Privacy Policy

Endress+Hauser Commitment to Data Privacy Protection

 

Protecting the security and privacy of your personal data is important to Endress+Hauser; therefore, we conduct our business in compliance with applicable laws on data privacy protection and data security. We hope the policy outlined below will help you understand what data Endress+Hauser may collect, how Endress+Hauser use and safeguard that data and with whom we may share it.

1.

Personal data

 

Through our Web sites, Endress+Hauser will not collect any personal data about you (e.g. your name, address, telephone number or e-mail address), unless you voluntarily choose to provide us with it (e.g. by registration, survey), respectively, provide your consent, or unless otherwise permitted by applicable laws and regulations for the protection of your personal data.

2.

Purpose of Use

 

When you do provide us with personal data, we usually use it to respond to your inquiry, to process your order or to provide you access to specific information or offers. Also, to support our customer relationship with you:

 

  • we may store and process personal data and share it with our worldwide affiliates to better understand your business needs and how we can improve our products and services; or
  • we (or a third party on our behalf) may use personal data to contact you about a Endress+Hauser offer in support of your business needs or to conduct online surveys to understand better our customers' needs.

 

If you choose not to have your personal data used to support our customer relationship (especially direct marketing or market research), we will respect your choice. We do not sell or otherwise market your personal data to third party.

3.

Purpose Limitation

 

Endress+Hauser will collect, use or disclose personal data supplied by you online only for the purposes disclosed to you, unless the disclosure:

 

  • is a use of the personal data for any additional purpose that is directly related to the original purpose for which the personal data was collected,
  • is necessary to prepare, negotiate and perform a contract with you,
  • is required by law or the competent governmental or judicial authorities,
  • is necessary to establish or preserve a legal claim or defense,
4.

Communications or Utilization Data

 

Through your use of telecommunications services to access our Web site, your communications data (e.g. Internet protocol address) or utilization data (e.g. information on the beginning, end and extent of each access, and information on the telecommunications services you accessed) are technically generated and could conceivably relate to personal data. To the extent that there is a compelling necessity, the collection, processing and use of your communications or utilization data will occur and will be performed in accordance with the applicable data privacy protection legal framework.

5.

Non-Personal Data Collected Automatically

 

When you access our Web sites, we may automatically (i.e., not by registration) collect non-personal data (e.g. type of Internet browser and operating system used, domain name of the Web site from which you came, number of visits, average time spent on the site, pages viewed). We may use this data to monitor the attractiveness of our Web sites and improve their performance or content.

6.

"Cookies" - Information Stored Automatically on Your Computer

 

When you view one of our Web sites, we may store some data on your computer in the form of a "cookie" to automatically recognize your PC next time you visit. Cookies can help us in many ways, for example, by allowing us to tailor a Web site to better match your interests or to store your password to save you having to re-enter it each time. If you do not wish to receive cookies, please configure your Internet browser to erase all cookies from your computer's hard drive, block all cookies or to receive a warning before a cookie is stored.

7.

Security

 

To protect your personal data against accidental or unlawful destruction, loss or alteration and against unauthorized disclosure or access, Endress+Hauser uses technical and organizational security measures.

8.

Links to Other Web Sites

 

Endress+Hauser Web sites contain links to other Web sites. Endress+Hauser is not responsible for the privacy practices or the content of other Web sites but expect them to apply the same rules.

9. Right to information
 

At your request, tells you Endress+Hauser as soon as possible in writing in accordance with the applicable law, whether and what personal data is stored by us. Are you registered as a user, we also offer you the opportunity to see your stored data for yourself to change or delete them. If, despite our efforts to ensure data accuracy and timeliness of incorrect information has been stored, we will correct it at your request.

If you have questions regarding the processing of your personal data, you can refer to our chief corporate data protection that is available even in the case of inquiries, suggestions or complaints with his team.

 

Address:

Endress+Hauser SE+Co. KG

Hauptstr.1

D-79689 Maulburg

e-Mail: Datenschutz@pcm.endress.com

10.

