Added to cart
Added to cart
Go to shopping cart

Privacy Policy

Hilti does not only have a reputation for providing quality products and excellent customer service but is also committed to protecting your privacy in the online sphere.
Your privacy matters to Hilti so whether you are new to Hilti or a long-time user, please read this notice carefully – and if you have any questions contact us.
If you have a privacy concern, complaint, or a question regarding our electronic or digital services please contact our Data Protection Officer at Hilti by using our Web form.

This Privacy Notice describes how we collect, process and use your personal data when you visit and/or register with our services, websites and apps and the choices we offer, including how to access and update information.

Unless otherwise stated, Hilti AG is the data controller for personal data we collect through the services, websites and apps subject to this Privacy Notice. Our headquarter office address is

Hilti AG
Feldkircherstrasse 100,
9494 Schaan
Liechtenstein

The Datenschutzstelle des Fürstentums Liechtenstein (Data Protection Authority) is our data protection supervisory authority for the European Union, the European Economic Area and Switzerland. The data protection officer of Datenschutzstelle des Fürstentums Liechtenstein can be reached at the following address:

Datenschutzstelle des Fürstentums Liechtenstein
Head of the data protection authority: Dr. Marie-Louise Gächter-Alge
Städtle 38
9490 Vaduz
Phone: + 423 236 60 90
info.dss@llv.li

 

You have the right to lodge a complaint also with your local supervisory authority: You can find the competent one on the official EU website.

Terms used in this Privacy Notice shall have the following meaning: 
Terms like “we”, “us”, “our”, etc. in this Privacy Notice refer to the above mentioned responsible parties (henceforth also referred to as “Hilti”).
Terms like “you”, “your”, “yours”, etc. refer to you as a natural person.
The term “personal data” as used in this Privacy Notice means any information - whether such information was entered by you, collected from you or otherwise obtained -  relating to an identified or identifiable natural person (‘data subject’). An identifiable natural person is one who can be identified, directly or indirectly, by reference to an identifier like in our case such as a name, company, a Hilti identification number or other technical online identifiers.

TABLE OF CONTENTS

1. Who is responsible for the proper handling of your personal data?
2. When does this Privacy Notice apply?
3. What types of personal data do we collect, process and use?
4. Why and with whom do we share personal data?
5. Will personal data be transferred abroad?
6. Why and for how long do we retain personal data?
7. What privacy choices do you have?
8. What else do we do to protect your personal data?
9. Use of cookies and similar technologies
10. Links to other websites
11. Compliance and cooperation with regulatory authorities
12. How are changes to this Privacy Notice communicated?
13. Contact us

1.     Who is responsible for the proper handling of your personal data?

The party responsible for the collection, processing and use of personal data is Hilti AG as the provider of the services, websites and apps, in most cases and depending on the requested service jointly together with one or more of its affiliates.

2.     When does this Privacy Notice apply?

This notice applies to all Hilti services, websites and apps that link to this document.

This Privacy Notice does not apply to services offered by other companies or individuals, including products or sites that may be displayed to you in search results, sites that may include Hilti services, or other sites linked from our services.

Our Privacy Notice does not cover the information practices of other companies and organizations who advertise our services, and who may use cookies, pixel tags and other technologies to serve and offer relevant ads.

3.     What types of personal data do we collect, process and use?

Personal data that we collect, process and use in connection with the services, websites and apps includes not only information that we actively collect while you interact with us but also information that you provide to us over the customer service, the Hilti stores and our sales team.

 

Data subject

Log information and local storage

Device information

Location information and unique application numbers

USER of our online services, websites and apps

user preferences (e.g., preferred language settings)

automatically log files for troubleshooting and security purposes (e.g. to fend off hacker attacks)

log for crash report, and in exceptional cases, such as when malfunctions, errors or security incidents have occurred, a manual analysis of the logs may be performed by us or by our authorized service providers

date and time of the request

name, URL and amount of data transferred for the requested file

report indicating that the retrieval was successful or the reason for its failure

type and version of the operating system of the requesting computer (if transmitted)

screen resolution and color depth (if transmitted)

type and version of the browser used (if transmitted)

language setting and plugins installed on the browser used (if transmitted)

cookies that uniquely identify your browser

 

