Robert Bosch GmbH (hereinafter “Bosch”, “We” or “Us”) is delighted about your visit to our internet pages and mobile applications (together also referred to as “Online Offers”) and about your interest in our company and our products.

The protection of your privacy throughout the course of processing personal data as well as the security of all business data is an important concern to us. We process personal data that was gathered during your visit of our Online Offers confidentially and only in accordance with statutory regulations.

Data protection and information security are included in our corporate policy.

Robert Bosch GmbH is the controller responsible for the processing of your data; exceptions are outlined in this data protection notice.

Our contact details are as follows:

Robert Bosch GmbH

Robert-Bosch-Platz 1

70839 Gerlingen-Schillerhöhe

GERMANY

Your contact at Bosch:

E-mail: kontakt@bosch.de

Telephone: +49 711 400 40990

1. Processed categories of data

   The following categories of data are processed:

   • Communication data (e.g. name, telephone, e-mail, address, IP address)
   • Contractual master data (e.g. contractual relationships, contractual or product interest)
   • Client history
   • Contract accounting and payment data
   • Transaction data
   • Provision of information (from third parties, e.g. credit reference agencies or from public directories)
2. Principles

   Personal data consists of all information related to an identified or identifiable natural person, this includes, e.g. names, addresses, phone numbers, email addresses, contractual master data, contract accounting and payment data, which is an expression of a person's identity. We collect, process and use personal data (including IP addresses) only when there is either a statutory legal basis to do so or you have given your consent to the processing or use of personal data concerning this matter, e.g. by means of registration. The following data may be collected during registration:

   • Business Address (which may include: street and house number, city, state, country code/country)
   • Company name and data
   • Phone number (Home / Cellular / Business)
   • Dealer ID and number
   • Serial number
   • Email address (Personal/Business)
   • Fax number
   • First, middle and last name
   • IP Address
   • Login name / username
   • Password (Salt Format)
   • Preferred Language
   • Password Recovery Question(s)
   • Password Recovery Answer(s)
   • Owner Group ID
   • Archive privacy policy acceptance and version number
   • Subscription start and end date
   • Billing Address (which may include: street and house number, city, state, country code/country)
   • Shipping Address (which may include: street and house number, city, state, country code/country)
3. Processing purposes and legal basis

   We and service providers commissioned by us process your personal data for the following processing purposes:

   1. Provision of these online offers

      Legal basis: Predominantly, legitimate interest on our part in direct marketing as long as this occurs in accordance with data protection and competition law.

   2. Providing Technical Support and Customer Service

      Legal bases: Fulfillment of contractual obligations.

   3. Resolving service disruptions as well as for security reasons.

      Legal basis: Fulfillment of our legal obligations within the scope of data security and predominantly, legitimate interest in resolving service disruptions as well as in the protection of our offers.

   4. Advertisements and/or market research (including web analysis, not customer surveys)

      Self-promotion and promotion by others as well as market research and reach analysis done within the scope statutorily permitted or based on consent.

      Legal basis: Consent / justified interest on our part in direct marketing if in accordance with data protection and competition law

   5. Safeguarding and defending our rights.

      Legal basis: Justified interest on our part for safeguarding and defending our rights.

4. Registration

   If you wish to use or get access to benefits requiring to enter into the fulfillment of a contract, we request your registration. With your registration we collect personal data necessary for entering into the fulfillment of the contract (e.g. first name, last name, email address and other necessary personal information) as well as further data on voluntary basis, if applicable. Mandatory information is marked with an *.

5. Log files

   Each time you use the internet, your browser transmits certain information which we store in so-called log files.

   We save log files for a short time solely to determine disturbances and for security reasons (e.g., to clarify attack attempts) and then we delete them afterwards. Log files which need to be maintained for evidence purposes are excluded from deletion until the respective incident has been completely resolved and may, on a case-by-case basis, be passed on to investigating authorities.

   Log files are also used for analysis purposes (without the IP address or without the complete IP address). Also see Section 10. Web Analysis.

   In log files, the following information in particular is being saved:

   • IP address (internet protocol address) of the terminal device used to access the Online Offers;
   • Internet address of the website from which the Online Offer has been accessed (so-called URL of origin or referrer URL);
   • Name of the service provider which is used to access the Online Offers;
   • Name of the files or information accessed;
   • Date and time as well as duration of retrieval;
   • Amount of data transferred;
   • Operating system and information on the internet browser used including add-ons;
   • Installed (e.g., Flash Player);
   • Http status code (e.g., “Request successful” or “File requested not found”).
6. Children

   This Online Offer is not for children under 16 years of age.

