HSP Data Privacy Notice

Protecting the security and privacy of your personal data is important to HSP. Therefore, HSP Hochspannungsgeräte GmbH (for further company details, please see the “Corporate Information”) processes personal data in compliance with applicable laws on data protection and data security.

1. Processing of personal data related to your use of our websites, applications and online platforms

Categories of personal data processed, purpose of the processing and legal basis

When visiting HSP’ websites, applications or online tools (each a “HSP Online Offering”), HSP may process the following personal data about you:

  • Personal data that you actively and voluntarily provide via the HSP Online Offering (e.g., when registering, contacting us with your inquiries or participating in surveys, etc.), including name, email address, telephone number, information submitted as part of a support request, comments or forum posts, etc.; and
  • Information that is automatically sent to us by your web browser or device, such as your IPaddress, device type, browser type, referring site, sites accessed during your visit, the date and time of each visitor request.

We process your personal data for the following purposes:

  • To provide the HSP Online Offering’s services and functions and to administer your use of the HSP Online Offering;
  • To verify your identity (if you registered for a HSP Online Offering);
  • To answer and fulfill your specific requests; and
  • As reasonably necessary to enforce the applicable terms of use, to establish or preserve a legal claim or defense, to prevent fraud or other illegal activities, including attacks on HSP’ information technology systems.

The legal basis for HSP processing data about you is that such processing is necessary for the purposes of:

  • HSP exercising its rights and performing its obligations in connection with any contract we make with you (Article 6 (1) (b) General Data Protection Regulation);
  • Compliance with HSP’ legal obligations (Article 6 (1) (c) General Data Protection Regulation); and/or
  • Legitimate interests pursued by HSP (Article 6 (1) (f) General Data Protection Regulation). Generally the legitimate interest pursued by HSP in relation to our use of your personal data is the the efficient performance or management of your use of the HSP Online Offerings.

In some cases, we may ask if you consent to the relevant use of your personal data. In such cases, the legal basis for HSP processing that data about you may (in addition or instead) be that you have consented (Article 6 (1) (a) General Data Protection Regulation).

Cookies

We may use cookies within HSP Online Offerings. You can find information on HSP’ use of cookies in our Cookie Notice. The Cookie Notice also provides information on how to block and object to the use of cookies and the processing of data collected by cookies.

Links to other websites

This Privacy Notice applies only to HSP Online Offerings and not to other websites or applications operated by third parties. We may provide links to other websites and applications which we believe may be of interest to you. HSP is not responsible for the privacy practices of such other websites or applications. In some cases, we may ask if you consent to the relevant use of your personal data. In such cases, the legal basis for HSP processing that data about you may (in addition or instead) be that you have consented (Article 6 (1) (a) General Data Protection Regulation).

2. Processing of personal data related to your business relationship with HSP Categories of personal data processed, purpose of the processing and legal basis

In the context of the business relationship with HSP, HSP may process the following categories of personal data of current and future contact persons at our customers, suppliers, vendors and partners (each a “Business Partner”):

  • Contact information, such as full name, work address, work telephone number, work mobile phone number, work fax number and work email address;
  • Payment data, such as data necessary for processing payments and fraud prevention, including credit/debit card numbers, security code numbers and other related billing information;
  • Further information necessarily processed in a project or contractual relationship with HSP or voluntarily provided by the Business Partner, such as personal data relating to orders placed, payments made, requests, and project milestones;
  • Personal data collected from publicly available resources, integrity data bases and credit agencies; and
  • If legally required for Business Partner compliance screenings: date of birth, ID numbers, identity cards and information about relevant and significant litigation or other legal proceedings against Business Partners.

HSP may process the personal data for the following purposes:

  • Communicating with Business Partners about products, services and projects of HSP or Business Partners, e.g. by responding to inquiries or requests or providing you with technical information about purchased products;
  • Planning, performing and managing the (contractual) relationship with Business Partners; e.g. by performing transactions and orders of products or services, processing payments, performing accounting, auditing, billing and collection activities, arranging shipments and deliveries, facilitating repairs and providing support services;
  • Administrating and performing customer surveys, marketing campaigns, market analysis, sweepstakes, contests, or other promotional activities or events;
  • Maintaining and protecting the security of our products, services and websites, preventing and detecting security threats, fraud or other criminal or malicious activities;
  • Ensuring compliance with legal obligations (such as record keeping obligations), export control and customs, Business Partner compliance screening obligations (to prevent white-collar or money laundering crimes), and HSP policies or industry standards; and
  • Solving disputes, enforce our contractual agreements and to establish, exercise or defend legal claims.

