Festo Data Privacy Statement

The responsible body (controller) is:

Festo Corporation

1377 Motor Parkway, Suite 310

Islandia, NY 11749

Email: privacy_us@festo.com

You can contact our company data protection contact at:

Festo Corporation

Attn: Colin Gerson, Vice President IT-CCA

1377 Motor Parkway, Suite 310

Islandia, NY 11749

Email: privacy_us@festo.com

2.1 When using our websites

Your benefits/our purposes

Festo provides various appealing online functions for you, which can support you in your day-to-day work in numerous ways. For these functions, we use personal data to determine your identity and to allow user authentication, e.g. to provide your chosen services and functions on the Festo websites.

In addition, we also process personal data for security reasons, particularly to detect and prevent attacks on our websites or fraud attempts.

Data categories

When you use our websites, web applications or online tools, we save the following personal data, for example:

• The type of device, browser and operating system you used
• Your IP address
• The date and time of your visits
• Use of the websites and their functions
• Search terms, error messages, information about files that you have retrieved and the amount of data transmitted
• Websites from which you accessed our websites and websites you visited from our websites.

We only save other personal data, such as:

• First name and last name
• Business contact details, such as e-mail address and telephone number
• Information provided as part of an enquiry

If you voluntarily share this data with us, e.g. as part of the registration process, an enquiry, a contact form, a survey or to perform a contract.

Cookies

We use cookies on our Festo websites to gather this data.

For your searches on Festo websites, you only need to set your cookie setting once! Your consents are stored and applied to all websites for different devices.

You can find more information about how Festo uses cookies in our Cookie Policy, where you can also set which cookies are activated when you use our websites.

Web tools

Information on web tools used by Festo can be found under Web tools.

Links to other websites

This data privacy statement only applies to Festo websites and not to third-party websites and applications. Festo websites may contain links to third-party websites and applications that may be of interest to you.

Festo is not responsible for the gathering, processing and use of your data by third parties or for the content of these third-party websites.

2.2 When using mobile apps or local applications

Your benefits/our purposes

Festo offers a multitude of applications that you can use on devices such as laptops, tablets or smartphones, and that can help you carry out your tasks efficiently and securely. Interesting functions can be set up and controlled using personal data.

If special functions and benefits are integrated into tools, you will find information about these in the additional data privacy statement for the application in question.

Festo can only access content and personal data in the applications during service and maintenance work.

Data categories

• Contact information, such as first name and last name, business address, telephone number and e-mail address
• User-specific settings, such as favorites
• Roles and role-specific settings

2.3 When cooperating with business partners

Your benefits/our purposes

Good business relationships are based on good communication between the right contact partners and the necessary information being exchanged effectively. We use your personal data to communicate with you regarding products, services and projects, e.g. to process your enquiries or to give you technical information on products. We also use your personal data to maintain our (contractual) business relationship, e.g. to process product and service orders, to carry out repairs or servicing work, and for accounting, invoicing and payment transactions.

Data categories

As part of our cooperation with you as a business partner, Festo processes your personal data as a contact person for customers, interested parties, sales partners, suppliers or other partners.

This personal data primarily includes:

• Contact information, such as first names and last names, business address, telephone number and e-mail address
• Information about telephone calls, visits, exchanges and the content of this communication
• Information required as part of a project or to process a contractual relationship
• Data collected from publicly available sources, information databases or credit agencies
• If legally required as part of the compliance screening process, date of birth, ID card and ID card numbers, information about relevant legal proceedings and other legal disputes in which the business partners are involved
• Payment details, such as information for processing payment transactions or to prevent fraud, including credit card information and card security numbers

Festo communicates with you as your B2B contact and does not process any personal data that can identify you as a data subject beyond this purpose. We do not carry out any profiling which might have a legal effect for you personally or affect you in similar ways.

2.4 For cooperation between Festo and business partners

Your benefits/our purposes

Modern electronic methods of communication offer tools that make it possible to work together effectively and to exchange information and data quickly and simply. When such tools are used, personal data can be processed for identification purposes and to document this contact.

