PHOENIX CONTACT on data protection

1. Introduction and scope

We are delighted that you are interested in our company, products, and services and would like to provide you with some key information regarding our data processing activities.

Protecting personal data is crucial, particularly for the future of Internet-based business models and the development of Internet-based economies. With this notice on data protection, we want to emphasize our commitment to protecting your privacy.

Our staff and our service providers are bound to confidentiality and to comply with the provisions of the EU General Data Protection Regulation (GDPR) and other applicable data protection laws.

We take the protection of your personal data seriously and strictly adhere to the rules of the respective applicable data protection laws.

Definition: “Personal data” means any information relating to an identified or identifiable natural person (data subject), for instance, name, geographical address, contact data, user ID, IP address, photo and video recordings, location data, etc.

The following notice informs you about the data processing activities in relation to your personal data.

2. Data controller / Data protection officer

Information on the entity responsible for the processing of your personal data (“Controller”), including how to contact the appointed data protection officer (“DPO”), where applicable, can be found here (the Controller hereinafter referred to “we”, “us” or “our”).

Designated point of contact

3. Categories of data / Purposes

3.1. Data processing on our websites

For security and technical reasons, we automatically process information transmitted by your device’s browser to our system protocols. This includes, but is not limited to:

  • Browser type/version,
  • Operating system used,
  • Requested URLs (website) on our systems,
  • Referrer URL (the website that referred to our website),
  • Host name and full IP address or unique ID of the device accessing the site,
  • Date and time of call,
  • Data volumes and file types called.

These data will not be aggregated with data from other sources, nor do we carry out personalized statistical analysis based on these data.

We process IP addresses in full length (i.e. without IP masking) only to the technically required extent.

3.2. Registration for our web portals

Our websites offer services and functionalities to manage our business relationship with you, for example, permanent saving of wish lists, projects or product comparisons, the ordering of goods or services or the requesting and viewing quotes, which are only available to registered users.

The data required to complete a registration in our web portal are your name, a valid email address and your country of residence. You also have the option of providing additional personal data about you (title, company, if relevant: your Phoenix Contact customer number, postal address, phone number). Some of these data are required in order to use certain services on our web portal, such as placing online orders, tracking your orders, generating individual price lists or processing order returns.

When purchasing products or services, your data may be passed on by us to payment service providers, insofar as this is necessary for the processing of the purchase transaction and the payments. In some cases, the payment service providers also collect data themselves, provided that you create or have created an account with them. In this case, you must log in with the payment service provider with your access data in the course of the order and the privacy policy of the respective payment service provider applies.

The purposes of the processing for which the personal data are intended:
Use of certain services on our website, such as maintenance of your master data, delivery and billing addresses, requesting offers, ordering products, tracking your order history, generating individual price lists and comfortable return handling.

Legal basis for the processing:
Art. 6 (1) (b) GDPR
Processing of your data for the preparation and handling of your order or the respective business transaction.

Art. 6 (1) (f) GDPR
Legitimate interests for marketing purposes, IT-security and administrative reasons, to the extent permitted by law.

Categories of personal data that are processed:

  • Form of address, title, name
  • Contact details (address, email address(es), telephone number, etc.)
  • Company
  • Statistical data regarding your orders
  • System log data

Source (origin) of the data:
From the data subject

Recipient(categories) of the data:
Service providers who support us in the administration of the website may have access to your data. However, these service providers are obliged by data protection law-compliant agreements (commissioned data processing agreement – DPA) to not use these data for own purposes.

Transfer of data to a third country or an international organization and the associated safeguards to protect the data:
It is not intended to transmit the data to third countries.

Storage duration of the data:
Your data entered during registration will be stored until you submit a deletion request or after 10 years after your last usage of the account.

However, depending on the chosen way of contacting us, we will have your request for deletion confirmed by an appropriate contact to verify your identity.

Legal or contractual necessity to provide the data, as well as any consequences of failure to provide the data:
Without the specification of your data, it is not possible to use certain functions (for example obtaining a binding offer) of our website or our web portal.

Automated decision-making / Profiling:
There will be no automated decision-making or profiling based on your collected data.

3.3. Newsletter

You have the option of subscribing to our newsletter. Subscription to our newsletter requires providing a valid email address. Beyond that, you can choose to provide us with additional personal data about you (title, name, company, postal address). Following registration, you will receive an individual confirmation link per email (“double opt-in”). This is a means of verifying the email address used in the registration process and ensuring that no third parties have subscribed to the newsletter using your email address.

You can withdraw your consent for the newsletter subscription at any time with effect for the future by using the unsubscribe button in our newsletters. Alternatively, you can send an email to our designated point of contact stating that you wish to unsubscribe.

Our websites may also offer you the option of creating a user profile when subscribing for the newsletter. To this end, we analyze your interactions with the newsletter (clickstream record, date and time, frequency and topics clicked on, the specific emails opened and when) so that we can subsequently send you information better tailored to your interests. You can withdraw your consent for the creation of a user profile at any time with effect for the future by sending an email to our designated point of contact.

Designated point of contact

The purposes of the processing for which the personal data are intended:
Sending promotional emails.
Interest-based contents of an advertising email (usage profile).

Legal basis for the processing:
Art. 6 (1) lit. a GDPR
(consent for receiving the newsletter)

Art. 6 (1) lit. a GDPR
(optional consent for the creation of the usage profile with reference to the email address)

Categories of personal data that are processed:
To receive the newsletter
• Email address

System log data generated during registration and dispatch of the newsletter, for instance IP address, date/time.

Optional (voluntary information):
• Title, name
• Company, address.

For the usage profile
• Email address
• Which mailing was opened when (date/time) and how often
• Which link within the newsletter was clicked when (date/time) and how often

Source (origin) of the data:
From the data subject (recipient of the newsletter)

Recipient(categories) of the data:
Within the administration of the newsletter system, employees of companies of the Phoenix Contact Group may access the data.

Service providers who support us in the administration and operation of the newsletter dispatch may have access to your data where applicable. However, these service providers are obliged by data protection law-compliant agreements (commissioned data processing agreement – DPA) to not use these data for own purposes.

When transferring a dispatched newsletter via the public Internet, routing via servers in other countries cannot be ruled out. Neither Phoenix Contact nor our service provider has any influence on the routing.

Transfer of data to a third country or an international organization and the associated safeguards to protect the data:
It is not intended to transmit the data to third countries.

Storage duration of the data:
For the dispatch of the newsletter, your data will be stored as long as you receive the newsletter or otherwise required pursuant to the respective applicable law.
(max. 3 years from the last contact starting with the end of the calendar year in which the commercial relationship expired)

If you unsubscribe from the newsletter, we will delete your data after expiry of the limitation period of the respective applicable law.
(max. 6 years starting with the end of the calendar year in which the cancellation took place).

