Privacy Notice

The Kistler Group (hereinafter referred to as "Kistler"), which comprises Kistler Holding Ltd. and its subsidiaries, attaches great importance to the protection of your data. In this privacy notice, we inform you about how we process personal data and what rights you have as a data subject. Specific regulations may be contained in other data protection declarations, contracts or general terms and conditions, conditions of participation and similar documents that may take precedence over this data protection declaration.

The processing of personal data is carried out in accordance with the data protection regulations of the respective country, e.g. for Switzerland in accordance with the Federal Act on Data Protection ("FADP") and the corresponding ordinance and, where applicable, in accordance with the European General Data Protection Regulation ("GDPR").

Please be aware that our website may contain links from third parties which are not covered by our privacy notice.

1) Contact details

Responsibility for data processing lies with:

Kistler Instrumente AG
Eulachstrasse 22
8408 Winterthur
Switzerland

If you have any questions or concerns about data protection, please contact our data protection officer at data-protection@kistler.com.

For questions about data protection in the EU/EEA, you can also contact our data protection representative in the EU:

Swiss Infosec (Deutschland) GmbH
Friedrichstrasse 123
10117 Berlin
Germany
Kistler.dataprivacy@swissinfosec.de

2) What personal data do we process?

Any information relating to an identified or identifiable natural person is considered personal data.

We mainly process personal data that we receive as part of our business relationships with our customers and other business partners or that we collect in the operation of our websites and other applications from their users. In the course of our business activities, we collect personal data from business partners, such as customers, suppliers, subcontractors, service providers and applicants. The personal data thus collected includes, for example, your name, your telephone number, your address, your e-mail address, other contact details, your employer and position/professional title, personal data from your application file, preferences and usage behaviour in connection with our services (e.g., user information such as country, operating system, device category, browser, screen size, navigation within a product, product settings), order histories, communication with existing, former and potential business partners and third parties, acquisition data (e.g., events/trade fairs attended, first contact, interests), performance and billing data, bank details, insurance cover, documentation and other information in connection with the business relationship.

Unless otherwise contractually agreed, your data will only be processed to the extent required for performance of a specific contract (Art. 6 para. 1 lit. b GDPR, where applicable), for compliance with a legal obligation to which we are subject (Art. 6 para. 1 lit. c GDPR, where applicable), if there is a legitimate interest (Art. 6 para. 1 lit. f GDPR, where applicable), or if you have given your prior consent to data collection and processing (Art. 6 para. 1 lit. a GDPR, where applicable).

You are not obliged to provide us with your personal data. However, we may not be able to provide certain contractual services or respond to inquiries if we do not receive the required information.

3) How is your personal data used?

We collect and process your personal data in particular when you contact us, when we respond to any requests from you, when you visit our website, when we provide, and you make use of, our services, when you apply for a job with us, for invoicing and debt collection, etc., and for the purposes described below.

We accept no responsibility for data transmitted without being solicited when using a product, an application or a website.

a) In contacting us

When contacting us by e-mail, letter, telephone, via a contact form on a website or otherwise, we collect the personal data transmitted. Such data transmitted on a voluntary basis is stored for the purpose of processing the inquiry.

Insofar as we require a legal basis for processing this personal data, we rely on your consent (Art. 6 para. 1 lit. a GDPR, where applicable), or on our legitimate interest (Art. 6 para. 1 lit. f GDPR, where applicable) in responding to incoming inquiries.

b) Our provision of services

We process personal data mainly in order to conclude and perform our contracts with our customers and business partners, to document, invoice, and improve our contracts and services, or to obtain services from our business partners.

c) Products

Kistler collects data about products and offers, some of which may constitute personal data, such as the type of product used, status and settings of the application used, user information such as country, language, operating system, device category, browser, screen size, user behaviour (e.g., navigation). We use this data to provide our services and perform our contracts, as well as to improve the user experience and our offers (e.g., by troubleshooting, identifying priority areas for further development, simplifying user interfaces, etc.).