The legal basis for HSP processing data about you is that such processing is necessary for the purposes of:

  • HSP exercising its rights and performing its obligations in connection with any contract we make with you (Article 6 (1) (b) General Data Protection Regulation),
  • Compliance with HSP’ legal obligations (Article 6 (1) (c) General Data Protection Regulation), and/or
  • Legitimate interests pursued by HSP (Article 6 (1) (f) General Data Protection Regulation).

Generally the legitimate interest pursued by HSP in relation to our use of your personal data is the efficient performance or management of our business relationship with you. In some cases, we may ask if you consent to the relevant use of your personal data. In such cases, the legal basis for HSP processing that data about you may (in addition or instead) be that you have consented (Article 6 (1) (a) General Data Protection Regulation).

3. Transfer and disclosure of personal data

HSP may transfer your personal data to:

  • other HSP companies in connection with your use of the HSP Online Offerings or our business relationship with you;
  • third parties which provide IT services to HSP and which process such data only for the purpose of such services (e.g., hosting or IT maintenance and support services); and
  • courts, arbitration bodies, law enforcement authorities, regulators or attorneys if necessary to comply with the law or for the establishment, exercise or defense of rights or legal claims.

Sometimes the recipients to whom HSP transfers your personal data are located in countries in which applicable laws do not offer the same level of data protection as the laws of your home country. In such cases, HSP takes measures to implement appropriate and suitable safeguards for the protection of your personal data. In particular:

  • We share your personal data with HSP companies in such countries only if they have implemented the HSP Binding Corporate Rules („BCR“) for the protection of personal data. Further information about the HSP BCR can be found here.
  • We transfer personal data to external recipients in such countries only if the recipient has (i) entered into EU Standard Contractual Clauses with HSP, (ii) implemented Binding Corporate Rules in its organization or (iii) – in case of US recipients – the recipient is certified under the Privacy Shield. You may request further information about the safeguards implemented in relation to specific transfers by contacting dataprotection@HSP.com.

Personal data published by you on HSP Online Offerings (such as chat rooms or forums) may be globally accessible to other registered user of the respective HSP Online Offering.

4. Retention Periods

Unless indicated otherwise at the time of the collection of your personal data (e.g. within a form completed by you), we erase your personal data if the retention of that personal data is no longer necessary (i) for the purposes for which they were collected or otherwise processed, or (ii) to comply with legal obligations (such as retention obligations under tax or commercial laws).

5. Withdraw consent

In case you declared your consent for the processing of certain personal data by HSP, you have the right to withdraw the consent at any time with future effect, i.e. the withdrawal of the consent does not affect the lawfulness of processing based on the consent before its withdrawal. If the consent is withdrawn, HSP may only further process the personal data where there is another legal ground for the processing.

6. Your rights

Under applicable data protection law you may have the right to:

  • Obtain from HSP confirmation as to whether or not personal data concerning you are being processed, and where that is the case, access to the personal data;
  • Obtain from HSP the rectification of inaccurate personal data concerning you;
  • Obtain from HSP the erasure of your personal data;
  • Obtain from HSP restriction of processing regarding your personal data;
  • Data portability concerning personal data, which you actively provided; and
  • Object, on grounds relating to your particular situation, to processing of personal data concerning you.

7. Data Privacy Contact

The HSP Data Protection Organization provides support with any data privacy related questions, comments, concerns or complaints or in case you wish to exercise any of your data privacy related rights. The HSP Data Privacy Organization may be contacted at: joerg.thome@hspkoeln.de. The HSP Data Privacy Organization will always use best efforts to address and settle any requests or complaints you bring to its attention. Besides contacting the HSP Data Privacy Organization, you always have the right to approach the competent data protection authority with your request or complaint. A list and contact details of local data protection authorities is available here.

8. Matomo

We use Matomo to collect user data about our website visitors and to better tailor the website to our users’ needs. The data is stored anonymously. You can object to the tracking at any time by turning it off here.