Privacy Policy

Last Updated: June 3, 2025

1. Introduction

At Hanel Photonics, we are deeply committed to protecting your privacy and handling your personal data with transparency and care. This Privacy Policy explains how we collect, use, and protect your personal data in connection with your use of our website hanel-photonics.de and our Redmine portal at tenders.hanel-photonics.de.

2. Data Controller

The data controller responsible for the processing of your personal data under this Privacy Policy is:

Hanel Photonics [Your Company Legal Name (e.g., Hanel Photonics GmbH or Sole Proprietorship Name)] [Your Full Address] [Your City, Postal Code, Country] [Your Contact Email: info@hanel-photonics.de] [Your Phone Number (Optional)]

3. No Use of Tracking Cookies, Analytics, or Tracking Software

We want to make our approach to your privacy as clear as possible:

  • We do not use any cookies for tracking or analytical purposes. This means we do not place small data files on your device to monitor your Browse behavior, remember your preferences beyond your current session, or gather statistics about your visits.
  • We do not use analytics software (e.g., Google Analytics, Matomo) on our website or Redmine portal. We do not collect aggregate data about visitor numbers, page views, or user journeys.
  • We do not employ any third-party tracking software or pixels. We do not allow external services to track your interactions with our site for advertising or other purposes.

Our commitment is to provide you with a straightforward, privacy-focused online experience.

4. Our Secure Connection to Hanel Photonics: Understanding Our Redmine Portal

At Hanel Photonics, we’re committed to making your experience with us as smooth and secure as possible. That’s why we’re excited to introduce our new Redmine portal, accessible via tenders.hanel-photonics.de, where you can check the status of your tenders and communicate with our team.

We understand that online security is important to you, and we want to assure you that your data and communications on this portal are well-protected.

What we’ve done for your security:

  • Dedicated & Secure Hosting: Your tender information is hosted on a private, high-security server on Google Cloud, entirely separate from our main website. Think of it as a dedicated, reinforced vault just for your project interactions.
  • Encrypted Communication (HTTPS/SSL): Whenever you visit tenders.hanel-photonics.de, you’ll see a padlock icon in your browser’s address bar. This means all information exchanged between your computer and our portal is encrypted, like a secret code. Your messages, project updates, and personal details are scrambled and protected from unauthorized eyes. This encryption is powered by a trusted system called Let’s Encrypt.
  • Always Up-to-Date Security: We’ve set up automatic systems to ensure our security certificates are always current and renewed regularly. This means you consistently benefit from the latest security protections without interruption.

We believe in transparency and providing a secure environment for our valuable customer relationships. You can connect with confidence, knowing your tender information and communications are handled with the utmost care and security.

5. Data Collected and Purpose of Processing

When you use our Redmine portal (tenders.hanel-photonics.de), we process personal data that you provide directly to us for the purpose of managing tenders and facilitating communication.

Types of personal data we collect may include:

  • Account Information: Your name, email address, company name, contact details provided during user registration.
  • Tender-Related Data: Information you submit in relation to tenders, including project descriptions, documents, deadlines, and communication exchanged within the tender management system.
  • Communication Data: Messages, comments, and files you exchange with our team through the Redmine portal.
  • Server Log Data: Like all web servers, our server automatically collects standard log data such as your IP address, browser type, operating system, referring URLs, pages visited, and the date/time of access. This data is used solely for ensuring the security, stability, and functionality of the Redmine portal and is not used for tracking or identifying individuals.

Purposes of Processing:

We process your data for the following purposes:

  • To provide and manage your access to the Redmine portal: This includes user authentication and maintaining your user account.
  • To facilitate tender management: Processing tender submissions, tracking progress, and managing associated documentation.
  • To enable communication: Allowing you to communicate with Hanel Photonics staff regarding your tenders and projects.
  • To ensure the security and stability of our services: Monitoring server logs to detect and prevent security incidents and technical issues.

6. Legal Basis for Processing (GDPR Article 6)

Our processing of your personal data is based on the following legal bases:

  • Performance of a Contract (Art. 6(1)(b) GDPR): The processing is necessary for the performance of a contract to which you are a party (e.g., managing your tender, facilitating communication related to a project) or in order to take steps at your request prior to entering into a contract.
  • Legitimate Interests (Art. 6(1)(f) GDPR): Processing is necessary for the purposes of our legitimate interests, such as ensuring the security, functionality, and proper operation of our Redmine portal, provided that your fundamental rights and freedoms are not overridden.

7. Data Recipients and Transfers

Your personal data is primarily processed by Hanel Photonics staff directly involved in tender management and communication.

  • Service Providers: We utilize Google Cloud Platform as our hosting provider. Google Cloud acts as a data processor for us, providing the necessary infrastructure for the Redmine portal. We have entered into appropriate data processing agreements with Google to ensure your data is handled in compliance with GDPR.
  • No Third-Party Sharing for Marketing/Tracking: We do not share your personal data with third parties for marketing, advertising, or tracking purposes.

8. Data Retention

We retain your personal data only for as long as necessary to fulfill the purposes for which it was collected, including for the purposes of satisfying any legal, accounting, or reporting requirements.

Typically, data related to your Redmine account and tenders will be retained for the duration of our business relationship and for a reasonable period thereafter to comply with legal obligations (e.g., commercial and tax law retention periods) or to resolve disputes. Server logs are typically retained for a short period for security and operational purposes.

9. Your Data Protection Rights (GDPR Articles 15-22)

Under the GDPR, you have the following rights regarding your personal data:

  • Right of Access (Art. 15 GDPR): You have the right to request access to the personal data we hold about you.
  • Right to Rectification (Art. 16 GDPR): You have the right to request that we correct any inaccurate or incomplete personal data.
  • Right to Erasure (Art. 17 GDPR): You have the right to request the deletion of your personal data under certain conditions (“right to be forgotten”).
  • Right to Restriction of Processing (Art. 18 GDPR): You have the right to request that we restrict the processing of your personal data under certain conditions.
  • Right to Data Portability (Art. 20 GDPR): You have the right to receive your personal data in a structured, commonly used, and machine-readable format and to transmit that data to another controller.
  • Right to Object (Art. 21 GDPR): You have the right to object to the processing of your personal data under certain circumstances.
  • Right to Lodge a Complaint (Art. 77 GDPR): You have the right to lodge a complaint with a supervisory authority, particularly in the Member State of your habitual residence, place of work, or place of the alleged infringement, if you believe that the processing of your personal data infringes the GDPR. The relevant supervisory authority for Hanel Photonics in Germany is generally the Berlin Commissioner for Data Protection and Freedom of Information.

To exercise any of these rights, please contact us using the contact details provided in Section 2.

10. Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our practices or for other operational, legal, or regulatory reasons. We will post any new versions of this Privacy Policy on this page, and the “Last Updated” date will indicate when the most recent changes were made. We encourage you to review this Privacy Policy periodically.