In short: You will find our contact details in the imprint.

We, BSH Huishoudapparaten B.V., Taurusavenue 36, 2132 LS in Hoofddorp, are the operator of this website. In case you wish to contact us, you can use the details as stated under “Contact us”.

When you contact us, we will use and process the information provided by you in order to answer your question and any questions that may follow. We are allowed to use information in this context based on article 6(1)(b) of the General Data Protection Regulation (‘GDPR’).

In short: To protect your data, our partners and we use the latest technical protection measures.

We take the protection of your data very seriously. Therefore, your data is processed with great care and in strict compliance with applicable data protection laws. Technical and organisational security measures protect all our websites against the risks associated with the processing of personal data. Our partners who support us in providing this website must also comply with these requirements.

What we log by default

You can use all non-access protected parts of our website without disclosing your identity. By default, we log every use of our website to prevent attacks, to troubleshoot and to resolve security incidents. More about log data and the scope of processing can be found in the paragraph "Data processing when using the website and the services offered there”.

In short: We only process your data if we have permission to do so.

We respect your privacy. Therefore, we only process your data if we have permission to do so; you will find a summary of the permissions on which we base the data processing at the end of this Privacy Policy. Of course, you can permit us to process your data by provding your consent to the corresponding processing of your data on our website. In other cases, we process your data based on a legal permission. For example, if you place an order on our website, we may process your data to fulfil the contract. The same applies if you use other services on our website that require us to process your data. We may also process your data if we have a legitimate interest in doing so. An example of this is the log data that we collect to enable, among other things, the trouble-free operation of our website (including the provision of the website). In any case, we will inform you about any corresponding processing of your data, and, of course, your interests will always be taken into account in any processing. Should you ever have any questions about your personal data, you can find your rights concerning the processing of your data in the lower part of this Privacy Policy.

In the next paragraph, we will inform you about which consent we use per instance . There you will also find more details about the nature, scope, and purposes of the data collection, processing, and use of your data on our website.

What else you should know: Users under the age of 16 should only submit personal data to us with the consent of their parents or legal guardians. A different age limit may result from the applicable data protection laws.

Our website may contain links to websites that we do not operate. We have no influence on the processing of your data and compliance with data protection regulations on other websites. Please note the information on data protection provided there.

In short: In this paragraph, we describe what data we process when you use the website and the services offered, and for what purposes this data is used.

Presentation of the website, log data

In short: The data mentioned here are necessary to provide the website and the services offered and to enable safe use.

In order to be able to display the website on your Internet browser, we use various technical devices to ensure that all content (text, image, video, etc.) is up-to-date. To improve your user experience, in particular the loading speed of the website, we also use technical service providers. They enable us to provide the content required for the presentation of the website (so-called "Content Delivery Networks" or CDN for short). These technical CDN service providers act on our behalf and are bound to our instructions, by corresponding agreements. This way, the data collected is only used to display the website’s content on your Internet browser and is deleted immediately after intermediate storage as part of the delivery process.

Whenever you open a website, your Internet browser automatically transmits information to our web server for technical reasons (so-called log data).

We store some of this information in log files, such as:

• Date of access

• Time of access

• URL of the website

• Version of the used HTTP protocol

• Retrieved file

• Amount of data transferred

• Internet browser type and version

• Type of operating system

• IP address (anonymised)

The above log data does not contain any personal data. We only evaluate log data on an ad hoc basis, mainly to rectify faults in the operation of our website or to clarify security incidents. We store this log data for an unlimited time.

However, for troubleshooting purposes or to preserve evidence in the event of security incidents, it may be necessary for us to additionally collect the unabbreviated IP address of the end device along with the log data. We delete this data as soon as the fault has been rectified or the security incident has been conclusively clarified, or the purpose of processing has ceased for other reasons. As permissible and necessary, we pass on log data to investigating authorities in individual cases of security incidents.

We store the aforementioned log data separately from other data collected whilst using our website.

In short: Registered users can make use of additional services and offers.

You can register on our website to be able to use various services. As part of such registration, we collect and process the following information:

Required information:

• Salutation

• First and last name

• Complete address

• Mobile phone number

• E-mail address

• Date of birth

Voluntary information:

• Granting of consent to receive advertising and possibility of revocation

• Password

We store the data of registered users until the user account is deleted. A registered user can delete their account at any time via the user account settings. In the user account, it is also possible at any time to change or delete specific data provided during registration.

Comfort registration (social sign-on option)

The following, regarding "comfort registration" applies from the time we have implemented this feature.

