Version 1.0: May 2018
We are pleased that you are interested in our web service www.testo.com and our Testo Cloud service www.saveris.net. The protection of your privacy is very important to us. Testo Limited, Newman Lane, Alton, Hampshire, GU34 2QJ (hereinafter referred to as “Testo”).
Testo sees it as a matter of corporate responsibility to protect data entrusted to the company. To ensure that you feel secure when visiting our website, we strictly observe the statutory provisions during the processing of your personal data and would like to provide you with detailed information on how your data is handled.
1. Who is responsible for the processing of my data?
The responsibility for the processing of your data when you are visiting this website, in accordance with the EU General Data Protection Regulation (GDPR) lies with
Newman Lane, Alton, Hampshire, GU34 2QJ
Phone: +44 1420 544433
For all questions regarding data protection in connection with our products or the use of our website you can also contact our data protection officer at any time. The data protection officer can be contacted at the above postal address as well as the previously specified e-mail address (heading: “FAO Data Protection Officer”).
2. When and for what purpose does Testo collect data concerning you?
2.1. Access data
Each time our website is used, we collect access data, which is automatically transmitted by your browser to enable you to visit the website. The access data includes in particular:
• IP address of the device requesting the connection
• Date and time of the request
• Address of the website called up and the requesting website
• Information on the browser and operating system used
• Online identifiers (e.g. device identifiers, session IDs)
The processing of this access data is required to facilitate the visit to the website and to ensure the long-term functionality and security of our systems. The access data is temporarily stored in internal log files for the previously mentioned purposes, to prepare statistical information on the utilisation of our website, to enhance our website in view of the usage habits of our visitors (e.g. if the proportion of mobile devices calling up the pages increases) and to generally administratively maintain our website. The legal basis is Art. 6, Para. 1, Sentence 1 b GDPR.
The information stored in the log files does not allow any direct conclusions as to your person.
2.2. Making contact
There are various options for contacting us. These include the contact and service request form as well as contact via e-mail. It is evident from the respective input forms, as to which data is collected in each case. In this connection, we process data solely for the purpose of communicating with you. The legal basis is Art. 6, Para. 1 b GDPR. The data we collect when using the contact form is automatically deleted when your enquiry has been completely processed, unless we still require your request to fulfil contractual or statutory obligations (see section “When will your data be deleted?”).
2.3. Registration in online shop and Testo Cloud
You have the opportunity to register for our login area in the online shop and in the Testo Cloud, to enable you to benefit from the full range of functions of our website and the Testo Cloud. It is evident from the respective input forms, as to which data is collected in each case. We have indicated which data is mandatory by marking the respective fields as required fields. Without this data it is not possible to register. The legal basis of the processing is Art. 6, Para. 1 b GDPR.
2.4. Ordering in the online shop
During the order process, we collect the mandatory information required for the processing of the contract:
• Name and surname
• billing and shipping address
• Telephone number
Details such as customer number, company details and your function can be optional, to enable us to assign your order to a suitable account manager. The legal basis of the processing is Art. 6, Para. 1, Sentence 1 b GDPR.
For the purpose of contract performance, we pass your details to the shipping company instructed with the delivery, to the extent that this is required for the delivery of the goods ordered. Depending on which payment service provider you select during the order process, we pass the payment details collected for the purpose of payment processing to the financial institution instructed to process the payment and, if appropriate, to the payment service provider instructed by us, or to the selected payment service.
If Testo is providing payment in advance, e.g. in the case of a purchase on account, to protect our legitimate interests, Testo reserves the right to make enquiries on identity and creditworthiness with service providers specialised in this - CreditServe Business Information Ltd, Lyric House, St Andrew Street, Hertford, SG14 1JA - or to make the granting of certain payment terms contingent upon a credit check. The credit report can contain probability values (score values), which are calculated on the basis of scientifically proven mathematical-statistical procedures, where the address data, among other information, flows into the calculation. The information received regarding the statistical probability of a payment default is used by us for a balanced decision on the rationale, implementation or termination of the contractual relationship. Your legitimate interests are considered in accordance with the statutory provisions.
2.5. Newsletter by Testo
You have the opportunity to order our newsletter where we inform you about new features in our products and promotions.
