Personal Data and Privacy Protection

At Infineon, safeguarding personal data and ensuring privacy protection is not just a compliance task—it is a core value that underscores our commitment to ethical and responsible business practices. From employees and customers to suppliers, shareholders, and business partners, we handle personal data with the utmost care, always in strict adherence to applicable data protection laws. Any process, practice, or system that fails to meet these legal and ethical standards has no place in our operations.

To support this critical mission, Infineon has developed and continuously improved an advanced Data Protection Management System (DPMS) that provides a structured, systematic approach to ensuring compliance with applicable data protection regulations worldwide. Over the years, our DPMS has evolved to meet the dynamic nature of privacy regulations worldwide and is subject to regular review and optimization.

We are proud to share that our DPMS was recently audited by independent external auditors and certified in accordance with the IDW PS 980 standard. This certification confirms the appropriateness and effectiveness of our system, underscoring the strength of our privacy compliance framework and the trustworthiness of our data protection practices. 

The Infineon Data Protection Management System (DPMS)

Infineon’s DPMS is built on a foundation of robust governance, comprehensive processes, and a strong culture of accountability. Its key elements include: 

  • Dedicated Oversight: A specialized department ensures compliance with privacy and data protection obligations, supported by local Data Protection Officers in every country where Infineon operates.
  • Global Data Protection Rule: A global framework, supplemented by detailed guidelines, applies to all Infineon employees and operations worldwide.
  • Supplier Assessments: A rigorous supplier evaluation program ensures that only partners who meet regulatory and internal privacy standards are engaged, protecting personal data and the rights of data subjects.
  • Contractual Safeguards: A comprehensive contractual framework ensures all personal data transfers comply fully with global regulatory requirements.
  • Employee Training and Awareness: A mandatory global training and awareness program equips employees and contractors with the knowledge they need to safeguard personal data effectively.
  • Incident Reporting and Accountability: A secure process allows for reporting policy violations, including anonymously. Negligent or intentional breaches of privacy policies are met with disciplinary action.
  • Data Breach Management: A global process ensures the prompt assessment, reporting, and mitigation of data breaches with corrective and preventive measures.
  • Regulatory Compliance Practices: Regular maintenance of ‘Records of Processing Activities,’ performance of ‘Data Protection Impact Assessments’ (DPIA), and ‘Transfer Impact Assessments’ (TIA) ensure adherence to legal requirements.
  • Data Subject Rights Management: Efficient processes ensure timely responses to inquiries, complaints, and data subject rights requests, ensuring transparency and trust.
  • Privacy by Design: Strong technical and organizational measures are embedded into all processing activities, ensuring compliance through ‘Privacy by Default & Design’ principles.
  • Risk Management: Data protection risk management is fully integrated into Infineon’s Enterprise Risk Management Framework, with regular reviews and updates.
  • Audit and Certification: A mature audit program, complemented by internal and external audits, ensures adherence to both internal policies and external regulations. In addition, the independent certification of our DPMS under the IDW PS 980 standard further validates the system’s effectiveness.

Infineon’s unwavering commitment to privacy compliance is rooted in our dedication to building trust with all stakeholders. Through transparent processes, rigorous standards, and external validations, we ensure that personal data is always handled responsibly, securely, and lawfully. 

Want to know more

If you’d like to dive deeper into the specifics of how we process personal data, the purposes for which it is used, and the legal bases underpinning our practices, we invite you to explore our comprehensive Privacy Policy.

Our Privacy Policy also provides detailed insights into the rights of data subjects and information about Infineon’s portals and cookies. Rest assured, cookies are only used with the explicit consent of users, ensuring that we respect individual choices and promote responsible data practices.

We are proud to affirm that Infineon does not sell personal data under any circumstances, nor do we utilize personal data for any unlawful purposes. Our commitment to ethical data handling is backed by a spotless track record—Infineon has not received any substantiated complaints regarding breaches of customer privacy, nor have we identified any incidents of data leaks, theft, or loss affecting customer information. 

Contact information

Should you have further questions or require additional clarification, we are always here to provide support and guidance.

Infineon Technologies AG
Group Data Protection & Privacy
AID DPP
Am Campeon 1-15
85579 Neubiberg
Germany

By e-mail: dataprotection@infineon.com