Data Privacy Notice

October 2019

 

Protecting the security and privacy of your personal data is important to Siemens. Therefore, Siemens (for further company details, please see the “Corporate Information” below) processes personal data in compliance with applicable laws on data protection and data security.

Categories of personal data processed, purpose of the processing and legal basis 

 

When visiting Siemens’ websites, applications or online tools (each a “Siemens Online Offering”), Siemens may process the following personal data about you:

  • Personal data that you actively and voluntarily provide via the Siemens Online Offering (e.g., when registering, contacting us with your inquiries or participating in surveys, etc.), including name, e-mail address, telephone number, information submitted as part of a support request, comments or forum posts, etc.; and
  • Information that is automatically sent to us by your web browser or device, such as your IP-address, device type, browser type, referring site, sites accessed during your visit, the date and time of each visitor request.

We process your personal data for the following purposes: 

  • To provide the Siemens Online Offering’s services and functions and to administer your use of the Siemens Online Offering;
  • To verify your identity (if you registered for a Siemens Online Offering);
  • To answer and fulfill your specific requests; 
  • To send you marketing information or to contact you in the context of customer satisfaction surveys as further explained in Section 3; and
  • As reasonably necessary to enforce the applicable terms of use, to establish or preserve a legal claim or defense, to prevent fraud or other illegal activities, including attacks on Siemens’ information technology systems.

The legal basis for Siemens processing data about you is that such processing is necessary for the purposes of:

  • Siemens exercising its rights and performing its obligations in connection with any contract we make with you (Article 6 (1) (b) General Data Protection Regulation); 
  • Compliance with Siemens’ legal obligations (Article 6 (1) (c) General Data Protection Regulation); and/or
  • Legitimate interests pursued by Siemens (Article 6 (1) (f) General Data Protection Regulation). Generally the legitimate interest pursued by Siemens in relation to our use of your personal data is the efficient performance or management of your use of the Siemens Online Offerings.

In some cases, we may ask if you consent to the relevant use of your personal data. In such cases, the legal basis for Siemens processing that data about you may (in addition or instead) be that you have consented (Article 6 (1) (a) General Data Protection Regulation).

 

Cookies

 

We may use cookies within Siemens Online Offerings. You can find information on Siemens’ use of cookies in our Cookie Policy. The Cookie Policy also provides information on how to block and object to the use of cookies and the processing of data collected by cookies.

 

Google Maps

 

In order to offer you certain location-based functions, some Siemens Online Offerings may use “Google Maps” (e.g. to let you obtain directions to your local Siemens point of contact). When you use Google Maps, Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA (“Google“) will process personal data which may include, inter alia, your device’s IP address and your location. Location data can only be processed if you granted permission to access, or actively provided your location data within the relevant Siemens Online Offering.

The data controller responsible for the processing of your personal data in connection with Google Maps is Google; Google’s privacy notice can be found at https://www.google.com/policies/privacy.

 

Links to other websites

 

This Privacy Notice applies only to Siemens Online Offerings and not to other websites or applications operated by third parties. We may provide links to other websites and applications which we believe may be of interest to you. Siemens is not responsible for the privacy practices of such other websites or applications.

 

Mobile Applications

 

Some applications of Siemens that you can download to your mobile device (“Mobile Apps”) have their own Privacy Notices. These Privacy Notices are made available to you in the respective App Store before you download the Mobile App and within the respective Mobile Application itself. The Privacy Notices of selected Siemens’ Mobile Apps are also published here.

Categories of personal data processed and purpose of the processing 

 

In the context of the business relationship with us, we may process the following categories of personal data of consumers and contact persons at (prospective) customers, suppliers, vendors and partners (each a “Business Partner”): 

  • Contact information, such as full name, work address, work telephone number, work mobile phone number, work fax number and work email address; 
  • Payment data, such as data necessary for processing payments and fraud prevention, including credit/debit card numbers, security code numbers and other related billing information; 
  • Further information necessarily processed in a project or contractual relationship with us or voluntarily provided by the Business Partner, such as personal data relating to orders placed, payments made, requests, and project milestones; 
  • Personal data collected from publicly available resources, integrity data bases and credit agencies; and
  • If legally required for Business Partner compliance screenings: date of birth, ID numbers, identity cards and information about relevant and significant litigation or other legal proceedings against Business Partners.

We may process the personal data for the following purposes: 

  • Communicating with Business Partners about our products, services and projects, e.g. by responding to inquiries or requests or providing you with information about purchased products;
  • Planning, performing and managing the (contractual) relationship with Business Partners; e.g. by performing transactions and orders of products or services, processing payments, performing accounting, auditing, billing and collection activities, arranging shipments and deliveries, facilitating repairs and providing support services;
  • Administrating and performing market analysis, sweepstakes, contests, or other customer activities or events;
  • Conducting customer satisfaction surveys and direct marketing activities as further explained in Section 3; 
  • Maintaining and protecting the security of our products, services and websites, preventing and detecting security threats, fraud or other criminal or malicious activities; 
  • Ensuring compliance with legal obligations (such as record keeping obligations), export control and customs, Business Partner compliance screening obligations (to prevent white-collar or money laundering crimes), and our policies or industry standards; and
  • Solving disputes, enforce our contractual agreements and to establish, exercise or defend legal claims.

