Privacy statement
Georg Fischer Ltd., incorporated in Switzerland under the company number CHE‑108.778.486, and its affiliated companies (together "GF") consider the privacy and security of personal data a very important issue.
This online privacy and cookies policy ("Policy") applies to the use of the websites and applications of GF ("GF Websites"). The GF Websites provide information on GF, its products and services, carrier opportunities and information for investors.
GF treats personal data in accordance with the applicable data protection laws. "Personal data" means any information that identifies or could reasonably be used to identify you. The policy describes the type of personal data collected by GF when you use the GF Websites and/or the services that the GF Websites provide as well as how and for which purposes GF collects and may further process, use, share and disclose that personal data. Furthermore, it sets out the rights you have in relation to such personal data.
This policy is not necessarily a comprehensive description of the GF data processing. Other data protection statements or similar documents may apply to specific circumstances.
By using the GF Websites, you acknowledge that your personal data may be processed as set forth herein and you consent to the use of cookies and other means of identification and local storage in accordance with this policy. If you do not agree with this policy, do not proceed further to use the GF Websites. If you do not agree to our use of Cookies, please set your browser settings accordingly or do not use the GF Websites.
Unless GF has informed you differently in certain cases (e.g. according to the terms of use or other information for a specific service provided by the GF Websites), Georg Fischer Ltd., Amlser-Laffon-Strasse 9, 8021 Schaffhausen, Switzerland is the controller for processing your personal data through the GF Websites. In those cases in which an affiliate of Georg Fischer Ltd. communicates with you through other means (e.g. email, letter, phone, in person, etc.) or provides services to you through the GF Websites, such affiliate will be the controller of your data. You can find here a list and contact details of such GF affiliates: About GF.
Any inquiry for detailed information, comment, claim or concern related to this policy and data privacy may be addressed to the Data Protection Officer of GF using the following contact details: by email to dataprotection@georgfischer.com or by letter to Data Protection Officer, Georg Fischer Ltd., Amlser-Laffon-Strasse 9, 8021 Schaffhausen.
(a) Your requests
If you submit a request of services provided by the GF Websites (e.g. newsletters, invitations to events, accounts, closed user groups), a contact request, a request of further information on GF products and services, a media inquiry, you may be asked to provide certain personal data such as first and last name, title, company, address, e-mail address, telephone number, etc.
If you voluntarily provide or make available to GF personal data through the use of the GF Websites or electronically in any way, e.g. by entering them on a registration form, by signing up for a newsletter, by sending an e-mail, by providing feedbacks, by completing a customer survey, by participating in a competition, etc., GF may collect and process such personal data for the purposes indicated or evident from the circumstances at the time of collection. In particular, GF may process your personal data as it is necessary to administer your request or inquiry and to provide you with the requested service or an appropriate response.
In addition, in line with the applicable law and where appropriate, GF may process your personal data for the following purposes which are in GF's legitimate interest, such as (i) providing, improving and developing the GF Websites, products and services, (ii) statistical and market research purposes, (iii) technical operations and security, (iv) asserting legal claims and defense in legal disputes and official proceedings, (v) complying with applicable laws and regulations or (vi) other purposes provided for or permitted by law.
If you have registered to receive regular updates from GF, you may opt out from receiving such communication at any time by sending a request to the addresses provided in Section 2 above. If you choose to withhold any personal data requested by GF, it may not be possible for you to gain access to or use certain parts, services or functions of the GF Websites and for GF to respond to your query.
(b) Server log files
When you access the GF Websites, the web server of GF automatically collects, records and stores in server log files certain information about your access, e.g. your Internet Protocol (IP) address of the computer or mobile device sending the request, your file request as well as its date, time and duration, the HTTP response code, the pages of the GF Websites that you actually visit, the website from which you visit the GF Websites (referrer URL), the type, version and language of the web browser, the operating system used by the computer or mobile device sending the request, cookies that may uniquely identify your browser. For more information on cookies see Section 8 below. This information is not analyzed in a way that identifies individual persons. GF collects and processes this information on a technical level for operational purposes for displaying and ensuring the proper functioning of the respective GF Website, for better understanding the users' behavior and improving its offerings as well as for ensuring stability and security.
