Privacy Statement
Dräger is committed to protecting the privacy rights of everyone whose personal data is processed by Dräger. Therefore, in this privacy statement we answer the most important questions about the nature, scope and purpose of the processing of your data
This Policy applies to the HCA Assist website (“www.hca-assist.com”) of Dräger. It does not apply to Dräger websites, offers and functionalities that refer to their own Privacy Policy.
Please refer to our Provider Identification for information on the data controller (“Dräger” or “we”) as defined under Data Protection law (for those users from the European Union: Article 4 (7) of the General Data Protection Regulation). Notwithstanding the above, the Dräger company responsible for the provision of goods or services is the Dräger company that is your contractual partner for the provision of the goods or services within the meaning of data protection law. Information on the relevant Dräger company can be found in the conditions for the provision of the respective goods or services.
Whom can I contact at Dräger if I have any questions about data protection?
Please feel free to contact our Group Data Protection Officer with your questions about the processing of your personal data and to request information, correction, or deletion by e-mail: dataprivacy@draeger.com or by mail:
Drägerwerk AG & Co. KGaA
Group Data Protection Officer
Moislinger Allee 53-55
23558 Lübeck
Germany
What data from me does Dräger process?
When you visit our website, we process personal data that your browser transmits to our server. This data (so-called log files) is technically necessary to display our website and to ensure stability and security.
Log files record the following data:
• IP address
• Date and time of the request
• Address of the request (URL)
• Meta information such as amount of data returned, time taken,
• Request and response header information like HTTP Status (e.g. successful or failed), web page from which the request originated, user agent information indicating browser, operating system and versions
The processing is based on Art. 6 (1) lit. f) GDPR to protect our legitimate interest in the trouble-free operation of our website. The data is stored for a period of up to 30 days and then automatically deleted or anonymized.
We also process personal data that you voluntarily share with us as part of a contract, a survey, in the processing of your request, or your registration, or when you log in. You can find out more under the section “For what purposes does Dräger use my data?”
Does Dräger use cookies?
In order to make our offer as user-friendly as possible, we also use so-called cookies and similar technologies, as do many other companies.
What are cookies?
Cookies are small text files that your browser automatically creates and that are stored on your end device (e.g. laptop) when you visit our website. Information is stored in the cookie that arises in each case in connection with the specific end device used. However, this does not mean that we gain direct knowledge of your identity. The use of cookies serves to make the use of our offers continuously more pleasant and suitable for you. For example, we use so-called session cookies to recognise that you have already visited individual pages of our website. This enables you, for example, to place individual products that you find on our website in your shopping basket without having to create a customer account or be logged into one. The session cookies are automatically deleted after you leave our website. In addition, we also use so-called temporary cookies for the purpose of user-friendliness, which are stored on your end device for a certain fixed period of time. As soon as you visit our website again, it is automatically recognised that you have already been with us and which entries and settings you have made so that you do not have to enter them again. Usually the temporary cookies are deleted after 30 days. In addition to our own cookies, we also use cookies from third-party providers (so-called third-party-cookies) to statistically record the use of our website and to evaluate it for the purpose of optimising our offer for you, as well as to display information and advertising tailored specifically to you. These cookies also enable us to recognise that you have already been to our website when you visit it again. These cookies are automatically deleted after a set period of time. We explain the individual cookies from third-party providers we use in more detail in the following points.
Cookie-Settings
Most browsers accept cookies automatically. However, you can also set your browser so that no cookies are stored on your end device or a message always appears before a new cookie is created In addition, you have the option of deciding for yourself which non “Technically required” cookies you wish to accept and which you do not wish to accept via the Cookie-Settings link in the footer.
You can change these settings at any time and also deactivate already activated cookies by selecting and deselecting the individual cookie groups, e.g. "Analytics" or and thus revoke any consent you may have given. In this way, the use of cookies becomes transparent for you. Please note, however, that the deactivation of certain cookie groups or the complete deactivation of cookies may mean that you cannot use all the functions of our website without restriction.
Legal Basis for the use of Cookies
The processing of personal data collected by means of cookies, which are technically necessary for the provision of our offers, is carried out on the basis of Art. 6 (1) f) GDPR to protect our legitimate interest in the trouble-free provision of our offers on our website. Otherwise, we process your personal data in connection with cookies (in particular for the provision of certain functionalities, for analysis and advertising purposes and in connection with the third-party providers described below) only if you have given us prior consent to do so in accordance with Art. 6 (1) a) GDPR. The processing is for the purpose of advertising, market research and the design of our website to meet your needs.
What tools does Dräger use for analysis and marketing?
