Privacy policy

General information

The following information gives a simple overview of what happens to your personal data when you visit our website. Personal data is any data with which you can be identified personally. Please refer to our privacy policy below this text for detailed information on the topic of data protection.

Data collection on our website

Who is responsible for the data collection on this website?

The data processing on this website is provided by the website operator. Please refer to the legal notice on this website for their contact details.

How do we collect your data?

Your data is collected by you providing us with this information. For example, this may be data that you enter in a contact form.

Other data is automatically collected by our IT systems when you visit the website. This is primarily technical information (e.g. Internet browser, operating system or time of the website access). This data is collected automatically as soon as you enter our website.

What do we use your data for?

Some of the data is collected in order to ensure the error-free provision of the website. Other data can be used to analyse your user behaviour.

What rights do you have regarding your data?

You have the right at any time to receive information on the origin, recipient and purpose of the stored personal data. You also have the right to ask for this data to be corrected, blocked or deleted. You can contact us at any time about this and any further questions regarding data protection at the address specified in the legal notice. Furthermore, you have the right to lodge a complaint with the competent supervisory authority.

You also have the right to request the restriction of processing of your personal data under certain circumstances. For details on this, please refer to the privacy policy under “Right to the restriction of processing”.

2. General information and mandatory information

Data protection

The operators of this website take the protection of your personal data very seriously. We treat your personal data confidentially and according to the statutory data protection regulations and this privacy policy.

A variety of personal data is collected when you use this website. Personal data is data with which you can be identified personally. This privacy policy explains what information we collect and how we use it. It also explains how this is done and for what purpose.

We draw attention to the fact that data sent over the Internet (when communicating by e-mail for example) may be subject to security loopholes. It is not possible to completely protect such data against access by third parties.

Information about the controller

The controller for data processing on this website is:

BEHNCKE GmbH Munich

Friedrich-Bergius-Straße 19

D-85662 Hohenbrunn/München

Phone: +49 (0) 81 02. 98 488-0

E-mail: info@behncke.com

The controller is the natural or legal person who alone or jointly with others determines the purposes and means of the processing of personal data (e.g. name, e-mail addresses or similar).

Revocation of your consent for data processing

Many data processing operations are only possible with your explicit consent. You can revoke the consent that you have already given at any time. An informal communication by e-mail to us will suffice. The legality of the data processing up to the revocation remains unaffected by the revocation.

Right to object to data collection in special cases as well as direct advertising (Art. 21 of the GDPR)

If the data processing is carried out on the basis of Art. 6 para. 1 lit. e or f of the GDPR, you have the right at any time, on grounds relating to your particular situation, to object to the processing of your personal data; this also applies to profiling based on these provisions. Please refer to this privacy policy for the respective legal basis on which the processing is based. If you file an objection, we will no longer process your personal data unless we have compelling reasons to do so that outweigh your interests, rights and freedoms or the processing of the data is used to establish, exercise or defend legal claims (objection according to Art. 21 para. 1 of the GDPR).

If your personal data is processed for direct advertising purposes, you have the right at any time to object to the processing of the applicable personal data for the purpose of such advertising; this also applies to profiling, provided it is done in connection with such direct advertising. If you file an objection, your personal data will then no longer be used for the purpose of direct advertising (objection according to Art. 21 para. 2 of the GDPR).

Right to lodge a complaint with the competent supervisory authority

In case of infringements against the GDPR, the party concerned has the right to lodge a complaint with a supervisory authority, in particular in the Member State of their habitual residence, their place of work or the place of the alleged infringement. The right to lodge a complaint is without prejudice to any other administrative or judicial remedies.

Right to data portability

You have the right for data that we have automatically processed based on your consent or in the fulfilment of a contract to be handed over to you or a third party in a conventional machine-readable format. If you request the direct transmission of data to another responsible person, this may only be done insofar as it is technically feasible.

SSL or TLS encryption

This website uses SSL or TLS encryption for security reasons and for the protection of confidential content, for example, orders or enquiries that you send to us as the website operator. You can recognise an encrypted connection from the fact that the address bar of the browser changes from “http://” to “https://” and the lock symbol appears in your browser bar.

If SSL or TLS encryption is enabled, the data that you transmit to us cannot be read by third parties.

Information, blocking deletion and correction

You are entitled at any time to obtain information free of charge relating to your stored personal data, the origin and the recipient of the data as well as the purpose of the data processing within the scope of the applicable statutory provisions and you also have the right, where applicable, to correct, block or delete this data. You can contact us at any time about this and other questions relating to personal data at the address specified in the legal notice.

