Data Protection Policy

Thank you very much for taking interest in the SCHOTT world of innovations. Data protection is very important to us, which is why we take the protection of your personal data seriously and want you to feel secure when you visit our website.

During your visit to our website, personal data may be partially collected. This processing is always in accordance with the EU General Data Protection Regulation (“GDPR”) and in accordance with the country-specific data protection provisions applicable to SCHOTT.

By means of this Data Protection Policy, we would like to inform you about what information we collect during your visit to our website and how it is used.

I. Who works with your personal data?

The SCHOTT AG is the controller of your personal data.

SCHOTT AG
Hattenbergstrasse 10
55122 Mainz
Germany

E-Mail: info@schott.com
Website: www.schott.com

Board of the SCHOTT AG:
Dr. Frank Heinricht (Chairman)
Hermann Ditz
Dr. Heinz Kaiser
Dr. Jens Schulte

Our company has its own branches in individual countries; these companies can process your personal data in the role of processor or joint controller in accordance with this document. Our external partners may also process your personal data, but only based on a data protection agreement guaranteeing the protection of your privacy.

II. Name and address of the data protection officer

Our data protection officer is available to answer your questions about the processing of your personal information conducted by us.

Christoph Dahl
Hattenbergstrasse 10
55122 Mainz
Germany

E-Mail: info.datenschutz@schott.com

III. Provision of the website and creation of log files

1. Description and scope of data processing

The access data of a user accessing a page from the SCHOTT online content will be stored in a log file on our server.

Each record consists of:

The page from which the file was requested
The name of the file
The date and time of the request
Access status (file transfer, file not found etc.)
A description of the type of web browser used
The IP address of the client

Your data will also be stored in the log files of our system. There is no storage of your data together with other personal data.

2. Legal basis and purpose of data processing

Legal basis for the temporary storage of data and log files is Art. 6 para. 1 lit. f GDPR.

The temporary storage of the IP address by the system is necessary to enable delivery of the website to your computer. To do this, your IP address must remain stored for the duration of the session.

We store log files to ensure the functionality of the website. In addition, your data will help us to optimize our website and to ensure the security of our information technology systems. An evaluation of your data for marketing purposes does not take place in this context.

These purposes are basis for our legitimate interest in the processing of data in accordance with Art. 6 para. 1 lit. f GDPR.

3. Duration of storage

We will delete your data as soon as it is no longer required. This is the case when your session is over. For data stored in log files, your data will be deleted at the latest after 90 days. An additional storage is possible. In this case, your IP addresses will be deleted or alienated so that it can no longer be assigned to a specific individual.

4. Objection to processing and erasure

The collection of your data for the provision of our website and the storage of your data in log files is essential for the operation of our website. Consequently, there is no possibility to object to this data use or to demand erasure of data files.

IV. Registration via SCHOTT ID

1. Description and scope of data processing

With the SCHOTT ID, customers, partners and suppliers can use all our digital services via a single access point. In order to use this service, you must open a personalized account. In the following, we describe the necessary use of your personal data.

As part of SCHOTT ID, we process the following categories of data:

Contact details (e.g. name, e-mail address, company affiliation)
Date of first activation to prove account registration
Date of the last login in each case, in order to be able to delete inactive users and comply with our deletion obligations.

The recipients for the temporary storage of your personal data may be the following:

Administrators of the SCHOTT ID
Customer advisors of the divisions at SCHOTT whose services you use with the help of your SCHOTT ID account
Service providers we engage to operate SCHOTT ID and to send information to you

We validate your registration for SCHOTT ID to ensure the integrity of our systems. To do this, we match your registration data with customer data already stored in our Customer Relationship Management Tool (CRM) or validate your registration request through a double opt-in process.

Following registration, we will store your personal data in the CRM in order to be able to establish a systematic overview of all relationships and interactions of SCHOTT with existing and potential customers. We store your personal data confidentially and use it exclusively to ensure access to the portal and to stay in contact with you and send you information on products from the specialty glass and glass-ceramics sector.

2. Legal basis and purpose of data processing

When processing personal data that is required for registration, Art. 6 para. 1 lit. b GDPR serves as the legal basis.

When processing personal data that is required for the general contact request, Art. 6 para. 1 lit. f GDPR serves as the legal basis.

3. Duration of storage

We have developed a deletion concept to remove personal data systematically from our systems. Your personal data is deleted automatically as soon as no interaction or no change to the data records has taken place for 6 years. The deletion check runs recurrently every year.