Insofar as we require a legal basis for processing this personal data, we rely on your consent (Art. 6 para. 1 lit. a GDP, where applicable), on the performance of the contract (Art. 6 para. 1 lit. b GDPR, where applicable), or on our legitimate interest (Art. 6 para. 1 lit. f GDPR, where applicable) in being able to offer and further develop our services.

d) Use of our online services

We collect personal data when you register for and use our online services, including your name, company and contact details. Online services here means any web application that is registered under a sub-domain and requires a login. If you yourself are not our customer, but rather the company for which you work, we process your business contact data for the purpose of enabling and facilitating communication with our customer for the provision of services. We may also evaluate and use usage data, such as navigation, to improve the user experience and further develop the product. We may retain your registration, address, payment and order data for as long as we need it to comply with legal requirements or for documentation and evidence purposes and to protect our corresponding interests.

Insofar as we require a legal basis for processing this personal data, we rely on your consent (Art. 6 para. 1 lit. a GDPR, where applicable), on the performance of the contract (Art. 6 para. 1 lit. b GDPR, where applicable), on the compliance with legal obligations (Art. 6 para. 1 lit. c GDPR, where applicable), or on our legitimate interest (Art. 6 para. 1 lit. f GDPR, where applicable) in being able to offer and further develop our services and to document business transactions.

e) Surveys and questionnaires regarding Kistler's products

Kistler attaches great importance to having satisfied customers and fulfilling their wishes in full and in a customer-specific manner. To this end, Kistler also conducts surveys on products and may also send you a corresponding request. Participation is voluntary and has no influence on any discounts or other special conditions. It is possible to unsubscribe from participation at any time.

f) Marketing, newsletters, and events

We may use your data (e.g., from registration with and use of the customer portal or online services) for advertising and marketing purposes (including organizing events and sending newsletters about current news and offers), provided this is permitted by law and you have not objected to the use of your data.

We use the data submitted for registration and registration for an event to contact you in order to organize and manage the event. You will receive important information for registered participants electronically to the e-mail address that you provided to us on the registration page. In addition, we will add you to our list of participants for future notifications of other events. If you no longer wish to receive newsletters or event information, you can unsubscribe yourself at any time by clicking on the corresponding link in the e-mail or by sending an e-mail to data-protection@kistler.com. You can also object to the use of your personal data for direct marketing purposes.

Insofar as we require a legal basis for processing this personal data, we rely on your consent (Art. 6 para. 1 lit. a GDPR, where applicable), or on the purpose of processing your request or registration (Art. 6 para. 1 lit. b GDPR, where applicable), or on our legitimate interest (Art. 6 para. 1 lit. f GDPR, where applicable) in being able to offer and further develop our services.

g) Websites

When you use our websites, the details of the browser and operating system you use, the website from which you visit us, the websites you visit at the same time, the date of your visit and, for security reasons (e.g., to detect attacks on our websites) and only for a certain period of time, the IP address assigned by your Internet service provider are stored by our web servers.

Insofar as personal data is processed and we require a legal basis for this, we rely on your consent (Art. 6 para. 1 lit. a GDPR, where applicable), or on the purpose of processing your request or order (Art. 6 para. 1 lit. b GDPR, where applicable), or on our legitimate interest (Art. 6 para. 1 lit. f GDPR, where applicable) in offering our services and being able to further develop our business communication.

h) Customer portal

You can register on our website for our customer portal in order to access and use additional website functions (e.g., downloading CAD data, web shop). In particular, we process your title, first and last name, company, industry, department, position, business address, e-mail address, telephone number, customer status (reseller / end customer). We collect the country in which you are located by means of your IP address, but you can change the country selection via the settings.

To complete your registration, you must accept the terms of use.

We may also use your data to inform you about our products and solutions by e-mail, if you express an interest in receiving this type of information.

Provided that no orders are outstanding, you can have your customer account deleted at any time by sending an e-mail to mykistler@kistler.com.

