Privacy Policy



The GDPR and you…

Personal data protection is one of our major concerns. The privacy policy fits into a legal context marked by the EU General Data Protection Regulation (EU Regulation 2016/679 of 27 April 2016), applicable since 25 May 2018 and the amended French Data Protection Act no. 78-17 of 6 January 1978 on Information Technology, Data Files and Civil Liberties. The purpose of this data protection policy is to tell you about:

  • The personal data controller
  • How your data is collected and processed. Personal data is any information which enables a natural person to be identified.
  • Your rights regarding the use of your personal data
  • The recipients to whom your data is transmitted
  • The website's cookie management policy

This privacy policy supplements the legal notices on the websites.


You’ll understand us... promise!

Personal Data is any information relating to an identified or identifiable person, i.e. enabling the person to be identified directly (e.g., surname and first name) or indirectly (e.g. cookies).

The Processing of personal data is any operation or set of operations (automated or not) which is performed on data or sets of personal data, such as collection, recording, organization, storage, data transmission, etc.

The Data Controller determines the purposes (objectives of the processing) and the means of processing.

The Data Processor processes personal data on behalf of the data controller and carries out its instructions.


Legal obligations... we’ve got them!

In accordance with the provisions of Article 5 of the General Data Protection Regulation (GDPR), the collection and processing of your personal data shall comply with the following principles:

  • Legality, loyalty and transparency: the collection and processing of personal data can only be based on a legal basis defined in advance (performance of a contract, legal obligation, consent, legitimate interest, preservation of vital interests)
  • Limited purposes: the collection and processing of personal data is carried out to meet one or more defined objectives
  • Minimization of data collection and processing: only the data strictly necessary for the proper execution of the objectives pursued are collected
  • Time-limited data retention: the data controller is under an obligation to define retention periods for the personal data processed
  • Integrity and confidentiality of the data collected and processed: the data controller undertakes to guarantee the integrity and confidentiality of the data collected.


We are responsible for the data entrusted to us! 

As data controller, Microoled undertakes to comply with the obligations resulting from the Regulation and the amended French Data Protection Act, concerning the collection and processing of personal data. In accordance with Article 32 of the GDPR, we implement all technical and organizational measures to ensure your personal data are protected.


What do we know about you?

In accordance with the principle of minimization, we only collect the data necessary to carry out our missions. Therefore, as part of our activity in the manufacture of ophthalmic lasers and ultrasound scanners, and the organization of training courses for our customers, distributors and healthcare professionals, as well as our research, studies and development of new products, Microoled may collect and process the following information:

  • Identity: Surname, first name
  • Login data : Usernames and passwords for access to distributor space
  • Internet: IP address, login history
  • Personal life : Address, e-mail, telephone number
  • Work Life : Qualification, occupation, work e-mail address
  • Financial information : Bank account details, banking and payment data


We’d like to explain!

In all of these situations, Microoled acts as a "Data Controller" under the GDPR.

6.1 General Data






- Identity;

- Personal life

- Work life

- Login data

- Internet

We use these data to:
- Send you marketing communications (if you have given your consent)
- Contact you when you fill in the contact form

- Identify you on the website's specialist area when you register

The data collected through the form are kept for 3 years from collection or the last contact from the prospect

The data are kept as long as you do not unsubscribe


Your browsing data on our website are kept for a maximum of 6 months


- Offer you tailored services
- Monitor and improve our websites and applications
- Conduct audience analyses or create statistics
- Secure our websites/applications and protect both you and ourselves against fraud.

Legitimate interest







- Identity;

- Personal life

- Financial information

- Login data

- Internet

We use these data to:
- Manage and fulfil customer orders and requirements
- Conclude and perform customer contracts, service agreements and distribution agreements
- Tailor the offer and prepare quotations
- Manufacture the products and prepare manufacturing orders
- Manage and organize product deliveries
- Manage regulatory export sales permits
- Install products and monitor their compliance (including preparation of expert reports and compliance reports)
- Monitor side effects on patients and manage complaints and product returns
- Prepare repair estimates
- Perform daily product maintenance
- Provide a distributor area, an online medical platform and a hotline for distributor technical support
- Answer your questions and interact with you in any other way
- Manage your participation in satisfaction surveys to take into account your advice and suggestions
- Monitor our relationship
- Manage payments, invoices, etc.

Invoices are kept for 10 years
The data collected are kept for 3 years from collection or the last contact with you


Kept for the length of the business relationship and 5 years after the relationship ends.

Performance of a contract

- Send you marketing communications to inform you of our future offers and events (mailings, newsletters, invitation to symposiums, etc.)
- Contact ophthalmologists to offer you devices tailored to your needs
- Send you marketing communications (mailings)

Legitimate interest





- Identity
- Personal life
- Work life

We use these data for:
- Application management
- Interview management

2 years after the last contact with the candidate upon the candidate’s consent

Legitimate interest


6.2 Location Data

In addition, when using our Services, we may also collect and use exact information regarding your location, such as GPS, accelerometer, your running route (including precise location data that shows your geographical position). We will only use location data you voluntarily provide us and such only with your prior consent or under your direction to do so and only for the purposes set out in this Privacy Policy. 

