Data protection notice

Robert Bosch GmbH (hereinafter “Bosch”, “We” or “Us”) welcomes you to our internet pages. We thank you for your interest in our company and our products.

1. Bosch respects your privacy

We view the protection of your privacy during the processing of personal data and the security of all business data to be important considerations that we take into account in our business processes. We process personal data collected during your visit to our online services on a confidential basis and only in compliance with statutory provisions.

Data protection and information security are part of our company policy.

2. Data controller

Robert Bosch GmbH is responsible for processing your data; exceptions are explained in these data protection notices.

Our contact details are as follows:

Robert Bosch GmbH
Business Unit CVO
Robert-Bosch-Platz 1
70839 Gerlingen, Germany

E-Mail: kontakt@bosch.de
Phone: +49 711 400 40990

To assert your rights, report data privacy incidents or submit suggestions and complaints regarding the processing of your personal data, or to revoke your consent, we recommend that you contact our Group Data Protection Officer:

Thoralf Knuth
Chief data protection officer Information security and privacy Bosch Group (C/ISP)
Robert Bosch GmbH
Robert-Bosch-Platz 1
70173 Stuttgart
Germany

Or use the following link:
www.bkms-system.net/bosch-datenschutz

3. Collection, processing, and use of personal data

3.1 · Categories of processed data

Communication data (e.g., name, telephone number, email address, postal address, IP address) are processed.

3.2 · Fundamental principles

The term “personal data” covers all information that refers to an identified or identifiable natural person, such as names, addresses, telephone numbers or email addresses, which are an expression of the identity of a person.

We only collect, process, and use personal data (including IP addresses) if there is a statutory basis to do so or if you have granted us your consent in this regard, such as in the course of registration.

3.3 · Purposes of processing and legal bases

We (and service providers appointed by us) process your personal data with the following purposes:

3.3.1 · Making this online service available

Legal basis: an overriding legitimate interest on our part in direct marketing, provided that this occurs in accordance with data protection requirements and the provisions of competition law.

3.3.2 · Answering user inquiries sent using a contact form

Legal bases: an overriding legitimate interest on our part in marketing and in the improvement of our products and services, provided that this occurs in accordance with data protection requirements and the requirements of competition law and/or contract performance or consent.

3.3.3 · Investigation of disruptions and for security reasons

Legal bases: fulfillment of our legal obligations in the area of data security and an overriding legitimate interest in the elimination of disruptions and in the security of our services.

3.3.4 · Internal and external advertising, in addition to market research and coverage measurement as permitted by law or by consent

Legal basis: consent and/or an overriding legitimate interest on our part in direct marketing, provided that this occurs in accordance with data protection requirements and the provisions of competition law.

3.3.5 · Assertion and defense of our rights

Legal basis: a legitimate interest on our part with regard to the enforcement and defense of our rights.

3.4 · Log-Files

Whenever you use the internet, specific information is automatically transmitted by your internet browser and stored by us in so-called log files.

We store the log files for a duration of 7 days to detect disruptions and for security reasons (e.g., for clarification of attempted attacks) and delete them afterwards. Log files that must be kept longer for evidentiary purposes are exempt from deletion until final clarification of the respective incident and can be transferred to investigative authorities in individual cases.

Log files are also used for analytical purposes (without an IP address or a complete IP address) in accordance with the prerequisites in section 3.3.4 “Internal and external advertising, in addition to market research and coverage measurement as permitted by law or by consent.”

In particular, the following information is stored in the log files:

  • IP address (internet protocol address) of the terminal device from which the online service is being accessed
  • Internet address of the website from which the online service was accessed (the “referrer URL”)
  • Name of the service provider via which the online service is accessed
  • Name of the files and/or information retrieved
  • Date, time, and duration of access
  • Transferred data volume
  • Operating system and information about the internet browser used, including installed add-ons (e.g., for the Flash player)
  • HTTP status code (e.g., “successful” or “not found”)

3.5 · Children

This online service is not aimed at children younger than 16.

3.6 Disclosure of data

3.6.1 · Transmission of data to other data processors

As a rule, we transmit your personal data to other data processors only insofar as this is necessary for performance of the contract, if we or the third party have an overriding legitimate interest in transmitting the data, or if you have consented to this. Details regarding the legal bases, the recipients, and/or the categories of recipient can be found in the section “Purposes of processing and legal bases” (see point no. 3.3).

Furthermore, data can be transferred to other data processors to the extent that we are obliged to do so due to statutory provisions or due to enforceable official and/or judicial orders.

3.6.2 · (General) service providers

We appoint external service providers for tasks such as marketing services, programming, data hosting, and hotline services. We have chosen these service providers carefully and monitor them on a regular basis, in particular their careful treatment and protection of the data stored with them. We oblige all service providers to maintain confidentiality and to comply with the statutory regulations. Service providers can also be other companies in the Bosch Group.

