Data protection statement Version 3.0 Status as of September 2020
Previous versions of our data protection statement can be found here: https://www.draeger.com/data-protection

General data processing information
The Dräger Group is committed to protecting the privacy rights of anyone whose personal data is processed by the Dräger Group. This applies regardless of where and how the personal data is collected. Information about the type and function of the data that we store and process is given below. This data protection statement applies to Dräger’s website and to the websites of all affiliated companies referring to this statement on their websites. It does not apply to Dräger websites referring to their own data protection statements.

User Rights
Our group data protection officer will be happy to answer your questions about the collection, processing or use of your personal data, and respond to requests for information, or for the correction, blocking or deletion of data. The data protection officer can be reached via email: dataprivacy@draeger.com.Our postal address is as follows:

Drägerwerk AG &Co. KGaA
Konzerndatenschutzbeauftragter
Moislinger Allee 53-55
D-23558 Lübeck, Germany

How does Dräger collect, store, process and transmit your data?
We store and process the personal data that you provide. This may happen, for example, in association with a contract or a survey, in order to process your concern, or as part of a registration or a login process. We use your data for the purpose of handling your concern and pass it on to our subsidiaries and specialist dealers worldwide, if processing is necessary for the intended purpose. We also use your data for providing our services, for evaluation and promotional purposes, and for supplying other information addressed to you, in particular information about products and services, newsletters, email-marketing, surveys and making telephone contact, if you have given your consent. When executing certain data-processing tasks, Dräger uses the services of external providers. We may transmit and process your data outside of the country in which you are resident, in one of the countries where Dräger, its subsidiaries, specialist dealers or service providers and suppliers operate. They may be located outside the European Economic Area. Contractual obligations exist both within the company and with our specialist dealers, service providers and suppliers, concerning compliance with data protection regulations. These entities are not regarded as third parties in the meaning of the data protection legislation. We therefore kindly ask you to give your consent, e.g. during registration. You can withdraw your consent at any time with effect for the future.

We also store your data for data security purposes and to optimize the website. This includes analyses of the data for statistical purposes in anonymized form. Furthermore, your data will be used for the purposes of promotion, market research and for needs-based design of the electronic services, only if you have given your prior consent. You have the right, at any time, to object to the use of your data for promotional and marketing purposes and for opinion polls with effect for the future.

What happens during registration and log in?
Some of our Internet offers require registration and logging in, e.g. for a newsletter, a sweepstake, an online game, for executing a contract or for an online application. This is required so that access and authorizations for the relevant functions can be controlled. We request the personal data that is collected and stored during login for the purposes of the respective internet offers. We will provide you with more details concerning use to inform you about storage, processing and the purpose of the data collection.

What are log files?
A log file contains an automatic record of all or selected activities on a computer system. Log files are mainly used in process control and automation. Log files for databases record changes in the database of correctly completed transactions. This enables the current data to be restored in the event of an error (e.g. system crash). Log files are also created by web servers. They log the following (and other) information: the address of the accessing computer, authentication fields, date and time of access, access method and content of the HTML access, status code of the web server, information about the browser being used, and the customer’s operating system.

Each time a user accesses a Dräger website and every time a file is opened, data about this process is automatically saved in log files stored on our servers.

How long will my data be kept?
Dräger stores the personal data the you provide to us only for as long as is necessary to fulfill the purposes for which this data was provided, or for as long as this is required by law.

What are cookies and web beacons?
Dräger collects information about the visitors to its websites and marketing campaigns in order to improve its web pages. We use various types of cookies and web beacons to do this. A web server can use a cookie to store text information (e.g. a unique ID) on the user’s PC. As a rule, cookies are used to recognize users when they revisit our websites. The cookie is either sent from the web server to the browser or is created with client-side scripting (such as JavaScript). The cookie information is stored locally on your computer and is usually valid for a limited period.

Websites with Flash media write user-specific data on the user’s computer and read them again later.

These files are called Flash cookies or Local Shared Objects (LSO). They are not managed by the web browser itself, but by its respective Flash Player plugin.

Flash cookies are subject to the same rules as conventional cookies. They can be read only by the website that initiated storage of the Flash cookie. However, the amount of information they can store is much greater.

Browsers usually offer a wide range of settings to control the use of cookies. So you can set your browser not to store cookies, or restrict the acceptance of cookies to certain websites. Another option is to set your browser so that it notifies you as soon as a cookie is sent.

You can use our website offers without cookies if you wish. However, because these cookies also control website content, in this case you should expect restrictions in the display of the page or in user navigation. Websites linked to our website may use cookies without Dräger being able to inform you about their use first.