Right to restriction of processing

You have the right to request the restriction of processing of your personal data. You can contact us at any time at the address specified in the legal notice. The right to the restriction of processing exists in the following cases:

• if you dispute the accuracy of your personal data stored by us, we usually need time to check this. You have the right to request the restriction of processing of your personal data while this is being checked.
• If the processing of your personal data was / is unlawful, you can request the deletion instead of the restriction of processing of your data.
• If we no longer need your personal data, but you need it to exercise, defend or assert legal claims, you have the right to request the restriction of processing instead of the deletion of your personal data.
• If you have filed an objection in accordance with Art. 21, para. 1 of the GDPR, there must be a balance between your and our interests. If it is has not yet been established whose interests prevail, you have the right to request the restriction of processing of your personal data.
• If you have restricted the processing of your personal data, this data can only be processed – other than for its storage – with your consent or to establish, exercise or defend legal claims or to protect the rights of another natural or judicial person or for reasons of substantial public interest in the European Union or a Member State.

Objection to advertising e-mails

We hereby expressly prohibit the use of the contact data published as part of our duty to publish a legal notice for the transmission of not expressly solicited advertising and information material. The operators of the website expressly reserve the right to pursue legal steps in the event that unsolicited advertising material is sent, e.g. in the form of spam e-mails.

3. Data Protection Officer

Contacting the Data Protection Officer

Please send all requests and enquiries for information or objections to data processing by e-mail to datenschutz@behncke.com

4. Data collection on our website

Cookies

The website uses so-called cookies in part. Cookies do not damage your computer and do not contain viruses. Cookies are used to make our service more user-friendly, effective and secure. Cookies are small text files stored on your computer and saved by your browser.

Most of the cookies used by us are so-called “session cookies”. They are automatically deleted after your visit. Other cookies remain stored on your device until you delete them. These cookies enable us to recognise your browser on your next visit.

You can configure your browser so that you are informed about the setting of cookies and only allow cookies in individual cases, exclude the acceptance of cookies in certain cases or in general and activate the automatic deletion of cookies when closing the browser. The deactivation of cookies may restrict the functionality of this website.

Cookies required for the implementation of the electronic communication process or for the provision of certain functions requested by you (shopping cart function), are stored on the basis of Art. 6, para 1 lit. f of the GDPR. The website operator has a legitimate interest in the storage of cookies for the technically accurate and optimised provision of its services. If other cookie are stored (e.g. cookies to analyse your surfing behaviour), these are dealt with separately in this privacy policy.

Server log files

The provider of this website automatically collects and stores information in so-called server log files that your browser automatically sends to us. These are:

• Browser type and browser version
• Operating system used
• Referrer URL
• Host name of the accessing computer
• Time of the server request
• IP address

This data is not merged with any other data sources.

This data is collected based on Art. 6, para. 1 lit. f of the GDPR. The website operator has a legitimate interest in the technically accurate presentation and optimisation of its website – the server log files must be recorded for this purpose.

Contact form

If you send us enquiries using the contact form, we store your details from the enquiry form including the contact data supplied by you for the processing of your enquiry and in case of follow-up questions. We will not share this data without your consent.

The processing of the data entered in the contact form is therefore done solely on the basis of your consent (Art. 6, para. 1 lit. a of the GDPR). You can revoke this consent at any time. An informal communication by e-mail to us will suffice. The legality of the data processing operations up to the revocation remains unaffected by the revocation.

The data entered by you in the contact form remains with us until you ask us to delete it, you revoke your consent for it to be stored, or the purpose for it to be stored ceases to apply (e.g. after completing the processing of your enquiry). Mandatory statutory provisions – in particular retention periods – remain unaffected.

5. Plug-ins and tools

YouTube with enhanced data protection

Our website uses plug-ins from the YouTube website. The operator of the web pages is YouTube, LLC, 901 Cherry Ave., San Bruno, CA 94066, USA.

We use YouTube in enhanced data protection mode. According to YouTube, this mode means that no information about the visitors to the website are stored before they watch the video. However, the transfer of data to YouTube partners is not necessarily excluded in enhanced data protection mode. YouTube therefore establishes a connection to the Google DoubleClick network – regardless of whether you watch a video.

As soon as you start a YouTube video on our website, a connection is established to the YouTube servers. This informs the YouTube server which of our web pages you have visited. If you are logged into your YouTube account, you enable YouTube to assign your surfing behaviour directly to your personal profile. You can prevent this by logging out of your YouTube account.

Furthermore, YouTube can store various cookies on your device after starting a video. YouTube can obtain information about visitors to our website with the help of these cookies. This information is used to collect video statistics, improve ease of use and prevent fraud, amongst other things. The cookies remain on your device until you delete them.

Other data processing operations, over which we have no influence, may be enabled after you start a YouTube video.

YouTube is used in the interest of providing an appealing presentation of our online services. This represents a legitimate interest in accordance with Art. 6, para. 1 lit. f of the GDPR.

Further information on data protection at YouTube can be found in the provider’s privacy policy at: policies.google.com/privacy.

Google web fonts

This website uses web fonts provided by Google for the uniform presentation of fonts.

When you call up a web page, your browser loads the necessary web fonts in your browser cache in order to display texts and fonts correctly.

The browser used by you must establish a connection to the Google servers for this purpose.