You can also use various convenience login mechanisms (e.g. various social sign-on options). This is available for multiple social networks. To register, you will be redirected to the relevant service or social network website, where you can log in with your access data. This links your user account of the applicable service or social network with the user account on our website. We automatically receive the data required for registration from your service/social network during the linking process. You can find out which data is transmitted to us by your social network from the data protection information and terms of use of the relevant social network. Of this data, we only store and process your name and e-mail address to provide our services.

By linking the two user accounts, you will no longer need to additionally log in to our website in the future if you have already logged in to your service/social network. For this purpose, a corresponding cookie is used in the Internet browser, that will be read when the page is called up again.

We use the data stored as part of the convenience login exclusively to provide the service of our website, in particular the social log-in on our website. We store the data of registered users until the user account is deleted. A registered user can delete his account at any time via the user account settings. In the user account, it is also possible to change or delete specific data provided during registration at any time.

In short: Even when concluding a contract with us, your data is secured by using state-of-the-art encryption procedures.

You can make use of paid services on our website (e.g. deposit payment). These services are only available to registered users.

To order the service, we collect and process the following order data:

Required information:

• Product type

• Product number

• Salutation

• First and last name

• Full address

• Telephone number

• E-mail address

• Subscription period

• Display washer/dryer spacer required (if dryer subscription is ordered)

• Billing information (depending on the payment method we approve and the user chooses) for both deposit and monthly debits

• Acceptance of the general terms and conditions

• Agreement to monthly automatic debits

Voluntary information:

• Information for the logistics provider

• Discount code

• Agreement to receive advertising

To ensure the security of your data during transmission, we use state-of-the-art encryption methods (e.g. SSL) via HTTPS.

In the context of the order, we use your data exclusively for processing the order and displaying the order history. We store order data at least until the expiry of the statutory retention periods. We store data provided during registration until the user account is deleted.

In short: If you contact us with a request, we will only use your data to process your request.

In case you contact us without having a specific contractual relationship (e.g. for an order) or registration, then we provide various, also purely technical, contact options via our websites, including the possibility of contacting us via (automated) chat.

To process your specific request when contacting us in this way, we may ask you to provide personal data. This includes, for example, your name and your e-mail address and further information such as the subject of your request. Optionally, you can provide your address and/or telephone number. We collect the information requested in this way to respond to your request comprehensively.

The personal data provided to us in this way is used exclusively for the purpose when contacting us - particularly the processing of your request. The data will not be used for other purposes or passed on to third parties without your express consent. Exceptions to this are - insofar as it is necessary to fulfil your inquiry - the persons and companies involved in the execution of the communication and the response to the inquiry (e.g. a local service company). Provided that there are no legal obligations to retain data, your personal data is deleted after processing the request.

In the context of automated chat, we use FreshChat, a service of FreshWorks Inc, 2950 S. Delaware Street, Suite 201, San Mateo CA 94403. The data processing by FreshWorks is carried out on our behalf; FreshWorks is bound as a provider by a corresponding data protection agreement.

For more information about FreshWorks' data processing, please visit: https://www.freshworks.com/privacy/.

In short: You can make a repair appointment with us via the website; the technology we use makes it easier to enter the address.

You can make a repair appointment with a service technician on our website or by phone. To do this, we usually require information about your household appliance, a description of the problem, as well as your address and other contact details. Which data we explicitly collect follows from the booking process. Please also note the obligation to pay costs before booking a repair appointment on the subpage for making the appointment.

As part of the booking process, we verify the correct spelling of your address via the Google Maps database to exclude any incorrect entries or confusion. Transmission of personal data does not occur. We store your data as long as we need them for the execution of the contract and until the expiry of legal retention periods.

Google Maps is a service of Google LLC (previously Google Inc.), 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA ("Google"). Details on the processing of personal data through Google Maps can be found at the following link: https://policies.google.com/privacy?hl=en-GB&gl=de.

In short: We protect your e-mail address from misuse by third parties by using the double-opt-in procedure.

It is possible to subscribe to a newsletter via our website. To check the email address used for the registration to the newsletter, we use the "double opt-in procedure". The newsletter subscription is only successful if the e-mail address owner expressly confirms the activation of the newsletter by clicking on the link from the confirmation e-mail. As proof, we log the implementation of the individual stages of the double opt-in process.

As part of our newsletter campaigns, we use analysis tools for the needs-based design of our newsletter for advertising purposes and market research. For this purpose, we collect and process data about your use of our e-mail newsletter. When you open an e-mail newsletter from us, a file contained in the e-mail (so-called “web beacon”) connects to our servers. This enables us to determine whether an e-mail newsletter has been opened and, if so, which content has been clicked on. In addition, we collect technical information about your device with which the contents of the e-mail newsletter are retrieved (e.g. time of retrieval, browser type and operating system). We use this data exclusively for statistical analysis of our newsletter campaigns.