1. Data transfer to other controllers

   Principally, your personal data is forwarded to other controllers only if required for the fulfillment of a contractual obligation, or if we ourselves, or a third party, have a legitimate interest in the data transfer, or if you have given your consent. Particulars on the legal basis can be found in the Section 4.3. Processing purposes and legal basis. Third parties may also be other companies of the Bosch group. When data is transferred to third parties based on a justified interest, this is explained in this data protection notice.

   Additionally, data may be transferred to other controllers when we are obliged to do so due to statutory regulations or enforceable administrative or judicial orders.

2. Service providers

   We have commissioned external service providers with tasks such as sales and marketing services, contract management, payment handling, programming, services data hosting and hotline services. We have chosen these service providers carefully and review them regularly, especially regarding their diligent handling of and protection of the data that they have saved. All service providers are obliged to maintain confidentiality and to abide by the statutory provisions. Service providers may also be other Bosch group companies.

We can also transfer personal data to recipients located outside the EEA in so-called third countries. In such cases, we ensure prior to the transfer either that the data recipient provides an appropriate level of data protection (e.g., due to a decision of adequacy by the European Commission for the respective country or due to the agreement based on so-called EU model clauses with the recipient) or that you have consented to the transfer.

You are entitled to receive an overview of third country recipients and a copy of the specifically agreed- to provisions securing an appropriate level of data protection. For this purpose, please use the statements made in Section 15. Contact.

Principally, we store your data for as long as it is necessary to render our Online Offers and the services connected to them or for as long as we have a justified interest in storing the data (e.g., we might still have a justified interest in postal mail marketing upon fulfillment of a contract). In all other cases we delete your personal data with the exception of data we must store to fulfill legal obligations (e.g., we are obliged due to retention periods under the tax and commercial codes to have documents such as contracts and invoices available for a certain period of time).

1. General

   Cookies are small text files that are being saved on your computer when an Online Offer is visited. In case you access this Online Offer another time, your browser sends the cookies' content back to the respective offer or/and, thus, allows the re- identification of the terminal device. Reading the cookies allows us to design our Online Offers optimally for you and makes it easier for you to use them.

2. Deactivation and deletion of cookies

   When you visit our internet pages you will be asked in a cookie layer pop up whether you wis¬h to allow the cookies which are being set on our page or you want to deactivate them in the settings.

   In case you decide to block cookies, an opt-out cookie is set in your browser. This cookie exclusively serves the purpose of assigning your objection. Deactivating cookies may disable individual functions of our internet pages. Please note that an opt-out cookie may, for technical reasons, only be set for the browser that was used to set it.

   In case you delete cookies or use a different browser or a different terminal device, you must opt out again. The preference setting does not apply to cookies that are being set during your visits on third party internet pages by other providers.

   Your browser allows you to delete all cookies at all times. To do so, please consult your browser's help functions. This might, however, lead to individual functions no longer being available.

   In addition, you are able to manage and deactivate the use of third party cookies on the following web page:
   http://www.youronlinechoices.com/uk/your-ad-choices.

   As we do not operate this website, we are not responsible and we are unable to influence content and availability.

In this section, please find an overview of cookies we use.

1. Absolutely necessary cookies

   Certain cookies are necessary so we can securely render our Online Offers. This category includes, e.g.:

   • Cookies that identify or authenticate our users;
   • Cookies that authorize a user (roles and features)
   • Cookies that temporarily save certain user input (e.g., content of a shopping cart or of an online form);
   • Cookies that store certain user preferences (e.g., search country or language settings); Cookies that store data to ensure a trouble-fee playback of video or audio content.
2. Analytical cookies

   We use analytical cookies to record the usage behavior (e.g., ad banners clicked, search queries put in) of our users and to evaluate it statistically.

3. Convenience Cookies
   • Cookies that store social media preferences.
4. Statistics Cookies
   • Cookies that remember statistical data like number of this etc.;
   • Cookies that are used to increase the data quality of the statistics functions;
   • Cookies that are used for anonymization of statistical data.
5. Targeting Cookies
   • Cookies that help to tailor information and advertising to your interests based on e.g. the content you have visited before.

We need statistical information about the usage of our Online Offers to design them to be more user-friendly, to perform range measurements, and to perform market research.

For this purpose, we use the web analysis tools described in this section.

The usage profiles created by these tools using analysis cookies or by evaluating log files do not contain personal data. The tools either do not use user IP addresses at all or shorten them immediately after gathering them.

The tools offer process data only as processors subject to our directives and not for their own purposes.