Data categories

In online sessions and with similar functions, various items of personal data may be processed, including but not limited to:

• Contact details (name, e-mail, company, etc.)
• All information arising from the communication: access rights, comments and notes, editing documents, use information like date and time

2.5 For direct marketing

Your benefits/our purposes

Festo informs you about important market trends, interesting new products and solutions based on your sector and your selected interests. In addition, you receive information about marketing campaigns, market analyses or similar initiatives and events.

You have the right to object to the use of your contact details for these purposes at any time. To do so, send an e-mail to info@festo.com or use the objection option included in all communications in this context.

Data categories

To provide you with information in line with your wants and needs, we collect various pieces of personal data as part of our direct marketing campaigns, including:

• Contact information, such as first name, last name and business address, telephone number and e-mail address
• Your selected options for newsletters and areas of interest
• Information about trade fair attendance, participation in webinars or similar
• All information that you have shared voluntarily, as long as you consent to this

2.6 For planning and holding events

Your benefits/our purposes

At Festo, we like to give you up-to-date information about our performance, our attractive offerings and interesting trends. At various events, we give you the opportunity to chat to Festo specialists or other interested parties and trendsetters. To ensure that we can create an experience that is beneficial for you, it is important that we can adapt to your wants and needs.

Data categories

To hold interesting and successful events, we need various items of personal information.

Depending on the type and location of the event, we process the following, for example:

• Contact information, such as first name and last name, business address, telephone number and e-mail address
• Data for organizing the event, such as invitations, personal requests or travel details
• Documentation regarding your attendance and about safety briefings carried out
• Vehicle registration number for access and parking permits

Photo and video records for publication and documentation

2.7 For satisfaction surveys

Your benefits/our purposes

Good information and a good understanding of the needs and requirements form the basis for the further development of Festo's services. Within the scope of the applicable legislation, Festo may also use your business contact details to carry out customer satisfaction surveys.

You have the right to object to the use of your contact details for these purposes at any time. To do so, send an e-mail to info@festo.com or use the objection option included in this communication.

Data categories

We will inform you specifically about the anonymity of your responses depending on the type and goal of the survey.

If surveys cannot be carried out anonymously, various items of personal data will be processed, such as:

• Contact details, such as first and last name, e-mail address and telephone number
• For specific surveys or differentiated analyses, we process commercial information, such as departments or management responsibility
• The survey can be based on your feedback on a specific business process

If you have expressly granted us consent to process your personal data on an individual basis, this consent forms the legal basis for processing (Article 6(1)(a) GDPR). (California Residents: Please see the “California Residents” section below.)

This consent is granted voluntarily and can be withdrawn at any time with effect for the future.

4.1 Transfer of data by Festo during processing

If necessary, Festo transfers personal data to:

• Internal departments
• Other Festo companies or other third parties, e.g. sales partners or suppliers if this is required for the quote or initiation, execution or processing of the business relationship
• Service providers who process personal data as part of their service provision, e.g. service providers for IT security maintenance activities or event management
• Third parties if this is required for compliance with applicable laws or for legal claims, e.g. in conjunction with arbitration or legal proceedings, involving authorities, administrative bodies, health insurance providers or legal counsel

If recipients are based outside the geographic scope of the GDPR, Festo will take action to ensure that your personal data is protected suitably and appropriately in some other way.

• We therefore only pass your personal information on to Festo subsidiaries on the basis of the Binding Corporate Rules (BCR), with which the members of the Festo Group are obligated to comply.
• Personal data is only transferred to recipients outside the Group if these (i) have concluded EU standard contract clauses with Festo; (ii) have introduced Binding Corporate Rules.

Personal data that you publish via Festo websites (e.g. in chat rooms or forums) may be accessible globally to other users of the Festo websites.

4.2 Social plugins

Festo has integrated social plugins for social networks like Facebook, YouTube, Twitter and Instagram on its websites. If you select one of these social plugins, a direct connection will be established with this provider and your data will be processed by it. If are logged into your user account at this time, the provider can attribute your visit to our websites to your user account.

The data privacy provisions of the network in question apply exclusively to your connection to a social network, the data transfers made between the network and your system and your interactions on this platform. The social plugin will remain active until you deactivate it or delete your cookies.

Cookie notice

If a specific archival period is not specified when the data is gathered, your personal data will be deleted after a defined period of time if it is no longer required to fulfil the purpose, unless legal archival obligations (e.g. archival obligations relating to commercial and tax law) prevent this.