When you visit our website, information about its use is automatically collected. This information is important to Dräger because it is the only way for us to find out what content on our websites is interesting to you and how we can continue to improve our services for you in the future. To do so, we use the following:
Google Analytics 4
This website uses Google Analytics 4, a web analytics service provided by Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Irland ("Google Analytics"). We use Google Analytics to analyze and regularly improve the use of our website. The statistics obtained allow us to improve our offer and make it more interesting for you as a user. Google Analytics uses methods, such as cookies, which enable an analysis of your use of the website. The information generated about your use of this website is usually transmitted to a Google server in the USA and stored there. The IP address is anonymized before transmission within the Member States of the European Union or in other contracting states to the Agreement on the European Economic Area. On our behalf, Google will use the collected information for the purpose of evaluating your use of the website, compiling reports on website activity and providing other services relating to website activity to us. The anonymized IP address transmitted by your browser as part of Google Analytics will not be merged with any other data held by Google.
We only use Google Analytics in connection with your personal data if you have given us your express consent in advance. Your consent is also the legal basis for the use of Google Analytics pursuant to Art. 6 (1) a) GDPR. You can decide yourself about the setting of cookies as described above in your cookie settings on our website and in particular deactivate previously activated cookies by deselecting the cookie group "Analytics" and thus revoke your consent. In addition, you can also deactivate the setting of cookies altogether in the settings of your browser. Your personal data collected in connection with Google Analytics will be deleted or anonymized after 14 months.
In addition, you will find further information on setting and objection options and on data protection at Google as a whole in Google's general data protection declaration at https://policies.google.com/privacy.
Short.io
In addition, this website uses the service provider Short.cm Inc, a Delaware Corporation, US, reg# 4976272, with registered address at 1000 N West st Suite 1281-M#146 Wilmington, Delaware 19801 ("Short.io"). Short.io is used to shorten link addresses which lead to our further content, e.g. to our information and training courses and to record the respective link call (statistically). In the process, the IP address of the user is processed. Short.io stores the personal data privately in AWS S3 in Virginia in the United States and does not share it with third-party services. The legal basis for data processing is Art. 6 (1) (f) GDPR. Our legitimate interest is to enable users to use the links in a pleasant and comfortable way and to sustainably improve the user experience for our users.
For what purposes does Dräger use my data?
We collect and process data solely for purposes defined in advance, which may result from technical necessity, contractual stipulations, or express user requests. Furthermore, we will only use your data if you have given your advance consent for us to do so. Some of our online services, such as our applicant portal, are available only to registered users who have logged in as such. This registration is used to manage your ability to access and use the respective functions. We will request the personal data that is collected and stored when you log in as part of the respective online service.
Please see below or consult the terms of use of the respective online services for more information about the storage, processing, and purpose of collecting your data.
Dräger collects your data for the following purposes:
Communication Services
This application, uses the Twilio SendGrid email services, provided by Twilio Inc, 101 Spear St FL 5 San Francisco, CA, 94105-1554 United States. See, to communicate with you in the course of providing our products. For this purpose, the data necessary for the communication (such as recipient address, subject, date and method of communication) are processed. For users from the European Union: The legal basis for the processing of this data is the performance of a contract within the meaning of Art. 6 (1) lit. b) GDPR.
E-mail marketing
Have you signed up for one of our newsletters or stated your interest in information from Dräger in another context (e.g., when filling out a contact form)? If this is the case, we are then able to use your e-mail address to send you information (e.g., invitations to events, webinars, or product information) on the basis of your interests. You may object to the use of your data at any time if you are no longer interested in our information. To do so, simply click the “Cancel” link in the respective newsletter.
The legal basis for the processing of this data is the declaration of consent given by you within the meaning of Article 6 (1) a) GDPR.
Contacting you
Have you used one of our contact forms to request information about products and services from Dräger? Generally speaking, we use the data you state in the form to process your request. You can also give us your separate consent before sending your contact request if you are also interested in additional information, such as invitations to events, webinars, or product information.
The legal basis for the processing of this data is the declaration of consent given by you within the meaning of Article 6 (1) b) GDPR.
Provision of goods or services
When you order goods or services from Dräger, we use the personal data you provide to us to process your order or deliver the requested goods. We may also use the personal data you provided to carry out the necessary steps prior to concluding the contract, answer your related questions, send shipping and billing information and processing or providing of customer feedback and support.
The legal basis for the processing of this data is the performance of a contract or the planned conclusion of a contract within the meaning of Article 6 (1) b) GDPR.
In order to technically process your personal data, Dräger uses external service providers and contract processors to provide goods or services. These include, for example, operators of platforms and web shops. You will find more detailed information in the applicable terms of use or general terms and conditions.
Depending on which payment service provider you select in the order process, we will pass on the payment data collected for this purpose to payment service providers commissioned by us or to the selected payment service for the processing of payments. In some cases, the selected payment service providers may also collect this data from you themselves, if you open an account there. In this case, you must log on to the payment service provider with your access data during the ordering process. In this respect, the data protection declaration of the respective payment service provider applies.
