Global Privacy Notice | Diebold Nixdorf

Date: December 20, 2024

This Global Privacy Notice (“Notice”) explains how Diebold Nixdorf, Inc. and its subsidiaries and affiliates listed here (collectively, “Diebold Nixdorf,” “we,” “our” or “us”) collect, use, and disclose your personal data. This Notice also explains the rights and the choices you have related to your personal data and how to contact us regarding our privacy practices. related to your personal data and how to contact us regarding our privacy practices.

This Notice applies to personal data that we collect: (i) through Diebold Nixdorf websites, apps, portals, and other digital assets (the “Services”), and (ii) when you interact with us through other means than the Services, such as by telephone or at a trade event.

This Notice does not apply if you receive a separate privacy notice from Diebold Nixdorf that modifies or supplements this Notice. This Notice also does not apply if you enter into a contract with Diebold Nixdorf and the terms of the contract conflict with this Notice.

This Notice is separated into two parts. The first part provides general information applicable to all personal data subject to this Notice. The second part provides additional information about the processing of personal data that originates from certain countries. You can go to either part of the Notice, and any section within either part, by clicking on the links directly below.

Jump To:

GENERAL INFORMATION APPLICABLE TO ALL PERSONAL DATA

WHAT PERSONAL DATA WE COLLECT AND HOW WE COLLECT IT

“Personal data”is any information that identifies you as an individual. It is also information that can identify you when combined with other information. We collect personal data in various ways depending on how you interact with us. Sometimes you provide us with your personal data, sometimes others (like your employer) provide us with your personal data, and other times we automatically collect your personal data.

Personal Data We Collect Directly From You

We collect personal data directly from you in different ways. For example, we collect personal data when you register for an account, subscribe to a newsletter or notification, submit a request, or register to attend a Diebold Nixdorf business or trade event. We also collect personal data directly from you in other ways, such as in connection with our products and services or a transaction with you, or if you call or email us.

The types of personal data that we collect from you depend on how you interact with us, our relationship with you, and the particular transaction. Generally, we collect the following personal data:

Contact Details
Your name and your business and/or personal address, phone number, and email address
Login Information
Your username and password
Data that Identifies You
Your employer or the name of the business that you represent, job title, tax identification number, information about your preferences (e.g., preferred methods of communication and language), and similar data
Records
Records of our communications, records of products and services you purchase, records of events you have attended, and records of your responses to customer feedback surveys and market research
Personal Data You Choose to Provide Us
Personal data that you choose to provide us, including in your communications or chat dialogs with us or when you make a service request
Recordings
Personal data that we collect when we monitor or record our service or support interactions with you, such as telephone recordings, screenshots, and online chat logs

When you are asked to provide personal data, you may decline. We will indicate if it is necessary to provide personal data. If you choose not to provide personal data that we request, we may not be able to provide you the relevant products or services or a particular feature on the Services.

Personal Data We Collect From Others

We collect personal data about you from others, including from social media platforms and other third parties. For example, we receive information about you when you interact with our pages, groups, accounts, or posts on social media platforms.

Your employer (or an entity that you have contracted with) may provide us your contact details (i.e., your name, job title, business email address, business physical address and/or your business or personal phone number) in order for us to provide the services we have contracted to provide.

If you provide any personal data to us, or permit us to collect any personal data, relating to another person, you are telling us that you have the authority to share that personal data and permit us to use the personal data in accordance with this Notice.

Personal Data We Automatically Collect

When you interact with the Services, we and our service providers may collect personal data about you through automated means such as cookies, web beacons, pixels, software development kits (SDKs), and other tracking technologies (collectively, “tracking technologies”).

The personal data that we and our service providers may automatically collect includes:

Device and Browser Information
Technical data about your device and browser, such as device type, browser type, IP address, operating system, device identifier, advertising identifier, geographical area, and time zone setting
Information About How You Interact With Us
Technical data about your usage of the Services and how you interact with our digital advertisements and promotions, such as referring URLs, content viewed or downloaded, features used, links clicked, and times of interactions

Please read our Cookie Notice for more information about our use of tracking technologies and the choices you have related to these tracking technologies. You can also customize your settings at any time by clicking on the “Cookie Preferences” link at the bottom of our website pages or in the app menu. Your browser may also allow you to adjust settings to accept or reject cookies. Please see “Your Choices” below for more information. In certain cases, if your browser does not accept our cookies, you may not be able to access certain parts of our Services. We currently do not respond to “Do Not Track” browser signals.

We and our service providers may also collect certain personal data about you through automated means such as social media tools, widgets, or plug-ins to connect you to your social media accounts. These features may allow you to sign-in through your social media account, share a link, or post directly to your social media account. When you visit a website that contains such tools or plugins, the social media platform may learn about your visit. Your interactions with these tools or plug-ins are governed by the privacy policies of the corresponding social media platforms. We recommend that you review privacy policies, terms of use, and license agreements of these third-party social media platforms. For further details, please see “Links To Third-Party Websites, Apps, and Services” below.

HOW WE USE YOUR PERSONAL DATA

We use your personal data to conduct our business – this includes managing our business relationships, monitoring access to the Services, managing safety and security risks, and complying with our legal obligations.