Questions and Comments

 

Endress+Hauser will respond to reasonable requests to review your personal data and to correct, amend or delete any inaccuracies. If you have any questions or comments about the Endress+Hauser Data Privacy Protection Policy (e.g. to review and update your personal data), please click on "Contact Us" in the upper right-hand corner of this window, and select "About Endress+Hauser", "About us - questions about Endress+Hauser". As the Internet matures, so will our Data Privacy Protection Policy. We will post changes to our Data Privacy Protection Policy on this page. Please check this page regularly to keep up-to-date.

Data Protection Notice pursuant to the General Data Protection Regulation (GDPR)

 

The Endress+Hauser Group ("Endress+Hauser", "we" or "us") attaches great importance to the protection of your personal data. We therefore conduct our business in compliance with applicable laws on personal data protection and data security.

This Data Protection Notice applies to all affiliated companies of the Endress+Hauser Group in the EU/EEA. It also applies in addition to the General Data Protection Policy, which has global validity and takes precedence in case of conflict.

1. Responsibility
 

Details of the responsible Endress+Hauser company within the meaning of the GDPR and further information about the competent supervisory authority can be found on our website.

The relevant company's internal Data Protection Responsible, or Data Protection Officer if it has one, can be contacted by post at the address indicated on the website, adding the title "Data Protection Responsible", or via email if an email address is given.

2. Purpose of processing, legal basis
 

We process personal data in accordance with the provisions of the EU General Data Protection Regulation (GDPR) and national data protection regulations:

a. For fulfilment of contractual obligations (Art. 6 para. 1 b GDPR) particularly in connection with customer orders, suppliers, service partners and employees

b. To safeguard legitimate interests within the context of a balance of interests (Art. 6 para. 1 f GDPR) To the extent necessary, we process your data beyond the actual fulfilment of the contract in order to safeguard our legitimate interests or those of third parties. This concerns in particular:

- Passing on data within the Endress+Hauser Group
- Advertising or market research, unless you have objected to the use of your data
- Reviewing and optimising procedures for needs assessment and for direct client discussions, including client segmentations and calculation of closing probabilities - Asserting legal claims and defence in legal disputes
- Guaranteeing IT security
- Video surveillance to safeguard domiciliary rights and protect buildings and property from vandalism and theft
- Measures for building and site security (e.g. access control)
- Measures to safeguard domiciliary rights
- Measures for business management and further development of products and services
- Risk management within the Group

c. Based on your consent (Art. 6 para. 1 a GDPR) Where you have granted us consent to process your personal data for certain purposes (e.g. filming and photographs, newsletters), such processing is lawful on the basis of your consent. Consent given can be withdrawn at any time. This also applies to the withdrawal of declarations of consent that were given to us before the GDPR came into force, i.e. before May 25, 2018. Please note that the withdrawal is only valid for the future. Data processed prior to the withdrawal is not affected.

d. Based on legal requirements (Art. 6 para. 1 c GDPR) or in the public interest (Art. 6 para. 1e GDPR) We are also subject to various legal obligations, that is to say, statutory requirements (e.g. checks against anti-terrorism lists, anti-money laundering legislation). Purposes of processing include identity checking, fulfilment of verification and reporting obligations in relation to tax and social security, fraud and money laundering prevention and measurement and management of risks within the Endress+Hauser Group.

 3. Who receives my data?
 

Within the responsible Endress+Hauser company, those units that require your data to fulfil our contractual and legal obligations or to safeguard legitimate interests will have access to it.

Affiliated companies of the Endress+Hauser Group, our service providers and vicarious agents appointed by us, public authorities or third parties may also receive data for such purposes.

In particular, the following recipients or recipients which offer the following activities and services may receive data:

- Affiliated companies of the Endress+Hauser Group
- Endress+Hauser InfoServe as the central data centre
- Third party cloud and ASP service providers
- Public bodies for compliance with statutory reporting requirements, e.g. financial authorities, social security institutions, law enforcement agencies
- Processing of bank information
- Support/maintenance of computer/IT applications
- Archiving - Document processing - Call centre services
- Compliance services
- Data screening for anti-money laundering purposes
- Data destruction
- Auditing services
- Leasing companies
- Credit-checking service providers
- Debt collection companies
- Payment card processing (debit cards/credit cards) and payment transactions
- Marketing
- Media technology
- Reporting
- Telephony
- Website management
- Insurances

4. Will data be transferred to a third country or an international organisation?
 

Data will only be transferred to countries outside the EU or EEA ("third countries") where necessary to execute your orders (e.g. production, logistics), where legally required (e.g. to meet tax reporting obligations), where you have given us your consent, or for the purposes of contract data processing. Data may also be exchanged with affiliated companies of the Endress+Hauser Group in third countries, including Switzerland in particular.

