Aebi Schmidt Holding AG (further in the document “Aebi Schmidt”), having its registered office in Frauenfeld, Switzerland, together with its affiliated companies belonging to the Aebi Schmidt Group (hereinafter referred to as ‘Aebi Schmidt’, ‘us’, or ‘we’), agrees to protect and respect your privacy. We are responsible for the processing of personal data in accordance with this privacy policy. Aebi Schmidt takes the protection of your data very seriously. In the following, we set out which data we collect and how we use it.

The data controller for the data processing is:

Aebi Schmidt Holding AG
Schulstrasse 4
8500 Frauenfeld
Switzerland

Aebi Schmidt would like you to feel safe when using our website and to be informed about when, for what purposes, and which of your personal data is processed.

Aebi Schmidt reserves the right to amend this privacy policy from time to time. You should therefore read these data protection provisions regularly.

This section also serves as our legally required Notice at Collection under U.S. state privacy laws, informing about the categories of personal data we collect, the purposes for which we use them, and your rights regarding such data.

3.1 What is Personal Data?

Personal data is all information relating to a specific or identifiable natural person (e.g. name, address, telephone number, date of birth or email address). In general, you can use our website without providing any personal data. The use of the website, applying for employment and the use of our services may require personal data to be provided. Personal data will therefore not be processed as a matter of course but rather only in certain circumstances and for certain purposes. 

3.2 Which Categories of Personal Data do we Process?

To provide our services and operate the website, we process only the personal data that is necessary for the purposes described in this Privacy Policy. For clarity and data-minimization compliance, the categories of personal data listed below are divided into two groups:

• (A) data required for core functionality and service delivery, and
• (B) data that is optional and used only for enhancement, personalization, analytics, or marketing, depending on your choices and applicable consent requirements.

A. Required Personal Data (necessary for service provision, communication, security, or regulatory compliance)

These categories are required in order to operate the website, provide services, respond to inquiries, process transactions, maintain security, or handle employment applications:

• Identification and Contact Information
  • Name, address, phone number, email
  • IP address and other device identifiers
  • Login information
• Professional and Employment Information
  • Job title, position
  • Company affiliation
  • Professional background
  • Academic background
  • Resume details
• Financial and Transactional Information
  • Payment and billing information
  • Order details
• Background and Verification Data
  • Identification and background checks
  • Information disclosed by third parties
• User-Provided and Generated Data
  • Information you provide directly
  • Information created through services provided to you
• Technical and Usage Data
  • Information via log files
  • Website usage statistics
  • Device/browser configuration

B. Optional Personal Data (used only with consent or when voluntarily provided)

These categories are collected only if you choose to provide them, consent to their use, or engage with features that require them. They support personalization, analytics, communications, or optional services, but are not necessary for basic access:

• Relationship and Demographic Information
  • Relationship to other individuals
  • Basic personal details
  • Demographic data

3.3 How We Collect Personal Data

We collect personal data through information you voluntarily provide as well as through automated tools used on our website, as described below.

Some of this personal data, including name, company name if applicable, and contact information, will only be collected if you voluntarily provide it during the user registration process. We may also track information such as the domain name and the name of the web page from which you entered our web portal, and how much time you spend on each of our pages. We collect information that is combined with other web visitors' information, such as how many times visitors click on each web page and the methods by which our Products and Services were found.

We may collect IP addresses and website usage information from you when you visit our website via the use of "cookies." An IP address is a number that is assigned to your device when you are using your browser on the Internet. A cookie is a small file that is stored on the hard drive of your device ready for future access when you return to our website. We use cookies to deliver web content specific to you and to keep track of your online order activity. Cookies cannot pass viruses, harm your computer, or pass on private information such as an email address without the device user's intervention. Cookies contain session identification numbers that allow our systems to recall previous sessions for authentication efforts and assemble information from our gathered data. You can configure your device’s browser to alert you when our website is attempting to send you a cookie and allow you to accept or refuse the cookie. Further information on how to prevent cookies from being stored on your device can be found on http://www.allaboutcookies.org under the “manage cookies” section. Alternatively, you can access further information by going to the help menu within your internet browser. To opt out of being tracked by Google Analytics across all websites visit http://tools.google.com/dlpage/gaoptout. 

We use cookies to give you the best experience on our website. If you continue to access our website without changing your cookie settings, we assume that you consent to our use of cookies on your device. You can change your cookie settings at any time but if you do, you may lose some functionality on our website.