We reserve the right to use web beacons in order to improve the quality of our email communication. Web beacons are small graphic files that can recognise certain types of data on your computer (e.g. cookies) if you have looked at a website linked to the web beacon. This includes the IP address of the computer that downloaded the website on which the graphic file appears, the URL of the website on which the graphic file appears, the time at which the website was displayed, the type of browser that loaded the graphic file, and the identification numbers of cookies that have previously been placed on the computer by this server. When we correspond with you via HTML-capable email, web beacons tell us whether you have received the email and opened it. You can set your browser to display HTML emails as text only, in order to prevent the use of some web beacons.

What tools does Dräger use for analysis and marketing?
When you use our website, data is collected automatically. This information is important for us in analyzing the interest in the content of our site, and improving our offerings. To this end we use a range of different data collection systems as web analysis tools Detailed information on the data collected and how you can object to the collection of this information is listed in the following section:

Omniture Site Catalyst
Omniture collects data about user behavior on the website, such as sites visited, clicked objects and links, information on the time of the visit, length of stay, and repeat visits to the site. Omniture also uses cookies. The information is stored in anonymized form by disguising the IP address of the user so that the user cannot be identified.

This user data is stored for the purpose of measuring the effectiveness of web pages.

You can object to the collection of your user data. To do so, please click the following link: http://www.omniture.com/en/privacy/2o7

Crazy Egg
Crazy Egg is used to obtain information about user behavior on the website. This enables us to improve user navigation.

The Crazy Egg tracking script collects information about the navigation behavior of users on our website and which links on a website are clicked most frequently.

Crazy Egg can collect additional information about the user’s computer if it is made available via the user’s browser, e.g.:

  • information about the browser
  • information about the operating system
  • information on whether the device being used is a mobile device
  • IP address
  • websites visited
  • geographical location
  • time of the visit
  • previously visited (referring) website or service

Further details about Crazy Egg tracking can be found on the Crazy Egg website: http://www.crazyegg.com/privacy

You can object to the collection of your user data. To do so, please click the following link: http://www.crazyegg.com/opt-out

Microsoft Dynamics Marketing
Dräger also uses the Microsoft Dynamics Marketing tool for its online marketing campaigns. To measure the effectiveness of such marketing campaigns, offer you an efficient web site, and prevent abuse of the system as far as possible, Microsoft Dynamics Marketing acts on behalf of Dräger, collecting information such as navigation patterns and user behavior. Cookies are used to maintain your session and identify you as a returning visitor. We use this information to analyze which Internet pages you have visited, so that we can make additional relevant content available to you and identify which types of information you are interested in. The information generated by the cookie includes your IP address and related location data. This information is logged by Microsoft for technical reasons but is not available to Dräger.. Microsoft Dynamics Marketing also creates behavioral-analysis scripts for websites (or sub-sites). Microsoft uses these scripts on Dräger’s behalf to store the referrer URL, which enables it to analyze the use behavior of visitors already identified. This user data is stored for the purpose of measuring the effectiveness of promotional campaigns.

We also use Microsoft Dynamics Marketing to send out newsletters. On behalf of Dräger, Microsoft analyzes the respective user behavior on opening and reading the newsletter and creates a report so that we can send you personalized and specially tailored information. We do not pass this information to third parties. You can prevent the analysis by unsubscribing from the newsletter.

You can prevent the collection of your user data by changing the cookie settings in your browser. Further information from Microsoft about data protection and cookies can be found at: https://www.microsoft.com/en-US/privacystatement/OnlineServices/Default.aspx

Microsoft SharePoint
For contact forms on our website we use technologies that collect and store not only the requested personal data, but also the referrer URL, when a form is submitted. By submitting the form you consent to this process.

Using Facebook Social Plugins
To make our website more attractive and user-friendly, our web pages include social plugins from the network facebook.com, which is operated by Facebook Inc., 1601 S. California Ave, Palo Alto, CA 94304, USA (“Facebook”). The plugins are distinguished by the Facebook logo (white “f” on blue  background, a “thumbs up” icon), the word “Like” or the words “Facebook social plugin”. The list of Facebook social plugins can be viewed here: https://developers.facebook.com/docs/plugins.

When you visit a website that includes this social media plugin, your browser establishes a direct connection with the Facebook servers. The content of the social plugin is then transferred directly to your browser and integrated into the website. In this case, Facebook obtains your IP address and other device-related information. The information that you have visited our website is also passed to Facebook. Facebook may then also save a cookie on your computer, which is deleted when the browser is closed (see the section on cookies). We have no control over the scope of the data collected by Facebook using this social plugin.

