Data Protection & Cookie Policy

Please note the following Statement is intended for Linde plc in accordance with General Data Protection Regulation (“GDPR” - EU Regulation 2016/679) requirements and the laws of Ireland.

If you are a resident of California, please refer to our Addendum for California Privacy Rights Act below.

 

With the following data privacy notice, we would like to inform you about the processing of your personal data by Linde GmbH, Dr.-Carl-von-Linde-Strasse 6-14, 82049 Pullach, Germany.

From time to time, it may be necessary to adapt this privacy policy as whole as well as specific parts of it to comply with the up to date legal requirements or to cover the introduction of new services. The most recent version of our data privacy notice can be found at: https://www.linde.com/privacy-notice

I. General Information regarding Data Protection at Linde

1. Controller and Data Protection Officer

The controller responsible for the processing of your personal data in the sense of data protection law is Linde GmbH. Linde GmbH is a subsidiary of Linde plc (in this document, Linde plc and its affiliated companies are referred to as “Linde”), a leading global industrial gases and engineering company.

The contact details of the EU Group Data Protection Officer (“EU GDPO”) of Linde GmbH are:

Linde GmbH
EU Group Data Protection Officer
Dr.-Carl-von-Linde-Strasse 6-14, 82049 Pullach, Germany
Email: dataprotection@linde.com

2. Your Data Privacy Rights

In connection with any processing of personal data by Linde GmbH, all data subjects have the following rights pursuant to Articles 15 to 21 GDPR - within the statutory limits of the member states:

• Right to information
• Right to correction
• Right of deletion
• Right to limitation of processing
• Right to data transferability
• Right of objection

Furthermore, you have the right to revoke your consent to the processing of your personal data at any time with effect for the future. Such revocation has no effect for the past, i.e. it does not affect the legitimacy of the data processing carried out up to the revocation. If you are of the opinion that the processing of personal data by Linde GmbH is not in accordance with the data protection regulations or you are not satisfied with the information provided by us, you have the right to file a complaint with the competent supervisory authority (see Art. 77 GDPR).

3. Transfer to Third Party Countries or International Organizations

We take care not to transfer your data to recipients in countries without an adequate level of data protection (third party countries). However, in some cases, this cannot be completely avoided. Where this is the case, Linde GmbH has taken and will take appropriate measures to ensure an adequate level of data protection at the recipient at all times. These include in particular adequacy decisions by the EU Commission or standard data protection clauses adopted by the EU Commission and are available via the EU Group Data Protection Officer.

4. Storage and Retention Periods

We process personal data only as long as it is necessary for the fulfillment of our contract obligations. As soon as the data concerned is no longer required for this, it is generally deleted. However, in order to comply with certain legal requirements, we must store some data beyond the termination of contractual relationships. This includes commercial and tax documentation, evidence and storage obligations. In these cases, we are generally required to safeguard or store data for three to ten years, or in rare instances, e.g. in legal disputes for up to 30 years.

II. Processing of Personal Data by Linde GmbH for Core Business Purposes

Linde is offering customers from the industrial retail, trade, science, research and public sectors a comprehensive product and service portfolio. Our customers, suppliers and partners are as diverse as we are. To conduct our complex international business, it is necessary to process personal data.

1. Type and Origin of Personal Data processed by Linde GmbH

We process personal data only to the extent necessary to fulfill our contractual and legal obligations in connection with the business relationship with our customers, suppliers and partners. “Processing” means that we collect, store, delete or transfer personal data, to list a few examples. Personal data processed by us includes:

• Master and contact data of customers and suppliers, such as name, address, telephone number, e-mail address, function, department of our contact persons, etc.
• Data we need for invoicing and payment processing, such as bank details, tax number, credit management information, etc., as far as it concerns the data of a natural person
• Supplier and customer relationship management information, such as order history, etc., as far as it concerns the data of a natural person

We regularly receive the personal data processed by us within the framework of and in the course of our business relationship with our customers. In some cases, we also receive personal data from affiliated companies of Linde, e.g. contact data from suppliers within Linde’s supplier relationship management. In some cases, we also process personal data that we have received in another manner, in accordance with the applicable data protection laws. This is regularly the case regarding:

• Publicly accessible sources, e.g. trade and business registers, trade fairs, exhibitions, Internet sources, newspapers, trade directories, etc.
• Third parties who are not affiliated with Linde, e.g. trade/business associations, credit agencies, insurance companies, etc.

