- Home
- Privacy Policy
PRIVACY NOTICE
HILTI SERVICES, WEBSITES and APPS
Hilti does not only have a reputation for providing quality products and excellent customer service but is also committed to protecting your privacy in the online sphere.
Your privacy matters to Hilti so whether you are new to Hilti or a long-time user, please read this notice carefully – and if you have any questions contact us.
If you have a privacy concern, complaint, or a question regarding our electronic or digital services please contact our Data Protection Officer at Hilti by using our web form.
You can also control and manage your information through your Hilti Account settings (privacy dashboard).
This Privacy Notice describes how we collect, process and use your personal data when you visit and/or register with our services, websites and apps and the choices we offer, including how to access and update information.
Unless otherwise stated, Hilti AG is the data controller for personal data we collect through the services, websites and apps subject to this Privacy Notice.
Our headquarter office address is:
Hilti Aktiengesellschaft
Feldkircherstrasse 100,
9494 Schaan
LIECHTENSTEIN
Terms used in this Privacy Notice shall have the following meaning:
Terms like “we”, “us”, “our”, etc. in this Privacy Notice refer to the above mentioned responsible parties (henceforth also referred to as “Hilti”).
Terms like “you”, “your”, “yours”, etc. refer to you as a person.
The term “personal data” as used in this Privacy Notice means any information - whether such information was entered by you, collected from you or otherwise obtained - relating to an identified or identifiable natural person (‘data subject’). An identifiable natural person is one who can be identified, directly or indirectly, by reference to an identifier like in our case such as a name, company, a Hilti identification number or other technical online identifiers.
TABLE OF CONTENTS
1. Who is responsible for the proper handling of your personal data?
2. When does this Privacy Notice apply?
3. What types of personal data do we collect, process and use?
4. Why and with whom do we share personal data?
5. Will personal data be transferred abroad?
6. Why and for how long do we retain personal data?
7. What privacy choices do you have?
8. What else do we do to protect your personal data?
9. Use of cookies and similar technologies
10. Links to other websites
11. Compliance and cooperation with regulatory authorities
12. How are changes to this Privacy Notice communicated?
13. Contact us
1. Who is responsible for the proper handling of your personal data?
The party responsible for the collection, processing and use of personal data is Hilti AG as the provider of the services, websites and apps, in most cases and depending on the requested service jointly together with one or more of its affiliates.
2. When does this Privacy Notice apply?
This notice applies to all Hilti services, websites and apps that link to this document.
This Privacy Notice does not apply to services offered by other companies or individuals, including products or sites that may be displayed to you in search results, sites that may include Hilti services, or other sites linked from our services.
Our Privacy Notice does not cover the information practices of other companies and organizations who advertise our services, and who may use cookies, pixel tags and other technologies to serve and offer relevant ads.
3. What types of personal data do we collect, process and use?
Personal data that we collect, process and use in connection with the services, websites and apps includes not only information that we actively collect while you interact with us but also information that you provide to us over the customer service, the Hilti stores and our sales team.
Data subject |
Log information and local storage |
Device information |
Location information and unique application numbers |
USER of our online services, websites and apps |
user preferences (e.g., preferred language settings)
automatically log files for troubleshooting and security purposes (e.g. to fend off hacker attacks)
log for crash report, and in exceptional cases, such as when malfunctions, errors or security incidents have occurred, a manual analysis of the logs may be performed by us or by our authorized service providers
date and time of the request
name, URL and amount of data transferred for the requested file
report indicating that the retrieval was successful or the reason for its failure
type and version of the operating system of the requesting computer (if transmitted)
screen resolution and color depth (if transmitted)
type and version of the browser used (if transmitted)
language setting and plugins installed on the browser used (if transmitted)
cookies that uniquely identify your browser |
IP address, operating system, browser type, browser version, browser configuration
name of internet service provider, and other types of computer and connection related information relevant to identifying your type of device connecting to the web-site, enabling data exchange with you and your device, and ensuring a convenient use of the services, websites and apps
URL and IP address of the website from which you accessed, or were directed to our website, including date and time
subpages visited while on our website, links followed on the website, including date and time
subpages visited including date, time and time spent on page – on the apps
the full Uniform Resource Locator (URL) click stream to, through and from the website, including date and time
device event information such as crashes, system activity, hardware settings, browser type, browser language, the date and time of your request and referral URL |
|
LOGGED IN CUSTOMER |
If you use the HILTI services, websites and apps as a registered user or customer, we collect, process and use additional data (including personal data) as described below:
name, title and address
personal contact information (phone, email, fax, etc.)
