Privacy Policy

Highlights

Robert Bosch GmbH has set out below some important highlights of the Privacy Notice for our Single Sign-On Service SingleKey ID© and our SingleKey ID© Website at https://singlekey-id.com/. You can also obtain more information about how we collect, use, disclose and safeguard your personal information by reviewing our full Privacy Notice below.

SingleKey ID© enables access to various services of the Bosch Group independent of your registration to the SingleKey ID©, such as apps, web shops, online platforms or websites as well as access to products, data, contributions, image and audio documents, information and other contents. You can obtain more information about the Service we provide by reading our terms of use (Link).

What personal information do we collect?

For more information see Collection of Personal Information and Sources of Personal Information sections below.

We collect various types of information about those who visit our Website or who register for or use the Service, for purposes related to the services or products provided through the Website and Service, including:

• Information we collect directly from you (i.e., when given by you) when you visit our Website, register for or use the Service or when you contact customer support or otherwise interact or communicate with Robert Bosch GmbH, including your first and last name, the country where you live or from where you access the Website or Service, your language preference, your email address, your username, your account and password, and any other information you submit to us; and

• Information we collect indirectly from you (i.e., collected when you visit the Website or register for or use the Service), including your online identifier, Internet Protocol (“IP”) address, operating system, browser and other log files.

We also may collect information in ways that we describe to you at the point of collection or otherwise with your consent. The section titled “Collection of Personal Information” contains more information on these categories.

Why do we collect personal information and how is it used?

For more information see Collection of Personal Information below.

Business Purposes:

• Fulfilling or meeting the reason you provided the information, such as processing and verifying your registration and enabling your use of the Service or responding to your inquiries.

• Technical administration of the Website and Service and investigation of Website and Service disruptions.

• Maintaining the safety, security, and integrity of our mobile applications, websites, online platforms, products and services, databases and other technology assets and business.

• Administering, maintaining, personalizing and improving the Website and Service, including, without limitation, to authenticate users, provide requested services and optional additional services, to understand how our users interact with the Website and Service and to improve and develop new features, products and/or services.

• Evaluating or conducting a merger, sale of assets, consolidation or restructuring, financing or acquisition of all or a portion of any Bosch Group business, asset or opportunity by, with or into another business, entity or company when necessary.

• Compliance with legal and/or regulatory requirements.

• Providing customer service.

Commercial Purposes:

• Responding to submitted inquiries and customer service requests and other questions and/or comments.

• For the U.S., this data may be used for marketing and analytic purposes.

Robert Bosch GmbH will not collect or use personal information for materially different, unrelated or incompatible purposes without providing you notice (or obtaining your consent, where required by applicable laws in the relevant jurisdiction). Additionally, Robert Bosch GmbH only retains personal information for as long as necessary to carry out the purposes for which we originally collected it and for other legitimate business purposes, including to meet our legal, regulatory, or other compliance obligations.

Is personal information shared or disclosed?

For more information see Disclosure, Sale, and Sharing of Personal Information – Past 12 months, Personal Information Sales: Opt-Out and Opt-In Rights, and Use of Cookies below.

Robert Bosch GmbH may share your information with:

• Bosch Group affiliated entities that use the Service and that you are in a contractual relationship with.

• Service providers and other partners and entities performing work on Robert Bosch GmbH’s behalf, including those we have commissioned for programming, data hosting and as well as to operators of our IT system, administrators and customer support.

• Other third parties where required or permitted by applicable law, including (without limitation) relevant governmental authorities in accordance with, and as Robert Bosch GmbH deems required, necessary and/or appropriate by, or in connection with, applicable law, regulation, court order or legal process.

Robert Bosch GmbH does not sell or share personal information, therefore we do not have an opt-out.

What are the risks?

• We may transfer your personal information to countries other than the country where you reside, including to Bosch Group affiliates that integrate the SingleKey ID© in their services, such as apps, web shops, online platforms or websites, and that you are in contractual relationship with, as well as to service providers of Robert Bosch GmbH. Therefore, your information may be accessible to courts, law enforcement and national authorities in other countries. You can obtain information about Robert Bosch GmbH’s policies and practices with respect to foreign service providers (including affiliates), or ask questions about the collection, use, disclosure or storage of personal information by such service providers, by contacting our Privacy Policy Administrator as described in the Privacy Policy.

• Robert Bosch GmbH security measures related to the Website and Service are regularly reviewed and updated as necessary in accordance with the state of technological developments. However, absolute protection is not possible. We cannot guarantee the security of information posted or transmitted using the SingleKey ID©.

What else should you know?

• Your personal information will be transferred from the United States and Canada, and stored in data centers in Germany, the Netherlands and Ireland and accessible to Bosch Group affiliates responsible for the services you are accessing with SingleKey ID©.

• You may contact our Privacy Policy Administrator, as described in the Privacy Policy, with any questions about the collection of your personal information.

• In some circumstances, you also may have a right to access, update, and correct inaccuracies in your personal information (e.g., pursuant to local law).

• Any additional choices you may have are described in the full Privacy Notice below.

Notice to Canadian Users: Please note that by visiting the Website, registering for and/or using the Service and/or otherwise voluntarily providing your personal information to us, as applicable, you are consenting to the collection, use and disclosure of your personal information as described in our Privacy Policy and summarized above.

SingleKey ID© PRIVACY NOTICE

I. Introduction

Robert Bosch GmbH is pleased to have you use our Single Sign-On Service SingleKey ID© and welcomes your interest in the SingleKey ID© Single Sign-On Service This Privacy Notice applies to all users of https://singlekey-id.com/ and those who register for or use the Service anywhere in the United States, Canada, and their respective territories and possessions.

The protection of your privacy is an important concern to which we pay special attention. We jointly with the Bosch Group affiliates offering services that you access with SingleKey ID©, process personal information collected during your visit to the Website, registration for or usage of the Service in compliance with this Privacy Notice and all applicable laws and regulations. Data protection and information security are part of Robert Bosch GmbH corporate policy.

Notice to Canadian Users: Please note that by visiting the SingleKey ID©, registering for and/or using the Service and/or otherwise voluntarily providing your personal information to us, as applicable, you are consenting to the collection, use and disclosure of personal information as described in this Privacy Notice. If you do not consent to the processing of your personal information in accordance with this Privacy Notice, please do not register for, access or continue to use the Website or Service or otherwise provide any personal information to us.

II. Scope

This Notice covers our treatment of personally identifiable information, as defined by numerous statutes in the United States, personal information as defined by Canada’s Personal Information Protection and Electronic Documents Act and any applicable substantially similar provincial legislation, which we gather when you are accessing, viewing, completing, or using our Website or the Service, which we gather while you are accessing, viewing, completing, or using our Website or the Service.

III. Collection of Personal Information

The SingleKey ID© has collected the following personal information from users of the SingleKey ID© within the last twelve (12) months.

1. Categories and Sources of Information: Personal Information

We collect this information from our users, customers, and business partners. We also generate identifiers internally.

• Examples: First name, last name, email address, phone number, password, language, country

• Business or Commercial Purpose: Business - To process and verify your registration and enable the use of the service. Commercial - To improve our offering. We do not sell/share this data.

• Do we disclose, share or sell this data? We disclose this data with our service providers and with business partners, including those whom you instruct us to send this information.

• Retention: We retain personal information for the length of time needed to fulfil the purposes outlined in this privacy notice, unless a longer retention period is required or permitted by law. We retain personal information of inactive users for 10 years.

2. Categories and Sources of Information: Identifiers

We collect this information from our users, customers, and business partners. We also generate identifiers internally.

• Examples: Your unique identifier

• Business or Commercial Purpose: Business - To enable use of our Website and Service, to communicate with you, and to understand how our users interact with our Website and Service. Commercial - To improve our offerings

• Do we disclose, share or sell this data? We disclose this data with our service providers and with business partners, including those whom you instruct us to send this information. We do not sell/share this data.

• Retention: We retain identifiers for the length of time needed to fulfil the purposes outlined in this privacy notice, unless a longer retention period is required or permitted by law. We retain identifiers of inactive users for 10 years.

3. Categories and Sources of Information: Internet or other similar network activity

We collect this information from our users, customers, and business partners. We also generate identifiers internally.

• Examples: Log files, including

  • IP address of the terminal device that is used to access the Service;

  • Internet address of the website from which the Service was accessed (otherwise known as the URL of origin or referrer URL);

  • Name of the service provider that is used to access the Online Offer;

  • Name of the files or information accessed;

  • Date and time as well as duration of retrieval;

  • Amount of data transferred;

  • Operating system and information on the internet browser used including add-ons installed (e.g., Flash Player);

  • http status code (e.g., “Request successful” or “File requested not found”).

• Business or Commercial Purpose: Business - We save log files only for a short time and solely to determine disruptions or for security reasons (e.g., to investigate attempted attacks) and to otherwise maintain the safety, security and integrity of our Website and Service, databases and other technology assets and business. After these purposes have been completed, the log files will generally be deleted. Log files that need to be maintained for evidence purposes are excluded from deletion until the respective incident has been completely resolved or, on a case-by-case basis, has been passed on to investigating authorities. Commercial - To improve our offering.

• Do we disclose, share or sell this data? We may share this data with our IT service providers or any provider commissioned by us and to investigating authorities on a case-by-case basis and where allowed by law. We do not sell this data.

• Retention: We retain internet or other similar network activity for 90 days.

Robert Bosch GmbH will continue to collect the personal information described above. If any additional personal information is collected by Robert Bosch GmbH, we will provide any required notice(s), and where applicable obtain any required consent(s), in accordance with applicable laws in the relevant jurisdiction.

IV. Sources of Personal Information

We collect personal information from the following categories of sources:

1. Directly from you - For example, when given by you or collected from you through your access to and/or use of our Website or the Service for registration and login with SingleKey ID, for an overview and administration of master data and applications with SingleKey ID or for contacting customer support or otherwise interact or communicate with Robert Bosch GmbH, its agents, representatives, suppliers, vendors or consultants through our Website or the Service. This information may include, without limitation, your first and last name, the country where you live or from where you access the Website or the Service, your language preference, email address, phone number, identifier and password, and any other information you choose to provide us.

Users are solely responsible for providing notices to, and obtaining valid consent from, any other individual whose personal information is submitted to Robert Bosch GmbH in connection with the Service.

