PRIVACY NOTICE

HILTI SERVICES, WEBSITES and APPS

Hilti does not only have a reputation for providing quality products and excellent customer service but is also committed to protecting your privacy in the online sphere.

 

Your privacy matters to Hilti so whether you are new to Hilti or a long-time user, please read this notice carefully – and if you have any questions contact us.

 

If you have a privacy concern, complaint, or a question regarding our electronic or digital services please contact our Data Protection Officer at Hilti by using our web form.

 

You can also control and manage your information through your Hilti Account settings (privacy dashboard).

 

This Privacy Notice describes how we collect, process and use your personal data when you visit and/or register with our services, websites and apps and the choices we offer, including how to access and update information.

 

Unless otherwise stated, Hilti AG is the data controller for personal data we collect through the services, websites and apps subject to this Privacy Notice.

 

Our headquarter office address is:

Hilti Aktiengesellschaft

Feldkircherstrasse 100,

9494 Schaan

LIECHTENSTEIN

 

Terms used in this Privacy Notice shall have the following meaning:

 

Terms like “we”, “us”, “our”, etc. in this Privacy Notice refer to the above mentioned responsible parties (henceforth also referred to as “Hilti”).

 

Terms like “you”, “your”, “yours”, etc. refer to you as a person.

 

The term “personal data” as used in this Privacy Notice means any information - whether such information was entered by you, collected from you or otherwise obtained - relating to an identified or identifiable natural person (‘data subject’). An identifiable natural person is one who can be identified, directly or indirectly, by reference to an identifier like in our case such as a name, company, a Hilti identification number or other technical online identifiers.

 

 

TABLE OF CONTENTS

1. Who is responsible for the proper handling of your personal data?

2. When does this Privacy Notice apply?

3. What types of personal data do we collect, process and use?

4. Why and with whom do we share personal data?

5. Will personal data be transferred abroad?

6. Why and for how long do we retain personal data?

7. What privacy choices do you have?

8. What else do we do to protect your personal data?

9. Use of cookies and similar technologies

10. Links to other websites

11. Compliance and cooperation with regulatory authorities

12. How are changes to this Privacy Notice communicated?

13. Contact us

 

1.     Who is responsible for the proper handling of your personal data?

 

The party responsible for the collection, processing and use of personal data is Hilti AG as the provider of the services, websites and apps, in most cases and depending on the requested service jointly together with one or more of its affiliates.

 

2.     When does this Privacy Notice apply?

 

This notice applies to all Hilti services, websites and apps that link to this document.

This Privacy Notice does not apply to services offered by other companies or individuals, including products or sites that may be displayed to you in search results, sites that may include Hilti services, or other sites linked from our services.

Our Privacy Notice does not cover the information practices of other companies and organizations who advertise our services, and who may use cookies, pixel tags and other technologies to serve and offer relevant ads.

 

3.     What types of personal data do we collect, process and use?

 

Personal data that we collect, process and use in connection with the services, websites and apps includes not only information that we actively collect while you interact with us but also information that you provide to us over the customer service, the Hilti stores and our sales team.

 

Data subject

Log information and local storage

Device information

Location information and unique application numbers

USER of our online services, websites and apps

user preferences (e.g., preferred language settings)

 

automatically log files for troubleshooting and security purposes (e.g. to fend off hacker attacks)

 

log for crash report, and in exceptional cases, such as when malfunctions, errors or security incidents have occurred, a manual analysis of the logs may be performed by us or by our authorized service providers

 

date and time of the request

 

name, URL and amount of data transferred for the requested file

 

report indicating that the retrieval was successful or the reason for its failure

 

type and version of the operating system of the requesting computer (if transmitted)

 

screen resolution and color depth (if transmitted)

 

type and version of the browser used (if transmitted)

 

language setting and plugins installed on the browser used (if transmitted)

 

cookies that uniquely identify your browser

IP address, operating system, browser type, browser version, browser configuration

 

name of internet service provider, and other types of computer and connection related information relevant to identifying your type of device connecting to the web-site, enabling data exchange with you and your device, and ensuring a convenient use of the services, websites and apps

 

URL and IP address of the website from which you accessed, or were directed to our website, including date and time

 

subpages visited while on our website, links followed on the website, including date and time

 

subpages visited including date, time and time spent on page – on the apps

 

the full Uniform Resource Locator (URL) click stream to, through and from the website, including date and time    

 

device event information such as crashes, system activity, hardware settings, browser type, browser language, the date and time of your request and referral URL

 

LOGGED IN CUSTOMER

If you use the HILTI services, websites and apps as a registered user or customer, we collect, process and use additional data (including personal data) as described below:

 

name, title and address

 

personal contact information (phone, email, fax, etc.)

