Table of contents
• What is personal data?
• Who is responsible for the proper handling of your personal data?
• What do we do with your personal data?
• What types of personal data do we collect, process and use?
• Why and with whom do we share personal data?
• Will personal data be transferred abroad?
• What else do we do to protect your personal data?
• How long do we retain personal data?
• What privacy choices do you have?
• Why do you receive emails from us?
• Links to other websites
• Contact us
What is personal data?
The term “personal data”, as used herein, comprises any information attributed or attributable to you as a user of our website, whether such information was entered by you, collected from you or otherwise obtained.
Who is responsible for the proper handling of your personal data?
As the provider of this website, Hilti is the responsible data controller for all personal data that we hold about you, and that we collect, process and use in connection with your use of the website or otherwise.
What do we do with your personal data?
We collect, process and use your personal data only for the following purposes:
• To administer, operate, maintain and improve the website;
• To facilitate and process product and service orders placed on the website;
• To provide you with a more personalized experience of our website (e.g., by tailoring any content or offers to your individual preferences);
• To evaluate your eligibility for certain types of offers, products or services;
• To help us to improve and personalize the website, our products and services;
• To perform analytics and conduct customer research, including general market research or surveying our customers' needs and opinions on specific issues, generating sales and traffic patterns, and to analyze advertising effectiveness, both on an anonymous basis (e.g., by aggregating data) or on an individual basis (if legally permissible);
• To answer your questions and respond to your requests;
• To provide you with information about products and services that may be of interest to you performed through traditional mail, email, telephone, fax, newsletter, text/SMS, and MMS messaging, including periodic sending of promotional materials on products, services and promotions of Hilti specifically dedicated to you (direct marketing);
• To communicate with you on other matters (e.g., to send you reminders, technical notices, updates, security alerts, support and administrative messages or service bulletins);
• To administer rewards, surveys, sweepstakes, contests, or other promotional activities or events;
• To comply with legal obligations, prevent unlawful uses of the website, resolve disputes, and enforce our agreements;
• For other purposes that you have specifically agreed to; and
• Otherwise as permitted by applicable law.
We will seek your consent before collecting, processing and using your personal data for the above-mentioned purposes, where legally required. Likewise, if we wish to use your personal data for a new or different purpose, we will notify you thereof and will only make such other use if it is required or permitted by applicable law or if you have consented to it.
For the purposes mentioned above, only a limited number of individuals within Hilti (e.g. individuals in sales, support, legal, finance, IT and accounting departments, as well as certain managers with assigned responsibility) will receive access to your personal data.
What types of personal data do we collect, process and use?
Personal data that we collect, process and use in connection with the website includes not only information that we actively collect while you interact with the website but also information that you voluntarily provide to us over the website in various contexts (e.g., when you download software from our website, when you register for a sweepstake, when you send an e-mail to our customer service, when you fill in an online form, etc.). Hence, it is thus not possible to define an exclusive list of all potential types of personal data that we may collect, process and use. In general, however, typical types of personal data comprise the following:
• Name, title and address;
• Personal contact information (phone, email, fax, etc.);
• Name, address, department, contact information and other information in relation to a company that
you represent (if any) and your function within this company;
• Login name and password;
• Hilti account number;
• VAT number;
• User profile information;
• Confirmation of being either a private or a professional user;
• User preferences (e.g., preferred language settings);
• IP address, operating system, browser type, browser version, browser configuration, name of internet service provider, and other types of computer and connection related information relevant to identifying your type of device, connecting to the website, en-abling data exchange with you and your device, and ensuring a convenient use of the website;
• URL and IP address of the website from which you accessed, or were directed to, our website, including date and time;
• Subpages visited while on our website, links followed on the website, including date and time;
• The full Uniform Resource Locator (URL) click stream to, through and from the website, including date and time;
• Service requests and orders placed;
• Shopping history, including open and completed transactions;
• Search terms entered;
• Services/products viewed or searched for on the website;
• Shopping cart and payment information;
• Credit Card information;
• Information collected by cookies or similar technologies (as described in the next paragraph);
• Newsletter subscriptions, enrollment for promotions, use of special offers, etc.