2. Indirectly from you. For example, from observing your use of our Website or the Service and/or the Services, or services related thereto. The following data may be collected automatically: the website from which you visit SingleKey ID (referrer), pages viewed, files downloaded (downloads), individual links clicked, search words or search phrases (site search), duration of visit, browser used, device data (e.g., unique device identifier, MAC address, IP address, serial number, hardware model, network information and operating system and version), and other relevant details and/or information. If the visit is a result of online advertising such as banners, video ads, search engine advertising, etc., Robert Bosch GmbH or its agents, representatives, suppliers, vendors or consultants may record which banner, adware, etc. motivated or assisted with the visit to our Website or the Service.

Robert Bosch GmbH will not collect additional categories of personal information or use the personal information we collected for materially different, unrelated or incompatible purposes without providing you notice or obtaining your consent, where required by applicable laws in the relevant jurisdiction.

V. Disclosure, Sale and Sharing of Personal Information – Past 12 Months

Robert Bosch GmbH may use, store, compile, manipulate, share and disclose your personal information with third parties for the purposes stated above. Your personal information is disclosed with the following:

• Bosch Group affiliated entities, including Bosch’s parent company in Germany, Robert Bosch GmbH, to leverage shared services and improve our Services;

• Robert Bosch GmbH service providers, vendors, consultants, suppliers, licensors, marketing, partners and other partners and entities performing work on Robert Bosch GmbH’s behalf, such as hosting vendors, advertising service providers, data analytics companies, marketing service companies, list managers and delivery companies;

• Relevant authorities in accordance with, and as Robert Bosch GmbH deems required, necessary and/or appropriate by, or in connection with, applicable law, regulation, court order or legal process.

By accessing and/or using our Website or the Service, you consent to the above uses and disclosure of your personal information in accordance with this notice.

Sale of or Sharing of Personal Information. In the preceding twelve (12) months, SingleKey ID© has not shared or sold your personal information. Therefore, we do not offer an opt-out.

VI. International Data Transfer

Robert Bosch GmbH may transfer your personal information to Bosch Group affiliates offering services that you access with SingleKey ID© throughout the world, when processing, storing, analyzing, and otherwise using data. Robert Bosch GmbH may also transfer your data to a service, provider, contractor, or third party outside the country of origin. Accordingly, your personal information may be accessible to courts, law enforcement and national authorities in countries other than the country in which you reside. You can obtain information about Robert Bosch GmbH’s policies and practices with respect to foreign service providers (including affiliates), or ask questions about the collection, use, disclosure or storage of personal information by such service providers, by contacting our Privacy Notice Administrator as described below.

VII. Children’s Privacy

Robert Bosch GmbH does not knowingly collector or use any personal information from online visitors under the age of 16. Robert Bosch GmbH does not knowingly allow visitors under the age of 16 to participate in any promotions or contests made available on our Website or the Service from time to time.

VIII. California “Shine the Light” Privacy Rights

California’s “Shine The Light” law permits those Robert Bosch GmbH customers who are residents of California to annually request a list of their personal information (if any) that Robert Bosch GmbH disclosed to third parties for direct marketing purposes in the preceding calendar year, and the names and addresses of those third parties. At this time, Robert Bosch GmbH currently does not share any personal information with third parties for direct marketing purposes.

IX. Use of Links to Affiliated Sites

The Service and Website may contain links to other Bosch Group sites (“Affiliated Sites”). The Service provides these links only as a convenience. Your use of these Affiliated Sites and any related services are outside the scope of this Privacy Notice and is governed by the Privacy Notice and any other terms referred to or located on such Affiliated Sites.

X. Use of External Links

The SingleKey ID© may contain links to third-party websites or services operated by providers that are not associated with Robert Bosch GmbH. After you click the link, Robert Bosch GmbH no longer has any influence over the collection, storage, use or processing of any personal information transmitted by clicking the link (such as the IP address or URL of the page that contains the link), as the behavior of third parties is, by nature, beyond Bosch control. Therefore, Robert Bosch GmbH is not responsible for the collection, storage, use, disclosure or other processing of personal information by such third parties. For further clarity, this Privacy Notice does not apply to any such third-party websites or services; refer to the privacy statements or policies for such third-party websites or services for information about how they collect, use, disclose and protect personal information.

XI. Security

Robert Bosch GmbH takes commercially reasonable efforts to ensure that your data collected by Robert Bosch GmbH through the Service and Website is protected against tampering, loss, destruction, access by unauthorized persons or unauthorized disclosure. Bosch security measures are being continuously improved in accordance with the state of technological developments, however, absolute protection is not possible.

To register for SingleKey ID, you are required to provide your email address or phone number and create a password. You must not share this access information with anyone else as you are personally responsible for any information transmitted while logged in with your username and password. We disclaim any and all liability for any information transmitted due to an unauthorized log in.

XII. Use of Cookies

I. Robert Bosch GmbH Cookies.

Robert Bosch GmbH uses only technical or strictly necessary cookies to ensure technically functionality of the service and website. Robert Bosch GmbH does not use and third-party cookies or other tracking mechanisms.

Cookies are small text files stored on your computer or device when you visit the Service and Website.

If you wish, you can delete the cookies at any time from your web browser. However, this can result in some functions no longer being available. For information on deleting the cookies, consult your browser‘s help function.

XIII. How We Respond to Do Not Track Signals

The “Do Not Track” (“DNT”) privacy preference is an option that may be made in some web browsers allowing you to opt-out of tracking by websites and online services. Robert Bosch GmbH does not track users, therefore does not recognize and/or respond to DNT signals.

XIV. International Users

This is a German Website and Service that is targeted to users in the U.S. and Canada, and complies with relevant U.S. and Canadian laws, as applicable, including, without limitation, those governing the privacy and security of your information. If you visit, register for or use the Website and/or the Service, you are transferring your personal information to Robert Bosch GmbH in Germany. By visiting, registering for or using the Website and/or the Service or providing your information to Robert Bosch GmbH through the Website and/or the Service, you consent to the transfer of your personal information to Germany, and Robert Bosch GmbH’s handling of your information in accordance with applicable German and U.S. requirements and this Privacy Notice. Accordingly, your personal information may be accessible to courts, law enforcement and national investigation authorities in the United States as well as in Germany. You can obtain information about Robert Bosch GmbH’s policies and practices with respect to service providers (including affiliates) outside the country where you reside, or ask questions about the collection, use, disclosure or storage of personal information by such service providers, by contacting our Privacy Notice Administrator as described below.

XV. Your Rights - US

State specific privacy laws within the United States provide data subjects certain rights regarding the personal information that businesses collect and how the collected personal information is used. If you would like to exercise data subject right available to you, find the “Exercise your Rights” section below. Our privacy team will examine your request and respond to you as quickly as possible.

We may still use any aggregated and de-identified Personal Information that does not identify any individual and may also retain and use your Personal Information as necessary to comply with our legal obligations, resolve disputes, and enforce our Agreements. We maintain and use all de-identified information in de-identified form. We do not attempt to reidentify it except to ensure our de-identification processes are in compliance with applicable law.

Dependent on the state of your residence, you may be provided the following rights:

California:

• Right to know what personal information is being collected

• Right to access your personal information.

• Right to correct inaccurate personal information.

• Right to delete personal information

• Right to know what personal information is sold or shared and to whom.

• Right to opt-out of sale or sharing of personal information for cross-context behavioral advertising

• Right to data portability

• Right to opt-out of processing for the purpose of profiling

• Right to limit the use and disclosure of sensitive personal data

• Right of no retaliation following opt-out or exercise of other rights

Virginia:

• Right to confirm if personal data is processed

• Right to access your personal information

• Right to correction inaccuracies in your personal data

• Right to delete your personal data

• Right to obtain a copy of your personal data

• Right to opt-out for the purpose of targeted advertising, sale of data, or profiling

• Right to non-discrimination

• Right to appeal

Colorado:

• Right to confirm if personal data is processed

• Right to access your personal information

• Right to correction

• Right to deletion

• Right to opt-out of sale, targeted advertising, and profiling

• Right to data portability

• Right to non-discrimination

• Right to appeal

Connecticut:

• Right to confirm if personal data is processed

• Right to access your personal information

• Right to correction

• Right to deletion

• Right to data portability

• Right to opt-out of sale, targeted advertising, and profiling

• Right to Non-Discrimination

• Right to appeal

Utah:

• Right to confirm if personal data is processed

• Right to access your personal information

• Right to deletion

• Right to data portability

• Right to opt-out of sale and targeted advertising

• Right to non-discrimination

Nevada:

• Right to request that a company not sell your personal information for monetary consideration

XVI. Your Rights – Canada

Individuals located in Canada have certain rights pursuant to Canadian Privacy Laws. Subject to certain exceptions and limitations, and depending upon the jurisdiction where you reside, such rights may include:

a. The right to withdraw your consent to the collection, use or disclosure of your personal information.

b. The right to be informed of the existence, use, and disclosure of your personal information, and to be provided with an account of the use that has been made or is being made of this information as well as the third parties to which it has been disclosed (including a list of organizations to which your information may have disclosed).

c. The right to challenge the accuracy and completeness of your personal information, and have it amended, updated or rectified as appropriate.

d. The right to acquire information about Bosch’s policies and practices with respect to personal information, including: a description of the type of personal information held by Bosch and a general account of its use; a copy of any brochures or other information that explain our policies, standards, or codes; and information about what personal information is shared with or accessible to our affiliates.

e. The right to challenge Bosch’s compliance with the applicable Canadian Privacy Laws.

XVII. How to Exercise Your Rights

To exercise your rights, submit a verifiable consumer request or access request, as applicable, to us by either:

• Calling us at (888-43-BOSCH (888-432-6724)).

• Sending an email to: privacy.policy@us.bosch.com

To assist Bosch in processing your request when exercising your rights, supply the following information:

• Full name

• Phone number

• Email address

• Any information you can provide about your previous contact with Robert Bosch GmbH (e.g. contact point / touchpoint with Bosch, screenshots, reference to a specific product/newsletter)

Only you (or based on your state of residence, an authorized agent authorized by you to act on your behalf – see Section Authorized Agent below for more information) may make a verifiable consumer request or access request, as applicable related to your personal information. You may also make a verifiable consumer request on behalf of your minor child. Your verifiable consumer request or access request, as applicable, must:

• Provide sufficient information that allows us to reasonably verify you are the person about whom we collected Personal Information or an authorized representative.