To order our newsletter, we use the so-called double opt-in procedure, i.e. we send you newsletters via e-mail only when you confirm in our notification e-mail that you are the holder of the specified e-mail address by clicking a link. If you confirm your e-mail address, your e-mail address, the time of registration and the IP address used for registration will be stored by us until you cancel the newsletter subscription. The purpose of the storage is solely to send you the newsletter and be able to verify your registration. You can cancel the newsletter subscription at any time. An appropriate “unsubscribe” link for this purpose is provided in each newsletter. A notification to the contact as provided above or in the newsletter (e.g. via e-mail or letter) is of course also sufficient. The legal basis for the processing is your consent in accordance with Art. 6, Para. 1 a GDPR.
The newsletter subscription can be cancelled anytime, e.g. via the unsubscribe link contained in each newsletter. Alternatively, you can also address your wish to cancel the newsletter to the above-mentioned contact data.
2.6. Testimonials and competitions at Testo
If you are participating in one of our testimonials, we use your data for market and opinion research as well as for product optimisation. We analyse data categorically only for internal purposes. If, exceptionally, testimonials are not analysed anonymously, the data will be collected only with your consent. For evaluations relating to person, the legal basis is the above-mentioned consent in accordance with Art. 6, Para. 1, Sentence 1 a GDPR.
During competitions, we use your data for the purpose of carrying out the competition and winner notification. Detailed instructions can be found in our conditions of participation for the respective competition. The legal basis of the processing is the competition agreement in accordance with Art. 6, Para. 1, Sentence 1 b GDPR.
2.7. Applications for positions at Testo
You can apply for open positions at Testo via the normal channels, recruitment websites, advertisement or recruitment agencies. The purpose of collecting data is the selection of applicants for the potential creation of an employment relationship. For the reception and processing of your application, we collect the following data:
• Name and surname
• E-mail address
• Telephone number
• Date of birth
• Salary requirement
• Notice period
• Application documents (e.g. certificates, CV)
The legal basis for the processing of your application documents is Art. 6, Para. 1, Sentence 1 b and Art. 88, Para 1 GDPR in conjunction with national data protection law.
2.8. Other cases of balancing of interest (Art. 6, Para. 1 f GDPR)
We can also use your data on the basis of a balancing of interest for the protection of our legitimate, usually economic interests or those of third parties, whereby if possible we process pseudonymised or anonymised data. This is done for the following purposes:
• Monitoring and improvement of the effectiveness and legal security of business processes
• Credit assessments
• Monitoring, optimisation and further development of services and products
• Conducting of advertising (e.g. postal advertising, re-targeting), market and opinion research
• Assertion of legal claims and defence in legal disputes
• Detention, prevention and solving of crimes
• Safeguarding the security and operating ability of our IT systems
2.9. To fulfil other legal obligations (Art. 6, Para. 1 c GDPR)
We are subject to various legal obligations, e.g. legal retention requirements regarding business documentation as well as export regulations.
3. Disclosure of your data
Insofar as external service providers are used (hosting providers, application management, shipping service provider etc.) to operate this website or to provide services via a Testo Group company, or another Testo Group company is responsible for the processing, the companies concerned receive the access to your data only to the extent necessary for the fulfilment of their respective tasks and functions.
Insofar as these service providers and Testo Group companies process their data outside the European Union, this can lead to your data being transmitted to a country which does not offer the same data protection standards as the European Union. In this case we will ensure that the respective recipients of your data contractually or otherwise guarantee a level of data protection that is equivalent to that of the European Union. You can request a copy of these guarantees.
You can deactivate the option to store these cookies at any time in the system settings of your browser and delete existing cookies. Every user can also view the website without cookies. If you do not accept any cookies, this can, however, lead to a restriction in the functionality of our website.
Cookies required to carry out the electronic communication process or to provide specific functions you requested (e.g. use of the shopping basket), are stored on the basis of Art. 6, Para. 1 f. The operator of the website has a legitimate interest in storing cookies for the purpose of the technically smooth and optimised provision of its services. Insofar as other cookies (e.g. cookies for the analysis of surfing habits) are stored, these are dealt with separately in this privacy statement in the following section.
The legal basis for the data processing described in the following section is Art. 6, Para 1, Sentence 1 f GDPR, based on our legitimate interest to present personalised advertisements to you.
In the following section we would like to explain to you these technologies and the service providers deployed for this purpose in more detail.
The collected data can include the following data, in particular:
• The IP address of the device
• The date and time of the access
• The identification number of a cookie
• The device identification of mobile devices
• Technical information on the browser and the operating system.