Legal or contractual necessity to provide the data, as well as any consequences of failure to provide the data:
Your email address is required to receive our newsletter. Without your email address, we cannot send you our newsletter.

We cannot send you a newsletter tailored to your previous use without your consent for the creation of the user profile.

Automated decision-making / profiling:
There will be no automated decision-making or profiling (according to Art. 22 GDPR) based on your collected data.

3.4. Contacting us

When you submit a contact request or a query to us (e.g. by calling or faxing our office, sending an email to us or using any of the contact forms on our websites), we process the personal data you have provided us with.

The purposes of the processing for which the personal data are intended:
Your personal data, which you make available to us when making general contact, e.g. by calling or faxing our head office, sending an email to our info@ email addresses or using the various contact forms on our website, will be used to process your specific request to us.

Legal basis for the processing:
Art. 6 (1) (b) GDPR
Necessary to process your request.

Categories of personal data that are processed:
Depending on the contact method or contact form, necessary or optional entry:

  • Name, company
  • Address, contact details such as email address, telephone, fax
  • Depending on the context and where applicable, additional fields for specifying your request or free text
  • System log data that is collected when you call, fax or email us or fill out a contact form on the website, such as IP address, date/time.

Source (origin) of the data:
From the data subject

Recipient(categories) of the data:
If need be, other companies of the Phoenix Contact Group, if this is necessary to process your request.

Transfer of data to a third country or an international organization and the associated safeguards to protect the data:
It is not intended to transmit the data to third countries, unless it is necessary for the processing of your request.

If you submit your request from a third country, your request will be forwarded to the local Phoenix Contact company. A transfer to this country will then be necessary to process your request.

To protect the data within the Phoenix Contact group companies, there is an international Phoenix Contact data protection framework agreement based on the EU standard contractual clauses joined by all relevant Phoenix Contact companies worldwide.

Storage duration of the data:
Depending on the content of your request, different retention periods may apply to your data. These can be 10 years in individual cases, provided that your request is relevant under the respective applicable law.

The form data that you entered on the website will be deleted automatically after 12 months (calculated from the end of the current calendar year).

Legal or contractual necessity to provide the data, as well as any consequences of failure to provide the data:
Your data are necessary to process your contact.
Without your data, processing is not possible.

Automated decision-making / Profiling:
There will be no automated decision-making or profiling based on your collected data.

3.5. Use of collaboration tools

When you work with us using collaboration tools (e.g., IT systems for email, messaging, appointment setting, web conferencing, data exchange), we process the personal data you provide.

If you access the website of a service provider, the respective service provider is responsible for data processing and its privacy statement applies.

The purposes of the processing for which the personal data are intended
Communication outside of telephone/fax/letter,
information and data exchange, appointment scheduling and management, electronic/virtual collaboration.

Legal basis for the processing
Art. 6 (1) (b) GDPR

If no contractual relationship exists, the legal basis is Art. 6 (1) (f) GDPR. Our interest in these cases is the effective provision of electronic information exchange, e.g. in the form of e-mails, chats or web conferences.

If you provide us information which is not strictly necessary for the provision of the communication via collaboration tools, the legal basis is your consent, Art. 6 (1) (a) GDPR.

Categories of personal data that are processed
Master data:
Name, if applicable display/user name (pseudonym), if applicable personnel number, if applicable profile picture, business contact data (e.g. e-mail address, telephone number), function in the company, structural assignment, business location data, if applicable personal ID.

E-mails / web conferences / webinars / messages / appointments:
Sender, recipient, participants, time of contact, if applicable password, preferred language, video and audio data, image data, text data, attachments (all information that the sender enters in the respective message / document, so-called unstructured data), meeting ID.

Log data:
User activities that cause events on the involved systems (servers) (e.g. read, send, delete, etc.), IP address, device information, etc.

Source (origin) of the data
Data subject

Recipient(categories) of the data
Companies of the Phoenix Contact Group involved in the interaction.

Service providers (data processors) within the scope of hosting and maintenance/support of the IT systems used.

Transfer of data to a third country or an international organization and the associated safeguards to protect the data
Data processing outside the European Union (EU) does not generally take place, as we have limited the processing and storage of data to data centers within the European Union. However, we cannot exclude the routing of data via Internet servers located in a third country outside the EU. By its nature, this is particularly the case if, for example, participants in an interaction are located in a third country.

Guarantees according to Art. 46 GDPR:
Phoenix Contact internally:
International Phoenix Contact data processing framework agreement, based on EU Standard Contractual Clauses (SCC).

Service providers and their subprocessors:
Data processing agreement according to Art. 28 GDPR, if necessary, with inclusion of EU Standard Contractual Clauses (SCC).

Storage duration of the data
We delete personal data when there is no need for further storage. Need for further storage may exist in particular if the data is still needed to fulfill contractual services, to check and grant or defend against warranty and, if applicable, guarantee claims (in this case we will delete the data after the statute of limitation has expired unless statutory retention obligations exist). In the case of statutory retention obligations, where applicable, deletion only is possible after expiry of the respective statutory retention obligation (generally 10 years).

System logs are usually deleted by us after 6 months.

Legal or contractual necessity to provide the data, as well as any consequences of failure to provide the data
If you do not agree with the processing of your personal data in the above-mentioned form, you cannot contact us in the electronic form described above.

Automated decision-making / Profiling
There will be no automated decision making or profiling based on your collected data.

3.6. Seminar or event registration

We process personal data about you when you register for a seminar or an event.

The purposes of the processing for which the personal data are intended:
Your personal data, which you provide to us when you register, will be used to process the seminar or the event to which you sign up.

Legal basis for the processing:
Art. 6 (1) (b) GDPR
Required to attend the seminar/event.

Categories of personal data that are processed:
Depending on the seminar/event, the specification and processing of the following data is necessary:

  • Form of address, title, name
  • Contact details, such as email address, telephone, fax, etc.
  • Company, address
  • Different billing address
  • Seminar/event booked with the corresponding data such as date, time, venue
  • Comments/free text

System log data generated during the processing of your data in our IT systems, such as IP address, date/time.

Source (origin) of the data:
From the data subject

Recipient(categories) of the data:
Depending on the seminar booked, your data may be transmitted to service providers (processors), who have been commissioned by us to carry out the seminar/event or to maintain the IT systems used. However, these service providers may not use your data for their own purposes.

In addition, it may be necessary to transmit your data to the hotel where the seminar/event is held.

Transfer of data to a third country or an international organization and the associated safeguards to protect the data:
It is not intended to transmit the data to third countries, if not necessary to hold the seminar/event.

Storage duration of the data:
Your seminar registration data will be deleted after 12 months (calculated from the end of the current calendar year).