• Describe your request with sufficient detail that allows us to properly understand, evaluate, and respond to it.

We cannot respond to your request or provide you with personal information if we cannot verify your identity or authority to make the request and confirm the personal information relates to you. Making a verifiable consumer request or access request does not require you to create an account with us, but if you already have an account with us, you may be required to make your request through that account.

We will only use personal information provided in a verifiable consumer request or access request, as applicable, to verify the requestor’s identity or authority to make the request.

XVIII. Response Timing and Format

We endeavor to respond to a verifiable consumer request or access request, as applicable, within thirty (30) days of its receipt, or sooner where required by applicable law (including Canadian Privacy Laws). If we require more time (up 90 days in total), where permitted by applicable law, we will inform you of the reason and extension period in writing. Opt-out request will be honored as soon as feasibly possible, but no later than 15 days from the date we receive the request.

If you have an account with us, we will deliver our written response to that account. If you do not have an account with us, we will deliver our written response by mail or electronically, at your option.

Any disclosures we provide in response to a verifiable consumer request will only cover the 12-month period preceding the verifiable consumer request's receipt, unless otherwise required by applicable law. The response we provide will also explain the reasons we cannot comply with a request, if applicable.

For data portability requests, where applicable, we will select a format to provide your personal information that is readily useable and should allow you to transmit the information from one entity to another entity without hindrance.

We do not charge a fee to process or respond to your verifiable consumer request or access request, as applicable, unless it is excessive, repetitive, or manifestly unfounded. If we determine that the request warrants a fee, we will tell you why we made that decision and provide you with a cost estimate before completing your request.

XIX. Personal Information Sales: Opt-Out and Opt-In Rights

SingleKey ID© does not sell your personal information to third parties as defined by relevant laws. Therefore, we do not offer an opt-out.

XX. Authorized Agent

I. California

As a California resident you may also exercise your request to know or request to delete through an authorized agent. When you submit your request through an authorized agent we require that you:

1. Provide us a copy of your written permission for the authorized agent to submit the applicable request; and

2. Verify your own identity directly with us.

The foregoing does not apply when you have provided your authorized agent with a power of attorney pursuant to California Probate Code sections 4000 to 4465; provided, that we may require a copy of such power of attorney before fulfilling any request.

II. Colorado

As a Colorado resident you may also exercise your request to opt-out through an authorized agent. When you submit your request through an authorized agent we require that you:

1. Provide us a copy of your written permission for the authorized agent to submit the applicable request; and

2. Verify your own identity directly with us.

XXI. Non-Discrimination

We will not discriminate against you for exercising any of your rights. Unless permitted by applicable law, we will not: (a) deny you goods or services; (b) charge you different prices or rates for goods or services, including through granting discounts or other benefits, or imposing penalties; (c) provide you a different level or quality of goods or services; or (d) suggest that you may receive a different price or rate for goods or services or a different level or quality of goods or services.

XXII. Filing a Complaint

Regulatory authorities that oversee the privacy laws and regulations, including the Office of the Privacy Commissioner of Canada, advise individuals to file an objection or challenge with the relevant company before lodging a formal complaint with a regulatory authority. If you are dissatisfied with Bosch’s response to an objection or challenge filed under Article XX above, or you if wish to file a complaint with a regulatory authority first, you may do so as follows:

Under PIPEDA: You may file a complaint with the Office of the Privacy Commissioner of Canada. Depending upon the province where you live, you may also (or instead) have the right to file a complaint with the applicable provincial privacy commissioner/regulator.

Under PII Laws: You may file a complaint with the relevant state’s Attorney General’s office.

Under the US: You may file a complaint with the applicable state Attorneys General Office or regulatory agency.

XXIII. Changes to Privacy Notice

Due to the constantly changing nature of Robert Bosch GmbH business, Robert Bosch GmbH reserves the right to change, update, revise and/or modify this Privacy Notice at any time at Robert Bosch GmbH’s sole discretion, and Robert Bosch GmbH will post any new or revised Privacy Notice here. Any such change, update, revision and/or modification will be effective immediately upon posting on this website, unless we are required to provide direct notice or obtain your consent pursuant to applicable laws. Use of information that Robert Bosch GmbH gathers now will be subject to the Privacy Notice in effect at the time of use. By using or navigating around the Website or Service or utilizing any of the services, you acknowledge that you have read and understood and agree to be bound by this Privacy Notice in and the applicable Terms of Use. If you do not agree to be so bound, do not remain on the Website or Service. You are responsible for checking the Website and Service frequently to keep apprised of recent changes.

________________________________________________________________________

The effective date of this Privacy Notice is June 21st,2024.

This Privacy Notice was updated on June 21st,2024. The following information was updated:
Change of provider within the Robert Bosch GmbH.

XXIV. Contact

To obtain more information or to submit suggestions or complaints regarding the processing of your personal information, you can contact the Robert Bosch GmbH Privacy Notice Administrator.

If incorrect information has been stored despite Robert Bosch GmbH efforts to maintain correct and up-to-date data, Robert Bosch GmbH will correct this upon your written request, sent to:

• Email: privacy.policy@us.bosch.com

• Postal Address: Robert Bosch GmbH, Robert-Bosch-Platz 1, 70839 Gerlingen-Schillerhöhe, Germany

You may also contact as follows:

• Phone: (888-43-BOSCH (888-432-6724)).

• Website: https://singlekey-id.com/

© Copyright 2024 Robert Bosch GmbH. All rights reserved.

Party 1: Robert Bosch GmbH, Robert-Bosch-Platz 1, 70839 Gerlingen-Schillerhöhe, Germany

and

Party 2: All parties named in the list of parties

What is the basis for joint responsibility?

In connection with the provision of SingleKey ID as an exclusive single sign-on solution of the Bosch Group, the aforementioned parties will work closely together. This also concerns the processing of your personal data. The parties have jointly determined the order in which this data is processed in individual process steps. As such, they are jointly responsible for the protection of your personal data during the process stages described below (Art. 26 GDPR).

As a data subject according to GDPR, you have a right to the following information from the aforementioned parties.

For which process stages is there joint responsibility?

• Processing step: Registration and login with SingleKey ID

• Responsibility lies with: Robert Bosch GmbH

• Processing step: Overview and administration of master data and applications with SingleKey ID

• Responsibility lies with: Robert Bosch GmbH

What have the parties agreed?

In line with their joint responsibility for data protection, the aforementioned parties have agreed which of them is responsible for meeting specific obligations under GDPR. In particular, this concerns the exercise of the rights of data subjects (Art. 15–21 GDPR) and the fulfillment of the obligations regarding provision of information (Art. 13–14 GDPR).

This agreement is required because during the provision and operation of SingleKey ID and its functions, personal data is processed in various process steps and by various systems operated either by Robert Bosch GmbH or by all parties named in the list of parties.

What does this mean for you as data subject?

Although a joint responsibility exists, the parties shall fulfill the obligations under data protection law in accordance with their respective responsibilities for the individual processing activities as follows:

• In accordance with their joint responsibility, the parties shall provide the data subject with any information required under Art. 13 and 14 GDPR in a precise, transparent, intelligible, and easily accessible form, using clear and plain language. This information shall be provided free of charge. For this purpose, each party shall provide the other party with all the necessary information from its area of operation.

• The parties shall inform each other without delay of any legal positions asserted by you as data subject. They shall provide each other with all the information required to respond to requests for information.

• As data subject, you will, in principle, receive the information from Robert Bosch GmbH. Regardless of this internal agreement, you may also assert your rights, as data subject, directly against any party.

Who are the contracting parties?

All Bosch entities that have signed the Adherence Letter to the Joint Controller Agreement are referred to as contracting parties.

Name of legal entity, contact details and date the Adherence Letter was signed on:

• Automobility Services and Solutions Private Limited, Hosur Road, Adugodi, Bangalore 560030, India, 29.08.2023

• Bosch Access Systems GmbH, Charlottenburger Allee 50, 52068 Aachen, Germany, 21.02.2022

• Bosch Automotive Service Solutions, LLC,15000 Hagerty Road, Plymouth, MI 48170, United States, 27.02.2024

• Bosch Automotive Service Solutions Pty. Ltd., C/o RBAU/FC, 1555 Centre Road, Clayton, VIC 3168, Australia, 22.12.2022

• Bosch Building Automation GmbH, Kapellenweg 42, 33415 Verl, Germany, 26.01.2022

• Bosch Corporation, 1-9-32, Nakagawa-chuou, Tsuzuki-ku, Yokohama city, Kanagawa 224-8601 Japan, 27.02.2023

• Bosch Energy and Building Solutions B.V., Ringwade 31A, 3439 LM Nieuwegein, Netherlands, 18.03.2023

• Bosch Global Software Technologies Private Limited, No. 123, Industrial Layout, Hosur Road, Koramangala, Bangalore, Karnataka, 560095, India, 11.10.2022

• Bosch Healthcare Solutions GmbH, Stuttgarter Straße 130, 71332 Waiblingen, Germany, 31.07.2023

• Bosch Limited, P.O. Box 3000, Hosur Road, Adugodi, Bangalore - 560030, India, 01.09.2022

• Bosch Power Tools B.V., Konijnenberg 60, 4825 BD Breda, Netherlands, 08.11.2022

• Bosch Rexroth AB, Rosterigränd 12, 117 61 Stockholm, Sweden, 14.11.2022

• Bosch Rexroth AG, Zum Eisengießer 1, 97816 Lohr am Main, Germany, 28.09.2022

• Bosch Rexroth A/S, Telegrafvej 1, 2750 Ballerup, Denmark, 11.11.2022

• Bosch Rexroth A/S, Berghagan 1 (Postboks 3007), Langhus (Ski), Norway, 26.10.2022

• Bosch Rexroth B.V., Kruisbroeksestraat 1, AA 5281 Boxtel, Netherlands, 26.10.2022

• Bosch Rexroth Canada Corp., Prince Charles Drive South 490, Ontario, L3B 5X7 Welland, Canada, 05.12.2022

• Bosch Rexroth Chile SpA, Calle El Cacique 0258, Providencia, Santiago de Chile, Chile, 23.09.2022

• Bosch Rexroth Corporation, 6-7, Shibuya 3-chome, Shibuya-ku, Tokyo 150-0002, Japan, 02.10.2022