Where and as permitted under applicable law, we may process your contact information for direct marketing purposes (e.g. trade show invitations, newsletters) and to carry out customer satisfactions surveys, in each case also by e-mail. You may object to the processing of your contact data for these  purposes at any time by writing to contact@siemens.com or by using the opt-out mechanism provided in the respective communication you received.

We may transfer your personal data to:

  • other affiliated companies or third parties - e.g. sales partners or suppliers - in connection with your use of the Online Offerings or our business relationship with you;
  • third parties which provide IT services to us and which process such data only for the purpose of such services (e.g., hosting or IT maintenance and support services); and
  • third parties in connection with complying with legal obligations or establishing, exercising or defending rights or claims (e.g., for court and arbitration proceedings, to law enforcement authorities and regulators, to attorneys and consultants).

Personal data published by you on Online Offerings (such as chat rooms or forums) may be globally accessible to other registered user of the respective Online Offering. 

Unless indicated otherwise at the time of the collection of your personal data (e.g. within a form completed by you), we erase your personal data if the retention of that personal data is no longer necessary (i) for the purposes for which they were collected or otherwise processed, or (ii) to comply with legal obligations (such as retention obligations under tax or commercial laws).

The data protection laws in the jurisdiction in which you reside may entitle you to specific rights in relation to your personal data.

In particular, and subject to the legal requirements, you may be entitled to

  • Obtain from us confirmation as to whether or not personal data concerning you are being processed, and where that is the case, access to the personal data;
  • Obtain from us the correction of inaccurate personal data concerning you;
  • Obtain from us the erasure of your personal data;
  • Obtain from us restriction of processing regarding your personal data;
  • Data portability concerning personal data, which you actively provided; and;
  • Object, on grounds relating to your particular situation, to further processing of personal data concerning you.

To protect your personal data against accidental or unlawful destruction, loss, use, or alteration and against unauthorized disclosure or access, we use adequate physical, technical and organizational security measures.

This section applies and provides you with further information if your personal data is processed by one of our companies located in the European Economic Area.

 

Legal basis of the processing

 

The General Data Protection Regulation requires us to provide you with information on the legal basis of the processing of your personal data.

 

The legal basis for our processing data about you is that such processing is necessary for the purposes of

  • exercising our rights and performing our obligations under any contract we make with you (Article 6 (1) (b) General Data Protection Regulation) (“Contract Performance”);
  • Compliance with our legal obligations (Article 6 (1) (c) General Data Protection Regulation) (“Compliance with Legal Obligations”); and/or
  • Legitimate interests pursued by us (Article 6 (1) (f) General Data Protection Regulation) (“Legitimate Interest”). Generally, the legitimate interest pursued by us in relation to our use of your personal data is the efficient performance or management of (i) your use of the Online Offerings, and/or (ii) our business relationship with you. Where the below table states that we rely on our legitimate interests for a given purpose, we are of the opinion that its legitimate interests is not overridden by your interests and rights or freedoms, given (i) the regular reviews and related documentation of the processing activities described herein, (ii) the protection of your personal data by our data privacy processes, including our Binding Corporate Rules on the Protection of Personal Data, (iii) the transparency we provide on the processing activity, and (iv) the rights you have in relation to the processing activity. If you wish to obtain further information on this balancing test approach, please contact our Data Privacy Organization at: dataprotection@siemens.com.

In some cases, we may ask if you consent to the relevant use of your personal data. In such cases, the legal basis for us processing that data about you may (in addition or instead) be that you have consented (Article 6 (1) (a) General Data Protection Regulation) (“Consent”).

Processing of personal data in the context of Online Offerings - Purpose and Legal Basis

 

To provide the Online Offering’s services and functions which includes creating and administering your online account, updating, securing, and troubleshooting, providing support, as well as improving and developing our Online Offerings

  • Contract Performance (Article 6 (1) (b) General Data Protection Regulation)
  • Legitimate Interest (Article 6 (1) (f) GDPR)

To bill your use of the Online Offering

  • Contract Performance (Article 6 (1) (b) General Data Protection Regulation)
  • Legitimate Interest (Article 6 (1) (f) GDPR

To verify your identity

  • Contract Performance (Article 6 (1) (b) GDPR)
  • Legitimate Interest (Article 6 (1) (f) GDPR)