In case you register to receive our newsletter and thus consent to the sending and analysis of your user behaviour, then your data will be used exclusively to implement and analyse the newsletter campaigns. You can revoke this consent at any time. You will find an opt-out link in every newsletter. We will record your unsubscription from the newsletter in our database.

Customer Reviews

If you submit a customer review, we use the review service Trustpilot. We use an interface to the independent rating portal Trustpilot, which is operated by Trustpilot A/S, Pilestræde 58, 5, 1112 Copenhagen, Denmark (“Trustpilot”). We can’t control or influence review invitations individually. This is the only way to ensure a complete, independent and uninfluenceable customer review for our company and our services. The data submitted to the business app for this purpose (surname, first name, e-mail address and reference number) are transferred to our business app by Trustpilot. They are neither used by Trustpilot itself nor passed on to third parties. A review of our company can be made on the page https://uk.trustpilot.com/.

You, as a customer, are free to submit a review. The creation/opening of a user profile on Trustpilot is required to submit a review or to record customer feedback. In addition to a review for the inviting company, reviews can also be entered for any company on the Trustpilot review portal. However, in the case of a review without prior invitation, an apparent reference for a contractual relationship with the rated company is then required.

Further information on this can be obtained from Trustpilot. In case a review is submitted by clicking on the link contained in the invitation, then a user profile is automatically created on Trustpilot after the personal data is entered; this is usually a name and e-mail address for verification purposes. This is accompanied by a consent to the privacy policy and general terms and conditions of Trustpilot. These can be viewed on the Trustpilot website at: https://de.legal.trustpilot.com/end-user-privacy-terms . If you participate in this feedback system, your review will be published on our website and the Trustpilot website. Further details can be found in the privacy policy and terms and conditions of Trustpilot.

Participation in promotional contests

If you participate in one of our competitions, the information you provide will be stored and used to conduct and follow up this competition. The data we collect for this purpose can be found in the registration form for the respective competition. Your data will be deleted as soon as it is no longer required for the implementation of the competition and the follow-up.

Participation in surveys/reviews

We conduct surveys on our website. As a rule, these surveys are conducted anonymously. If we collect your data for a survey, the information you provide will be stored and used to conduct and follow up on the survey. The data we collect for this purpose is specified in the survey itself. Your data will be deleted as soon as it is no longer required for conducting the survey and follow-up.

In some cases, you can also create reviews for products on our website. The data we collect for this purpose is specified in the form provided. Special provisions then apply for this, which will be made known to you separately as part of the submission of the review. We use a service provider for the administration of the reviews.

For conducting surveys on our website, we use the offer of Qualtrics Enterprises Inc, SM BPO Building, Taytay Diversion Rd, Dolores, Taytay, 1920 Rizal, Philippines (“Qualtrics”). When you voluntarily participate in this survey, Qualtrics collects information about the device and application you use to participate in the survey.

This includes your IP address, operating system version, device type, system and performance information and browser type. If you participate in the survey through a mobile device, Qualtrics also collects the UUID of the device. Qualtrics also uses so-called third-party tracking services, which in turn use cookies and page tags (also known as web beacons) to collect usage data and user statistics.

We have no control over the amount of data collected by Qualtrics. Please see the following link for more information on the cookies used by Qualtrics, data protection, and storage duration: https://www.qualtrics.com/de/support/research-core/erste-schritte/qualtrics-und-die-einhaltung-der-datenschutzrichtlinie-dsgvo/.

You can prevent the installation of cookies by deleting existing cookies and deactivating the storage of cookies in your web browser settings (see also the paragraph on cookies).

In short: Also as a participant in one of our attractive events, your data is in good hands with us.

When you register for an event, the information you provide will be stored and used by us to run the event and follow it up. The data we collect for this purpose can be found in the registration form of the respective event page. Your data will be deleted as soon as it is no longer required for the implementation of the event and the follow-up.

Some events require the direct payment of the participation fee or are fully or partially supervised and carried out by our partners. In such cases, you may be redirected to the respective partner’s website. In this case, the relevant data (last name, first name, postal address, number of participants, means of payment) – if already provided by you – may be transmitted to our partner(s) to carry out the event/payment process.

In short: Information on data protection when you use one of our social media pages.

Protecting your privacy when processing personal data is important to us. We process personal data transmitted to us that is collected when you visit our respective social media page (e.g. Facebook Fanpage, Instagram/Pinterest Page) confidentially and only following the statutory provisions.

The respective operator of the social media page (see examples below) is jointly responsible for processing your data via our social media page. Insofar as the processing of this data takes place within our area of responsibility, we are available to answer any questions you may have regarding data protection and to exercise your rights following the information in this Privacy Policy.