3.4 When and for What Purposes do we Process Personal Data?

Aebi Schmidt processes personal data for the following purposes:

• Website: For the operation, optimization and personalization of our website as well as the ad management, ad performance analytics, ad matching and retargeting (targeted online advertising where communications are targeted to users based on their past behavior). Also includes statistical analysis of website visits.
• Web shop: For the operation, optimization and personalization of our webshop.
• Newsletter: To send you our newsletter and invite you to subscribe.
• Communication: In the context of our communication, we process your personal data as well as the personal data of your employees and third parties in a relevant relationship with you. This includes responding to inquiries and providing a means of contact.
• Background Check: For our due diligence, we can conduct a background check during the initial communication and negotiation phase.
• Contract Negotiations: In order to determine our services, we may already have access to the personal data available to you and information about you, your customers, service providers or other categories of persons who have a relevant relationship with you.
• Services: We process personal data in order to provide our agreed services and to create information for you.
• Business Relationship: We process personal data to be able to manage the business relationship with you.
• Maintaining our Operations: We process personal data for our internal business infrastructure.
• Sending Information and Events: We process your data to send you updates, invitations to events, information about changes that are relevant to you, etc. We also process your personal data to send you promotions, advertisements, and marketing about our products and services.
• Billing: For billing purposes, we process financial information such as payment information. This also includes processing and delivering orders and maintaining transaction and purchase history.
• Data Security: We process your data for system security and stability, especially of our website.
• Prevention and Investigation of Criminal Offenses and Other Misconduct: (e.g. conducting internal investigations, data analyses to combat fraud).
• Retention: We will retain the information you provide and the information we create as part of our service for no longer than the retention periods applicable to us.
• Applicants: During the application process, we process your application documents to check your qualifications and participate in the selection process for open positions.
• To Protect our Content and Services: We may use your personal data to prevent potentially illegal activities and to enforce our terms and conditions. We also use a variety of technological systems to detect and address anomalous activity and to screen content to prevent abuse, such as spam. These efforts may, on occasion, result in a temporary or permanent suspension or termination of some functions for some users. By using our Products and Services, you acknowledge and agree that we may access, retain, and disclose the personal data we collect and maintain about you if required to do so by applicable law of the relevant jurisdiction or in a good faith belief that such access, retention, or disclosure is reasonably necessary to: (a) comply with legal process (e.g. a subpoena or court order) or law; (b) enforce our Terms of Service, this Privacy Policy, or other contracts with you, including investigation of potential violations thereof; (c) respond to claims that any content violates the rights of third parties; (d) respond to your requests for customer service; and/or (e) protect the rights, property or personal safety of Company, its agents, affiliates, users, and/or the public. This includes exchanging information with other companies and organizations for fraud protection, compliance with applicable law, spam/malware prevention, and similar purposes.
• To get Feedback or Input from you: In order to deliver the Products and Services of most interest to our customers, from time to time, we may ask members, customers, volunteers, and website visitors to provide us with their input and feedback (for example through surveys, usability studies, focus groups). This includes conducting satisfaction surveys.
• To Protect our Information Assets as well as your own Personal Data: Our Information Security Program protects the confidentiality, integrity, and availability of our information assets by following a risk management approach based on policies, standards, guidelines, and procedures to meet security objectives while supporting business and operational goals.
• To Assist in Business Transfers: As we continue to develop our business, we may buy, merge, or partner with other companies. In such transactions, (including in contemplation of such transactions) user information may be among the transferred assets. If a portion or all of our assets are sold or transferred to a third-party, customer personal data (including your email address) would likely be one of the transferred business assets. If such transfer is subject to additional mandatory restrictions under applicable laws, we will comply with such restrictions.
• Legal Requirements: To comply with our legal and regulatory obligations.
• Legal Cases: For the possible enforcement as well as the defense of legal claims.

To the extent that we collect certain demographic information about you, we may use it for market research purposes, but only after we have “anonymized “or “pseudonymized” the data to remove any information that could identify you. We will not use your personal data to send commercial or marketing messages unless we have a legal basis for doing so, such as your consent or a contract with us. In either case, you will have the ability to opt out by sending an email to dpo@aebi-schmidt.com. You may also object to the processing of your personal data for any or all secondary purposes by contacting us at the same address.

We do not collect personal data when you browse our website and request pages from our servers unless you voluntarily and knowingly provide such information to us. This means that we will not know your name, your email address, or any other personal data just because you browse the website unless you:

• access our Products and Services from a link in an email that we have sent to you;
• have created a profile and you either log-in to your account or choose to be remembered via your cookie or your web-enabled mobile device.

