Privacy Policy PROFIS Software

The PROFIS Web Application and Mobile Application, including Quantity Calculator and all add-on modules (referred to as “PROFIS Web Application and Mobile Applications” or “Software”) are brought to you by Hilti (https://www.hilti.co.uk/). Terms like “we”, “us”, “our”, etc. in this Privacy Policy refer to Hilti. Terms like “you”, “your”, etc. refer to you as a user of the PROFIS Web Application and Mobile Applications. Please read this Website Privacy Policy carefully.

We know that you care about your personal data and so do we. That is why we exercise care to handle personal data carefully and sensibly. Not only do we have a reputation for providing quality products and excellent customer service, we are also committed to protecting your privacy in the online sphere. This Website Privacy Policy describes how we collect, process and use your personal data when you visit and/or register with the PROFIS Web Application and Mobile Applications.

Table of contents

• What is personal data?

• Who is responsible for the proper handling of your personal data?

• What do we do with your personal data?

• What types of personal data do we collect, process and use?

• Does the PROFIS Web Application and Mobile Applications use cookies and similar technologies and/or create user/customer profiles based on usage data?

• Why and with whom do we share personal data?

• Will personal data be transferred abroad?

• What else do we do to protect your personal data?

• How long do we retain personal data?

• Why do you receive emails from us?

• Links to other websites

• Contact us

What is personal data?

The term “personal data”, as used herein, comprises any information attributed or attributable to you as a user of our PROFIS Web Application and Mobile Applications, whether such information was entered by you, collected from you or otherwise obtained. The term “personal data”, as used herein, however does not include any personal data entered into and managed by you via the database that may be accessed through the PROFIS Web Application and Mobile Applications to the extent that this personal data qualifies as Customer Data in the meaning of the relevant customer subscription contract and its exhibits (“Subscription Agreement”) concluded between Hilti and the respective customer (“Customer”). Therefore, this Privacy Policy does not apply to such Customer Data.

Who is responsible for the proper handling of your personal data?

As the provider of the PROFIS Web Application and Mobile Applications, Hilti is the responsible data controller for all personal data that we collect, process and use in connection with your use of the PROFIS Web Application and Mobile Applications. Hilti, however, is not the responsible data controller with respect to Customer Data (as described in section “What is personal data?” above). Hilti collects, processes or uses

Customer Data in connection with the relevant Subscription Agreement only as a data processor on behalf of

the relevant Customer on the basis of the data processing agreement concluded with such Customer in

connection with the relevant Subscription Agreement, and in accordance with applicable data protection laws.

What do we do with your personal data?

We collect, process and use your personal data for the following purposes only:

• To administer, operate, maintain and improve the PROFIS Web Application and Mobile Applications.To

provide you with a more personalized experience of the PROFIS Web Application and Mobile

Applications (e.g. by tailoring any content to your individual preferences);

• To evaluate your eligibility for certain types of offers, products or services;

• To help us to improve and personalize the PROFIS Web Application and Mobile Applications, our

products and services (if legally permissible);

• To perform analytics and conduct customer research, including general market research or surveying our

customers' needs and opinions on specific issues, generating sales and traffic patterns, and to analyze

advertising effectiveness, both on an anonymous basis (e.g. by aggregating data) or on an individual basis

(if legally permissible);

• To answer your questions and respond to your requests you might face using the PROFIS Web

Application and Mobile Applications. Those support requests are steered through the customer

administrator of the subscriber of the PROFIS Web Application and Mobile Applications and are

governed by the terms and conditions set forth in the Subscription Agreement.

• To communicate with you on other matters (e.g. to send you reminders, technical notices, updates,

security alerts, support and administrative messages or service bulletins);

• To comply with legal obligations, prevent unlawful uses of the PROFIS Web Application and Mobile

Applications, resolve disputes, and enforce our agreements;

• For other purposes that you have specifically agreed to; and

• Otherwise as permitted by applicable law.

We will seek your consent before collecting, processing and using your personal data for the above-mentioned

purposes, where legally required. Likewise, if we wish to use your personal data for a new or different

purpose, we will notify you of this and will only use your data for other such purposes if it is required or

permitted by applicable law or if you have consented to it.

For the purposes mentioned above, only a limited number of individuals within Hilti (e.g. individuals in sales,

support, legal, finance, IT and accounting departments, as well as certain managers with assigned

responsibility) will be granted access to your personal data.

What types of personal data do we collect, process and use?