(c) No automated decisions and profiles
GF does not use the personal data collected from you to make decisions based solely on automated processing and GF does not process your personal data automatically with the aim of evaluating certain personal aspects (profiling).
In the context of the GF business activities and in line with the purposes of the data processing set out in Section 3, GF may transfer personal data to third parties, insofar as such a transfer is permitted and GF deems it appropriate, in order for them to process data for GF or, as the case may be, their own purposes. In particular, GF may disclose your personal data to third parties ("Recipients") in the following cases:
(a) Any relevant GF controller entity may transfer your personal data to other GF entities and to any third-party service providers ("Processors") to which the GF controller entity delegates all or part of the processing (e.g. hosting providers, e-marketing service providers, technical support providers etc.). The Processors are allowed to use your personal data only for the purposes for which the personal data were originally collected. The Processors are carefully selected by the relevant GF controller entity. They are contractually obliged to handle your personal data exclusively on instructions of the GF controller entity, in accordance with this Policy and the applicable data protection laws, to keep the personal data confidential and to implement appropriate technical and organizational measures to protect the personal data.
(b) The relevant GF controller entity may also disclose personal data in connection with a merger, acquisition, bankruptcy or sale, assignment or other transfer of all or substantially all of its assets.
(c) GF may disclose your personal data to certain public authorities in order to respond to appropriate request of legitimate government agencies or where required by applicable laws, court orders or government regulations.
(d) GF may disclose personal data where this is needed for corporate audits or to investigate or respond to a compliance or security treat.
The Recipients may be located in Switzerland or in any country worldwide. In particular, you must anticipate that your personal data are transmitted to any country in which the GF group is represented by affiliates, branches or other offices as well as to other countries in Europe and the USA where service providers of GF are located (such as Microsoft, T-Systems, Publicis Pixelpark (DE), Siteimprove GmbH (CH), Google (USA), Umantis (DE), Prescreen International GmbH (AT)). If GF transfers data to a country without adequate legal data protection, GF ensures an appropriate level of protection as legally required by way of using appropriate contracts (in particular on the basis of the standard contract clauses of the European Commission) or GF relies on the statutory exceptions of consent, performance of contracts, the establishment, exercise or enforcement of legal claims, overriding public interests, published personal data or because it is necessary to protect the integrity of the persons concerned. You can request more information about such measures by getting in touch with to the addresses provided in Section 2 above.
Unless otherwise set forth in this Policy or other data protection statements applicable in specific circumstances, GF will not sell or otherwise transfer your personal data to any third parties without your explicit consent.
GF processes and retains the personal data as long as required for the performance of the purposes for which they are collected or for compliance with the legal obligations or other purposes pursued with the processing, as well as beyond this duration in accordance with legal retention and documentation obligations. Furthermore, GF may retain personal data for the period during which claims can be asserted against GF or insofar as GF is otherwise legally obliged to do so or if legitimate business interests require further retention (e.g. for evidence and documentation purposes).
As soon as personal data are no longer required for the abovementioned purposes, they will be deleted or anonymized to the extent possible. If personal data need to be retained for legal reasons, they will be blocked and will no longer be available for further processing.
GF has taken appropriate technical and organizational security measures to protect your personal data from unauthorized access, improper use or disclosure, unauthorized alteration and unlawful destruction or accidental loss. In particular, GF has implemented appropriate internal information security policies, training, IT and network security solutions, access controls and restrictions, encryption of data carriers and transmissions, pseudonymization, inspections. All employees, Processors and other third parties that have access to personal data are obliged to keep the personal data confidential and safe.