 

login name and password

 

Hilti account number

 

service requests and orders placed

 

shopping history, including open and completed transactions

 

search terms entered

 

services/products viewed or searched for on the website;

 

shopping cart and payment information

 

newsletter subscriptions, enrollment for promotions, use of special offers

 

consents, authorizations, etc. granted

 

survey answers, reviews, ratings and other types of feedback provided

 

content of any communication sent through our services, websites and apps, including any information posted in social communities on the website or otherwise shared with Hilti and/or other users, as well as chat messages and chat transcripts

 

for Crash report log, we track the UserID and the error log of the crash

 

manual analysis performed to monitor and to ensure the stability of our services, websites and apps

 

 

 

We also reserve the right to evaluate the log files for statistical purposes in an anonymized form. Anonymized means that personal or customer-related data is modified in such a way that the individual information can no longer be attributed to a person or a customer, or at least only with a considerable and disproportionate investment of time, expense and manpower.

-information about the registered user provided during the registration process, such as first name and surname, email address, telephone number, position within a company or department

 

user name and password when logging in as a registered user

 

device-specific information (such as your hardware model, operating system version, unique device identifiers, and mobile network information including phone number). Hilti may associate your device identifiers or phone number with your Hilti Account.

actual location, using various technologies to determine location, including IP address, GPS (in certain services and apps - record the GPS location of the smartphone / device ONLY when a user uses it to scan a tool. We don’t then continuously track the GPS location), and other sensors that may, for example, provide Hilti with information on nearby devices, Wi-Fi access points and cell towers

 

 

 

behavior data on the apps – i.e. what actions has the user taken, what buttons has he clicked etc. These are actions taken by the user within a page.

 

 

 

Certain services include a unique application number. This number and information about your installation (for example, the operating system type and application version number) is sent to Hilti when you install or uninstall that service or when that service periodically contacts our servers, such as for automatic updates.

COMPANY DATA

- name, address, department, contact information and other information in relation to a company that you represent and your function within this company

 

- customer number

 

- VAT number

 

- delivery address

 

- business email address

 

- invoice address

 

- order number

 

- password 

 

- payment information

 

- bank account information

 

- credit card information

 

- business telephone number

 

- business mobile phone number

 

- company

 

- contact language 

 

- customer advisor / point of contact

 

- importance of customer 

 

- organizational unit

 

- participation in campaigns or events

 

- postal code

 

- product History

 

- region

 

- returns

 

- order number

 

 

 

 

We will seek your consent before collecting, processing and using your personal data for the above-mentioned purposes, where legally required. Likewise, if we wish to use your personal data for a new or different purpose, we will notify you thereof and will only make such other use if it is required or permitted by applicable law or if you have consented to it.

 

Any access to your personal data at Hilti is restricted to those individuals that have a need to know in order to fulfill their job responsibilities. For the purposes mentioned above, only a limited number of individuals within Hilti (e.g. individuals in sales, support, legal, finance, IT and accounting departments, as well as certain managers with assigned responsibility) will receive access to your personal data.

 

When you contact Hilti, we keep a record of your communication to help solve any issues you might be facing. We may use your provided email address or phone number to inform you about our services, such as letting you know about upcoming changes or improvements.

 

Depending on your settings, your activity on other Hilti websites and apps may be associated with your personal information in order to improve Hilti’s services and the ads delivered by Hilti.

 

4.     Why and with whom do we share personal data?

We do not sell, trade or rent out your personal data.

For the purposes mentioned in this Privacy Notice we disclose, transfer or otherwise share your personal data, with other entities of the Hilti group of companies to the extent described in the following or as agreed by you in a specific context (e.g., where you consent to other types of data transfers in connection with enrolling for a specific service). Whenever sharing personal data, we do strictly comply with applicable laws.