In these cases, we will know who you are based on the information you previously supplied to us. When you request a page from our website, our servers log the information provided in the HTTP request header including the IP number, the time of the request, the URL of your request and other information that is provided in the HTTP header. We collect the HTTP request header information in order to make our website and the Products and Services we offer function correctly and provide you with the functionality that you expect to see. We also use this information to personalize the content we present, better understand how visitors use our website, and better tune the website, its contents, and its functionality to meet your needs. We only use your personally identifiable information for those activities listed at the time you submit your information to us. For example, if you provide us with an email to inform you of special events, then that is what we will use your email address to do. If we would like to use your personal data for an unrelated activity, we will first request your consent to do so.

3.5 Consent for Sensitive Data and Cross-Border Processing

In jurisdictions where required, Aebi Schmidt will obtain your explicit consent before processing sensitive personal data (defined as “sensitive” under applicable U.S. state and Canadian privacy laws) or transferring your personal data across borders to locations that may not provide the same level of data protection as your state, province, or country of residence.

You may withdraw your consent at any time by contacting us at dpo@aebi-schmidt.com, and we will cease processing such data unless another legal basis applies. We will not process sensitive data or perform cross-border transfers that require consent unless you have clearly opted in.

4.1 Is Personal Data Transferred to Third Parties?

In general, we only pass your personal data on to third parties if you have given us your consent, where we have a legitimate interest, where it is permitted under Article 36 of the Federal Law of Protection of Personal Data Held by Private Parties (MX) or under any Federal or local law of a country, province or state, or if it is necessary for our services or in order to process your enquiry.   

In addition, your data may be passed to third parties where we are required to do so because of legal provisions or are ordered to do so by the authorities or by a court of law.

If we do provide your personal data to third parties or allow third parties to collect personal data from you on our behalf, it is because we have contracted with that third party to provide some part of the information or service that you have requested. We have received their contractual assurances that they will protect your personal data in accordance with all applicable laws. 

We may also disclose your personal information to a) comply with legal process (e.g. a subpoena or court order) or law; (b) enforce our terms of use, this Privacy Policy, or other contracts with you, including investigation of potential violations thereof; (c) respond to claims that any content violates the rights of third parties; (d) respond to your requests for customer service; and/or (e) protect the rights, property or personal safety of the Company its agents and affiliates, its users and/or the public. This includes exchanging information with other companies and organizations for fraud protection, compliance with applicable law, and spam/malware prevention, and similar purposes.

Other than those who act on our behalf and except as explained in this Policy, personal data you provide to us will not be transferred to unrelated third parties, unless we have your permission or a legal basis to do so. However, please note that personal data provided to us is subject to disclosure pursuant to judicial or other government subpoenas, warrants or orders. We will only provide this information after approximately two weeks following receipt of a valid subpoena or other legal process in a civil case.

We may share your personal information with the following categories of third parties:

• Cloud Service Providers    
  To host data across the world for us. In some cases, we may need to disclose or transfer your personal information to other affiliated entities or to third parties in areas outside of your province of residence (see Transfer of Personal Data to Third Parties and Duration of Storage and Retention Periods for more details).
• Payment Services Providers    
  To process payment information and complete transactions made on our website.
• Mailing Service Providers
  To send you relevant communications.
• Analytics and Marketing Service Providers
  To help us provide you with content, products, or services of interest to you.
• Business Partners
  To allow for conference or event management. The treatment of your information will be further subject to the privacy policies of those parties. 
• Customer Support providers
  To communicate with you, including responding to your inquiries or complaints, to help you place an order; to identify and repair issues on our websites or accounts, and other related customer support inquiries. 
• Subsidiaries
  To support business and personnel operations.
• Competent Authorities
  To comply with legal obligations.
• Service Providers
  To process purchases and provide necessary support

4.2 Are Third-Party Service Providers also Used?

We also use external service providers for data processing. Service providers are generally involved as ‘processors’ who are permitted to process the personal data only in accordance with our instructions. This can be:

• our service providers (e.g. banks, accounting, insurance, e-mail and IT providers, hosting platform, newsletter solution, storage solution)
• recipients individually defined by you (e.g. your partner company or subsidiary)
• domestic and foreign authorities, agencies, courts or other parties in potential or actual legal proceedings
• third parties in potential or actual legal proceedings

4.3 Is Personal Data Passed on to Recipients in Third Countries?

We also make personal data available to third parties or processors who are not based in the US, Canada, or Mexico. In this case, we either ensure before the transfer that the recipient guarantees an adequate level of data protection (e.g. following the privacy laws of the country, state or province) or that you, as the user, have given your consent.   