In the event of a refusal to register with SCHOTT ID, we will delete all personal data stored as part of the registration process immediately.

V. Access list

1. Description and scope of data processing

When you log on to the SCHOTT world of innovations with your user credentials, we will note down information about your access to the pages, including the date, duration and frequency of your visits.

2. Legal basis and purpose of data processing

Legal basis for the temporary storage of data and log files is Art. 6 para. 1 lit. f GDPR.

As with a regular trade show, we would like to know who attended our exhibitions, whether they were of interest and attracted follow-up visits. This also helps us to tailor our interactions with you to your needs and interest.

These purposes are basis for our legitimate interest in the processing of data in accordance with Art. 6 para. 1 lit. f GDPR.

3. Duration of storage

In order to get an overview of the visits over an extended period, we keep the correspondent data for 365 days.

VI. Use of cookies

1. Description and scope of data processing

The SCHOTT websites use cookies. Cookies are text files that are filed and stored on a computer system via an Internet browser. Each cookie contains a characteristic string that can uniquely identify the browser to when the website is reopened.

Here, you can narrow your preferences to specific cookie categories. You can change your cookie settings at any time:

2. Legal basis and purpose of data processing

The legal basis for the processing of personal data using necessary cookies is Art. 6 para. 1 lit. f GDPR. For website analytics and marketing cookies, the legal basis is your consent (Art. 6 para. 1 lit. a GDPR).

By using cookies, SCHOTT provides you, as a user of this website, with more user-friendly services that would not be possible without cookies and make it easier for you to use websites. This purpose is the basis for our legitimate interest in the processing of your data in accordance with Art. 6 para. 1 lit. f GDPR.

The use of the analysis cookies is for improving the quality of our website and its contents. Through the analysis cookies, we learn how the website is used and so we can constantly optimize our offer.

3. Duration of storage

Cookies are stored on your computer. Therefore, you have full control over the use of those cookies.

The validity of the session cookies is limited to the duration of your visit to our portal. They vanish automatically when you exit the browser.

Persistent cookies are stored on your device for a certain period, but no longer than 10 years. Unlike session cookies, they thus remain on your device and are not deleted automatically when the browser is closed.

4. Objection to processing and erasure

You can always manage the setting of cookies through the cookie preference box our website. The collection of the data for the provision of the website and the storage of the data in session cookies is essential for the operation of the website. Consequently, there is no possibility to object to this data use or to demand erasure of data files.

You can also use the settings of your Internet browser to prevent storage of cookies or delete them.
Please note that if you block session cookies, this might prevent some pages from displaying correctly.

VII. Website analytics

If not noted otherwise, the provider of the services listed below is Google Inc., 1600 Amphitheater Parkway, Mountain View, CA 94043, United States ("Google").

1. Google Analytics

For this website, we use Google Analytics, a web analytics service provided by Google for statistics tracking.

Google analyzes your use of this website on our behalf. For this, we use cookies as described above. The information generated by the cookie about your use of our website is usually transmitted to a Google server in the USA and stored there.

However, we use the function "_anonymizeIp ()", thus IP addresses within member states of the European Union or other contracting states of the Agreement on the European Economic Area are shortened beforehand in order to exclude a direct personal connection. Only in exceptional cases, our website sent the full IP address to a Google server in the US to be shortened there. The IP address provided by Google Analytics as part of Google Analytics will not be merged with other Google data.

You can find the Terms of Use and Privacy Policy at

https://www.google.com/analytics/terms/gb.html

or at

https://www.google.com/intl/en/policies/

2. Google Analytics Audiences

On this website, we use the service "Google Analytics Audiences". The purpose of this service is the interest-based display of advertisements for users. This requires an analysis of website usage using cookies. The cookies store anonymized or pseudonymized data relating to the use of the website. Personal data is not stored. If you visit other websites that also use these services, you will be presented with advertisements that correspond to your previous interests. It cannot be ruled out that your data will be transmitted to the USA.

You can find further information at https://www.google.com/policies/technologies/ads.

3. Google Tag Manager

For transparency reasons, we would like to point out that we use the Google Tag Manager on this website. The Google Tag Manager itself does not collect any personal data. It makes it easier for us to integrate and manage our tags.

Tags are small pieces of code used, among other things, to measure traffic and visitor behavior, capture the impact of online advertising and social channels, set up remarketing and targeting, and test and optimize websites.