IP address, operating system, browser type, browser version, browser configuration

name of internet service provider, and other types of computer and connection related information relevant to identifying your type of device connecting to the web-site, enabling data exchange with you and your device, and ensuring a convenient use of the services, websites and apps

URL and IP address of the website from which you accessed, or were directed to our website, including date and time

subpages visited while on our website, links followed on the website, including date and time

subpages visited including date, time and time spent on page – on the apps

the full Uniform Resource Locator (URL) click stream to, through and from the website, including date and time     

device event information such as crashes, system activity, hardware settings, browser type, browser language, the date and time of your request and referral URL

 

LOGGED IN CUSTOMER

If you use the HILTI services, websites and apps as a registered user or customer, we collect, process and use additional data (including personal data) as described below:

name, title and address

personal contact information (phone, email, fax, etc.)

login name and password

Hilti account number

service requests and orders placed

shopping history, including open and completed transactions

search terms entered

services/products viewed or searched for on the website;

shopping cart and payment information

newsletter subscriptions, enrollment for promotions, use of special offers

consents, authorizations, etc. granted

survey answers, reviews, ratings and other types of feedback provided

content of any communication sent through our services, websites and apps, including any information posted in social communities on the website or otherwise shared with Hilti and/or other users, as well as chat messages and chat transcripts

for Crash report log, we track the UserID and the error log of the crash

manual analysis performed to monitor and to ensure the stability of our services, websites and apps

 

We also reserve the right to evaluate the log files for statistical purposes in an anonymized form. Anonymized means that personal or customer-related data is modified in such a way that the individual information can no longer be attributed to a person or a customer, or at least only with a considerable and disproportionate investment of time, expense and manpower.

 

-information about the registered user provided during the registration process, such as first name and surname, email address, telephone number, position within a company or department

user name and password when logging in as a registered user

device-specific information (such as your hardware model, operating system version, unique device identifiers, and mobile network information including phone number). Hilti may associate your device identifiers or phone number with your Hilti Account.

actual location, using various technologies to determine location, including IP address, GPS (in certain services and apps - record the GPS location of the smartphone / device ONLY when a user uses it to scan a tool. We don’t then continuously track the GPS location), and other sensors that may, for example, provide Hilti with information on nearby devices, Wi-Fi access points and cell towers

 

behavior data on the apps – i.e. what actions has the user taken, what buttons has he clicked etc. These are actions taken by the user within a page.

 

Certain services include a unique application number. This number and information about your installation (for example, the operating system type and application version number) is sent to Hilti when you install or uninstall that service or when that service periodically contacts our servers, such as for automatic updates.

COMPANY DATA

- name, address, department, contact information and other information in relation to a company that you represent and your function within this company

- customer number

- VAT number

- delivery address

- business email address,

- invoice address

- order number

- password  

- payment information

- bank account information

- credit card information

- business telephone number

- business mobile phone number

 

 

 

- company

- contact language  

- customer advisor / point of contact

- importance of customer  

- organizational unit

- participation in campaigns or events

- postal code

-product History

- region

- returns

- order number

 

 

We will seek your consent before collecting, processing and using your personal data for the above-mentioned purposes, where legally required. Likewise, if we wish to use your personal data for a new or different purpose, we will notify you thereof and will only make such other use if it is required or permitted by applicable law or if you have consented to it.

Any access to your personal data at Hilti is restricted to those individuals that have a need to know in order to fulfill their job responsibilities. For the purposes mentioned above, only a limited number of individuals within Hilti (e.g. individuals in sales, support, legal, finance, IT and accounting departments, as well as certain managers with assigned responsibility) will receive access to your personal data.

When you contact Hilti, we keep a record of your communication to help solve any issues you might be facing. We may use your provided email address or phone number to inform you about our services, such as letting you know about upcoming changes or improvements.

Depending on your settings, your activity on other Hilti websites and apps may be associated with your personal information in order to improve Hilti’s services and the ads delivered by Hilti.

4.     Why and with whom do we share personal data?

We do not sell, trade or rent out your personal data.