• Consents, authorizations, etc. granted;
• Survey answers, reviews, ratings and other types of feedback provided;
• Content of any communication sent through the website, including any information posted in social communities on the website or otherwise shared with Hilti and/or other users, as well as chat messages and chat transcripts;
• Information on software downloaded from the website; and
• Any other information that you enter on, or upload to, the website (e.g., content that you fill into an online form, a photo that you upload).
Cookies are small text files located in your browser directory. When a website is accessed, a cookie that is placed on a device sends information to the browser. Cookies are extremely common and used on a number of websites. In general, the purpose of cookies is to improve the performance of the website and the user's experience in using that web-site, though cookies may also serve advertisements (which we explain below).
Hilti uses the following types of cookies and similar technologies in connection with this website:
• JsessionID (session cookie that last until you close your internet browser): Hilti uses a cookie that serves to identify the user during his current session on this website. The Jsession ID cookie collects the user’s session ID but does not store any personal data after the user has closed his session and does not transfer any data to third parties.
You can modify your cookies settings, or refuse to accept cookies at all, thus limiting the amount of personal data that we receive about you. The “Help” portion of the toolbar on most browsers tells you how to prevent your browser from accepting new cookies, how to have the browser notify you when you receive a new cookie, or how to disable cookies altogether. Please be aware, however, that you might then not be able to take advantage of some functions and features of the website.
For a more thorough explanation of what cookies are and how they operate, please read the All About Cookies webs
Why and with whom do we share personal data?
For the purposes mentioned above, we may share your personal data with third parties, including other entities of the Hilti group of companies. We do not sell, trade, rent, disclose, transfer or otherwise share your personal data, unless to the extent described in the following or as agreed by you in a specific context (e.g., where you consenting to other types of data transfers in connection with enrolling for a specific service). Whenever sharing personal data, we do so only in strict accordance with applicable laws.
Potential recipients of your personal data are listed in the following:
• Other Hilti group entities and Hilti business partners: We may share your personal data with other entities of the Hilti group of companies (e.g. Hilti Market Organizations responsible for the respective local websites) and with our business partners if there is a legitimate reason to do so (e.g., where a business partner renders parts of services ordered by you such as email service providers) and such sharing is legally permissible. A legal permission exists for instance if you have consented to the sharing of your personal data or if applicable law permits or requires it. In any case where we share your data with other entities of the Hilti group of companies or with our business partners we do so only for specific purposes.
• Third party service providers: We may employ third party service providers (i.e., companies or individuals engaged by us) to perform certain functions on our behalf and under our instructions. Examples include database management, maintenance services, web analytics, handling in-bound inquiries, delivering packages, sending postal mail and email, removing repetitive information from customer lists, analysing data, providing sales and marketing assistance, processing credit card payments, and providing customer service. Third party service providers may for instance include IT companies, credit card processors, credit rating agencies or legal, financial and other advisors. Any third party provider will have access only to such personal data needed to perform its specific functions, and only for the purpose of performing these functions. We will ensure that any third party service provider is aware of and abides by these obligations. We will also ensure that any third party service provider treats your personal data at least such protection and security as required by applicable data protection laws and that they adopt adequate technical and organizational security measures.
• Other users of the website: If you use posting, chat, messaging or other interactive functions provided on our website we may disclose your personal data to other users of the website, but only as required in connection with such functions.
• Courts, law enforcement authorities and regulators: We may share personal data when we believe it necessary to comply with the law, to protect the rights or safety of our website, other users, or third parties (e.g., for fraud protection purposes). Without limitation, this may include cases in which we are required to share personal data by the law or binding order of courts, law enforcement authorities or regulators. We will carefully determine the permissibility of providing personal data in each such context, paying particular attention to the type of request, types of data affected and any impact that a disclosure of personal data would have on the user affected. Should we decide to disclose personal data in such context we will also consider ways of reducing the scope of the disclosure, for instance by redacting the information provided.
Will personal data be transferred abroad?
Recipients of your personal data may be located in any country. This may include coun-tries where applicable data protection laws provide a lesser degree of protection than your home country. For instance, if you are located within the EU/EEA or Switzerland, the country where the recipient is located may not qualify as a safe country within the notion of the European Data Protection Directive (95/46/EC) or the Federal Data Protection Act of Switzerland. In such case, Hilti will nevertheless ensure an adequate level of protection for your data, for instance by ensuring that the recipient abides by the principles of the Safe Harbor (for recipients in the US) or by requiring the recipient to enter into so-called EC Model Clauses, which are sets of contractual clauses adopted by the European Commission for the purpose of adducing adequate safeguards to personal data in connection with cross-border transfers.
