GF customer and marketing privacy statement

This privacy statement outlines how we treat customer data. This includes the processing of personal data for marketing purpose on intranet sites, social media, and promotional material. It further includes storing details on our customer and marketing register and provision of customer services.

This privacy statement is designed to inform you on all relevant information regarding your personal data processing, including on what personal data is collected, our reasons and justifications for doing so, and what your rights regarding this personal data.

For processing activities under this privacy statement Georg Fischer AG acts as the data controlle as according to applicable data protection laws. Georg Fischer AG is part of the Georg Fischer group, located in Schaffhausen, Switzerland (hereafter GF).

You can contact our group data protection officer at dataprotection@georgfischer.com.

In case you wish to make a request relating to your personal data, please use this Privacy Web Form or on local GF websites. This ensures that GF can answer your requests in a timely and efficient manner.

GF processes data on representatives, employees, directors and officers of customers, end-customers, potential customers and potential end-customers of GF as well as consumers and (together “Customer(s)”). GF may also process data from other individuals when producing marketing material.

 GF may also collect and process the following personal data to take photographs:

• Image and likeness
• Contact details
• Social media details

GF may also process the following personal data when managing customer and/or potential customer relations:

• Basic personal information (Name, date of birth, e-mail address, home address, position, gender)
• Information on meetings and other activities with the customer, such as trainings, recreational activity preferences, and interests in GF products and services
• Information regarding provided consents and methods of communication (e.g. email, SMS)

GF will only process your personal data for a specific purpose under a suitable legal basis. The purposes for processing personal data under this statement are for marketing and communications purposes: promoting GF activities to its customers, the management of customer details and relationships as well as the contacting of customers. These include the following purposes:

• to produce marketing materials by taking image or videos of individuals
• performing GF’s obligations towards its customers, including the handling, evaluating and enforcing of the customer’s or GF’s’ obligations or liabilities
• managing, handling and submitting offers and quotations as well as other binding or non-binding documents
• upholding and developing the Customer relationships
• establishing relationships with Customers
• managing and handling Customer loyalty programs
• marketing and communication purposes such as for conducting marketing research, direct marketing, automated marketing, informing the Customers of new features, new products or launches, and special promotions
• provision of GF products and services to Customers and ensuring quality, functionality and security of the products and services
• managing and handling of any product liability matters
• developing GF’ services and products
• providing Customer trainings (including webinars, live streams, and e-learnings)
• invoicing
• statistical and analytical purposes
• replying to and resolving customer issues or contacts
• transfer to one or more third parties, including other companies in the GF group in any merger related event, such as in sale, transfer, merger, reorganization or similar event,

GF wishes to produce and promote its activities to its customers. To do so, GF may collect and process image data. Once images have been selected further processing may occur with the publishing of these images on social media or internal websites. Any images that are not selected for this purpose are automatically deleted.

Collection and processing of personal data is based on the legitimate interests of GF. These interests arise from the relationship with Customers.

Additionally, GF may send direct marketing to Customers based on their consent, if such consent is required. Your consent is only used where said said consent to use such personal data is separate to other consents, informed, and freely given. You may withdraw your consent at any time using the GF Privacy Forms.

GF may collect your image based on the legitimate interests of GF for promoting its products and services, capturing its events, and for employees to fulfil their employment obligations.

GF will notify you of any further processing, for instance if pictures taken at an event wish to be used for social media marketing purposes.

GF collects this data through employees or vetted third partie0s collecting this information.

GF informs each data subject of the data processing, including of any third-party data sources and data collected from such sources, in accordance with applicable legislation.

Any collected personal data is entered into secure personal data databases by themselves, GF personnel, or by GF Building Flow Solutions’ subcontractors or service providers.

GF may disclose and transfer Personal Data outside the European Economic Area (“EEA”) in accordance and subject to the following limitations:

• with a contract entered into between the relevant GF entities, incorporating the European Commission’s Standard Contractual Clauses or other appropriate safeguards for data transfers as listed in the EU General Data Protection Regulation (GDPR), which ensure that adequate data protection arrangements are in place;
• to authorized third parties who process personal data on GF’s behalf for the purposes stated in this Privacy Statement. Your personal data may be processed by such authorized third parties also outside EU or EEA in accordance with a contract entered into between GF Building Flow Solutions and such authorized third party, incorporating the European Commission’s Standard Contractual Clauses or other appropriate safeguards for data transfers as listed in the EU General Data Protection Regulation (GDPR) which ensure that adequate data protection arrangements are in place;
• in personal processing for marketing or other joint communication purposes together with GF Building Flow Solutions’ partners, the avoidance of unnecessary communications;
• based on consent; or
• as otherwise permitted by applicable legislation

For technical reasons and for reasons related to the use of data, the personal data may be stored on servers of external service providers who may process the data on behalf of GF.

Any transfers of personal data shall be made in accordance with the General Data Protection Regulation and any applicable mandatory legislation, as may be amended from time to time.

GF may further conduct marketing and other communication jointly with GF partners and in connection with this, GF may combine information GF has collected about you with information GF partners have collected about you to e.g. avoid unnecessary communication and tailor GF message to you.

The personal data covered by this Privacy Statement may also exclusively be shared or disclosed on a strict need-to-know basis with the following categories of recipients:

• other companies within the Georg Fischer group;
• authorized external service providers, external auditors and/or subcontractors of the Georg Fischer group;
• a competent public authority, government, regulatory or fiscal agency where it is necessary to comply with a legal or regulatory obligation to which the relevant Georg Fischer group company is subject to or as permitted by applicable local law; or
• as necessary or appropriate to enforce our terms and conditions, and to protect our rights, privacy, safety or property, and/or that of our affiliates, you or others

GF shall ensure that sufficient technical and organizational personal data protection measures are implemented and maintained throughout its own organization. Further, GF shall ensure that any transfer or disclosure of personal data described in this privacy statement to any third party is subject to GF having ensured an adequate level of data protection by agreements or by other means required by law.

Technical controls:
Physical material is stored in locked spaces with restricted access. Any IT systems are secured by means of the operating system’s protection software. Access to the systems requires entering a username and a password and data transfers happen via high encryption channels.

Organizational controls:
Within the organization of GF, the use of the personal data is instructed, and access to IT systems including personal data is limited to such persons who are entitled to access them on the basis of their work assignments or role and who are subject to confidentiality obligations regarding the personal data.

Images that are stored on the website will be kept no longer than they are necessary for marketing purposes. Typically, this is at most 5 years. You can always request the removal of any of your data through the GF privacy web forms.

Customer data is stored in our system for as long as it is necessary for the aforementioned purposes. Maximum retention periods may vary according to local laws but are typically no longer than 10 years. Potential Customer personal data will typically be stored for no longer than two years.

Unless any limitations apply, each data subject has the following rights regarding the personal data processed that is covered by this privacy statement:

• the right to access all personal data GF has on them;
• the right to request that GF corrects, erases or stops using any erroneous, unnecessary, incomplete or obsolete personal data;
• the right to withdraw any consent previously provided by them, including an objection to all direct marketing

Any requests are most efficiently handled via the request form here: Privacy Web Form

If dissatisfied with the decisions or actions of GF, each data subject has the right to lodge a complaint with their country’s data protection authority.

Please be aware that GF may change this Privacy Policy from time to time. However, in the event of any material, adverse changes, GF will post a notice informing of such changes both at the beginning of this Privacy Policy and on the Site’s home page. GF advises you to visit this Privacy Policy from time to time to be aware of such changes.

Should you have any additional questions, please don’t hesitate to contact us through our customer service or by writing to us at dataprotection@georgfisher.com