For the purposes mentioned in this Privacy Notice we disclose, transfer or otherwise share your personal data, with other entities of the Hilti group of companies to the extent described in the following or as agreed by you in a specific context (e.g., where you consenting to other types of data transfers in connection with enrolling for a specific service). Whenever sharing personal data, we do strictly comply with applicable laws.

We do not share personal information with companies, organizations and individuals outside of Hilti unless one of the following circumstances applies:

Consent: We will share personal information with companies, organizations or individuals outside of Hilti when we have your consent to do so. We require opt-in consent for the sharing of any personal information.

External processing: We provide personal information to our third-party service providers under appropriate instructions as necessary for the respective processing purposes, to perform specific tasks on our behalf and under our instructions. Any third-party provider will have access only to such personal data needed to perform its specific tasks, and only to perform these. We will ensure that any third-party service provider is aware of and abides to these duties. We will also ensure that any third-party service provider treats your personal data no less protective as required by applicable data protection laws and that they adopt adequate technical and organizational security measures based on our instructions and in compliance with our Privacy Notice and any other appropriate confidentiality and security measures.

Legal reasons: Without limitation, this include cases in which we are required to share personal data by law or binding order of courts, law enforcement authorities or regulators. Should we decide to disclose personal data in such context we will also consider ways of reducing the scope of the disclosure, for instance by redacting the information provided. 

5.     Will personal data be transferred abroad?

Hilt’s data storage locations are chosen to operate efficiently, to improve performance, and to create redundancies to protect the data in the event of an outage or other problem. We take steps to ensure that the data we collect under this Privacy Notice is processed according to the provisions of this Notice and the requirements of applicable law wherever the data is located.

It is Hilti’s policy to process your personal data only in countries in which the applicable data protection laws provide the same degree of data protection than in the EU/EEA or Switzerland or provide the same level of protection regarding the adequacy decision by the European Commission.

6.     Why and for how long do we retain personal data?

To the extent technical possible Hilti is striving in all of its Hilti services, websites and apps to retain personal data no longer than necessary for the described purposes in this notice and/or as required or permitted under applicable law. 

The following table gives an overview of the processing activities of Hilti services, websites and apps with their purpose of the data collection, their type, the legal basis and the applicable data retention periods.

 

Purposes of the Processing

Type of Personal Data and Information on Cookies Used (if applicable)

Legal Basis for the Processing

Retention Period

To provide, maintain, protect and improve our services, websites and apps, to develop new ones, and to protect Hilti and our customers.

·Login name and password (encrypted storage);

·User profile information (i.e., first name, name, email address, phone number, address);

·User preferences (e.g., preferred language settings);

·IP address, operating system, browser type, browser version, browser configuration, name of internet service provider, and other types of computer and connection related information relevant to identifying your type of device, connecting to the services, websites and apps, enabling data exchange with you and your device, and ensuring a convenient use of the services, websites and apps;

·If you use the mobile version of the services, websites and apps: information on the operating system of your mobile device, used services, websites and apps version, name of internet service provider, and other types of device and connection related information relevant to improve the mobile services, websites and apps, connecting to our servers, enabling and facilitating synchronization services and support for the mobile apps;

·URL and IP address of the website from which you accessed, or were directed to our services, websites and apps, including date and time;

·Subpages visited and functions used when using services, websites and apps, links followed from the services, websites and apps, including date and time;

·The full Uniform Resource Locator (URL) click stream to, through and from the services, websites and apps, including date and time;

·Search terms entered;

·Consents and authorizations granted

Legitimate interests (Art. 6 (1) (f) GDPR) / required for the performance of a contract (Art. 6 (1) (b) GDPR)

36 months

 

 

To facilitate and process product and service orders placed on the services, websites and apps

·Bank and accounting records of Companies

·login name and password

·Hilti account number

·service requests and orders placed

·shopping history, including open and completed transactions

·search terms entered

·services/products viewed or searched for on the website;

·shopping cart and payment information

·newsletter subscriptions, enrollment for promotions, use of special offers

·consents, authorizations, etc. granted

·survey answers, reviews, ratings and other types of feedback provided

·content of any communication sent through our services, websites and apps, including any information posted in social communities on the website or otherwise shared with Hilti and/or other users, as well as chat messages and chat transcripts