Subject to the applicable law, you may have some or all of the following rights regarding your personal data:
(a) Right to obtain confirmation of whether GF processes your personal data and, if so, to gain access to a copy thereof;
(b) Right to rectify or obtain the erasure of your personal data as long as the applicable legal requirements are met (e.g. the prerequisites for the right of erasure provide in particular that the personal data is no longer necessary for the purposes for which they were collected or otherwise processed, for supporting litigation or for compliance with statutory retention requirements);
(c) Right to restriction of processing, in particular (i) where the accuracy of personal data is contested by you, for a period enabling GF to verify the accuracy of the personal data, (ii) where you oppose the erasure of the personal data (in cases where the right to erasure applies) and request the restriction of their use instead, (iii) where GF no longer needs the personal data for the original purposes, but they are required by you for the establishment, exercise or defense of legal claims, and (iv) where the successful exercise of an objection is still contested between you and GF;
(d) Right to object to processing of your personal data, unless GF can demonstrate compelling legitimate grounds for processing of your personal data. With reference to the processing of your personal data for direct marketing purposes, you may have the right to object at any time thereto;
(e) Right to data portability of your personal data to a new supplier (if applicable);
(f) Right to lodge a complaint with the relevant supervisory authority, in particular (i) the data protection authority that is competent for your place of residence, your place of work or the location of the alleged infringement, or (ii) the lead supervisory authority for GF, namely the Federal Data Protection and Information Commissioner FDPIC, Feldeggweg 1, 3003 Bern, Switzerland (https://www.edoeb.admin.ch);
(g) Where any processing is based on consent, you may have the right to withdraw such consent at any time, without this affecting the processing prior to the consent withdrawal.
You can assert your rights at any time by submitting your request to the addresses provided in Section 2 above. In general, exercising these rights requires that you are able to prove your identity (e.g. copy of identification documents).
GF reserves the right to enforce statutory restrictions, e.g. if GF is obliged to retain or process certain data, has an overriding interest or needs the personal data for asserting claims. GF may reject requests that are excessive or a misuse of the relevant rights. If exercising certain rights will incur costs on you, GF will notify you in advance.
The GF Websites use cookies, i.e. small pieces of data placed on your computer or mobile device by the websites you visit, and other forms of identification for local storage ("Cookies") to distinguish visitors of the GF Websites from each other by assigning a random anonymous identifier to each visitor. Cookies save your settings and enable the GF Websites to remember your device as well as your actions and preferences (e.g. login, language, etc.) over a period of time for providing the visitors of the GF Websites with a more personalized experience when they browse the GF Websites. Cookies are used to make websites work and help GF to better understand how visitors use the GF Websites and to improve the quality of the GF Websites and services. However, Cookies do not identify you personally.
GF uses (i) "session cookies" that allow your computer to be recognized when your return to the GF Websites during a session and are automatically deleted once you close your browser as well as (ii) "persistent cookies" that allow your computer to be recognized during more sessions and are automatically deleted after a specified period of time.
Necessary Cookies enable core functionality such as page navigation and access to secure areas. The website cannot function properly without these cookies, and can only be disabled by changing your browser preferences. Analytical cookies help us to improve our website by collecting and reporting information on its usage. Marketing Cookies (Targeting/Advertising) help us improve the relevancy of advertising campaigns you receive. You can give your consent to the use of Tracking Cookies by continuing to use the GF Websites.
The table below describes the Tracking Cookies used by the GF Websites.
Name of Cookie | Type of Cookie | Purpose | Duration | Category |
cb-enabled | HTTP | This cookie is associated with a free script which shows a cookie alert notice on a website. It is used to record when the user has dismissed the notice to prevent it re-appearing on return visits. | 1 year | Necessary Cookie |
ServerIDGFL | HTTP | To provide an improved and faster server time, the ServerID cookie remembers which server should handle the user’s requests. | Session | Necessary Cookie |