If it is necessary in order to respond to your enquiry, we pass your data on to the relevant Aebi Schmidt representative or to third parties. The data protection provisions of the relevant country apply. By giving your consent, you accept the risks associated with the transfer of your data to the respective third-party company, insofar as this is necessary to respond to your enquiry. If you do not provide your consent, this may mean that we are unable to respond to your enquiry. In this case, please feel free to contact us by telephone.

Transfers outside your country are based on standard contractual clauses, adequacy decisions, or other legally recognized safeguards that ensure an equivalent level of protection for your personal data.

If you would like to know more about our data transfer practices, please contact dpo@aebi-schmidt.com.

We store your personal data for as long as is necessary for the operation and provision of our website, for contract negotiations, the services offered (or contact options) and for the fulfilment of our contractual and legal obligations or otherwise for the purposes pursued with the processing, i.e. for example for communication with you or for as long as we have a legitimate interest in continuing to store it. In all other cases, we delete your personal data, with the exception of data that we are required to retain in order to comply with legal obligations (e.g. retention requirements).

In a situation where data is stored in cookies or as local storage (applies to data used when browsing the website), the duration of the storage and retention periods is set by the service provider (third-party cookies) or, in the case of first-party cookies, the expiration date of data is closely related to the imperative of providing the right quality of service operation. Removal of data stored in cookies or local storage is feasible by the user and technically depends on the version and type of browser and device.

For clarity, customer account and transaction data are typically retained for up to three years after the end of the customer relationship, unless a longer period is required by law. Recruitment data is retained for up to one year after the completion of the hiring process, and technical logs are retained for no longer than 12 months unless needed for security or compliance purposes.

6.1 General assumptions

We take appropriate technical and organizational security measures to protect your personal data from unauthorized access, use, disclosure, alteration or destruction. Appropriate measures include, for example, the issuance of directives, training, IT and network security solutions, access controls and restrictions, encryption of data media and transmission and other controls and pseudonymization. Wherever possible, we use encrypted data communication based on HTTPS/TLS in conjunction with the highest level of encryption. In relation to our website, we have no control over external sites to which we link, nor over external sites that link to our website. With respect to such sites, we cannot guarantee that the information contained therein is accurate or that they are free of malware (such as viruses). Information and services provided by linked websites or web services are entirely the responsibility of the relevant third party. We disclaim any responsibility for such websites or web services.

6.2 Data Breach Notification

Aebi Schmidt takes data security seriously and maintains procedures to detect, investigate, and respond to data breaches. If a security incident occurs that creates a risk of harm to individuals whose personal data may have been involved, we will notify affected users as required by applicable law and provide information on steps they can take to protect themselves.

Where required, we will also notify the appropriate regulatory authorities, including:

• relevant U.S. state Attorneys General in accordance with state data breach statutes;
• the Office of the Privacy Commissioner of Canada (OPC) under PIPEDA;
• the Commission d’accès à l’information (CAI) in Quebec, without delay and in compliance with the obligations set out in Quebec’s privacy legislation.

We will document breaches in accordance with legal requirements and take corrective actions to prevent future incidents.

7.1.1 Log Files

When accessing our website, certain data is automatically transferred by your internet browser and stored by us in so-called log files: 

• IP address
• Date and time of server request
• Browser settings, browser type and version 
• Content of the request (specific page)
• Access status/HTTP status code
• Information transferred about operating system
• Name of the retrieved file
• Time difference to Greenwich Mean Time

This usage data forms part of the basis for statistical, anonymous evaluations for the purposes of trend recognition, which Aebi Schmidt may use to improve its website accordingly. 

7.1.2 Purpose of the Log Files

Personal data is stored for security reasons or for the investigation of errors. It is stored for up to six months and then erased. Log files are excepted from the requirement to erase if it is necessary to continue retaining them for evidential purposes until such time as the respective incident is finally resolved, and may in individual cases be disclosed to investigatory authorities.

To provide an optimal experience on our website, we use first-party and third-party cookies.

A cookie is information stored on your computer by a website through a browser.

Cookies can be disabled in your device’s privacy settings.

You can learn more about our use of cookies in our Cookie Policy.

We use statistical information about the use of our website in order to be able to make it more user-friendly, analyze trends and otherwise manage and improve the website.

The user profiles created by the tool using analysis cookies, or through evaluation of the log files, are not linked to personal data.