 

Required for the performance of a contract (Art. 6 (1) (b) GDPR)

10 years after expiry of the contract

Where applicable, to establish, execute or terminate contracts in connection with your use our services, websites and apps, such as orders placed via the Hilti Online Shop; or service agreements e.g. On!Track app

Personal data contained in contracts, communications, and business letters

VAT records and Customs & Excise returns

required for the performance of a contract (Art. 6 (1) (b) GDPR)

As long as the account is active + 6 years after expiry of the contract

To answer your questions and respond to the requests you make in connection with the provision of technical support or other customer services and Customer Chats

· Name and email address;

· Information on the device used (browser type, IP-address and Java version)

· Date and time of the chats;

· Content of any communication sent through the chats (chat protocol);

· Hilti account number;

· Hilti ID

· Transcripts from online chats with our customer service

Consent (Art. 6 (1) (a) GDPR or

Legitimate interests (Art. 6 (1) (f) GDPR):

The processing of personal data is necessary to answer the respective request of the website user which otherwise cannot be fulfilled. Therefore, the processing is justified on the basis of legitimate interests.

Six Months (for quality control and evidence purposes)

To make our website more user-friendly and to gain an insight into the usage behavior of visitors to our website and users of our apps and software, on a pseudonymous basis and across multiple devices, for advertising and market research purposes and to enable us to tailor website content to individual preferences

To perform analytics and conduct customer research, including general market research or surveying our customers' needs and opinions on specific issues, generating sales and traffic patterns, and to analyze advertising effectiveness, both on an anonymous basis (e.g., by aggregating data) or on an individual basis (if legally permissible);

· Login name and password (encrypted storage);

· User profile information (i.e., first name, name, email address, phone number, address);

· User preferences (e.g., preferred language settings);

· IP address, operating system, browser type, browser version, browser configuration, name of internet service provider, and other types of computer and connection related information relevant to identifying your type of device, connecting to the services, websites and apps, enabling data exchange with you and your device, and ensuring a convenient use of the services, websites and apps;

· If you use the mobile version of the services, websites and apps: information on the operating system of your mobile device, used services, websites and apps version, name of internet service provider, and other types of device and connection related information relevant to improve the mobile services, websites and apps, connecting to our servers, enabling and facilitating synchronization services and support for the mobile apps;

· URL and IP address of the website from which you accessed, or were directed to our services, websites and apps, including date and time;

· Subpages visited and functions used when using services, websites and apps, links followed from the services, websites and apps, including date and time;

· The full Uniform Resource Locator (URL) click stream to, through and from the services, websites and apps, including date and time;

· Search terms entered;

· Consents and authorizations granted

Consent (Art. 6 (1) (a) GDPR

36 months

To enable you to use our services, websites and apps as a registered user

· name, title and address

· personal contact information (phone, email, fax, etc.)

· login name and password

· Hilti account number

· service requests and orders placed

· shopping history, including open and completed transactions

· search terms entered

· services/products viewed or searched for on the website;

· shopping cart and payment information

· newsletter subscriptions, enrollment for promotions, use of special offers

· consents, authorizations, etc. granted

· survey answers, reviews, ratings and other types of feedback provided

· content of any communication sent through our services, websites and apps, including any information posted in social communities on the website or otherwise shared with Hilti and/or other users, as well as chat messages and chat transcripts

Consent (Art. 6 (1) (a) GDPR

As long as the account is active + 7 years

To prevent abusive or illegal use of our services, websites and apps Compliance with legal obligations, resolving disputes, and enforcement of our agreements; 

· Name, title and address;

· Personal contact information (phone, email, fax, etc.);

· Name, address, department, contact information and other information in relation to a company that you represent (if any) and your function within this company;

· Hilti account number;

· VAT number;

· Service requests and orders placed;

·  Shopping history, including open and completed transactions;

· User profile information;

· Shopping cart and payment information;

· Information on software downloaded from the website;

 

· Automatically log files for troubleshooting and security purposes (e.g. to fend off hacker attacks)

· log for crash report, and in exceptional cases, such as when malfunctions, errors or security incidents have occurred, a manual analysis of the logs may be performed by us or by our authorized service providers

