User Manual

ManualsBrandsSiemens ManualsEquippedSinorix H2O Gas-200;Sinorix H2O Gas-300

Data protection and the EU General

Data Protection Regulation

Siemens understands that data protection is a critical topic

for our stakeholders in the digitalization era. We recognize

the obligations that apply to any handling of data inside

the European Union, and so Siveillance Suite is compliant

not only with European regulations, but also with country-

specific data protection laws.

On April , , the Parliament and Council of the

European Union (EU) adopted the EU General Data

Protection Regulation (GDPR). The GDPR will be directly

applicable to EU Member States as of May , ,

thereby ensuring a harmonized data protection standard

across the European Union.

The Siemens Building Technologies Division data protection

department has developed a program that takes both

internal and customer factors into account.

We’re implementing this program through our data

protection officers from the regional companies located

in the European Union.

The protection of data in cross-border transactions and

transmissions is included in the programs and is of high

importance to Siemens.

Privacy by Design

Privacy by Design is a general requirement for the

development of data processing operations.

We consider data protection when planning and developing

all Siveillance Suite products. For example, tests must be

passed so that data protection comes into play at the very

beginning of the product planning cycle.

Data protection is also included in our technical and organi-

zational measures, and is implemented in Siveillance Suite

by way of certain functions, such as:

• Access control to personal data in the products

• Compulsory use of passwords

• Encryption (of data at rest and data in transit),

where appropriate

• Automatic log-out functions

• Two-factor authentication, if necessary

For example, Siveillance Vantage also ensures that personal

data like usernames, passwords, and subsystem address-

able locations are stored in hashed, nonidentifiable fields

to prevent unauthorized access.

As our customer, you’re offered a variety of options

for customizing the product (for example, functions and

settings) depending on your requirements and sensitivity/

criticality of the personal data being processed.

You are free to use any or all of the product’s technical

and organizational features, and to decide whether

and how to store personal data. This decision remains your

responsibility in your role as data controller.

As another example, SIPORT allows you to decide whether,

where, how, and for what period of time personal data are

stored, and to either grant or reject access.

Data processing on behalf of the controller

The responsibility for data protection is and remains with

our customer, who then decides which personal data are

collected and stored where, how and for how long.

In the context of our maintenance services, Siemens

may access personal data. In this event, we act as

a data processor and adhere to your instructions,

in particular to our contractual agreements.



Siveillance Suite™ | Cyberintelligent security solutions