We do not share personal information with companies, organizations and individuals outside of Hilti unless one of the following circumstances applies:

Consent: We will share personal information with companies, organizations or individuals outside of Hilti when we have your consent to do so. We require opt-in consent for the sharing of any personal information.

 

External processing: We provide personal information to our third-party service providers under appropriate instructions as necessary for the respective processing purposes, to perform specific tasks on our behalf and under our instructions. Any third-party provider will have access only to such personal data needed to perform its specific tasks, and only to perform these. We will ensure that any third-party service provider is aware of and abides to these duties. We will also ensure that any third-party service provider treats your personal data no less protective as required by applicable data protection laws and that they adopt adequate technical and organizational security measures based on our instructions and in compliance with our Privacy Notice and any other appropriate confidentiality and security measures.

 

Legal reasons: Without limitation, this include cases in which we are required to share personal data by law or binding order of courts, law enforcement authorities or regulators. Should we decide to disclose personal data in such context we will also consider ways of reducing the scope of the disclosure, for instance by redacting the information provided.

 

5.     Will personal data be transferred abroad?

 

Hilti’s data storage locations are chosen to operate efficiently, to improve performance, and to create redundancies to protect the data in the event of an outage or other problem. We take steps to ensure that the data we collect under this Privacy Notice is processed according to the provisions of this Notice and the requirements of applicable law wherever the data is located.

It is Hilti’s policy to process your personal data only in countries in which the applicable data protection laws provide the same level of data protection as in the EU/EEA. Hilti is headquartered in Liechtenstein with server centers located also in Switzerland and therefore processes personal data under the EU adequacy framework decision regarding Switzerland.

Hilti has implemented Technical and Organizational Measures which set forth the technical and organizational security measures and procedures Hilti undertakes, as a minimum, to maintain and protect the security of personal data processed, including data in transit. IT processes at Hilti are developed in accordance with the ISO 27001 standard.

 

Please find below our third party providers:

Name of provider

Country

Activity

Legal framework/ Safeguards on Transfers

AWS - Amazon Web Services

 

Ireland, Germany

Hosting center

Contractual, Technical and Organizational measures

ELIC

Germany

 

webpage development and related maintenance activities

Contractual, Technical and Organizational measures

Office365

Ireland

 

Webpage related workplace activities

Contractual, Technical and Organizational measures

Adobe Campaign Manager

Ireland

 

Webpage configuration and parameterization 

Contractual, Technical and Organizational measures

123ContactForm 

Germany

Webpage related form creator 

Contractual, Technical and Organizational measures

Delego

Ireland

credit card information processing and transfer the information to the payment providers 

Contractual, Technical and Organizational measures

Salesforce

Germany

CRM

Contractual, Technical and Organizational measures

Didomi

France

CMP

Contractual, Technical and Organizational measures

Ipsos

France

Customer feedback

Contractual, Technical and Organizational measures

Gim

Germany

Customer feedback

Contractual, Technical and Organizational measures

 

 

Hilti ON!TRACK Third party providers:

Name of provider

Country

Activity

Legal framework/ Safeguards on Transfers

LogMeIn

 

Ireland

Supporting services

Contractual, Technical and Organizational measures

ServiceNow

Netherlands

Supporting services

Contractual, Technical and Organizational measures

GlobalLogic Worldwide Ltd

USA

Software development

Contractual, Technical and Organizational measures

Microsoft Azure Cloud Service: SQL Managed Instance, Western Europe

Western Europe

Storage of data

Contractual, Technical and Organizational measures

Infoguard

Switzerland

Supporting services

Contractual, Technical and Organizatinal measures

 

For more details regarding our extensive list of Third Party providers, please contact us.

 

6.     Why and for how long do we retain personal data?

Hilti is continuously improving all of its Hilti services, websites and apps to retain personal data no longer than necessary for the described purposes in this notice and/or as required or permitted under applicable laws, to the extent technically possible.

 

The following table gives an overview of the processing activities of Hilti services, websites and apps with their purpose of the data collection, their type, the legal basis and the applicable data retention periods.

Purposes of the Processing

Type of Personal Data and Information on Cookies Used (if applicable)

Legal Basis for the Processing

Retention Period

To provide, maintain, protect and improve our services, websites and apps, to develop new ones, and to protect Hilti and our customers.