We use the Tag Manager for the Google services Google Analytics and GA Audience. If you have made a deactivation, the Google Tag Manager will recognize this deactivation. For more information about the Google Tag Manager, please see: https://www.google.com/analytics/tag-manager/use-policy/

4. Purpose of data processing

The information collected by Google about your use of this website (e.g. the referring URL, pages visited, your used web browser, your language setting, your operating system used or your screen resolution) are transmitted to a Google server in the USA, stored there, analyzed and the result made available to us in anonymous form. In addition, portions of this page use the Google Analytics demographics reports, which use Google's interest-based advertising data and third-party visitor data (such as age, gender, and interests).

VIII. Marketing

Subject to your permission, certain Marketing cookies may record your visits to the website as well as anonymous data on the use of the website and transfer them to the following remarketing services:

1. Used services

a) Google Ads Remarketing

We use the remarketing function within the Google Ads service. With the remarketing function, we can present users of our website on other websites within the Google advertising network (in Google search, on YouTube, or on other websites) ads based on their interests.

For this purpose, the interaction of users on our website is analyzed, e.g. which offers the user is interested in in order to be able to display targeted advertising to users on other pages even after they have visited our website. In order to do this, Google stores a number in the browsers of users who visit certain Google services or websites in the Google display network. This number, known as a "cookie," is used to track the visits of these users. This number is used to uniquely identify a web browser on a particular device and not to identify a person; personal data is not stored.

b) Google Ads Conversion

We use the services of Google Ads Conversion to draw attention to our offers with the help of advertising media (so-called Google Ads) on external websites. In relation to the data of the advertising campaigns, we can determine how successful the individual advertising measures are. In doing so, we pursue the interest of displaying only such advertising to you that you are interested in and of achieving a fair calculation of advertising costs.

Google delivers these advertising media via so-called „Ad Servers“. The ad server cookies determine certain parameters for measuring success, such as the display of ads or clicks by users. If you access our website via a Google advertisement, Google Ads stores a cookie on your computer. These cookies usually lose their validity after 30 days and are not intended to identify you personally. For this cookie, the unique cookie ID, number of ad impressions per placement (frequency), last impression (relevant for post-view conversions) and opt-out information (marking that the user no longer wishes to be addressed) are usually stored as analysis values.

These cookies enable Google to recognize your Internet browser. If a user visits certain pages on an ad customer's website and the cookie stored on their computer has not expired, Google and the customer may recognize that the user clicked on the ad and was directed to that page. Each ads customer is assigned a different cookie. Cookies cannot therefore be tracked through the websites of ads customers. We ourselves do not collect or process any personal data in the aforementioned advertising measures. We only receive statistical evaluations from Google. These evaluations enable us to identify which of the advertising measures used are particularly effective. We do not receive any further data from the use of the advertising media; in particular, we cannot identify users based on this information.

Due to the marketing tools used, your browser automatically establishes a direct connection with the Google server. We have no influence on the extent and further use of the data collected by Google with this tool and therefore inform you according to our state of knowledge: By integrating Ads Conversion, Google receives the information that you have called the relevant part of our website or clicked on an advertisement from us. If you are registered with a Google service, Google can assign the visit to your account. Even if you are not registered with Google or have not logged in, it is possible for the provider to find out and store your IP address.

c) Google Campaign Manager

This website also uses the online marketing tool Campaign Manager from Google. Campaign Manager uses cookies to serve ads relevant to users, to improve campaign performance reports, or to prevent a user from seeing the same ads more than once.

Google uses a cookie ID to track, which ads appear in which browser, thereby preventing them from appearing more than once. In addition, Campaign Manager can use cookie IDs to collect conversions related to ad requests. This is the case, for example, when a user sees a Campaign Manager ad and later visits the advertiser's website with the same browser and buys something there. According to Google, Campaign Manager cookies do not contain any personal data.

Because of the marketing tools used, your browser automatically connects directly to Google's server. We have no influence on the extent and further use of the data collected by Google using this tool and therefore inform you according to our state of knowledge: Through the integration of Campaign Manager, Google receives the information that you have called the relevant part of our website or clicked on an advertisement from us. If you are registered with a Google service, Google can assign the visit to your account. Even if you are not registered with Google or have not logged in, it is possible for the provider to find out and store your IP address.