__cfduid | HTTP | Used by the content network, Cloudflare, to identify trusted web traffic. | 1 year | Necessary Cookie |
login-token | HTTP | Is set by the authentication component and holds information about the login status of the user. | Session | Necessary Cookie |
AWSELB | HTTP | Used by Amazon Web Services Elastic Load Balancing functionality for routing client request on the server. | Session | Necessary Cookie |
CookieControl | HTTP | Holds Information about the users decision regarding to necessary and analytical cookies. | 3 months | Necessary Cookie |
lastVisitedURL | HTTP | This is used to populate the history so that the back button works for the navigation. | - | Necessary Cookie |
originalTitle | HTTP | This cookie saves the literal page title (which can be seen in the browser tab). The system re-writes this title when the user navigates around location pages as well as the sitemap and wants to reset it when they go back to the maps page. This cookie persists past the session. | - | Necessary Cookie |
DSID | HTTP | This cookie is set to note your specific user identity. It contains a hashed/encrypted unique ID. | 1.5 years | Necessary Cookie |
_countryDetection | HTTP | Holds the country, the user visited at last (via using the country selector). We suggest that this the preferred country from the user. | 1 year | Necessary Cookie |
_gf_SAP_SESSIONID_RLQ_011 | HTTP | SAP BSP Session-Cookie: The SAP_SESSIONID_XXX cookie will be used from the server for authentication (SAML 2.0). | Session | Necessary Cookie |
_gf_sap-usercontext | HTTP | SAP BSP Session-Cookie: The sap-user context cookie is a non-persistent cookie that is stored in the browser's memory. Its value is the user context, the data that is specifically assigned to an SAP user. The user context contains a user-specific area including user and authorization data, and a session context for each external session. | Session | Necessary Cookie |
_gf_MYSAPSSO2 | HTTP | SAP BSP Login-Cookie: The MYSAPSSO2 cookie is a non-persistent cookie that is stored in the browser's memory. Its value is the encoded content of the SAP Logon Ticket. The browser is used to transmit the Logon Ticket from system to system via the MYSAPSSO2 cookie. | Session | Necessary Cookie |
_gf_sap-contextid | HTTP | SAP BSP Session-Cookie: The sap-contextid cookie contains a generated ID as a value. This ID allows the relevant session to be identified on the server. The session cookie is a temporary cookie. It is deleted automatically when the browser window is closed. | Session | Necessary Cookie |
language | HTTP | User language ID. | 8 hours | Necessary Cookie |
CGISESSID | HTTP | Session ID – used to recognize the user session and thereby restore its state (logged in, language, etc.). | 8 hours | Necessary Cookie |
ExternalDesignID | HTTP | If selected, the DesignID for the External Design is stored here. | Session | Necessary Cookie |
CompanyID | HTTP | Branch office ID (mainly used in the job board on AM). | 8 hours | Necessary Cookie |
alphakey | HTTP | Together with the session ID, this value serves to ensure that the session cannot be taken over by anyone else. | 8 hours | Necessary Cookie |
selfid | HTTP | User’s ID. | 8 hours | Necessary Cookie |
customer | HTTP | Tenant ID. | 8 hours | Necessary Cookie |
auth-token | HTTP | In the auth-token cookie, user information is stored in a JSON data structure. | 12 hours | Necessary Cookie |
AWSELBCORS | HTTP | AWS Classic Load Balancer Cookie: Load Balancing Cookie: Used to map the session to the instance. Same value as AWSELB. | 1 day | Necessary Cookie |
AWSELB | HTTP | Used by Amazon Web Services Elastic Load Balancing functionality for routing client request on the server. | Session | Necessary Cookie |
.ASPXFORMSAUTH | HTTP | This attribute is used to specify the HTTP cookie to use for authentication. | Session | Necessary Cookie |
.ASPXROLES | HTTP | Cookies used to keep track of if the visitor has any permissions on the website. Only used for logged in users. | Session | Necessary Cookie |
ASP.NET_SessionId | HTTP | SessionId what .NET Manages for maintaining session | Session | Necessary Cookie |
SERVERID | HTTP | Usually used for load balancing. Identifies the server that delivered the last page to the browser. Associated with the HAProxy Load Balancer software. | - | Necessary Cookie |
ARRAffinity | HTTP | This cookie is set by websites run on the Windows Azure cloud platform. It is used for load balancing to make sure the visitor page requests are routed to the same server in any browsing session. | - | Necessary Cookie |
PHPSESSID | HTTP | PHP session cookie associated with embedded content from this domain. | - | Necessary Cookie |
_ga | HTTP | Registers a unique ID that is used to generate statistical data on how the visitor uses the website. | 2 years | Analytical Cookie |
_gat | HTTP | Used by Google Analytics to throttle request rate. | Session | Analytical Cookie |
_gid | HTTP | Registers a unique ID that is used to generate statistical data on how the visitor uses the website. | Session | Analytical Cookie |
nmstat | HTTP | Used to determine if the user has visited the website previously. | 999 days | Analytical Cookie |