As far as we are aware, Facebook can link your visit to our web pages with your personal user account on Facebook if you are logged in to Facebook while visiting our website. By interacting with social plugins, for example by clicking the “Like” button or submitting a comment, the corresponding information is transmitted directly from your browser to Facebook and stored there. This data transfer can be prevented only if you log out from your Facebook account before visiting our website. Even if you are not a member of Facebook, it is still possible that Facebook will identify and store your IP address. It is also possible to block Facebook social plugins by using add-ons for your browser, such as the “Facebook Blocker” add-on.

Please see Facebook’s privacy policy (https://www.facebook.com/privacy/explanation) for information about the purpose and scope of data collection by Facebook, further data processing and use of your data on and by Facebook, plus your rights and settings available to protect your privacy.

Using Twitter Social Plugins
Twitter functions may also be integrated into our websites. These functions are offered by Twitter Inc., 795 Folsom St., Suite 600, San Francisco, CA 94107, USA. They are identified with such words as “Twitter” or “Follow”/”Re-Tweet” together with the icon of a blue bird. By using these functions, you can share an item or a page from our website on Twitter or follow the provider on Twitter, if you have your own Twitter account.

The websites you have visited are then linked to your Twitter account, and this information is made known to other Twitter users. This involves transmission of data to Twitter.

As the provider of our websites, on which these functions are present, we have no knowledge of the content of the data transferred or how Twitter uses it. Further information can be found in Twitter’s Privacy Policy at http://twitter.com/privacy. You can change your Twitter privacy preferences in your account settings at http://twitter.com/account/settings.

Using LinkedIn Social Plugins
In addition, plugins from the LinkedIn Corporation, 2029 Stierlin Court, Mountain View, CA 94043, USA (“LinkedIn” in the following), are integrated into our websites. These functions are identified with the LinkedIn logo.

When you visit our websites, a direct connection is created between your browser and the LinkedIn server via the plugin. This provides LinkedIn with the information that you have visited our website with your IP address.

If you click the LinkedIn “Recommend” button while you are logged in to your LinkedIn account, you can link the contents of our websites with your LinkedIn profile. This enables LinkedIn to associate your visit to our websites with your user account.

Further information on data collection, your rights and the settings to protect your privacy can be found in the LinkedIn privacy policy: This information is held by LinkedIn at https://www.linkedin.com/legal/privacy-policy?trk=uno-reg-guest-home-privacy-policy.

Using Xing Social Plugins
Our  Internet pages also use plugins from the social network xing.com (“Xing” in the following), which is operated by XING AG, Gänsemarkt 43, 20354 Hamburg, Germany.

When you access a page of our website with one of these plugins, your browser establishes a direct connection with the Xing servers. The content of the plugin is then transmitted by Xing directly to your browser and integrated into the website.

Integration of the plugin informs Xing that you have accessed this particular page on our website. If you are logged in to Xing, it can associate your visit with your Xing account. Further information on data collection, further processing and use of the data by Xing, and your rights and the settings to protect your privacy can be found in the Xing privacy policy: https://www.xing.com/privacy.

Using YouTube Social Plugins

On our websites you will also find integrated plugins from YouTube, which is owned by Google Inc., 901 Cherry Ave, San Bruno, CA 94066, USA. As soon as you visit one of our websites with a YouTube plugin, your browser establishes a connection to the YouTube servers. The YouTube server is then informed about which of our websites you have visited. If you are logged in to your YouTube account, YouTube can add your surfing behavior directly to your personal profile. This does not happen if you have already logged out from your YouTube account. Information on data collection (purpose, scope, further processing, use), and on your rights and the settings to protect your privacy can be found in the YouTube privacy policy https://www.google.en/intl/en/policies/privacy/.

Using Slideshare Plugins
We also use Slideshare on certain individual websites to display our own presentations. Slideshare is a service operated by LinkedIn for sharing information such as presentations. You must give your prior explicit consent to the use of Slideshare, because at the beginning of the presentation, personal data about you is transmitted to Slideshare.com, Google Analytics and comScore. In addition, a cookie is set in your browser and the data is transmitted to the USA and stored. We have no control over this process and we have no knowledge of the scope of the data collection, the purpose or the duration of storage by these services. For your protection, we have therefore integrated Slideshare with a double-click solution. comScore uses your data to create use profiles which it then uses for marketing purposes, market research and needs-based design of websites, in order to provide needs-based advertising. If you wish to exercise your right to object to this use, you must contact comScore.