login name and password
Hilti account number
service requests and orders placed
shopping history, including open and completed transactions
search terms entered
services/products viewed or searched for on the website;
shopping cart and payment information
newsletter subscriptions, enrollment for promotions, use of special offers
consents, authorizations, etc. granted
survey answers, reviews, ratings and other types of feedback provided
content of any communication sent through our services, websites and apps, including any information posted in social communities on the website or otherwise shared with Hilti and/or other users, as well as chat messages and chat transcripts
for Crash report log, we track the UserID and the error log of the crash
manual analysis performed to monitor and to ensure the stability of our services, websites and apps
We also reserve the right to evaluate the log files for statistical purposes in an anonymized form. Anonymized means that personal or customer-related data is modified in such a way that the individual information can no longer be attributed to a person or a customer, or at least only with a considerable and disproportionate investment of time, expense and manpower. |
-information about the registered user provided during the registration process, such as first name and surname, email address, telephone number, position within a company or department
user name and password when logging in as a registered user
device-specific information (such as your hardware model, operating system version, unique device identifiers, and mobile network information including phone number). Hilti may associate your device identifiers or phone number with your Hilti Account. |
actual location, using various technologies to determine location, including IP address, GPS (in certain services and apps - record the GPS location of the smartphone / device ONLY when a user uses it to scan a tool. We don’t then continuously track the GPS location), and other sensors that may, for example, provide Hilti with information on nearby devices, Wi-Fi access points and cell towers
behavior data on the apps – i.e. what actions has the user taken, what buttons has he clicked etc. These are actions taken by the user within a page.
Certain services include a unique application number. This number and information about your installation (for example, the operating system type and application version number) is sent to Hilti when you install or uninstall that service or when that service periodically contacts our servers, such as for automatic updates. |
COMPANY DATA |
- name, address, department, contact information and other information in relation to a company that you represent and your function within this company
- customer number
- VAT number
- delivery address
- business email address
- invoice address
- order number
- password
- payment information
- bank account information
- credit card information
- business telephone number
- business mobile phone number |
|
- company
- contact language
- customer advisor / point of contact
- importance of customer
- organizational unit
- participation in campaigns or events
- postal code
- product History
- region
- returns
- order number
|
We will seek your consent before collecting, processing and using your personal data for the above-mentioned purposes, where legally required. Likewise, if we wish to use your personal data for a new or different purpose, we will notify you thereof and will only make such other use if it is required or permitted by applicable law or if you have consented to it.
Any access to your personal data at Hilti is restricted to those individuals that have a need to know in order to fulfill their job responsibilities. For the purposes mentioned above, only a limited number of individuals within Hilti (e.g. individuals in sales, support, legal, finance, IT and accounting departments, as well as certain managers with assigned responsibility) will receive access to your personal data.
When you contact Hilti, we keep a record of your communication to help solve any issues you might be facing. We may use your provided email address or phone number to inform you about our services, such as letting you know about upcoming changes or improvements.
Depending on your settings, your activity on other Hilti websites and apps may be associated with your personal information in order to improve Hilti’s services and the ads delivered by Hilti.
4. Why and with whom do we share personal data?
We do not sell, trade or rent out your personal data.
For the purposes mentioned in this Privacy Notice we disclose, transfer or otherwise share your personal data, with other entities of the Hilti group of companies to the extent described in the following or as agreed by you in a specific context (e.g., where you consent to other types of data transfers in connection with enrolling for a specific service). Whenever sharing personal data, we do strictly comply with applicable laws.
We do not share personal information with companies, organizations and individuals outside of Hilti unless one of the following circumstances applies:
Consent: We will share personal information with companies, organizations or individuals outside of Hilti when we have your consent to do so. We require opt-in consent for the sharing of any personal information.
External processing: We provide personal information to our third-party service providers under appropriate instructions as necessary for the respective processing purposes, to perform specific tasks on our behalf and under our instructions. Any third-party provider will have access only to such personal data needed to perform its specific tasks, and only to perform these. We will ensure that any third-party service provider is aware of and abides to these duties. We will also ensure that any third-party service provider treats your personal data no less protective as required by applicable data protection laws and that they adopt adequate technical and organizational security measures based on our instructions and in compliance with our Privacy Notice and any other appropriate confidentiality and security measures.