siteimproveses | HTTP | Used to register the order of pages that the user has visited on the website. | Session | Analytical Cookie |
collect | Pixel | Used to send data to Google Analytics about the visitor's device and behavior. Tracks the visitor across devices and marketing channels. | Session | Analytical Cookie |
image.aspx | Pixel | Used by SiteImprove to collect data about the visitor's behavior and to generate statistical data on how the visitor uses the website. | Session | Analytical Cookie |
YSC | HTTP | This cookie is set by YouTube to track views of embedded videos. | 8 months | Analytical Cookie |
_gat_UA-22090862-13 | HTTP | This is a pattern type cookie set by Google Analytics, where the pattern element on the name contains the unique identity number of the account or website it relates to. It appears to be a variation of the _gat cookie which is used to limit the amount of data recorded by Google on high traffic volume websites. | 2 years | Analytical Cookie |
_gat_UA-22090862-29 | HTTP | This is a pattern type cookie set by Google Analytics, where the pattern element on the name contains the unique identity number of the account or website it relates to. It appears to be a variation of the _gat cookie which is used to limit the amount of data recorded by Google on high traffic volume websites. | 2 years | Analytical Cookie |
_gat_gtag_UA_30457341_4 | HTTP | This is a pattern type cookie set by Google Analytics, where the pattern element on the name contains the unique identity number of the account or website it relates to. It appears to be a variation of the _gat cookie which is used to limit the amount of data recorded by Google on high traffic volume websites. | - | Analytical Cookie |
cusid (Analytics) | Session | This cookie is used to establish and continue a user session with the site. | 30 min from set/update | Analytical Cookie |
cuvon | Session | Used to signal the last time a visitor viewed a page. | 30 min from set/update | Analytical Cookie |
cuvid | Persistent / First-Party | This cookie is typically written to the browser upon the first visit to the site from that web browser. | 2 years from set/update | Analytical Cookie |
cusid | Session | This cookie is used to establish and continue a user session with the site. | 30 min from set/update | Analytical Cookie |
__cfduid | Persistent / First-Party | Enables our infrastructure provider, Cloudflare, to manage security and load balancing. | Defined by a third party, but usually a period of around six months. | Analytical Cookie |
LP-X where X is a reference to the dotdigital customer who created the landing page |
Persistent / First-Party | Identifies the contact to enable personalization when they visit any landing page from that particular account. | 30 days after last view | Analytical Cookie |
NID | HTTP | Registers a unique ID that identifies a returning user's device. The ID is used for targeted ads. | 6 months | Marketing Cookie |
ads/ga-audiences | Pixel | Used by Google AdWords to re-engage visitors that are likely to convert to customers based on the visitor's online behavior across websites. | Session | Marketing Cookie |
SIDCC | HTTP | Security Cookie used by Google to authenticate users, prevent fraudulent use of login credentials and protect user data from unauthorized parties. | Session to 2 years | Marketing Cookie |
__Secure-3PAPISID | HTTP | Used by for targeting purposes to build a profile of the website visitor's interests in order to show relevant & personalized Google advertising. | 2 years | Marketing Cookie |
SSID | HTTP | Collects information about how the end user uses the website and any advertising that the end user may have seen before visiting the said website. | 2 years | Marketing Cookie |
__Secure-SSID | HTTP | Used to store information about how you use the website and any advertising that you may have seen before visiting this website, in addition to being used to help customize advertising on Google properties by remembering your most recent searches, your previous interactions with an advertiser's ads or search results and your visits to an advertisers website. | 8 months | Marketing Cookie |
__Secure-HSID | HTTP | Used for security purposes to store digitally signed and encrypted records of a user’s Google account ID and most recent sign-in time which allows Google to authenticate users, prevent fraudulent use of login credentials, and protect user data from unauthorized parties. This can also be used for targeting purposes to show relevant & personalized ad content. | 2 years | Marketing Cookie |
SAPISID | HTTP | This DoubleClick cookie is generally set through the site by advertising partners, and used by them to build a profile of the website visitor's interests and show relevant ads on other sites. This cookie works by uniquely identifying your browser and device. | 2 years | Marketing Cookie |
