Robert Bosch Stiftung GmbH ("We“ or "Us") is delighted about your visit to our internet pages and mobile applications (together also referred to as "Online Offers") and about your interest in our organization and our charitable work.
Robert Bosch Stiftung respects your privacy
The protection of your privacy throughout the course of processing personal data as well as the security of all business data is an important concern to us. We process personal data that was gathered during your visit of our Online Offers confidentially and only in accordance with statutory regulations. Data protection and information security are included in our corporate policy.
Robert Bosch Stiftung is the controller responsible for the processing of your data; exceptions are outlined in this data protection notice. Our contact details are as follows:
Robert Bosch Stiftung GmbH
Collection, processing and usage of personal data
Processed categories of data
The following categories of data are processed:
- Communication data (e.g. name, telephone, e-mail, address, IP address)
Personal data consists of all information related to an identified or identifiable natural person, this includes, e.g. names, addresses, phone numbers, email addresses, contractual master data, contract accounting and payment data, which is an expression of a person's identity.
We collect, process and use personal data (including IP addresses) only when there is either a statutory legal basis to do so or you have given your consent to the processing or use of personal data concerning this matter, e.g. by means of registration.
Processing purposes and legal bases
We and service providers commissioned by us process your personal data for the following processing purposes:
- Provision of these Online Offers (Legal basis: Justified interest on our part in direct marketing as long as this occurs in accordance with data protection and competition law).
- To determine disruptions/disturbances and for security reasons (Legal bases: Fulfillment of our legal obligations within the scope of data security and justified interest in resolving disruptions/disturbances and in the security of our offers).
- Dispatch of an email newsletter with the recipient’s consent (Legal basis: Consent).
- Safeguarding and vindication of our rights (Legal basis: Justified interest on our part for the safeguarding and vindication of our rights).
Every time you use the internet, your browser transmits certain information which we store in so-called log files. We save log files for seven days solely to determine disturbances and for security reasons (e.g., to clarify attack attempts) and then we delete them afterwards. Log files which need to be maintained for evidence purposes are excluded from deletion until the respective incident has been completely resolved and may, on a case-by-case basis, be passed on to investigating authorities. Log files are also used for analysis purposes (without or without complete IP address). See module web analysis therefore.
In log files, the following information in particular is being saved:
- IP address (internet protocol address) of the terminal device which is being used to access the Online Offers;
- Internet address of the website from which the Online Offer has been accessed (socalled URL of origin or referrer URL);
- Name of the service provider which is used to access the Online Offers;
- Name of the files or information accessed;
- Date and time as well as duration of retrieval;
- Amount of data transferred;
- Operating system and information on the internet browser used including addons installed (e.g., Flash Player);
- http status code (e.g., “Request successful” or “File requested not found”).
This Online Offer is not for children under 16 years of age.
Data transfer to other controllers
Your personal data is principally forwarded to other controllers only when required for the fulfillment of a contract, in the case where we or the third party have a legitimate interest in the transfer, or when your consent has been given. Par-ticulars on the legal bases can be found in the Section - Purposes of Processing and Legal Bases. Third parties may also be other companies of the Bosch group. When data is transferred to third parties based on a justified interest, this is explained in this data protection notice. Additionally, data may be transferred to other controllers when we are obliged to do so due to statuto-ry regulations or enforceable ad-ministrative or judicial orders.
Service providers (general)
We have commissioned external service providers with tasks such as sales and marketing services, contract management, payment handling, programming, and data hosting. We have chosen these service providers carefully and review them regularly, especially regarding their diligent handling of and protection of the data that they have saved. All service providers are obliged to maintain confidentiality and to abide by the statutory provisions. Service providers may also be other Bosch group companies.
Transfer to recipients outside the EEA
We can also transfer personal data to recipients located outside the EEA in socalled third countries. In such cases, we ensure prior to the transfer either that the data recipient provides an appropriate level of data protection (e.g., due to a decision of adequacy by the European Commission for the respective country or due to the agreement based on so-called EU model clauses with the recipient) or that you have consented to the transfer.
You are entitled to receive an overview of third country recipients and a copy of the specifically agreed-to provisions securing an appropriate level of data protection. For this purpose, please use the statements made in the Contact section.