Information on data collection (purpose, scope, further processing, use), your rights and settings to protect your privacy can be found in the privacy policies of LinkedIn: LinkedIn Ireland, Wilton Plaza, Wilton Place, Dublin 2, Ireland, https://www.linkedin.com/legal/privacy-policy and of comScore: comScore, 11950 Democracy Drive, Suite 600, Reston, VA 20190, United States, https://www.comscore.com/About_comScore/Privacy_Policy.

Changes to Our Data Protection Statement and Privacy Policy
We will update our data protection statement and privacy policy as we introduce new products or services, or change our Internet procedures, or as Internet and/or IT security technology develops, or when required by changes in the law. We therefore reserve the right to change or supplement our data protection statement and privacy policy as required. Any changes will be published here and then apply to future use of our website. You should visit this page regularly to find out about the current status of our data protection statement and privacy policy. This does not include a change of purpose in the use of data already stored.

All information contained on this website has been checked with great care. However, we do not guarantee that the contents of our own websites are always accurate, complete, and up-to-date.

Websites of Third Parties
Occasionally we reference third-party websites by providing links. Although we select these third parties carefully, we cannot accept any responsibility or liability for the accuracy or completeness of the contents or the data security of third-party websites. Furthermore, this data protection statement and privacy policy does not apply to linked websites of third parties. Dräger is not responsible for the data protection statements, privacy policies, or content of other websites.

Privacy Notice for California Residents as of January 2020
This Privacy Notice for California Residents supplements the information contained in the privacy policy above and applies solely to all visitors, users, and others who reside in the State of California (”consumers”).

Information We Collect through Our Website
Through our Website, we collect information that identifies, relates to, describes, references, is capable of being associated with, or could reasonably be linked, directly or indirectly, with a particular consumer or device (”personal information”). In particular, our website has collected the following categories of personal information from its consumers within the last twelve (12) months:

Category A: Identifiers
Examples: A real name, Internet Protocol address, email address, or other similar identifiers.
Collected: YES

Category B: Personal information categories listed in the California Customer Records statute (Cal. Civ. Code § 1798.80(e))
Examples: A name, signature, Social Security number, physical characteristics or description, address, telephone number, passport number, driver’s license or state identification card number, insurance policy number, education, employment, employment history, bank account number, credit card number, debit card number, or any other financial information, medical information, or health insurance information. Some personal information included in this category may overlap with other categories.
Collected: NO

Category C: Protected classification characteristics under California or federal law
Examples: Age (40 years or older), race, color, ancestry, national origin, citizenship, religion or creed, marital status, medical condition, physical or mental disability, sex (including gender, gender identity, gender expression, pregnancy or childbirth and related medical conditions), sexual orientation, veteran or military status, genetic information (including familial genetic information).
Collected: NO

Information We Collect for Reporting Purposes Specific to Our Interlock Business
Category A: Identifiers
Examples: A real name, Internet Protocol address, email address, or other similar identifiers.
Collected: YES

Category B: Personal information categories listed in the California Customer Records statute (Cal. Civ. Code § 1798.80(e))
Examples: A name, signature, Social Security number, physical characteristics or description, address, telephone number, passport number, driver’s license or state identification card number, insurance policy number, education, employment, employment history, bank account number, credit card number, debit card number, or any other financial information, medical information, or health insurance information. Some personal information included in this category may overlap with other categories.
Collected: YES

Category C: Protected classification characteristics under California or federal law
Examples: Age (40 years or older), race, color, ancestry, national origin, citizenship, religion or creed, marital status, medical condition, physical or mental disability, sex (including gender, gender identity, gender expression, pregnancy or childbirth and related medical conditions), sexual orientation, veteran or military status, genetic information (including familial genetic information).
Collected: NO

Personal information does not include:

  • Publicly available information from government records.
  • De-identified or aggregated consumer information.
  • Information excluded from the CCPA’s scope, like:
    • health or medical information covered by the Health Insurance Portability and Accountability Act of 1996 (HIPAA) and the California Confidentiality of Medical Information Act (CMIA) or clinical trial data;
    • personal information covered by certain sector-specific privacy laws, including the Fair Credit Reporting Act (FRCA), the Gramm-Leach-Bliley Act (GLBA) or California Financial Information Privacy Act (FIPA), and the Driver’s Privacy Protection Act of 1994.

Use of Personal Information
We may use, or disclose the personal information we collect for one or more of the following business purposes:

  • To fulfill or meet the reason you provided the information. For example, if you share your name and contact information to request a price quote or ask a question about our products or services, we will use that personal information to respond to your inquiry.
  • To provide you with support and to respond to your inquiries, including to investigate and address your concerns and monitor and improve our responses.
  • To respond to law enforcement requests and as required by applicable law, court order, or governmental regulations.
  • As described to you when collecting your personal information or as otherwise set forth in the CCPA.
  • We will not collect additional categories of personal information or use the personal information we collected for materially different, unrelated, or incompatible purposes without providing you notice.