·         Login name and password (encrypted storage);

·         User profile information (i.e., first name, name, email address, phone number, address);

·         User preferences (e.g., preferred language settings);

·         IP address, operating system, browser type, browser version, browser configuration, name of internet service provider, and other types of computer and connection related information relevant to identifying your type of device, connecting to the services, websites and apps, enabling data exchange with you and your device, and ensuring a convenient use of the services, websites and apps;

·         If you use the mobile version of the services, websites and apps: information on the operating system of your mobile device, used services, websites and apps version, name of internet service provider, and other types of device and connection related information relevant to improve the mobile services, websites and apps, connecting to our servers, enabling and facilitating synchronization services and support for the mobile apps;

·         URL and IP address of the website from which you accessed, or were directed to our services, websites and apps, including date and time;

·         Subpages visited and functions used when using services, websites and apps, links followed from the services, websites and apps, including date and time;

·         The full Uniform Resource Locator (URL) click stream to, through and from the services, websites and apps, including date and time;

·         Search terms entered;

·         Consents and authorizations granted

Legitimate interests (Art. 6 (1) (f) GDPR)

The processing of your personal data is necessary to identify you as a customer, to adopt the website performance to your settings and to customize your user experience (device type). At the same time, this information is necessary to protect your data and our systems from unauthorized access and to continuously improve the customer experience on your end.

/ required for the performance of a contract (Art. 6 (1) (b) GDPR)

Order processes under your contractual relationship with Hilti e.g in Hilti Online Shop need identifiers and security measures to be processed and stored on our servers.

36 months

 

 

To facilitate and process product and service orders placed on the services, websites and apps

·         Bank and accounting records of Companies

·         login name and password

·         Hilti account number

·         service requests and orders placed

·         shopping history, including open and completed transactions

·         search terms entered

·         services/products viewed or searched for on the website;

·         shopping cart and payment information

·         newsletter subscriptions, enrollment for promotions, use of special offers

·         consents, authorizations, etc. granted

·         survey answers, reviews, ratings and other types of feedback provided

·         content of any communication sent through our services, websites and apps, including any information posted in social communities on the website or otherwise shared with Hilti and/or other users, as well as chat messages and chat transcripts

 

Required for the performance of a contract (Art. 6 (1) (b) GDPR)

Order processes under your contractual relationship with Hilti e.g in Hilti Online Shop need identifiers and security measures to be processed and stored on our servers.

 

10 years after expiry of the contract

Where applicable, to establish, execute or terminate contracts in connection with your use our services, trainings, websites and apps, such as orders placed via the Hilti Online Shop; Perform your order processing and delivery in relation with local carrier for logistics purposes; or establish, execute or terminate contract in regards with service agreements e.g. On!Track app;

 

Personal data contained in contracts, communications, and business letters

VAT records and Customs & Excise duty

 

For logistics and order delivery purposes:

·         Company data (e.g, delivery address, order number, invoice)

 

For the purpose of using services, trainings and the On!Track App:

 

·         Customer name and e-mail address,

·          geolocalisation data  including device position and device ID, picture (in their own right) (On!Track)

·         Storage or jobsite location data

·         Hilti ID

·         Professional telephone and emergency number

·         Connection data (IP addresses, events, logs)

 

required for the performance of a contract (Art. 6 (1) (b) GDPR)

Order processes under your contractual relationship with Hilti e.g in Hilti Online Shop need identifiers and security measures to be processed and stored on our servers.

We process technical data in connection with personal information to deliver your On!Track services. This includes anonymous geolocalisation information to locate assets based on receiving device position.

Legitimate interests (Art. 6 (1) (f) GDPR)

If not for contractual related purposes, we may process Personal data under our legitimate interests for training purposes in order to provide you with applicable webinar and related content.

Personal data for On!Track is retained for 60 days after contract termination.

For training purposes Personal data is retained for 10 years after completion.

For logistics and order delivery purposes Personal data is retained for 10 years after contract termination.

For general contract related purposes in connection with your use of our services Personal data is retained for 10 years after expiry of the contract.