Google thereby obtains knowledge that our website has been accessed by your IP address.

Google web fonts are used in the interest of providing a uniform and attractive presentation of our online services.

This represents a legitimate interest in accordance with Art. 6, para. 1 lit. f of the GDPR.

If your browser does not support web fonts, a standard font is used by your computer.

Further information on Google web fonts can be found at https://developers.google.com/fonts/faq and in the Google privacy policy: https://www.google.com/policies/privacy/.

QUOTATIONS | Information obligations according to Article 13 and Article 14 of the GDPR

The protection of your personal data is of great importance to us. We abide by the existing laws and would like to inform you below about the collection of personal data in individual procedures. Personal data is all the data related to you personally (e.g. name, address, e-mail address, telephone number, date of birth etc.)

1. Contact details of the controller and data protection officer

The controller according to Article 4, paragraph 7 of the GDPR is

BEHNCKE GmbH, represented by Stephanie Behncke-Weber, Caroline Behncke-Wild and Markus Weber

Michael-Haslbeck-Straße 13, D-85640 Putzbrunn/Munich

info@behncke.com

Phone: +49 (0)89 45 69 17-0

Fax: +49 (0)89 46 85 11

The company data protection officer at BEHNCKE GmbH can be contacted at the above-mentioned address, stating for the attention of the data protection officer, or using the following e-mail address: datenschutz@behncke.com

2. Purpose and legal basis of the data processing

Quotations

The possible consequences of failure to provide the data are: The purpose of the data processing may not be fulfilled.

The processing is necessary for pre-contractual measures at the request of the person concerned.

Further processing is performed only if you have given your consent or legal permission has been granted.

3. Categories and individual recipient areas of the personal data

(1) Within our company, the only areas with access to your data are those that need the data to fulfil our contractual or statutory obligations. These areas receive the appropriate training and are obliged to safeguard the confidentiality of your personal data.

(2) In addition, we can transmit your personal data to other recipients, such as authorities, courts, social security institutions to fulfil statutory notification obligations, or also persons bound by professional confidentiality (e.g. tax consultants, lawyers) insofar as it is necessary to comply with statutory requirements or in order to protect our legitimate interest.

(3) Sometimes we use external service providers in the European Economic Area to process your data in order to fulfil contractual or statutory obligations. These service providers have been carefully selected, commissioned in writing and are bound by our instructions. They are regularly monitored by us. The service providers will not pass this data on to third parties, but delete it after fulfilment of the contract or conclusion of the statutory retention periods, in so far as you have given your consent to the further retention of the data. We are not currently using external service providers.

(4) We adopt the latest technical measures to ensure the protection of personal data. These are adapted in each case to the latest technological standards.

4. Length of data retention

We delete your personal data as soon as it is no longer required for the above-mentioned purposes. We would like to point out that personal data is stored for the period in which claims can be asserted against our company and as far as we are required to do so by law. Statutory limitation periods and retention obligations that come into question due to commercial and tax regulations, amongst other things. After the expiry of these periods, the collected data is deleted or blocked if the data cannot be deleted immediately.

The retention period for the quotation procedure is then 10 years

5. Data protection rights of the person concerned

(1) You have the right at any time to request information concerning the information stored about you (Article 15 of the GDPR) at the above-mentioned address. You also have the right to request the correction of the data under the conditions set out in Article 16 of the GDPR, the deletion of the data under the conditions set out in Article 17 of the GDPR and the restriction of processing of the data under the conditions set out in Article 18 of the GDPR. You can also request the transfer of data at any time under the conditions set out in Article 20 of the GDPR, provided that the data is still stored.

(2) We process your personal data to safeguard a legitimate interest (Article 6, paragraph 1 S. 1 lit. f) of the GDPR); you can object to the processing of the data about you at any time for the future. In the case of an objection, we have to refrain from any further processing of your data for the above-mentioned purposes unless there are compelling legitimate grounds that outweigh your interests, rights and freedoms or that are required to establish, exercise or defend legal claims.

(3) If the processing of personal data about you is based on your consent, you have the right to revoke your consent at any time. The legality of the processing carried out on the basis of the consent up to the revocation is not affected by this (Article 7, paragraph 3 of the GDPR).

(4) You also have the option to complain to the competent supervisory authority about data protection issues. The supervisory responsible for our company can be contacted at the following address:

Bayerisches Landesamt für Datenschutzaufsicht (Bavarian State Data Protection Supervision Office), Promenade 18, 91522 Ansbach: PO Box 606, 91511 Ansbach Phone: +49 (0)981/180093-0 Fax: +49 (0)981/180093-99 E-mail: poststelle@lda.bayern.de Website: http://www.lda.bayern.de

(5) If we make an automated case-by-case decision without human influence, you will be notified that you have the right under the conditions of Article 22, paragraph 3 of the GDPR to receive information and an explanation about this decision and to have this checked by a member of staff.