We use the following systems:

• Matomo:
  The tool either does not use the IP addresses of users at all or, if it does, it truncates them immediately after collection. We use open-source software from the web analysis provider Matomo and only store your personal data on our own server. Your personal data is not passed on to the web analysis provider Matomo. Third Party Information and information on contacting the solution provider: https://matomo.org/privacy-policy/
• Google Analytics:
  This website uses Google Analytics, a web analytics service provided by Google Ireland Limited (below for short “Google”). The purpose of using Google Analytics is to analyze and regularly improve the use of our website. We can use the statistics obtained to improve our offer and make it more interesting for you as a user. We also receive information about the functionality of our site (e.g. to identify navigation problems). In accordance with the recommendations resulting from Schrems II, the website uses Google Analytics 4 (GA4), which includes the ability to configure to the highest possible extent exclude the collection of personal data  The GA4 service does also not log IP addresses and is configured to limit the collection of granular data (like location or device). Third Party Information: Google Ireland Ltd., Gordon House, Barrow Street, Dublin 4, Ireland; Google Canada Corporation, 111 Richmond Street West, Suite 500, Toronto, ON M5H 2G4, Canada; and Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA. 

When using opt-out cookies, it must be ensured that the opt-out function relates to a device or a browser and, in general, applies only to the end device or browser currently being used. In addition, you can prevent the creation of user profiles completely by disabling the use of cookies on a general basis. If you have activated cookies and subsequently wish to opt out of the collection or evaluation of your data by this tool, you can adjust your settings here:

This website is prepared for use as part of Google Ads campaigns and the use of Conversion Linker.

• Google Ads is an advertising service used to control campaigns, personalize and measure the effectiveness of advertising campaigns.
• Conversion Linker are tags used to collect data about campaign clicks, thanks to which conversions are effectively measured in different domains.

Please note that this service may transfer data to a country without the required data protection standards. If data is transferred to the US, there is a risk that it may be processed by US authorities for control and supervision purposes, possibly without recourse. For more information on security, please refer to Google Privacy Help Center 

When using opt-out cookies, it must be ensured that the opt-out function relates to a device or a browser and, in general, applies only to the end device or browser currently being used. In addition, you can prevent the creation of user profiles completely by disabling the use of cookies on a general basis. 

The use of mechanisms related to Google Ads results directly from three scenarios:

• User has consented to the use of tracking mechanisms and such cookies
• User clicked on a paid link in the Google browser. We are talking about a link in organic results that has been marked as sponsored, and the use of the search engine itself had to be associated with accepting information related to the use of the above-mentioned search engine (within the google.com website or at the level of accepting the rules related to the use of the Chrome browser).
• User clicked on an image ad on a Google partner site.

• 7.5.1 What are social plug-ins?

  Plug-ins can be used to integrate social media into our website for the benefit of our users.

  By default, the plug-in’s functions are deactivated in order to prevent the automatic transfer of user data to the providers. The plug-in is only activated, and data is only transferred, once the user clicks on the plug-in. Log files (including IP addresses) are then sent by your internet browser directly to a server belonging to the relevant plug-in provider and may be stored there. This server may be located outside of the US, Canada, or Mexico.

  7.5.2 Preventing the activation of plug-ins?

  If you do not want any data to be exchanged with social media, you should log out of social media before using our website. You should also activate private mode in your browser settings.

  It also helps to deactivate or restrict cookies in your browser settings. This prevents third parties from being able to trace your user behavior. In general, you can also completely prevent plug-ins from loading by using add-ons for your browser (known as script blockers).

  7.5.3 Does Aebi Schmidt have control over the scope of the data processing through plug-ins?

  Plug-ins are independent extensions belonging to the plug-in provider. Aebi Schmidt therefore has no control over the scope of the data that is collected and stored by the provider of the plug-in. If one of the specified plug-in providers has placed cookies on your device, it may generally record your surfing habits and use tracking data to create detailed user profiles. 

  You can find further information about the purpose and scope of collection and the further processing and use of your data by plug-in providers, as well as your rights and configuration options to protect your data, in the privacy policy of the relevant plug-in provider. In the course of using our website, we use a plug-in from the following provider:

  • YouTube plug-ins: YouTube is operated by YouTube Inc., 300 Sand Hill Rd, BLDG Suite 180, Menlo Park CA 94025, USA, more: policies.google.com/privacy We use the privacy friendly ‘youtube-nocookie’ version here to play videos on our website (e.g. blog) (YouTube Help).
  • Google plug-ins: We offer a directions service on our website that uses Google Maps (hereinafter referred to as ’Google’). This redirects you to the Google Maps website. Please note that Google provides this map service to you under its own responsibility. We are not responsible for data processing by Google. This is a service of Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043 USA. If you access integrated services on our website, Google stores a cookie on your end device via your internet browser. In order to show the locations and create directions, your user settings and user data are processed. Through the connection established with Google, Google can detect which website your enquiry has been sent from and to which IP address the directions are to be sent. If you do not agree to this processing, you have the option to prevent the installation of cookies through the relevant settings in your internet browser. You can find Google’s privacy policy notice at: policies.google.com/privacy

Please note that activating a plug-in may result in your personal data being transferred outside your jurisdiction, including to countries with different or lower privacy standards than those applicable where you reside.