• Bosch Rexroth Corporation, 5150 Prairie Stone Parkway, 60192 Hoffmann Estates, USA, 05.12.2022

• Bosch Rexroth DSI S.A.S., Boulevard Iréne-Joliot-Curie 91, 69634 Vénissieux, France, 17.10.2022

• Bosch Rexroth GmbH, Industriepark 18, 4061 Pasching, Austria, 25.10.2022

• Bosch Rexroth (India) Private Ltd., Railway Station Vatva, Ahmedabad, 382 445 Vatva, India, 04.11.2022

• Bosch Rexroth Kft., Angol ucta 34, 1149 Budapest, Budapest, Hungary, 20.10.2022

• Bosch Rexroth Korea Ltd., 1515-14, Dadae-Dong, Saha-Ku, 604-826 Busan, Korea, 02.10.2022

• Bosch Rexroth Ltd., St. Neots, Cromwell Road 15, 192ES Cambs, United Kingdom, 10.01.2023

• Bosch Rexroth Ltda., Rod. Dom Pedro I KM 97 N.8800 - Ponte Nova, 13252-800 Itatiba (San Paulo), Brazil, 22.09.2022

• Bosch Rexroth N.V., Rue Henry Genesse 1, 1070 Brüssel, Belgium, 02.12.2022

• Bosch Rexroth Oil Control S.P.A, Via Marcho Antonio Colonna 35 cap, 20149 Milano, Italy, 03.11.2022

• Bosch Rexroth Otomasyon San. ve Tic. A.Ş, Gebze Şubesi, TOSB 1.Cadde 14. Sokak No:10, 41420 Çayırova-Kocaeli, Turkey, 30.09.2022

• Bosch Rexroth OY, Ansatie 6, 01740 Vantaa, Finland, 02.11.2022

• Bosch Rexroth Pty Ltd, Tầng 14, Ngôi nhà Đức, 33 Lê Duẩn, Phường Bến Nghé, Quận 1, Thành phố Hồ Chí Minh City, Vietnam, 01.12.2022

• Bosch Rexroth S.A., Ercheias Str. 37, 19400 Koropi, Greece, 12.10.2022

• Bosch Rexroth S.A.S., Boulevard Iréne-Joliot-Curie 91, 69634 Vénissieux, France, 12.10.2022

• Bosch Rexroth S.L., Calle Hermanos Nobleja 19, Madrid, Spain, 24.10.2022

• Bosch Rexroth S.p.A., Strada Statale Padana Superiore 11, n.41, 20063 Cernusco sul Naviglio, Italy, 11.10.2022

• Bosch Rexroth SA de C.V., Calle Neptuno 72, 07700 Mexico D.F., Mexico, 05.12.2022

• Bosch Rexroth Sales S.R.L, Aurel Vlaicu str. No.2, 515400 Blaj - Alba, Romania, 06.10.2022

• Bosch Rexroth Schweiz AG, Hemrietstr. 2, 8863 Buttikon, Switzerland, 22.09.2022

• Bosch Rexroth SDN BHD, 11, Jalan Astaka U8/82, Bukit Jelutong, 40150 Shah Alam, Selangor Darul Ehsan, Malaysia, 28.11.2022

• Bosch Rexroth Sp.z o.o., ul. Jutrzenki 102/104, 02-230 Warszawa, Poland, 21.10.2022

• Bosch Rexroth spol. s.r.o, Tezebni 1238/2, 62700 Brno, Czech Republic, 26.10.2022

• Bosch Sanayi Ve Ticaret A.S., Organize San. Bölgesi, Yeşil cad. No:27, Nilüfer, 16372 Bursa, Turkey, 05.12.2022

• Bosch Security Systems B.V., Torenallee 49, 5617 BA Eindhoven, Netherlands, 09.03.2023

• Bosch Security Systems France S.A.S., 24 Rue de Stalingrad, 93700 Drancy, France, 24.03.2023

• Bosch Security Systems, LLC., 130 Perinton Parkway. Fairport, NY. 14450, USA, 06.12.2022

• Bosch Security Systems Pty Lt, Level 2, 21 Solent Circuit, Baulkham Hills, NSW 2153, Australia, 21.12.2022

• Bosch Security Systems - Sistemas de Segurança SA., Av. Infante D. Henrique, Lote 2E-3E, 1800-220 Lisboa, Portugal, 03.04.2023

• Bosch Sensortec GmbH, Gerhard-Kindler-Strasse 9, 72770 Reutlingen, Germany, 30.06.2023

• Bosch Service Solutions GmbH, Mainzer Landstraße 193, 60326 Frankfurt, Germany, 07.06.2022

• Bosch Service Solutions, S.A.U., Avenida de la Institución Libre de Enseñanza, 19, 28037 Madrid, Spain, 28.03.2023

• Bosch Sicherheitssysteme GmbH, Postfach 11 11, 85626 Grasbrunn, Germany, 18.01.2022

• Bosch Termotechnika s.r.o., Průmyslová 372/1, 108 00 Prague 10, Czech Republic, 01.04.2022

• Bosch Termotecnologia S.A., Av. Infante D. Henrique, 1800-220 Lisboa, Portugal, 15.03.2022

• Bosch Termoteknik Isitma ve Klima Sanayi Ticaret Anonim Sirketi, Aydınevler Mahallesi İnönü Caddesi No:20, Ofis Park A Blok, Küçükyalı 34854 İstanbul, Turkey, 17.05.2022

• Bosch Thermotechniek B.V., Zweedsestraat 1, 7418 BG Deventer, Postbus 3, 7400 AA Devente, Netherlands, 28.04.2022

• Bosch Thermotechnik AG, Netzibodenstrasse 36, 4133 Pratteln, Switzerland, 30.06.2022

• Bosch Thermotechnik GmbH, Sophienstraße 30-32, 35576 Wetzlar, Germany, 05.07.2022

• Bosch Thermotechnology Corp., 65 Grove St Watertown, MA, 02472, USA, 25.05.2022

• Bosch Thermotechnology Ltd., Cotswold Way, Worcester, United Kingdom, 07.03.2022

• Bosch Thermotechnology NV/SA, Zandvoortstraat 47, 2800 Mechelen, Belgium, 25.04.2022

• Bosch Thermoteknik AB, Hjalmarydsvagen 8, 573 28 Tranas, Sweden, 21.04.2022

• BSH domácí spotřebiče s.r.o. – organizačná zložka Bratislava, Ambrušova 5785/4, 821 04 Bratislava, Slovakia, 15.03.2023

• BSH domácí spotřebiče s.r.o., Radlická 350/107c, 158 00 Praha 5, Czech Republic, 13.02.2023

• BSH Domakinski Uredi Bulgaria EOOD, Бизнес център ФПИ, ет.5, София - 1407, Bulgaria, 27.05.2022

• BSH Electrocasnice S.R.L., Sos. Bucuresti Ploiesti no. 19 - 21, 1st floor , section 2, district 1, 013682 Bukarest, Romania, 05.04.2023

• BSH Electrodomésticos España, S.A, Ronda del Canal Imperial de Aragón, 18-20 (Parque empresarial Pla-Za), 50197 Zaragoza, Spain, 18.07.2022

• BSH Electrodomésticos SAC, Elmer faucett 3551, Callao 07036, Peru, 03.05.2023

• BSH électroménagers S.A., 13-15 ZI Breedewues, 1259 Senningerberg, Luxembourg, 20.03.2023

• BSH Electroménager S.A.S., CS 90045, 93582 Saint-Ouen Cedex, France, 21.12.2021

• BSH Electroménagers (SA), N°311 Boulevard Ghandi, Quartier Plateau, 20100 Casablanca, Morocco, 04.10.2022

• BSH Elettrodomestici S.p.A., Via Marcello Nizzoli 1, I-20147 Milano, Italy, 24.08.2022

• BSH Ev Aletleri Sanayi ve Ticaret A.Ş., Fatih Sultan Mehmet Mahallesi, Balkan Caddesi N° 51, TR-34771 Ümraniye, Istanbul, Turkey, 09.01.2023

• BSH Hausgeräte AG, Fahrweidstraße 80, CH-8954 Geroldswil, Switzerland, 01.09.2022

• BSH Hausgeräte Gesellschaft mbH, Quellenstraße 2a, 1100 Wien, Austria, 12.09.2022

• BSH Hausgeräte GmbH, Carl-Wery-Straße 34, 81739 München, Germany, 08.11.2022

• BSH Háztartási Készülék Kereskedelmi Kft., Árpád fejedelem útja 26-28., 1023, Budapest, Hungary, 30.01.2023

• BSH Hišni aparati d.o.o. Nazarje, Savinjska cesta 30, 3331 Nazarje, Slovenia, 27.05.2022

• BSH Home Appliances S.A., Rue Picard 7 - box 400, 1000 Bruxelles, Belgium, 16.12.2021

• BSH Home Appliances AB filialas Vilnius, J. Balčikonio g. 9, LT-08247 Vilnius, Lithuania, 21.04.2023

• BSH Home Appliances AB filiāle Latvijā, Strēlnieku 1, 1010 Rīga, Latvia, 08.09.2023

• BSH Home Appliances AB, Eesti Filiaal, Lootsa 12, 11415 Tallinn, Estonia, 19.09.2023

• BSH Home Appliances AB, Landsvägen 32, S-16929 Solna, Sweden, 30.11.2022

• BSH Home Appliances Corporation, 1901 Main Street Suite 600, CA 92614 Irvine, USA, 02.06.2022

• BSH Home Appliances FZE, Plot No Mo0523 Jafza North, P.O. Box 17312, United Arab Emirates, 24.01.2023

• BSH Home Appliances Limited, Grand Union House, Old Wolverton Road, Wolverton, Milton Keynes, MK12 5PT, United Kingdom, 13.02.2023

• BSH Home Appliances Limited, Unit 07, 23/F, CDW Building, 388 Castle Peak Road, Tsuen Wan, New Territories, Hong Kong, 09.10.2023

• BSH Home Appliances LLC, Second Floor of the Administrative Building on Plot 12b04 of Cairo Festival City, New Cairo, Cairo Governorate, Egypt, 14.02.2022

• BSH Home Appliances LLP, Floor 7, Building 22/5, Haji Mukan street, Medeu Disctrict, Almaty, 050059, Republic of Kazakhstan, 20.02.2023