Customer satisfaction surveys
Have you recently purchased a Dräger product, sent in a repair or made a request for a service? We are very interested in finding out whether you were satisfied with the service we provided and whether we can do anything differently in the future. We therefore use the contact data shared in this context to contact a group of customers selected at random following our interaction with them. To contact customers, Dräger may sometimes use external service providers with whom corresponding data protection agreements are in place.
The legal basis for the processing of this data is our legitimate interest within the meaning of Article 6 (1) (f) GDPR. Our legitimate interest is derived from the following purposes of data collection: determining the satisfaction of current Dräger customers following the purchase or repair of a Dräger product. Since you are already a Dräger customer at that time, we presume that you agree to us contacting you to find out whether you are satisfied with us.
Website optimization
We aim to continue making our website better for you. To do so, we use various web analysis tools that provide us with answers to specific questions, such as: Which of our pages have you visited? Which links have you clicked? You can find a list of these tools under “What tools does Dräger use for analysis and marketing?”
The legal basis for the processing of this data is Article 6 (1) f) GDPR. Our legitimate interest is derived from the following purposes of data collection: ensuring a smooth connection, ensuring the convenient use of our website and/or application, and the analysis of system security and stability.
Does Dräger share my data with others?
Dräger reserves the right to share the data you transmit to us with our subsidiaries and specialist retailers (dealers) throughout the world. However, we share it only if doing so is necessary to process your data for its intended purpose.
Dräger sometimes uses external service providers for the technical processing of your data. We may transmit and process your data outside the country in which you reside or in one of the countries in which Dräger, its subsidiaries, specialist retailers (dealers), or service providers and suppliers operate. Such entities may be based outside the European Economic Area. Contractual obligations to comply with the provisions under data protection law are in place within the company and in our dealings with our specialist retailers (dealers), service providers, and suppliers.
Is data transferred to countries outside the EU or the EEA?
In principle, the processing of personal data by us takes place exclusively within the EU or the European Economic Area.
In individual cases, however, it may be necessary for us to transfer information to recipients in so-called "third countries". "Third countries" are countries outside the European Union or the Agreement on the European Economic Area in which it cannot be assumed without further ado that the level of data protection is comparable to that in the European Union. If the information transferred also includes personal data, we will ensure before such transfer that the required adequate level of data protection is guaranteed in the respective third country or at the recipient in the third country. This may result in particular from a so-called "adequacy decision" of the European Commission, which establishes an adequate level of data protection for a specific third country as a whole. Alternatively, we may also base the data transfer on the so-called EU standard contractual clauses agreed with a recipient or on a declaration of consent provided by you accordingly.
We will be happy to provide you with further information on the appropriate and adequate safeguards for compliance with an adequate level of data protection upon request. You can find more information on the so-called EU standard contractual clauses at https://ec.europa.eu/info/law/law-topic/data-protection/international-dimension-data-protection/standard-contractual-clauses-scc_en and information on the adequacy decisions at https://ec.europa.eu/info/law/law-topic/data-protection/international-dimension-data-protection/adequacy-decisions_en.
How long is personal data stored?
In principle, we store personal data as long as this is necessary for the purpose of processing or we have a legitimate interest in this storage and your interests in not continuing the storage or processing do not outweigh. This means that we generally only store your data for as long as this is necessary to provide our website and the associated services, or we are legally obliged to store this data. We also delete personal data without any action on the part of the respective data subject as soon as it is no longer required for the processing purpose or the storage is otherwise legally inadmissible.
As a rule
• the data is deleted or anonymized after the period of time specified above for the respective data processing or website function described in more detail;
• the data processed in connection with a business relationship (in particular in connection with products ordered from us) will be deleted after expiry of the statutory retention periods; and
• the data processed in connection with the customer account will be deleted upon deletion of the respective customer account, unless further storage is required to comply with legal or contractual retention periods in connection with the respective business relationship.
Those personal data that we have to store to fulfil retention obligations will be stored until the end of the respective retention obligation. Insofar as we store personal data exclusively for the fulfilment of retention obligations, the processing in this regard is generally restricted so that it can only be accessed if this is necessary with regard to the purpose of the retention obligation.
What social media channels does Dräger use?
In addition to its website, Dräger also maintains online presences within social networks and platforms. This is how we communicate with our active customers, interested parties and online visitors (users). User data can also be processed outside the European Union. There may be risks for users due to the more difficult enforcement of their rights. User data is often processed for market research and advertising purposes and can be used to create user profiles based on user behaviour and the resulting interests. On the basis of these user profiles, advertisements can be placed inside and outside the platforms that are intended to correspond to the interests of the users. The user profiles also store data independent of the devices used by the users.