Also please note that once you activate a social media plug-in, you enter directly into a relationship with the plug-in provider. The provider’s own privacy policy, and not ours, governs the collection and processing of your personal data by that third party.

You can use contact forms to contact us directly, ask us questions, share feedback or generally use the services that we provide on our website.

In general, the mandatory details we collect in order to process your enquiry or request are your title, first name, surname, email address and country. Mandatory details are always identified with an asterisk (*). If it is necessary for the processing of the enquiry, we may collect other data as mandatory data. 

You can find out what data is collected, including the mandatory fields, directly in the relevant contact form on our website. Alternatively, you can get in touch with us via the email address provided. In that case, the personal details sent with your email will be stored. The personal data will only be used for the purposes indicated and, if necessary, transferred to the appropriate Aebi Schmidt company to deal with your request. The data processed for the communication is not transferred to third parties outside of Aebi Schmidt unless this is strictly necessary in order to be able to respond to your enquiry (see section 4) and you have given your consent to this. We delete data that you send us via contact forms as soon as it is no longer necessary for us to store it.

You can register for our newsletter via the newsletter form. By registering, you are consenting to the necessary processing of your personal data. The mandatory details in order to register are your email address, country and language. Mandatory details are always identified with an asterisk (*). You can also add optional information such as your first name and surname or your interests.

You can find out which data is collected (including the mandatory fields) directly via the newsletter form on our website. Your personal data will only be used for the stated purposes. We use software from an external service provider based in the EU to send and analyze our newsletters. This software tracks open and click behavior. Specifically, the following information is tracked: time of delivery, time of opening, duration of opening, IP address at the time of opening, email program (mail client) used, which link was clicked, and the time of the click. No data is transferred to third countries unless you are located in a third country and have consented to such transfer by subscribing to the newsletter. Your data will be deleted immediately if you withdraw your consent to receive the newsletter

We do not use profiling to inform you about our services or to send you advertising.

9.1 Right to Information

Users have the right at any time to request information from the data controller responsible for the processing about their personal data which is processed and to receive a copy of this information. Users also have the right to find out whether personal data has been transferred to a third country.

9.2 Right to Rectification

Users have the right to require the data controller to rectify any of their personal data which is incorrect or incomplete.

9.3 Right to Erasure

Users have the right to require the data controller to erase their personal data immediately if such data is no longer necessary for the purposes for which it has been collected or processed. The same applies if users withdraw their consent or object to processing and there is no overriding legitimate interest for the processing or the personal data has been processed unlawfully. In addition, users may assert this right if the data controller is subject to a legal requirement to erase the data or the personal data has been collected in relation to information society services.

9.4 Right to Restriction of Processing

Users have the right to require the data controller to restrict the processing of their personal data.

9.5 Right to Data Portability

Users have the right to receive the personal data provided by them to a data controller in a structured, commonly used and machine-readable format and have the right to transfer this data to another data controller without being prevented from doing so by the data controller to which the personal data was provided.

9.6 Right to Withdraw Consent

Users have the right to withdraw their consent to the processing of their personal data at any time. Such withdrawal does not affect the lawfulness of any processing carried out on the basis of their consent up until the date of withdrawal.

9.7 Right to Object

Users have the right to object to the processing of their personal data at any time if the processing takes place on the basis of a legitimate interest of the data controller/third party or is necessary to perform a task that is in the public interest. You may object at any time if the personal data is processed for the purposes of direct marketing.

9.8 Right to Opt Out of Data Sales, Sharing, and Targeted Advertising

Residents of certain U.S. states have the right to opt out of the sale of their personal data, the sharing of personal data for cross-context behavioral advertising, and the use of their personal data for targeted advertising. Aebi Schmidt does not sell personal data in the traditional sense; however, some activities – such as the use of cookies and third-party analytics/advertising tools – may be considered “sharing” or “targeted advertising” under applicable state laws.

You may exercise your right to opt out at any time by contacting us at dpo@aebi-schmidt.com and specifying that you wish to opt out of:

• the sale of personal data;
• the sharing of personal data for cross-context behavioral advertising; and/or
• the use of your personal data for targeted advertising.

If applicable, we will also honor browser-based or device-based opt-out signals recognized by state law, such as the Global Privacy Control (GPC), where legally required.

We will process your request in accordance with the privacy laws of your state of residence. You will not be penalized, denied services, or experience discrimination for exercising this right.