Insofar as we require a legal basis for processing this personal data, we base the data entered during registration on your consent (Art. 6 (1) (a) GDPR, where applicable) or on the purpose of processing your request or order (Art. 6 (1) (b) GDPR, where applicable).

i) Visitor management

Kistler uses a digital solution for visitor management. In this context, we record visitors' first and last name, company, license plate number and time of visit. We store your personal data for a period of time appropriate to the purpose, but no longer than 14 days, after which it is deleted as far as possible.

Insofar as we require a legal basis for the processing of this personal data, we base this on our legitimate interest (Art. 6 para. 1 lit. f GDPR, where applicable) in being able to identify and contact you as a visitor to our company.

j) Video surveillance

For security purposes (preventive, and to investigate and prosecute incidents), we monitor certain areas with video cameras and may also record personal data in that way. We use the data to comply with legal regulations and internal directives, and to protect infrastructure (e.g., buildings, grounds) and people (e.g., employees, visitors). We indicate this monitoring on site by means of appropriate signs. The recordings are kept for a maximum of 72 hours and then deleted if there are no indications of suspicious incidents or damages. Internally, only selected persons and functions have access to the recordings and data. The recordings and data are only released at the order of the authorities or courts or to protect the aforementioned interests in the event of suspicious incidents or damages.

Insofar as we require a legal basis for processing this personal data, we rely on our legitimate interest (Art. 6 para. 1 lit. f GDPR, where applicable), or on any legal obligations (Art. 6 para. 1 lit. c and d GDPR, where applicable) to protect persons and assets and to pursue suspected cases.

k) Staffing

Applicants can apply to Kistler via an online application form. Kistler uses the central platform to advertise job vacancies and to handle the entire application process.

By registering your candidate profile, you deposit your personal data (such as contact details, professional experience, education, skills and qualifications and work preferences, CV, diplomas and references, other job-related information) and declare that you are interested in being employed by Kistler. Your data will be used to fill open positions at Kistler.

Your documents will be processed in particular in the country in which the future employment relationship is planned. By submitting your data and information, you consent to the transfer of your data to the country in question. Your documents will only be processed by offices that are involved in the respective processes.

If your application is successful, your data will be used to create an employee profile if you are hired.

After rejection of all active applications, application documents will be deleted by Kistler after three months. Beyond that, application documents may be retained with the consent of the data subject in order to check whether a former applicant may be suitable for a future position.

l) Other purposes

We also process your data to document and provide evidence of processes, interactions and other facts in the event of legal claims, in the event of discrepancies, for the purposes of IT and infrastructure security and as evidence of good corporate governance and compliance.

We may also use personal data to assert or enforce legal claims, to defend ourselves in connection with legal disputes and official proceedings, and to prevent and investigate criminal offenses and misuse of our services.

If and insofar as the GDPR is applicable, this processing is carried out on the basis of Art. 6 para. 1 lit. a, b, c, d, e and/or f GDPR.

4) How is your personal data passed on?

As part of our business activities and for the aforementioned processing purposes, we also disclose personal data to third parties to the extent permitted by applicable law and to the extent we deem it appropriate. Some of these third parties are service providers who process the personal data for us, on our behalf and on our instructions ("processors"), while others process the personal data for their own purposes. This applies in particular to the following recipients:

Service providers within and outside the Kistler Group, including processors (such as IT providers, ICT support, digital visitor management)
Other group companies of the Kistler Group (e.g., in the recruitment process)
Business partners such as customers, resellers, suppliers, subcontractors and others
Domestic and foreign authorities or other third parties, if we are legally obliged to do so or if it is necessary to protect our interests, e.g., to combat abuse or to safeguard rights
Industry organizations, associations
Acquirers or parties interested in acquiring business divisions, companies or other parts of the Kistler Group
other parties in potential or actual legal proceedings

Some of the recipients are located in Switzerland or in the EU/the EEA, but they may be located worldwide. In particular, your personal data may be transferred to countries in which Kistler is represented by group companies, branches or otherwise (see list of Kistler locations), as well as to other countries in Europe and the USA where the service providers we use are located (e.g., Microsoft, Google).