• BSH Home Appliances Ltd., Ital Thai Tower, Unit 209 (2034/31-39) 2nd Floor, New Petchburi Road, Bangkapi, Huaykwang District, Bangkok 10310, Thailand, 23.02.2023

• BSH Home Appliances Ltd., Level 3 AON House Smales Farm 74 Taharoto Road, Takapuna Auckland 0622, New Zealand, 28.03.2023

• BSH Home Appliances Ltd, 6696 Financial Drive, Unit 3, Mississauga, ON L5N 7J6, Canada, 13.07.2022

• BSH Home Appliances Private Limited, 11F., No. 80, Zhouzi St., Neihu dist., Taipei City 11493, Taiwan (R.O.C), 21.09.2023

• BSH Home Appliances Pte. Ltd., 11 Bishan Street 21, 573943, Singapore, 04.10.2022

• BSH Home Appliances Pty. Ltd., 1555 Centre Road, Clayton VIC 3168, Australia, 23.08.2022

• BSH Home Appliances (Pty) Ltd., 37 Commerce Crescent Sandown, Sandton Johannesburg 2031, South Africa, 22.11.2022

• BSH Home Appliances Sdn. Bhd., Unit No. 2-1 Level 2 CP Tower, No. 11 Jalan 16/11, Pusat Dagang Seksyen 16, 46350 Petaling Jaya, Selangor, Malaysia, 07.12.22

• BSH Home Appliances (Vietnam) Co. Ltd c/o, Deutsches Haus, 14th Floor, 33 Le Duan Street, Ben Nghe Ward, District 1, Ho Chi Minh City, Vietnam, 22.02.2023

• BSH Household Appliances Manufacturing Private Limited, Arena House, 2ndFloor Main Building, Plot No. 103, Road No.12, MIDC, Andheri East, Mumbai 400093, India, 05.10.2022

• BSH Huishoudapparaten B.V., Postbus 259, 2130 AG Hoofddorp, Netherlands, 07.06.2023

• BSH Husholdningsapparater A/S, Grensesvingen 9, N-0661 Oslo, Norway, 30.11.2022

• BSH Hvidevarer A/S, Telegrafvej 4, 2750 Ballerup, Denmark, 30.11.2022

• BSH Ikiakes Syskeves A.B.E 17th km Ethnikis odon Athinon, Lamias & Potamou 20, 14564 Kifissia, Greece, 24.02.2023

• BSH Kodinkoneet Oy, PO Box 123, 00201 Helsinki, Finland, 19.04.2023

• BSH kućanski uređaji d.o.o., Ulica grada Vukovara 269F, 10000 Zagreb, Croatia, 27.05.2022

• BSH Kućni aparati d.o.o. Beograd, Omladinskih brigada 90E, 11070 Beograd, Serbia, 27.05.2022

• BSH Sprzet Gospodarstwa Domowego Sp. z o.o., Al. Jerozolimskie 183, PL 02-222 Warszawa, Poland, 29.09.2022

• BSHP - Electrodomésticos, Sociedade Unipessoal Lda, Rua Alto do Montijo 15, 2790-012 Carnaxide, Portugal, 28.09.2021

• Công ty TNHH Bosch Việt Nam. (Bosch Vietnam Co., Ltd.), Tầng 14, Tòa nhà Deutsches Haus, 33 Lê Duẩn, Phường Bến Nghé, Quận 1, TP.HCM, Vietnam, 28.10.2022

• Constructa-Neff Vertriebs-GmbH, Carl-Wery-Straße 34, 81739 München, Germany, 08.11.2022

• e.l.m. leblanc SAS, 124-126 rue de Stalingrad, 93711 Drancy, France, 17.02.2022

• ETAS GmbH, Borsigstraße 24, 70469 Stuttgart, Germany, 28.04.2023

• Ferroknepper Buderus S.A., B.P. 201, L-4003 Esch-Sur-Alzette, Luxembourg, 23.03.2022

• Freud S.p.A., Società unipersonale, Via Remigio Solari, 7, 30050 Pavia di Udine (UD), Italy, 11.10.2022

• Gaggenau Hausgeräte GmbH, Carl-Wery-Straße 34, 81739 München, Germany, 08.11.2022

• grow platform GmbH, Grönerstraße 9, 71636 Ludwigsburg, Germany, 25.10.2022

• Home Connect GmbH, Carl-Wery-Str. 34, 81739 München, Germany, 30.09.2021

• MIVIN Engineering Technologies Private Limited, Plot No. 531, 4th Phase, 2nd Stage Peenya, Bangalore - 560 058, India, 28.11.2022

• N.V. Robert Bosch S.A., Rue Henri Joseph Genessestraat 1, 1070 Brussels, Belgium, 06.05.2024

• NEVONEX GmbH, Bergfeldstraße 2, 83607 Holzkirchen, Germany, 10.11.2022

• PT BSH Home Appliances, APL Tower 20th Floor Units T7-T9, Jalan Letjen S. Parman Kavling 28, Kelurahan Tanjung Duren Selatan Grogol Petamburan, West Jakarta 11470, Republic of Indonesia, 29.11.2022

• PT Robert Bosch, Palma Tower, 10th floor, Jl. RA Kartini II-S Kav.6, Jakarta Selatan 12310, Indonesia, 20.09.2022

• Residential IoT Services GmbH, Steiermärker Str. 3–5, 70469 Stuttgart, Germany, 17.05.2021

• Robert Bosch AB, Isafjordsgatan 15, 164 26 Kista, Sweden, 21.08.2022

• Robert Bosch AG, Goellnergasse 15-17, 1030 Vienna, Austria, 14.03.2022

• Robert Bosch AG, Luterbachstrasse 10, 4528 Zuchwil, Schweiz, 19.08.2022

• Robert Bosch Argentina Industrial S.A, Blanco Encalada 250 – B1642AMQ, San Isidro – Buenos Aires, Argentina, 31.08.2022

• Robert Bosch AS, Rosenholmveien 25, 1414 Trollåsen, Norway, 11.03.2022

• Robert Bosch A/S, Telegrafvej 1, 2750 Ballerup, Denmark, 19.07.2022

• Robert Bosch (Australia) Proprietary Limited, C/o RBAU/FC, 1555 Centre Road, Clayton, VIC 3168, Australia, 22.12.2022

• Robert Bosch B.V., Konijnenberg 60, 4825 BD Breda, Netherlands, 06.05.2024

• Robert Bosch Company Ltd., 21/F, FOYER, 625 King’s Road, North Point, Hong Kong, 11.05.2023

• Robert Bosch d.o.o., Kidričeva 81, 4220 Škofja Loka, Slovenia, 22.08.2022

• Robert Bosch d.o.o., Kneza Branimira 22, 10040 Zagreb, Croatia, 09.03.2022

• Robert Bosch d.o.o., Milutina Milankovića 9ž, 11070 Belgrade, Serbia, 20.09.2022

• Robert Bosch East Africa Ltd., P.O. Box 66156-00800, Nairobi, Kenya, 08.09.2022

• Robert Bosch Egypt LLC, 12 Kamal El Din Hussein Street, 6th floor, Sheraton P.O. Box 11 799, Cairo, 17.01.2023

• Robert Bosch EOOD, Cherni Vrah 51B blvd, FPI business centre, 1407 Sofia, Bulgaria, 28.09.2022

• Robert Bosch Espana S.L.U., Calle de los Hermanos García Noblejas, 19., 28037 Madrid, Spain, 20.03.2022

• Robert Bosch (France) S.A.S., 32 avenue Michelet, 93404 Saint-Ouen, France, 06.09.2022

• Robert Bosch Ghana Limited, 23 Kofi Annan Road, Airport Residential Area, Accra, Ghana, 26.01.2023

• Robert Bosch GmbH, Robert-Bosch-Platz 1, 70839 Gerlingen-Schillerhöhe, Germany, 09.06.2021

• Robert Bosch Hausgeräte GmbH, Carl-Wery-Straße 34, 81739 München, Germany, 10.11.2022

• Robert Bosch Inc., Unit B 11th Floor, Ten West Campus, 20 Le Grand Street, Mckinley West, Fort Bonifacio, Taguig City 1634, Philippines, 17.10.2022

• Robert Bosch Inc., 6955 Creditview Rd., Mississauga ON, L5N 1R1, Canada, 22.08.2022

• Robert Bosch Ireland Ltd., M50 Business Park, Ballymount, Dublin 12, Ireland, 03.01.2023

• Robert Bosch Kft, Gyoemroei ut 104., 1103 Budapest, Hungary, 28.04.2022

• Robert Bosch Korea Limited Company, 5, Sinilseo-ro, Daedeok-gu, Daejeon, 34325, South Korea, 24.08.2022

• Robert Bosch Limitada, Condominio Dolce Vita, Torre 1C, 8º andar, Talatona, Luanda, Angola, 11.11.2022

• Robert Bosch Limitada, Via Anhanguera, km 98, Vila Boa Vista, 13.065-900 – Campinas – SP, Brazil, 02.09.2022

• Robert Bosch Limited, C/-PWC, Level 8 Pwc Tower, 188 Quay St, Auckland, New Zealand, 22.12.2022

• Robert Bosch Limited, Head Office FYI Tower 1, 4th floor, 2525 Rama4 Road Klong Toei, Bangkok 10110, Thailand, 15.12.2022

• Robert Bosch Limited, 48 Isaac John Street, CDL Building GRA Ikeja, Lagos, Nigeria, 25.01.2023

• Robert Bosch LLC, 38000 Hills Tech Drive, Farmington Hills, MI 48331, United States of America, 08.12.2022

• Robert Bosch Ltda. Colombia, Carrera 45 108 A 50 Lt 1, Bogota, 819, Colombia, 30.08.2022

• Robert Bosch Ltd., Viewfield Industrial Estate, Glenrothes, KY6 2RD, United Kingdom, 22.08.2022

• Robert Bosch Ltd., 1 v, P. Tychyny ave., office A701, 02152 Kyiv, Ukraine, 06.05.2022

• Robert Bosch Manufacturing Solutions GmbH, Wernerstraße 51, 70469 Stuttgart, Germany, 28.09.2021

• Robert Bosch México, S.A. de C.V., Guillermo González Camarena # 333, Colonia Centro de Ciudad Santa Fe, Álvaro Obregón, C.P.01210, Mexico, Mexico City, 12.12.2022