Tax-relevant documents, such as invoices, etc. will be deleted after expiry of the retention period of the respective applicable law (max. 10 years).

Legal or contractual necessity to provide the data, as well as any consequences of failure to provide the data:
Your data are necessary to participate in a seminar/event.
Without the specification of your data, participation is not possible.

Automated decision-making / Profiling:
There will be no automated decision-making or profiling based on your collected data.

3.7. Event management (eUNIQUE/VENTARI)

We process personal data about you when you register for an event.

The purposes of the processing for which the personal data are intended:
The purpose of processing the data lies in the handling (planning, preparation, organization, follow-up) of events.

Legal basis for the processing:
Art. 6 (1) (b) GDPR
Required to attend the event.

Categories of personal data that are processed:
Master data:
Name, gender, official address, official contact details (email, telephone number), if need be additional personal data (depending on the event) e.g. private address, date of birth.

For employees in addition: Characteristics of organizational assignment of employees (organizational key, cost center and personnel number) to create expense reports, for instance.

Event-related data:
Location and dates of the event, assigned hotels, travel options to book resources.

If need be, special data required for the relevant event, such as travel data, clothing size, special food preferences, passport number (for visa applications), etc.

Source (origin) of the data:
From the data subject

Recipient(categories) of the data:
Where applicable, service providers/processor within the event management and the maintenance of the IT systems used.

Transfer of data to a third country or an international organization and the associated safeguards to protect the data:
The data will only be transferred to a third country, if it is necessary for the execution of the event, e.g. excerpts of the data, depending on the event: Hotels, visa services, transport services, event agencies, other service providers, etc.

Storage duration of the data:
Master data of employees and comparable groups of persons (e.g. sales representatives) of the Phoenix Contact Group as well as former employees who have retired after the employment relationship has ended:

The personal data will be retained as necessary for the purposes of performance of the employment contract; leavers´ personal data will be retained pursuant to the retention period of the respective applicable law.

  • max. 15 months after the last assignment to an event

Master data of external participants:

(not belonging to the Phoenix Contact Group) are only stored on an event-related basis and deleted after the end of the event or follow-up of the event.

  • 6 months.

Event data:

Deletion of data after end of the event or follow-up of the event.

  • 6 months.

Legal or contractual necessity to provide the data, as well as any consequences of failure to provide the data:
The processing of the personal data mentioned here is necessary for the participation in an event at Phoenix Contact.

Without this data, participation is not possible.

Automated decision-making / Profiling:
There will be no automated decision-making or profiling based on your collected data.

3.8. Use of PROFICLOUD and of PLCnext Store

We process personal data about you when you register for our PROFICLOUD or the PLCnext Store.

The purposes of the processing for which the personal data are intended:
Use of PROFICLOUD and the PLCnext Store with the products and services provided there, as well as the PLCnext community.

Legal basis for the processing:
Art. 6 (1) (b) GDPR
Processing of your data is essential for the use of PROFICLOUD and/or PLCnext Store and the associated products and services.

Categories of personal data that are processed:

  • Freely selectable username
  • Country
  • Email address
  • System log data (for example IP address)

Source (origin) of the data:
From the data subject

Recipient(categories) of the data:
Within the administration of the system, companies in the Phoenix Contact Group may access the data. Apart from that, there will be no transfer of your data to third parties.

Service providers, who support us in the administration of the website, may have access to your data. However, these service providers are obliged by data protection law-compliant agreements (commissioned data processing agreement – DPA) to not use these data for own purposes.

Transfer of data to a third country or an international organization and the associated safeguards to protect the data:
Data processing outside the European Union (EU) does not generally take place, as we have limited the processing and storage of data to data centers within the European Union. However, we cannot exclude the routing of data via Internet servers located in a third country outside the EU. By its nature, this is particularly the case if, for example, participants in an interaction are located in a third country.

Guarantees according to Art. 46 GDPR:
Phoenix Contact internally:
International Phoenix Contact data processing framework agreement based on EU Standard Contractual Clauses (SCC).

Service providers and their subprocessors:
Data processing agreement according to Art. 28 GDPR, if necessary with inclusion of EU Standard Contractual Clauses (SCC).

Storage duration of the data:
Your data entered during registration will be stored until you submit a deletion request from your user. or for a period of 10 years after the last usage of the account. You can delete your user account at any time by clicking on the “Remove” button. When you remove your user account your email-address is deleted and only the username is kept ensuring traceability in the customer account. as long as a retention is required under the respective applicable law. Additionally, your posts in the community will be kept so as not to lose the context of a discussion.

System log data will be deleted after 6 months at the latest.

Legal or contractual necessity to provide the data, as well as any consequences of failure to provide the data:
Without the specification of your data, the use of PROFICLOUD, PLCnext Store and the community is not possible.

Automated decision-making / Profiling:
There will be no automated decision-making or profiling based on your collected data.

3.9. Use of our knowledge base (Empolis)

We process your personal data when you use the Knowledge Base (Empolis). It is not possible to assign these data to the respective user or identify the user. Further, any comments you choose to make on our documents cannot be assigned to you.

The purposes of the processing for which the personal data are intended:
Use of the Knowledge Base with the services provided there.

Legal basis for the processing:
Art. 6 (1) (b) GDPR
Necessary to use the Knowledge Base

Categories of personal data that are processed:
System log data (e.g. IP address)

Anonymous (no personal reference possible):
Search queries including the entered search terms and search filters, calls and runs of decision trees including the answers given and solutions chosen, downloading or displaying of documents.

Source (origin) of the data:
From the data subject

Recipient(categories) of the data:
As part of the administration of the system, companies in the Phoenix Contact Group may access the data. Apart from that, there will be no transfer of your data to third parties.

Service providers who support us in the administration of the website may have access to your data. However, these service providers are obliged by data protection law- compliant agreements (commissioned data processing agreement – DPA) to not use these data for own purposes.

Transfer of data to a third country or an international organization and the associated safeguards to protect the data:
It is not intended to transmit the data to third countries.

Storage duration of the data:
System log data that would enable a personal reference and that are not required for Phoenix Contact internal billing purposes will be deleted after 6 months at the latest.

Billing data will be deleted after the expiry of the retention period of the respective applicable law (max. 10 years).

Legal or contractual necessity to provide the data, as well as any consequences of failure to provide the data:
Without the processing of your data, in particular the IP address, it is not possible to use the Knowledge Base.

Automated decision-making / Profiling:
There will be no automated decision-making or profiling based on your collected data.

3.10. Participation in surveys

We process the personal data you provide to us when you participate in a survey.

The purposes of the processing for which the personal data are intended:
Your personal data, which you provide to us when participating in a survey, are used to process the respective survey.

In this context, the sending of personalized survey links only serves to send an individual reminder email.

We use the survey results to improve our service and optimize our offer.