Festo takes the necessary technical and organizational measures to ensure that your personal data is adequately protected.

If our processing of your personal data is based on your consent for us to do so, you have the right to withdraw this consent at any time with effect for the future.

The withdrawal does not affect the legality of any processing that took place based on your consent before the withdrawal.

Under the GDPR, as a data subject, you have the following rights in relation to the processing of your personal data:

• To receive confirmation as to whether Festo has processed your personal data and information about the personal data processed by Festo
• To correct any personal data that is incorrect
• To have the personal data processed by Festo deleted
• To restrict the processing of personal data by Festo
• To transfer the data
• To object to the processing of personal data by Festo

You can find more information and explanations relating to the aforementioned rights on the European Commission’s webpage.

The Festo data privacy organization will support you with any questions you have on data privacy at Festo.

You can submit your complaints relating to Festo and assert your rights as specified in this data privacy statement. You can contact our data privacy organization at datenschutz@festo.com (for global inquiries) or Festo’s data privacy organization will look into your enquiries and complaints as quickly as possible.

In addition to getting in touch with Festo’s data privacy organization, you also have the option to contact the competent data privacy authority.

An overview of the national and international data privacy authorities is available here.

California Civil Code Section 1798.83 permits Sites’ users who are California residents to request certain information regarding our disclosure of personal data to third parties for their direct marketing purposes. To make a request, please contact us: privacy_us@festo.com or fill out the CCPA Request Webform.

Furthermore, California residents have the following rights with respect to personal data we may have collected about them:

(i) Requests to Know

You have the right to request that we disclose:

• The categories of personal data we have collected about you;
• The categories of personal data about you we have sold or disclosed for a business purpose;
• The categories of sources from which we have collected personal data about you;
• The business or commercial purposes for selling or collecting personal data about you;
• The categories of personal data sold or shared about you, as well as the categories of third parties to whom the personal data was sold, by category of personal data for each party to whom personal data was sold; and
• The specific pieces of personal data collected.

You may submit a request to know via [link to request for information.] The delivery of our response may take place electronically or by mail. We are not required to respond to requests to know more than twice in a 12-month period.

(ii) Requests to Delete

You have the right to request that we delete any personal data about you that we have collected. Upon receiving a verified request to delete personal data, we will do so unless otherwise authorized by law. You may submit a request to delete personal data via privacy_us@festo.com

(iii) Authorized Agents

You may designate an authorized agent to make requests on your behalf. You must provide an authorized agent written permission to submit a request on your behalf, and we may require that you verify your identity directly with us. Alternatively, an authorized agent that has been provided power of attorney pursuant to Probate Code sections 4000-4465 may submit a request on your behalf.

(v) Methods for Submitting Consumer Requests and Our Response to Requests

You may submit a request for access and requests to delete personal data about you via:
via email at privacy_us@festo.com

Upon receipt of a request, we may ask you for additional information to verify your identity. Any additional information you provide will be used only to verify your identity and not for any other purpose.

We will acknowledge the receipt of your request within ten (10) days of receipt. Subject to our ability to verify your identity, we will respond to your request within 45 days of receipt. If we require more time (up to 90 days), we will inform you of the reason and extension period in writing. In order to protect your privacy and the security of personal data about you, we verify your request by sending an email to the known address and asking for verification.

If you have an account with us, we will deliver our written response to that account. If you do not have an account with us, we will deliver our written response by mail or electronically, at your option.

Any disclosures we provide will only cover the 12-month period preceding the verifiable consumer request's receipt. The response we provide will also explain the reasons we cannot comply with a request, if applicable.

We do not charge a fee to process or respond to your verifiable consumer request unless it is excessive, repetitive, or manifestly unfounded. If we determine that the request warrants a fee, we will tell you why we made that decision and provide you with a cost estimate before completing your request.

(vii) The Right to Non-Discrimination

You have the right not to be discriminated against for the exercise of your California privacy rights described above.

This link leads to the machine-readable files that are made available in response to the federal Transparency in Coverage Rule and includes negotiated service rates and out-of-network allowed amounts between health plans and healthcare providers. The machine-readable files are formatted to allow researchers, regulators, and application developers to more easily access and analyze data.

Transparency in Coverage Rule