__Secure-3PSID | HTTP | Used by for targeting purposes to build a profile of the website visitor's interests in order to show relevant & personalized Google advertising. | 2 years | Marketing Cookie |
APISID | HTTP | This DoubleClick cookie is generally set through the site by advertising partners, and used by them to build a profile of the website visitor's interests and show relevant ads on other sites. This cookie works by uniquely identifying your browser and device. | 2 years | Marketing Cookie |
HSID | HTTP | This cookie is set by DoubleClick (which is owned by Google) to build a profile of the website visitor's interests and show relevant ads on other sites. | 2 years | Marketing Cookie |
__Secure-APISID | HTTP | Used by for targeting purposes to build a profile of the website visitor's interests in order to show relevant & personalized Google advertising. | 8 months | Marketing Cookie |
SID | HTTP | Used for security purposes to store digitally signed and encrypted records of a user’s Google account ID and most recent sign-in time which allows Google to authenticate users, prevent fraudulent use of login credentials, and protect user data from unauthorized parties. This can also be used for targeting purposes to show relevant & personalized ad content. | - | Marketing Cookie |
CONSENT | HTTP | Collects information about how the end user uses the website and any advertising that the end user may have seen before visiting the said website. | 1 year | Marketing Cookie |
LOGIN_INFO | HTTP | Used by YouTube (Google) for storing user preferences and other unspecified purposes. | 10 years | Marketing Cookie |
VISITOR_INFO1_LIVE | HTTP | This cookie is set by YouTube to keep track of user preferences for YouTube videos embedded in sites; it can also determine whether the website visitor is using the new or old version of the YouTube interface. | - | Marketing Cookie |
1P_JAR | HTTP | Collects information about how the end user uses the website and any advertising that the end user may have seen before visiting the said website. More information about Google cookies. | - | Marketing Cookie |
ANID | HTTP | This cookie is used by Google to display personalized advertisements on Google sites, based on recent searches and previous interactions. More information about Google cookies. | 2 years | Marketing Cookie |
SEARCH_SAMESITE | HTTP | This cookie is used to prevent the browser from sending this cookie along with cross-site requests. More information about Google cookies. | - | Marketing Cookie |
OTZ | HTTP | This cookie is used by Google Analytics to provide an aggregated analysis of Website visitors. More information about Google cookies. | 1 month | Marketing Cookie |
IDE | HTTP | This domain is owned by DoubleClick (Google). The main business activity is: DoubleClick is Googles real time bidding advertising exchange. | 1.5 years | Marketing Cookie |
TrackingID | HTTP | Used, for example, in the job board for referral programs. | 2 days | Marketing Cookie |
dm_i recordID sessionID |
Persistent / First-Party | Tracks and identifies a visitor as an Engagement Cloud contact whilst they browse a site’s pages. This data can then be used for better segmenting and targeting of contacts. | Ranges from a cookie that expires after 20 minutes (collecting session information on pages visited) to cookies that expire after 365 days. | Marketing Cookie |
bm_sv | HTTP | Bot Manager Cookie. Used for Session Validation. | 2 hours | Third party Cookie |
ak_bmsc | HTTP | Bot Manager Standard session cookie . Assigned to client when a customer categorized bots, Akamai categorized bots and “Transparent” detection mechanisms do not trigger. Cookie Integrity Failed rule checks for the integrity of this cookie. | 2 hours | Third party Cookie |
dtCookie | HTTP | Tracks a visit across multiple requests. | Session | Performance Cookie |
dtLatC | HTTP | Measures server latency for performance monitoring. | Session | Performance Cookie |
dtPC | HTTP | Required to identify proper endpoints for beacon transmission; includes session ID for correlation | Session | Performance Cookie |
dtSa | HTTP | Serves as an intermediate storage for page-spanning actions. This cookie is used to save user action names, such as Click on Login, across different pages. This is required because page loads result in JavaScript code restart, so all contextual information must be stored in cookies. | Session | Performance Cookie |
dtValidationCookie | HTTP | Determines if the RUM JavaScript should be deactivated due to cost and traffic control or overload prevention | Deleted after a few milliseconds; no expiry date set | Performance Cookie |
rxVisitor | HTTP | Contains the visitor ID to correlate sessions. | Session or permanent | Performance Cookie |
rxvt | HTTP | Specifies the session timeout. | Session | Performance Cookie |
b925d32c | HTTP | Indicates if a user is logged in or not. | Session | Performance Cookie |
ssoCSRFCookie | HTTP | Serves as cross-site request forgery (CSRF) protection when moving between servlets in SSO. | Session | Performance Cookie |
p23mn32t | HTTP | Contains a unique Base32 identifier that indicates to SSO that a user is logging in from a new device. The identifier is created based on the user login, browser, and user agent. | 5 years | Performance Cookie |