• Robert Bosch Middle East FZE, DAFZA, West Wing 5A, Office 701, P.O. Box 54307, Dubai, United Arab Emirates, 13.12.2022

• Robert Bosch Morocco SARL AU, 1100 Blvd El Qods, Nearshore Park, Shore 14, 1er étage, N°101, Sidi Maârouf, Casablanca, Morocco, 10.11.2022

• Robert Bosch odbytová s.r.o., Radlická 350/107d, 158 00 Praha 5, Czech Republic, 16.08.2022

• Robert Bosch OÜ, Kesk tee 10, EST-75301 Harjumaa, Estonia, 08.03.2022

• Robert Bosch Oy, Robert Huberin tie 16 A, 01510 Vantaa, Finland, 11.03.2022

• Robert Bosch Paraguay S.A., Calle Austria Nº 1585 esq. Avda. San Martin, edificio Sky Center 8vo piso oficina 803, Asunción, Paraguay, 01.06.2023

• Robert Bosch Power Tools GmbH, Max-Lang-Strasse 40-46, 70771 Leinfelden-Echterdingen, Germany, 07.09.2022

• Robert Bosch (Pty) Ltd, 96, 15th Street, Randjespark, Midrand Private Bag X118, Halfway House, 1685. Gauteng, South Africa, 30.08.2022

• Robert Bosch S.A., Av. Infante D. Henrique, Lote 2E-3E, 1800-220 Lisboa, Portugal, 16.01.2022

• Robert Bosch S.A., Calle El Cacique 0258, RCH-7750011 Santiago de Chile, Chile, 14.03.2022

• Robert Bosch S.A., Erchias 37, 19400 Koropi, Greece, 16.03.2022

• Robert Bosch Saudi Arabia Ltd, Al Arouba Alworood, 11323 Riyadh, Saudi Arabia, 14.12.2022

• Robert Bosch, S. de R.L. de C.V., Guillermo González Camarena # 333, Colonia Centro de Ciudad Santa Fe, Álvaro Obregón, C.P.01210, Mexico, Mexico City, 12.12.2022

• Robert Bosch Sdn Bhd, No. 8A, Jalan 13/6, Petaling Jaya, 46200, Selangor, Malaysia, 14.09.2022

• Robert Bosch Service Solutions - Costa Rica Sociedad Anonima, America Free Zone, Building C-12, 5th Floor, San Francisco, Heredia, Costa Rica, 07.06.2023

• Robert Bosch SIA, Mūkusalas iela 101, LV-1004 Riga, Latvia, 08.03.2022

• Robert Bosch Smart Home GmbH, Schockenriedstr. 17, 70565 Stuttgart-Vaihingen, Germany, 16.12.2022

• Robert Bosch Sociedad Anónima – Ecuabosch, Edificio Colon Corp - 1 piso - Oficina 101/102, Parque Empresarial Colon, Guayaquil 090510, Ecuador, 07.07.2023

• Robert Bosch (South East Asia) Pte Ltd, 11 Bishan St 21, Singapore 573943, Singapore, 26.10.2022

• Robert Bosch S.p.A. Società Unipersonale, Via M.A. Colonna, 35, 20149 Milano, Italy, 24.10.2022

• Robert Bosch Sp. z o. o., ul. Jutrzenki 105, 02-231 Warsaw, Poland, 29.03.2022

• Robert Bosch spol. s r.o., Ambrušova 4, 821 04 Bratislava, Slovakia, 21.04.2022

• Robert Bosch S.R.L., Str. Horia Macelariu nr. 30-34, 013937 Bukarest, Romania, 09.01.2023

• Robert Bosch Taiwan Co., Ltd., Floor 6, No. 90, Section 1, Jian'guo North Road, Jhongshan Dist., Taipei City, 104, Taiwan, 21.10.2022

• Robert Bosch Tool Corporation, 1800 West Central Road, Mount Prospect, IL 60065, United States of America, 26.10.2022

• Robert Bosch Tunisie SARL, 12 Rue Lac Toba, 1053 Les berges du lac, Tunis, Tunisia, 11.11.2022

• Robert Bosch UK Holdings Ltd., Broadwater Park North Orbital Road, Denham, Uxbridge, England, UB9 5HJ, United Kingdom, 03.01.2023

• Robert Bosch Uruguay S.A., Av. Italia 7519, local 004 (esq. Barradas) - Art Carrasco Business – Código postal 11.500, Montevideo, Uruguay, 31.08.2022

• Scintilla AG, Luterbachstrasse 10, CH-4528 Zuchwil, Switzerland, 28.06.2023

• SEG Hausgeräte GmbH, Carl-Wery-Straße 34, 81739 München, Germany, 14.11.2022

• sia Abrasives Belgium NV SA, Z.5 Mollem 580, 1730 Mollem (Asse), Belgium, 09.12.2022

• sia Abrasives, Inc. USA, 515 Lincoln County Parkway Extension, NC Lincolnton, 28092, USA, 27.02.2023

• sia Abrasives Industries AG, Mühlewiesenstrasse 20, 8501 Frauenfeld, Switzerland, 01.03.2023

• The Kobi Company, Ambachtenlaan 7C, 3001 Heverlee, Belgium, 16.12.2022

• TOV \\"BSH Pobutova Technika\\", Radyschcheva st. 10/14, 03680 Kyiv, Ukraine, 26.06.2023

• UAB Robert Bosch, Ateities pl. 79A, LT-52104 Kaunas, Lithuania, 08.03.2022

Highlights

Bosch.IO GmbH has set out below some important highlights of the Privacy Notice for our Single Sign-On Service SingleKey ID© and our SingleKey ID© Website at https://singlekey-id.com/. You can also obtain more information about how we collect, use, disclose and safeguard your personal information by reviewing our full Privacy Notice below.

SingleKey ID© enables access to various services of the Bosch Group independent of your registration to the SingleKey ID©, such as apps, web shops, online platforms or websites as well as access to products, data, contributions, image and audio documents, information and other contents. You can obtain more information about the Service we provide by reading our terms of use (Link).

What personal information do we collect?

For more information see Collection of Personal Information and Sources of Personal Information sections below.

We collect various types of information about those who visit our Website or who register for or use the Service, for purposes related to the services or products provided through the Website and Service, including:

• Information we collect directly from you (i.e., when given by you) when you visit our Website, register for or use the Service or when you contact customer support or otherwise interact or communicate with Bosch.IO, including your first and last name, the country where you live or from where you access the Website or Service, your language preference, your email address, your username, your account and password, and any other information you submit to us; and

• Information we collect indirectly from you (i.e., collected when you visit the Website or register for or use the Service), including your online identifier, Internet Protocol (“IP”) address, operating system, browser and other log files.

We also may collect information in ways that we describe to you at the point of collection or otherwise with your consent. The section titled “Collection of Personal Information” contains more information on these categories.

Why do we collect personal information and how is it used?

For more information see Collection of Personal Information below.

Business Purposes:

• Fulfilling or meeting the reason you provided the information, such as processing and verifying your registration and enabling your use of the Service or responding to your inquiries.

• Technical administration of the Website and Service and investigation of Website and Service disruptions.

• Maintaining the safety, security, and integrity of our mobile applications, websites, online platforms, products and services, databases and other technology assets and business.

• Administering, maintaining, personalizing and improving the Website and Service, including, without limitation, to authenticate users, provide requested services and optional additional services, to understand how our users interact with the Website and Service and to improve and develop new features, products and/or services.

• Evaluating or conducting a merger, sale of assets, consolidation or restructuring, financing or acquisition of all or a portion of any Bosch Group business, asset or opportunity by, with or into another business, entity or company when necessary.

• Compliance with legal and/or regulatory requirements.

• Providing customer service.

Commercial Purposes:

• Responding to submitted inquiries and customer service requests and other questions and/or comments.

• For the U.S., this data may be used for marketing and analytic purposes.

Bosch.IO will not collect or use personal information for materially different, unrelated or incompatible purposes without providing you notice (or obtaining your consent, where required by applicable laws in the relevant jurisdiction). Additionally, Bosch.IO only retains personal information for as long as necessary to carry out the purposes for which we originally collected it and for other legitimate business purposes, including to meet our legal, regulatory, or other compliance obligations.

Is personal information shared or disclosed?

For more information see Disclosure, Sale, and Sharing of Personal Information – Past 12 months, Personal Information Sales: Opt-Out and Opt-In Rights, and Use of Cookies below.

Bosch.IO may share your information with:

• Bosch Group affiliated entities that use the Service and that you are in a contractual relationship with.

• Service providers and other partners and entities performing work on Bosch.IO’s behalf, including those we have commissioned for programming, data hosting and as well as to operators of our IT system, administrators and customer support.

• Other third parties where required or permitted by applicable law, including (without limitation) relevant governmental authorities in accordance with, and as Bosch.IO deems required, necessary and/or appropriate by, or in connection with, applicable law, regulation, court order or legal process.

Bosch.IO does not sell or share personal information, therefore we do not have an opt-out.

What are the risks?

• We may transfer your personal information to countries other than the country where you reside, including to Bosch Group affiliates that integrate the SingleKey ID© in their services, such as apps, web shops, online platforms or websites, and that you are in contractual relationship with, as well as to service providers of Bosch.IO. Therefore, your information may be accessible to courts, law enforcement and national authorities in other countries. You can obtain information about Bosch.IO’s policies and practices with respect to foreign service providers (including affiliates), or ask questions about the collection, use, disclosure or storage of personal information by such service providers, by contacting our Privacy Policy Administrator as described in the Privacy Policy.

• Bosch.IO security measures related to the Website and Service are regularly reviewed and updated as necessary in accordance with the state of technological developments. However, absolute protection is not possible. We cannot guarantee the security of information posted or transmitted using the SingleKey ID©.

What else should you know?

• Your personal information will be transferred from the United States and Canada, and stored in data centers in Germany, the Netherlands and Ireland and accessible to Bosch Group affiliates responsible for the services you are accessing with SingleKey ID©.

• You may contact our Privacy Policy Administrator, as described in the Privacy Policy, with any questions about the collection of your personal information.

• In some circumstances, you also may have a right to access, update, and correct inaccuracies in your personal information (e.g., pursuant to local law).

• Any additional choices you may have are described in the full Privacy Notice below.

Notice to Canadian Users: Please note that by visiting the Website, registering for and/or using the Service and/or otherwise voluntarily providing your personal information to us, as applicable, you are consenting to the collection, use and disclosure of your personal information as described in our Privacy Policy and summarized above.