6. Contact and updating of information obligations

Please send all information, requests for information, revocations or objections to data processing to our data protection officer by e-mail to datenschutz@behncke.com or in writing to the above-mentioned address, for the attention of the data protection officer.

These information obligations can be adapted at a later date due to changes, for example, to the statutory provisions. The current version of this information can be found at www.behncke.com

ARCHIVING OF CUSTOMER SALES DATA | Information obligations according to Article 13 and Article 14 of the GDPR

The protection of your personal data is of great importance to us. We abide by the existing laws and would like to inform you below about the collection of personal data in individual procedures. Personal data is all the data related to you personally (e.g. name, address, e-mail address, telephone number, date of birth etc.)

1. Contact details of the controller and data protection officer

The controller according to Article 4, paragraph 7 of the GDPR is

BEHNCKE GmbH, represented by Stephanie Behncke-Weber, Caroline Behncke-Wild and Markus Weber

Michael-Haslbeck-Straße 13, D-85640 Putzbrunn/Munich

info@behncke.com

Phone: +49 (0)89 45 69 17-0

Fax: +49 (0)89 46 85 11

The company data protection officer at BEHNCKE GmbH can be contacted at the above-mentioned address, stating for the attention of the data protection officer, or using the following e-mail address: datenschutz@behncke.com

datenschutz@behncke.com

2. Purpose and legal basis of the data processing

Archiving of customer sales data

The possible consequences of failure to provide the data are: The purpose of the data processing may not be fulfilled.

The processing is necessary to fulfil a legal obligation of the controller responsible for the processing

Further processing is performed only if you have given your consent or legal permission has been granted.

3. Categories and individual recipient areas of the personal data

(1) Within our company, the only areas with access to your data are those that need the data to fulfil our contractual or statutory obligations. These areas receive the appropriate training and are obliged to safeguard the confidentiality of your personal data.

(2) In addition, we can transmit your personal data to other recipients, such as authorities, courts, social security institutions to fulfil statutory notification obligations, or also persons bound by professional confidentiality (e.g. tax consultants, lawyers) insofar as it is necessary to comply with statutory requirements or in order to protect our legitimate interest.

(3) Sometimes we use external service providers in the European Economic Area to process your data in order to fulfil contractual or statutory obligations. These service providers have been carefully selected, commissioned in writing and are bound by our instructions. They are regularly monitored by us. The service providers will not pass this data on to third parties, but delete it after fulfilment of the contract or conclusion of the statutory retention periods, in so far as you have given your consent to the further retention of the data. We are not currently using external service providers.

(4) We adopt the latest technical measures to ensure the protection of personal data. These are adapted in each case to the latest technological standards.

4. Length of data retention

We delete your personal data as soon as it is no longer required for the above-mentioned purposes. We would like to point out that personal data is stored for the period in which claims can be asserted against our company and as far as we are required to do so by law. Statutory limitation periods and retention obligations that come into question due to commercial and tax regulations, amongst other things. After the expiry of these periods, the collected data is deleted or blocked if the data cannot be deleted immediately.

The retention period for the archiving of customer sales data procedure is then 10 years

5. Data protection rights of the person concerned

(1) You have the right at any time to request information concerning the information stored about you (Article 15 of the GDPR) at the above-mentioned address. You also have the right to request the correction of the data under the conditions set out in Article 16 of the GDPR, the deletion of the data under the conditions set out in Article 17 of the GDPR and the restriction of processing of the data under the conditions set out in Article 18 of the GDPR. You can also request the transfer of data at any time under the conditions set out in Article 20 of the GDPR, provided that the data is still stored.

(2) We process your personal data to safeguard a legitimate interest (Article 6, paragraph 1 S. 1 lit. f) of the GDPR); you can object to the processing of the data about you at any time for the future. In the case of an objection, we have to refrain from any further processing of your data for the above-mentioned purposes unless there are compelling legitimate grounds that outweigh your interests, rights and freedoms or that are required to establish, exercise or defend legal claims.

(3) If the processing of personal data about you is based on your consent, you have the right to revoke your consent at any time. The legality of the processing carried out on the basis of the consent up to the revocation is not affected by this (Article 7, paragraph 3 of the GDPR).

(4) You also have the option to complain to the competent supervisory authority about data protection issues. The supervisory responsible for our company can be contacted at the following address:

Bayerisches Landesamt für Datenschutzaufsicht (Bavarian State Data Protection Supervision Office), Promenade 18, 91522 Ansbach: PO Box 606, 91511 Ansbach Phone: +49 (0)981/180093-0 Fax: +49 (0)981/180093-99 E-mail: poststelle@lda.bayern.de Website: http://www.lda.bayern.de

(5) If we make an automated case-by-case decision without human influence, you will be notified that you have the right under the conditions of Article 22, paragraph 3 of the GDPR to receive information and an explanation about this decision and to have this checked by a member of staff.

6. Contact and updating of information obligations

Please send all information, requests for information, revocations or objections to data processing to our data protection officer by e-mail to datenschutz@behncke.com or in writing to the above-mentioned address, for the attention of the data protection officer.