Legal reasons: Without limitation, this include cases in which we are required to share personal data by law or binding order of courts, law enforcement authorities or regulators. Should we decide to disclose personal data in such context we will also consider ways of reducing the scope of the disclosure, for instance by redacting the information provided.
5. Will personal data be transferred abroad?
Hilti’s data storage locations are chosen to operate efficiently, to improve performance, and to create redundancies to protect the data in the event of an outage or other problem. We take steps to ensure that the data we collect under this Privacy Notice is processed according to the provisions of this Notice and the requirements of applicable law wherever the data is located.
It is Hilti’s policy to process your personal data only in countries in which the applicable data protection laws provide the same level of data protection as in the EU/EEA. Hilti is headquartered in Liechtenstein with server centers located also in Switzerland and therefore processes personal data under the EU adequacy framework decision regarding Switzerland.
Hilti has implemented Technical and Organizational Measures which set forth the technical and organizational security measures and procedures Hilti undertakes, as a minimum, to maintain and protect the security of personal data processed, including data in transit. IT processes at Hilti are developed in accordance with the ISO 27001 standard.
Please find below our third party providers:
Name of provider |
Country |
Activity |
Legal framework/ Safeguards on Transfers |
AWS - Amazon Web Services
|
Ireland, Germany |
Hosting center |
Contractual, Technical and Organizational measures |
ELIC |
Germany
|
webpage development and related maintenance activities |
Contractual, Technical and Organizational measures |
Office365 |
Ireland
|
Webpage related workplace activities |
Contractual, Technical and Organizational measures |
Adobe Campaign Manager |
Ireland
|
Webpage configuration and parameterization |
Contractual, Technical and Organizational measures |
123ContactForm |
Germany |
Webpage related form creator |
Contractual, Technical and Organizational measures |
Delego |
Ireland |
credit card information processing and transfer the information to the payment providers |
Contractual, Technical and Organizational measures |
Salesforce |
Germany |
CRM |
Contractual, Technical and Organizational measures |
Didomi |
France |
CMP |
Contractual, Technical and Organizational measures |
Ipsos |
France |
Customer feedback |
Contractual, Technical and Organizational measures |
Gim |
Germany |
Customer feedback |
Contractual, Technical and Organizational measures |
Hilti ON!TRACK Third party providers:
Name of provider |
Country |
Activity |
Legal framework/ Safeguards on Transfers |
LogMeIn
|
Ireland |
Supporting services |
Contractual, Technical and Organizational measures |
ServiceNow |
Netherlands |
Supporting services |
Contractual, Technical and Organizational measures |
GlobalLogic Worldwide Ltd |
USA |
Software development |
Contractual, Technical and Organizational measures |
Microsoft Azure Cloud Service: SQL Managed Instance, Western Europe |
Western Europe |
Storage of data |
Contractual, Technical and Organizational measures |
Infoguard |
Switzerland |
Supporting services |
Contractual, Technical and Organizatinal measures |
For more details regarding our extensive list of Third Party providers, please contact us.
6. Why and for how long do we retain personal data?
Hilti is continuously improving all of its Hilti services, websites and apps to retain personal data no longer than necessary for the described purposes in this notice and/or as required or permitted under applicable laws, to the extent technically possible.
The following table gives an overview of the processing activities of Hilti services, websites and apps with their purpose of the data collection, their type, the legal basis and the applicable data retention periods.
7. What privacy choices do you have?
Your trust makes our services, websites and apps work better for you. We keep it private, secure and put you in control for your preferences.
We aim to maintain our services, websites and apps in a manner that protects information from accidental or malicious destruction. Because of this, after you delete information from our services, websites and apps we may not immediately delete residual copies from our active servers and may remove information from our backup systems only after certain timeframes in accordance with applicable laws (see pt. 6).
When you register onto our online platforms, you can choose to sign up for marketing information offered by Hilti. By signing up for marketing information you can give your explicit consent whereby you agree that the data you provide (e.g. your email address) can be collected, processed and used by Hilti for the regular dispatching of written electronic communication containing company, product and service-related information such as news about new Hilti products or Hilti services or about Hilti marketing campaigns (e.g. competitions, discounts, promotions), about changes within the company or to invite you to customer surveys (e.g. on customer satisfaction or customer requirements).
