Data protection statement Version 3.0 Status as of September 2020
Previous versions of our data protection statement can be found here: https://www.draeger.com/data-protection

General Data Processing Information
The Dräger Group is committed to protecting the privacy rights of anyone whose personal data is processed by the Dräger Group. This applies regardless of where and how the personal data is collected. Information about the type and function of the data that we store and process is given below. This data protection statement applies to Dräger’s website and to the websites of all affiliated companies referring to this statement on their websites. It does not apply to Dräger websites referring to their own data protection statements.

Consent to Communicate
The Dräger Group is committed to protecting and respecting your privacy, and we’ll only use your personal information to administer your account and to provide the products and services you requested from us. From time to time, we would like to contact you about our products and services, as well as other content that may be of interest to you. We will only contact you if you consent. You can unsubscribe from these communications at any time by clicking the unsubscribe or manage preferences links at the bottom of our emails to you, or by emailing us at info.dsdi@draeger.com.

User Rights
Our group data protection officer will be happy to answer your questions about the collection, processing or use of your personal data, and respond to requests for information, or for the correction, blocking or deletion of data. The data protection officer can be reached via email: dataprivacy@draeger.com.Our postal address is as follows:

Drägerwerk AG &Co. KGaA
Konzerndatenschutzbeauftragter
Moislinger Allee 53-55
D-23558 Lübeck, Germany

How does Dräger collect, store, process and transmit your data?
We store and process the personal data that you provide. This may happen, for example, in association with a contract or a survey, in order to process your concern, or as part of a registration or a login process. We use your data for the purpose of handling your concern and pass it on to our subsidiaries and specialist dealers worldwide, if processing is necessary for the intended purpose. We also use your data for providing our services, for evaluation and promotional purposes, and for supplying other information addressed to you, in particular information about products and services, newsletters, email-marketing, surveys and making telephone contact, if you have given your consent. When executing certain data-processing tasks, Dräger uses the services of external providers. We may transmit and process your data outside of the country in which you are resident, in one of the countries where Dräger, its subsidiaries, specialist dealers or service providers and suppliers operate. They may be located outside the European Economic Area. Contractual obligations exist both within the company and with our specialist dealers, service providers and suppliers, concerning compliance with data protection regulations. These entities are not regarded as third parties in the meaning of the data protection legislation. We therefore kindly ask you to give your consent, e.g. during registration. You can withdraw your consent at any time with effect for the future.

We also store your data for data security purposes and to optimize the website. This includes analyses of the data for statistical purposes in anonymized form. Furthermore, your data will be used for the purposes of promotion, market research and for needs-based design of the electronic services, only if you have given your prior consent. You have the right, at any time, to object to the use of your data for promotional and marketing purposes and for opinion polls with effect for the future.

What happens during registration and log in?
Some of our Internet offers require registration and logging in, e.g. for a newsletter, a sweepstake, an online game, for executing a contract or for an online application. This is required so that access and authorizations for the relevant functions can be controlled. We request the personal data that is collected and stored during login for the purposes of the respective internet offers. We will provide you with more details concerning use to inform you about storage, processing and the purpose of the data collection.

What are log files?
A log file contains an automatic record of all or selected activities on a computer system. Log files are mainly used in process control and automation. Log files for databases record changes in the database of correctly completed transactions. This enables the current data to be restored in the event of an error (e.g. system crash). Log files are also created by web servers. They log the following (and other) information: the address of the accessing computer, authentication fields, date and time of access, access method and content of the HTML access, status code of the web server, information about the browser being used, and the customer’s operating system.

Each time a user accesses a Dräger website and every time a file is opened, data about this process is automatically saved in log files stored on our servers.

How long will my data be kept?
Dräger stores the personal data the you provide to us only for as long as is necessary to fulfill the purposes for which this data was provided, or for as long as this is required by law.

What are cookies and web beacons?
Dräger collects information about the visitors to its websites and marketing campaigns in order to improve its web pages. We use various types of cookies and web beacons to do this. A web server can use a cookie to store text information (e.g. a unique ID) on the user’s PC. As a rule, cookies are used to recognize users when they revisit our websites. The cookie is either sent from the web server to the browser or is created with client-side scripting (such as JavaScript). The cookie information is stored locally on your computer and is usually valid for a limited period.

Websites with Flash media write user-specific data on the user’s computer and read them again later.

These files are called Flash cookies or Local Shared Objects (LSO). They are not managed by the web browser itself, but by its respective Flash Player plugin.

Flash cookies are subject to the same rules as conventional cookies. They can be read only by the website that initiated storage of the Flash cookie. However, the amount of information they can store is much greater.

Browsers usually offer a wide range of settings to control the use of cookies. So you can set your browser not to store cookies, or restrict the acceptance of cookies to certain websites. Another option is to set your browser so that it notifies you as soon as a cookie is sent.