· date and time of the request

· name, URL and amount of data transferred for the requested file

· report indicating that the retrieval was successful or the reason for its failure

· type and version of the operating system of the requesting computer (if transmitted)

· screen resolution and color depth (if transmitted)

· type and version of the browser used (if transmitted)

· language setting and plugins installed on the browser used (if transmitted)

· cookies that uniquely identify your browser

 

Legitimate interests (Art. 6 (1) (f) GDPR)/ IT security measure and compliance with a legal obligation (Art. 6 (1) (c) GDPR)

Log files are deleted after 90 days

Evaluation of your eligibility for certain types of offers, products or services

• Name, title and address;

• Personal contact information (phone, email, fax, etc.);

• Name, address, department, contact information and other information in relation to a company that you represent (if any) and your function within this company;

• Hilti account number;

• VAT number;

• Service requests and orders placed;

• Shopping history, including open and completed transactions;

• User profile information;

• Confirmation of being either a private or a professional user;

• Newsletter subscriptions, enrollment for promotions, use of special offers, etc.

• Consents, authorizations, etc. granted;

Consent (Art. 6 (1) (a) GDPR)

90 days

To communicate with you on other matters (e.g., to send you reminders, technical notices, updates, security alerts, support and administrative messages or service bulletins);

· Email address

· Country

·  Language

· Date of last contact

· Mobile phone number

· Hilti ID

Consent (Art. 6 (1) (a) GDPR or

Legitimate interests (Art. 6 (1) (f) GDPR):

The processing of personal data is necessary to the use of our services, websites and apps which otherwise cannot be fulfilled. Therefore, the processing is justified on the basis of legitimate interests.

 

To provide you with information about products and services that may be of interest to you performed through traditional mail, email, telephone, fax, newsletter, text/SMS, and MMS messaging, including periodic sending of promotional materials on products, services and promotions of Hilti specifically dedicated to you (direct marketing);

 

To administer surveys, competitions, prize draws, or other activities or events in which you have voluntarily taken part                              

· Email address

· Country

· Language

· Consent state with date

· Date of last contact

· Mobile phone number

· Hilti ID

Consent (Art. 6 (1) (a) GDPR

3 years after last direct marketing contact

 

 

 

 

12 months after completion of the survey

 

7.     What privacy choices do you have?

Your trust makes our services, websites and apps work better for you. We keep it private, secure and put you in control for your preferences.

We aim to maintain our services, websites and apps in a manner that protects information from accidental or malicious destruction. Because of this, after you delete information from our services, websites and apps we may not immediately delete residual copies from our active servers and may remove information from our backup systems only after certain timeframes in accordance with applicable laws (see pt. 6).

  1.  You can set your marketing preferences at any time through the Hilti privacy dashboard or the customer service.  We will store that information together with your account or Hilti ID and apply it when you use Hilti services, websites and apps and if we send electronic written communication to you.
    By signing up for marketing information offered by Hilti, you agree that the data you provided when signing up (e.g. your email address) can be collected, processed and used by Hilti for the regular dispatching of written electronic communication containing company, product and service-related information such as news about new Hilti products or Hilti services or about Hilti marketing campaigns (e.g. competitions, discounts, promotions), about changes within the company or to invite you to customer surveys (e.g. on customer satisfaction or customer requirements).
    In our B2B business you may object against the use of your phone number at any time through our customer service or your sales contact person.
  2. You can review and edit your Hilti services, websites and apps cookies and similar technologies by using our Cookie Setting Dashboard. For further information refer to point 9.
  3. You can at any time modify and adjust the settings for your email address or mobile phone number in your Hilti account. You can access your Hilti account via your customer profile after registering on our website or by clicking on the “Preference Center” link in each of our email we send to you. LINK to Hilti account settings
  4. You can at any time contact us via our web form to exercise the following rights:

            -        Right of access

            -        Right to rectification

            -        Right to erasure ("right to be forgotten")

            -        Right to restriction of processing

            -        Right to data portability

             Please use the official EU website to learn more about these rights.