What else do we do to protect your personal data?
Hilti understands the importance of data security and we want your browsing and purchasing experience with us to be as safe as possible. We have implemented reasonable safeguards and precautions to protect your personal data, including technical and organizational measures against unauthorized access, improper use, alteration, unlawful or accidental destruction, and accidental loss, both in an online and offline context.
Hilti maintains the following technical and organizational security measures and procedures to protect the security of your personal data:
• Hilti implements suitable measures in order to prevent unauthorized persons from gaining physical access to the data processing equipment where the personal data are processed or used;
• Hilti implements suitable measures to prevent its data processing systems from being used or logically accessed by unauthorized persons;
• Hilti commits that the persons entitled to use its data processing system are only able to access the data within the scope and to the extent covered by its access permission (authorization);
• Hilti implements suitable measures to prevent the personal data from being read, copied, altered or deleted by unauthorized parties during the transmission thereof or during the transport of the data media;
• Hilti implements suitable measures to ensure that it is possible to check and establish whether and by whom personal data have been entered into data processing systems or removed;
• Hilti implements suitable measures to ensure that personal data are protected from accidental destruction or loss; and
• Hilti implements suitable measures to ensure that data collected for different purposes can be processed separately.
Also, please understand that, while we strive to protect your personal data against potential risks and exposures, there is no absolute security in the online sphere. Hence, we ask you to support our IT security efforts by not disclosing any data on our website that is particularly sensitive or not required in the specific context. In this context, please note that credit card credentials will not be stored absent your explicit permission. Furthermore, you can help us protecting your personal data by signing off when you finished using login-protected areas of the website.
How long do we retain personal data?
Your personal data is not retained by us for longer than necessary for the legally permissible purposes for which they were collected, as required under applicable retention policies and/or as required or permitted in accordance with applicable law. Transcripts from online chats with our customer service are usually retained no longer than for 30 days.
What privacy choices do you have?
You have a variety of choices regarding which data we may collect, process and use about you and for which purposes. Some of these choices include the following:
• You may use our website and its functions and features anonymously or through a pseudonym, unless where it is strictly necessary to identify you (e.g., in the context of a purchase).
• You can choose not to provide certain personal data at all, in particular where we seek your consent for the collection of information.
• You may at any time withdraw any privacy consent provided in the past with future effect and/or use our newsletter opt-out features and other features to unsubscribe.
• You may at any time object to further uses of your personal data for marketing purposes.
• Upon registration you can choose which personal data you wish to share with us. You can delete, add or update your profile information under “Change my profile”. When you do so, we may however keep a copy of the prior version for our records and may continue to use it for lawful purposes to the extent required.
Why do you receive emails from us?
We may send you emails for various reasons, including the following:
• You have subscribed to our newsletter and/or opted in to receiving other types of marketing communication from us.
• You have bought something on our website and we contact you in the context of this transaction.
• You have placed an inquiry with us and we contact you in response to such an inquiry.
• We want to provide you with updates, privacy notices, warnings or other important information relevant to our users.
If you are a registered user and wish to opt out from receiving marketing communication from us please change your preferences by visiting the “Change my profile” section of your account. You may also opt out by contacting us as described in the “Contact us” section below.
Links to other websites
Our website may contain links to other websites. Such other websites are not controlled by us. When you visit such other website you do so at your own risk. Hilt cannot, and does not, assume any responsibility or liability for such other websites, the content of such websites and their privacy practices, nor do we endorse them. We encourage you to familiarize yourself with the privacy statements provided by such other websites prior to providing them with information about you or entering into any transactions on them.
Your feedback is always welcome. If you have any questions or concerns about our privacy practices or your online privacy please do not hesitate to contact us. You may also contact us if wish to gain access to the personal data we hold about you, if you wish to request that your personal data be updated, rectified, deleted or blocked, or that we re-frain from further use of your personal data, if you wish to withdraw any consents previously granted, or if you wish to object to the creation of individual user profiles.
You may reach out to us as follows: