based, AI-driven platform designed specifically for microscopy image analysis. This data processing is based on the fulfillment of a contract or the implementation of pre-contractual measures.

arivis Cloud (formerly APEER) is a cloud-based, AI-driven platform designed specifically for microscopy image analysis. It provides cutting-edge solutions to address the challenges of image analysis by enabling effortless AI model training for users from both industry and academia.

The suite is a collection of easy-to-use applications, that automate time-consuming tasks and allow for quick and accurate data processing. arivis Cloud streamlines research efforts by automating image analysis tasks and ensuring reproducibility. The platform also facilitates result sharing and integration with other tools, including several other ZEISS products. With a focus on accessibility and user-friendliness, arivis Cloud leverages AI to unlock the full potential of your research and accelerate the pace of discovery.

This data processing is based on the fulfillment of a contract or the implementation of pre-contractual measures.

ZEISS offers cashback programs for selected products. When you participate in these programs, your data is processed on the basis of the applicable terms and conditions. This data processing is based on the fulfillment of a contract or the implementation of pre-contractual measures.

If you contact ZEISS via a contact form, we collect certain personal data to respond to your request. This data processing is based on the your consent, the performance of a contract or the implementation of pre-contractual measures, a legal obligation or the legitimate interest of ZEISS.

ZEISS wants to make it easy for you to contact us. We therefore offer contact forms on our websites for various types of inquiries.

Depending on the purpose of the individual form, you will be asked to provide the data we need to answer your request. This is usually your name and your e-mail address for contacting you; we may collect further contact data such as telephone number or address as well as other data to help us respond to your request.

Purpose of the contact form and associated legal basis:

• Marketing or sales enquiry
  Marketing or sales inquiry forms are used to inform interested parties or potential customers about products or services or to advertise them (see also processing purpose "Newsletter"). This data processing is based on your consent. You have the right to revoke your consent at any time with effect for the future.
• Customer inquiry
  Customer inquiry forms can be used by existing customers to ask questions about products or services or support requests, for example about products or services. This data processing is based on the fulfillment of a contract or the implementation of pre-contractual measures.
• Data privacy request
  The data privacy request form is offered to enable interested parties or customers of ZEISS to exercise the rights of the data subject, e.g. to request information about stored personal data or to request for the deletion of this data. This data processing is based on a legal obligation that ZEISS must comply with.
• General request
  General inquiry forms can be used to ask ZEISS general questions or concerns that do not fall into one of the other categories. This data processing is based on the legitimate interests of ZEISS.

All data collected will be used exclusively for the processing for the respective purpose and will not be used for any other purpose.

If you participate in one of our events, the processing of your personal data may become necessary for your participation for processing and billing reasons. This data processing is based on your consent, the fulfillment of a contract or the implementation of pre-contractual measures or the legitimate interests of ZEISS. You have the right to revoke your consent at any time with effect for the future.

ZEISS offers various forums on specific specialist topics. These specialist forums are intended to offer users the opportunity to exchange thoughts, experiences and helpful tips with other users. This data processing is based on your consent. You have the right to revoke your consent at any time with effect for the future.

Identity and access management at ZEISS allows you to easily log in via our “ZEISS ID” system or various single sign-on providers and offers central management of your identity for all ZEISS applications. This allows customers, partners, suppliers, and employees to access the services they need securely and conveniently. Personal data is processed based on your consent or the fulfillment of a contract or the implementation of pre-contractual measures or based on the legitimate interests of ZEISS.

The purpose of the ZEISS learning platforms is to provide learning content, organize learning processes, support learning scenarios and track learning progress when processing learning content. Various personal data are processed for this purpose. This data processing is based on your consent. You have the right to revoke your consent at any time with effect for the future.

ZEISS uses personal data for direct marketing measures if you have given us your consent for the marketing measures or if we have received your e-mail address in the course of purchasing one of our products. You have the right to object to this use at any time with effect for the future. This data processing is based on your consent or the legitimate interests of ZEISS. You have the right to revoke your consent at any time with effect for the future.

MyZEISS is ZEISS Vision Care's central customer portal designed to facilitate seamless business interactions between ZEISS Vision Care and its customers, specifically Eye Care Professionals. The legal basis for data processing within MyZEISS is the fulfillment of a contract.