The data collected is, however, stored only pseudonymously, so that it is not possible to make any direct conclusion as to the individuals.
In the following descriptions of the technologies we use, you will find information on the options for objection regarding our analysis and advertising measures by way of a so-called opt-out cookie. Please note that after the deletion of all cookies in your browser or the later use of another browser and/or profile, another opt-out cookie must be placed.
Below, are the options for objection regarding your analysis and advertising measures. Alternatively, you can raise your objection via corresponding settings on the websites Truste, NAI, DAA or Your Online Choices, where options for objecting are provided by many advertisers combined. This page permits the listed service provides to deactivate all advertisements at once, by way of opt-out cookies, or alternatively, to handle the setting for each provider individually.
5.1 Google (Universal) Analytics
Google will process the information obtained by the cookies to evaluate your use of the website, to compile reports on the website activities for the website operators, and to provide other services connected to the website use and internet usage.
As shown above, you can configure your browser in such a way that it rejects cookies, or you can prevent the capture of the data generated by cookies and related to your use of our website in the cookie settings of the privacy statement by Google. Alternatively, you can also prevent the processing of such data by Google, by downloading and installing the browser add-on provided by Google (the latter does not work with mobile terminal devices).
Further information to that end can be found in the Privacy statement by Google Analytics.
Google Analytics cookies are stored on the basis of Art. 6, Para. 1 f GDPR. The website operator has a legitimate interest in analysing the user habits to optimise its website as well as his advertising.
5.2 Visual Website Optimizer
Our website uses Visual Website Optimizer (VWO). This is a web analysis service provided by Wingify, 14th Floor, KLJ Tower North, Netaji Subhash Place, Pitam Pura, Delhi 110034, India. We carry out these analyses in accordance with the provisions of the data protection law and in particular, we do not use any personal data. These analyses are carried out to learn more about the use of our website, whereby we are able to improve our service for you and make it easier to find.
If you do not want anonymous data on your use of our website to be stored by Visual Website Optimizer, you can object to the use. Visual Website Optimizer offers a link on the website, which enables you to submit an objection to the data collection (opt-out) with one click. Subsequently, no further data is captured by Visual Website Optimizer. In technical terms, in case of an opt-out, it is necessary to set a cookie for the deactivation of the Visual Website Optimizer Analysis Tool. This opt-out declaration is valid as long as you do not delete the cookie. The opt-out cookie is only valid in the browser with which you have carried out the opt-out procedure. If you are using our website via several computers or separate browsers, we would recommend for you to set the opt-out cookie for each computer and browser.
You can object at any time to the future storage of your anonymously captured visitor data on the website https://vwo.com/opt-out by entering the web address in the field intended for this purpose. Alternatively, you can click on the link “Disable VWO” on the same page, to raise an objection for all internet pages using Visual Website Optimizer. Further information on data protection can be found on: https://vwo.com/privacy-policy/.
Visual Website Optimizer is stored on the basis of Art. 6, Para. 1 f GDPR. The website operator has a legitimate interest in showing relevant product offers to the user, as part of the optimisation of the user experience on the website to customise it.
5.3 Google AdWords Conversion-Tracking and Remarketing
If you are using a Google account, depending on the settings in the Google account, Google is able to link your web and app browser history with your Google account and use information from your Google account to personalise advertisements. If you do not want such a link to your Google account to be made, you need to log out of Google before calling up our contact page.
5.4 LinkedIn Conversion-Tracking
We are using the Re-targeting-tool LinkedIn Conversion Tracking of LinkedIn Ireland, Wilton Plaza, Wilton Place, Dublin 2, Ireland (»LinkedIn«). For this purpose, the LinkedIn Insight Tag is integrated in the website of Testo, enabling LinkedIn to collect statistical, pseudonym data about your visit to and use of our website and to provide us with corresponding aggregated statistics on this basis. Furthermore, this information assists in facilitating the advertising of offers and recommendations tailored to your interests. You can prevent the storage of cookies via a browser setting. Alternatively, you can object to this form of data processing, by setting an opt-out cookie via the following link such cookie will remain on your device until you delete the cookies. This option is available to LinkedIn members as well as for non-members.
Further information to this can also be found in the data protection provisions of LinkedIn.