Legal basis for the processing:
Art. 6 (1) (b) GDPR
(Required to participate in the survey)

Categories of personal data that are processed:
Depending on the survey, required or optional entries as well as stored data are:

  • Name
  • Email address
  • Postal address
  • Country
  • Answers in the survey
  • Depending on the context, where necessary additional fields to specify your request or free text.
  • Log data generated when completing the survey, such as IP address, date/time of execution, web browser user agent, type of device.

Source (origin) of the data:
From the data subject

Recipient(categories) of the data:
Other companies of the Phoenix Contact Group, if necessary, to process the survey.

Transfer of data to a third country or an international organization and the associated safeguards to protect the data:
The survey system is operated in our subsidiary in the US.
To protect the data, we have a data protection framework agreement with our subsidiary based on the EU standard contractual clauses.

Storage duration of the data:
Your survey data entered as well as the log data are deleted after 12 months (counted from the end of the current calendar year).

Legal or contractual necessity to provide the data, as well as any consequences of failure to provide the data:
Your data are necessary to participate in the survey and the subsequent evaluation.
Without your data, participation in a survey is not possible.

Automated decision-making / Profiling:
There will be no automated decision-making or profiling based on your collected data.

3.11. Customer relationship management (CRM)

Customer relationship management requires processing personal data related to our customer, provided that he or she is a natural person, and/or the designated contact person, where applicable.

The purposes of the processing for which the personal data are intended:
Data about interested parties/customers/contact persons to initiate, substantiate and implement legally valid transactions.

Legal basis for the processing:
Art. 6 (1) (b) GDPR with respect to the initiation of business transactions

Art. 6 (1) (f) GDPR with reference to other data about customer/customer contact person

Legitimate interests of processing pursued (by the controller or a third party):
Legitimate interests: see purposes of the processing.

The rights of the data subjects are respected insofar as in the CRM system, only business-based official contact details and other business-related information are processed. Private data are not collected, stored or processed.

Categories of personal data that are processed:
First name, last name, title, business addresses, additional addressed, official contact details (telephone number, fax number, email address), form of address, department and function in the company.

Free text, contact reports, contact history.

Marketing attributes (e.g. participation in events, communication profile, etc.).

Source (origin) of the data:
From the data subject on the basis of inquiries, orders, sales contact with contact person (meetings at trade fairs, at the customer’s site, etc.), registration on the website.

Recipient(categories) of the data:
Hosting service provider of the CRM system used.

Service providing areas of the parent company for processing business transactions.

Companies that provide contractual services on our behalf and for defined purposes.

Service providers commissioned by us must process the data to which they may have access where appropriate solely for our and not for their own purposes.

Transfer of data to a third country or an international organization and the associated safeguards to protect the data:
We do not transmit your data to third countries.

Storage duration of the data:
Regular revision of the data by sales staff.

Customers/contact persons: immediately setting an archiving note after becoming aware of the dissolution of the company or the withdrawal of the contact person.

The deletion takes place at irregular intervals after expiry of the statutory retention period (where relevant).

Legal or contractual necessity to provide the data, as well as any consequences of failure to provide the data:
The processing of the personal data mentioned here is necessary for the initiation of a contractual relationship.

Automated decision-making / Profiling:
There will be no automated decision-making or profiling based on your collected data.

3.12. Request for quotation / order processing

We process your personal data especially, but not limited to requests for quotation, order processing, sample order, license processing or configuration.

The purposes of the processing for which the personal data are intended:
Execute a contractual relationship with a customer for the supply of goods and services and for handling transports / returns / complaints / escalation management as well as payment transactions.

Legal basis for the processing:
Art. 6 (1) (b) GDPR
(required to fulfill an agreement or to initiate an agreement)

Art. 6 (1) (f) GDPR
(legitimate interests)

For legitimate interests, see “Purposes of the processing” above. Phoenix Contact customers are exclusively legal persons, or persons who are involved in business transactions, about whom information is collected or who are evaluated within the company.

Categories of personal data that are processed:
Name, address (customer, delivery address, billing address), contact details (telephone, fax, email), bank details

Results of the sanction list checks

Source (origin) of the data:
From the data subject

Recipient(categories) of the data:
Service areas of the parent company if necessary, to fulfil the agreement.

Subcontractors needed in individual cases to process the business transaction, such as transport service providers, authorities, etc.

Transfer of data to a third country or an international organization and the associated safeguards to protect the data:
We do not transmit your data to third countries, unless it is necessary for the processing of the order or your request or order originates from the respective country.

Storage duration of the data:
Retention period according to legal provisions pursuant to the respective applicable law (max. 10 years).

Legal or contractual necessity to provide the data, as well as any consequences of failure to provide the data:
The processing of the personal data mentioned here is essential for executing the contractual relationship or is required by law.

Without these data we cannot process business transactions.

Automated decision-making / Profiling:
There will be no automated decision-making or profiling based on your collected data.

3.13. Supplier management / Purchase order processing

We process your personal data when you register in the supplier portal as well as in connection with the processing of purchase orders.

The purposes of the processing for which the personal data are intended:

  • The process and the use of the personal data are intended to cover the demands regarding externally procured materials, investments and services.
  • Selection of optimal sources of supply, reduction of procurement risk, quality assurance, minimization of default risks (supplier, goods).
  • Ensuring the production capability of the company.

Legal basis for the processing:
Art. 6 (1) (b) GDPR
(required to fulfill an agreement or to initiate an agreement)

Art. 6 (1) (f) GDPR
(legitimate interests)

Legitimate interests of the controller and consideration regarding the rights of personality of the data subjects:
For legitimate interests, see “Purposes of the processing” above.

Phoenix Contact suppliers are exclusively legal persons, or persons who are involved in business transactions, about whom information is collected or who are evaluated within the company.

Categories of personal data that are processed:
Name, title, business address, additional addresses, business contact details (telephone number, fax number, email address), form of address, department and function in the company, bank details, control data, VAT ID number.
Result of the assessment:

  1. Assessment results obtained:
    Credit rating/risk index, shareholder structure based on various basic data, audit report.
  2. Various own key figures such as:
    ABC classification, supplier profile, evaluation number; free text (risk report).

System data from the ERP (for ordering, goods receipt, quality data).

Source (origin) of the data:

  • From the data subject
  • From credit reporting agencies
  • Information collected from our own databases.

Recipient(categories) of the data:

  • Companies of the Phoenix Contact Group.
  • Companies that provide contracted services on our behalf and for defined purposes.

Transfer of data to a third country or an international organization and the associated safeguards to protect the data:
Within an intragroup, cross-company supplier management, data from suppliers are also made available to Phoenix Contact companies worldwide if required.

To protect the data, there is an international Phoenix Contact data protection framework agreement based on the EU standard contractual clauses, which was joined by all relevant Phoenix Contact companies worldwide.