If we transfer personal data to a country without adequate statutory data protection, we ensure an adequate level of protection by using appropriate contracts (based on the European Commission's standard contractual clauses) or binding corporate rules or rely on the statutory exceptions, such as your consent, the conclusion or performance of a contract, or the establishment, exercise or enforcement of legal claims. You can contact the data protection officer under section 1) for further information on the measures implemented.

5) Cookies, web analytics and social media

We use cookies and similar technologies (e.g., pixel tags) to provide certain functions and improve the user experience.

Cookies are small files that are stored by your system when you use our website or our corresponding offers and products. We collect data such as IP addresses, information about the operating system and settings of the end device, the region, the time and the type of use. If you do not wish to accept cookies, you can deactivate the storage of cookies on your system in the settings. Please note that deactivating cookies may restrict functionalities.

We use the following types of cookies:

Essential: This type of cookie is required to activate the core functions of the website/offer/product and is therefore used and set by default
Functional: This type of cookie enables us to analyze user behaviour in order to measure and improve performance
Marketing: This type of cookie is used by advertisers to serve adverts that are relevant to your interests

Functional and marketing cookies are optional and not absolutely necessary for the basic function of the website/offer or product. You can deactivate them in the cookie settings.

As a rule, cookies and the technical data collected do not contain any personal data. Personal data held by us or third parties may be stored together with the cookies or technical data, or data may be obtained from them, that can be linked to your person.

Further information on the cookies used can be found in the cookie settings.

Kistler uses third-party tools to improve functionality and content and to generate user statistics.

Kistler uses so-called social plugins of social networks, i.e., when you click on the button, a connection is established with the server of the respective social network and this can collect data and set cookies.

In particular, we use the services of the following service providers and partners, some of whom are processors of our data (e.g., Google Analytics) and some of whom are controllers in the meaning of data protection legislation. Further information on data processing can be found in the respective privacy notice:

Google Analytics, Google Tag Manager, Google Looker Studio and YouTube (Google Ireland Limited, Ireland), policies.google.com/privacy
LinkedIn Ireland Unlimited Company, Ireland, linkedin.com/legal/privacy-policy
Hotjar Ltd (Malta), hotjar.com/privacy/
Eloqua server from the provider Oracle Software (Switzerland) GmbH, oracle.com/legal/privacy/

If and insofar as the GDPR is applicable, this processing is carried out on the basis of Art. 6 para. 1 lit. a GDPR.

6) Storage period

We process personal data for as long as the purposes pursued with the processing, statutory retention periods and/or our legitimate interests require it, or storage is technically necessary. Storage may be necessary for technical reasons if certain data cannot be separated from other data and we therefore have to store it with this data (e.g., in the case of backups or in a document management system).

If there are no legal or contractual obligations to the contrary, we destroy, delete or anonymize personal data after the storage or processing period has expired as part of our normal business processes.

7) Your rights

We draw your attention to the fact that, as a data subject, you can request information about whether and which personal data we process about you. Under certain circumstances, you may be able to request the deletion of your personal data. You can request the correction of your personal data. You also have the option of withdrawing any consents at any time, although this only applies to future processing. If necessary, you can object to processing, which applies in particular to data processing for the purpose of direct marketing. You can also have the processing of your personal data restricted. You may also have the right to transfer the personal data concerning you (data portability). To assert your rights, please get in touch via the contact details listed in section 1) above. For identification purposes, you may need to provide a copy of your ID. Further product-specific information may be required.

Every data subject has the right to enforce their claims in court or to lodge a complaint with the competent data protection authority. The competent data protection authority in Switzerland is the Federal Data Protection and Information Commissioner (http://www.edoeb.admin.ch). If and insofar as the GDPR is applicable, data subjects have the right to lodge a complaint with a competent European data protection supervisory authority. You can find a list here: https://ec.europa.eu/justice/article-29/structure/data-protection-authorities/index_en.htm.

8) Amendments

This privacy notice may be amended from time to time. Any changes will be published on our website.

Version of December 2024