Data processing by the social media service

The social media service processes your personal data as soon as you use our respective social media site. The processing is linked to the following usage processes, for example:

• Calling up a page, a post or a video from a page

• Subscribing or unsubscribing to a page

• Marking a page or a post with “like” or “no longer like” or similar functions

• Recommending a page in a post or comment

• Commenting on, share or respond to a page post (including how to respond)

• Hiding a page post or report it as spam

• Clicking on a link leading to the page from another page on the social media provider or from a website outside the social media provider

• Hovering over the name or profile picture of a page to preview page content

• Using features of the social media provider, such as the website button, phone number button, “plan route” button, or any other button on a page

• Determination if the login is done via a computer or a mobile device

Which personal data is collected by the social media provider, how it is processed and what data protection rights you have in relation to the social media provider, can be read in detail in the social media provider’s privacy policy listed below. ’We have no influence on the data processing by the social media provider that follows the collection.

Data processing by us

In the case of the website provided by us via the social media provider, the social media provider grants us access to the following categories of data:

• The social media provider grants us access to statistical analyses that provide information about the use of our social media website. The analyses visible to us do not allow us to analyse the usage behaviour of individual persons. We can only view aggregated data (including the number of hits, likes, followers, region of origin, age group, gender) that provide information about our audience and the use of our social media website. The data of the respective user underlying the analyses is not transmitted to us.

• We can set the target group to be reached for the social media website or individual published posts. The setting is made based on general parameters (e.g. age group, language, region, interests), used to target our content to specific groups. Based on the data provided to us by the social media provider, we cannot address or identify individual persons.

• If you contact us directly via the social media provider or interact with us in any other way and thereby deliberately transmit personal data (e.g. direct networking with our social media website), we store and process this personal data for the purposes for which you transmitted it to us.

• We process this data solely to publicise content on our social media website in a manner appropriate to the target group and to understand better and optimise the use of our social media website.

Beyond this, we cannot influence the data processing by the social media provider (which is upstream in this respect to provide this data). Which personal data is collected by the respective social media provider in detail, how it is processed and which data protection rights you have vis-à-vis the respective social media provider can be found in the following privacy policies of the respective social media providers:

• Facebook Inc, 1601 S California Ave, Palo Alto, California 94304, USA; http://www.facebook.com/policy.php.

• Twitter, Inc, 1355 Market St, Suite 900, San Francisco, California 94103, USA; https://twitter.com/privacy.

• Instagram, provided by Facebook Ireland Limited, 4 Grand Canal Square, Dublin 2, Ireland; https://help.instagram.com/519522125107875.

• Pinterest Europe Ltd, Palmerston House, 2nd Floor, Fenian Street, Dublin 2, Ireland; https://policy.pinterest.com/en/privacy-policy.

• Snapchat for countries in the European Union (EU), European Economic Area (EEA) and Switzerland: SNAP GROUP LIMITED 7-11 Lexington Street, London, United Kingdom, W1F 9AF and for all other countries: SNAP Inc, 2772 Donald Douglas, Loop North Santa Monica, CA 90405 United States, USA https://www.snap.com/nl-NL/privacy/privacy-policy.

Cookies

In short: Our website uses cookies; here, we explain which types of cookies we use and what data is created and processed as a result.

Cookies are small text files stored in a particular memory area of your browser. However, cookies cannot run programs or deliver viruses to a computer. Cookies are set when you visit our website or when a so-called tracking pixel/web beacon triggers the setting of a cookie. However, cookies can only be read by web servers of the same domain from which they were initially set.

You can also view our website without cookies. Internet browsers are regularly set to accept cookies. To prevent the use of cookies by your Internet browser, you can deactivate the use of cookies via the settings of your Internet browser and delete cookies that have already been set. You can find out how to disable and delete cookies in your browser via the help functions of your Internet browser. Please note that deactivating/deleting cookies may result in individual functions of our website no longer working as expected. Cookies that may be necessary for certain website functions are shown below. In addition, the deactivation/deletion of cookies only affects the Internet browser used for this purpose. For other Internet browsers, the deactivation/deletion of cookies must be repeated accordingly.

In addition, there are various ways to prevent the setting of certain cookies, either by selecting them in our tracking banner or individually vis-à-vis the respective service provider whose tools we use for certain purposes. We point out the latter possibility in direct connection with the respective tool.

Session-Cookies

As part of the provision of our websites, we use session cookies, which we store – regardless of your selection in the tracking banner – on your terminal device when you visit our website and which are always automatically deleted when you close the Internet browser (i.e. exit the program). This allows us to provide you with various functions on our website using the information in the cookies.