Storage duration of the data:
Master data of a supplier are stored in the system as long as there is a contractual relationship or a contractual relationship cannot be ruled out for the future.

Furthermore, these data are immediately changed or blocked/deleted if the supplier/contact person as a natural person so requires, or if the responsible purchaser becomes aware of incorrect data.

(in each case subject to statutory retention periods)

Procurement documents are deleted after expiry of the retention period of the respective applicable law (max. 10 years) and upon completion of the tax audit.

Own audit reports on quality are stored up to 10 years for a long-term supplier development and for the quality proof in customer audits.

Creditworthiness information is stored 6 years for the evaluation of the medium-term development of a supplier as long as there is a contractual relationship.

Legal or contractual necessity to provide the data, as well as any consequences of failure to provide the data:
The processing of the personal data mentioned here is necessary for the supplier management or the handling of business transactions.

Without these data, we cannot enter into a business relationship.

Automated decision-making / Profiling:
There will be no automated decision-making or profiling based on your collected data.

3.14. Job applicant’s data

We process the personal data you provide to us as part of a job application and/or registration in the Application Portal.

The purposes of the processing for which the personal data are intended:
Selection and recruitment of suitable applicants

Legal basis for the processing:
Art. 88 (1) GDPR in conjunction with national legislation
(Initiation of employment relationship)

Categories of personal data that are processed:

  • Name, title, address, contact details, date of birth, citizenship
  • CV, certificates, qualifications, photo (optional), entered data as part of an optional recruitment test
  • if need be, (short) assessment of the applicant by Phoenix Contact employees; log data
  • when using video interview: video data of the applicant

Source (origin) of the data:
Application details:
from the data subject

Assessment details:
Recruiter, HR Officer, manager of the department, (specialized) instructor

Within the trainee selection:
designated commercial trainees

Recipient(categories) of the data:
We will not share your data with third parties.

If you have given your consent within the application process, the application documents can be forwarded to other companies of the Phoenix Contact Group.

Transfer of data to a third country or an international organization and the associated safeguards to protect the data:
We do not transmit your data to third countries, unless you have explicitly applied for a job in a third country or given your consent.

Storage duration of the data:
After completing the application process (for apprentices/students/trainees: after completing the application process of the respective year of recruitment) the data will be deleted after six months.

With the consent of the applicant regarding a longer-term storage, data can be stored up to 12 months.

An applicant video is either deleted manually by the responsible HR Officer or automated by the service provider no later than three months after the cancellation by the applicant or the completion of the application process for a job.

Legal or contractual necessity to provide the data, as well as any consequences of failure to provide the data:
Processing of the personal data mentioned here is necessary for handling the application process.

Without these data, we are unable to consider you in the application process.

Automated decision-making / Profiling:
There will be no automated decision-making or profiling based on your collected data.

3.15. Use of our blogs

We process personal data you provide to us when you use the Phoenix Contact blog.

The purposes of the processing for which the personal data are intended:
Active use of the Phoenix Contact blog.

Legal basis for the processing:
Art. 6 (1) (b) GDPR
Processing of your data is necessary, if you actively want to use the blog and comment on existing contributions.

Categories of personal data that are processed:

  • Name, email address (when using the comment function)
  • System log files (e.g. IP address)

Source (origin) of the data:
From the data subject

Recipient(categories) of the data:
As part of the administration of the system, companies in the Phoenix Contact Group may access the data. Apart from that, there will be no transfer of your data to third parties.

Service providers who support us in the administration of the website may have access to your data. However, these service providers are obliged by data protection law- compliant agreements (commissioned data processing agreement – DPA) to not use these data for own purposes.

Transfer of data to a third country or an international organization and the associated safeguards to protect the data:
It is not intended to transmit the data to third countries, but as an internet blog, your comments are seen worldwide of course.

Storage duration of the data:
Your data entered during commenting will be stored until you submit a deletion request to us.

However, after removing your personal data your comments will be kept so as not to lose the context of a discussion.

Legal or contractual necessity to provide the data, as well as any consequences of failure to provide the data:
Without the provision of your data, the use of the commenting function in the blog is not possible.

Automated decision-making / Profiling:
There will be no automated decision-making or profiling based on your collected data.

4. Cookies

Our websites use cookies. Cookies are small text files that are stored by your browser on your device. We use cookies to make our websites more user-friendly, effective and secure. By way of an example, cookies enable the technical implementation of a user session in our online catalog. Further, cookies provide information which enables us to optimize our websites to meet user requirements.

Some of the cookies we use are session cookies. These are automatically deleted when closing your browser. Some cookies are saved for a longer period of time.

All cookies on our websites contain purely technical information in a pseudonymized or anonymized format, with no personal data.

If you want to prevent cookies from being saved, go to Cookie Management or click on “Manage Cookies” on the cookie banner that pops up on your screen when you first open our website. In addition, you may sometimes be able to manage your general cookie preferences in your browser settings, for example, by selecting “Do not accept cookies”. Please note that the scope of functions of our websites may be severely limited if the use of cookies is restricted. A number of functions may no longer be available. This may also be the case when visiting our websites using the so-called “Private Mode” of your browser.

We ourselves do not store any information in the LSO (Local Shared Objects) area of your computer, so we do not use so-called “Flash Cookies”. However, other services we may link to, such as YouTube, use this function for their own purposes, where applicable.

5. Social Media / Social Networks / Cloud Services / External Links

We do not use any automatically activated plug-ins (e.g. iFrames) of social networks on our websites. Our social network buttons such as Facebook, Twitter, Xing, LinkedIn, YouTube, Instagram etc. are mere links to the respective sites of the provider or activate the wanted cloud service. Once you click on these links, you will be redirected to the pages of the respective social network or the specific cloud service is being activated. Please note that once on the social network websites or cloud services, their respective data protection notices are applicable.

In addition, we have an online presence in some of these social networks and platforms to promote our business, inform interested parties/users about our products and services and to communicate with them. On some of these platforms, user data is processed outside the European Union (EU), even in countries where no data protection level comparable to that of the EU can be guaranteed. Your personal data is often used for the platform’s own purposes, e.g. for market research and advertising purposes or to analyze user behavior for the creation of user profiles. To this end, cookies from these platforms are usually stored on the user’s device.

Although we do not have access to the profile data processed by the platforms, we may be a joint controller for the data processing under the respective applicable data protection laws. The personal data of the users is processed based on our legitimate interests in simple information and communication with the users pursuant to Art. 6 (1) (f) GDPR. For further information, please contact our designated point of contact (under the link below).

For detailed information on the processing of your personal data and possible opt-out options, please refer to the following:

Facebook

Privacy policy at: https://www.facebook.com/about/privacy,
Opt-out at: https://www.facebook.com/settings?tab=ads

Instagram

Privacy policy at: http://instagram.com/about/legal/privacy/
Opt-out at: http://instagram.com/about/legal/privacy/.