The purposes for which we use your personal data will depend on the type of personal data collected and the context in which it was collected. However, the primary purposes for which we use your personal data include:

Developing and managing our business relationships. For example, we may use your personal data to: provide the Services; generate leads; deliver our products or services or carry out transactions, including processing payments and providing support; send you technical notes, updates, security alerts, and administrative messages; provide information that you or a business partner requests, including pricing information, technical data, invoices, or shipping or product information; communicate with you and respond to your questions, comments, or requests; manage complaints and undertake remediation activities; maintain and administer your account; tailor the Services’ experience and content based on your interests and preferences; provide newsletters and notifications you subscribe to; and negotiate, manage, and fulfill our contracts with our business partners.

Improving our products and services. For example, we may use your personal data to: analyze how the Services are being accessed and used in order to improve your experience on the Services and the functionalities offered through the Services; improve the products and services we offer and develop new products, services, and offerings; review recordings or screenshots of interactions with customers for training and quality assurance; conduct market research; and conduct surveys or obtain your feedback.

Advertising and marketing purposes. For example, we may use your personal data to: send promotional communications; inform you about our products, services, and offerings that we believe you or your business might want to hear about; analyze the characteristics of visitors to the Services; measure the effectiveness of our marketing campaigns and advertising; and invite you to events, product launches, and industry meetings that may interest you.

Administrative and internal business purposes. For example, we may use your personal data to: manage internal operations, such as troubleshooting, data analysis, testing, research, statistical, and survey purposes; and analyze, manage, and improve our businesses, including conducting audits and identifying usage trends.

Managing shareholder relationships. For example, we may use your personal data to communicate with shareholders and undertake shareholder transactions.

Protecting Diebold Nixdorf. For example, we may use your personal data to: maintain the security and integrity of the Services and our products and services; detect, prevent, and respond to fraud and other illegal activity on the Services; and detect and prevent security incidents.

Legal and compliance purposes. For example, we may use your personal data to: comply with our legal, regulatory, and risk management obligations; respond to requests from governmental and public authorities; enforce our terms of service and other contractual agreements; detect, prevent, and respond to intellectual property infringement, violations of law, or other misuse of our products or services; protect our rights or property, or your or others’ health, safety, welfare, rights, or property; and establish, exercise, and defend legal and contractual claims.

We may also use your personal data for other uses consistent with the context in which the information was collected or with your consent.

WHO WE SHARE YOUR PERSONAL DATA WITH

We share your personal data as follows:

With your consent or at your direction.
Within the Diebold Nixdorf group of companies, including Diebold Nixdorf subsidiaries and affiliates located in countries other than the country where your personal data was collected. When we share personal data among Diebold Nixdorf companies, we will use your personal data in a manner consistent with this Notice.
With third parties who provide services we use to run our business such as website hosting, data analysis, information technology and related infrastructure provision, customer support services, email delivery, and advertising and marketing services.
With our professional advisors such as our auditors or lawyers.
With third parties with which we collaborate or partner, including authorized distributors and channel partners.
With your employer or an entity with which you contracted. For example, your employer may request a list of its users for the Services.

We also share your personal data as we believe to be necessary or appropriate:

To comply with applicable laws and regulatory and reporting obligations (which may include laws outside the country where we collected your personal data), to respond to requests from public and governmental authorities (which may include authorities outside the country where we collected your personal data), to cooperate with law enforcement, to respond to a subpoena, warrant or court order served on us, or for other legal reasons.
To detect, prevent, or respond to fraud, illegal activity, or intellectual property infringement.
To enforce our terms and conditions and agreements.
To protect our rights, privacy, safety, security, or property or those of our employees, users, or any third party.
For the establishment of defenses or claims in any legal action or dispute involving Diebold Nixdorf or any of our officers, directors, employees, agents, contractors, or partners.

In addition, we may use, disclose, or transfer personal data to a third party in connection with any business transaction, reorganization, merger, sale, joint venture, assignment, transfer, or other disposition of all or any portion of our business, assets, or stock (including in connection with any bankruptcy or similar proceedings).

LAWFUL BASIS FOR PROCESSING YOUR PERSONAL DATA

We must have a lawful basis to process your personal data. The lawful basis depends on the purposes for the processing. In most cases, the lawful basis will be one of the following: your consent, processing is necessary for the performance of a contract to which you are a party or to enter into a contract with you, processing is necessary for compliance with a legal obligation, or processing is necessary for the purposes of our or a third party’s legitimate interest(s).

The table below sets out the purposes for which we use your personal data and our lawful basis for doing so. Please note that not all uses will be relevant to every individual.

What we use your personal data for

The lawful basis for processing

Developing and managing our business relationships. For example, we may use your personal data to:

provide the Services:
generate leads:
deliver our products or services or carry out transactions, including processing payments and providing support;
send you technical notes, updates, security alerts, and administrative messages;
provide information that you or a business partner requests, including pricing information, technical data, invoices, or shipping or product information;
communicate with you and respond to your questions, comments, or requests;
manage complaints and undertake remediation activities;
maintain and administer your account;
tailor the Services’ experience and content based on your interests and preferences;
provide newsletters and notifications you subscribe to; and
negotiate, manage, and fulfill our contracts with our business partners.

Depending on our relationship with you:

We may process your personal data when it is necessary for the performance of a contract with you or to take steps to enter into a contract with you.
We may process your personal data when it is necessary for our legitimate interests, including such interests as: (i) fulfilling a contract we have with your employer or an entity with whom you have contracted; (ii) providing, improving, and promoting our products and services; (iii) ensuring our processes and systems operate effectively and that we can continue operating as a business and plan for strategic growth; (iv) sharing information within the Diebold Nixdorf group of companies and with service providers and third parties; (v) managing and growing our business relationships; and (vi) ensuring we provide a high level of service and preventing complaints from occurring again in the future.

Improving our products and services. For example, we may use your personal data to:

analyze how the Services are being accessed and used in order to improve your experience on the Services and the functionalities offered through the Services;<.li>
improve the products and services we offer and develop new products, services, and offerings;
review recordings or screenshots of interactions with customers for training and quality assurance;
conduct market research; and
conduct surveys or obtain your feedback.

We may process your personal data when it is necessary for our legitimate interests, including such interests as: (i) continually developing and improving our organization and the products and services we offer; (ii) training our staff to provide a high level of service; and (iii) ensuring our business remains competitive.

Advertising and marketing purposes. For example, we may use your personal data to:

send promotional communications;
inform you about our products, services, and offerings that we believe you or your business might want to hear about;
analyze the characteristics of visitors to the Services;<.li>
measure the effectiveness of our marketing campaigns and advertising; and
invite you to events, product launches, and industry meetings that may interest you.

Depending on our relationship with you:

We may process your personal data when you have provided your consent to the processing.
We may process your personal data when it is necessary for our legitimate interests, including such interests as: (i) promoting our organization and business; and (ii) ensuring our business remains competitive.

Administrative and internal business purposes. For example, we may use your personal data to:

manage internal operations, such as for troubleshooting, data analysis, testing, research, statistical, and survey purposes; and
analyze, manage, and improve our businesses, including conducting audits and identifying usage trends.

We may process your personal data when it is necessary for our legitimate interests, including such interests as: (i) planning and allocating resources and budget; (ii) managing risks and determining what products and services we can offer and the terms of such products and services; and (iii) ensuring our processes and systems operate effectively and that we can continue operating as a business.

Managing shareholder relationships. For example, we may use your personal data to:

communicate with shareholders; and
undertake shareholder transactions.

We may process your personal data when it is necessary for the performance of a contract with you or to take steps to enter into a contract with you.
We may process your personal data when it is necessary for our legitimate interests, including our interest in managing our shareholder relationships.

Protecting Diebold Nixdorf. For example, we may use your personal data to:

maintain the security and integrity of the Services and our products and services;
detect, prevent, and respond to fraud and other illegal activity on the Services; and
detect and prevent security incidents.

We may process your personal data to fulfill a legal obligation under applicable laws.
We may process your personal data when it is necessary for our legitimate interests, including such interests as: (i) protecting the security of Diebold Nixdorf and our products and services; and (ii) preventing, detecting, and responding to fraud and other illegal activity to protect our business and reputation.

Legal and compliance purposes. For example, we may use your personal data to:

comply with our legal, regulatory, and risk management obligations;
respond to requests from governmental and public authorities;
enforce our terms of service and other contractual agreements;
detect, prevent, and respond to intellectual property infringement, violations of law, or other misuse of our products or services;
protect our rights or property, or your or others’ health, safety, welfare, rights, or property; and
establish, exercise, and defend legal and contractual claims.

We may process your personal data to fulfill a legal obligation under applicable laws.
We may process your personal data when it is necessary for our legitimate interests, including such interests as: (i) complying with laws we are subject to outside of your country; and (ii) protecting Diebold Nixdorf and its interests.

The collection of your personal data may be voluntary or mandatory depending upon the purposes for which it is collected. Where it is obligatory for you to provide us with your personal data and you fail to provide us with your personal data, we will not be able to provide you with the Services and/or certain products or services.

INTERNATIONAL TRANSFERS

Diebold Nixdorf is a multinational company. For the purposes set out in this Notice, we may need to transfer your personal data within the Diebold Nixdorf group of companies and to third parties located outside the country where we collected your personal data. These countries may have different data protection laws and requirements than the country from which we collected your personal data. In those instances, your personal data may be subject to the laws of other countries regarding disclosure to the government, courts, law enforcement, and regulatory authorities. Please see “Additional Information” below for more information about the transfer of your personal data in certain countries.

LINKS TO THIRD-PARTY WEBSITES, APPS, AND SERVICES

The Services may contain links to other websites, apps, or services that are not covered by this Notice, including plugins from social media platforms and other third parties. An example of a social media plugin is the Facebook “Like” button. These links and plugins are provided for your convenience and information. We do not own or operate these third-party websites, apps, services, or social media platforms. We are not responsible for and do not control any third party’s data collection or privacy practices. The inclusion of links to third party websites, apps, or services does not imply endorsement of the linked site or service by us or by our affiliates or subsidiaries. We encourage you to review the privacy policies or notices on these third-party websites, apps, services, and social media platforms before submitting any personal data.

SECURITY

We maintain physical, technical and organizational safeguards to protect the confidentiality, security, and integrity of your personal data. Although we use security measures to help protect your personal data against unauthorized disclosure, misuse, or alteration, no data transmission or storage system can be guaranteed to be 100% secure.

ANALYTICS AND ADVERTISING

We use third-party analytics, including Google Analytics, to better understand how users engage with the Services. The information collected by the tracking technologies about your interactions with the Services is used to assess how often you visit the Services, what pages you view when you visit the Services, and what other websites you visited before coming to the Services. For more information on Google Analytics’ privacy practices, please visit https://support.google.com/analytics/answer/6004245. You may prevent Google Analytics from recognizing you on the Services by opting out of the use of such cookies or deleting or disabling cookies from the Services. For more information, see “Your Choices” below.

We work with third parties to present advertisements and engage in data collection, reporting, and ad delivery and response measurement on the Services and on third-party websites across the Internet and apps over time. These third parties use tracking technologies to perform this activity. They also obtain information about apps you use, websites you visit, and other information from across your devices and browsers in order to help serve advertising that will be more relevant to your interests on and off the Services and across your devices and browsers. This type of advertising is known as interest-based advertising. They also use this information to associate various browsers and devices together for the purpose of interest-based advertising and other purposes like analytics. For more information on your options related to the use of your information, see “Your Choices” below.

YOUR CHOICES

You have certain choices about how your personal data is processed.

Marketing communications. To opt out of receiving email marketing communications, you can follow the "unsubscribe" instructions provided in any marketing email you receive from us. If you previously chose to receive push notifications on your mobile device from us, but no longer wish to receive them, you can manage your preferences through your device or app settings, depending on the type of device. You can also update your preferences in your account or submit a request to dataprivacy@dieboldnixdorf.com.

Cookie Preferences. You can customize your settings at any time by clicking on the “Cookie Preferences” link at the bottom of our website pages or in the app menu.

Opt-Out of Google Analytics. You may exercise choices regarding the use of cookies from Google Analytics by visiting https://tools.google.com/dlpage/gaoptout.

Opt-Out of Tracking Technologies. In addition to the ability to opt-out from the use of certain tracking technologies through the settings under “Cookie Preferences,” you have the following options:

Regular cookies generally may be disabled or removed using tools available as part of most commercial browsers, and in some instances blocked in the future by selecting certain settings. The choices available, and the mechanism used, will vary from browser to browser. Such browser settings are typically found in the “options,” “tools,” or “preferences” menu of your browser. You may also consult the browser’s “help” menu. You can learn more about cookies and how to block cookies on different types of browsers by visiting https://www.allaboutcookies.org. Please be aware that if you disable or remove these technologies, some parts of the Services may not work and when you revisit the Services, your ability to limit browser-based tracking technologies is subject to your browser settings and limitations.
You have the ability to opt-out of interest-based advertising from third-party advertisers who are members of the Network Advertising Initiative (NAI) by visiting http://optout.networkadvertising.org/. You may also opt-out of receiving targeted advertisements from other companies that perform interest-based advertising services via the Digital Advertising Alliance (DAA) site at https://optout.aboutads.info/ or in Europe, the European Interactive Digital Advertising Alliance (EDAA) at https://youronlinechoices.com/. Opting out of interest-based advertising does not mean you will no longer see advertising online but it does mean that the companies from which you opt-out will no longer show ads that have been tailored to your interests.
You may have more options to control tracking technologies depending on your mobile device and operating system. For example, most device operating systems (e.g., iOS for Apple phones, Android for Android devices, and Windows for Microsoft devices) provide their own instructions on how to limit or prevent the delivery of tailored in-application advertisements. You should review the support materials and/or the privacy settings for your operating system to learn more about these features.

RETENTION OF YOUR PERSONAL DATA

We will retain your personal data for as long as is necessary for the purposes described in this Notice, or as otherwise permitted or required under applicable law. To determine the appropriate retention period, we will consider the amount, nature, and sensitivity of the data; the potential risk of harm from unauthorized use or disclosure of the data; the purposes for which we process the data and whether we can achieve those purposes through other means; and the applicable legal requirements. This means that the retention periods will vary for different types of personal data.

YOUR RIGHTS

Under various data protection laws, you have certain rights regarding your personal data. Subject to certain conditions and applicable local data protect laws, you may have the following rights:

Access your personal data. You have the right to receive certain information about the personal data that we process about you and to obtain a copy of the personal data that we hold about you.
Rectify your personal data. You have the right to correct inaccurate personal data, and under certain circumstances, to supplement incomplete personal data that we process about you.
Erase your personal data. You have the right to have your personal data erased under certain circumstances.
Restrict processing. You have the right to restrict our processing of your personal data under certain circumstances.
Object to processing. You have the right to object to our processing of your personal data when we are relying on legitimate interests as the lawful basis for the processing. You may also object to our processing of your personal data for the purposes of direct marketing or profiling.
Portability of your personal data. Under certain circumstances, you have the right to receive your personal data in a structured, commonly used and machine-readable format and to request that we transmit such data to another controller.
Right not to be subject to a decision based solely on automated processing if the decision produces legal effects concerning you or significantly affects you in a similar way.

If you have provided us with your consent to process your personal data, you can withdraw your consent at any time. If you withdraw your consent, this will not affect the lawfulness of the processing of your personal data before you withdrew your consent.

You can exercise any of these rights by submitting a request to us using one of the methods listed under “Contact Us” below. We may request specific information from you to confirm your identity prior to processing your request. Applicable law may require or permit us to decline your request. If we decline your request, we will tell you the reason why, unless we are not permitted by law to disclose the reason.

If you would like to submit a complaint about our use of your personal data or our response to your personal data request, you may contact us using one of the methods listed under “Contact Us” below. You also have the right to submit a complaint to a data protection supervisory authority.

We will take steps to verify your identity before processing your request. We will not fulfill your request unless you have provided sufficient information for us to reasonably verify that you are the individual about whom we collected personal information. When we confirm receipt of your request, we will inform you of the personal information that we will need to process your request. The information will depend on our relationship with you. We will only use the personal information you provide to verify your identity and to process your request, unless you initially provided the information for another purpose.

You may use an authorized agent to submit a request to know or a request to delete. When we verify your agent’s request, we may verify both your and your agent’s identity and request that you directly confirm with us that you provided the authorized agent permission to make the request on your behalf. To protect your personal information, we reserve the right to deny a request from an agent that does not submit proof that they have been authorized by you to act on your behalf.

Under certain conditions, we may charge a reasonable fee for the cost of copying your personal data. We will inform you of such costs before charging you.

PROCESSING PERSONAL DATA OF CUSTOMERS AND BUSINESS PARTNERS

There may be instances where this Notice does not apply to the processing of your personal data or where there are other policies that control the processing of your personal data.

We may collect your personal data pursuant to a contract we have with a commercial customer (“Customer”). In that case, we must process personal data in accordance with the instructions from our Customer, which is ultimately the business responsible for determining how your personal data will be processed. If you are contacting us in connection with personal data that we process for a Customer, we encourage you to review the Customer’s privacy notice to understand how personal data is processed.

Also, some of our products and services (“B2B Services”) are intended for use by our Customers, distributors, suppliers, vendors, and other business partners (“B2B Business Partners”), and your use of such products and services will be administered by our B2B Business Partners. In such cases, authorized personnel at your employer (or an entity with which you have contracted) may have access to your personal data collected by these B2B Services, and your employer (or an entity with which you have contracted) may have policies applicable to your use of the B2B Services. We are not responsible for such policies, which may be different from this Notice. If your employer (or an entity with which you have contracted) is administering your use of a B2B Service, please contact such entity with any privacy questions related to your use of that B2B Service. If there is a conflict between this Notice and an agreement between Diebold Nixdorf and a B2B Business Partner, then the agreement between Diebold Nixdorf and the B2B Business Partner will control.

CHANGES TO THIS NOTICE

We may make changes to this Notice at any time. When we make changes to this Notice, we will revise the “Effective Date” at the top of this Notice. If the changes are material, we will provide a more prominent notice on our corporate website.

CONTACT US

If you have any questions about this Notice or about how we process your personal data, you may contact us by phone at +1-866-384-4277, via email at dataprivacy@dieboldnixdorf.com or by writing to us at:

Diebold Nixdorf, Inc.
Attn: General Counsel
350 Orchard Ave NE North Canton, Ohio 44720
United States

REPORTING VIOLATIONS OF THIS NOTICE

If you are aware of any violations of this Notice, it is your duty to report that violation to management or through the EthicsPoint hotline, which is available by telephone at 1-866ETHICSP (1-866-384-4277) and online at http://www.ethicspoint.com.

Additional Information for Individuals in Certain Countries

If you are located in any of the countries listed below, please click on the country to review additional information about how your personal data is processed in accordance with the data protection laws in that country, the rights that you may have in connection with your personal data, and additional contact information for that country:

EUROPEAN ECONOMIC AREA AND THE UNITED KINGDOM
BRAZIL
COLOMBIA
MEXICO
AUSTRALIA
MALAYSIA
PHILIPPINES
SINGAPORE
TAIWAN
THAILAND
CANADA
UNITED STATES OF AMERICA (U.S.) AND U.S. STATES

European Economic Area and The United Kingdom

This section of the Notice applies to the personal data collected from individuals in the European Economic Area (“EEA”) and the United Kingdom (“UK”) subject to Regulation (EU) 2016/679 (GDPR), Data Protection Act 2018 (c. 12) and other privacy laws, as applicable. It supplements the information above in the Notice.

Controller

The controller determines how and why your personal data is processed. In the EEA and the UK, the controller of your personal data is the Diebold Nixdorf entity with which you have a contract or direct relationship, and/or as applicable, Diebold Nixdorf, Inc., 350 Orchard Ave NE, North Canton, Ohio 44720 USA. A list of Diebold Nixdorf entities in the EEA and the UK with their contact information is available here.

Contact Us

If you have any questions about this Notice or about how we process your personal data, you may contact us at dataprivacy@dieboldnixdorf.com. You can also contact us by post at the addresses for the Diebold Nixdorf entities in the EEA and the UK and Diebold Nixdorf, Inc. listed above under “Controller.”

In Germany, you may contact our German Data Protection Officer by email at DPO@fox-on.com or by post at: Wincor Nixdorf International GmbH, Attn: Data Protection Officer, Heinz-Nixdorf Ring 1, 33106 Paderborn, Germany.

BRAZIL

This section of the Notice applies to the personal data processed in Brazil. It supplements the information above in the Notice.

In this scenario, the personal data will be processed in accordance with the Brazilian General Data Protection Law (Law No. 13.709/2018 - LGPD) and other applicable Brazilian legislation, such as the Brazilian Consumer Defense Code (CDC) and the Brazilian Civil Rights Framework for the Internet (MCI).

Controller

The controller determines how and why your personal data is processed. The controller of your personal data is the Diebold Nixdorf entity in Brazil with which you have a contract or direct relationship, and as applicable, Diebold Nixdorf, Inc., 350 Orchard Ave NE, North Canton, Ohio 44720. The Diebold Nixdorf entities in Brazil include:

Procomp Amazonia Industria Eletronica S.A., Rua Desembargador Filismino soares, 70 – Col. O. Machado - 69070-620 Lado A, Manaus, Amazonas - Brazil
Procomp Industria Eletronica LTDA, Avenida dos Autonomistas, 4.900 Galpão 406E, Km18, 06194-060 Osasco, SP, Brazil
Diebold Brasil Servicos de Tecnologia e Participacoes Ltda, Avenida Francisco Matarazzo, 1350 - 4th floor - 05001-100 - São Paulo, SP Brazil
Diebold Brasil LTDA, Avenida Francisco Matarazzo, 1350 - 4th floor - 05001-100 - São Paulo, SP Brazil

Your Rights

Whenever the LGPD is applicable, the right of access to personal data will be exercised free of charge.

Contact Us

If you have any questions about this Notice or about our processing of your personal data, please contact us at DPOBrasil@dieboldnixdorf.com. You may also contact our Data Protection Officer in Brazil, Maurício Nazar de Abreu, at Diebold Brasil LTDA, attention: Data Protection Officer, Avenida Francisco Matarazzo, 1350 - 4th floor - 05001-100 - São Paulo, SP Brazil.

COLOMBIA

This section of the Notice applies to the personal data of individuals in Colombia subject to Law 1581 of 2012 and other Colombian data protection laws. It supplements the information above in the Notice..

Consent

By using the Services or voluntarily providing your personal data, you consent to the collection, use, and sharing of your personal data as described in this Notice. You also consent to the transfer of your personal data for processing outside of Colombia as described in this Notice.

Controller

The controller determines how and why your personal data is processed. The controller of your personal data is Diebold Nixdorf Colombia S.A.S, Calle 26 No. 57-83, Oficina 801, Torre 7, Bogotá, Colombia, and/or as applicable, Diebold Nixdorf, Inc., 350 Orchard Ave NE, North Canton, Ohio 44720 USA.

Contact Us

If you have any questions about this Notice or about our processing of your personal data, please contact us at dataprivacy@dieboldnixdorf.com. You can also contact us by post at the addresses above under “Controller”.

As a Data Subject, you have the right to access, update and rectify your personal data and, where appropriate, to delete it or withdraw your consent.

If you would like to submit a complaint about our use of your personal data or our response to your personal data request, you may contact us using one of the methods listed under “Contact Us” below. You also have the right to submit a complaint to the Superintedencia de Industria y Comercio for violations of Law 1581 of 2012 and other Colombian data protection laws that may apply to you.

MEXICO

This section of the Notice applies to the personal data of individuals in Mexico subject to the Ley Federal De Protección de Datos Personales en Posesión de los Particulares (LFPDPPP) and its implementing regulations (collectively, the “Federal Law”). It supplements the information above in the Notice.

Controller

The controller of your personal data is the Diebold Nixdorf entity in Mexico with which you have a contract or direct relationship, and as applicable, Diebold Nixdorf, Inc., 350 Orchard Ave NE, North Canton, Ohio 44720. The Diebold Nixdorf entities in Mexico include:

Diebold Nixdorf Mexico S.A. de C.V., Calle Antonio Dovali Jaime No. 70, Torre “A”, Piso 6, Colonia Santa Fe, Alcaldía Álvaro Obregón, C.P. 01210, Ciudad de México, México.

Consent

By using the Services or voluntarily providing your personal data, you consent to the collection, use, and sharing of your personal data as described in this Notice. You also consent to the transfer of your personal data for processing outside of Mexico as described in this Notice.

Your Rights

In accordance with the Federal Law, you have the rights of access, rectification, cancellation, and objection (“ARCO Rights”) with respect to your personal data that we process. You may also revoke your consent to our processing of your personal data at any time. To exercise your ARCO Rights or to revoke your consent to the processing of your personal data, please contact us using one of the methods listed under “Contact Us” below.

We will review any request you make to exercise your ARCO rights or to revoke your consent. When you submit a request to exercise your ARCO rights or revoke your consent, we will respond to the request and indicate: (i) the information that we will need to identify you, (ii) the timeframes in which we will respond to your request, (iii) additional information we will need to carry out your request, and (iv) the means with which we will deliver the information you request (if applicable). Our response to your request to exercise your ARCO rights will be free of charge; however, we may charge you the reasonable cost of shipping or reproduction of copies or other formats. We will inform you of these costs before charging you. If you exercise your ARCO rights less than 12 months from the date of your last request, we may charge you a fee for such response in accordance with the Federal Law.

Contact Us

If you have any questions about this Notice or about our processing of your personal data, please contact us at dataprivacy@dieboldnixdorf.com. You can also contact us by post at the addresses above under “Controller.”

AUSTRALIA

This section of the Notice applies to the personal data of individuals in Australia subject to the Privacy Act 1988 and other Australian data protection laws. It supplements the information above in the Notice.