2. Purpose for Processing by Linde GmbH and Legal Basis

We process your personal data only for permitted purposes and in accordance with the applicable legal provisions of the GDPR and relevant national data protection laws.

2.1⠀We process Data to fulfill our Contractual Obligations

We process personal data to fulfill our contractual obligations towards our customers and suppliers or to carry out so-called pre-contractual measures, which take place upon a specific request.

In these cases, the purpose of data processing is determined by the contract we have concluded with our customers or suppliers and services that are provided under this contract. This also includes, for example, the processing of personal data in the context of sending catalogues, information on our services or the preparation of specific offers.

2.2⠀We process Data to protect Legitimate Interests

We also process personal data insofar as it is necessary to safeguard the legitimate interests of Linde GmbH or Linde companies as well as our customers (and, if applicable, other third parties). Where this is the case, we process personal data only after due consideration of your relevant interests.

This includes in detail e.g.:

• The supply of products and the provision of services
• Customer service and handling of complaints
• Direct mail, provided you have not objected to the processing of your personal data for these purposes
• The surveillance of publicly accessible rooms in our branches with optical-electronic equipment (video surveillance)
• Transfer of personal data within Linde for internal administrative purposes

2.3⠀We process Data with your Consent

We also process your personal data if you have given us your consent. You may revoke your consent at any time. Please note, however, that data processing up to the date of revocation remains permissible.

2.4⠀We process Data to fulfill Legal Obligations

We are required to process certain data in order to comply with legal obligations. Such obligations may arise from certain provisions of national commercial, trade, tax and social law as well as European legislation, e.g. in connection with regulations to avoid the financing of terrorism. In detail, this may also result in obligations for Linde GmbH to safeguard, store, report and collect data, which generally serve control purposes from the respective authorities.

2.5⠀Information regarding Change of Purpose

Should we process your personal data for any reason other than that for which we originally collected them, we will only do so to the extent permitted by law and will inform you of this new purpose .

3. Recipients of your Data

Personal data will only be made available to other companies of Linde if and insofar as this is necessary to protect our legal and contractual rights and obligations. This, for example, can be the case for the coordination of our contractual services. Typical examples are centralized supplier and customer management services, centralized IT services and internal shared service center in finance and accounting.

We cooperate with external service providers to fulfill certain contractual obligations. This is the case, for example, in connection with specific supplier and customer management services, hosting of IT infrastructure and external shared service center in finance and accounting, payment processing (credit card, direct debiting, purchase on account), logistics and delivery, promotional activities or the transaction of online orders. As far as we involve external service providers, this always takes place within the legal limits and in compliance with the applicable data protection regulations.

We only transfer personal data to other recipients outside Linde if we are legally obliged or permitted to do so. In all other cases, we will only transfer your data to other third parties if you have given us your corresponding consent.

In the context of the continuous development of our business, we may divest subsidiaries or business parts or merge our business or parts thereof with another company. Such transactions typically entail the transfer of customer information pertaining to the sold or divested subsidiary or business part to the buyer or to the company created by the merger. In the unlikely event of a complete sale of Linde or substantial parts thereof, your personal information will also be transferred to the buyer.

4. Obligation to provide Data

In order to be able to provide our services to our customers, we must process certain personal data or are legally obliged to do so. We collect the corresponding data from you upon conclusion of the contract (e.g. address, business contact data and function). Without these data we cannot conclude contracts with our customers.

5. Automated Decision-Making and Profiling

We do not use automated decision-making processes for procedures that have legal implications or a similarly significant impact on you. No decision will be made without further human review.

Profiling within the meaning of Art. 4 (4) GDPR in general does not take place at Linde. In case of an exception, a separate data protection notice will be provided.

III. How we use Personal Data for the purposes of our Websites

The companies of Linde operate websites to provide you with information regarding the companies and their products and services.