YouTube

Privacy policy at: www.google.com/privacy,
Opt-out at: https://adssettings.google.com/authenticated.

Vimeo

Privacy policy at: https://vimeo.com/privacy,
Opt-out at: https://vimeo.com/privacy#your_privacy_choices

Twitter

Privacy policy at: www.twitter.com/privacy ,
Opt-out at: https://twitter.com/personalization.

LinkedIn

Privacy policy at: https://www.linkedin.com/legal/privacy-policy,
Opt-out at: https://www.linkedin.com/psettings/advertising.

XING

Privacy policy at: www.xing.com/privacy
Opt-out at: https://privacy.xing.com/en/privacy-policy.

walls.io

Privacy policy at: https://walls.io/privacy,
Opt-out at: https://walls.io/privacy.

Facebook

For the purposes of managing our online presence in social media (Facebook, Instagram, LinkedIn and Twitter), we use Facelift Cloud, a service of Facelift Brand Building Technologies GmbH (Gerhofstrasse 19, 20354 Hamburg, Germany). Facelift Cloud allows us to publish, advertise, manage, monitor and moderate the content of our social media profiles. To this end the social media user IDs of customers and interested parties interacting with us on the platforms as well as the communication history are stored in a data center of Facelift Brand Building Technologies GmbH and made available to us for use via the Facelift Cloud software.

Designated point of contact

6. Web analyses

On our websites we use different tools for pseudonymized or anonymized web analyses and to evaluate the success of our marketing measures. The following explanations will give you an overview of tools we use and to what extent. We do not use all tools on all websites.

Intended purposes of the processing of the personal data:
Web analysis and online advertising (remarketing), i.e. in detail analysis of user behavior to optimize our online services and display interest-related advertising

Legal basis for the processing:
Art. 6 (1) (f) GDPR
(Legitimate interests of the controller)
Art. 6 (1) (a) GDPR
(Optional consent for the creation of marketing profiles)

Legitimate interests of processing pursued by the controller and their balancing with the interests and rights of the users:
Analysis and statistical evaluation of the use of our website, optimization of the user guidance and the economic operation of our online services, provision of offers and contents that are as relevant and interest-related as possible.

We have carefully balanced these legitimate interests with your interests and fundamental rights and freedoms as a user. Where we use Google services or tools from other third-party providers, we do not have less restrictive, but equally suitable means to pursue our interests, either because of the international distribution of such tools or because of their standard interfaces to other software systems we use. The data is processed using a pseudonym; the data gained is not used to identify users. In your interest, we have implemented the services of third-party providers in such a way that they are as data protection-friendly as possible (e.g. by shortening the IP address, reducing the standard storage period, etc.).

Furthermore, there are different possibilities to deactivate and prevent tracking (opt-out), so that the user can easily execute his right to object according to the GDPR at any time. Where this is technically possible and supported by the service providers, do-not-track settings by our users are also respected.

Categories of personal data that are processed:
Pseudonymous statistical data for the use of the website and our online services

(For example: Which pages are called in which order; duration of stay on our websites; which offers are clicked…).

Source (origin) of the data:
From the data subject (when using the website).

Recipient of the data (categories):
As part of the administration of the website, employees of affiliated companies of the Phoenix Contact GmbH & Co. KG may have access to the data.

Service providers who support us in the administration and operation of web analytics and online advertising as well as third-party providers of analysis and tracking tools may have access to your data. However, these service providers are contractually obliged by respective data processing agreements to only use the data on our account and not for their own purposes.

Transfer of data to a third country or an international organization and the associated safeguards to protect the data:
Within our services, data can be transferred anonymized or pseudonymized to servers in the USA and stored there. From the point of view of the European Union, there is no “adequate level of protection” in the USA for the processing of personal data in line with EU standards. However, our service providers signed the EU standard contractual clauses and are therefore subject to a comparable level of protection, thereby ensuring compliance with European data protection law.

Storage duration of the data:
Data collected and processed for web analysis purposes are stored pursuant to the respective applicable law (max. 14 months) before being deleted or anonymized. The storage duration of cookies for web analyses is 6 months.

Automated decision-making / Profiling:
There will be no automated decision-making or personalized profiling based on your collected data. The pseudonymized collected data will not be assigned to a person.

WiredMinds
Our website uses the tracking pixel technology of WiredMinds GmbH to analyze visitors’ behavior. Cookies and pixel tags are used for this purpose (“tracking pixel technology”). Pixel tags are small, invisible characters that are contained within a website. Collecting and analyzing the data enables us to trace the behavior of visitors on our websites. In particular, we are able to obtain information on the preferred areas of interest of our users as shown by the use of the respective websites and the geographical location of visitors.

The data collected is processed for our own purposes and is not shared with any third parties outside the Phoenix Contact Group. Further, these data is under no circumstances used for other purposes or sold. The data collected will not be used to identify the website visitor or merged with other personal data about the visitor unless agreed to separately by the person concerned. Where IP addresses are processed, these are immediately anonymized by means of deleting the last set of numbers following collection.

If you do not wish to have your behavioral data processed as described above, please click here. Please note that the objection to the processing is carried out by storing a cookie on your device which prevents the collection of your data. If you delete your browser cookies or use a different browser on your next visit, you will need to click the link again.

Matomo
On some of our websites user interactions are analyzed by the tracking software Matomo (matomo.org). The IP address is stored anonymously, i.e. at least the last three digits of the IP address are set to 0. Thus, the collected data cannot be traced back to a specific person.

The tracking software is only used to adapt the website to the current technical conditions and to optimize the Internet offer for our users. The data collected this way are made available only to us, after having been processed, and are not shared with any third parties. Further, these data is not used for other purposes nor sold. The tracking software runs on own servers of the Phoenix Contact Group exclusively in Germany. Statistical data and any personal data (e.g. via registration and contact forms) are processed separately. No link is made between personal data and statistical data at any time.

If you do not wish to have data processed as described above, please remove the tick from the checkbox in the menu of the respective website to object to the processing of your data. Please note that this is done by storing a cookie on your device which prevents the collection of your data. If you delete your browser cookies or use another browser for your next visit, you will need to click the link again.

Google Analytics
We use Google Analytics, a service of Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland (“Google”) for web analysis and range measurement. Google uses cookies. The information generated by the cookie about users’ visits to our website is generally transmitted to and stored by Google on servers in the United States.

However, Google Analytics is used by us exclusively with activated IP anonymization (so-called IP masking). This means that the IP address of users is shortened by Google. Only in exceptional cases, e.g. if technical failures occur in Europe, the full IP address is transferred to a Google server in the USA and then shortened there. To the best of our knowledge, the IP address transmitted by the user’s browser will not be merged with other data of the user held by Google.