l34kn6no | HTTP | Stores the OpenID state when SSO acts as a relying party, for example, for signing in with Microsoft using OpenID. | Session | Performance Cookie |
iu2g34bw | HTTP | Stores the OpenID code_verifier when SSO acts as a relying party, for example, for signing in with Microsoft using OpenID. | Session | Performance Cookie |
a69k21bb | HTTP | Stores redirect_uri upon successful sign-in when SSO acts as a relying party, for example, for signing in with Microsoft using OpenID. | Session | Performance Cookie |
cgq80xhu | HTTP | Contains an SHA-256 hash of a random UUID. When a user signs in via OpenID, this cookie is used to track the session state via the SSO OpenID iFrame and perform front-end logout if necessary. | Session | Performance Cookie |
72ddbc27 | HTTP | Added when a user selects the Remember me option to store their credentials. Thanks to this option, the user doesn't have to provide their credentials again when the session expires, and the user is logged in automatically. | 3 months | Performance Cookie |
kj76fg4h | HTTP | Prevents the user from becoming stuck following a failed federated login if the user selected the Remember me option to store their credentials. If the user is signed in, this cookie is deleted. | 5 minutes |
Performance Cookie |
SRV | HTTP | Load balancer (HA Proxy) session stickiness. | 1 hour | Performance Cookie |
apmsessionid | HTTP | Web server session cookie. | Session |
Performance Cookie |
You may configure your web browser to refuse any installation of all or some Cookies or to disable or deactivate Cookies that have been installed (the specific instructions can be found in the manual of your browser). However, if you use your browser setting to block all Cookies (including Functionality Cookies), this may result in a reduced availability or impaired functionality of the GF Websites.
Chatbot functionality:
For general and specific inquiries, we offer you the possibility to receive information on various topics within CONNECT Store via a chatbot. Our technical service provider for this service is knowhere GmbH, Steinhöft 9, 20459 Hamburg. We process the collected data in the cloud-based dialog system of the service provider.
No personal data is required for the mere answering of questions. If you wish to be contacted by our Customer Service team regarding an inquiry, the personal data you provide as part of the chatbot request will be processed. The contact data may include Name, Company, User Account Name, Phone Number and/or Email Address.
For the purpose of quality management and optimization of the artificial intelligence of the chatbot, log files and chat histories are stored for 60 days. Third parties cannot access the data stored in the local storage. They are neither passed on to third parties nor used for advertising purposes. We use these technologies in the legitimate interest of being able to provide an attractive, fully functional service based on article 6 (1) point (f) GDPR.
The GF Websites use Google Analytics, a web analytics service provided by Google Inc., a company located in the USA, www.gooogle.com ("Google"). The features of the service that GF uses are "Universal Analytics" features. They make it possible to attribute data, sessions and interactions across multiple devices to a pseudonymous user ID, thus giving GF the ability to analyze the activities of a user on all devices. Google Analytics uses Cookies which are text files placed on your computer, to help the GF Websites to measure and analyze how visitors use the site.
The information generated by the Cookies about your use of the GF Websites (including your IP address) is usually transferred to a Google server in the USA and stored there. However, if IP anonymization is activated on these websites, Google will truncate your IP address within Member States of the European Union or in other states party to the Agreement on the European Economic Area beforehand. Only in exceptional cases the full IP address will be transmitted to a Google server in the USA and truncated there. We would like to point out that, on these GF Websites, Google Analytics has been extended to include IP anonymization in order to ensure anonymous collection of IP addresses (so-called IP masking).
Google complies with the data protection rules of the "EU-U.S. Privacy Shield" and "Swiss-U.S. Privacy Shield" arrangements and is registered with the "Privacy Shield" program of the US Department of Commerce and the European Commission and Swiss Administration. The IP address identified from your browser by Google Analytics will not be merged with other data collected by Google. On behalf of GF, Google uses this information to analyze your use of the GF Websites, to compile reports on the website activities and to provide other services for GF related to the use of the GF Websites and internet usage. Google may also transfer this information to third parties where required by law or where such third parties process the information on Google's behalf.