Duration of storage; retention periods
Principally, we store your data for as long as it is necessary to render our Online Offers and the services connected to them or for as long as we have a justified interest in storing the data (e.g., we might still have a justified interest in postal mail marketing upon fulfillment of a contract). In all other cases we delete your personal data with the exception of data we must store to fulfill legal obligations (e.g., we are obliged due to retention periods under the tax and commercial codes to have documents such as contracts and invoices available for a certain period of time).
Cookies are small text files that are being saved on your computer when an Online Offer is visited. In case you access this Online Offer another time, your browser sends the cookies' content back to the respective offeror and, thus, allows the re-identification of the terminal device. Reading the cookies allows us to design our Online Offers optimally for you and makes it easier for you to use them.
Deactivation and deletion of cookies
When you visit our internet pages you will be informed in a cookie layer pop up that cookies are being set on our page. In case you decide to block cookies, your browser allows you to deactivate and delete all cookies at all times. To do so, please consult your browser's help functions. This might, however, lead to individual functions no longer being available. Please note that deactivation and deletion of cookies, for technical reasons, only can be set for the browser that was used for. In case you use a different browser or a different terminal device, you must deactivate or delete again.
In addition, you are able to manage and deactivate the use of third party cookies on the following web page:
http://www.youronlinechoices.com/uk/your-ad-choices. As we do not operate this website, we are not responsible and we are unable to influence content and availability.
Overview of cookies used by us
In this section, please find an overview of cookies we use.
a) Absolutely necessary cookies
Certain cookies are necessary so we can securely render our Online Offers. This category includes, e.g.:
- Cookies that identify or authenticate our users;
- Cookies that temporarily save certain user input (e.g., content of an online form);
- Cookies that store certain user preferences (e.g., search or language settings);
- Cookies that store data to ensure the unimpeded playback of video or audio content.
b) Analytical cookies
We use analytical cookies to record the usage behavior (e.g., ad banners clicked, search queries put in) of our users and to evaluate it statistically.
We need statistical information about the usage of our Online Offers to design them to be more user-friendly, to perform range measurements, and to perform market research. For this purpose, we use the web analysis tools described in this section.
The usage profiles created by these tools using analysis cookies or by evaluating log files do not contain personal data. The tools either do not use user IP addresses at all or shorten them immediately after gathering them.
The tools offerors process data only as processors subject to our directives and not for their own purposes.
In the following, please find information on each tool offeror and how you are able to object to the collection and processing of data through the tool.
Be advised that with regard to tools which use opt out cookies, the opt out function is related to a device or browser and is thus valid for the terminal device or browser used at this time. In case you use several terminal devices or browsers you must opt out on every device and with every browser used.
Beyond this, you can generally avoid the forming of usage profiles by generally deactivating cookie usage; for this please refer to the section Deactivate and delete cookies.
etracker is provided by etracker GmbH, Erste Brunnenstraße 1, 20459 Hamburg, Germany. You may object to the collection or processing of your data by using the opt out possibility by clicking the following link: https://www.etracker.com/datenschutz
In our Online Offers we use so-called social plugins from various social networks; these are individually described in this section. During the usage of the plugins, your internet browser establishes a direct connection to the respective social networks’ servers. This way, the respective provider receives information that your internet browser has accessed from the respective site of our Online Offers, even if you do not have a user account with this provider or are currently not logged into this account. Log files (including the IP address) are, in this case, directly transmitted from your internet browser to a server of the respective provider and might be stored there. The provider or its server may be located outside the EU or the EEA (e.g., in the United States).
The plugins are standalone extensions by social network providers. For this reason, we are unable to influence the scope of data collected and stored by them.
Purpose and scope of the collection, the continued processing and usage of data by the social network as well as your respective rights and setting options to pro-tect your privacy can be found by consulting the respective social network's data protection notices.
In case you do not wish social network providers to receive and, if applicable, store or use data, you should not use the respective plugins.
Facebook is operated under www.facebook.com by Facebook Inc., 1601 S. California Ave, Palo Alto, CA 94304, USA, and under www.facebook.de by Facebook Ireland Limited, Hanover Reach, 5-7 Hanover Quay, Dublin 2, Ireland ("Facebook"). Find an over-view over Facebook's plugins and their appearance here: http://developers.facebook.com/plugins; find information on data protection at Facebook here: http://www.facebook.com/policy.php.