These information obligations can be adapted at a later date due to changes, for example, to the statutory provisions. The current version of this information can be found at www.behncke.com

ORDER CONFIRMATIONS | Information obligations according to Article 13 and Article 14 of the GDPR

The protection of your personal data is of great importance to us. We abide by the existing laws and would like to inform you below about the collection of personal data in individual procedures. Personal data is all the data related to you personally (e.g. name, address, e-mail address, telephone number, date of birth etc.)

1. Contact details of the controller and data protection officer

The controller according to Article 4, paragraph 7 of the GDPR is

BEHNCKE GmbH, represented by Stephanie Behncke-Weber, Caroline Behncke-Wild and Markus Weber

Michael-Haslbeck-Straße 13, D-85640 Putzbrunn/Munich

info@behncke.com

Phone: +49 (0)89 45 69 17-0

Fax: +49 (0)89 46 85 11

The company data protection officer at BEHNCKE GmbH can be contacted at the above-mentioned address, stating for the attention of the data protection officer, or using the following e-mail address: datenschutz@behncke.com

datenschutz@behncke.com

2. Purpose and legal basis of the data processing

Order confirmations

The possible consequences of failure to provide the data are: The purpose of the data processing may not be fulfilled.

The processing is necessary for pre-contractual measures at the request of the person concerned.

Further processing is performed only if you have given your consent or legal permission has been granted.

3. Categories and individual recipient areas of the personal data

(1) Within our company, the only areas with access to your data are those that need the data to fulfil our contractual or statutory obligations. These areas receive the appropriate training and are obliged to safeguard the confidentiality of your personal data.

(2) In addition, we can transmit your personal data to other recipients, such as authorities, courts, social security institutions to fulfil statutory notification obligations, or also persons bound by professional confidentiality (e.g. tax consultants, lawyers) insofar as it is necessary to comply with statutory requirements or in order to protect our legitimate interest.

(3) Sometimes we use external service providers in the European Economic Area to process your data in order to fulfil contractual or statutory obligations. These service providers have been carefully selected, commissioned in writing and are bound by our instructions. They are regularly monitored by us. The service providers will not pass this data on to third parties, but delete it after fulfilment of the contract or conclusion of the statutory retention periods, in so far as you have given your consent to the further retention of the data. We are not currently using external service providers.

(4) We adopt the latest technical measures to ensure the protection of personal data. These are adapted in each case to the latest technological standards.

4. Length of data retention

We delete your personal data as soon as it is no longer required for the above-mentioned purposes. We would like to point out that personal data is stored for the period in which claims can be asserted against our company and as far as we are required to do so by law. Statutory limitation periods and retention obligations that come into question due to commercial and tax regulations, amongst other things. After the expiry of these periods, the collected data is deleted or blocked if the data cannot be deleted immediately.

The retention period for the order confirmation procedure is then 10 years

5. Data protection rights of the person concerned

(1) You have the right at any time to request information concerning the information stored about you (Article 15 of the GDPR) at the above-mentioned address. You also have the right to request the correction of the data under the conditions set out in Article 16 of the GDPR, the deletion of the data under the conditions set out in Article 17 of the GDPR and the restriction of processing of the data under the conditions set out in Article 18 of the GDPR. You can also request the transfer of data at any time under the conditions set out in Article 20 of the GDPR, provided that the data is still stored.

(2) We process your personal data to safeguard a legitimate interest (Article 6, paragraph 1 S. 1 lit. f) of the GDPR); you can object to the processing of the data about you at any time for the future. In the case of an objection, we have to refrain from any further processing of your data for the above-mentioned purposes unless there are compelling legitimate grounds that outweigh your interests, rights and freedoms or that are required to establish, exercise or defend legal claims.

(3) If the processing of personal data about you is based on your consent, you have the right to revoke your consent at any time. The legality of the processing carried out on the basis of the consent up to the revocation is not affected by this (Article 7, paragraph 3 of the GDPR).

(4) You also have the option to complain to the competent supervisory authority about data protection issues. The supervisory responsible for our company can be contacted at the following address:

Bayerisches Landesamt für Datenschutzaufsicht (Bavarian State Data Protection Supervision Office), Promenade 18, 91522 Ansbach: PO Box 606, 91511 Ansbach Phone: +49 (0)981/180093-0 Fax: +49 (0)981/180093-99 E-mail: poststelle@lda.bayern.de Website: http://www.lda.bayern.de

(5) If we make an automated case-by-case decision without human influence, you will be notified that you have the right under the conditions of Article 22, paragraph 3 of the GDPR to receive information and an explanation about this decision and to have this checked by a member of staff.

6. Contact and updating of information obligations

Please send all information, requests for information, revocations or objections to data processing to our data protection officer by e-mail to datenschutz@behncke.com or in writing to the above-mentioned address, for the attention of the data protection officer.

These information obligations can be adapted at a later date due to changes, for example, to the statutory provisions. The current version of this information can be found at www.behncke.com

EVALUATION OF CUSTOMER FEEDBACK | Information obligations according to Article 13 and Article 14 of the GDPR

The protection of your personal data is of great importance to us. We abide by the existing laws and would like to inform you below about the collection of personal data in individual procedures. Personal data is all the data related to you personally (e.g. name, address, e-mail address, telephone number, date of birth etc.)

1. Contact details of the controller and data protection officer

The controller according to Article 4, paragraph 7 of the GDPR is

BEHNCKE GmbH, represented by Stephanie Behncke-Weber, Caroline Behncke-Wild and Markus Weber

Michael-Haslbeck-Straße 13, D-85640 Putzbrunn/Munich

info@behncke.com

Phone: +49 (0)89 45 69 17-0

Fax: +49 (0)89 46 85 11

The company data protection officer at BEHNCKE GmbH can be contacted at the above-mentioned address, stating for the attention of the data protection officer, or using the following e-mail address: datenschutz@behncke.com

datenschutz@behncke.com

2. Purpose and legal basis of the data processing

Evaluation of customer feedback

The possible consequences of failure to provide the data are: The purpose of the data processing may not be fulfilled.

Data processing for the purpose of a justified interest if it does not stand in the way of the legitimate interest

Further processing is performed only if you have given your consent or legal permission has been granted.

3. Categories and individual recipient areas of the personal data

(1) Within our company, the only areas with access to your data are those that need the data to fulfil our contractual or statutory obligations. These areas receive the appropriate training and are obliged to safeguard the confidentiality of your personal data.

(2) In addition, we can transmit your personal data to other recipients, such as authorities, courts, social security institutions to fulfil statutory notification obligations, or also persons bound by professional confidentiality (e.g. tax consultants, lawyers) insofar as it is necessary to comply with statutory requirements or in order to protect our legitimate interest.

(3) Sometimes we use external service providers in the European Economic Area to process your data in order to fulfil contractual or statutory obligations. These service providers have been carefully selected, commissioned in writing and are bound by our instructions. They are regularly monitored by us. The service providers will not pass this data on to third parties, but delete it after fulfilment of the contract or conclusion of the statutory retention periods, in so far as you have given your consent to the further retention of the data. We are not currently using external service providers.

(4) We adopt the latest technical measures to ensure the protection of personal data. These are adapted in each case to the latest technological standards.

4. Length of data retention

We delete your personal data as soon as it is no longer required for the above-mentioned purposes. We would like to point out that personal data is stored for the period in which claims can be asserted against our company and as far as we are required to do so by law. Statutory limitation periods and retention obligations that come into question due to commercial and tax regulations, amongst other things. After the expiry of these periods, the collected data is deleted or blocked if the data cannot be deleted immediately.

The retention period for the evaluation of customer feedback procedure is then 10 years

5. Data protection rights of the person concerned

(1) You have the right at any time to request information concerning the information stored about you (Article 15 of the GDPR) at the above-mentioned address. You also have the right to request the correction of the data under the conditions set out in Article 16 of the GDPR, the deletion of the data under the conditions set out in Article 17 of the GDPR and the restriction of processing of the data under the conditions set out in Article 18 of the GDPR. You can also request the transfer of data at any time under the conditions set out in Article 20 of the GDPR, provided that the data is still stored.

(2) We process your personal data to safeguard a legitimate interest (Article 6, paragraph 1 S. 1 lit. f) of the GDPR); you can object to the processing of the data about you at any time for the future. In the case of an objection, we have to refrain from any further processing of your data for the above-mentioned purposes unless there are compelling legitimate grounds that outweigh your interests, rights and freedoms or that are required to establish, exercise or defend legal claims.

(3) If the processing of personal data about you is based on your consent, you have the right to revoke your consent at any time. The legality of the processing carried out on the basis of the consent up to the revocation is not affected by this (Article 7, paragraph 3 of the GDPR).

(4) You also have the option to complain to the competent supervisory authority about data protection issues. The supervisory responsible for our company can be contacted at the following address:

Bayerisches Landesamt für Datenschutzaufsicht (Bavarian State Data Protection Supervision Office), Promenade 18, 91522 Ansbach: PO Box 606, 91511 Ansbach Phone: +49 (0)981/180093-0 Fax: +49 (0)981/180093-99 E-mail: poststelle@lda.bayern.de Website: http://www.lda.bayern.de

(5) If we make an automated case-by-case decision without human influence, you will be notified that you have the right under the conditions of Article 22, paragraph 3 of the GDPR to receive information and an explanation about this decision and to have this checked by a member of staff.

6. Contact and updating of information obligations

Please send all information, requests for information, revocations or objections to data processing to our data protection officer by e-mail to datenschutz@behncke.com or in writing to the above-mentioned address, for the attention of the data protection officer.

