Data protection notice

This data protection notice applies to the “Bosch Global” website of Robert Bosch GmbH
published at “www.bosch.com”.

1. Corporate information
2. Legal notice
3. Data protection notice (Privacy Policy)
4. U.S./Canada Privacy

We welcome you to our website and thank you for your interest in our company and our
products.

The protection of your privacy when processing personal data as well as the security of all
business data are important issues to us, which we consider in our business processes.

Important notice for U.S. and Canadian residents:

We have updated our privacy notice to provide supplemental details regarding certain rights
provided under the U.S. and Canada Data Protection Requirements.
Review updates of the U.S. and Canadian Privacy Rights/Privacy Notice

1. General information
1.1 Controller

We, Robert Bosch GmbH, are responsible for processing your personal data on this website.

Our contact details are as follows:

Robert Bosch GmbH

Robert-Bosch-Platz 1
70839 Gerlingen-Schillerhoehe
GERMANY

E-Mail: [email protected]
Telefon: +49 711 400 40990

1.2 Children

Please note that this website is not intended for children.

1.3 Categories of personal data

We process the following categories of personal data:

– communication data (e.g., name, telephone, e-mail, address, IP address);

– log files;
– location data.

1.4 Duration of storage, retention periods

We store your data for as long as is necessary to provide our website and the associated services
or for as long as we have a legitimate interest in continuing to store your data (e.g., we may still
have a legitimate interest in postal marketing even after a contract has been fulfilled). In all other
cases we delete your personal data except for such data that we are obliged to store in order to
fulfill legal obligations (e.g., we are obliged to retain documents such as contracts and invoices
for a certain period due to retention periods under tax and commercial law).

1.5 Data transfer to other controllers

In general, your personal data will only be transferred to other controllers if this is necessary for
the fulfillment of a contract, if we or the third party have a legitimate interest in the transfer, or if
you have given your consent. For details on the legal basis and the recipients or categories of
recipients, please refer to the section “2. Processing purposes and legal bases”.

Additionally, data may be transferred to other controllers if we are obliged to do so by law or by

enforceable official or court order.

1.6 Data transfer to service providers

We involve external service providers with tasks such as sales and marketing services, contract
management, payment handling, programming, data hosting, and hotline services. We have
carefully selected these service providers and monitor them regularly, in particular their careful
handling and safeguarding of the data stored with them. All service providers are obliged to
maintain confidentiality and to comply with the statutory provisions. Service providers may also
be other companies from the Bosch Group.

1.7 Transfer to recipients outside the EEA

We may transfer personal data to recipients located outside the EEA into third countries. In such
cases, we ensure before the transfer that either the data recipient provides an adequate level of
data protection or that your consent to the transfer has been obtained.

You can obtain a copy of the appropriate or suitable safeguards. Please use the information
mentioned in the “10. Contact” section for this purpose.

2. Processing purposes and legal bases

We and service providers contracted by us process your personal data for the following
processing purposes:

2.1 Provision of this website

 If you use our website solely for information purposes, that is, without registering or
otherwise sending us information, we process your personal data to provide this website
based on our legitimate interest to present us and to ensure stability and security.

 In order to optimize the loading times of our website, we use “Azure Content Delivery
Network (CDN) Services.” Providers are Microsoft Corporation, One Microsoft Way,
Redmond, WA 98052-6399, USA and Microsoft Ireland Operations Limited, One
Microsoft Place, South County Business Park, Leopardstown, Dublin 18 D18, Ireland.

The CDN helps to provide the content of our website — especially large media files such
as graphics, text, or scripts — more quickly with the help of a network of geographically
distributed servers, thereby reducing loading times.

The use of the CDN services is based on our overriding legitimate interest within the
meaning of article 6 section 1 lit. f GDPR in the efficient provision of our website.

In context of this processing, personal data is transmitted to the USA. The transmission is
based on European Standard Contractual Clauses in which Microsoft guarantees to
comply with the European data protection law for its provided services.

Further information on privacy in connection with Microsoft’s CDN service is available

here: https://azure.microsoft.com/en-us/support/legal/. Microsoft’s privacy policy can be
found here: https://privacy.microsoft.com/en-us/privacystatement.

2.2 Communication

 Contact

You can contact us via a provided contact form or by other channels, such as e-mail or
telephone. We store and use your personal data, such as name, e-mail, address, and
telephone number, to communicate with you. We process your personal data based on
our legitimate interest in customer support and to improve our products and services.

 Chatbot

We offer you the possibility of receiving advice on our products and services via chatbot.
In this case, your personal data is processed on the basis of our legitimate interest in
customer support and to improve our products and services.

During the use of the chat, we store the chat history. After the chat has ended, this data
will be deleted, unless the chat is part of a support or service request. In the latter case,
 the content of the chat will be assigned to your customer account and stored for the
purpose of fulfilling the contract.

2.3 Website optimization and reporting

We use anonymized web analytics without cookies for our website optimization and reporting
purposes.

