FRANKE

CONTROLLER 3

PERSONAL DATA 3

COLLECTION AND PROCESSING OF PERSONAL DATA – LEGAL BASIS 3

USE OF COOKIES 5

Use of Google analytics 6
Doubleclick by Google 7
Google adwords 7
Google dynamic remarketing 8
Facebook custom audiences 8
Facebook connect 9
User surveys 9

THIRD PARTY SERVICES OR CONTENT ON OUR WEBSITE 9

THIRD PARTY PROCESSORS 10

SECURITY 11

DATA RETENTION 11

YOUR RIGHTS AND CONTACT 11

Version Date Author Released by Description of
changes
1.0 24.05.2018 Marcel Enz,
GCO

Wyser Martin (GC)

Bierl Markus (CIO)

Implementation



FRANKE – PRIVACY & COOKIE POLICY
FRANKE Holding AG and its affiliated companies (together herein referred to as “FRANKE” ,
the “Company” , “we” , or “us” ) are firmly committed to protecting your privacy. FRANKE
appreciates your interest in its products and your visit to this website. Your privacy is
important to us and we want you to feel comfortable visiting our website. Personal data
collected during visits to our websites are processed by us according to the legal provisions.
With this privacy policy (“Privacy Policy” ), we would like to inform you about our security
measures.

1 CONTROLLER
Controller within the meaning of the General Data Protection Regulation (“GDPR” ) or any
other applicable law is the respective Franke company published in the imprint of the
website.

2 PERSONAL DATA
Personal Data is any information relating to an identified or identifiable natural person;
identifiable is any natural person who can be identified directly or indirectly, in particular
by association with an identifier such as a name, an identification number, location data,
an online identifier or one or more special features that express the physical,
physiological, genetic, psychological, economic, cultural or social identity of that natural
person. This includes information such as your first and last name, your address and
email address, your telephone number or your birthday. Personal Data can be in any
form (e.g., paper, electronic, video, audio). FRANKE is committed to take necessary
steps to ensure that all Personal Data processed by us is processed fairly and lawfully.
All of our employees, data processors and third party service providers who have access
to Personal Data are obliged to respect the confidentiality of Personal Data and comply
with this Privacy Policy. We collect personal data only when you submit it to us, through
registration, completion of forms or e-mails, as part of an order for products or services,
inquiries or requests about products being ordered and similar situations in which you
have chosen to provide the information to us.
The database and its contents remain at FRANKE or stay with data processors and
servers acting on our behalf and responsible to us.
We will retain control of and responsibility for the use of any personal data you disclose
to us. Some of this data may be stored or processed at computers located in other
jurisdictions, such as the United States, whose data protection laws may differ from the
jurisdiction in which you live. In such cases, we will ensure that appropriate protections
are in place to require the data processor in that country to maintain protections on the
data that are equivalent to those that apply in the country in which you live.

3 COLLECTION AND PROCESSING OF PERSONAL DATA – LEGAL BASIS
You can use our website without disclosing your personal data. You are not required to
provide personal information as a condition of using our website, except as may be
necessary to provide you a product or service or communicate with our website at your
request. The following explains how we collect, process and use your personal data on
our website:

a) Data when visiting our website
When you use our website, data may be processed in order for you to be able to
communicate with our website or for security purposes, such as preventing improper
access, trouble shooting or testing. Data we collect may include the name of your
internet service provider, the website that you used to link to our website, the date
and time of your visit, the websites that you visit from our website and your
IP-address. This processing is necessary for providing our services or is based on
our legitimate interest in the handling of communication. We assume that this is also
in your interest, as the website cannot be displayed without this communication. You
can object to the processing of your data for this purpose at any time without giving
reasons with effect for the future. However, we would like to point out that the
processing of your personal data can be processed even after an objection has been
raised to the website, as it is not possible to stop the processing necessary for
technical reasons for individual users of the website or in general. Thus, there are
compelling grounds for processing which outweigh your interests, rights and
freedoms. If you wish to prevent the processing described above, simply refrain from
visiting our website. Such data are deleted after a session, unless a security incident
requires longer storage for investigation of documentation purposes.