These information obligations can be adapted at a later date due to changes, for example, to the statutory provisions. The current version of this information can be found at www.behncke.com

BACKUPS | Information obligations according to Article 13 and Article 14 of the GDPR

The protection of your personal data is of great importance to us. We abide by the existing laws and would like to inform you below about the collection of personal data in individual procedures. Personal data is all the data related to you personally (e.g. name, address, e-mail address, telephone number, date of birth etc.)

1. Contact details of the controller and data protection officer

The controller according to Article 4, paragraph 7 of the GDPR is

BEHNCKE GmbH, represented by Stephanie Behncke-Weber, Caroline Behncke-Wild and Markus Weber

Michael-Haslbeck-Straße 13, D-85640 Putzbrunn/Munich

info@behncke.com

Phone: +49 (0)89 45 69 17-0

Fax: +49 (0)89 46 85 11

The company data protection officer at BEHNCKE GmbH can be contacted at the above-mentioned address, stating for the attention of the data protection officer, or using the following e-mail address: datenschutz@behncke.com

datenschutz@behncke.com

2. Purpose and legal basis of the data processing

Backups

The possible consequences of failure to provide the data are: The purpose of the data processing may not be fulfilled.

A justified interest (balance of interests) if it does not stand in the way of the legitimate interests (especially relating to children)

Further processing is performed only if you have given your consent or legal permission has been granted.

3. Categories and individual recipient areas of the personal data

(1) Within our company, the only areas with access to your data are those that need the data to fulfil our contractual or statutory obligations. These areas receive the appropriate training and are obliged to safeguard the confidentiality of your personal data.

(2) In addition, we can transmit your personal data to other recipients, such as authorities, courts, social security institutions to fulfil statutory notification obligations, or also persons bound by professional confidentiality (e.g. tax consultants, lawyers) insofar as it is necessary to comply with statutory requirements or in order to protect our legitimate interest.

(3) Sometimes we use external service providers in the European Economic Area to process your data in order to fulfil contractual or statutory obligations. These service providers have been carefully selected, commissioned in writing and are bound by our instructions. They are regularly monitored by us. The service providers will not pass this data on to third parties, but delete it after fulfilment of the contract or conclusion of the statutory retention periods, in so far as you have given your consent to the further retention of the data. We are not currently using external service providers.

(4) We adopt the latest technical measures to ensure the protection of personal data. These are adapted in each case to the latest technological standards.

4. Length of data retention

We delete your personal data as soon as it is no longer required for the above-mentioned purposes. We would like to point out that personal data is stored for the period in which claims can be asserted against our company and as far as we are required to do so by law. Statutory limitation periods and retention obligations that come into question due to commercial and tax regulations, amongst other things. After the expiry of these periods, the collected data is deleted or blocked if the data cannot be deleted immediately.

The retention period for the backup procedure is then 10 years

5. Data protection rights of the person concerned

(1) You have the right at any time to request information concerning the information stored about you (Article 15 of the GDPR) at the above-mentioned address. You also have the right to request the correction of the data under the conditions set out in Article 16 of the GDPR, the deletion of the data under the conditions set out in Article 17 of the GDPR and the restriction of processing of the data under the conditions set out in Article 18 of the GDPR. You can also request the transfer of data at any time under the conditions set out in Article 20 of the GDPR, provided that the data is still stored.

(2) We process your personal data to safeguard a legitimate interest (Article 6, paragraph 1 S. 1 lit. f) of the GDPR); you can object to the processing of the data about you at any time for the future. In the case of an objection, we have to refrain from any further processing of your data for the above-mentioned purposes unless there are compelling legitimate grounds that outweigh your interests, rights and freedoms or that are required to establish, exercise or defend legal claims.

(3) If the processing of personal data about you is based on your consent, you have the right to revoke your consent at any time. The legality of the processing carried out on the basis of the consent up to the revocation is not affected by this (Article 7, paragraph 3 of the GDPR).

(4) You also have the option to complain to the competent supervisory authority about data protection issues. The supervisory responsible for our company can be contacted at the following address:

Bayerisches Landesamt für Datenschutzaufsicht (Bavarian State Data Protection Supervision Office), Promenade 18, 91522 Ansbach: PO Box 606, 91511 Ansbach Phone: +49 (0)981/180093-0 Fax: +49 (0)981/180093-99 E-mail: poststelle@lda.bayern.de Website: http://www.lda.bayern.de

(5) If we make an automated case-by-case decision without human influence, you will be notified that you have the right under the conditions of Article 22, paragraph 3 of the GDPR to receive information and an explanation about this decision and to have this checked by a member of staff.

6. Contact and updating of information obligations

Please send all information, requests for information, revocations or objections to data processing to our data protection officer by e-mail to datenschutz@behncke.com or in writing to the above-mentioned address, for the attention of the data protection officer.