To answer your questions and respond to the requests you make in connection with the provision of technical support or other customer services and Customer Chats (e.g, AskHilti)

 

·         Name and email address;

·         Information on the device used (browser type, IP-address and Java version)

·         Date and time of the chats;

·         Content of any communication sent through the chats (chat protocol) and AskHilti forum;

·         Hilti account number;

·         Hilti ID

·         Transcripts from online chats with our customer service

Legitimate interests (Art. 6 (1) (f) GDPR):

The processing of personal data is necessary to answer the respective request of the website user which otherwise cannot be fulfilled. Therefore, the processing is justified on the basis of legitimate interests.

Six Months (for quality control and evidence purposes)

To make our website more user-friendly and to gain an insight into the usage behavior of visitors to our website and users of our apps and software, on a pseudonymous basis and across multiple devices, for advertising and market research purposes and to enable us to tailor website content to individual preferences

To perform analytics and conduct customer research, including general market research or surveying our customers' needs and opinions on specific issues, generating sales and traffic patterns, and to analyze advertising effectiveness, both on an anonymous basis (e.g., by aggregating data) or on an individual basis (if legally permissible);

·         Login name and password (encrypted storage);

·         User profile information (i.e., first name, name, email address, phone number, address);

·         User preferences (e.g., preferred language settings);

·         IP address, operating system, browser type, browser version, browser configuration, name of internet service provider, and other types of computer and connection related information relevant to identifying your type of device, connecting to the services, websites and apps, enabling data exchange with you and your device, and ensuring a convenient use of the services, websites and apps;

·         If you use the mobile version of the services, websites and apps: information on the operating system of your mobile device, used services, websites and apps version, name of internet service provider, and other types of device and connection related information relevant to improve the mobile services, websites and apps, connecting to our servers, enabling and facilitating synchronization services and support for the mobile apps;

·         URL and IP address of the website from which you accessed, or were directed to our services, websites and apps, including date and time;

·         Subpages visited and functions used when using services, websites and apps, links followed from the services, websites and apps, including date and time;

·         The full Uniform Resource Locator (URL) click stream to, through and from the services, websites and apps, including date and time;

·         Search terms entered;

·         Consents and authorizations granted

Consent (Art. 6 (1) (a) GDPR

Consent is required as a legal basis for customer research in order to carry out a set of operations such as conducting advertising, marketing operations and generating analysis and patterns

Legitimate interests (Art. 6 (1) (f) GDPR

The processing of personal data is necessary to answer the respective request of the website user which otherwise cannot be fulfilled.

The processing of personal data is also necessary to collect feedback to improve our products and services based on customer’s experience and opinion.

Therefore, the processing is justified on the basis of legitimate interests.

 

36 months

To enable you to use our services, websites and apps as a registered user

·         name, title and address

·         personal contact information (phone, email, fax, etc.)

·         login name and password

·         Hilti account number

·         service requests and orders placed

·         shopping history, including open and completed transactions

·         search terms entered

·         services/products viewed or searched for on the website;

·         shopping cart and payment information

·         newsletter subscriptions, enrollment for promotions, use of special offers

·         consents, authorizations, etc. granted

·         survey answers, reviews, ratings and other types of feedback provided

·         content of any communication sent through our services, websites and apps, including any information posted in social communities on the website or otherwise shared with Hilti and/or other users, as well as chat messages and chat transcripts

Consent (Art. 6 (1) (a) GDPR

Performance of Contract and precontractual measures (Art.6 (1) (b) GDPR

Your personal data is processed in order to provide you with precontractual and contractual  services and improve your overall customer experience.

Legitimate interests (Art. 6 (1) (f) GDPR

The processing of your personal data is necessary to identify you as a customer, to adopt the website performance to your settings and to customize your user experience (device type). At the same time, this information is necessary to protect your data and our systems from unauthorized access and to continuously improve the customer experience on your end.