In our B2B business you may object against the use of your phone number at any time through our customer service, your Preference Center or your sales contact person.
You can review and edit your Hilti services, websites and apps cookies and similar technologies by using our Cookie Setting Dashboard. For further information refer to point 9.
You can at any time modify and adjust the settings for your email address or mobile phone number in your Hilti account. You can access your Hilti account via your customer profile after registering on our website or by clicking on the “Preference Center” link in each of our email we send to you.
You can at any time contact us via our web form to exercise your rights according to applicable data protection laws and regulations.
In the case you withdraw your consent to a processing activity Hilti reserves the right to further process and use your personal data to the extent this is required or permitted by law e.g. to administrate your unsubscribe or set an over layer cookie to respect your cookie settings.
You can set your marketing preferences at any time via your Hilti account settings through the Hilti Preference Center or through customer service. We will store that information together with your account or Hilti ID and apply it when you use Hilti services, websites and apps and if we send electronic written communication to you.
You are entitled to exercise the following rights as a natural person:
- Right to object: you have the right to object, on grounds relating to your particular situation, without any formal requirements, to the processing of your personal data by Hilti, if such processing is in pursuit of the legitimate interests of Hilti or a third party. You also have the right to object, without any formal requirements, to the use of personal data for promotional and marketing purposes. If you object to marketing purposes, we will discontinue processing your personal data for this purpose. (Art. 21 GDPR)
- Right of access: you have the right to obtain from Hilti confirmation as to whether or not we process your personal data and, where that is the case, access the personal data processed such as, but not limited to, the purposes of the processing, categories of personal data concerned.(Art. 15 GDPR)
- Right to rectification: you have the right to obtain from Hilti the rectification of your inaccurate personal data (Art. 16 GDPR).You can also edit your personal data through your Hilti account.
- Right to erasure ("right to be forgotten"): You have the right to obtain from Hilti the erasure of your personal data where grounds listed in Art. 17 GDPR apply. (Art 17 GDPR)
- Right to restriction of processing: you have the right to obtain from Hilti restriction of processing where grounds listed under Art. 18 GDPR apply (accuracy of the personal data is contested, processing is unlawful, Hilti no longer needs the personal data for the purposes of the processing, you have objected to processing pending the verification of legitimate grounds). (Art 18 GDPR).
- Right to data portability: you have the right to receive the personal data processed by Hilti in a structured, commonly used and machine-readable format and have the right to transmit those data to another controller without hindrance from Hilti where applicable grounds apply (Art 20 GDPR).
- Right to lodge a complaint: in the event you consider we do not process your personal data with compliance to GDPR, you have the right to lodge a complaint to a supervisory data protection authority (see point 11 hereafter). (Art. 77 GDPR)
Right to withdraw your consent: you have the right to withdraw your consent at any time. You can modify your consent preferences for Hilti marketing communications through your Hilti account Preference Center or change your cookie settings directly through the Cookie Setting Dashboard (Art. 7.3 GDPR).
Please use the official EU website to learn more about these rights.
For the UK, you can also access information about your rights on the Information Commissioner’s website.
8. What else do we do to protect your personal data?
Hilti understands the importance of information and data security and we want your browsing and purchasing experience with us to be as safe as possible.
To protect your personal data, we have implemented reasonable and state of the art safeguards and precautions, including technical and organizational measures against unauthorized access, improper use, alteration, unlawful or accidental destruction and accidental loss, both in an online and offline context. Hilti personnel is trained and undertakes to protect personal data accessible when performing their functions.
For example:
- when you use our website, communication with your browser is encrypted using SSL (Secure Socket Layer) technology. This means that when you use our website the personal data you submit during the registration and login processes are encrypted before being sent over the Internet.
- we review the integrity our information collection process, storage and processing practices, including physical security measures, to guard against unauthorized access to systems.
- we restrict access to personal information for Hilti employees, contractors and agents based on a need to know approach in order to process it for us. Involved parties are subject to strict contractual confidentiality obligations and may be disciplined or terminated if they fail to meet these obligations.
You should only share online or through mobile apps personal information which you are comfortable sharing acknowledging that no organization or its systems can ever be guaranteed 100% secure all the time.