b) Data for setting up a customer account
If you set up a customer account on our website, the personal data you provide (e.g.
name, address, e-mail address, telephone, title and access data) will be stored and
processed in FRANKE`s customer database. This data is processed in order to fulfil
a contract or pre-contractual measures. You can deactivate your customer account at
any time and/or object to the further storage and use of your personal data for this
purpose without giving reasons with effect for the future by contacting the contact
address given below. In the event of an objection, we will delete your personal data
immediately. In case of deactivation of the customer account we will also delete your
customer account.

c) Your contact via contact form or email
If you contact us (e.g. via contact form or email), your personal data that you provide
us in the contact form will be stored and processed by FRANKE. Which data are
collected in the case of a contact form can be seen from the respective contact form.
These data are stored and used exclusively for the answering of your request and/or
for the establishment of contact and the associated technical administration. The
processing of this data takes place for the fulfilment of a contract or pre-contractual
measures or the processing is also in our legitimate interest, without conflicting
interests outweighing your interests in this respect, since the processing of these
requests is in our mutual interest.
After the processing of the request has been completed, we will keep the
correspondence only insofar as statutory, legal retention periods or statutes of
limitation exist or further storage is required to assert, exercise or defend legal
claims.

d) Newsletter registration sign-up data

If you register for our newsletter service, your personal data (e.g. name, address and
email address) will be stored and processed by FRANKE for marketing, advertising or
promoting purposes. The processing of this data is based on your consent or takes place
for the fulfilment of the contract. In this case, we will regularly send you promotional
information about the services and products associated with products, services, offers or
events of FRANKE. You can opt out of receiving such newsletters at any time without
giving reasons for the future by contacting the contact address below or by unsubscribing
via the unsubscribe option provided in the newsletter. Once you have unsubscribed, your
email address will be deleted from our newsletter distribution list immediately, with
exception of a copy in our opt-out database for which we assume a legitimate interest to
hold so we can ensure you are no longer served with newsletters.

e) Disclosure
We may disclose your personal information to third parties in order to enforce or apply
this Privacy Policy and other agreements or to protect the rights, property, or safety of
FRANKE our customers, or others. This includes exchanging information with other
companies and organizations for the purposes of fraud protection and credit risk
reduction or with a payment gateway offered by a banking institute in our online-shop, to
process payments for ordered products. We also may provide personal data to
government agencies and regulatory and legal authorities as required by law or
regulation. This kind of disclosure may be required for compliance with a legal obligation,
or necessary for the performance of a task carried out in the public interest or may be
based on our or a third party’s legitimate interest. In the latter case you have a right to
object to such use, however, we may then still process the data if we can demonstrate
compelling legitimate grounds that override your interests, rights and freedoms; or in
case this is required for the establishment, exercise of defense of legal claims.

4 USE OF COOKIES
This website uses so-called “Cookies” . Cookies are small text files that are stored on
your hard drive via your browser. They store certain information (e.g. your preferred
language or site settings) that your browser might retransfer to us upon your next access
to our website (depending on the Cookie’s lifespan). It is not necessary to accept
Cookies in order to use the website. However, there may be certain areas and functions
on the website that you will not be able to use. We either use Cookies if they are
necessary to provide our website service to you, or if you have consented to the usage of
Cookies by accepting our cookie banner. If you do not wish to accept the use of Cookies
on this website, please either change your browser settings (explained below) or stop
using the website.
We use two categories of Cookies: (i) Cookies required for technical purposes, without
which the functionality of our website would be reduced (so called session Cookies), and
(ii) optional Cookies (so called optional Cookies):

Session Cookies:

Cookie Description Lifespan
franke_language Cookie contains the preferred language selected
by the user
12 months
franke_cookie_settings_1.0 These are strictly necessary cookies which
enable the services you have requested.These cookies are used to remember your
settings on which cookies you accept and which
you don't want to be set.
12 months
JSESSIONID Franke Session Cookie; Used for session
identification.
Session
login-token Franke Session Cookie which holds token
information from Single Sign On solution
Session
AspNet.ApplicationCookie . Authentication cookie. This contains a token that
allows the application to verify that the current
user is a valid and authenticated user.
Session
saml_request_path Contains the redirect destination in case of
successful authentication
Session

Optional Cookies:
We do not use performance or other optional cookies ourselves. However, sometimes
we use software of third party provides for analytics purposes that require the use of their
(third party) cookies. We use this technology to measure the visitors' responses to our
sites and the effectiveness of our advertising campaigns (including how many times a
page is opened and which information is consulted) as well as to evaluate your use of
this website. The third-party partner or the web analytical service partner may be able
with your consent to collect data about your visit to our and other sites because of these
internet tags/cookies, may compose reports regarding the website’s activity for us and
may provide further services which are related to the use of the website and the internet.
Below, please find information on those cookies and how you can at any time withdraw
consent/opt-out the use of such cookies.

4.1 USE OF GOOGLE ANALYTICS
Our website uses Google Analytics, a web analysis service of Google Inc, 1600
Amphitheatre Parkway Mountain View, CA 94043, USA ("Google" ). Google Analytics
uses Cookies (see above) which are stored on your computer and enable an analysis of
the use of the website. The information collected by Google in connection with your use
of our website (e.g. the referring website, which of our webpages you visit, your browser
type, your language settings, your operating system, your screen resolution) will be
transmitted to a server of Google in the United States, where it will be stored for a data
storage period of fifty months and analyzed; the respective results will then be made
available to us in an anonymized form. In this process, your usage data will not be
connected to your full IP-address. We have activated on our website the IP anonymizing
function offered by Google, so that the last 8 bits (type IPv4) or the last 80 bits (type
IPv6) of your IP-address are deleted. Moreover, Google is certified under the
EU-US P rivacy Shield and Swiss-US Privacy Shield, which ensures an adequate level of
data protection with respect to the processing of data by Google in the United States.
We only use Google Analytics on the basis of your prior consent or our legitimate interest
to provide you with a personalized website experience. We believe that it is also in your
interest to receive interesting and unique advertisements. Thus, there are compelling
grounds for processing which outweigh your interests, rights and freedoms. Below, we
describe how you can withdraw your consent to Google Analytics:
You may withdraw your consent to the use of web analysis at any time either by
downloading and installing the Google B rowser Plugin , whereby an opt-out cookie will
be set or by choosing the relevant setting in your browser software. Both options will
prevent the use of web analysis only if you use the browser on which you installed the
plugin and if you do not delete the opt-out Cookie.
For more information, please visit https://www.google.com/analytics/terms/de.html or
https://support.google.com/analytics/answer/6004245?hl=en .

4.2 DOUBLECLICK BY GOOGLE
In order to deliver target-group-specific advertising, we use the advertising network of
DoubleClick by Google, which collects and evaluates information on visits to our
websites and to other websites forming part of the advertising network via its cookies. In
this context no personal data about you, such as your name, address or email address,
will be collected or used. The cookies used by DoubleClick contain only the name of the
domain by which the cookie was set (ad.doubleclick.net), the cookie’s default expiration
time, and the value standing for certain target groups. If you do not want DoubleClick by
Google to set any cookies, or of you wish to adjust your advertising preferences, go to:
https://www.google.com/settings/ads/plugin.
We use DoubleClick on the basis of your consent through our cookie banner. You can
withdraw consent at any time either by choosing the relevant setting in your browser
software, by blocking cookies from the domain www.googleadservices.com in your
browser settings, or through visiting the site www.about-ads.info/choices and
deactivating the respective advertisements. Further, you can deactivate DoubleClick
under https://www.google.com/settings/ads/plugin .