 

As long as the account is active + 7 years

To prevent abusive or illegal use of our services, websites and apps Compliance with legal obligations, resolving disputes, and enforcement of our agreements; 

 

  • Name, title and address;
  • Personal contact information (phone, email, fax, etc.);
  • Name, address, department, contact information and other information in relation to a company that you represent (if any) and your function within this company;
  • Hilti account number;
  • VAT number;
  • Service requests and orders placed;
  • Shopping history, including open and completed transactions;
  • User profile information;
  • Shopping cart and payment information;
  • Information on software downloaded from the website;

 

  • Automatically log files for troubleshooting and security purposes (e.g. to fend off hacker attacks)
  • log for crash report, and in exceptional cases, such as when malfunctions, errors or security incidents have occurred, a manual analysis of the logs may be performed by us or by our authorized service providers
  • date and time of the request
  • name, URL and amount of data transferred for the requested file
  • report indicating that the retrieval was successful or the reason for its failure
  • type and version of the operating system of the requesting computer (if transmitted)
  • screen resolution and color depth (if transmitted)
  • type and version of the browser used (if transmitted)
  • language setting and plugins installed on the browser used (if transmitted)
  • cookies that uniquely identify your browser

 

IT security measures and compliance with a legal obligation (Art. 6 (1) (c) GDPR)

Order processes and access to your data e.g, under your contractual relationship with Hilti requires identifiers and security measures to be processed and stored on our servers.

 

Log files are deleted after 90 days

Evaluation of your eligibility for certain types of offers, products or services

•           Name, title and address;

•           Personal contact information (phone, email, fax, etc.);

•           Name, address, department, contact information and other information in relation to a company that you represent (if any) and your function within this company;

•           Hilti account number;

•           VAT number;

•           Service requests and orders placed;

•           Shopping history, including open and completed transactions;

•           User profile information;

•           Confirmation of being either a private or a professional user;

•           Newsletter subscriptions, enrollment for promotions, use of special offers, etc.

•           Consents, authorizations, etc. granted;

Consent (Art. 6 (1) (a) GDPR)

Legitimate interests (Art. 6 (1) (f) GDPR: The processing of your personal data is necessary to ensure that we provide you with accurate information regarding your purchased products or services and to personalize your user experience.

90 days

To communicate with you on other matters (e.g., to send you reminders, technical notices, updates, security alerts, support and administrative messages or service bulletins);

·         Email address

·         Country

·         Language

·         Date of last contact

·         Mobile phone number

·         Hilti ID

Legitimate interests (Art. 6 (1) (f) GDPR):

The processing of personal data is necessary to the use of our services, websites and apps which otherwise cannot be fulfilled. Therefore, the processing is justified on the basis of legitimate interests.

 

To provide you with information about products and services that may be of interest to you performed through traditional mail, email, telephone, fax, newsletter, text/SMS, and MMS messaging, including periodic sending of promotional materials on products, services and promotions of Hilti specifically dedicated to you (direct marketing);

 

To administer surveys, competitions, prize draws, or other activities or events in which you have voluntarily taken part                    

·         Email address

·         Country

·         Language

·         Consent state with date

·         Date of last contact

·         Mobile phone number

·         Hilti ID

Consent (Art. 6 (1) (a) GDPR

Legitimate interests (Art 6 (1) (f) GDPR

The processing of personal data is necessary to inform customer about events they are likely to be interested in and occasionally engage in activities (e.g product quality surveys)  

3 years after last direct marketing contact

 

 

 

 

12 months after completion of the survey

 

 

7.     What privacy choices do you have?

Your trust makes our services, websites and apps work better for you. We keep it private, secure and put you in control for your preferences.

 

We aim to maintain our services, websites and apps in a manner that protects information from accidental or malicious destruction. Because of this, after you delete information from our services, websites and apps we may not immediately delete residual copies from our active servers and may remove information from our backup systems only after certain timeframes in accordance with applicable laws (see pt. 6).

When you register onto our online platforms, you can choose to sign up for marketing information offered by Hilti. By signing up for marketing information you can give your explicit consent whereby you agree that the data you provide (e.g. your email address) can be collected, processed and used by Hilti for the regular dispatching of written electronic communication containing company, product and service-related information such as news about new Hilti products or Hilti services or about Hilti marketing campaigns (e.g. competitions, discounts, promotions), about changes within the company or to invite you to customer surveys (e.g. on customer satisfaction or customer requirements).

 

In our B2B business you may object against the use of your phone number at any time through our customer service, your Preference Center or your sales contact person.

 

You can review and edit your Hilti services, websites and apps cookies and similar technologies by using our Cookie Setting Dashboard. For further information refer to point 9.