The processing of users' personal data, e.g. when communicating on social media, is based on our legitimate interests in effectively informing users and communicating with users pursuant to Art. 6 (1) f) GDPR. If content from the respective providers of the platforms is integrated into our websites, the legal basis of the processing is Art. 6 (1) a) GDPR.
What rights do I have as a data subject?
As a person affected by data processing within the meaning of Article 4 No. 1 of the GDPR, you have various rights vis-à-vis us, which we would like to inform you about in more detail below. You can also find details on this directly in Articles 15 to 21 of the GDPR.
In order to exercise these rights, you can simply contact our Group Data Protection Officer, whose contact details are provided above, or conveniently use the technical means provided by us (e.g., the cookie settings for managing or revoking consent given via this).
Right of access, Art. 15 GDPR
You have the right to receive information from us about whether and what data we process about you. This includes, among other things, information about how long and for what purpose we process the data, where it comes from and to which recipients or categories of recipients, we pass it on. In addition, we can provide you with a copy of this data.
Right to rectification, Art. 16 GDPR
As a data subject, you have the right to request that we correct information about you that is not or no longer accurate without delay. In addition, you can request that we complete your incomplete personal data. If required by law, we will also inform third parties about this correction if we have disclosed your data to them.
Right to erasure (so-called "right to be forgotten"), Art. 17 GDPR
As a data subject, you have the right to request that we delete your personal data without delay if one of the following reasons applies:
• Your data is no longer necessary for the purposes for which it was collected or otherwise processed, or the purpose has been achieved;
• You revoke consent and there is no other legal basis for processing;
• You object to the processing and there are no overriding legitimate grounds for the processing; in the case of use of personal data for direct marketing, a sole objection by you to the processing is sufficient;
• your personal data have been processed unlawfully;
• the erasure of your personal data is necessary for compliance with a legal obligation under Union or Member State law to which we are subject.
Please note that your right to deletion may be restricted by legal provisions. These include in particular the restrictions listed in Art.17 GDPR.
Right to restriction of processing (blocking), Art. 18 GDPR
As a data subject, you also have the right to request us to restrict the processing of your personal data if one of the following conditions is met:
• you contest the accuracy of your personal data for a period of time sufficient to enable us to verify the accuracy of the personal data;
• the processing is unlawful and you object to the erasure of the personal data and request instead the restriction of the use of your personal data;
• we no longer need your personal data for the purposes of processing, but you need it for the assertion, exercise or defense of legal claims; or
• You have objected to the processing as long as it has not yet been determined whether our legitimate grounds outweigh yours.
If you have obtained a restriction on processing in accordance with the above list, we will inform you before the restriction is lifted.
Right of withdrawal for consents, Art. 7 (3) GDPR
You may revoke any consent given to us at any time with effect for the future. This revocation can take the form of an informal message to the above contact addresses or via the technical means provided by us for this purpose. If you revoke your consent, the legality of the data processing carried out up to that point will not be affected.
Right to data portability, Art. 20 GDPR
As a data subject, you have the right to receive personal data concerning you that you have provided to us in a structured, commonly used and machine-readable format and to transmit this data to others. Details and restrictions can be found in Art. 20 GDPR. The exercise of this right does not affect your right to erasure.
Right to complain to the supervisory authority, Art. 77 GDPR
If you believe that the processing of your data by us violates applicable data protection law, you have the right to lodge a complaint with one of the competent supervisory authorities or the respective supervisory authority in the member state of your place of residence, your place of work or the place of the alleged data protection violation.
Right to object, Art. 21 GDPR
As the data subject, you have the right to object at any time, on grounds relating to your particular situation, to the processing of personal data concerning you which is carried out on the basis of Article 6(1) (e) or (f) GDPR; this also applies to profiling based on these provisions. In the event of such an objection, we will no longer process the personal data concerning you, unless we can demonstrate compelling legitimate grounds for the processing which override your interests, rights and freedoms as a data subject, or for the assertion, exercise or defense of legal claims.
If we process personal data for the purpose of direct marketing, you as the data subject have the right to object at any time to processing of personal data concerning you for such marketing; this also applies to profiling insofar as it is related to such direct marketing.
If you, as the data subject, object to processing for direct marketing purposes, we will no longer process the personal data concerned for these purposes.
Changes to our Data Protection Policy
You are reading version 1.0 of our Data Protection Policy, last updated in October 2022.
Dräger may change the Data Protection Policy at any time if...
• …we introduce new products or services
• …Internet procedures change
• …Internet and IT security technology advances
• …new legal requirements enter into force
We therefore reserve the right to change or supplement our Data Protection Policy as and when required. The revised version will be published here and will then apply to future use of our website. You should access the Data Protection Policy regularly to find out about its current status. This does not include a change of purpose in the use of data already stored.
All information contained on our websites has been checked with great care. However, we do not guarantee that the contents of our websites are always accurate, complete, and up-to-date.