3.7 · Duration of storage; retention periods

As a rule, we store your data for as long as is necessary to maintain our online presence and provide associated services, or for as long as we have a legitimate interest in continued storage (e.g., we may still have a legitimate interest in postal marketing after fulfillment of a contract). After this point, we will delete your personal data with the exception of data that we must continue to store in order to fulfill legal obligations (e.g., we are obligated to retain contracts and invoices for a specific period because of mandatory storage periods defined in tax law and commercial law).

4. Newsletters

4.1 Newsletters with subscription; right of revocation

While using our online services, you can subscribe to newsletters. For these purposes, we use the “double opt-in” procedure, according to which we will only send you a newsletter via email, mobile messaging services (e.g., WhatsApp), SMS, or push notification if you have expressly confirmed the activation of the newsletter service in advance by clicking on a link in a notification. If, at a later point, you should opt not to receive newsletters, you can end the subscription at any time by revoking your consent. For email newsletters, consent can be revoked by clicking on the link contained in the newsletter or, under certain circumstances, in the management settings of the respective online service. Alternatively, please get in touch with us using the details in the “Contact” section.

5. External links

Our online services can contain links to web pages belonging to third-party providers with whom we are not associated. After clicking on the link, we do not have any influence over the collection, processing, or use of any personal data transferred to the third party by clicking on the link (such as the IP address or the URL of the page containing the link) as we naturally have no control over the behavior of third parties. We assume no responsibility for the processing of this type of personal data by third parties.

6. Security

Our employees and service providers appointed by us are bound to secrecy and to compliance with the provisions of the applicable data protection legislation.

We take all required technical and organizational measures in order to ensure an appropriate level of protection and to protect your data that we manage against the risks of accidental or unlawful destruction, manipulation, loss, alteration, or unauthorized disclosure and/or unauthorized access. Our security measures are continuously improved in line with technological developments.

7. User rights

To assert your rights, please use the information in the “Contact” section. When doing so, please make sure that we are able to clearly identify you.

7.1 Right to information and disclosure

You are entitled to obtain information from us on the processing of your data. For this purpose, you can assert a right of access regarding your personal data that we process.

7.2 Right to correction and deletion

You can demand that we correct inaccurate data and – provided the legal conditions are fulfilled – completion or deletion of your data.

This does not apply to data that are required for the purposes of invoicing and accounting, nor to data subject to the legal obligation of retention. To the extent that the access to such data is not required, its processing will be restricted (see below).

7.3 Restriction of processing

Insofar as legal requirements are met, you can ask us to restrict the processing of your data.

7.4 · Data portability

Provided that the statutory conditions are fulfilled, you are entitled to receive data that you have provided to us in a structured, commonly used and machine-readable format or – to the technically feasible extent – request the transfer of such data to a third party.

7.5 · Right to object

7.5.1 · Objecting to data processing on the legal basis of having a “legitimate interest”

At any time, you also have the right to object to data being processed by us, provided that this objection is based on the legal basis of having a legitimate interest. In this case, we will cease processing your data unless we are able to demonstrate – in line with statutory provisions – that there are imperative, legitimate reasons for continued processing that outweigh your rights.

7.6 · Revoking consent

If you have consented to us processing your data, you can withdraw this consent at any time with effect for the future. This also applies to the revocation of declarations of consent given to us before the GDPR (General Data Protection Regulation) took effect: in other words, prior to May 25, 2018. This shall not affect the lawfulness of processing your data up until the time of revocation.

7.7 · Right of appeal to the supervisory authority

You have the right to submit a complaint to a data-protection supervisory authority. To do so, you can contact the data-protection supervisory authority responsible for your place of residence or your federal state, or the data-protection supervisory authority that is responsible for our company.

This is as follows:

The Federal State of Baden-Württemberg’s Officer for Data Protection and Freedom of Information (Landesbeauftragter für den Datenschutz und die Informationsfreiheit Baden-Württemberg)

Street address:
Königstraße 10a
70173 Stuttgart
Germany

Postal address:
Postfach 10 29 32
70025 Stuttgart
Germany

Phone: +49 711 6155 41-0
Fax: +49 711 6155 41-15
Email: poststelle@lfdi.bwl.de

8. Amendments to the data protection notice

We reserve the right to modify our security and data protection measures. In these cases, we will also accordingly amend our data protection notices. Please therefore observe the currently valid version of our data protection notice.

9. Contact

If you would like to contact us, please use the address details provided in the “Data controller” section (see point no. 2).

If you would like to assert your rights or report data protection incidents, please use the following link:

www.bkms-system.net/bosch-datenschutz

To submit suggestions and/or complaints regarding the processing of your personal data, we recommend that you contact our Data Protection Officer:

Thoralf Knuth
Chief data protection officer Information security and privacy Bosch Group (C/ISP)
Robert Bosch GmbH
Robert-Bosch-Platz 1
70839 Gerlingen, Germany

or

Email: DPO@bosch.com

Last revised: 12/10/2019