4.3 GOOGLE ADWORDS
We use Google AdWords in order to present our advertisements on third party websites.
We use this service to provide you with a personalized website experience. The
advertisements are delivered through so called “Ad Servers”. We use Ad Server Cookies
to measure fade-ins of advertisements and clicks. If you reach our website through a
Google-advertisement Google will place a cookie in your browser. This Cookie will be
stored for 30 days and is not intended to identify you. FRANKE does not collect or store
personal data by using Google AdWords. We only receive statistical evaluations from
Google that inform us which advertisement is most efficient. If you have an account on
Google, it is possible that Google can assign your visit on our website to your account.
Even if you are not registered on Google, Google is able to track your IP-address and to
store your data on its server.
We only use Google AdWords on the basis of your consent given when accepting our
cookie banner.
You may withdraw your consent to the use of Google AdWords at any time either by
choosing the relevant setting in your browser software, by blocking cookies from the
domain www.googleadservices.com in your browser settings, or through visiting the site
www.about-ads.info/choices and deactivating the respective advertisements. Further, you
can deactivate Google AdWords under https://www.google.com/settings/ads/plugin.

4.4 GOOGLE DYNAMIC REMARKETING
In addition, we use Google’s dynamic remarketing functionality. This functionality enables
us to target you with personalized, interest based advertisements, if you visit other
websites that belong to the Google Display Network. Google uses cookies in order to
analyze your use of our website which is the basis for the targeted advertisement. To
this end, Google stores a small file with a series numbers in your browser when visiting
our website. This enables Google to collect anonymous information on your use of the
website. Google does not store any personally identifiable information on you. In case
you later on visit another website belonging to the Google Display Network you will be
shown ads that have a high likelihood of factoring in information or products that you
have selected earlier. You can permanently deactivate the use of cookies by Google, by
following this link and downloading and installing the plug-in made available:
https://www.google.com/settings/ads/plugin. Alternatively, you can deactivate Google
cookies by visiting the deactivating site of the Network Advertising Initiative and
implementing the offered opt-out http://www.networkadvertising.org/choices/. Further
information on the Google Remarketing as well as Googles privacy information you can
find here http://www.google.com/privacy/ads/ .”
We only use Google Dynamic Remarketing on the basis of your prior consent given
when accepting our cookie banner. You may withdraw your consent at any time by
choosing the relevant setting in your browser software or by blocking cookies from the
domain www.googleadservices.com in your browser settings.

4.5 FACEBOOK CUSTOM AUDIENCES
Further, this website uses the “Custom Audiences” functionality by Facebook Inc., 1601
S. California Ave, Palo Alto, CA 94304 (“Facebook”). This functionality enables us to
target you with personalized, interest based advertisements, so called Facebook Ads, if
you visit Facebook.com or other websites that belong to the Facebook Network.
Facebook stores a small file with a series numbers in your browser when visiting our
website. This enables Facebook to collect anonymous information on your use of the
website. In case you later on visit another website belonging to the Facebook Network
you will be shown ads that have a high likelihood of factoring in information or products
that you have selected earlier. If you are registered on Facebook, it is possible that
Facebook can assign your visit on our website to your account. Even if you are not
registered on Facebook, Facebook is able to track your IP-address and to store your
data on its server.
You can deactivate the use of custom audiences by visiting the following deactivating site
http://www.youronlinechoices.eu/. You can find further information on the Facebook
custom audiences here: https://www.facebook.com/policies/cookies/ .
We only use Facebook Custom Audiences on the basis of your prior consent given when
accepting our cookie banner or our legitimate interest to provide you with a personalized
website experience. We believe that it is also in your interest to receive interesting and
unique advertisements. Thus, there are compelling grounds for processing which
outweigh your interests, rights and freedoms. You can object to this processing at any
time by contacting us.
For Facebook’s privacy policy go to: http://de-de.facebook.com/policy.php .

