GF Building Flow Solutions
GF Building Flow Solutions
Fill the BIM cart from the product catalogue

GF Digital Services privacy statement

 
Uponor Corporation (hereafter, “GF”) applies a high level of protection of your privacy and personal data and processes your personal data in accordance with applicable legislation.
 
This privacy statement outlines the processing of personal data for digital applications where GF acts as a controller, where GF control how and why your personal data is used. This includes the following applications and services:
 
GF Digital platform
 
This privacy statement is designed to inform you on all relevant information regarding your personal data processing, including on what personal data is collected, our reasons and justifications for doing so, and what your rights regarding this personal data.
 


1. Controller of Personal Data

 
The controller for your personal data is Uponor Corporation. Uponor Corporation is part of the Georg Fischer group, located in Schaffhausen, Switzerland.
 
You can contact our group data protection officer at dataprotection@georgfischer.com.
 
In case you wish to make a request relating to your personal data, please use this Privacy Web Form or on local GF websites. This ensures that GF can answer your requests in a timely and efficient manner
 

2. What personal data does GF process?

 
To provide GF digital services, GF may collect and process the following personal data:
 
  • Contact details (First name, last name, phone number when provided)
  • Email address
  • Where a service is provided to a private household, home address
  • IP address
 

3. Purpose of the processing of personal data and legal basis for processing

 
 
Such personal data may be used for the following purposes:
 
  • Provision of digital services and applications
  • identifying you and preventing and investigating possible misuses
  • maintenance and development of the Site and GF Building Flow Solutions products and services;
  • ensuring the functionality and security of GF Building Flow Solutions products and services,
  • for statistical and analytical purposes.
  • in the event GF Building Flow Solutions sells, buys, merges or reorganizes in some other way, this may involve GF Building Flow Solutions disclosing personal data e.g. to potential and actual purchasers and their advisers.
  • Marketing
  • by request of authorities and under the applicable law
 
The legal basis for processing your personal data may be based on:
 
  • Where it is necessary in the performance of the contract for GF to provide digital applications
  • When required by law to disclose to authorities or auditors in applicable situations.
  • based on the legitimate interests of GF Building Flow Solutions for provision of new products, continued maintenance and development of services
  • Your consent, where consent to use such personal data is separate to other consents and freely-given. You may withdraw your consent at any time using the GF Privacy Forms.
 

4. Sources of Personal Data

 
The personal data is collected from the following sources:
 
  • Information provided by you as a user
  • Information provided in a contract between GF and a customer for a digital service
 
 
GF informs each data subject of the data processing, including of any third-party data sources and data collected from such sources, in accordance with applicable legislation.
 
Any collected personal data is entered into secure personal data databases by themselves, GF personnel, or by GF Building Flow Solutions’ subcontractors or service providers.
 

5. Sharing and disclosing Personal Data

 
 
The personal data covered by this Privacy Statement may also exclusively be shared or disclosed on a strict need-to-know basis with the following categories of recipients:
 
  • other companies within the GF group;
  • authorized external service providers, external auditors and/or subcontractors of the GF group;
  • a competent public authority, government, regulatory or fiscal agency where it is necessary to comply with a legal or regulatory obligation to which the relevant GF group company is subject to or as permitted by applicable local law; or
  • as necessary or appropriate to enforce our terms and conditions, and to protect our rights, privacy, safety or property, and/or that of our affiliates, you or others.
 

6. Regular disclosure of data and the transfer of data outside the EU or the EEA

 
GF may disclose and transfer Personal Data outside the European Economic Area (“EEA”) in accordance and subject to the following limitations:
 
  • with a contract entered between the relevant GF entities, incorporating the European Commission’s Standard Contractual Clauses or other appropriate safeguards for data transfers as listed in the EU General Data Protection Regulation (GDPR), which ensure that adequate data protection arrangements are in place;
  • to authorized third parties who process personal data on GF’s behalf for the purposes stated in this Privacy Statement. Your personal data may be processed by such authorized third parties also outside EU or EEA in accordance with a contract entered into between GF and such authorized third party, incorporating the European Commission’s Standard Contractual Clauses or other appropriate safeguards for data transfers as listed in the EU General Data Protection Regulation (GDPR) which ensure that adequate data protection arrangements are in place;
  • in personal processing for marketing or other joint communication purposes together with GF, the avoidance of unnecessary communications;
  • based on consent; or
  • as otherwise permitted by applicable legislation
 