9.9 Non-Discrimination for Exercising Privacy Rights

Aebi Schmidt will not discriminate against you for exercising any of your privacy rights under applicable U.S. state laws. This means that we will not:

• deny you goods or services;
• charge you different prices or rates, including through discounts, penalties, or other financial incentives;
• provide you with a different level or quality of goods or services; suggest that you may receive a different price or level of service as a consequence of exercising your rights.

9.10 How can you Exercise your Rights?

In order to exercise your rights or other privacy-related information, please contact dpo@aebi-schmidt.com or your local HR department.

10.1 Access to Personal Information 

In some jurisdictions, you have the right to request access to your personal information. In these cases, we will comply, subject to any relevant legal requirements and exemptions, including identity verification procedures. Before providing data to you, we will ask for proof of identity and sufficient information about your interaction with us so that we can locate any relevant data. 

10.2 Right to Rectification 

You have the right to correct or amend your personal information if it is inaccurate or requires updating. You may also have the right to request deletion of your personal information in some circumstances. Please note that such a request could be refused because your personal information is required to provide you with the products or services you requested, e.g. to deliver a product or send an invoice to your email address, or that it is required by the applicable law.

10.3 Withdrawing Consent 

In some jurisdictions, you may request to withdraw your consent to the use, disclosure and retention of your personal information. How this request is handled depends on the situation and the purpose for which it is made. Depending on the case:

• you will be able to withdraw your consent, but we will no longer be able to offer you a service that depends on it;
• you will not be able to withdraw your consent because the processing of your personal information is necessary or compulsory.

In all cases, we may be required to retain certain personal information to comply with our legal obligations.

10.4 Marketing Preferences

If you have provided us with your contact information, we may, subject to applicable anti-spam laws, including CAN-SPAM (U.S.) and CASL (Canada) or similar regulation, contact you via email, postal mail or telephone about our products, services and events that may be of interest to you, including newsletters.

Our email communications will generally provide an unsubscribe link allowing you to opt-out of receiving future email or to change your contact preferences. Email communications may also include a link to directly update and manage your marketing preferences. If you have an online account with us, you can also change your contact preferences through your account settings. Please remember that even if you opt out of receiving marketing emails, we may still send you important Service information related to your accounts.

To exercise your privacy rights or if you believe that the information we hold about you is incorrect, incomplete or out-of-date, please contact our privacy officer at dpo@aebi-schmidt.com.

You can also opt out of our marketing emails at any time by contacting us at dpo@aebi-schmidt.com or by sending us a post card to “OPT OUT”, 41280 Bridge Street, Novi, MI 48375, United States of America, Attn: Group Data Protection Officer.

10.5 Additional Rights, Under Quebec Private Sector Act, for Individual 

10.5.1  Right to Erasure

You have the right to require an organization to:

• cease disseminating personal information about them;
• de-index any hyperlink that provides access to that information, if the dissemination violates the law or a court order; and
• re-index any hyperlink that provides access to that information.

Such a request may be made when the following conditions are met:

• the dissemination of such information would cause the person serious harm in relation to the person's right to respect of their reputation or privacy;
• the harm is clearly greater than the public’s interest in knowing the information or the right to freedom of expression (the balance of convenience criterion); and
• the relief sought does not exceed what is necessary to prevent the continuation of the injury.

10.5.2 Right to Data Portability

You have the right to request a copy of computerized personal information in the form of a written and intelligible transcript.

10.5.3 Compliance With Canadian Privacy Laws

Aebi Schmidt complies with all applicable Canadian privacy legislation, including the federal Personal Information Protection and Electronic Documents Act (PIPEDA), Quebec’s Act to modernize legislative provisions as regards the protection of personal information (“Law 25”), and the provincial Personal Information Protection Acts in British Columbia and Alberta. Our data-handling practices, user rights, and breach-notification procedures are designed to meet or exceed the requirements established under these laws. Where provincial or federal regulations impose higher standards, we apply the more protective rule.

11.1 Right to Access

The right to request and receive a copy of your personal data held by the company.

11.2 Right to Rectification

The right to have your data corrected if it is inaccurate or incomplete.

11.3 Right to Cancellation

The right to have your data deleted from the company's records when the legal basis for its use no longer exists.

11.4 Right to Opposition

The right to object to the processing of your personal data for specific, legitimate reasons.