When your web browser sends a request to our web server, we first check automatically whether
it contains personal data (e.g. IP addresses or click IDs) and anonymize the data if necessary.

We only analyze the information remaining after anonymization, which cannot be traced back to
an identifiable person.

The legal basis is our legitimate interest in continuously improving our website and in obtaining
information about the performance of our website and the effectiveness of our marketing
measures (e.g. page views, click rates, time spent on our website, download rates).

2.4 Security and protection of rights

 We may also process your personal data to investigate service disruptions and for
security reasons to comply with our legal obligations in the area of data security, as well
as on the basis of our legitimate interest in the elimination of service disruptions and the
security of our offers.
 We may process your personal data to protect and defend our rights. This purpose also
constitutes our legitimate interest.

3. Log files
Log files

Every time you use the internet, certain information is automatically transmitted by your internet
browser and stored in log files.

Log files are stored by us for the purpose of investigating service disruptions and for security
reasons (e.g., to clarify attempted attacks) for a period of 90 days. Log files whose further
storage is necessary for the purpose of evidence are exempt from deletion until the final
clarification of the respective incident and may be passed on to investigative authorities in
individual cases.

The following information is stored in the log files:

– IP address (internet protocol address) of the end device from which our website is accessed;
– Internet address of the website from which our website was accessed (origin or referrer URL);
– name of the service provider used to access the website;
– name of the files or information retrieved;
– date and time as well as duration of the retrieval;
– amount of data transferred;
– operating system and information on the Internet browser used, including installed add-ons
(e.g., for Flash Player);
– HTTP status code (e.g., “request successful” or “requested file not found”).

4. Information storage and access

4.1 Use of cookies and other technologies

In the course of providing our website, cookies and other technologies may be used that either
store information on your terminal equipment or gain access to information stored on your
terminal equipment.

Cookies are small text files that can be stored on your end device when you visit a website.

The use of our website is generally possible without cookies that are not technically necessary.

4.2 Technically necessary cookies

By technically necessary cookies, we mean cookies without which the technical provision of the
website cannot be guaranteed. This includes, for example, cookies that store data in order to
ensure the interference-free playback of video or audio content.

These cookies are deleted at the end of your visit.

4.3 Technically not necessary mechanisms

We only use technically not necessary cookies and tracking mechanisms if you have given us
your prior consent.

The only exception to this is the cookie that stores the current status of your privacy settings
(“selection cookie”).

 Integration of technically not necessary mechanisms

We use third-party tools to integrate technically not necessary cookies and mechanisms.
These tools ensure that technically not necessary cookies and mechanisms are only set
with your consent.

We use the following tool:

Name: Google Tag Manager

Provider: Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland
Function: Management of website tags via an interface, integration of program codes on
our websites
  Analysis

We use analysis tools to improve our products and services. We measure, for example,
the number of page views or your behavior on our website. This may also include the
evaluation of log files.

We use the following tool:

Name: Google Analytics

Provider: Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland
Function: Analyze user behavior (page views, number of visitors and visits, downloads),
create pseudonymous user profiles based on cross-device information of logged-in
Google users (cross-device tracking), enrich pseudonymous user data with target group-
specific information provided by Google.

Additional information:
o We use the “anonymize IP” function, which anonymizes your IP address before
writing it to disc.
o We use the paid version of Google Analytics, in which the data collected on our
website via Google Analytics is stored on own Google servers. Google may not
use this data for its own purposes or mix it with other data that Google collects
about you in other ways, such as when you are logged into your Google account
on your browser while visiting our website.

4.4 Managing cookies and tracking mechanisms

 In the browser and/or in our “Privacy settings”, you can manage your cookie and tracking
mechanism settings.
Please note: The settings you make each apply only to the browser you are using.

 Switch off all cookies

If you would like to disable all cookies, please go to your browser settings and disable the
setting of cookies. Please note that this may affect the functionality of this website.

5. Plugins
5.1 Plugins

We offer the use of plugins from various social and other networks on our website.

Plugins represent extensions of the providers of the social networks. We therefore have no
influence on the further processing of the data collected and stored via the plugins by the
providers of the respective networks.
For information on the purpose and scope of the collection, further processing and deletion of the
data by the respective provider, as well as your rights in this regard and setting options for
protecting your privacy, please refer to the privacy policy of the respective provider.

5.2 “2-click solution”

 Plugins are inactive by default.

To increase the protection of your data when visiting our website, the plugins are
integrated into the page by means of a “2-click solution”. With this 2-click solution, we
protect you from having your visit to our websites recorded by default and possibly
evaluated by providers of the respective plugin.

If you do not want the providers of the respective networks to receive data about your use
of this website and possibly store or further use it, you should not activate the respective
plugins.