4.6 FACEBOOK CONNECT
You may log in to our website using the sign-in service Facebook Connect. This service
will authenticate your identity and provide you the option to share certain personally
identifiable information with us, such as your name and email address to pre-populate
our sign up form. Services like Facebook Connect give you the option to post information
about your activities on our website to your profile page to share with others within your
network.
We use Facebook Connect on the basis of your consent given to Facebook and our
legitimate interest to simplify the use of our website. We believe that an easy use of our
website is also in your interest. Thus, there are compelling grounds for processing which
outweigh your interests, rights and freedoms. You can object to this processing at any
time by contacting us.

4.7 USER SURVEYS
Participation in the user surveys conducted from time to time on our website is voluntary.
We use functional cookies to carry out the user surveys. The technical information
recorded by the user survey is the same information that is recorded when users visit the
website (see above). Your responses submitted during the user survey will not be linked
to your personal data such as your IP-address.

5 THIRD PARTY SERVICES OR CONTENT ON OUR WEBSITE
We include third-party services and/or content on our website. When you use such
third-party services or when third-party content is displayed, communication data are
exchanged between you and the respective provider for technical reasons. FRANKE
controls neither the websites, nor the privacy practices, of the third parties managing
these websites. The privacy practices of third party website providers may differ from
FRANKE’s, so we cannot endorse or make any representations about third party
websites. Please check these policies before you submit any personal data to these
websites.
The respective provider of the services or content may also process your data for own
additional purposes. To the best of our knowledge, we have configured the services and
content of providers known to process data for own purposes in such a way that either
any communication for other purposes than to present their services or content on our
website is blocked, or communication only takes place once you have actively opted to
use the respective service. However, since we have no control over data collected and
processed by third parties, we are not in a position to provide binding information
regarding the scope and purpose of such processing of your data.

a) Website links:
Our website may contain links to and from the websites of our partner networks,
dealers, affiliates or other third parties. Upon accessing these links, the FRANKE
website is automatically exited. FRANKE controls neither the websites, nor the
privacy practices, of the third parties managing these websites. The privacy practices
of third party website providers may differ from FRANKE’s, so we cannot endorse or
make any representations about third party websites. Please check these policies
before you submit any personal data to these websites.

b) Social plugins:
FRANKE uses so-called social plugins ('buttons') of social networks such as
Facebook, Google+, LinkedIn and Twitter. When you visit our website these buttons
are deactivated by default, i.e. without your intervention they will not send any data to
the respective social networks. Before you are able to use these buttons, you must
activate them by clicking on them. They then remain active until you deactivate them
again or delete your cookies (please refer to 'Cookies').
After their activation, a direct link to the server of the respective social network is
established. The contents of the button are then transmitted from the social network
directly to your browser and incorporated in the website by it. After activation of a
button, the social network can retrieve data, independently of whether you interact
with the button or not. If you are logged on to a social network, the network can
assign your visit to the website to your user account. A social network cannot assign
a visit to other FRANKE websites unless and until you activate the respective button
there as well.
If you are a user of a social network and do not wish it to combine data retrieved from
your visit to our website with your user data, you must log out from the social network
concerned before activating the buttons.
We have no influence on the scope of data that is collected by the social networks
through their buttons. The data use policies of the social networks provide
information on the purpose and extent of the data that they collect, how this data is
processed and used, the rights available to you and the settings that you can use to
protect your privacy.
For further information regarding the scope and purpose of such collection and
processing of your data, please consult the privacy notices of the providers whose
services and/or content we include and who are responsible for the protection of your
data in this context.