SingleKey ID© PRIVACY NOTICE

I. Introduction

Bosch.IO GmbH is pleased to have you use our Single Sign-On Service SingleKey ID© and welcomes your interest in the SingleKey ID© Single Sign-On Service This Privacy Notice applies to all users of https://singlekey-id.com/ and those who register for or use the Service anywhere in the United States, Canada, and their respective territories and possessions.

The protection of your privacy is an important concern to which we pay special attention. We jointly with the Bosch Group affiliates offering services that you access with SingleKey ID©, process personal information collected during your visit to the Website, registration for or usage of the Service in compliance with this Privacy Notice and all applicable laws and regulations. Data protection and information security are part of Bosch.IO corporate policy.

Notice to Canadian Users: Please note that by visiting the SingleKey ID©, registering for and/or using the Service and/or otherwise voluntarily providing your personal information to us, as applicable, you are consenting to the collection, use and disclosure of personal information as described in this Privacy Notice. If you do not consent to the processing of your personal information in accordance with this Privacy Notice, please do not register for, access or continue to use the Website or Service or otherwise provide any personal information to us.

II. Scope

This Notice covers our treatment of personally identifiable information, as defined by numerous statutes in the United States, personal information as defined by Canada’s Personal Information Protection and Electronic Documents Act and any applicable substantially similar provincial legislation, , which we gather when you are accessing, viewing, completing, or using our Website or the Service, which we gather while you are accessing, viewing, completing, or using our Website or the Service.

III. Collection of Personal Information

The SingleKey ID© has collected the following personal information from users of the SingleKey ID© within the last twelve (12) months.

1. Categories and Sources of Information: Personal Information

We collect this information from our users, customers, and business partners. We also generate identifiers internally.

• Examples: First name, last name, email address, phone number, password, language, country

• Business or Commercial Purpose: Business - To process and verify your registration and enable the use of the service. Commercial - To improve our offering. We do not sell/share this data.

• Do we disclose, share or sell this data? We disclose this data with our service providers and with business partners, including those whom you instruct us to send this information.

• Retention: We retain personal information for the length of time needed to fulfil the purposes outlined in this privacy notice, unless a longer retention period is required or permitted by law. We retain personal information of inactive users for 10 years.

2. Categories and Sources of Information: Identifiers

We collect this information from our users, customers, and business partners. We also generate identifiers internally.

• Examples: Your unique identifier

• Business or Commercial Purpose: Business - To enable use of our Website and Service, to communicate with you, and to understand how our users interact with our Website and Service. Commercial - To improve our offerings

• Do we disclose, share or sell this data? We disclose this data with our service providers and with business partners, including those whom you instruct us to send this information. We do not sell/share this data.

• Retention: We retain identifiers for the length of time needed to fulfil the purposes outlined in this privacy notice, unless a longer retention period is required or permitted by law. We retain identifiers of inactive users for 10 years.

3. Categories and Sources of Information: Internet or other similar network activity

We collect this information from our users, customers, and business partners. We also generate identifiers internally.

• Examples: Log files, including

  • IP address of the terminal device that is used to access the Service;

  • Internet address of the website from which the Service was accessed (otherwise known as the URL of origin or referrer URL);

  • Name of the service provider that is used to access the Online Offer;

  • Name of the files or information accessed;

  • Date and time as well as duration of retrieval;

  • Amount of data transferred;

  • Operating system and information on the internet browser used including add-ons installed (e.g., Flash Player);

  • http status code (e.g., “Request successful” or “File requested not found”).

• Business or Commercial Purpose: Business - We save log files only for a short time and solely to determine disruptions or for security reasons (e.g., to investigate attempted attacks) and to otherwise maintain the safety, security and integrity of our Website and Service, databases and other technology assets and business. After these purposes have been completed, the log files will generally be deleted. Log files that need to be maintained for evidence purposes are excluded from deletion until the respective incident has been completely resolved or, on a case-by-case basis, has been passed on to investigating authorities. Commercial - To improve our offering.

• Do we disclose, share or sell this data? We may share this data with our IT service providers or any provider commissioned by us and to investigating authorities on a case-by-case basis and where allowed by law. We do not sell this data.

• Retention: We retain internet or other similar network activity for 90 days.

Bosch.IO will continue to collect the personal information described above. If any additional personal information is collected by Bosch.IO, we will provide any required notice(s), and where applicable obtain any required consent(s), in accordance with applicable laws in the relevant jurisdiction.

IV. Sources of Personal Information

We collect personal information from the following categories of sources:

1. Directly from you - For example, when given by you or collected from you through your access to and/or use of our Website or the Service for registration and login with SingleKey ID, for an overview and administration of master data and applications with SingleKey ID or for contacting customer support or otherwise interact or communicate with Bosch.IO, its agents, representatives, suppliers, vendors or consultants through our Website or the Service. This information may include, without limitation, your first and last name, the country where you live or from where you access the Website or the Service, your language preference, email address, phone number, identifier and password, and any other information you choose to provide us.

Users are solely responsible for providing notices to, and obtaining valid consent from, any other individual whose personal information is submitted to Bosch.IO in connection with the Service.

2. Indirectly from you. For example, from observing your use of our Website or the Service and/or the Services, or services related thereto. The following data may be collected automatically: the website from which you visit SingleKey ID (referrer), pages viewed, files downloaded (downloads), individual links clicked, search words or search phrases (site search), duration of visit, browser used, device data (e.g., unique device identifier, MAC address, IP address, serial number, hardware model, network information and operating system and version), and other relevant details and/or information. If the visit is a result of online advertising such as banners, video ads, search engine advertising, etc., Bosch.IO or its agents, representatives, suppliers, vendors or consultants may record which banner, adware, etc. motivated or assisted with the visit to our Website or the Service.

Bosch.IO will not collect additional categories of personal information or use the personal information we collected for materially different, unrelated or incompatible purposes without providing you notice or obtaining your consent, where required by applicable laws in the relevant jurisdiction.

V. Disclosure, Sale and Sharing of Personal Information – Past 12 Months

Bosch.IO may use, store, compile, manipulate, share and disclose your personal information with third parties for the purposes stated above. Your personal information is disclosed with the following:

• Bosch Group affiliated entities, including Bosch’s parent company in Germany, Robert Bosch GmbH, to leverage shared services and improve our Services;

• Bosch.IO service providers, vendors, consultants, suppliers, licensors, marketing, partners and other partners and entities performing work on Bosch.IO’s behalf, such as hosting vendors, advertising service providers, data analytics companies, marketing service companies, list managers and delivery companies;

• Relevant authorities in accordance with, and as Bosch.IO deems required, necessary and/or appropriate by, or in connection with, applicable law, regulation, court order or legal process.

By accessing and/or using our Website or the Service, you consent to the above uses and disclosure of your personal information in accordance with this notice.

Sale of or Sharing of Personal Information. In the preceding twelve (12) months, SingleKey ID© has not shared or sold your personal information. Therefore, we do not offer an opt-out.

VI. International Data Transfer

Bosch.IO may transfer your personal information to Bosch Group affiliates offering services that you access with SingleKey ID© throughout the world, when processing, storing, analyzing, and otherwise using data. Bosch.IO may also transfer your data to a service, provider, contractor, or third party outside the country of origin. Accordingly, your personal information may be accessible to courts, law enforcement and national authorities in countries other than the country in which you reside. You can obtain information about Bosch.IO’s policies and practices with respect to foreign service providers (including affiliates), or ask questions about the collection, use, disclosure or storage of personal information by such service providers, by contacting our Privacy Notice Administrator as described below.

VII. Children’s Privacy

Bosch.IO does not knowingly collector or use any personal information from online visitors under the age of 16. Bosch.IO does not knowingly allow visitors under the age of 16 to participate in any promotions or contests made available on our Website or the Service from time to time.

VIII. California “Shine the Light” Privacy Rights

California’s “Shine The Light” law permits those Bosch.IO customers who are residents of California to annually request a list of their personal information (if any) that Bosch.IO disclosed to third parties for direct marketing purposes in the preceding calendar year, and the names and addresses of those third parties. At this time, Bosch.IO currently does not share any personal information with third parties for direct marketing purposes.

IX. Use of Links to Affiliated Sites

The Service and Website may contain links to other Bosch Group sites (“Affiliated Sites”). The Service provides these links only as a convenience. Your use of these Affiliated Sites and any related services are outside the scope of this Privacy Notice and is governed by the Privacy Notice and any other terms referred to or located on such Affiliated Sites.

X. Use of External Links

The SingleKey ID© may contain links to third-party websites or services operated by providers that are not associated with Bosch.IO. After you click the link, Bosch.IO no longer has any influence over the collection, storage, use or processing of any personal information transmitted by clicking the link (such as the IP address or URL of the page that contains the link), as the behavior of third parties is, by nature, beyond Bosch control. Therefore, Bosch.IO is not responsible for the collection, storage, use, disclosure or other processing of personal information by such third parties. For further clarity, this Privacy Notice does not apply to any such third-party websites or services; refer to the privacy statements or policies for such third-party websites or services for information about how they collect, use, disclose and protect personal information.

XI. Security

Bosch.IO takes commercially reasonable efforts to ensure that your data collected by Bosch.IO through the Service and Website is protected against tampering, loss, destruction, access by unauthorized persons or unauthorized disclosure. Bosch security measures are being continuously improved in accordance with the state of technological developments, however, absolute protection is not possible.

To register for SingleKey ID, you are required to provide your email address or phone number and create a password. You must not share this access information with anyone else as you are personally responsible for any information transmitted while logged in with your username and password. We disclaim any and all liability for any information transmitted due to an unauthorized log in.

XII. Use of Cookies

I. Bosch.IO Cookies.

Bosch.IO uses only technical or strictly necessary cookies to ensure technically functionality of the service and website. Bosch.IO does not use and third-party cookies or other tracking mechanisms.

Cookies are small text files stored on your computer or device when you visit the Service and Website.

If you wish, you can delete the cookies at any time from your web browser. However, this can result in some functions no longer being available. For information on deleting the cookies, consult your browser‘s help function.

XIII. How We Respond to Do Not Track Signals

The “Do Not Track” (“DNT”) privacy preference is an option that may be made in some web browsers allowing you to opt-out of tracking by websites and online services. Bosch.IO does not track users, therefore does not recognize and/or respond to DNT signals.