Google uses the transmitted data on our behalf and on the basis of a (commissioned) data processing agreement, to evaluate the use of our website, to create reports on the activities within our online offering and to provide us with other services associated with the use of the website. With the help of these analysis results we can, for example, identify particularly popular areas of our website and the preferences of users and use the knowledge gained in this way to further improve our offer and make it more targeted and interesting for you as a user.

With the processing of the data we pursue our legitimate interests in an analysis and statistical evaluation of the use of our website, in the optimization of our online offer and in the provision of content that is as relevant to your interests as possible. We have carefully balanced these legitimate interests with your interests and fundamental rights and freedoms as a user and have come to the conclusion that no consent is required but that data processing is allowed on the basis of our legitimate interests, Art. 6 (1) (f) GDPR.

The determining reason for the use of Google Analytics is the fact that there is no equally suitable web analysis tool for our specific purposes. Google Analytics is not only the most widespread tool in the international context and is therefore particularly suitable for websites of internationally active groups of companies. Due to its wide distribution, Google Analytics – unlike other web analysis tools – also has standard interfaces to other software systems that we use. Furthermore, in your interest we implemented Google Analytics as data protection friendly as possible (in addition to IP masking, e.g. by not processing the user ID for cross-device analysis of visitor flows, by reducing the standard storage period, etc.).

The acceptance of cookies when using our website is not mandatory; if you do not wish cookies to be stored on your device, you can deactivate the corresponding option in the system settings of your browser or in the Cookiebot settings (Cookie Management). Additionally, you can delete saved cookies at any time in the system settings of your browser. If you do not accept cookies, however, this may lead to functional limitations. In addition, you can deactivate the use of Google Analytics cookies using a browser add-on if you do not wish the website analysis. You can download this add-on here: http://tools.google.com/dlpage/gaoptout?hl=en.
You can use the Google Analytics opt-out browser add-on to prevent Google Analytics from using your information. To disable Google Analytics, download and install your web browser add-on. The Google Analytics opt-out add-on is compatible with all common browsers. For the add-on to work, it must be loaded and run correctly in your browser. To learn more about how to disable Google Analytics and correctly install the browser add-on, click here: https://support.google.com/analytics/answer/181881?hl=en.

As an alternative to the browser add-on, for example for mobile devices, you can also prevent Google Analytics from capturing data by clicking on the opt-out link that you find in the privacy menu of the respective website if this website uses Google Analytics. An “opt-out cookie” will then be set to prevent your data from being collected in the future. The opt-out cookie applies only to the specific browser used when you set it and only to our website and is stored on your device. If you delete the cookies in your browser, you must set the opt-out cookie again.

The common browsers also offer a “Do-Not-Track-Function”. If this function is activated, your device informs the web analysis tool that you do not want to be tracked.
Please also note the following: From the point of view of the European Union, there is no “adequate level of protection” for the processing of personal data in the USA that corresponds to EU standards. However, this level of protection can be replaced or established for individual companies by signing the so-called EU standard contractual clauses. Google has signed these clauses and hereby guarantees to comply with the European data protection law.
The data processed by Google Analytics is automatically deleted after a period of max. 13 months. Data whose retention period has been reached is automatically deleted once a month.

You can find out more about Google’s use of data, setting and withdrawal options in Google’s privacy policy: https://policies.google.com/privacy

Google Analytics 4
Our website uses Google Analytics 4, a newly developed product of Google which is currently in its beta testing phase. The Google Analytics 4 allows us to combine app and web data (such as clicks, page views, apps open, scrolls, outbound clicks, site search, video engagement, file downloads, and more) for unified reporting and analysis across platforms.

For more information on Google Analytics, including on the applicable retention periods, please see above under “Google Analytics”.

Google Optimize
Our website uses the web analysis and optimization tool Google Optimize, a Google Analytics sub-service, also a service of Google (see above). We use Google Optimize to improve the content and features of our website by way of A/B testing. This means that specific new functions or versions of our website are made available to users, and statistical analysis is used to determine which variation of the function or the website performs better.

A/B testing is performed using cookies. Please note that the information collected by these cookies about your use of our website is usually transferred to a Google server in the USA and stored there. We use Google Optimize with the extension “_anonymizeIp()”.

For more information on Google Analytics, including on the applicable retention periods, please see above under “Google Analytics”.

7. Online Advertising (Retargeting / Remarketing)

For the purpose of optimizing our online offer we use third-party retargeting and remarketing services on our website to help us analyze, improve and operate our online services in an economic way.

How Retargeting / Remarketing works
On our website, data are collected using cookie / tracking technology to improve our online offer. These data are not used to identify you personally, but solely to analyze the use of our website and to address users who are already interested in our content and offers with interest-related advertising. We are convinced that the display of an interest-related advertisement is generally more interesting for the user than advertising that has no such personal reference. The following section of this data protection notice informs you about the third parties we cooperate with, how your data are processed in this context, and how you can deactivate and opt-out from such retargeting / remarketing technologies.

Google Ads
We use the online marketing tool Google Ads, a service of Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland (“Google”). We use the remarketing function within the Google Ad Service in order to place ads within the Google Advertising Network (e.g. in search results, videos, web pages, etc.) so that they are specifically displayed to users who have a supposed interest in the ads or the products and services advertised. For these purposes, so-called (re)marketing tags are integrated and executed on our website and other websites of the Google Advertising Network directly by Google. In this way an individual cookie is stored on the user’s device (comparable technologies can also be used instead of cookies), this serves to recognize your browser. Google usually stores information about this cookie, such as which websites the user has visited, what content he is interested in and what offers the user has clicked on, as well as technical information on the browser and operating system, referring websites, visiting times and other information about the use of the online service.

Furthermore, we use the function of Ads Conversion. Using an individual “conversion cookie” we can track how many of our visitors are taking actions on our website resulting from an advertising campaign. The information collected with the help of the cookie is used by Google to compile conversion statistics for us. However, we only know the anonymous total number of users who clicked on our ad and were directed to a page with a conversion tracking tag. We do not receive any personal data.
The data processing associated with the services described above is carried out for analysis, optimization and marketing purposes, in particular in order to better measure and evaluate the success of our advertising campaigns and to provide you with offers and content that are as closely aligned with your interests as possible. We have carefully balanced these legitimate interests with your interests, fundamental rights and freedoms as a user and have come to the conclusion that no consent is required, but that data processing is allowed on the basis of our legitimate interests, Art. 6 (1) (f) GDPR. The determining reason for the use of Google Ads is the fact that there is no equally suitable online advertising network for our specific purposes. Google Ads is the most widespread international advertising tool and is therefore particularly suitable for advertising in our internationally group of companies. The most important aspect, however, is that the network of Google’s partners – the so-called display network – is probably the world’s largest network and you as a user can therefore be addressed in the best possible and most targeted way.
If you do not wish such marketing cookies to be stored on your device, you can deactivate the corresponding option in the system settings of your browser. Already stored cookies can be removed at any time in the system settings of your browser. However, if you do not accept any cookies, this may lead to functional limitations. You can also prevent data processing by Google Ads by clicking on the link provided in the privacy menu of the webpage if that webpage uses Google Ads. An “opt-out cookie” will then be set to prevent your data from being collected in the future. The opt-out cookie applies only to the browser used when you set it and only to our website and is stored on your terminal device. If you delete the cookies in your browser, you must set the opt-out cookie again. The common browsers also offer a “Do-Not-Track-Function”. If this function is activated, your device informs the web analysis tool that you do not want to be tracked.