For technical reasons and for reasons related to the use of data, the personal data may be stored on servers of external service providers who may process the data on behalf of GF 
 
Any transfers of personal data shall be made in accordance with the General Data Protection Regulation and any applicable mandatory legislation, as may be amended from time to time.
GF may further conduct marketing and other communication jointly with GF partners and in connection with this, GF may combine information GF has collected about you with information GF partners have collected about you to, for instance, avoid unnecessary communication and tailor GF message to you.
 
 
 

7. Principles of data security and data storage

 
GF shall ensure that sufficient technical and organizational personal data protection measures are implemented and maintained throughout its own organization. Further, GF shall ensure that any transfer or disclosure of personal data described in this privacy statement to any third party is subject to GF having ensured an adequate level of data protection by agreements or by other means required by law.

Technical controls:

Physical material is stored in locked spaces with restricted access. Any IT systems are secured by means of the operating system’s protection software. Access to the systems requires entering a username and a password and data transfers happen via high encryption channels.

Organizational controls:

Within the organization of GF, the use of the personal data is instructed, and access to IT systems including personal data is limited to such persons who are entitled to access them on the basis of their work assignments or role and who are subject to confidentiality obligations regarding the personal data.
 

8. Rights of Data Subjects

 
Unless any limitations apply, each data subject has the following rights regarding the personal data processed that is covered by this privacy statement:
 
  • the right to access all personal data GF has on them;
  • the right to request that GF corrects, erases or stops using any erroneous, unnecessary, incomplete or obsolete personal data;
  • the right to withdraw any consent previously provided by them, including an objection to all direct marketing
Any requests are most efficiently handled via the request forms available at https://www.uponor.com/en-en/legal-information/data-protection
If dissatisfied with the decisions or actions of GF, each data subject has the right to lodge a complaint with their country’s data protection authority.
 

9. Use of Cookies

 
 
A cookie is typically a small piece of data sent to your computer device from a website and stored in your web browser while you are browsing a website. When you browse the same website again, the data stored in the cookie may be retrieved by the website to notify the website of your previous activity.
 
From time to time, a cookie file may be placed on your computer to enable the Site to work properly, provide GF services to you and/or to improve the effectiveness of this Site. Cookies are used only to the extent you have accepted those separately. However, cookies which are necessary for the technical functioning of the website (“Essential Cookies”) may be used without your consent to ensure the functioning of the website. You may change your cookie settings and manage the consents you have given at any time by clicking “Adjust Cookie settings.”
 
Below details how GF utilizes cookies and cookie-like files and technologies on the Site.
 

10. Purposes of cookies use– Cookie Categories

 
Essential cookies: The use of certain cookies is necessary to run basic functions on the Site. The cookies in this category are essential in allowing the Site to be usable.
 
Functional cookies: Cookies in this category are used to enable monitoring of the website use to measures and improve performance.
 
Marketing cookies: The cookies in this category are used to provide advertisements relative to your interests. These cookies help make the content of the Site personalized, for example by showing you targeted banners and recommendations. GF also looks at what kinds of references are used to reach the Site to evaluate the effectiveness of GF campaigns and promotions.
 
The length of storage of your information depends on the type of cookie used and the Third-Party Service provider providing that cookie. The length of storage is described by the Third-Party Service Providers in their Privacy Policies which you can access through the links provided below. Session cookies expire and are deleted when the browser is closed, while persistent cookies are typically deleted after two months to two years.
 

11. Site Functionalities and services provided by Third Party service providers

 
The following third parties may, with your explicit consent, view, modify and/or set their own cookies as if you had requested a webpage from the third parties’ website directly. Depending on the website you visit, all the below listed third party cookies might not be used, as part of these cookies are used only on specific local websites.
 