11.5 Withdrawing Consent and Exercising Rights

The data subject (Person) or their legal representative may exercise their rights of Access, Rectification, Cancellation, and Opposition (ARCO rights in Mexico), or revoke consent for data processing by submitting a request to dpo@aebi-schmidt.com including:

• Name of the applicant data subject and, if applicable, their legal representative
• Documents proving identity or legal representation
• Address and/or email for response
• Clear and precise description of the right to be exercised and the personal data involved
• If requesting correction, specify the data to be corrected and the desired correction

11.6 Limiting Use

The data subject may limit the use or disclosure of their personal data by sending a request via email to dpo@aebi-schmidt.com

11.7 Implicit Consent

By continuing to browse our website or contacting us through any of the available channels and providing your data, you acknowledge and accept the content, scope, terms, and conditions described in this Privacy Notice and authorize the use of your personal data accordingly.

For information and feedback on the topic of data protection, please contact our data protection officer:

Aebi Schmidt Holding AG
Group Data Protection Officer
Schulstrasse 4
8500 Frauenfeld
Switzerland
Tel: +41 44 308 58 00
Email: dpo@aebi-schmidt.com

Aebi Schmidt USA 
Group Data Protection Officer
41280 Bridge Street
Novi, Michigan 48375
United States of America
Tel: +1 517 543 6400
Email: dpo@aebi-schmidt.com

Aebi Schmidt Canada
Group Data Protection Officer
1186, Route 321 Nord C.P. 5040 
St-André-Avellin, QC J0V 1W0
Canada 
Tel: +1 819 983 5000 
Email: dpo@aebi-schmidt.com

We aim to keep all personal data that we hold accurate, complete, and up to date. While we will use our best efforts to do so, we encourage you to tell us if you change your contact details. If you believe that the information we hold about you is incorrect, incomplete, or out-of-date, please contact dpo@aebi-schmidt.com.

You can change or correct your personal data at any time. Just send an email with your old information and your corrections to dpo@aebi-schmidt.com with "Correction" in the subject line.

We understand the importance of protecting the privacy of all individuals, especially the very young. Our services are intended for United States, Canadian and Mexican audiences over the age of 18. Our Products and Services are not directed to children, and you may not use our Services if you are under the age of 13. You must also be old enough to consent to the processing of your personal data in your state of residence, province or country (in some states or provinces a parent or guardian may do so on your behalf). Subscribing to our Services is restricted to adults who are either 18 years of age or older or as otherwise legally defined by the state, province, or country of your residency.

We do not knowingly collect, use, or disclose personal information from children under the age of 13. If we become aware that we have inadvertently collected personal information from a child under 13, we will delete that information as quickly as possible unless verifiable parental consent is obtained. Parents or legal guardians who believe that their child has provided personal information to us without their consent may contact us at dpo@aebi-schmidt.com

If you click on a link and go to another website, you will be subject to that website’s privacy policy. We encourage you to read the posted privacy policy statement found at any website before submitting any personal data.

18.1 What Happens When We Update Our Privacy Policy?

We may update this Privacy Policy from time to time. Your continued use of our Services indicates acceptance of any changes. For material updates, we will post a notice in a prominent location on our website. You can always consult the latest version on our website, and we encourage you to review it periodically.

18.2 Ongoing Compliance With Emerging Privacy Laws

Aebi Schmidt monitors developments in U.S. state, Canadian provincial, and other applicable privacy laws. We will update this Privacy Policy as needed to reflect new or revised legal requirements and to ensure that our data-handling practices remain compliant with current regulations. When material changes occur, we will provide notice in accordance with applicable law or through prominent updates on our website.

For further US legal information about privacy issues, you may find these links useful:

• California Consumer Privacy Act 
• Colorado Privacy Act
• Connecticut
• Delaware Personal Data Privacy Act 
• Indiana Consumer Data Protection Act (Effective Jan 1, 2026)
• Iowa Consumer Data Protection Act 
• Kentucky Consumer Data Protection Act (Effective Jan 1, 2026)
• Maryland Online Data Privacy Act 
• Minnesota Consumer Data Privacy Act 
• Montana Consumer Data Privacy Act
• Nebraska Data Privacy Act 
• New Hampshire 
• New Jersey 
• Oregon Consumer Privacy Act
• Rhode Island Data Transparency and Privacy Protection Act (Effective Jan. 1, 2026)
• Tennessee Information Protection Act 
• Texas Privacy and Security Act
• Utah Consumer Privacy Act
• Virginia Consumer Data Protection Act

For further Canadian legal information about privacy issues, you may find these links useful:

• Personal Information Protection Act
• Quebec’s Private Privacy Act

For further Mexican legal information about privacy issues, you may find these links useful:

• Mexico Ley Federal de Protección de Datos Personales en Posesión De los Particulares (LFPDPPP)
• Ministry of Anticorruption and Good Governance (Mexico)

^{Last updated: December 12, 2025}