1. Type and Origin of Personal Data processed by Linde GmbH

When you visit one of the websites of Linde, we collect certain personal data from you. Personal data processed in this connection may include your name, address, phone number or email address. Personal data processed in connection with the operation of our websites is typically actively provided by you when you use our website, e.g. when you register for a certain service such as a newsletter. In some cases, however, personal data processed can also be provided by third parties who are not affiliated with Linde, such as internet service providers or marketing affiliates or software plug-ins mainly due to technical reasons. The following data (in particular log information and device data) is automatically processed by Linde GmbH:

• The name of your Internet Service Provider (ISP)
• Your IP address
• Your browser type and your operating system (OS)
• Date, duration and time of your visit
• Visited websites
• Extracted data & downloaded files
• Your country
• Your referrer URL
• Your search term in case you were referred to our website by a search engine

2. Purpose for processing by Linde GmbH and Legal Basis

We process personal data only to the extent necessary in each case.

2.1⠀We process Data to fulfill our Contractual Obligations

We process personal data to fulfill our contractual obligations towards our customers or to carry out so-called pre-contractual measures, which take place upon a specific request. This may be the case when you register for certain services, for online orders or our supplier portal.

2.2⠀We process Data to protect Legitimate Interests

We also process personal data insofar as it is necessary to safeguard the legitimate interests of Linde GmbH or Linde companies as well as our costumers (and, if applicable, other third parties). Where this is the case, we process personal data only after due consideration of your relevant interests.

This includes in detail e.g.:

• Measures to analyze pseudonymized user behavior to further improve our websites
• Measures to provide website functionalities such as user account management, shopping carts

2.3⠀We process Data with your Consent

We also process your personal data if you have given us your consent. You may revoke your consent at any time. Please note, however, that data processing up to the date of revocation remains permissible. This includes in detail e.g.:

• Newsletter registrations
• Promotions
• Contact enquiries

3. Recipients of your Data

3.1⠀Linde Companies and Service Providers

Linde GmbH shares personal information as outlined above (see Section II. 3).

3.2⠀Social Media Providers

On some websites, Linde GmbH integrates some additional content and publications (blogs, posts, news, videos, interviews etc.) which has already been published in other social media / social networks (e.g. Facebook, LinkedIn, Twitter). As long as you do not click on any such content, no personal information will be transmitted to the respective social media provider.

By clicking on Social Media Wall content, your IP address will be transferred to the respective social media provider and stored, processed and used there in accordance with his privacy policy. To the extent that cookies of these social media providers are used in this regard, these will be dropped in accordance with applicable legal regulations (GDPR, ePrivacy) as described in our Cookie Policy.

You can find further details regarding the processing of your personal information by the social media providers here:

Facebook privacy policy
LinkedIn privacy policy
X (Twitter) privacy policy

YouTube privacy policy

4. Cookies

EU legislation requires all website operators to inform website visitors about their usage of cookies and similar technologies, e.g. pixels, (hereinafter “cookies”) and to collect the user’s consent to such cookie usage.

Cookie Consent

If you visit our websites for the first time, you will see our Cookie Banner and, when you click on Cookies Settings, our Privacy Preference Center. Here you can execute choice and control over the cookies we drop on your device.

What are cookies?

Cookies are small text files which are sent to your device (computer, laptop, smartphone, tablet) by the website you visit. Cookies are stored on your device in your browser’s file directory. Your browser sends these cookies back to the website each time you revisit it so it can recognize your device and improve your user experience on each subsequent visit. Cookies allow us e.g. to tailor a website to better match your interests or to store your password so that you do not need to re-enter it every time.

Please note that certain functions of our website may no longer work or work not correctly without cookies.

If you want to learn more about cookies and how they work in general, please visit www.allaboutcookies.org or www.youronlinechoices.eu.

Categories of cookies

Depending on their function and their intended purpose, cookies can be assigned to the following categories: strictly necessary cookies, performance cookies, functional cookies and targeting cookies.

Strictly necessary cookies
Strictly necessary cookies are required to navigate our websites and operate basic website functions. Examples for strictly necessary cookies are login cookies, shopping cart cookies or cookies to remember your cookie settings. Without these cookies certain basic functionalities cannot be offered. Strictly necessary cookies are always active and will be placed without your consent.