Sharing Personal Information
We may disclose your personal information to Draeger Authorized Service Providers for business purposes; however, we do not sell any personal information to third parties. When we disclose personal information for a business purpose, we enter a contract that describes the purpose and requires the recipient to both keep that personal information confidential and not use it for any purpose except performing the contract. [The CCPA prohibits third parties who purchase the personal information we hold from reselling it unless you have received explicit notice and an opportunity to opt-out of further sales.]

We may share information collected with Government Agencies to comply with Court Orders, Ignition Interlock Device Orders, and other applicable Legal requirements.

Your Rights and Choices
The CCPA provides consumers (California residents) with specific rights regarding their personal information. This section describes your CCPA rights and explains how to exercise those rights.

Access to Specific Information
You have the right to request that we disclose certain information to you about our collection and use of your personal information over the past 12 months. Once we receive and confirm your verifiable consumer request, we will disclose to you:

  • The categories of personal information we collected about you
  • The categories of sources for the personal information we collected about you
  • Our business or commercial purpose for collecting or selling that personal information
  • The categories of third parties with whom we share that personal information
  • The specific pieces of personal information we collected about you
  • If we sold or disclosed your personal information for a business purpose, two separate lists disclosing:
    • sales, identifying the personal information categories that each category of recipient purchased; and
    • disclosures for a business purpose, identifying the personal information categories that each category of recipient obtained.

Deletion Request Rights
You have the right to request that we delete any of your personal information that we collected from you and retained, subject to certain exceptions. Once we receive and confirm your verifiable consumer request, we will delete (and direct our service providers to delete) your personal information from our records, unless an exception applies.
We may deny your deletion request if retaining the information is necessary for us or our service provider(s) to:

  • Complete the transaction for which we collected the personal information, provide a good or service that you requested, take actions reasonably anticipated within the context of our ongoing business relationship with you, or otherwise perform our contract with you.
  • Detect security incidents, protect against malicious, deceptive, fraudulent, or illegal activity, or prosecute those responsible for such activities.
  • Debug products to identify and repair errors that impair existing intended functionality.
  • Exercise free speech, ensure the right of another consumer to exercise their free speech rights, or exercise another right provided for by law.
  • Comply with the California Electronic Communications Privacy Act (Cal. Penal Code § 1546 et. seq.).
  • Engage in public or peer-reviewed scientific, historical, or statistical research in the public interest that adheres to all other applicable ethics and privacy laws, when the information’s deletion may likely render impossible or seriously impair the research’s achievement, if you previously provided informed consent.
  • Enable solely internal uses that are reasonably aligned with consumer expectations based on your relationship with us.
  • Comply with a legal obligation.
  • Make other internal and lawful uses of that information that are compatible with the context in which you provided it.

Exercising Access and Deletion Rights
To exercise the access, data portability, and deletion rights described above, please submit a verifiable consumer request to us through our toll free hotline ( 1-800-437-2437) or by sending us a message on our website. Only you, or a person registered with the California Secretary of State that you authorize to act on your behalf, may make a verifiable consumer request related to your personal information. You may also make a verifiable consumer request on behalf of your minor child.

You may only make a verifiable consumer request for access or data portability twice within a 12-month period. The verifiable consumer request must:

  • Provide sufficient information that allows us to reasonably verify you are the person about whom we collected personal information or an authorized representative.
  • Describe your request with sufficient detail that allows us to properly understand, evaluate, and respond to it.

We cannot respond to your request or provide you with personal information if we cannot verify your identity or authority to make the request and confirm the personal information relates to you. We will only use personal information provided in a verifiable consumer request to verify the requestor’s identity or authority to make the request.

Response Timing and Format
We endeavor to respond to a verifiable consumer request within forty-five (45) days of its receipt. If we require more time (up to [45/90] days), we will inform you of the reason and extension period in writing. We will deliver our written response by mail or electronically, at your option. Any disclosures we provide will only cover the 12-month period preceding the verifiable consumer request’s receipt. The response we provide will also explain the reasons we cannot comply with a request, if applicable.

Changes to Our Privacy Notice
We reserve the right to amend this privacy notice at our discretion and at any time. When we make changes to this privacy notice, we will post the updated notice on the Website and update the notice’s effective date. Your continued use of our Website following the posting of changes constitutes your acceptance of such changes.