6. Use of functions of further providers
6.1. Conversion reading and website customer audiences with the Facebook pixel
We are use the Facebook pixel or visitor promotion pixel of Facebook Inc., 1601 S. California Ave, Palo Alto, CA 94304, USA (hereinafter: Facebook) on our websites. By calling-up this pixel via your browser, Facebook can subsequently see if a Facebook advertisement was successful. This is, for example, the case when a purchase has been made on a website. For this purpose, we receive exclusively statistical and anonymised data from Facebook, without reference to a specific person. This enables us to record the effectiveness of Facebook advertisements for statistical and market research purposes and to improve our services.
We also use the Facebook pixel for the “Website Custom Audiences” function. We would like to point out that, as provider of the websites, we do not have any knowledge of the contents of the transmitted data, nor their utilisation by Facebook. We can merely choose which segment of Facebook users (such as age, interests) should be shown our advertisement. For this purpose, we use one of two procedures of custom audiences, where no data sets, in particular no e-mail addresses of our users - whether encrypted nor unencrypted - can be transmitted to Facebook.
Via the pixel graphics, Facebook receives, inter alia, the information from your browser that our page has been retrieved by your terminal. If your browser permits cookies and you are not participating in the opt-out procedure, Facebook creates a cookie to enable it to recognise you . If you are logged into Facebook or log in later, the data can be assigned to your Facebook account, whereby personal data is processed.
In particular, if you are registered with Facebook, for further information refer to their data protection information https://www.facebook.com/about/privacy/. Please click here, if you would like to revoke your consent to the Facebook pixel.
Facebook pixel is stored on the basis of Art. 6, Para. 1 f GDPR. The website operator has a legitimate interest in inserting offers tailored to the user, against the background of user-relevant advertising.
We are using Eloqua to personalise the communications with you. When you are visiting our websites for the first time, a cookie of the third-party provider Oracle (eloqua.com) is stored in your browser. This cookie is used to record the pages you have visited during the session. Even if this cookie is set on other websites, the information on the visit to our websites is only visible to us and is neither shared with Oracle nor with other users of the Eloqua system. Likewise, we are not able to record or see information on your visits to other websites via this cookie.
6.3 Embedded YouTube videos
We have integrated videos in our website, which are stored at YouTube and which can be played directly from our websites. YouTube is a multimedia service of YouTube LLC, 901 Cherry Ave., San Bruno, CA 94066, USA (“YouTube”), a Group company of Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA („Google“). When personal data is transmitted to the USA, Google and the Group company YouTube has subjected itself to the EU-US Privacy Shield. The legal basis is Art. 6, Para. 1, Sentence 1 f GDPR, based on our legitimate interest in the integration of video and image contents.
When you visit our website, YouTube and Google receive the information that you have retrieved the corresponding subpage of our website. This happens regardless of whether you are logged in YouTube or Google or not. YouTube and Google use this data for the purposes of advertising, market research and appropriate design of their websites. If you are calling up YouTube on our website while you are logged in your YouTube or Google profile, YouTube and Google are also able to link this event to the respective profiles. If you do not want such a link to be made, you need to log out of Google before calling up our website.
You can configure your browser as shown above in such a way, that it rejects cookies, or you can prevent the capture of data produced via cookies and related to your use of this website, as well as the processing of such data by Google, by deactivating the button “Ads personalization” in the Google settings for advertising. In this case, Google will only show advertisements that are not personalised.
Further information can be found in the data protection notices by Google, which also apply to YouTube.
YouTube is used in the interest of an appealing presentation of our online websites. This is a legitimate interest in accordance with Art. 6, Para. 1 f GDPR.
6.4. Use of Google Maps
Our website uses the map service Google Maps, by Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA (“Google“). To ensure that the Google map data used by us can be integrated and shown in your web browser, when calling up the contact page, your web browser must connect to a Google server, which can also be located in the USA. When personal data is transmitted to the USA, Google has subjected itself to the EU-US Privacy Shield. Google hereby receives the information that the contact page of our website has been called up by the IP address of your device. The legal basis is Art. 6, Para. 1, Sentence 1 f GDPR, based on our legitimate interest in the integration of a map service to establish contact.
If you are calling up the Google map service on our website while you are logged into your Google profile, Google is also able to link this event to your Google profile. If you do not want this link to your Google profile to be made, you need to log out of Google before calling up our contact page. Google stores your data and uses it for the purposes of advertising, market research and personalised presentation of Google Maps. You can object to the collection of this data by Google.