To the extent that information processed in connection with strictly necessary cookies should qualify as personal data, the legal ground for that processing is Linde’s legitimate interest to operate the website (Art. 6 (1) lit. (f) GDPR).

Performance cookies

 Performance cookies – aka analytics cookies - collect information on your usage of our websites. They identify e.g. your internet browser, operating system, visited websites, duration and number of website visits, previously visited website, most commonly visited websites and errors you experienced. The information collected is aggregated and anonymous. It does not allow a personal identification. It only serves the purpose of evaluating and enhancing the user experience of our websites.

To the extent that information processed in connection with performance cookies should qualify as personal data, the legal ground for that processing is your consent (Art. 6 (1) lit. (a) GDPR).

Functional cookies

Functional cookies enable a website to store information and options you have already previously entered (e.g. username, language settings, layout settings, contact preferences or your location) in order to offer you improved personalized functions. They are also used to enable requested functions, like playing videos.

To the extent that information processed in connection with functional cookies should qualify as personal data, the legal ground for that processing is your consent (Art. 6 (1) lit. (a) GDPR).

Targeting cookies

Targeting cookies – aka cookies for marketing purposes - are used to offer more relevant and interest-specific content to you, to limit the display frequency of ads and to measure the efficiency of an advertising campaign. They register if you have visited a promoted website or not, and which content you used. Such information may be shared with third parties, e.g. advertisers.

Legal basis for the processing of personal data in connection with targeting cookies (if any) is your consent (Art. 6 (1) lit. (a) GDPR).

Cookies we use on our website

You may find further detailed information on cookies utilized by us in our Privacy Preference Center. Here, you can also provide or revoke your consent and/or change your cookie settings at any time.

Updates

This Cookie Policy is updated from time to time.

5. Links

Our websites contain links to other websites, which are subject to separate data protection notices of the respective operators of such websites.

IMPORTANT NOTICE

Information regarding your Right of Objection

1. Objection in particular Individual Situations

You have the right to object at any time to certain types of processing of your data for reasons arising from your particular situation. This right applies to data processing in the public interest and to data processing to protect legitimate interests. This right also applies to profiling, insofar as it is based on these two provisions.

If you object, we will cease processing your personal data. However, this does not apply if we can prove compelling reasons worthy of protection for the processing, that outweigh your interests, rights and freedoms, or if the processing serves to assert, exercise or defend legal claims.

2. Objection to processing for Direct Marketing purposes

In individual cases we process your personal data for direct marketing purposes. This is the case, for example, if we send you information about special offers or discount promotions.

You have the right to object to the processing of your personal data for these purposes. This right also applies to profiling insofar as it is connected to direct marketing.

If you object to direct marketing purposes, we will no longer process your personal data for these purposes.

Your objection does not require any specific form and can be e-mailed to us at: contactus@linde.com

Addendum for California Privacy Rights Act

Last Updated: January, 2024

This Addendum to Linde’s Privacy Statement applies only to individuals who reside in the state of California in the United States ("California residents"). This Addendum applies to personal information collected through our website - linde.com - (the "Site") and in any other way, such as when California residents visit our retail branches.

This Addendum in combination with the Privacy Statement constitutes the California Notice at Collection and Online Privacy Policy for all Linde subsidiaries and affiliates that are doing business in California as required by the California Privacy Rights Act. In the event of any conflict or inconsistency between this Addendum and the Privacy Statement, this Addendum controls.

Assistance for the Disabled
Alternative formats of this Addendum are available to individuals with a disability. Please contact contactus@linde.com for assistance.

1.⠀California Notice at Collection:

Categories of Personal Data We Collect And How We Use It
The categories of personal data we collect, whether through our website or from offline interactions with you, include:

Category Name Under California Law	Corresponding Category Name in Privacy Statement
- Identifiers	"Master and contact data"
- Financial Information	"Data we need for invoicing and payment processing"
- Commercial Information	"Supplier and customer relationship management information"
- Personal information described under Cal. Civ. Code § 1798.80	"Special categories of personal data"

We may also collect internet or other electronic network activity information, as described above.

