Controller
Uponor GmbH (“Uponor”)
Industriestrasse 56
97437 Hassfurt
Germany
Contact person
Peter Fischer
Uponor GmbH
Industriestrasse 56
97437 Hassfurt
Germany
+49 800 77 800 40
Name of the register
Uponor HSEmobile
Purpose of the register and legal basis for processing
The register contains personal data about the user of Uponor HSEmobile (“Application”). The user of the Application may be a representative of a company or other legal entity and the register may also contain personal data of the respective company’s or legal entity’s customers and other third parties, if the user has provided such personal data to Uponor within the Application.
The purpose of the use of the personal data is to provide the user with the Application as agreed between the user or the company/other legal entity the user is representing and Uponor. The personal data may also be used for other purposes such as for
maintenance and development of the Application and Uponor products and services;
marketing and communication purposes such as for informing of new features, new products or launches, and special promotions; and for
statistical and analytical purposes.
The legal basis for processing the user’s personal data is the performance of the agreement between the user and Uponor concerning the use of the Application and the services it provides (see article 6.1(b) of the EU General Data Protection Regulation 2016/679, the “GDPR”). In some instances, Uponor may also process the user’s personal data based on its legitimate interests to analyse how the Application is used, further develop it, and to market its products and services (see article 6.1(f) of the GDPR).
In the event the user has added personal data concerning the user’s end customers to the Application, the legal basis for Uponor to process such data is its legitimate interests in providing the Application (and the services provided thereby) for the benefit of the end customer in question. Uponor may also process such data for its legitimate interest to analyse how the Application is used, further develop it, and to market its products and services. (See article 6.1(f) of the GDPR).
To the extent the user adds any such personal data of the user’s end customers into the Application, the user should inform the customer of this and direct the end customer to this privacy policy.
Contents of the register
Personal data is typically collected when the user downloads, installs and uses the Application or otherwise interacts with Uponor. The personal data may include, among others, the data subject’s full name, address (street, number, post code, city), mobile number, email address, company name, company address (street, number, post code, city), area/county and country. Moreover, the personal data may include the user’s customer number, IP-address, access times, the links the user uses, the content the user view and such other behavioural information relating to the user that Uponor receives through the Application.
Regular sources of data
The personal data is collected primarily from the user of the Application or through the user’s actions within the Application.
If the user has registered or signed in to “Uponor & More Loyalty Program”, the user’s personal data can be also collected from Uponor & More Loyalty Program register.
Regular disclosure of data and the transfer of data outside the EU or the EEA
The personal data may be disclosed by Uponor to its group companies. The personal data stored on the server will not be transferred outside the EU or the EEA.
In the event Uponor sells, buys, merges or reorganizes in some other way, this may involve Uponor disclosing personal data e.g. to potential and actual purchasers and their advisers.
In addition to the above Uponor may be obliged to disclose the personal data to the authorities. Uponor may also disclose and otherwise process the personal data, in accordance with applicable legislation, to defend its legitimate interests.
Please note that Uponor may use third-party service providers to process personal data.
Principles of data security and data storage
The personal data will be mainly stored electronically. The personal data is stored in locked premises with restricted access and protected by a participant ID and a password. All physical copies of the personal data, if any, will be stored in locked premises. Only persons who need to process the personal data as part of their duties have access to and the right to process the information stored in the register.
Uponor retains the personal data as long as it is necessary for the aforementioned purposes or as required by applicable laws. When such requirements no longer exist, the personal data will be deleted.
Automated decision making
Personal data is not used for automated decision making having legal or similar consequences to the data subjects.
Data subject’s rights
Right of access: The data subject is entitled to inspect his personal data and to receive a written copy of the personal data. In general the inspection is free of charge.
Right to data portability: The data subject is in some cases also entitled to receive his personal data, which he has provided to the controller, in a structured, commonly used and machine-readable format and, when technically feasible, has the right to transmit those data to another controller without hindrance from the controller to which the personal data have been provided.
Right to object: The data subject is entitled to object at any time to processing of his personal data for direct marketing purposes. End customers who object to a user having added their personal data to the Application, may also request that it be removed.
Right to request rectification, erasure or restriction: The data subject is entitled to ask Uponor to rectify or erase his personal data in case it is obsolete, irrelevant, incorrect, incomplete, otherwise inaccurate or due to other legally acceptable ground. The data subject is also entitled to request restriction of processing of the data subject’s personal data.
Official complaint: While Uponor hopes to resolve any issue the data subject may have with how Uponor processes his personal data, the data subject also has the right to lodge an official complaint with the local national data protection supervisory authority.
If the data subject wishes to exercise above rights, a written request to the contact person and address stated in Section 2 above should be presented.