Twitter is operated by Twitter Inc., 1355 Market St, Suite 900, San Francisco, CA 94103, USA ("Twitter"). Find an overview over Twitter's plugins and their appearance here: https://twitter.com/about/resources/buttons; find information on data protection at Twitter here: https://twitter.com/privacy
Google+ is operated by Google Inc., 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA ("Google"). Find an overview over Google's plugins and their appearance here: https://developers.google.com/+/plugins; find information on data protection at Google+ here: http://www.google.com/intl/de/+/policy/+1button.html.
Instagram is operated by Instagram LLC., 1601 Willow Road, Menlo Park, CA 94025, USA ("Instagram"). Find an overview over Instagram's plugins and their appearance here: http://blog.instagram.com/post/36222022872/introducing-instagram-badges; find information on data protection at Instagram here: https://help.instagram.com/155833707900388/
Soundcloud is operated by SoundCloud Limited, Rheinsberger Str. 76/77, 10115 Berlin, Germany ("Soundcloud"). Find information on data protection at Soundclouds here: https://soundcloud.com/pages/privacy
These Online Offers use the YouTube video platform which is operated by YouTube, LLC, 901 Cherry Ave. San Bruno, CA 94066, USA („YouTube”). YouTube is a platform which allows the playback of audio and video files.
When you access a respective site of our Online Offers that contains an embedded YouTube player, this establishes a connection to YouTube so the video or audio file can be transmitted and played back. In doing so, data is transferred to YouTube as a data processor. We are not responsible for the processing of such data by YouTube.
Additional information on the scope and purpose of collected data, on further processing and usage of data by YouTube, on your rights and the privacy options available to be chosen by you, can be found in YouTube's data protection notice.
These Online Offers use the map service Google Maps via an API. The provider is Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA.
For the use of the functions of Google Maps it is necessary to store your IP address. This information is usually transmitted to a server of Google LLC in the USA and saved there. The provider of this website does not have any influence on this transmission of data.
The use of Google Maps is in the interest of an appealing presentation of our online offers and an easy retrievability of the places listed by us on the website. This represents a predominant legitimate interest on our part within the meaning of article 6 section 1 lit. f GDPR.
Within the scope of our Online Offers you are able to sign up for newsletters. To do so, we use the so-called double opt-in procedure which means that we will only send you a newsletter via e-mail after you have explicitly confirmed the activation of the newsletter service to us by clicking the link in a notification. In case you wish to no longer receive newsletters at a later date, you can terminate the subscription at any time by withdrawing your consent. You can withdraw your consent to email newsletters by clicking the link which is sent in the respective Online Offer email, as the case may be. This occurs in the administrative settings. Alternatively, please contact us using the contact details provided in the Contact section.
We offer you the opportunity of becoming a member of one of our project communities (such as the Fast Track community). There, you can sign up, create a user profile and communicate with other members. Your data generated there is only used in the scope of the consent granted by you for the respective marketing, market research and service purposes. You can withdraw your consent at any time.
All data which is generated by you in the communities, e.g., by creating comments or pictures, are automatically publicly accessible for all community members and will be linked to your user profile.
Our Online Offers may contain links to third party internet pages – by providers who are not related to us. Upon clicking the link, we have no influence on collecting, processing and using personal data possibly transmitted by clicking the link to the third party (such as the IP address or the URL of the site on which the link is located) as the behavior of third parties is naturally outside our supervision. We do not assume responsibility for the processing of such personal data by third parties.
Our employees and the companies providing services on our behalf, are obliged to confidentiality and to compliance with the applicable data protection laws.
We take all necessary technical and organizational measures to ensure an appropriate level of security and to protect your data that are administrated by us especially from the risks of unintended or unlawful destruction, manipulation, loss, change or unauthorized disclosure or unauthorized access. Our security measures are, pursuant to technological progress, constantly being improved.
We offer you the opportunity to log in to our portal, where you can register and create a user profile. To use the portal, you will need to have a user agreement with us. You can use the portal, for example, to submit project ideas and apply for support, and to upload the documents required to do this.
In completing your registration for the portal, we use a double-opt-in process: This means that your access to the portal will only be enabled once you have expressly confirmed the activation of your account by clicking on the link in our notification.