You can use our website offers without cookies if you wish. However, because these cookies also control website content, in this case you should expect restrictions in the display of the page or in user navigation. Websites linked to our website may use cookies without Dräger being able to inform you about their use first.

We reserve the right to use web beacons in order to improve the quality of our email communication. Web beacons are small graphic files that can recognise certain types of data on your computer (e.g. cookies) if you have looked at a website linked to the web beacon. This includes the IP address of the computer that downloaded the website on which the graphic file appears, the URL of the website on which the graphic file appears, the time at which the website was displayed, the type of browser that loaded the graphic file, and the identification numbers of cookies that have previously been placed on the computer by this server. When we correspond with you via HTML-capable email, web beacons tell us whether you have received the email and opened it. You can set your browser to display HTML emails as text only, in order to prevent the use of some web beacons.

Changes to Our Data Protection Statement and Privacy Policy
We will update our data protection statement and privacy policy as we introduce new products or services, or change our Internet procedures, or as Internet and/or IT security technology develops, or when required by changes in the law. We therefore reserve the right to change or supplement our data protection statement and privacy policy as required. Any changes will be published here and then apply to future use of our website. You should visit this page regularly to find out about the current status of our data protection statement and privacy policy. This does not include a change of purpose in the use of data already stored.

All information contained on this website has been checked with great care. However, we do not guarantee that the contents of our own websites are always accurate, complete, and up-to-date.

Websites of Third Parties
Occasionally we reference third-party websites by providing links. Although we select these third parties carefully, we cannot accept any responsibility or liability for the accuracy or completeness of the contents or the data security of third-party websites. Furthermore, this data protection statement and privacy policy does not apply to linked websites of third parties. Dräger is not responsible for the data protection statements, privacy policies, or content of other websites.

Privacy Notice for California Residents as of January 2020
This Privacy Notice for California Residents supplements the information contained in the privacy policy above and applies solely to all visitors, users, and others who reside in the State of California (”consumers”).

Information We Collect through Our Website
Through our Website, we collect information that identifies, relates to, describes, references, is capable of being associated with, or could reasonably be linked, directly or indirectly, with a particular consumer or device (”personal information”). In particular, our website has collected the following categories of personal information from its consumers within the last twelve (12) months:

Category A: Identifiers
Examples: A real name, Internet Protocol address, email address, or other similar identifiers.
Collected: YES

Category B: Personal information categories listed in the California Customer Records statute (Cal. Civ. Code § 1798.80(e))
Examples: A name, signature, Social Security number, physical characteristics or description, address, telephone number, passport number, driver’s license or state identification card number, insurance policy number, education, employment, employment history, bank account number, credit card number, debit card number, or any other financial information, medical information, or health insurance information. Some personal information included in this category may overlap with other categories.
Collected: NO

Category C: Protected classification characteristics under California or federal law
Examples: Age (40 years or older), race, color, ancestry, national origin, citizenship, religion or creed, marital status, medical condition, physical or mental disability, sex (including gender, gender identity, gender expression, pregnancy or childbirth and related medical conditions), sexual orientation, veteran or military status, genetic information (including familial genetic information).
Collected: NO

Information We Collect for Reporting Purposes Specific to Our Interlock Business
Category A: Identifiers
Examples: A real name, Internet Protocol address, email address, or other similar identifiers.
Collected: YES

Category B: Personal information categories listed in the California Customer Records statute (Cal. Civ. Code § 1798.80(e))
Examples: A name, signature, Social Security number, physical characteristics or description, address, telephone number, passport number, driver’s license or state identification card number, insurance policy number, education, employment, employment history, bank account number, credit card number, debit card number, or any other financial information, medical information, or health insurance information. Some personal information included in this category may overlap with other categories.
Collected: YES

Category C: Protected classification characteristics under California or federal law
Examples: Age (40 years or older), race, color, ancestry, national origin, citizenship, religion or creed, marital status, medical condition, physical or mental disability, sex (including gender, gender identity, gender expression, pregnancy or childbirth and related medical conditions), sexual orientation, veteran or military status, genetic information (including familial genetic information).
Collected: NO

Personal information does not include:

  • Publicly available information from government records.
  • De-identified or aggregated consumer information.
  • Information excluded from the CCPA’s scope, like:
    • health or medical information covered by the Health Insurance Portability and Accountability Act of 1996 (HIPAA) and the California Confidentiality of Medical Information Act (CMIA) or clinical trial data;
    • personal information covered by certain sector-specific privacy laws, including the Fair Credit Reporting Act (FRCA), the Gramm-Leach-Bliley Act (GLBA) or California Financial Information Privacy Act (FIPA), and the Driver’s Privacy Protection Act of 1994.