 

You can at any time modify and adjust the settings for your email address or mobile phone number in your Hilti account. You can access your Hilti account via your customer profile after registering on our website or by clicking on the “Preference Center” link in each of our email we send to you.

 

You can at any time contact us via our web form to exercise your rights according to applicable data protection laws and regulations.

In the case you withdraw your consent to a processing activity Hilti reserves the right to further process and use your personal data to the extent this is required or permitted by law e.g. to administrate your unsubscribe or set an over layer cookie to respect your cookie settings. 

You can set your marketing preferences at any time via your Hilti account settings through the Hilti Preference Center or through customer service.  We will store that information together with your account or Hilti ID and apply it when you use Hilti services, websites and apps and if we send electronic written communication to you.

 

You are entitled to exercise the following rights as a natural person:

-           Right to object: you have the right to object, on grounds relating to your particular situation, without any formal requirements, to the processing of your personal data by Hilti, if such processing is in pursuit of the legitimate interests of Hilti or a third party. You also have the right to object, without any formal requirements, to the use of personal data for promotional and marketing purposes. If you object to marketing purposes, we will discontinue processing your personal data for this purpose. (Art. 21 GDPR)

-           Right of access: you have the right to obtain from Hilti confirmation as to whether or not we process your personal data and, where that is the case, access the personal data processed such as, but not limited to, the purposes of the processing, categories of personal data concerned.(Art. 15 GDPR)

 

-       Right to rectification: you have the right to obtain from Hilti the rectification of your inaccurate personal data (Art. 16 GDPR).You can also edit your personal data through your Hilti account.

 

-       Right to erasure ("right to be forgotten"): You have the right to obtain from Hilti the erasure of your personal data where grounds listed in Art. 17 GDPR apply. (Art 17 GDPR)

 

-       Right to restriction of processing: you have the right to obtain from Hilti restriction of processing where grounds listed under Art. 18 GDPR apply (accuracy of the personal data is contested, processing is unlawful, Hilti no longer needs the personal data for the purposes of the processing, you have objected to processing pending the verification of legitimate grounds). (Art 18 GDPR).

 

-       Right to data portability: you have the right to receive the personal data processed by Hilti in a structured, commonly used and machine-readable format and have the right to transmit those data to another controller without hindrance from Hilti where applicable grounds apply (Art 20 GDPR).

-      Right to lodge a complaint: in the event you consider we do not process your personal data with compliance to GDPR, you have the right to lodge a complaint to a supervisory data protection authority (see point 11 hereafter). (Art. 77 GDPR)

 

Right to withdraw your consent: you have the right to withdraw your consent at any time. You can modify your consent preferences for Hilti marketing communications through your Hilti account Preference Center or change your cookie settings directly through the Cookie Setting Dashboard (Art. 7.3 GDPR).

 

Please use the official EU website to learn more about these rights.

For the UK, you can also access information about your rights on the Information Commissioner’s website.

 

 

8.    What else do we do to protect your personal data?

 

Hilti understands the importance of information and data security and we want your browsing and purchasing experience with us to be as safe as possible.

To protect your personal data, we have implemented reasonable and state of the art safeguards and precautions, including technical and organizational measures against unauthorized access, improper use, alteration, unlawful or accidental destruction and accidental loss, both in an online and offline context. Hilti personnel is trained and undertakes to protect personal data accessible when performing their functions. 

 

For example:

-       when you use our website, communication with your browser is encrypted using SSL (Secure Socket Layer) technology. This means that when you use our website the personal data you submit during the registration and login processes are encrypted before being sent over the Internet.

 

-       we review the integrity our information collection process, storage and processing practices, including physical security measures, to guard against unauthorized access to systems.

 

-       we restrict access to personal information for Hilti employees, contractors and agents based on a need to know approach in order to process it for us. Involved parties are subject to strict contractual confidentiality obligations and may be disciplined or terminated if they fail to meet these obligations.

 

You should only share online or through mobile apps personal information which you are comfortable sharing acknowledging that no organization or its systems can ever be guaranteed 100% secure all the time.

 

Please note that using credit card credentials will always require your explicit permission.

 

The security level does increase on your end if you do sign off (logout) when you finish using login-protected areas of the Hilti services, websites and apps.