More information about these categories of personal data and examples of the types of personal data in each category are provided in Sections II.1 and III.1 of the Privacy Statement. Sections II.2 and III.2 of the Privacy Statement describes how we use your personal data.

We do not, and will not, sell your personal information or disclose it to third parties for cross-context behavioral advertising, including the personal information of children under 16. We also do not collect or process sensitive personal information for the purpose of inferring characteristics about you.

Retention of Personal Data We Collect
We retain personal data for the period described in Section I.4 of the Privacy Statement.

2.⠀California Online Privacy Policy

This section of this Addendum supplements the Privacy Statement to address all subject matters required by the California Privacy Rights Act ("CPRA") in the Online Privacy Policy.

Categories of Sources
We may collect and process your personal data from the sources described in Sections II.1 and III.1 of the Privacy Statement.

Categories of Third-Party Recipients and Disclosures for Business Purposes
We may disclose your personal data to the third-party recipients described in Sections II.3 of the Privacy Statement for the purposes described in Section II of the Privacy Statement. We may also disclose the categories of your personal data listed above to the following categories of third parties, for the following "business purposes" as that term is defined under the CPRA:

• Affiliated Companies: Linde may disclose the categories of personal data described in Sections II.1 and III.1 of the Privacy Statement, to other companies of Linde for the business purposes of (a) auditing compliance with policies and applicable laws, (b) helping to ensure security and integrity, (c) debugging, (d) internal research, and (e) activities to maintain or improve the quality or safety of a service or device.
• Service providers: Linde may disclose the categories of personal data described in Sections II.1 and III.1 of the Privacy Statement, for the business purpose of performing services on the Linde’s behalf.
• Auditors, lawyers, consultants, and accountants engaged by Linde: Linde may disclose the categories of personal data described in Sections II.1 and III.1 of the Privacy Statement, to these services providers or contractors for the business purpose of auditing compliance with policies and applicable laws, in addition to performing services on Linde’s behalf.

Your California Privacy Rights
Subject to applicable exceptions, California residents have the following rights under the CPRA:

• Right to Know: You have the right to submit a verifiable request for specific pieces of your personal information obtained from you and for information about our collection, use, and disclosure of categories of your personal information, including the categories of personal information collected, the categories of sources from which the personal information is collected, the business or commercial purpose for collecting the personal information, the categories of third parties to whom we disclose personal information, and the specific pieces of personal information we have collected about you.
• Right to Delete: You have the right to submit a verifiable request to delete personal information that we have collected from or about you.
• Right to Correct: You have the right to submit a verifiable request to correct inaccurate personal information about you maintained by us, taking into account the nature of the personal information and the purposes of processing the personal information.

Non-Discrimination: We will not unlawfully discriminate against you for exercising your privacy rights under the California Privacy Rights Act.

How to Exercise Your California Privacy Rights
We will respond to requests to know, delete, and correct in accordance with applicable law, if we can verify the identity of the requestor. You can exercise these rights in the following ways:

• Call 1-800-225-8247
• Email contactus@linde.com

How We Will Verify Your Request
To prevent anyone other than you, or your authorized agent, from exercising the right to know or the right to delete with respect to your personal information, we follow procedures to verify your, or your agent’s, identity. These procedures seek to confirm that the person making a request is the person about whom we have collected personal information or that person’s authorized agent. The verification procedures involve matching data points that you provide with your request against information about you we already have in our records and that we have determined to be reliable for purposes of verifying your identity. We will use information you provide in your completed request form to verify your identity, and we may request additional information, if necessary, to complete the verification process.

Authorized Agent
You may designate an authorized agent to exercise your right to know, to correct, or to delete. If an authorized agent submits a request to know, to correct, or to delete on your behalf, the authorized agent must submit with the request another document signed by you that authorizes the authorized agent to submit the request on your behalf. In addition, we may ask you or the authorized agent to follow the applicable process described below for verifying your identity. In the alternative, you can provide a power of attorney compliant with the California Probate Code.

3. Children’s Online Privacy Protection Act Compliance

We do not collect any information from anyone under 16 years of age. Our website, products and services are all directed to people who are at least 13 years old or older. If you are under the age of 13, you are not authorized to use the website.

Cookie List