Use of Personal Information
We may use, or disclose the personal information we collect for one or more of the following business purposes:

  • To fulfill or meet the reason you provided the information. For example, if you share your name and contact information to request a price quote or ask a question about our products or services, we will use that personal information to respond to your inquiry.
  • To provide you with support and to respond to your inquiries, including to investigate and address your concerns and monitor and improve our responses.
  • To respond to law enforcement requests and as required by applicable law, court order, or governmental regulations.
  • As described to you when collecting your personal information or as otherwise set forth in the CCPA.
  • We will not collect additional categories of personal information or use the personal information we collected for materially different, unrelated, or incompatible purposes without providing you notice.

Sharing Personal Information
We may disclose your personal information to Draeger Authorized Service Providers for business purposes; however, we do not sell any personal information to third parties. When we disclose personal information for a business purpose, we enter a contract that describes the purpose and requires the recipient to both keep that personal information confidential and not use it for any purpose except performing the contract. [The CCPA prohibits third parties who purchase the personal information we hold from reselling it unless you have received explicit notice and an opportunity to opt-out of further sales.]

We may share information collected with Government Agencies to comply with Court Orders, Ignition Interlock Device Orders, and other applicable Legal requirements.

Your Rights and Choices
The CCPA provides consumers (California residents) with specific rights regarding their personal information. This section describes your CCPA rights and explains how to exercise those rights.

Access to Specific Information
You have the right to request that we disclose certain information to you about our collection and use of your personal information over the past 12 months. Once we receive and confirm your verifiable consumer request, we will disclose to you:

  • The categories of personal information we collected about you
  • The categories of sources for the personal information we collected about you
  • Our business or commercial purpose for collecting or selling that personal information
  • The categories of third parties with whom we share that personal information
  • The specific pieces of personal information we collected about you
  • If we sold or disclosed your personal information for a business purpose, two separate lists disclosing:
    • sales, identifying the personal information categories that each category of recipient purchased; and
    • disclosures for a business purpose, identifying the personal information categories that each category of recipient obtained.

Deletion Request Rights
You have the right to request that we delete any of your personal information that we collected from you and retained, subject to certain exceptions. Once we receive and confirm your verifiable consumer request, we will delete (and direct our service providers to delete) your personal information from our records, unless an exception applies.
We may deny your deletion request if retaining the information is necessary for us or our service provider(s) to:

  • Complete the transaction for which we collected the personal information, provide a good or service that you requested, take actions reasonably anticipated within the context of our ongoing business relationship with you, or otherwise perform our contract with you.
  • Detect security incidents, protect against malicious, deceptive, fraudulent, or illegal activity, or prosecute those responsible for such activities.
  • Debug products to identify and repair errors that impair existing intended functionality.
  • Exercise free speech, ensure the right of another consumer to exercise their free speech rights, or exercise another right provided for by law.
  • Comply with the California Electronic Communications Privacy Act (Cal. Penal Code § 1546 et. seq.).
  • Engage in public or peer-reviewed scientific, historical, or statistical research in the public interest that adheres to all other applicable ethics and privacy laws, when the information’s deletion may likely render impossible or seriously impair the research’s achievement, if you previously provided informed consent.
  • Enable solely internal uses that are reasonably aligned with consumer expectations based on your relationship with us.
  • Comply with a legal obligation.
  • Make other internal and lawful uses of that information that are compatible with the context in which you provided it.

Exercising Access and Deletion Rights
To exercise the access, data portability, and deletion rights described above, please submit a verifiable consumer request to us through our toll free hotline ( 1-800-437-2437) or by sending us a message on our website. Only you, or a person registered with the California Secretary of State that you authorize to act on your behalf, may make a verifiable consumer request related to your personal information. You may also make a verifiable consumer request on behalf of your minor child.

You may only make a verifiable consumer request for access or data portability twice within a 12-month period. The verifiable consumer request must:

  • Provide sufficient information that allows us to reasonably verify you are the person about whom we collected personal information or an authorized representative.
  • Describe your request with sufficient detail that allows us to properly understand, evaluate, and respond to it.

We cannot respond to your request or provide you with personal information if we cannot verify your identity or authority to make the request and confirm the personal information relates to you. We will only use personal information provided in a verifiable consumer request to verify the requestor’s identity or authority to make the request.

Response Timing and Format
We endeavor to respond to a verifiable consumer request within forty-five (45) days of its receipt. If we require more time (up to [45/90] days), we will inform you of the reason and extension period in writing. We will deliver our written response by mail or electronically, at your option. Any disclosures we provide will only cover the 12-month period preceding the verifiable consumer request’s receipt. The response we provide will also explain the reasons we cannot comply with a request, if applicable.

Changes to Our Privacy Notice
We reserve the right to amend this privacy notice at our discretion and at any time. When we make changes to this privacy notice, we will post the updated notice on the Website and update the notice’s effective date. Your continued use of our Website following the posting of changes constitutes your acceptance of such changes.