XIV. International Users

This is a German Website and Service that is targeted to users in the U.S. and Canada, and complies with relevant U.S. and Canadian laws, as applicable, including, without limitation, those governing the privacy and security of your information. If you visit, register for or use the Website and/or the Service, you are transferring your personal information to Bosch.IO in Germany. By visiting, registering for or using the Website and/or the Service or providing your information to Bosch.IO through the Website and/or the Service, you consent to the transfer of your personal information to Germany, and Bosch.IO’s handling of your information in accordance with applicable German and U.S. requirements and this Privacy Notice. Accordingly, your personal information may be accessible to courts, law enforcement and national investigation authorities in the United States as well as in Germany. You can obtain information about Bosch.IO’s policies and practices with respect to service providers (including affiliates) outside the country where you reside, or ask questions about the collection, use, disclosure or storage of personal information by such service providers, by contacting our Privacy Notice Administrator as described below.

XV. Your Rights - US

State specific privacy laws within the United States provide data subjects certain rights regarding the personal information that businesses collect and how the collected personal information is used. If you would like to exercise data subject right available to you, find the “Exercise your Rights” section below. Our privacy team will examine your request and respond to you as quickly as possible.

We may still use any aggregated and de-identified Personal Information that does not identify any individual and may also retain and use your Personal Information as necessary to comply with our legal obligations, resolve disputes, and enforce our Agreements. We maintain and use all de-identified information in de-identified form. We do not attempt to reidentify it except to ensure our de-identification processes are in compliance with applicable law.

Dependent on the state of your residence, you may be provided the following rights:

California:

• Right to know what personal information is being collected

• Right to access your personal information.

• Right to correct inaccurate personal information.

• Right to delete personal information

• Right to know what personal information is sold or shared and to whom.

• Right to opt-out of sale or sharing of personal information for cross-context behavioral advertising

• Right to data portability

• Right to opt-out of processing for the purpose of profiling

• Right to limit the use and disclosure of sensitive personal data

• Right of no retaliation following opt-out or exercise of other rights

Virginia:

• Right to confirm if personal data is processed

• Right to access your personal information

• Right to correction inaccuracies in your personal data

• Right to delete your personal data

• Right to obtain a copy of your personal data

• Right to opt-out for the purpose of targeted advertising, sale of data, or profiling

• Right to non-discrimination

• Right to appeal

Colorado:

• Right to confirm if personal data is processed

• Right to access your personal information

• Right to correction

• Right to deletion

• Right to opt-out of sale, targeted advertising, and profiling

• Right to data portability

• Right to non-discrimination

• Right to appeal

Connecticut:

• Right to confirm if personal data is processed

• Right to access your personal information

• Right to correction

• Right to deletion

• Right to data portability

• Right to opt-out of sale, targeted advertising, and profiling

• Right to Non-Discrimination

• Right to appeal

Utah:

• Right to confirm if personal data is processed

• Right to access your personal information

• Right to deletion

• Right to data portability

• Right to opt-out of sale and targeted advertising

• Right to non-discrimination

Nevada:

• Right to request that a company not sell your personal information for monetary consideration

XVI. Your Rights – Canada

Individuals located in Canada have certain rights pursuant to Canadian Privacy Laws. Subject to certain exceptions and limitations, and depending upon the jurisdiction where you reside, such rights may include:

a. The right to withdraw your consent to the collection, use or disclosure of your personal information.

b. The right to be informed of the existence, use, and disclosure of your personal information, and to be provided with an account of the use that has been made or is being made of this information as well as the third parties to which it has been disclosed (including a list of organizations to which your information may have disclosed).

c. The right to challenge the accuracy and completeness of your personal information, and have it amended, updated or rectified as appropriate.

d. The right to acquire information about Bosch’s policies and practices with respect to personal information, including: a description of the type of personal information held by Bosch and a general account of its use; a copy of any brochures or other information that explain our policies, standards, or codes; and information about what personal information is shared with or accessible to our affiliates.

e. The right to challenge Bosch’s compliance with the applicable Canadian Privacy Laws.

XVII. How to Exercise Your Rights

To exercise your rights, submit a verifiable consumer request or access request, as applicable, to us by either:

• Calling us at (888-43-BOSCH (888-432-6724)).

• Sending an email to: privacy.policy@us.bosch.com

To assist Bosch in processing your request when exercising your rights, supply the following information:

• Full name

• Phone number

• Email address

• Any information you can provide about your previous contact with Bosch.IO (e.g. contact point / touchpoint with Bosch, screenshots, reference to a specific product/newsletter)

Only you (or based on your state of residence, an authorized agent authorized by you to act on your behalf – see Section Authorized Agent below for more information) may make a verifiable consumer request or access request, as applicable related to your personal information. You may also make a verifiable consumer request on behalf of your minor child. Your verifiable consumer request or access request, as applicable, must:

• Provide sufficient information that allows us to reasonably verify you are the person about whom we collected Personal Information or an authorized representative.

• Describe your request with sufficient detail that allows us to properly understand, evaluate, and respond to it.

We cannot respond to your request or provide you with personal information if we cannot verify your identity or authority to make the request and confirm the personal information relates to you. Making a verifiable consumer request or access request does not require you to create an account with us, but if you already have an account with us, you may be required to make your request through that account.

We will only use personal information provided in a verifiable consumer request or access request, as applicable, to verify the requestor’s identity or authority to make the request.

XVIII. Response Timing and Format

We endeavor to respond to a verifiable consumer request or access request, as applicable, within thirty (30) days of its receipt, or sooner where required by applicable law (including Canadian Privacy Laws). If we require more time (up 90 days in total), where permitted by applicable law, we will inform you of the reason and extension period in writing. Opt-out request will be honored as soon as feasibly possible, but no later than 15 days from the date we receive the request.

If you have an account with us, we will deliver our written response to that account. If you do not have an account with us, we will deliver our written response by mail or electronically, at your option.

Any disclosures we provide in response to a verifiable consumer request will only cover the 12-month period preceding the verifiable consumer request's receipt, unless otherwise required by applicable law. The response we provide will also explain the reasons we cannot comply with a request, if applicable.

For data portability requests, where applicable, we will select a format to provide your personal information that is readily useable and should allow you to transmit the information from one entity to another entity without hindrance.

We do not charge a fee to process or respond to your verifiable consumer request or access request, as applicable, unless it is excessive, repetitive, or manifestly unfounded. If we determine that the request warrants a fee, we will tell you why we made that decision and provide you with a cost estimate before completing your request.

XIX. Personal Information Sales: Opt-Out and Opt-In Rights

SingleKey ID© does not sell your personal information to third parties as defined by relevant laws. Therefore, we do not offer an opt-out.

XX. Authorized Agent

I. California

As a California resident you may also exercise your request to know or request to delete through an authorized agent. When you submit your request through an authorized agent we require that you:

1. Provide us a copy of your written permission for the authorized agent to submit the applicable request; and

2. Verify your own identity directly with us.

The foregoing does not apply when you have provided your authorized agent with a power of attorney pursuant to California Probate Code sections 4000 to 4465; provided, that we may require a copy of such power of attorney before fulfilling any request.

II. Colorado

As a Colorado resident you may also exercise your request to opt-out through an authorized agent. When you submit your request through an authorized agent we require that you:

1. Provide us a copy of your written permission for the authorized agent to submit the applicable request; and

2. Verify your own identity directly with us.

XXI. Non-Discrimination

We will not discriminate against you for exercising any of your rights. Unless permitted by applicable law, we will not: (a) deny you goods or services; (b) charge you different prices or rates for goods or services, including through granting discounts or other benefits, or imposing penalties; (c) provide you a different level or quality of goods or services; or (d) suggest that you may receive a different price or rate for goods or services or a different level or quality of goods or services.

XXII. Filing a Complaint

Regulatory authorities that oversee the privacy laws and regulations, including the Office of the Privacy Commissioner of Canada, advise individuals to file an objection or challenge with the relevant company before lodging a formal complaint with a regulatory authority. If you are dissatisfied with Bosch’s response to an objection or challenge filed under Article XX above, or you if wish to file a complaint with a regulatory authority first, you may do so as follows:

Under PIPEDA: You may file a complaint with the Office of the Privacy Commissioner of Canada. Depending upon the province where you live, you may also (or instead) have the right to file a complaint with the applicable provincial privacy commissioner/regulator.

Under PII Laws: You may file a complaint with the relevant state’s Attorney General’s office.

Under the US: You may file a complaint with the applicable state Attorneys General Office or regulatory agency.

XXIII. Changes to Privacy Notice

Due to the constantly changing nature of Bosch.IO business, Bosch.IO reserves the right to change, update, revise and/or modify this Privacy Notice at any time at Bosch.IO’s sole discretion, and Bosch.IO will post any new or revised Privacy Notice here. Any such change, update, revision and/or modification will be effective immediately upon posting on this website, unless we are required to provide direct notice or obtain your consent pursuant to applicable laws. Use of information that Bosch.IO gathers now will be subject to the Privacy Notice in effect at the time of use. By using or navigating around the Website or Service or utilizing any of the services, you acknowledge that you have read and understood and agree to be bound by this Privacy Notice in and the applicable Terms of Use. If you do not agree to be so bound, do not remain on the Website or Service. You are responsible for checking the Website and Service frequently to keep apprised of recent changes.

________________________________________________________________________

The effective date of this Privacy Notice is August 16th,2023.

This Privacy Notice was updated on August 16th,2023. The following information was updated:

State -Specific Privacy Information Added:

• California Resident Information

• Virginia Resident Information

• Utah Resident Information

• Colorado Resident information

• Connecticut Resident information

• Nevada Resident information

XXIV. Contact

To obtain more information or to submit suggestions or complaints regarding the processing of your personal information, you can contact the Bosch.IO Privacy Notice Administrator.

If incorrect information has been stored despite Bosch.IO efforts to maintain correct and up-to-date data, Bosch.IO will correct this upon your written request, sent to:

• Email: privacy.policy@us.bosch.com

• Postal Address: Bosch.IO GmbH, Ullsteinstrasse 128, 12109 Berlin, Germany

You may also contact as follows:

• Phone: (888-43-BOSCH (888-432-6724)).

• Website: https://singlekey-id.com/

© Copyright 2023 Bosch.IO. All rights reserved.