In addition, the Campaign Manager (DoubleClick Floodlight) cookies used enable us to understand whether you are performing any actions on our website after you have accessed or clicked on one of our display/video ads on Google or another platform via Campaign Manager (conversion tracking). Campaign Manager uses this cookie to understand the content that you have interacted with on our websites in order to send you targeted advertisements later.

For more information about Campaign Manager, please visit https://www.google.de/doubleclick and Google's privacy policy in general at https://www.google.de/intl/de/policies/privacy. Alternatively, you can visit the Network Advertising Initiative (NAI) website at http://www.networkadvertising.org.

d) BingAds

We also use the service "BingAds" on this website. BingAds is a conversion and tracking service of Microsoft Corporation, One Microsoft Way, Redmond, WA 98052-6399, USA (“Microsoft”).

Microsoft sets cookies on users' devices to analyze user behavior on our website. This assumes that the user has reached our website through a BingAds ad. This only gives us information about the total number of users who clicked on such an ad. No IP addresses are stored and no personal information about the identity of our users is shared.

e) LinkedIn Insight

We use the retargeting tool as well as the conversion tracking of LinkedIn Ireland, Wilton Plaza, Wilton Place, Dublin 2, Ireland ("LinkedIn"). For this purpose, our website incorporates the LinkedIn Insight Tag, which enables LinkedIn to collect statistical, pseudonymous information about your visit and use of our website and to provide us with aggregated statistics based on this information. The following information is collected:

LinkedIn User ID (Cookie ID)
IP address
Metadata of the website visit, e.g. browser type, website visited

In addition, this information is used to provide you with offers and recommendations that are specific to your interests and relevant, after you have informed yourself about certain services, information and offers on the website. This information is stored in a cookie.

2. Purpose of data processing

With this feature, we can target you more effectively and more effectively by displaying personalized, interest-based ads from SCHOTT while visiting other sites.

IX. Contact form

1. Description and scope of data processing

Our website includes the possibility to contact SCHOTT via mail. If you use this function, the contact data entered in the input mask will be transmitted to us and will be saved. In addition, we may collect further data, depending on the nature of the contact. At the time of sending the message, the following data is also stored:

The IP address of the user
Date and time of registration

In this context, we do not pass any data to third parties. The data is used exclusively for processing the conversation.

2. Legal basis and purpose of data processing

Legal basis for the processing of the data is your consent according to Art. 6 para. 1 lit. a GDPR.
The legal basis for the processing of the data transmitted in the course of sending an e-mail is Art. 6 para. 1 lit. f GDPR. If the e-mail contact aims to conclude a contract, then additional legal basis for the processing is Art. 6 para. 1 lit. b GDPR.

We only process your personal data from the input mask to process the contact. In the case of contact via e-mail, this also includes the required legitimate interest in the processing of the data.
The other personal data processed during the sending process serve to prevent misuse of the contact form and to ensure the security of our information technology systems.

3. Duration of storage

We delete your data as soon as it is no longer necessary for the purpose originally collected. Regarding your personal data from the contact form and those sent by e-mail, this is the case when the respective conversation with you is over. The conversation has ended when it can be inferred from the circumstances that the relevant facts have been finally clarified.

The additional personal data collected during the sending process will be deleted after a period of 90 days at the latest.

4. Objection to processing and erasure

Of course, you always have the opportunity to revoke your consent to the processing of personal data. If you contact us by email, you may object to the storage of your personal data at any time. In such a case, the conversation cannot continue.

X. Your rights regarding the protection of your personal data

In addition to the rights mentioned above, here is a list of general rights you enjoy under the GDPR.

1. Right to information

You always have it in your own hands which of your personal data you provide to us. Of course, beyond that, you may also make use of your right under Art. 15 GDPR and by written request with proof of your identity by SCHOTT demand confirmation as to whether and which personal data concerning you are processed by us.

2. Right to rectification

You have a right to rectification and / or completion to SCHOTT, if your personal data processed is incorrect or incomplete. We have to correct this immediately.

3. Right to restriction of processing

Likewise, under the conditions of Art. 18 GDPR you have the right to demand a restriction of the processing of your personal data.

4. Right to complain to a supervisory authority

Without prejudice to any other administrative or judicial remedy, you shall have the right to complain to a supervisory authority, in particular in the Member State of its residence, place of work or place of alleged infringement, if you believe that the processing of the personal data concerning you violates the GDPR.