Personal data (excluding Customer Data as described in section “What is personal data?” above) that we

collect, process and use in connection with the PROFIS Web Application and Mobile Applications includes

not only information that we actively collect while you interact with the PROFIS Web Application and Mobile

Applications but also information that you voluntarily provide to us over the PROFIS Web Application and

Mobile Applications in various contexts (e.g. when you send an email to our customer service team, etc.).

Hence, it is thus not possible to define an exhaustive list of all potential types of personal data that we may

collect, process and use. In general, however, typical types of personal data include the following:

• Login name and password (stored encrypted);

• User profile information (i.e. first name, last name, email, phone number, address);

• User preferences (e.g. preferred language settings);

• IP address, operating system, browser type, browser version, browser language, browser configuration,

name of Internet service provider and other types of computer and connection-related information

relevant to identifying your type of device, connecting to the PROFIS Web Application and Mobile

Applications, enabling data exchange with you and your device, and ensuring a convenient use of the

PROFIS Web Application and Mobile Applications;

• If you use the mobile application of the PROFIS Web Application and Mobile Applications, information

regarding the mobile operating system, app version, name of service provider, and other types of device

and connection-related information relevant to improve the mobile application, establish a connection to

our servers to provide synchronization services, improve and provide support for the mobile application.

• URL and IP address of the website from which you accessed, or were directed to, our PROFIS Web

Application and Mobile Applications, including date and time;

• Subpages visited and functionality used while on our PROFIS Web Application and Mobile Applications,

links followed on the PROFIS Web Application and Mobile Applications, including date and time;

• The full Uniform Resource Locator (URL) click stream to, through and from the PROFIS Web

Application and Mobile Applications, including date and time;

• Search terms entered;

• Usage data e.g. collected by cookies or similar technologies (as described in the next paragraph);

• Consents, authorizations, etc. granted in connection with the use of the PROFIS Web Application and

Mobile Applications.

Do the PROFIS Web Application and Mobile Applications use cookies and similar technologies and/or

create customer/user profiles based on usage data?

Cookies are small text files located in your browser directory. When a website is accessed, a cookie that is

placed on a device sends information to the browser. Cookies are extremely common and used on a number of

websites. In general, the purpose of cookies is to improve the performance of the website and the user's

experience in using that website, though cookies may also be used to support advertisements (which we

explain below).

Hilti uses the following types of cookies and similar technologies in connection with the PROFIS Web

Application and Mobile Applications:

• Google Analytics (persistent cookie that lasts after you close your browser): This website uses Google

Analytics, a web analytics service provided by Google, Inc. ("Google"). Google Analytics uses cookies,

which are text files placed on your computer, to help the website analyze how users use the site. The

information generated by the cookie about your use of the website will be transferred to and stored by

Google on servers in the United States. Before the transfer this information will be anonymized by

removing the last octet of your IP address. Google will process this information on our behalf for the

purpose of evaluating your use of the website, compiling reports on website activity and providing other

services relating to website activity and Internet usage. Google will not link your IP address with any

other data held by Google. You may refuse the use of cookies by selecting the appropriate settings on

your browser, however please note that if you do this you may not be able to use the full functionality of

this website. You may further opt-out of the collection of your usage data (including your IP address) and

the processing of the data by Google by downloading and installing the add-on for your current web

browser from the following link: tools.google.com/dlpage/gaoptout.

• JsessionID (session cookie that lasts until you close your Internet browser): Hilti uses a cookie that

identifies the user during his current session on the PROFIS Web Application and Mobile Applications.

The Jsession ID cookie collects the user’s session ID but does not store any personal data after the user

has closed his session and does not transfer any data to third parties.

You can modify your cookies settings, or refuse to accept cookies at all, thus limiting the amount of personal

data that we receive about you. The “Help” section on the toolbar of most browsers tells you how to prevent

your browser from accepting new cookies, how to instruct the browser to notify you when you receive a new

cookie, or how to disable cookies altogether. Please be aware, however, that you might then not be able to take

advantage of some functions and features of the website and the PROFIS Web Application and Mobile

Applications or may even be prevented from using the solution at all depending on your settings; for more

information on the system requirements for using PROFIS Web Application and Mobile Applications please

visit the Product Description Page.

By default we collects usage data, such as the number of times PROFIS Web Application and Mobile

Applications have been accessed and for how long, the number and type of Software functions used, the

number and type of calculations and/or projects, the number and configuration of the bills of materials

underlying the individual calculations and/or projects to provide information about quality issues, such as

software errors, product defects or recall campaigns and to create pseudonymized user and customer profiles

for advertising or market research purposes and for customizing Hilti software and apps to customer

requirements. For this purpose, pseudonymized user profiles are created for the Software across multiple

devices where applicable. You can opt out of the creation of pseudonymized user profiles for the purposes of

advertising, market research or the customizing of the Software at any time and with immediate future effect.