With the purchase of ZEISS lenses, you can receive a consumer card* from your optician or can register your product on MyZEISS Vision. Using the product number of your order you can verify that the lenses purchased are genuine ZEISS brand. With prior registration to ZEISS ID you can register your product using the unique identifier of your order and obtain an extended warranty in MyZEISS Vision, if available in your market.

“ZEISS Online Vision Screening” and “My Vision Profile” are applications designed to allow their usage without ZEISS processing personal data of yours. If you choose to provide personal data, this data processing is based on your consent. You have the right to revoke your consent at any time with effect for the future.

Personal data that ZEISS receives in connection with requests for quotations, order processing, etc. is used to process the respective business transactions. This data processing is based on the fulfillment of a contract or the implementation of pre-contractual measures.

For the processing of payments from contractual relationships, we offer our customers secure payment options and use other payment service providers in addition to banks. This data processing is based on the fulfillment of a contract or the implementation of pre-contractual measures.

For some ZEISS products ZEISS provides a warranty of two years from the date of purchase. For some of these products this warranty period can be extended to three years if the product is registered via ZEISS online registration within four weeks of the date of purchase. This data processing is based on the fulfillment of a contract or the implementation of pre-contractual measures.

ZEISS may record telephone conversations, chat sessions or online meetings to improve service quality or for internal documentation purposes. This data processing is based on your consent. You have the right to revoke your consent at any time with effect for the future.

ZEISS informs you that MS Teams meetings may be recorded, and Microsoft 365 Copilot may be used for transcription, summarization, and note-taking of the meetings. This includes the recording of images and voices of the participants and the processing of such data by Microsoft 365 Copilot. This data processing is based on your consent or to safeguard the legitimate interests of ZEISS. You have the right to revoke your consent at any time with effect for the future.

In order to analyze and find a solution to the problem you have contacted our support team about a ZEISS employee may have to connect to your system's computer. This data processing is based on the fulfillment of a contract or the implementation of pre-contractual measures.

ZEISS offers you extensive contact and information options via our presence in social media. These social media services may independently collect personal data, e.g. via your created profile. In the process, data is also processed outside the European Union. This data processing is based on the legitimate interests of ZEISS.

ZEISS may invite you to participate in customer surveys. If you provide personal data in a questionnaire or survey, ZEISS may use this personal data to improve its own products and services. This data processing is based on your consent or the legitimate interests of ZEISS. You have the right to revoke your consent at any time with effect for the future.

In order to conduct competitions, ZEISS collects personal data of the participants to determine the winner. This data processing is based on your consent. You have the right to revoke your consent at any time with effect for the future.

ZEISS monitors security-relevant areas inside and outside buildings and premises using video recording. As soon as you are in the detection range of the cameras, you are the subject of this data processing. This data processing is based on the legitimate interests of ZEISS.

Virtual Try-on gives recommendations for glasses frames based on their virtual avatar. This data processing is based on your consent. You have the right to revoke your consent at any time with effect for the future.

In our webshops you can order different products. For the processing of the order process, various personal data are processed. This data processing is based on the fulfillment of a contract or the implementation of pre-contractual measures.

For some services on our websites, personal data is processed. This data processing is based on your consent or the legitimate interests of ZEISS. You have the right to revoke your consent at any time with effect for the future.

Carl Zeiss AG processes the personal data provided by the whistleblower for the purpose of receiving and processing compliance notices regarding violations of applicable laws and internal rules, as well as investigating and sanctioning such violations. This data processing is based on a legal obligation to which ZEISS is subject or to safeguard the legitimate interests of ZEISS.

By participating in ZEISS Myopia Management via your ZEISS Eye Care Partner (ECP), your data will be collected and processed to provide you and your ECP with a personal myopia analysis to allow a consultation tailored to your individual needs. Anonymized data of yours is used and may be transferred to or stored outside of the country by ZEISS to improve the underlying data model. All data processing relies on your explicit consent.

As part of the ZEISS Portal / MyZEISS platform, we process personal data in order to give you customized access to ZEISS services and resources. This data processing is based on your consent, or the fulfillment of a contract or the implementation of pre-contractual measures, or the legitimate interests of ZEISS. You may revoke your consent at any time, effective for the future.

In the ZEISS Quality Software Store, we collect personal data in order to be able to offer software trial versions and add-ons, to give you the opportunity to write reviews and to improve the service and product range. This data processing is based on the legitimate interests of ZEISS.