7. Use of social plugins
We offer the opportunity to use so-called “social media buttons” in our online shop. These buttons are integrated in our online shop merely by way of graphics, which contain a link to the corresponding website of the button provider. By clicking the graphic, you are forwarded to the services of the respective providers. Only then is your data sent to the respective providers. If you do not click on the graphic, there is no exchange between you and the providers of the social media buttons. Information on the collection and use of your data on the social networks can be found in the respective terms and conditions of use of the corresponding providers.
We have integrated the social media buttons of the following companies into our website:
Facebook Inc. (1601 S. California Ave - Palo Alto - CA 94304 - USA)
Twitter Inc. (795 Folsom St. - Suite 600 - San Francisco - CA 94107 - USA)
Google Plus/Google Inc. (1600 Amphitheatre Parkway – Mountain View - CA 94043 - USA)
8. When will your data be deleted?
In principle, we store personal data only as long as this is required for the fulfilment of contractual or legal obligations which are the reason for the collection of the data. After that, we delete the data immediately, unless we require the data until the expiry of the legal limitation periods for the purposes of evidence in civil claims or due to statutory retention requirements.
For evidentiary purposes, we have to retain contract data for three years after the end of the year the business relationship with you ends. According to statutory limitation periods, potential claims become time-barred no earlier than at this point in time.
After that, we still have to store part of your data for accounting purposes. We have an obligation to do so due to legal documentation requirements, which can arise from the Commercial Code, the Tax Code, the Banking Act, the Money Laundering Act and the Securities Trading Act. The retention periods for documents specified in the above legislation are two to ten years.
9. What are your data protection rights?
You have the right at any time to request information on the processing of your personal data by us. We will explain the data processing to you within the course of providing this information and furnish you with an overview of your stored personal data.
If data stored by us should be incorrect or no longer up-to-date, you have the right for this data to be corrected.
You can also request the deletion of your data. Should the deletion exceptionally not be possible due to other legal provisions, then the data is blocked, so that it is only available for this legal purpose.
Furthermore, you can restrict the processing of your data, e.g. if you are of the opinion that the data stored by us is not correct. You also have the right to data portability, in other words, upon your request, we forward a digital copy to you, containing the personal data that you have provided.
In order to assert the rights described here, you may contact us at any time, via the above-mentioned contact details. This also applies if you wish to receive copies of guarantees for evidence of a reasonable level of data protection.
Furthermore, you have the right to object to the data processing, which is based on Art. 6, Para. 1 e or f GDPR. Finally, you have the right to lodge a complaint at the data protection supervisory authority responsible for us. You can exercise this right at a supervisory authority in the member state of your residence, your employment or the place of the suspected breach.
10. Right of revocation and objection
You have the right, in accordance with Article 7, Para. 2 GDPR, to revoke consent once granted to us, at any time. As a consequence, we shall in future no longer continue to process the data that is the object of the consent. The revocation of the consent does not affect the lawfulness of the processing based on the consent up to the time of the revocation.
Insofar as we are processing your data on the basis of legitimate interests in accordance with Art. 6, Para. 1, Sentence 1 f GDPR, you have the right in accordance with Art. 21 GDPR, to raise an objection against the processing of your data, insofar as there are grounds for this, which arise from your special situation or where the objection is directed against direct advertising. In the latter case, you have a general right of objection, which we shall implement also without the need for you to give reasons.
If you wish to use your right to revoke or your right of objection, an informal notification to the above-mentioned contacts is sufficient.
11. Data security
We maintain current technical measures to safeguard data security, in particular for the protection of your personal data against risks during data transmissions as well as against third parties acquiring knowledge of your personal data. These are correspondingly adjusted to the current state of the art. To secure the personal data specified by yourself on our website, we use Transport Layer Security (TLS) which encrypts the information you enter.
12. Amendment of the Privacy Statement
We occasionally update this Privacy Statement, for example when we are adjusting our website or if the legal or official requirements change.
13. Payment Provider
Testo SE & Co. KGaA
Handelsregister Freiburg, HRB 715057
WEEE-Reg.-Nr. DE 75334352
Vorstand: Prof. Burkart Knospe (Vorstandsvorsitzender), Jürgen Hinn
Aufsichtsrat: Anne-Kathrin Deutrich (Vorsitzende)
Telefon: +49 7653 681 0
Telefax: +49 7653 681 1559