We use session cookies, which do not contain any personal data, for the following purposes:

• Trouble-free playback of video or audio content (for example, for the playback of Vimeo or YouTube videos);

• The temporary storage of specific user inputs (e.g. content of a shopping cart or an online form);

• Improvement of user-friendliness as well as statistical coverage measurement.

We also use session cookies that do contain personal data for the following purposes:

• Session cookies that serve the temporary identification or authentication of a user (e.g. via session ID for the temporary storage of the shopping cart).

Session cookies are automatically deleted after the Internet browser is closed, but at the latest at the end of the term of a respective cookie.

Persistent cookies

Persistent cookies are cookies that remain stored on your terminal device even after you have closed the browser. We use the information in these cookies to provide you with convenience functions on our website (e.g. to save particular user preferences or for search or language settings), but also to record your usage behaviour on our website and use this information to improve our website (e.g. to detect errors) and to personalise your advertising.

We only process persistent cookies with a personal reference to record your usage behaviour with your consent. You leave cookies on your first website visit via the displayed tracking banner. You can revoke your consent to record your usage behaviour at any time by deleting all cookies set in your Internet browser. However, in this case, a tracking banner can be required again. In addition, you can also - as shown below - revoke your consent for individual web analytics/marketing tools.

Data from persistent cookies is stored until the end of the term of a respective cookie or until you delete the cookies.

Web analytics through usage profiles

In short: To measure the attractiveness of our website, we use web analysis tools to improve our site and the information provided.

On our website, we use web analysis tools for advertising, market research and designing our website (and, if applicable, the newsletter) according to your needs. For these purposes, we collect and process usage data about your visit to our website and your use of links in the newsletter (if available) with the help of analysis cookies and/or JavaScript. The collection of your usage data and creating a usage profile are carried out using a cookie ID. Your IP address is either not collected or anonymised immediately after collection. Therefore, no direct conclusion can be drawn from the ID used to your person.

Below you will find further information on the web analysis tools we use and our partners and how you can prevent or restrict the collection and processing of data by the respective web analysis tool.

MailChimp

MailChimp is a service that can be used, among other things, to organise and analyse the sending of newsletters.

The provider is Rocket Science Group LLC, 675 Ponce De Leon Ave NE, Suite 5000, Atlanta, GA 30308, USA.

If you enter data to receive newsletters (e.g. e-mail address), this data will be stored on MailChimp's servers. When you open an email sent with MailChimp, a file contained in the email (so-called web-beacon) connects to MailChimp's servers. This makes it possible to determine whether a newsletter message has been opened and which links, if any, have been clicked. In addition, technical information is recorded (e.g. time of retrieval, IP address, browser type and operating system). This information cannot be assigned to the respective newsletter recipient. It is used exclusively for the statistical analysis of newsletter campaigns. The results of these analyses can be used to better adapt future newsletters to the interests of the recipients.

Opt-out: If you do not want any analysis by MailChimp, you must unsubscribe from the newsletter. For this purpose, we provide a corresponding link in every newsletter message.

For more details, please refer to MailChimp's privacy policy at: https://mailchimp.com/legal/terms/.

Zoho Pagesense

To ensure the proper functioning of our website, we may use analytics cookies and other technologies to collect usage data related to your visit to our website. In doing so, we record the mouse movements and clicks of randomly selected users of our website. Your IP address is, of course, anonymised. The resulting logs about your use of our website are evaluated randomly to identify opportunities for improvement of our website.

We use the service provider Zoho, Estancia IT Park, Plot No. 140 & 151, GST Road, Vallancherry Village, Chengalpattu Taluk, Kanchipuram District 603 202 Chennai India ("Zoho") to collect this usage data.

We do not merge the resulting user profiles with your name or other data that could reveal your identity, such as your email address. Usage data is deleted 12 months after the date of collection.

Opt-out: Use our Cookie Policy if you wish to prevent the collection of your statistics.

Marketing using usage profiles

For this purpose, we collect and process your usage behaviour when visiting our website, such as the pages visited, navigation patterns, products purchased and similar data. The collection of your usage data and creating a usage profile from it are carried out in a data-saving manner using a cookie ID or other technologies.

We also use marketing tools from partners. Our partners process your data under their responsibility. Below, you will find information on the technologies and partners we use and how you can prevent the collection and processing of the data described above. We refer separately to marketing tools under our responsibility.

These marketing tools are based on the rationale that we can serve ads relevant to users on our own and third-party websites, improve campaign performance reports, and prevent users from seeing the same ads more than once. In addition, we can also use it to record whether ad requests were successfully played (conversions). This is the case, for example, when a user sees an ad we have placed and later buys something on our website using the same internet browser.