In the case you withdraw your consent to a processing activity Hilti reserves the right to further process and use your personal data to the extent this is required or permitted by law e.g. to administrate your unsubscribe or set an over layer cookie to respect your cookie settings.   (Data Subject Rights Request Form)

8.     What else do we do to protect your personal data?

Hilti understands the importance of information and data security and we want your browsing and purchasing experience with us to be as safe as possible.

To protect your personal data, we have implemented reasonable and state of the art safeguards and precautions, including technical and organizational measures against unauthorized access, improper use, alteration, unlawful or accidental destruction and accidental loss, both in an online and offline context.

For example:

-       when you use our website, communication with your browser is encrypted using SSL (Secure Socket Layer) technology. This means that when you use our website the personal data you submit during the registration and login processes are encrypted before being sent over the Internet.

-       we review the integrity our information collection process, storage and processing practices, including physical security measures, to guard against unauthorized access to systems.

-       we restrict access to personal information for Hilti employees, contractors and agents based on a need to know approach in order to process it for us. Involved parties are subject to strict contractual confidentiality obligations and may be disciplined or terminated if they fail to meet these obligations.

You should only share online or through mobile apps personal information which you are comfortable sharing acknowledging that no organization or its systems can ever be guaranteed 100% secure all the time.

Please note that using credit card credentials will always require your explicit permission.

The security level does increase on your end if you do sign off (logout) when you finish using login-protected areas of the Hilti services, websites and apps.

 

9.     Use of cookies and similar technologies

We use cookies and similar technologies in connection with our services, websites and apps as described in our Cookie Policy.

Cookies are small text files that are stored on your computer or mobile device when visiting a website or app. In the case of technical cookies, they help us to remember information about your visit, like your preferred language or your preferred menu setting. Nearly all of our services, websites or applications require cookies, we do inform you within each of them about it depending on the cookie types used.

You can see a list of the types of cookies used by Hilti and also find out how Hilti and our partners use cookies in advertising in our cookie policy that explains how we protect your privacy in our use of cookies and other information.

Depending on your cookie settings, we can use the data (including personal data) to analyze customer and user behavior, but also evaluate the needs and opinions of customers and users in different aspects, to optimize our sales and business traffic structures, and to analyze the impact of specific advertising measures.

You may also set your browser to block all cookies or chose a level of personalization. However, it’s important to remember that many of our services may not function properly if your cookies are disabled. For example, we may not remember your language preferences.

By using our cookie setting dashboard, you can choose if we can collect personalized usage data (such as subpages visited while on our services, websites, and apps shopping history, including open and completed transactions, search terms entered, services/products viewed or searched for on our websites and apps; shopping cart and payment information) in some instances, from multiple devices, and, as part of the creation of customer and user profiles, combine it with other personal data that we collected or will collect from you as part of our business relationship, execution or termination of contractual relationships (e.g. name and official address, order and purchase history, your industry affiliation) and, where applicable and separately permitted by you, personalized usage data with respect to your use of other Hilti products and services (e.g. Hilti software or Hilti apps).   

 

10.     Links to other websites

Our services, websites and apps may contain links to other services, websites and apps of interest, once you have used these links you leave our services area. When you visit such other services, websites and apps you should exercise caution and look at the privacy statement applicable to the app or website in question. Hilt cannot, and does not, assume any responsibility or liability for such other websites, the content of such services, websites and apps and their privacy practices, nor do we endorse them.


11.     Compliance and cooperation with regulatory authorities

We regularly review our compliance with our Privacy Notice. We work with the appropriate regulatory authorities, including local data protection authorities.
You have the right to lodge a complaint with a supervisory authority: You can find the competent one on the official EU website.


12.     How are changes to this Privacy Notice communicated?

Our business changes constantly, which means that our Privacy Notice will be updated from time to time. Please check this Privacy Notice from time to time to ensure that you are comfortable with any changes we had to make.

We will not reduce your rights under this Privacy Notice without your explicit consent. We will post any Privacy Notice changes and, if the changes are significant, we will provide a more prominent notice up to individual e-mail notification.

13.     Contact us

Your feedback is always welcome. If you have any questions or concerns about our privacy practices or your online privacy please do not hesitate to contact us.

Data Subject Rights Request Form

© Hilti AG
Version date: 16/08/2017

CONTACT US
CONTACT US