In the following, please find information on each tool offer or/and how you are able to object to the collection and processing of data through the tool.

Be advised that with regard to tools which use opt out cookies, the opt-out function is related to a device or browser and is thus valid for the terminal device or browser used at this time. In case you use several terminal devices or browsers you must opt out on every device and with every browser used.

Beyond this, you can generally avoid the forming of usage profiles by generally deactivating cookie usage; for this please refer to the Section 8.2. Deactivate and delete cookies.

1. Google Analytics

   Google Analytics is provided by Google Inc., 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA ("Google"). We use Google Analytics with the additional function offered by Google to anonymize IP addresses. While doing so, Google already shortens IPs within the EU in most cases but only does so for exceptional cases in the United States, and in both regions it only saves shortened IP’s. You may object to the collection or processing of your data by using the following link to download and install a browser plugin:

   http://tools.google.com/dlpage/gaoptout?hl=en.

Our Online Offers may contain links to third party internet pages – by providers who are not related to us. Upon clicking the link, we have no influence on collecting, processing and using personal data possibly transmitted by clicking the link to the third party (such as the IP address or the URL of the site on which the link is located) as the behavior of third parties is naturally outside our supervision. We do not assume responsibility for the processing of such personal data by third parties.

Our employees and the companies providing services on our behalf, are obliged to confidentiality and to compliance with the applicable data protection laws.

We take all necessary technical and organizational measures to ensure an appropriate level of security and to protect your data that are administrated by us especially from the risks of unintended or unlawful destruction, manipulation, loss, change or unauthorized disclosure or unauthorized access. Our security measures are, pursuant to technological progress, constantly being improved.

To enforce your rights, please use the details provided in section 15. Contact. In doing so, please ensure that an unambiguous identification of your person is possible.

Right to information and access: You have the right to obtain confirmation from us about whether or not your personal data is being processed, and, if this is the case, access to your personal data.

Right to correction and deletion: You have the right to obtain the rectification of inaccurate personal data concerning yourself without undue delay from us. Taking into account the purposes of the processing, you have the right to have incomplete personal data completed, including by means of providing a supplementary statement.

This does not apply to data which is necessary for billing or accounting purposes or which is subject to a statutory retention period. If access to such data is not required, however, its processing is restricted (see the following).

Restriction of processing:You have the right to demand for – as far as statutory requirements are fulfilled – restriction of the processing of your data.

Objection to data processing: You have the right to object to data processing by us at any time. We will no longer process the personal data unless we demonstrate compliance with legal requirements to provide provable reasons for the further processing which are beyond your interests, rights and freedoms or for the establishment, exercise or defense of legal claims.

Objection to direct marketing: Additionally, you may object to the processing of your personal data for direct marketing purposes at any time. Please take into account that, due to organizational reasons, there might be an overlap between your objection and the usage of your data within the scope of a campaign which is already running.

Objection to data processing based on the legal basis of "justified interest": In addition, you have the right to object to the processing of your personal data any time, insofar as this is based on the legal basis of justified interest. We will then terminate the processing of your data, unless we demonstrate compelling legitimate grounds according to legal requirements for the processing, which override your rights.

Withdrawal of consent: In case you consented to the processing of your data, you have the right to object this consent with immediate effect. The legality of data processing prior to your revocation remains unchanged.

1. Data portability

   You are entitled to receive data that you have provided to us in a structured, commonly used and machine-readable format or – if technically feasible – to demand that we transfer those data to a third party.

2. Right of complaint with supervisory authority

   You have the right to lodge a complaint with a supervisory authority. You can appeal to the supervisory authority which is responsible for your place of residence or your state or to the supervisory authority responsible for us. This is:

   The state Commissioner for data protection.

   
   

   Königstraße 10a70173

   Stuttgart Postanschrift:

   Postfach 10 29 32

   70025 Stuttgart DEUTSCHLAND

   Tel.: 0711/615541-0

   Fax: 0711/615541-15

   Email: poststelle@lfdi.bwl.de

We reserve the right to change our security and data protection measures if this is required due to technical development. In such cases, we will amend our data protection notice accordingly. Please therefore observe the current version of our data protection notice, as this is subject to change.

If you want to contact us, please find us at the address stated in the "Controller" section.

To assert your rights and for suggestions and complaints regarding the processing of your personal data as well as for the withdrawal of your consent, we recommend that you contact our group commissioner for data protection:

https://www.bkms-system.net/bosch-dataprotection

Data Protection Officer

Information Security and Privacy (C/ISP)

Robert Bosch GmbH

Postfach 30 02 20

70442 Stuttgart

GERMANY

DPO@bosch.com