Please note that using credit card credentials will always require your explicit permission.
The security level does increase on your end if you do sign off (logout) when you finish using login-protected areas of the Hilti services, websites and apps.
9. Use of cookies and similar technologies
We use cookies and similar technologies in connection with our services, websites and apps as described in our Cookie Policy as detailed below or in the Cookie Setting Dashboard.
Cookies are small text files that are stored on your computer or mobile device when visiting a website or app. In the case of technical cookies, they help us to remember information about your visit, like your preferred language or your preferred menu setting. Nearly all of our services, websites or applications require cookies, we do inform you within each of them about it depending on the cookie types used.
You can see a list of the types of cookies used by Hilti and also find out how Hilti and our partners use cookies in advertising in our cookie policy that explains how we protect your privacy in our use of cookies and other information.
Depending on your cookie settings, we can use the data (including personal data) to analyze customer and user behavior, but also evaluate the needs and opinions of customers and users in different aspects, to optimize our sales and business traffic structures, and to analyze the impact of specific advertising measures.
You may also set your browser to block all cookies or choose a level of personalization. However, it’s important to remember that many of our services may not function properly if your cookies are disabled. For example, we may not remember your language preferences.
By using our cookie setting dashboard, you can choose if we can collect personalized usage data (such as subpages visited while on our services, websites, and apps shopping history, including open and completed transactions, search terms entered, services/products viewed or searched for on our websites and apps; shopping cart and payment information) in some instances, from multiple devices, and, as part of the creation of customer and user profiles, combine it with other personal data that we collected or will collect from you as part of our business relationship, execution or termination of contractual relationships (e.g. name and official address, order and purchase history, your industry affiliation) and, where applicable and separately permitted by you, personalized usage data with respect to your use of other Hilti products and services (e.g. Hilti software or Hilti apps).
COOKIE POLICY - INFORMATION ABOUT OUR COOKIES
This Cookie Policy describes how we collect, process and use your personal data by using cookies and similar technologies in connection with the usage of our web and mobile platforms.
Essential cookies
For cookies and similar technologies that are essential to deliver the service requested by the user (e.g. session cookies, authentication cookies and user security cookies), your consent is not needed.
We use cookies and similar technologies, without requesting your consent, for the following purposes:
· to remember your preferences, e.g. preferred language, preferred content
· to securely manage your session on our platform, e.g. to keep the log-in active for registered users during the entire session
· to save the contents of your shopping basket during the current and for future sessions on Hilti Websites and Mobile Apps
· to record user interaction with the platform, e.g. to identify issues you may have encountered while using our services
Our trusted tracking and advertising partners
At Hilti we use first- and third-party cookies. You can find detailed information about our cookies and partners by clicking “Your Cookie Settings” at the bottom of our website.
10. Links to other websites
Our services, websites and apps may contain links to other services, websites and apps of interest, once you have used these links you leave our services area. When you visit such other services, websites and apps you should exercise caution and look at the privacy statement applicable to the app or website in question. Hilt cannot, and does not, assume any responsibility or liability for such other websites, the content of such services, websites and apps and their privacy practices, nor do we endorse them.
11. Compliance and cooperation with regulatory authorities
We regularly review our compliance with our Privacy Notice. We work closely with the Liechtenstein Data Protection Authority where Hilti has its headquarters. You have the right to lodge a complaint with the supervisory data protection authority of Liechtenstein or you can lodge a complaint with your local supervisory authority in an EU or EEA member state, e.g your place of habitual residence, place of work or the place in which the alleged infringement took place. The local supervisory authority for the UK is The Information Commissioner’s Office, who can be contacted here. We suggest you submit any request or raise any concern in writing directly at: gbteam.localdpo@hilti.com. The Data Protection Officer is the appropriate point of contact for any data protection matter.
12. How are changes to this Privacy Notice communicated?
Our business changes constantly, which means that our Privacy Notice will be updated from time to time. Please check this Privacy Notice from time to time to ensure that you are comfortable with any changes we had to make.
We will not reduce your rights under this Privacy Notice without your explicit consent. We will post any Privacy Notice changes and, if the changes are significant, we will provide a more prominent notice up to individual e-mail notification.
13. Contact us
Your feedback is always welcome. If you have any questions or concerns about our privacy practices or your online privacy please do not hesitate to contact us at gbteam.localdpo@hilti.com