How to Make a Complaint

If you would like to submit a complaint about our use of your personal data or our response to your personal data request, you may contact us using one of the methods listed below under “Contact Us.” Following your initial contact, you will be asked to set out the details of your complaint in writing in a form provided. We will endeavor to reply to you within 30 days of receipt of the completed complaint form, and where appropriate, will advise you of the general reasons for the outcome of the complaint. While we hope that we will be able to resolve any complaints you may have without needing to involve third parties, if you are not satisfied with the outcome of your complaint, you can refer your complaint to the Office of the Australian Information Commissioner.

Contact Us

If you have any questions about this Notice or about our processing of your personal data, please contact us at dataprivacy@dieboldnixdorf.com. You can also contact us by post at Diebold Nixdorf Australia Pty Limited, G Building C' 1 Homebush Bay Drive, Rhodes NSW 2138.

MALAYSIA

This section of the Notice applies to the personal data of individuals in Malaysia subject to the Personal Data Protection Department (PDPD) and other Malaysian data protection laws. It supplements the information above in the Notice.

Contact Us

If you have any questions about this Notice or about our processing of your personal data, please contact us at dataprivacy@dieboldnixdorf.com. You can also contact us by post at Diebold - Corp Systems Sdn. Bhd., Suites K-10-01 to 04, Level 10 Block K, Solaris Mont Kiara, No 2 Jalan Solaris, 50480 Kuala Lumpur.

PHILIPPINES

This section of the Notice applies to the personal data of individuals in the Philippines under Data Privacy Act of 2012 (DPA) and other Philippine data protection laws. It supplements the information above in the Notice.

Controller

The controller determines how and why your personal data is processed. The controller of your personal data is Diebold Nixdorf Philippines, Inc., 33F Rufino Pacific Tower 6784 Ayala Ave., Corner V.A. Rufino St., Legaspi Village, 1226 Makati City, Philippines, and as applicable, Diebold Nixdorf, Inc., 350 Orchard Ave NE, North Canton, Ohio 44720.

How to Make a Complaint

If you would like to submit a complaint about our use of your personal data or our response to your personal data request, you may contact us using one of the methods listed below under “Contact Us.” You also have the right to submit a complaint to the National Privacy Commission. Under certain conditions, you may also claim compensation if you suffered damages due to inaccurate, incomplete, outdated, false, unlawfully obtained, or unauthorized use of your personal data.

Contact Us

If you have any questions about this Notice or about our processing of your personal data, please contact us at dataprivacy@dieboldnixdorf.com. You can also contact us by post at the addresses listed above under “Controller.”

SINGAPORE

This section of the Notice applies to the personal data of individuals in Singapore. It supplements the information above in the Notice.

The Singapore Personal Data Protection Act and other applicable data protection laws in Singapore (collectively, the “PDPA”) exempt certain types of personal data (e.g., business contact information) from their scope. This means that you may not have certain rights, and we may not have certain obligations described above with respect to your personal data.

Contact Us

If you have any questions about this Notice or about our processing of your personal data, please contact us at dataprivacy@dieboldnixdorf.com. You can also contact us by post at the addresses listed below for the Diebold Nixdorf entities in Singapore.

Diebold Nixdorf Singapore Pte. Ltd., 30 Kallang Place #02-01, Singapore 339159
Diebold Nixdorf Manufacturing Pte. Ltd., 30 Kallang Place #02-01, Singapore 339159

You can also contact our Data Protection Officer in Singapore, at Diebold Nixdorf Singapore Pte. Ltd., attention: Data Protection Officer, 30 Kallang Place #02-01, Singapore 339159 or by e-mail: dataprivacy@dieboldnixdorf.com.

TAIWAN

This section of the Notice applies to the personal data of individuals in Taiwan under Taiwan’s Personal Data Protection Act of 2023 and other applicable data protection laws and regulations in Taiwan (collectively the “PDPA”). It supplements the information above in the Notice.

Controller

The controller of your personal data is the Diebold Nixdorf entity in Taiwan with which you have a contract or direct relationship, and as applicable, Diebold Nixdorf, Inc., 350 Orchard Ave NE, North Canton, Ohio 44720. The Diebold Nixdorf entities in Taiwan include:

Diebold Nixdorf Taiwan Ltd., 5/F, No. 160, Lane 6 of East Minquan Rd., Neihu District, Taipei City 114, Taiwan R.O.C.

How to withdraw a consent / opt-out

If you have provided us with your consent to process your personal data, you can withdraw your consent at any time. If you withdraw your consent, this will not affect the lawfulness of the processing of your personal data before you withdrew your consent. You can withdraw a consent / opt-out of processing by submitting a request to us using one of the methods listed under “Contact Us” below. We may request specific information from you to confirm your identity prior to processing your request. Applicable law may require or permit us to decline your request. If we decline your request, we will tell you the reason why, unless we are not permitted by law to disclose the reason..

Contact Us

If you have any questions about this Notice or about our processing of your personal data, please contact us at dataprivacy@dieboldnixdorf.com. You can also contact us by post at the addresses listed above under “Controller.”

THAILAND

This section of the Notice applies to the personal data of individuals in Thailand under Personal Data Protection Act of 2019 (PDPA) and other Thailand’s data protection laws. It supplements the information above in the Notice.