If you wish to opt out of the creation of pseudonymized user profiles, please untick the checkbox during the

registration process or in the Software settings .

INFORMATION ON THE FREE AND OPTIONAL CONSENT TO THE CREATION OF USER/CUSTOMER PROFILES

By clicking the respective checkbox to consent to the creation of personalized user profiles during the

registration process or in the Software settings you consent and agree that, for the purposes of tailored

advertising, market research, organization of our business processes and the customization of our website, apps

and software, we can collect, process and use personalized usage data (such as the number of times the

Software has been accessed and for how long, the number and type of Software functions used, the number

and type of calculations and/or projects and the number and configuration of bills of materials underlying the

individual calculations and/or projects) in some instances, from multiple devices, and, as part of the creation

customer and user profiles, combine it with other personal data that we collected or will collect from you as

part of our business relationship in the establishment, execution or termination of contractual relationships

(e.g. name and company address, order and purchase history, your industry affiliation).

If you provide the aforementioned consent, we will use the data (including personally identifiable information)

to analyze customer and user behavior, to examine the needs and opinions of our customers and users on

certain issues, to optimize sales and business transaction structures and also to analyze the impact of specific

advertising measures. We will also use the data (including personal data) for direct marketing purposes in

order to send you, for example, information on products and services or marketing campaigns that could be of

particular interest to you. You will only receive promotional emails, promotional SMS/MMS, promotional

faxes or telemarketing calls if you have granted, and not yet revoked, additional explicit consent or we are

legally entitled to do so. The consent to the creation of personalized user profiles is given voluntarily and may

be revoked at any time with future effect vis-à-vis Hilti. You can revoke your consent by unchecking the

respective checkbox in the Software settings.

Hilti reserves the right to further collect, process and use your personal data, even if you have revoked your

consent, if and to the extent this required or permitted by law.

Why and with whom do we share personal data?

For the purposes mentioned above, we may share your personal data with third parties, including other entities

of the Hilti group of companies. We do not sell, trade, rent, disclose, transfer or otherwise share your personal

data, unless to the extent described in the following or as agreed by you in a specific context (e.g. where you

consent to other types of data transfers in connection with enrolling for a specific service). Whenever sharing

personal data, we do so only in strict accordance with applicable laws.

Potential recipients of your personal data are listed in the following:

• Other Hilti group entities and Hilti business partners: We may share your personal data with other entities

of the Hilti group of companies (e.g. Hilti Market Organizations responsible for the respective local

websites) and with our business partners if there is a legitimate reason to do so (e.g. where a business

partner renders parts of services ordered by you such as email service providers) and such sharing is

legally permissible. A legal permission exists for instance if you have consented to the sharing of your

personal data or if applicable law permits or requires it. In any case where we share your data with other

entities of the Hilti group of companies or with our business partners we do so only for specific purposes.

• Third party service providers: We may employ third party service providers (i.e. companies or individuals

engaged by us) to perform certain functions on our behalf and under our instructions. Examples include

database management, maintenance services, web analytics, handling in-bound inquiries, delivering

packages, sending postal mail and email, removing repetitive information from customer lists, analyzing

data, providing sales and marketing assistance, processing credit card payments, and providing customer

service. Third party service providers may for instance include IT companies, credit card processors,

credit rating agencies or legal, financial and other advisers. Any third party provider will have access only

to such personal data needed to perform its specific functions, and only for the purpose of performing

these functions. We will ensure that any third party service provider is aware of and abides by these

obligations. We will also ensure that any third party service provider treats your personal data no less

protective as required by applicable data protection laws and that they adopt adequate technical and

organizational security measures.

• Courts, law enforcement authorities and regulators: We may share personal data when we believe it is

necessary in order to comply with the law, to protect the rights or safety of our website, other users, or

third parties (e.g. for fraud protection purposes). Without limitation, this may include cases in which we

are required to share personal data by the law or binding order of courts, law enforcement authorities or

regulators. We will carefully determine the permissibility of providing personal data in such a context in

each case, paying particular attention to the type of request, types of data affected and any impact that a

disclosure of personal data would have on the user concerned. Should we decide to disclose personal data

in such a context we will also consider ways of reducing the scope of the disclosure, for instance by

redacting the information provided.

• Buyers: As we continue to develop our business, we might sell all or parts of our website or business,

including the PROFIS Web Application and Mobile Applications. In such transactions, user information

generally is one of the transferred business assets, but remains subject to the promises made in any preexisting

Website Privacy Policy, unless you agree otherwise.