When registering, you must first provide only your first and last name, your organization (where applicable), your email address, and a password. You will then be taken to the grant applicant profile that has been created, where you can enter further details (address). We will only collect your bank details once you have submitted an idea, the idea has been reviewed, and we have invited you to submit a formal application for funding. Additionally, when you submit an idea you may also specify a third person as a contact. In the free text fields at various points (e.g., description of your idea, application) you have the opportunity, in particular, to describe the project itself as well as the necessary financial framework.
For data protection reasons, please avoid entering any personal information related to third parties (e.g., name and contact details) in the free text fields. The only exceptions to this are contact persons for your project and authorized representatives of your organization.
Within the portal you can also receive system messages related to the progress of your project (e.g., changes in project status, confirmation of applications received). In the initial settings, the option to receive system messages is disabled. The first time you log in to the portal you will be alerted to this option and you can change these settings. You may also change the settings at any time via your user profile. System messages are sent only to you as the portal user, not to the contact person you specify for the project (if this is another person).
Please note, however, that this is not private communication! Messages are visible to all employees of Robert Bosch Stiftung GmbH as well as to your organization or its employees.
For the full functionality of the portal, the following cookies are used:
Purpose: This cookie is used to maintain the user’s session and to create a new “access token” for the user when the session expires or has already expired.
Type: HTTP cookie
Purpose: This cookie maintains session affinity in the Microsoft Cloud environment. In a load-balancing environment, the issuing of this cookie ensures that the current session will not be continued by another server.
Type: HTTP cookie
To enforce your rights, please use the details provided in the Contact section. In doing so, please ensure that an unambiguous identification of your person is possible.
Right to information and access:
You have the right to obtain confirmation from us about whether or not your personal data is being processed, and, if this is the case, access to your personal data.
Right to correction and deletion:
You have the right to obtain the rectification of inaccurate personal data concerning yourself without undue delay from us. Taking into account the purposes of the processing, you have the right to have incomplete personal data completed, including by means of providing a supplementary statement.
This does not apply to data which is necessary for billing or accounting purposes or which is subject to a statutory retention period. If access to such data is not required, however, its processing is restricted (see the following).
Restriction of processing:
You have the right to demand for – as far as statutory requirements are fulfilled – restriction of the processing of your data.
Objection to data processing:
You have the right to object to data processing by us at any time. We will no longer process the personal data unless we demonstrate compliance with legal requirements to provide provable reasons for the further processing which are beyond your interests, rights and freedoms or for the establishment, exercise or defense of legal claims.
Objection to direct marketing:
Additionally, you may object to the processing of your personal data for direct marketing purposes at any time. Please take into account that, due to organizational reasons, there might be an overlap between your objection and the usage of your data within the scope of a campaign which is already running.
Objection to data processing based on the legal basis of “justified interest”:
In addition, you have the right to object to the processing of your personal data any time, insofar as this is based on the legal basis of justified interest. We will then ter-minate the processing of your data, unless we demonstrate compelling legitimate grounds according to legal requirements for the processing, which override your rights
Withdrawal of consent:
In case you consented to the processing of your data, you have the right to object this consent with immediate effect. The legality of data processing prior to your revocation remains unchanged.
You are entitled to receive data that you have provided to us in a structured, commonly used and machine-readable format or – if technically feasible – to demand that we transfer those data to a third party.
Right of complaint with super-visory authority:
You have the right to lodge a complaint with a supervisory authority. You can appeal to the supervisory authority which is responsible for your place of residence or your state or to the supervisory authority responsible for us. This is:
Der Landesbeauftragte für den Datenschutz und die Informationsfreiheit
P.O. Box 10 29 32
Changes to the Data Protection Notice
We reserve the right to change our security and data protection measures if this is required due to technical development. In such cases, we will amend our data protection notice accordingly. Please therefore observe the current version of our data protection notice, as this is subject to change.
Status update on May 27, 2020
If you want to contact us, please find us at the address stated in the "Controller" section. To assert your rights and for sug-gestions and complaints regarding the processing of your personal data as well as for the withdrawal of your consent, we recommend that you contact our data protection commissioner:
Robert Bosch Stiftung GmbH
Data protection commissioner