To answer and fulfill your requests or instructions

  • Contract Performance (Article 6 (1) (b) GDPR)
  • Legitimate Interest (Article 6 (1) (f) GDPR)

To process your order or to provide you with access to specific information or offers

  • Contract Performance (Article 6 (1) (b) GDPR)
  • Legitimate Interest (Article 6 (1) (f) GDPR)

To send you marketing information or to contact you in the context of customer satisfaction surveys as further explained in Section 3

  • Consent, if voluntarily provided (Article 6 (1) (f) GDPR)
  • Legitimate Interest (Article 6 (1) (f) GDPR)

As reasonably necessary to enforce the Online Offering’s terms, to establish or preserve a legal claim or defense, to prevent fraud or other illegal activities, including attacks on our information technology systems

  • Compliance with Legal Obligations (Article 6 (1) (c) GDPR
  • Legitimate Interest (Article 6 (1) (f) GDPR)

Processing of personal data related to your business relationship with us - Purpose and Legal Basis

 

Communicating with Business Partners about our products, services and projects, e.g. by responding to inquiries or requests or providing you with technical information about purchased products

  • Contract Performance (Article 6 (1) (b) GDPR)
  • Legitimate Interest (Article 6 (1) (f) GDPR)

Planning, performing and managing the (contractual) relationship with Business Partners; e.g. by performing transactions and orders of products or services, processing payments, performing accounting, auditing, billing and collection activities, arranging shipments and deliveries, facilitating repairs and providing support services;

  • Contract Performance (Article 6 (1) (b) GDPR)
  • Compliance with Legal Obligations (Article 6 (1) (c) GDPR)

Administrating and performing market analysis, sweepstakes, contests, or other customer activities or events;

  • Consent, if voluntarily provided (Article 6 (1) (f) GDPR)
  • Legitimate Interest (Article 6 (1) (f) GDPR)

Conducting customer satisfaction surveys and direct marketing activities as further explained in Section 3; 

  • Consent, if voluntarily provided (Article 6 (1) (f) GDPR)
  • Legitimate Interest (Article 6 (1) (f) GDPR)

Maintaining and protecting the security of our products, services and websites, preventing and detecting security threats, fraud or other criminal or malicious activities;

  • Legitimate Interest (Article 6 (1) (f) GDPR)

Ensuring compliance with legal obligations (such as record keeping obligations), export control and customs, Business Partner compliance screening obligations (to prevent white-collar or money laundering crimes), and our policies or industry standards; and

  • Compliance with Legal Obligations (Article 6 (1) (c) GDPR)
  • Legitimate Interest (Article 6 (1) (f) GDPR)

 

Solving disputes, enforce our contractual agreements and to establish, exercise or defend legal claims.

  • Compliance with Legal Obligations (Article 6 (1) (c) GDPR)
  • Legitimate Interest (Article 6 (1) (f) GDPR)

International data transfers

 

In the event that we transfer your personal data outside the European Economic Area, we ensure that your data is protected in a manner which is consistent with the General Data Protection Regulation.  Therefore, and if required by applicable law, we take the following measures:

  • We share your personal data with affiliated companies outside the European Economic Area only if they have implemented our Binding Corporate Rules („BCR“) for the protection of personal data. Further information about the BCR can be found here.
  • We transfer personal data to external recipients outside the European Economic Area only if the recipient has (i) entered into EU Standard Contractual Clauses with us, (ii) implemented Binding Corporate Rules in its organization or (iii) – in case of US recipients – the recipient is certified under the Privacy Shield. You may request further information about the safeguards implemented in relation to specific transfers by contacting dataprotection(at)siemens.com.

 

Your competent data protection authority

 

In case of data privacy related concerns and requests, we encourage you to contact our Data Privacy Organization at dataprotection(at)siemens.com.  Besides contacting the Data Privacy Organization, you always have the right to approach the competent data protection authority with your request or complaint. 

 

A list and contact details of local data protection authorities is available here.

If you are a U.S. resident, then please take note of the following:

 

Do Not Track

 

At this time our Online Offerings do not recognize or respond to “Do Not Track” browser signals.  For more information on “Do Not Track”, please visit your browser’s support page.

 

Usage by Children

 

This Online Offering is not directed to children under the age of thirteen. We will not knowingly collect personal data from children under the age of thirteen without insisting that they seek prior parental consent if required by applicable law. We will only use or disclose personal data about a child to the extent permitted by law, to seek parental consent, pursuant to local law and regulations or to protect a child.

 

State Rights

 

Depending on the US state in which you reside, you may have special rights with respect to your personal data.  For information regarding any of those rights, please click here.

The Siemens company Siemens Industry Software Inc., 5800 Granite Parkway, Suite 600, Plano, Texas 75024 participates in the EU-US Privacy Shield frameworks. Click here [insert link to Privacy Shield Policy] to learn more.