Will personal data be transferred abroad?

Recipients of your personal data may be located in any country. This may include countries where applicable

data protection laws provide a lesser degree of protection than your home country. For instance, if you are

located within the EU/EEA or Switzerland, the country where the recipient is located may not qualify as a safe

country within the notion of the European Data Protection Directive (95/46/EC) or the Federal Data Protection

Act of Switzerland. In such case, Hilti will nevertheless ensure an adequate level of protection for your data,

for instance by requiring the recipient to enter into so-called EC Model Clauses, which are sets of contractual

clauses adopted by the European Commission for the purpose of adducing adequate safeguards for personal

data in connection with cross-border transfers.

What else do we do to protect your personal data?

Hilti understands the importance of data security and we want to make the usage of our PROFIS Web

Application and Mobile Applications as safe as possible. We have implemented reasonable safeguards and

precautions to protect your personal data, including technical and organizational measures against

unauthorized access, improper use, alteration, unlawful or accidental destruction, and accidental loss, both in

an online and offline context.

Also, please understand that, while we strive to protect your personal data against potential risks and

exposures, there is no absolute security in the online sphere. Hence, we ask you to support our IT security

efforts by not disclosing any data through our PROFIS Web Application and Mobile Applications that is

particularly sensitive or not required in the specific context. Furthermore, you can help us to protect your

personal data by signing off when you have finished using login-protected areas of the PROFIS Web

Application and Mobile Applications.

How long do we retain personal data?

Your personal data is not retained by us for longer than necessary for the legally permissible purposes for

which they were collected, as required under applicable retention policies and/or as required or permitted in

accordance with applicable law.

Why do you receive emails from us?

We may send you emails for various reasons, including the following:

• You have subscribed to our newsletter and/or opted in to receiving other types of marketing

communication from us.

• You have subscribed to notifications in connection with the PROFIS Web Application and Mobile

Applications under the Subscription Agreement.

• We are contacting you regarding an inquiry that you have submitted to us.

• We want to provide you with updates, privacy notices, warnings or other important information that is

relevant to our users.

INFORMATION ON THE FREE AND OPTIONAL NEWSLETTER SIGN-UP

By signing up for the email newsletter offered by Hilti, you agree that the data you provided when signing up

to the newsletter (e.g. your email address) can be collected, processed and used by Hilti for the regular

dispatching of emails containing company, product and service-related information such as news about new

Hilti products or Hilti services or about Hilti marketing campaigns (e.g. competitions, discounts, promotions),

about changes within the company or to invite you to customer surveys (e.g. on customer satisfaction or

customer requirements).

Consent to receive the newsletter is provided voluntarily and can be revoked at any time with immediate effect

vis-à-vis Hilti. You can unsubscribe from the newsletter mailing list, for example, by simply clicking the

unsubscribe link contained in the newsletter. Alternatively, you can modify the settings for your email address

or mobile phone number in our “Preference Center” and choose what kind of messages, if any, you wish to

receive from Hilti. You can access the “Preference Center” via your customer profile after registering on our

website or by clicking on the “Preference Center” link in the email.

Links to other websites

Our PROFIS Web Application and Mobile Applications may contain links to other websites. Such external

websites are not controlled by us. When you visit such external websites you do so at your own risk. Hilt

cannot, and does not, assume any responsibility or liability for such external websites, the content of such

websites and their privacy practices, nor do we endorse them. We encourage you to familiarize yourself with

the privacy statements provided by such external websites prior to providing them with information about you

or entering into any transactions on them.

How are changes to this Privacy Policy communicated?

Our business changes constantly and, therefore, our Website Privacy Policy will need to be revised from time

to time. In such case, we will post on the PROFIS Web Application and Mobile Applications a new version of

this Website Privacy Policy. You may easily identify a new version by checking the version data given in the

last line below. Once posted, your continued use of our PROFIS Web Application and Mobile Applications

will be deemed as your acceptance of the new version of the Website Privacy Policy.

Contact us

Your feedback is always welcome. If you have any questions or concerns about our privacy practices or your

online privacy please do not hesitate to contact us. You may also contact us if you wish to gain access to the

personal data we hold about you, if you wish to request that your personal data be updated, rectified, deleted or

blocked, or that we refrain from further use of your personal data, if you wish to withdraw any consents

previously granted, or if you wish to object to the creation of individual user profiles.

© Hilti (https://www.hilti.co.uk/).

Version date: 2017-01-17