GF uses Google Analytics in order to pursue its legitimate interests of building a service that meets the customer’s needs, enabling statistical analysis and promoting our website efficiently. You may refuse the use of cookies by selecting the appropriate settings on your browser, however please note that if you do this you may not be able to use the full functionality of the GF Websites. You can also opt-out from being tracked by Google Analytics with effect for the future by downloading and installing Google Analytics Opt-out Browser Addon for your current web browser: https://tools.google.com/dlpage/gaoptout?hl=en. Opt-out cookies prevent your data from being collected during any future visits to the relevant GF Websites. In order to prevent the collection of data by Universal Analytics across multiple devices, you must opt out on all the systems that you use.
For more information around Google Analytics, the conditions of use and data protection please click: https://www.google.com/intl/en/analytics/privacyoverview.html.
The GF Websites use Siteimprove, a web analytics service provided by Siteimprove Inc., a company located in Denmark, https://siteimprove.com/ ("Siteimprove"). Siteimprove uses Cookies to analyze website usage. The information generated by the Cookie is transmitted to a Siteimprove server and stored there. Siteimprove may collect statistics about site usage, such as when a visitor last visited the website, or track the sequence of pages a visitor looks at during his visit. This information is then used to improve the user experience on the website and enable visitors to find relevant information quicker. The Siteimprove cookies contain a randomly generated ID used to recognize the browser when a visitor visits a page. The cookie contains no personal information and is used for web analytics only. We would like to point out that, on these GF Websites, Siteimprove has been extended to include IP anonymization in order to ensure anonymous collection of IP addresses (so-called IP masking).
For more information around Siteimprove, the conditions of use and data protection please click: https://siteimprove.com/en/privacy/privacy-policy/.
GF may use social media plugins (e.g. Facebook, Twitter, Google+ or LinkedIn), which are identifiable by means of respective share buttons. Such social media plugins allow users of those social media platforms to post links of GF Websites on their social media profile, bookmark them or share them with their social media contacts.
If you use social media plugins you will be sending identifiable information to the respective social media platform. Any comments or activity arising from persons using social media plugins is not controlled or endorsed by GF and GF shall not be responsible or liable for such. Persons who share GF's content via social media plugins are not authorized to speak for or to represent GF.
This Policy is not applicable to any linked, non-GF Website. Whenever you open a link to other websites, you should read the privacy policies of the website in question. The processing of your personal data lays in the responsibility of the respective social media operator and occurs according to its data protection rules. GF does not receive any information about you from such operators.
This privacy statement is subject to change from time to time without notice.
GF processes your data in accordance with the EU General Data Protection Regulation (GDPR) and national data protection laws exclusively
- for the performance of a contract or to take steps prior to entering into a contract (pursuant to Art. 6 (1) point (b) GDPR): management of the appointment process, administration of the online portal, assessment of your experience and qualifications, and, if applicable, in connection with the conclusion of an employment contract. If an employment contract is concluded, it will be agreed with you what personal data may be stored, for how long and for what purpose;
- for compliance with a legal obligation (pursuant to Art. 6 (1) point (c) GDPR): compliance with checking and reporting obligations under tax law and compliance with statutory retention periods;
- for the purpose of legitimate interests (pursuant to Art. 6 (1) point (f) GDPR): statistical purposes or for the establishment, exercise or defense of legal claims;
- if you have explicitly given your consent (pursuant to Art. 6 (1) point (a) GDPR): jobs subscription and data release.
Without your express prior consent, GF will transfer your data only insofar as is permitted and necessary. If GF transfers your data to countries with a level of data protection that is not equivalent to that in the EU, the European Economic Area (EEA) or Switzerland, this will take place only if adequate data protection is guaranteed in such countries (for example, through EU standard contractual clauses or the US Privacy Shield).
You may yourself at any time erase the applicant profile that you created in the online portal.
If you have registered for a jobs subscription on the GF website and therefore have given your consent for the use of certain items of data provided by you, this data will be used to inform you by e-mail (newsletter) of vacancies at GF that we believe may be of interest to you. If you no longer wish to receive the newsletter, you can unsubscribe at any time using the “Unsubscribe” link incorporated into every newsletter and thereby, at the same time, activate the erasure or rendering anonymous of the data you provided for this purpose.
This data protection information may be amended from time to time without prior notice.
Updated: April 2021