When visiting our website, your internet browser automatically establishes a direct connection with the server of the respective service provider. Through this integration, the service provider receives the information that the corresponding part of our website was called up or that an ad of ours was clicked on and transmits related evaluations to us.

If you are registered with a service of a particular service provider (e.g. social networks), this service provider can assign the visit to your account. Even if you are not registered with the corresponding service provider or have not logged in, your IP address is technically transmitted as part of the aforementioned technical process, insofar as this is necessary for the provision of content. For example, some service providers also create a user profile for non-registered or non-logged-in users not linked to an account with the service provider based on the transmitted data. You can avoid this by not accessing the corresponding content on our website (e.g. videos from third-party providers).

We also use technologies to improve the quality of our ads. This includes playing ads only to users with a potential interest in our advertised products and services or to users with specific but abstract characteristics (so-called "Custom Audiences").

Below, we inform you about the providers of such marketing tools that we use, their data protection provisions, and how you can permanently prevent the collection of usage data concerning the respective provider. In addition, to prevent the use of cookies by your Internet browser, you can also directly disable cookies via your Internet browser settings and delete cookies that have already been set. Please note that this measure does not delete user profiles already created with the provider but only prevents the future collection of further usage data.

Google Analytics

Google Analytics is used to analyse website usage. This data is used to optimise our website and advertising measures.

Google Analytics is a web analytics service provided by Google, Inc. (1600 Amphitheatre Parkway, Mountain View, CA 94043, United States). Google processes website usage data on our behalf and is contractually committed to measures to ensure the confidentiality of the processed data.

During your website visit, the following data is recorded, among others:

• Pages viewed

• Orders including sales and ordered products

• The achievement of "website goals" (for example, contact requests and newsletter sign-ups)

• Your behaviour on the pages (for example, clicks, scrolling behaviour, and dwell time)

• Your approximate location (country and city)

• Your IP address (in shortened form, so that no clear assignment is possible)

• Technical information such as browser, Internet provider, device and screen resolution

• Source of origin of your visit (i.e. via which website or advertising medium you came to us)

Google Analytics stores cookies in your web browser for two years from your latest visit. These cookies contain a randomly generated user ID that can recognise you during future website visits. The recorded data is stored together with the randomly generated user ID, enabling the evaluation of pseudonymous user profiles. This user-related data is automatically deleted after 14 months. Other data remains stored in aggregated form indefinitely.

Opt-out: To permanently prevent usage data collection, Google offers a plugin for various internet browsers: https://support.google.com/ads/answer/7395996?hl=en-GB. To disable interest-based ads, you can block the use of third-party cookies or cookies from the domain "www.googleadservices.com" or disable interest-based ads via this link https://adssettings.google.de/anonymous?hl=en. Interest-based ads can also be disabled via the link http://www.aboutads.info/choices if the provider has joined the self-regulatory campaign "About Ads".

Google Ad Server

We use the online marketing tool Google Ad Server (formerly DoubleClick) of Google LLC,1600 Amphitheatre Parkway, Mountain View, CA 94043, USA ("Google").

The usage data is deleted after 540 days from the time of collection. For more information on DoubleClick, please visit https://policies.google.com/privacy?hl=en and data protection at Google in general: https://policies.google.com/privacy?hl=en-GB&gl=de.

We use online marketing tools from Google under our responsibility. For this purpose, we have agreed with Google in a data protection contract that our customers' data may only be processed on our instructions, may not be passed on to third parties and must be sufficiently technically protected.

Opt-out: To permanently prevent usage data collection, Google offers a plug-in for various internet browsers: http://www.google.com/settings/ads/plugin. To disable only interest-based ads, you can block the use of third-party cookies or cookies from the domain "www.googleadservices.com” or disable interest-based ads via this link: https://adssettings.google.nl/anonymous?hl=en.

Bing Ads

We use the online marketing tool Bing Ads from Microsoft Ireland Operations Limited, The Atrium Building, Block B, Carmanhall Road, Sandyford Business Estate, Dublin 18.

We use online marketing tools from Microsoft under our responsibility. In this regard, we have agreed with Microsoft in a data protection contract that our customers' data may only be processed on our instructions, may not be passed on to third parties, and must be sufficiently technically protected.

In addition, you can find Microsoft's data protection information at: https://privacy.microsoft.com/de-de/PrivacyStatement.

Opt-out: To permanently prevent usage data collection, Microsoft offers a plug-in for various Internet browsers: https://account.microsoft.com/privacy/ad-settings/signedout?refd=privacy.microsoft.com&lang=en-GB.

Google Ads & Remarketing

This website uses the online marketing tools "Google Ads & Remarketing" of Google LLC,1600 Amphitheatre Parkway, Mountain View, CA 94043, USA ("Google"). Online marketing tools of Google we use on our responsibility.