Your consent is not asked for placing the following third-party service provider Essential Cookies, as they allow the site to properly function.
 

Third Party Service Providers in the Essential Cookie Category:

 
GF uses Google Tag Manager to enable consent-based cookie service management for third party services. This is provided by Google, Inc. The retention periods of the data Google collects vary based on the content and purpose of use of the data and based on the settings you have chosen. Certain types of data are also de-identified after a defined period. For example, server log advertisement data is de-identified by deleting part of IP address after 9 months and deleting cookie data after 18 months. To read the Google privacy policy, please click here: https://policies.google.com/technologies/partner-sites.
 
GF also uses Google Fonts by Google Inc to optimize text use by processing IP address data and user feedback metrics on the use of fonts and ads. These are stored until this data is no longer necessary to collect. To read more information on these tools, please consult the Google privacy policy here: https://policies.google.com/privacy?hl=en
 
GF uses Usercentrics Consent Management Platform to enable consent-based cookie service management for services set on our websites. This service is provided by Usercentrics GmbH. The retention period is the time span the collected data is saved for the processing purposes. The consent data (given consent and revocation of consent) are stored for two years. The data will then be deleted immediately. To read the Usercentrics privacy policy, please click here: https://usercentrics.com/privacy-policy/
 
 

Third Party Service Providers in the Functional Cookie Category:

 
Your freely given consent is requested for the following categories of cookies:
 
GF uses Google Analytics by Google, Inc. This cookie tracks user behaviour and response to any provided ads The retention periods of the data Google collects vary based on the content and purpose of use of the data and based on the settings you have chosen. Certain types of data are also de-identified after a defined period. For example, server log advertisement data is de-identified by deleting part of IP address after 9 months and deleting cookie data after 18 months. To read the Google privacy policy, please click here: https://policies.google.com/technologies/partner-sites
 
GF also uses gstatic.com by Google, Inc. This cookie stores images on the website to improve performance and efficiency for your session on this site. Google will only store this information for the duration of the session. To read the Google privacy policy, please click here: https://policies.google.com/privacy?hl=en
 
GF uses Amazon Web Services by AWS Inc for server management and optimization. This cookie is used to analyse web traffic and movement to balance and optimize server loads. This data is only retained for the duration of the session. To read the AWS privacy policy, please click here: https://aws.amazon.com/privacy/?nc1=f_pr
 
 
 
 

Third Party Service Providers in the Marketing Cookie Category:

Your freely given consent is requested for the following categories of cookies:
 
 
GF uses Google Ads, Google AdServices, and DoubleClick Ad, provided by Google, Inc for placing advertisements on the Site, Google searches, and optimizing this service. The retention periods of the data Google collects vary based on the content and purpose of use of the data and based on the settings you have chosen. Certain types of data are also de-identified after a defined period. For example, server log advertisement data is de-identified by deleting part of IP address after 9 months and deleting cookie data after 18 months. To read the Google privacy policy, please click here:  https://policies.google.com/technologies/partner-sites
 

12. Social Media Features

 
The Site may use social media plugins, such as the “Like” button provided by the social networks Facebook, Twitter, LinkedIn, YouTube and Instagram. The content of the social media plugins on the Site is from such social network(s) directly. When you visit the Site while logged into a social network, your browser establishes a direct connection with the social network’s servers. If you are logged out from the social network(s) while visiting Site, your browser sends the social network(s) a more limited information. The social media plugins on the Site are subject to the privacy terms and other terms and conditions of the relevant social media sites (please see the links to relevant Privacy Policies above). The information collected by the social network(s) is not disclosed to GF without your explicit consent.
 
 
 

13. Changes to this Privacy Policy

 
Please be aware that GF may change this Privacy Policy from time to time. However, in the event of any material, adverse changes, GF will post a notice informing of such changes both at the beginning of this Privacy Policy and on the Site’s home page. GF advises you to visit this Privacy Policy from time to time to be aware of such changes.
 
Should you have any additional questions, please don’t hesitate to contact us through our customer service or by writing to us at dataprotection@georgfisher.com
 
Last Updated: 10/02/2025