 Activating the plugin

You can decide for yourself whether you want to interact with the network of the
respective provider and whether your data should be transmitted to the respective
provider or not. Only with your click on the provided button, the plugins are activated
and integrated into the page by transmitting the content of the respective plugin from the
server of the associated provider directly to your browser. Subsequently, you can perform
the desired interaction with the network with another click. If you decide to activate a
plugin, we process your data based on your consent.

 Collection of data by the providers

When a plugin is activated, your browser establishes a direct connection to the servers of
the respective provider. Through this, the respective provider receives the information
that your browser has called up the corresponding page of our website; even if you do not
have a user account with the provider or are not currently logged in to it.

If you already have a user account with a provider of a network and you are already
logged in while visiting our websites, the operator of the respective network may be able
to assign the visit to your personal user account as soon as you activate the plugins. This
may enable the provider to analyze your usage behavior and store it in a profile.

In addition, your IP address and other data about your browser settings are transmitted by
your browser directly to a server of the respective provider and may be stored there.

 Deactivating the plugin

If you no longer wish to use an activated plugin, you can also deactivate the plugin using
the button provided. Please note that data already transmitted will not be affected by this.
5.3 YouTube

This website uses videos from the video platform YouTube. YouTube is a platform that enables
the playback of video files. It is operated by Google Ireland Limited, Gordon House, Barrow
Street, Dublin 4, Ireland and its parent company: Google LLC, 1600 Amphitheatre Parkway,
Mountain View, CA 94043, USA.

To increase the protection of your data when visiting our website, the YouTube content is
integrated into the page in “privacy enhanced mode.”

This way, a connection to YouTube, including a transmission of log data to YouTube, is only
established when you perform an interaction with the player.

When you interact with the active YouTube player, data is also transmitted to YouTube as
controller and contact is made with the Google DoubleClick advertising network, which may
trigger further data processing operations over which we have no control.

For more information, please see YouTube’s privacy policy.

5.4 Google Maps

This website uses map services from Google Maps. Google Maps is operated by Google Ireland
Limited, Gordon House, Barrow Street, Dublin 4, Ireland and its parent company: Google LLC,
1600 Amphitheatre Parkway, Mountain View, CA 94043, USA.

When you interact with Google Maps, data is also transmitted to Google as controller and
contact is made with the Google DoubleClick advertising network, which may trigger further
data processing operations over which we have no control.

For more information, please see Google’s privacy policy.

6. Obligation to provide personal data

Obligation to provide personal data

You must provide those personal data that are required for the establishment and implementation
of a business relationship and for the fulfillment of the associated contractual obligations or for
the processing of which we are legally obligated.

We mark such personal data in the respective forms or functions with an “*”.

Please note that without the provision of such personal data, we will not be able to enter into or
perform a contract with you. In this case, certain services (see “2. Processing purposes and legal
basis”) cannot be used.
7. External links
External links

Our websites may contain links to internet pages of third parties, in particular providers who are
not related to us. Upon clicking on the link, we have no influence on the collecting, processing,
and use of personal data possibly transmitted by clicking on the link to the third party (such as
the IP address or the URL of the site on which the link is located) as the conduct of third parties
is beyond our control. We do not assume responsibility for the processing of personal data by
third parties.

8. Data subject rights

8.1 Assertion of your rights

Please use the information in the “10. Contact” section to assert your rights. When doing so,
please ensure that we can clearly identify you.

You have the right to request access to the personal data concerning you, as well as the right to
rectification, the right to erasure, the right to restriction of processing, and the right to data
portability. Insofar as you have given us consent to process your personal data, you may revoke
this consent at any time with future effect.

8.2 Objection to direct marketing

You can object to the processing of your personal data for advertising purposes (“advertising
objection”) at any time. Please note that, for organizational reasons, there may be an overlap
between your objection and the use of your data in the context of an already ongoing campaign.

8.3 Objection to data processing based on “legitimate interest”

If the processing of your personal data is based on “legitimate interest”, you also have the right
to object to the processing of your personal data at any time on grounds relating to your
particular situation. The reasons shall be stated.

We will then terminate processing your data unless we can prove — in accordance with the legal
requirements — compelling legitimate grounds for the processing which override your rights.

9. Right to lodge complaint with supervisory authority

Right to lodge complaint with supervisory authority

You have the right to lodge a complaint with a supervisory authority.

10. Contact
Contact

If you wish to contact us, please find us at the address stated in the “1.1 Controller” section.

To assert your rights and to notify data protection incidents please use the following link:
https://request.privacy-bosch.com/

For suggestions and complaints regarding the processing of your personal data we recommend
that you contact our data protection officer:

Data Protection Officer

Information Security and Privacy (C/ISP)
Robert Bosch GmbH
Postfach 30 02 20
70442 Stuttgart
GERMANY

or

e-mail to: [email protected]

11. Changes to the Data protection notice

Changes to the “Data protection notice”

We reserve the right to change our security and data protection measures. In such cases, we will
amend our data protection notice accordingly. Therefore, please note the current version of our
data protection notice, as it is subject to change.

Published: 14.07.2025