Also, the Services use your mobile device’s background location to provide the Services, including storing your position to build a location tracking history during your activities . If you have 'background location' turned on, the ActiveLook app will, from time to time, track your device's location even if you are not directly interacting with the application. You can change your mind and turn off background activity tracking at any time in your device settings or in-app settings.


We don't pass them on to just anyone!

Microoled undertakes to transmit your personal data only to authorized people in-house and to authorized third parties such as the tax, customs or economic authorities, the administration of justice, the police and the gendarmerie, for example.

Microoled may, perhaps, transmit your personal data to data processors for hosting and managing its database in France, hosting its websites or carrying out accounting and employment missions (e.g. accounting firms, recruitment agencies or law firms). The use of these service providers is necessary for the proper performance of our services. We undertake to verify and ensure their compliance with the GDPR and the amended French Data Protection Act.

Microoled does not and shall not sell, transfer or communicate your personal data to unauthorised third parties.

Microoled does not make any automated decisions based on your personal data. No profiling is implemented during processing, and the data we collect will never be used without human intervention.


You hold all the cards!

8.1 Your rights

In accordance with current regulations, you have the following rights in relation to your personal data:

  • RIGHT OF ACCESS: You may, at any time, access the personal data we hold about you.
  • RIGHT TO RECTIFICATION If you notice an error, omission or ambiguity in your personal data, you may make a request to complete, correct or clarify your personal information.
  • RIGHT TO OBJECT : At all times, you retain the right to object to the use of your personal data in the course of our company's activities in relation to the processing of your data.
  • RIGHT TO RESTRICT PROCESSING: You may demand that the future processing of your personal data be restricted under certain conditions
  • RIGHT TO ERASURE : You may also ask us to erase your personal data.

8.2 The DPO 

Microoled has appointed a Data Protection Officer (DPO). In order to exercise your rights, you can contact our Data Protection Officer (DPO) at the following address:

7 PRV Louis Neel
38000 Grenoble - France 

or send an e-mail to:  

8.3 Complaining to the CNIL

You may at any time lodge a complaint with the competent authority i.e. the French Data Protection Agency (CNIL) using the following link:


You entrust us with your data and we look after it!

Microoled is concerned about the security of personal data which it undertakes to process securely and only for the length of time necessary to achieve the intended purpose.

Microoled has put in place technical and organisational measures to ensure an adequate level of data protection in relation to the nature and purpose of the processing.

Therefore, in accordance with Article 32 of the GDPR on the security of processing, Microoled has implemented:

  • The pseudonymisation of personal data
  • Ways of guaranteeing the constant confidentiality, integrity, availability and resilience of processing systems and services
  • Ways of restoring data availability and access within an appropriate timescale in the event of a physical or technical incident
  • A procedure to regularly test, analyze and evaluate the effectiveness of the technical and organisational measures to ensure the processing is secure.

However, the security obligation remains an obligation of means, i.e. we do everything possible to ensure the confidentiality and integrity of your personal data.

Everyone who has access to your personal data has been made aware of best data protection practices. They are bound by a confidentiality obligation, and are liable to disciplinary action in the event of non-compliance with this provision.


A well-organised trip!

As part of our business and for the management of your requests, we may transfer data to our subsidiaries and distributors, located outside the European Union. However, prior to any transmission of your personal data, we check the applicable rules on data transfers outside the European Union and ensure that they provide sufficient and adequate data protection safeguards.


You can choose between eating cookies and going on a diet 

CAs with most websites, our website uses cookies that can be classified into four categories:

  • STRICTLY NECESSARY: These cookies are essential to allow you to browse our websites and use their features.
  • PERFORMANCE/ANALYTICAL: These cookies collect anonymous information about your use of our website. The information collected by these cookies is used only to improve your browsing experience on our website and never for identifying you. Sometimes these cookies are placed by third-party providers of web traffic analysis services, such as Google Analytics.
  • FUNCTIONALITIES: These cookies remember the choices you make to improve your experience on our website and make your visit more personal and friendly. The information that these cookies collect can be anonymised and cannot be used to track your browsing activities on other websites.
  • SOCIAL NETWORKS: These cookies allow you to share your activity on our website with social networking companies. Please refer to the privacy policies of these companies to find out how their cookies work.

If you wish to limit your tracking, it is recommended that you reject them by default via the cookie management banner we have set up on our website. In our cookie policy you will also find the procedure for accepting, customising or refusing cookies by expressing your choice using the banner that appears at the bottom of your screen.


Hang in there, you’ve almost finished! 

This personal data protection policy may evolve. The last update was made on TBD

We use our own and third-party cookies to personalize content and to analyze web traffic. Read more about our Cookies Policy

Cookie settings

Google Analytics

User Experience (Strictly Necessary)

The website is built using Shopify. Shopify’s default cookies don’t collect any personal or sensitive information or IP addresses. The information that they store is not sent to any third parties, and they are used only to communicate with Shopify for the purposes of user authentication, form validation/security, and basic web application operations. To learn more, please see our Privacy Policy.

We'll notify you when ENGO 2 is back in stock