The cookies used with this service usually lose their validity after 30 days and are not intended to identify you personally. Google only provides us with statistical evaluations. Google processes your data per Google's data usage policy. You can find information on this with the following link: https://policies.google.com/privacy?hl=en-GB.

Opt-out: To permanently prevent usage data collection, Google offers a plug-in for various internet browsers: http://www.google.com/settings/ads/plugin. To disable interest-based ads, you can block the use of third-party cookies or cookies from the domain "www.googleadservices.com" or disable interest-based ads using this link https://www.google.de/settings/ads. Interest-based ads can also be disabled via the link http://www.aboutads.info/choices if the provider has joined the self-regulatory campaign "About Ads".

Pinterest Tag

Our website uses Pinterest Tag, a service provided by Pinterest Europe Ltd., Palmerston House, 2nd Floor, Fenian Street, Dublin 2, Ireland (“Pinterest Europe”).

The Pinterest Tag helps us to analyze the use of our website and to track the effectiveness of our advertising campaigns (Conversion Tracking). We also use the Pinterest Tag to create audiences and to show you personalized advertising based on your interest in our products (retargeting). For this purpose, Pinterest Europe processes data, which the service collects from pixels, cookies and similar technologies on our website.

If you have a Pinterest account and have allowed Pinterest Europe to do so in your account’s privacy settings, Pinterest Europe may also link the information collected about your visit to us with your Pinterest account and use it for showing you the targeted advertisements. You may see and change the privacy settings, especially for personalization, in your Pinterest account at any time. For more information, please see https://help.pinterest.com/en/article/edit-personalization-settings

If you have not agreed to the use of the Pinterest Tag, Pinterest Europe will only show you general Pinterest Ads, which have not been created based on the data collected about you.

This collection and transmission of activity data within the scope of the Pinterest Tag is carried out by Pinterest Europe and us as joint controllers within the meaning of Article 26 GDPR. Joint controllership exists when multiple parties (joint controllers) work together to decide how data will be used and managed. Joint Controllers need to be clear about who does what to follow data protection rules. They should agree on their roles and make sure the data subjects (people the data is about) understand these roles. Even if they have an agreement, people can still ask each of these parties to respect their data rights. You may see the details of the joint controllership agreement we have with Pinterest below.

We have an agreement with Pinterest Europe concerning this processing as joint controllers. This agreement defines the division between Pinterest Europe and us regarding the duties under data protection law. In this agreement, we and Pinterest Europe have agreed, among other things, that we are responsible for providing you - pursuant to Articles 13 and 14 GDPR – with all information about our joint processing of your personal data, and that Pinterest Europe is responsible for facilitating the exercise of rights of data subjects pursuant to Articles 15 to 20 GDPR. You may find more information on this agreement below.

Responsibilities of BSH and Pinterest Europe under the joint controllership agreement.

Pinterest Europe is responsible as sole controller for the processing of activity data subsequent to their transmission.

All processing described above, in particular the setting of pixels and cookies for reading out information on the end device used, will only be carried out if you have given us your consent to do so in accordance with Article 6 (1) point a GPDR. You can revoke your consent at any time with effect for the future by deactivating this service by clicking the Privacy settings icon at the bottom of the screen and changing the settings. Alternatively, you can use the deactivation page for EU consumers at

http://www.aboutads.info/choices or http://www.youronlinechoices.eu

You can find more information on how Pinterest Europe processes personal data, including the legal basis Pinterest Europe relies on, and the ways to exercise data subject rights against Pinterest Europe, in Pinterest Europe’s Privacy Policy at https://policy.pinterest.com/privacy-policy#section-residents-of-the-eea.

In addition, you can find out more about the Pinterest Tag at https://help.pinterest.com/en/business/article/pinterest-tag-parameters-and-cookies.

In short: All service providers who process your data in connection with our website have been carefully selected and are obliged to comply with data protection laws.

For the implementation and operation of our website, we work together with service providers. We have carefully selected these service providers and concluded a data protection agreement with each of them to protect your data.

Service providers for the implementation and operation of our website are:

• Service providers for hosting services, including related technical services (e.g., performance control and measurement, content delivery networks)

• Service providers for the provision of additional functionalities for our website (e.g. product videos, video platforms)

• Service providers for programming services

• Service providers for sales and marketing services

• Service providers for hotline services

We only transfer your data to other recipients if necessary to fulfil a contract with you if the recipient, or we, have a legitimate interest in the transfer of your data or your consent for the transfer. In these cases, your data will be processed per the data protection provisions of the relevant recipient of your data. These recipients include service providers and also other companies in the BSH Group. In addition, data may be transferred to other recipients to the extent that we are obliged to do so by law or by enforceable official or court order.

