From time to time, it may be necessary to adapt this notice to comply with legal requirements or to cover new or modified services. The most recent version of this data privacy notice can be found at: https://dataprotection.linde.com/
1. Controller and Data Protection Officer
The controller for the processing of your personal data on Linde’s Office 365 platform is Linde GmbH Dr.-Carl-von-Linde-Strasse 6-14, 82049 Pullach, Germany. Linde GmbH is a subsidiary of Linde plc (in this document, Linde plc and its affiliated companies are referred to as “Linde”), a leading global industrial gases and engineering company. Linde’s Office 365 platform includes Teams, Sharepoint and other services included in Microsoft Office365 that are made available to you.
Contact details of the EU Group Data Protection Officer (“EU GDPO”) of Linde GmbH: Linde GmbH, EU Group Data Protection Officer, Dr.-Carl-von-Linde-Strasse 6-14, 82049 Pullach, Germany, Email: dataprotection@linde.com.
2. Processing of personal data in the context of external access to Linde’s Office 365 platform
The Office 365 platform offers you a variety of functions for searching and communicating with employees of Linde and its external partners (“users”) for business purposes in the form of contributions, comments, likes, follows, and user mentions (@) as well as through the option to share and mark content and documents (“activities”).
We process your personal data in order to provide the functions on the platform. The type, scope, and purpose of processing personal data depend on your activities on the platform and are defined by the business relationship between Linde and you or your employer. In any case, your personal data is processed only in accordance with applicable law.
Your activities and related data are visible to other members of your Sharepoint Online / Teams / Team Sites as well as to administrators of the Office 365 platform
3. Type and Origin of Personal Data processed by Linde GmbH
You decide which personal data you share on the Office 365 platform in the form of contributions, comments, likes, follows, and user mentions (@) as well as by creating content using Office 365, such as text typed in a Teams chat or a Word document, or through sharing and marking content and documents (“activities”).
When using the platform, required service data, including data sent by your browser (IP address, cookies, related websites, time and data, content displayed), is used to enable Microsoft (as the platform provider) to deliver the service (i.e. Office 365, MS Teams) and help to make the service secure and perform as expected. Required service data also includes the account being used to connect to our services.
4. Purpose for Processing by Linde GmbH and Legal Basis
4.1 We process Data to fulfil our Contractual Obligations
We process personal data only to the extent necessary to fulfil contractual and legal obligations in connection with the business relationship with our customers, suppliers and partners. The purpose of use of Linde’s Office 365 platform is defined by the business relationship between Linde and you or your employer.
4.2 We process Data to protect Legitimate Interests
We also process personal data insofar as it is necessary to safeguard the legitimate interests of Linde GmbH or Linde companies as well as our customers (and, if applicable, other third parties). Where this is the case, we process personal data only after due consideration of your relevant interests. This is the case where data is generated by your activities in relation to work results in a business relationship between Linde and your employer, but also for example in relation to maintenance and support of the Office 365 platform operation including security measures and related audits.
5. Recipients of your Data
In order to provide the platform and to ensure lawful use, administrators working on our behalf have access to all activities and other information. These administrators may be employees of any global Linde companies or third parties commissioned by Linde to process data. In the event of a technical fault – in exceptional cases – platform administrators of Microsoft must also temporarily be granted access to the data. These other Linde companies or third parties are acting as processors on behalf of Linde GmbH.
6. Transfer to Third Party Countries or International Organizations
We may transfer personal data to recipients with an adequate level of data protection. Linde GmbH has taken and will take appropriate measures to ensure an adequate level of data protection at the recipient, in particular by relying on adequacy decisions of the EU Commission or Standard Contractual Clauses issued by the EU Commission. More information on these measures is available via the EU Group Data Protection Officer.
7. Storage and Retention Periods
We process personal data relating to “activities” or included or related to content and documents (including user account data) as long as it is necessary for the fulfilment of the business relationship with you or your employer. As soon as the data concerned is no longer required for this, it is generally deleted, subject to applicable retention periods.
8. Automated Decision-Making and Profiling
We do not use automated decision-making processes for procedures that have legal implications or a similarly significant impact on you. No decision will be made without further human review.
Profiling within the meaning of Art. 4 (4) GDPR in general does not take place at Linde. In case of an exception, a separate data protection notice will be provided.
9. Your Data Privacy Rights
All data subjects have the following rights pursuant to Articles 15 to 21 GDPR - within the statutory limits of the EU member states:
- Right of access
- Right to rectification
- Right to erasure
- Right to restriction of processing
- Right to data portability
- Right to object
You have the right to object at any time to certain types of processing of your data for reasons arising from your particular situation. This right only applies to data processing in the public interest and to data processing based on legitimate interests. You may also object to profiling, insofar as it is based on these two provisions. If you object, we will cease processing your personal data, unless we can demonstrate compelling legitimate grounds for the processing that override your interests, rights and freedoms or for the establishment, exercise or defence of legal claims. Your objection does not require any specific form and can be e-mailed to us at: info@linde.com
You also have the right to file a complaint with the competent supervisory authority (see Art. 77 GDPR).
Pullach, February 2021