Insofar data is processed in the USA, we would like to point out that Google has signed the EU standard contractual clauses and thereby guarantees compliance with European data protection law.
The pseudonymized data processed by Google Ads is deleted after 90 days. The deletion of data whose retention period has been reached takes place automatically once a month. Further information on the use of data by Google, setting and withdrawal options can be found in Google’s privacy policy (https://policies.google.com/technologies/ads?hl=en) and in your personal settings for the display of advertising by Google (https://adssettings.google.com/authenticated).

Google Tag Manager
We would also like to inform you about the use of the Google Tag Manager on our website. Google Tag Manager is a solution that allows website providers to manage website tags through a single interface and in this way integrate in particular Google services into their offer. The Google Tag Manager itself (which implements the tags) does not collect or process any personal data.

Facebook Pixel
We use the analytics tool Facebook Pixel in the standard configuration on our website, a product from Facebook Ireland Limited (4 Grand Canal Square, Dublin 2, Ireland), to measure the effectiveness of our advertising by understanding the behavior of users and improve the sales of our products by tailoring our marketing strategies to make our ads more relevant to our audience.

Pixel is a few lines of code from Facebook copied in our website which enable Facebook to receive information about users (such as referral URLs, the devices used and demographic information) and track the actions they take on our website either as a result of Facebook ads or organic reach (such as page views and purchases).

Please note that, if you are logged into Facebook when visiting our website, Facebook can assign the visit to your account. However, even if you are not a registered Facebook user or are not logged in, Facebook may still collect identifying features about you to create profiles and transfer the information to its subsidiaries and affiliates.

The data processed by the Facebook Pixel is deleted after a period of 180 days after your last visit.

We will seek your consent (Art. 6 (1) (a) GDPR) prior to activating the Facebook Pixel.

LinkedIn Insight Tag
We use the LinkedIn Insight Tag, a service of LinkedIn Ireland Unlimited Company, Gardner House, Wilton Plaza, Dublin 2, Ireland. The Insight tag is a piece of code for our website that allows us to optimize campaigns, retarget website visitors, and learn more about your target audience. The LinkedIn Insight Tag creates a unique LinkedIn browser cookie on your browser and enables the collection of the following data for that cookie: metadata such as IP address, timestamp, and page events (like page views).

The data processed by the LinkedIn Insight Tag is deleted after a period of 90 days after your last visit.

We will seek your consent (Art. 6 (1) (a) GDPR) prior to activating the LinkedIn Insight Tag.

Microsoft Ads
We use Microsoft Ads, a service of Microsoft Ireland Operations Limited ,The Atrium Building Block B, Carmanhall Road, Sandyford Business Estate, Dublin 18)(“Microsoft”). Microsoft Ads is an advertising platform that allows us to build campaigns and target users across Microsoft’s Search and Audience Network. To this end, Microsoft Ads stores a cookie on your computer if you came to our website through a Microsoft ad. Microsoft and we can thus recognize that someone has clicked on an ad, been redirected to our website, and reached a predetermined destination page (conversion page). We only know the total number of users who clicked on an ad and were redirected to the conversion page, i.e., we only process aggregated data.

More Information about Microsoft’s data storage and retention policy can be found .
https://privacy.microsoft.com/de-de/privacystatement.

We will seek your consent (Art. 6 (1) (a) GDPR) prior to using Microsoft Ads.

8. Further purposes of personal data processing

In compliance with the respective applicable law, we reserve the right to process your personal data and any other data we hold about you for the purposes of investigating, preventing, or taking action in the event of illegal activities and/or suspected fraud as well as the breach of Phoenix Contact´s Terms of Use for Works.

We do not sell, disclose or otherwise make available personal data to third parties for marketing purposes.

Phoenix Contact´s terms of use of works

9. Secure Internet communication

We make every effort to ensure that your personal data is transferred and stored using technical and organizational measures to prevent access by unauthorized third parties.

As a general rule, the Internet is regarded as an insecure environment. In contrast to a telephone line, for instance, data transfers on the Internet can be more easily wiretapped, recorded or even modified by unauthorized third parties. To ensure the confidentiality of communications with you, we use an AES 256bit SSL/TLS encryption of our website. This encryption is regarded as secure, based on the latest technological advancements. Operating systems and browsers from earlier versions also achieve this security level. If necessary, you should update the operating system and the browser on your device to benefit from this high-level encryption.

Email communication without encryption does not guarantee comprehensive data security. Therefore, we recommend using the regular postal mail for confidential information.

10. Data subject rights

You are entitled to the following rights, if the respective legal requirements are met: Right to have access to your data that we store; rectification, erasure, restriction of processing your data or the right to object to the processing, as well as data portability.

If you do not agree to your personal data being saved or this data becomes inaccurate, we will ensure, upon your request, that your data is corrected, blocked or deleted under the statutory provisions. Upon request, we will send you a list of your personal data, that we have stored, please do not hesitate to contact our designated point of contact.

Additionally, you have the right to lodge a complaint with athe competent data protection supervisory authority of your country of location, if you believe the processing of your personal data is unlawful.

Should you have any questions that have not been addressed in this data protection notice, in case you wish more detailed information regarding a specific point, please do not hesitate to contact our designated point of contact.

Please note that depending on the circumstances, we may require proof of identification to handle any requests regarding your personal data.
If you reside in France, you also have the right to provide instructions on the handling of your personal data after death.

Designated point of contact

11. Miscellaneous

In the event that we launch new services, alter our Internet procedures or if the legal requirements change or the Internet and IT security technology is further developed, this notice will be updated accordingly. In case of amendments, proper notice will be given on this website. The date of the last update of this notice can be found at the bottom of the page.

Our websites, their services and functionalities (such as the newsletter) may contain links or references to third-party websites. Please be aware that this notice does not apply to these other websites. We encourage you to read the terms of use as well as the data protection notices of any third-party websites you enter.

This notice is effective as of the date it was last updated.

Updated: November 2021