Other recipients of your data are:

• Logistic companies for delivery/collection of products

• Information about shipping status (Mandrill)

• Service providers for payment processing

• Service providers for receivables management

• Payment service providers

• Service provider for credit and identity assessment

• Service provider for customer ratings, newsletter, chatbot

In short: For all questions regarding data protection, you are welcome to contact our privacy department via:

BSH Huishoudapparaten B.V., privacy afdeling, Taurusavenue 36, 2132 LS in Hoofddorp, Data-Protection-NL@bshg.com.

Changes to this Privacy Policy

This Privacy Policy reflects the current status of data processing on our website. In the event of changes to data processing, we will adjust this Privacy Policy accordingly. We always make the current version of this Privacy Policy available on our website to inform you about our website’s scope of data processing.

Our data processing is mentioned above.

1. A legal permission according to article 6(1)(b) of the General Data Protection Regulation (“GDPR”):

• Registration on our website

• Comfort registration (social sign-on option)

• Subscription services via our website

• Online repair appointment

• Participation in competitions

• Participation in surveys, reviews

• Participation in event offers

• Customer reviews

2. A legal permission according to article 6(1)(f) GDPR:

• Technical facilities for the presentation of the website (e.g. content delivery networks)

• Additional functions of the website (e.g.product videos)

• Log data

• Get in contact

• Making an online repair appointment (data processing for address verification)

• Session cookies and persistent cookies for convenience functions

• Session-based statistics

• Credit rating information

3. Your consent per artikel 6(1)(a) GDPR:

• Newsletter (MailChimp)

• Zoho Pagesense

• Persistent cookies for the collection of user behaviour

• Web analytics & marketing - DoubleClick - Facebook Pixel and Custom Audiences - Google Analytics - Google Ads & Remarketing - Bing Ads - Facebook Pixel and Custom Audiences - Outbrain, Taboola, Pinterest Tag

• Online Surveys

• Session cookies and persistent cookies for convenience functions

In short: For comprehensive control over your data, you have extensive rights through which you can control the processing of your data by us.

If you have any questions about your personal data, please find below a description of your rights.

Exercising your data protection rights

Please use the following contact channels for your inquiry:

• I. Consumers: Please use the consumer inquiry webform at https://datarequest.bsh-group.com/.

• II. Dealers/Suppliers/Service: Partners and their employees: Please contact our local sales or purchasing department.

• III. Our employees: please contact the local human resources department.

• Your right to access your information: Upon request, we will provide you with information about the personal data we hold about you.

• Your right to correct or complete your data: We will update incorrect personal data if you inform us accordingly. We will complete incomplete data upon your request if necessary for the proper processing of your data.

• Your right to have your data deleted: Upon your request, we will delete data stored about you. For some data, however, the deletion takes place only after a specified retention period because, for example, the law obliges us in some cases to retain the data, or we need the data for the processing of the contractual relationship with you.

• Your right to block your data: In some instances defined by law, we will stop your data at your request. Blocked data will only be processed to a minimal extent.

• Your right to revoke consent: Once you have given your consent to the processing of your data, you can revoke it at any time with effect for the future. The lawfulness of the processing of your data until the revocation remains unaffected.

• Your right to object to the processing of your data: You may object to the processing of your data at any time with effect for the future if we process your data on one of the legal bases according to Art. 6 (1)(e) or (f) GDPR. In the event of an objection, we will stop processing your data if there are no compelling legitimate grounds for further processing. Compelling legitimate grounds never allow us to process your data for direct marketing purposes.

• Your right to data portability: At your request, we can provide you with specific data in a structured, common and machine-readable format.

• Your right to complain to the supervisory authority: You can also submit complaints of a data protection nature to a data protection authority. To do so, contact the data protection authority responsible for your place of residence or the data protection authority responsible for us below. (Dutch Data Protection Authority: https://www.autoriteitpersoonsgegevens.nl).

In short: We only share your data with recipients outside the EU if data protection is guaranteed.

We also disclose personal data to recipients based outside the EEA in so-called third countries. In this case, we ensure, before the transfer, that either an adequate level of data protection exists at the recipient (e.g. based on an adequacy decision of the EU Commission for the respective country or the agreement of so-called EU standard contractual clauses of the European Union with the recipient) or your consent to the transfer has been obtained.

In the case of transfers according to articles 46, 47 or 49(1) , 2nd subparagraph, GDPR, we will be happy to provide you with an indication of the appropriate or adequate safeguards we use and how you can obtain a copy of those safeguards from us. To do so, please use the contact details provided above under "Your contact for all data protection questions".

Valid from: 22-03-2024.

Version: DPI_1.5.