Controller

The controller of your personal data is the Diebold Nixdorf entity in Thailand with which you have a contract or direct relationship, and as applicable, Diebold Nixdorf, Inc., 350 Orchard Ave NE, North Canton, Ohio 44720. The Diebold Nixdorf entities in Thailand include:

Diebold Nixdorf (Thailand) Company Limited, 47/304 Kaitak Building, 3rd Floor, Chaengwattana Road, Tambol Banmai, Amphur Pakkred, Nonthaburi Province, Thailand
Wincor Nixdorf (Thailand) Company Limited, 47/304 Kaitak Building, 3rd Floor, Chaengwattana Road, Tambol Banmai, Amphur Pakkred, Nonthaburi Province, Thailand

How to withdraw a consent / opt-out

If you have provided us with your consent to process your personal data, you can withdraw your consent at any time. If you withdraw your consent, this will not affect the lawfulness of the processing of your personal data before you withdrew your consent. You can withdraw a consent / opt-out of processing by submitting a request to us using one of the methods listed under “Contact Us” below. We may request specific information from you to confirm your identity prior to processing your request. Applicable law may require or permit us to decline your request. If we decline your request, we will tell you the reason why, unless we are not permitted by law to disclose the reason.

Contact Us

If you have any questions about this Notice or about our processing of your personal data, please contact us at dataprivacy@dieboldnixdorf.com. You can also contact us by post at the addresses listed above under “Controller.”

CANADA

This section of the Notice applies to the personal data of individuals in Canada. It supplements the information above in the Notice.

The Canadian Personal Information Protection and Electronic Documents Act (“PIPEDA”) exempts certain types of personal data (e.g., business contact information) from its scope. This means that you may not have certain rights, and we may not have certain obligations described above with respect to your personal data.

Canadian Provinces have enacted privacy legislation as follow:

Personal Information Privacy Act British Columbia (“PIPA BC”),
Personal Information Privacy Act Alberta (“PIPA Alberta”), and
Act Respecting the Protection of Personal Information in the Private Sector (“Quebec Private Sector Act”)

The PIPA BC, PIPA Alberta and the Quebec Private Sector Act apply to both consumer and employee personal information practices of organizations within BC, Alberta and Quebec, respectively, that are not otherwise governed by PIPEDA.

Contact Us

If you have any questions about this Notice or about our processing of your personal data, please contact us at dataprivacy@dieboldnixdorf.com. You can also contact us by post at Diebold Nixdorf Canada, Limited, 6630 Campobello Road, Mississauga, Ontario Canada L5N 2L8.

UNITED STATES OF AMERICA (U.S.) AND U.S. STATES

Whilst there is no comprehensive federal privacy law, several federal laws do focus on specific data types or situations regarding privacy, these include, but not limited to, the following:

Children’s Online Privacy Protection Act (“COPPA”)
Federal Trade Commission Act (“FTC Act”)
Gramm-Leach-Bliley Act (“GLBA”)
Health Information Portability and Accountability Act (“HIPAA”)

U.S. State Laws:

The following states provide consumers additional rights and protections regarding how businesses may use their personal information, or what is required in order for businesses to be allowed to use their personal information which are similar to the rights provided by the EU’s GDPR. This includes that states are required to enter into Data Processing Agreements (DPAs) with any third-party processor that may have access to a consumer's personal information which the business holds and provides to a third-party processor for a specific limited purpose. The following states have Comprehensive Privacy Laws currently in effect as of the date of this Document, which are as follows: California, Colorado, Connecticut, Montana, Oregon, Texas, Utah, and Virginia. Beginning in January 2025, the following states will have Comprehensive Privacy Laws that go into effect: Delaware, Iowa, Nebraska, New Hampshire and New Jersey. This list of state laws that are applicable to this Notice shall be amended from time to time.

California Consumer Privacy Act (“CCPA”)

You have the right under CCPA to notify us with regard to your personal information to limit our use of such information by clicking the link: Do Not Sell or Share My Personal Information.

Shine the Light

In addition to CCPA, California residents also have rights under Shine the Light. California residents may request information from us once per calendar year about any personal information shared with third parties for the third party’s own direct marketing purposes, including the categories of information and the names and addresses of those businesses with which we have shared such information. To request this information, please contact us at dataprivacy@dieboldnixdorf.com or by postal mail sent to Diebold Nixdorf, Inc., Attn: General Counsel, 350 Orchard Ave NE, North Canton, Ohio 44720. Your inquiry must specify “Shine the Light Request” in the subject line of the email or the first line of the letter, and include your name, street address, city, state and ZIP code.

How We Share Your Personal Information in Compliance with the Laws of the U.S. States Listed Above

We may disclose your personal information to a third party for a legitimate business purpose. By executing DPA(s) that are entered into with third-party processors, require businesses as a data exporter to evaluate the data importer and their ability to protect and ensure the security of the personal information that is being provided to them by the data exporter and the controls and limitations, they have in place for the purpose they are receiving this personal information. It must be considered whether additional safeguards may be required by such third-party processors.

Businesses as a data exporter must consider what additional safeguards should be applied; these could be technical, contractual or involve a throttling back of certain transfers.

Contact Us

If you have any questions about this Notice or about our processing of your personal data, please contact us at either dataprivacy@dieboldnixdorf.com or by postal mail sent to Diebold Nixdorf, Inc., Attn: General Counsel, 350 Orchard Ave NE, North Canton, Ohio 44720..