Where use is made of service providers in third countries, besides written instructions they will also be bound by EU standard contract clauses on compliance with the data protection levels applicable in the EU. Appropriate contractual agreements have been concluded with affiliated companies of the Endress+Hauser Group.

5. How long will my data be stored?
  We process and store your personal data for as long as necessary to fulfil our contractual and legal obligations. We will delete your personal data once it is no longer needed for the above purposes. It is possible that personal data may be stored for the period in which claims can be asserted against our companies (statutory limitation periods range from three to thirty years). We will also store your personal data for as long as we are legally obliged to do so. Commercial and tax legislation imposes corresponding documentation and retention obligations.
6. What are my data protection rights?
 

Every data subject has the right of access to information pursuant to Article 15 GDPR. Subject to certain conditions, every data subject has the right to rectification pursuant to Article 16 GDPR, the right to restrict processing pursuant to Article 18 GDPR and the right to deletion pursuant to Article 17 GDPR. Furthermore, every data subject has the right to receive the personal data which they have provided in a structured, commonly used and machine-readable format (data portability) pursuant to Article 20 GDPR, provided the processing is carried out by automated means and is based on consent.

Concerning the right to information and the right of deletion, for responsible companies of the Endress+Hauser Group with registered office in Germany, the limitations set out in Sections 34 and 35 of the German Federal Data Protection Act (BDSG) are applicable.

Every data subject has the right to lodge a complaint with a supervisory authority, particularly in the Member State of his or her habitual residence, place of work or place of the alleged breach of data protection (Article 77 GDPR). Further information about the competent supervisory authority can be found on our website.

You may revoke your consent to the processing of personal data at any time. This also applies to the withdrawal of declarations of consent that were given to us before the GDPR came into force, i.e. before May 25, 2018. Please note that the withdrawal is only valid for the future. Data processed prior to the withdrawal is not affected.

7. Right of objection
 

In addition to the rights referred to above, you also have a right of objection as follows.

Information about your right of objection pursuant to Article 21 of the EU General Data Protection Regulation (GDPR)

1. Right of objection in relation to a specific case

You have the right to object at any time, on grounds relating to your particular situation, to processing of your personal data which is based on Art. 6 para. 1 e GDPR (data processing in the public interest) and Art. 6 para. 1 f GDPR (data processing for the purposes of legitimate interests); this includes profiling based on those provisions within the meaning of Art. 4 para. 4 GDPR. If you object, we will no longer process your personal data, unless we are able to demonstrate compelling legitimate grounds for the processing which override your interests, rights and freedoms, or show that the processing serves for the establishment, exercise or defence of legal claims.

2. Right of objection against processing of data for marketing purposes

In individual cases, we may process your personal data for direct marketing purposes. You have the right to object at any time to the processing of your personal data for such marketing; this also includes profiling where related to such direct marketing. If you object to processing for direct marketing purposes, we will no longer process your personal data for such purposes.
The objection may be submitted, without any requirements as to form, to the person indicated in Section 1.

8.

Right of complaint

 

You have the right to lodge a complaint with the person indicated in Section 1 or with a supervisory authority, particularly in the Member State of your habitual residence, place of work or place of the alleged breach of data protection (Article 77 GDPR).

9.

To what extent are decisions taken automatically?

 

In establishing and maintaining business relations, we generally refrain from fully automated decisionmaking pursuant to Art. 22 DSGVO. If we use such methods in individual cases, we will inform you separately insofar as we are legally required to do so.

10.

Is profiling carried out?

 

We process some of your data automatically, with the aim of assessing certain personal aspects (profiling). For example, we use profiling in the following cases:

- Due to legal requirements, we are obliged to compare data against anti-terrorism lists.
- We use assessment tools in order to specifically notify you and advise you about products. These allow communications and marketing to be tailored according to need.