 

9.     Use of cookies and similar technologies

 

We use cookies and similar technologies in connection with our services, websites and apps as described in our Cookie Policy as detailed below or in the Cookie Setting Dashboard.

 

Cookies are small text files that are stored on your computer or mobile device when visiting a website or app. In the case of technical cookies, they help us to remember information about your visit, like your preferred language or your preferred menu setting. Nearly all of our services, websites or applications require cookies, we do inform you within each of them about it depending on the cookie types used.

 

You can see a list of the types of cookies used by Hilti and also find out how Hilti and our partners use cookies in advertising in our cookie policy that explains how we protect your privacy in our use of cookies and other information.

 

Depending on your cookie settings, we can use the data (including personal data) to analyze customer and user behavior, but also evaluate the needs and opinions of customers and users in different aspects, to optimize our sales and business traffic structures, and to analyze the impact of specific advertising measures.

 

You may also set your browser to block all cookies or choose a level of personalization. However, it’s important to remember that many of our services may not function properly if your cookies are disabled. For example, we may not remember your language preferences.

 

By using our cookie setting dashboard, you can choose if we can collect personalized usage data (such as subpages visited while on our services, websites, and apps shopping history, including open and completed transactions, search terms entered, services/products viewed or searched for on our websites and apps; shopping cart and payment information) in some instances, from multiple devices, and, as part of the creation of customer and user profiles, combine it with other personal data that we collected or will collect from you as part of our business relationship, execution or termination of contractual relationships (e.g. name and official address, order and purchase history, your industry affiliation) and, where applicable and separately permitted by you, personalized usage data with respect to your use of other Hilti products and services (e.g. Hilti software or Hilti apps).  

 

 

COOKIE POLICY - INFORMATION ABOUT OUR COOKIES

This Cookie Policy describes how we collect, process and use your personal data by using cookies and similar technologies in connection with the usage of our web and mobile platforms.

Essential cookies

For cookies and similar technologies that are essential to deliver the service requested by the user (e.g. session cookies, authentication cookies and user security cookies), your consent is not needed.
We use cookies and similar technologies, without requesting your consent, for the following purposes:

·         to remember your preferences, e.g. preferred language, preferred content

·         to securely manage your session on our platform, e.g. to keep the log-in active for registered users during the entire session

·         to save the contents of your shopping basket during the current and for future sessions on Hilti Websites and Mobile Apps

·         to record user interaction with the platform, e.g. to identify issues you may have encountered while using our services

Our trusted tracking and advertising partners

At Hilti we use first- and third-party cookies. You can find detailed information about our cookies and partners by clicking “Your Cookie Settings” at the bottom of our website.

 

 

10.     Links to other websites

 

Our services, websites and apps may contain links to other services, websites and apps of interest, once you have used these links you leave our services area. When you visit such other services, websites and apps you should exercise caution and look at the privacy statement applicable to the app or website in question. Hilt cannot, and does not, assume any responsibility or liability for such other websites, the content of such services, websites and apps and their privacy practices, nor do we endorse them.

 

11.     Compliance and cooperation with regulatory authorities

 

We regularly review our compliance with our Privacy Notice. We work closely with the Liechtenstein Data Protection Authority where Hilti has its headquarters. You have the right to lodge a complaint with the supervisory data protection authority of Liechtenstein or you can lodge a complaint with your local supervisory authority in an EU or EEA member state, e.g your place of habitual residence, place of work or the place in which the alleged infringement took place. The local supervisory authority for the UK is The Information Commissioner’s Office, who can be contacted here. We suggest you submit any request or raise any concern in writing directly at: gbteam.localdpo@hilti.com. The Data Protection Officer is the appropriate point of contact for any data protection matter.

 

12.     How are changes to this Privacy Notice communicated?

 

Our business changes constantly, which means that our Privacy Notice will be updated from time to time. Please check this Privacy Notice from time to time to ensure that you are comfortable with any changes we had to make.

 

We will not reduce your rights under this Privacy Notice without your explicit consent. We will post any Privacy Notice changes and, if the changes are significant, we will provide a more prominent notice up to individual e-mail notification.

 

13.     Contact us

Your feedback is always welcome. If you have any questions or concerns about our privacy practices or your online privacy please do not hesitate to contact us at gbteam.localdpo@hilti.com

Share