6 THIRD PARTY PROCESSORS
We do not pass on any personal data to third parties unless this is necessary for the
fulfilment of the contract, permitted by relevant legal provisions or you have given your
consent. This being said, FRANKE may contract with other companies or individuals
(“Processors” ) to perform certain duties on our behalf. In so doing, it may be necessary
that we provide the Processors with access to personal data. Our Processors are
required to maintain the confidentiality of the personal data, and are restricted from using
the information for any other purpose than the purposes defined by FRANKE. Examples
of duties performed by Processors include business partners or sub-contractors in
technical, payment and delivery services, credit risk reduction or fraud protection,
analytics providers, search information providers or intragroup processing. They will only
have access to the personal data necessary for the performance of the respective
activity. In particular, these Processors are prohibited from processing or using your
personal data for other purposes.
We take appropriate measures, by contract or otherwise, to provide adequate protection
for personal data that is disclosed to our Processors, and to ensure that our Processors
have sufficient legal, organizational and technical procedures in place to protect personal
data in accordance with applicable data protection law.

7 SECURITY
FRANKE is a global organization, with legal entities, business processes, management
structures, and technical systems that cross borders. Therefore, our privacy practices are
designed to provide protection for personal data all over the world. It is FRANKE’s policy
to give access to personal data only to those authorized employees, agents, contractors,
entities and Processors that FRANKE determines have a legitimate need to know, or
have access to, the information in order to carry out their responsibilities. FRANKE uses
technical and organizational security measures to protect the data supplied by you and
managed by us against manipulation, loss, destruction, and access by third parties. Our
security measures are continually improved in line with technological developments.
Where we have given you (or where you have chosen) a password which enables you to
access certain parts of our website, you are responsible for keeping this password
confidential. We ask you not to share a password with anyone.

8 DATA RETENTION
Unless we provided specific retention periods above, these general rules apply:
Your data will be deleted as soon as it is no longer necessary for the intended purposes
or if you revoke your consent, or objected to a use based on legitimate interest and we
have no overriding legitimate grounds. In some cases, longer retention periods may
apply because we are required by law (e.g. under tax and commercial law), or data are
required for the establishment, exercise or defense of legal claims.

9 YOUR RIGHTS AND CONTACT
Under the European General Data Protection Regulation or similar law applicable to you,
you may be entitled to exercise some or all of the following rights:

1. require (i) information whether your personal data is retained and (ii) access to and/or
duplicates of your personal data retained, including the purposes of the processing, the
categories of personal data concerned, and the data recipients as well as potential
retention periods;
2. request rectification, removal or restriction of your personal data, e.g. because (i) it is
incomplete or inaccurate, (ii) it is no longer needed for the purposes for which it was
collected, or (iii) the consent on which the processing was based has been withdrawn;
3. refuse to provide and – without impact to data processing activities that have taken
place before such withdrawal – withdraw your consent to processing of your personal
data at any time;
4. take legal actions in relation to any potential breach of your rights regarding the
processing of your Personal data, as well as to lodge complaints before the competent
data protection authority;
5. require (i) to receive and reuse the personal data concerning you, which you have
provided to us, in a structured, commonly used and machine-readable format and (ii) to
transmit those data to another controller without hindrance from our side; where
technically feasible you shall have the right to have the personal data transmitted directly
from us to another controller.


Right to object:
You may be entitled to exercise your right to object, on grounds relating to your
particular situation, that your personal data shall not be subject to a processing. In
this case, please provide us with information about your particular situation. After
the assessment of the facts presented by you we will either stop processing your
personal data or present you our compelling legitimate grounds for an ongoing
processing.


We reserve the right to update and change this Privacy Policy from time to time in order
to reflect and changes to the way in which we use your personal data or changing legal
requirements. In case of any such changes, we will publish the changed Privacy Policy
on our website.


If you have any queries or complaints about our compliance with this Privacy Policy, or if
you would like to exercise your right described above, please contact us as follows:
The respective Franke company published in the imprint of the website, click here.


Attn: Data Protection Coordinator


or by e-mail to: privacy@franke.com
MAY 2018

© Franke Medical All Rights Reserved

×