These information obligations can be adapted at a later date due to changes, for example, to the statutory provisions. The current version of this information can be found at www.behncke.com

APPLICATIONS (E-MAIL / POST) | Information obligations according to Article 13 and Article 14 of the GDPR

The protection of your personal data is of great importance to us. We abide by the existing laws and would like to inform you below about the collection of personal data in individual procedures. Personal data is all the data related to you personally (e.g. name, address, e-mail address, telephone number, date of birth etc.)

1. Contact details of the controller and data protection officer

The controller according to Article 4, paragraph 7 of the GDPR is

BEHNCKE GmbH, represented by Stephanie Behncke-Weber, Caroline Behncke-Wild and Markus Weber

Michael-Haslbeck-Straße 13, D-85640 Putzbrunn/Munich

info@behncke.com

Phone: +49 (0)89 45 69 17-0

Fax: +49 (0)89 46 85 11

The company data protection officer at BEHNCKE GmbH can be contacted at the above-mentioned address, stating for the attention of the data protection officer, or using the following e-mail address: datenschutz@behncke.com

datenschutz@behncke.com

2. Purpose and legal basis of the data processing

Applications (e-mail/post)

The possible consequences of failure to provide the data are: The purpose of the data processing cannot be fulfilled.

The processing is necessary for pre-contractual measures at the request of the person concerned.

Further processing is performed only if you have given your consent or legal permission has been granted.

3. Categories and individual recipient areas of the personal data

(1) Within our company, the only areas with access to your data are those that need the data to fulfil our contractual or statutory obligations. These areas receive the appropriate training and are obliged to safeguard the confidentiality of your personal data.

(2) In addition, we can transmit your personal data to other recipients, such as authorities, courts, social security institutions to fulfil statutory notification obligations, or also persons bound by professional confidentiality (e.g. tax consultants, lawyers) insofar as it is necessary to comply with statutory requirements or in order to protect our legitimate interest.

(3) Sometimes we use external service providers in the European Economic Area to process your data in order to fulfil contractual or statutory obligations. These service providers have been carefully selected, commissioned in writing and are bound by our instructions. They are regularly monitored by us. The service providers will not pass this data on to third parties, but delete it after fulfilment of the contract or conclusion of the statutory retention periods, in so far as you have given your consent to the further retention of the data. We are not currently using external service providers.

(4) We adopt the latest technical measures to ensure the protection of personal data. These are adapted in each case to the latest technological standards.

4. Length of data retention

We delete your personal data as soon as it is no longer required for the above-mentioned purposes. We would like to point out that personal data is stored for the period in which claims can be asserted against our company and as far as we are required to do so by law. Statutory limitation periods and retention obligations that come into question due to commercial and tax regulations, amongst other things. After the expiry of these periods, the collected data is deleted or blocked if the data cannot be deleted immediately.

The retention period for the application procedure (e-mail/post) is then 6 months.

5. Data protection rights of the person concerned

(1) You have the right at any time to request information concerning the information stored about you (Article 15 of the GDPR) at the above-mentioned address. You also have the right to request the correction of the data under the conditions set out in Article 16 of the GDPR, the deletion of the data under the conditions set out in Article 17 of the GDPR and the restriction of processing of the data under the conditions set out in Article 18 of the GDPR. You can also request the transfer of data at any time under the conditions set out in Article 20 of the GDPR, provided that the data is still stored.

(2) We process your personal data to safeguard a legitimate interest (Article 6, paragraph 1 S. 1 lit. f) of the GDPR); you can object to the processing of the data about you at any time for the future. In the case of an objection, we have to refrain from any further processing of your data for the above-mentioned purposes unless there are compelling legitimate grounds that outweigh your interests, rights and freedoms or that are required to establish, exercise or defend legal claims.

(3) If the processing of personal data about you is based on your consent, you have the right to revoke your consent at any time. The legality of the processing carried out on the basis of the consent up to the revocation is not affected by this (Article 7, paragraph 3 of the GDPR).

(4) You also have the option to complain to the competent supervisory authority about data protection issues. The supervisory responsible for our company can be contacted at the following address:

Bayerisches Landesamt für Datenschutzaufsicht (Bavarian State Data Protection Supervision Office), Promenade 18, 91522 Ansbach: PO Box 606, 91511 Ansbach Phone: +49 (0)981/180093-0 Fax: +49 (0)981/180093-99 E-mail: poststelle@lda.bayern.de Website: http://www.lda.bayern.de

(5) If we make an automated case-by-case decision without human influence, you will be notified that you have the right under the conditions of Article 22, paragraph 3 of the GDPR to receive information and an explanation about this decision and to have this checked by a member of staff.

6. Contact and updating of information obligations

Please send all information, requests for information, revocations or objections to data processing to our data protection officer by e-mail to datenschutz@behncke.com or in writing to the above-mentioned address, for the attention of the data protection officer.

These information obligations can be adapted at a later date due to changes, for example, to the statutory provisions. The current version of this information can be found at www.behncke.com

CREDIT CHECK | Information obligations according to Article 13 and Article 14 of the GDPR

The protection of your personal data is of great importance to us. We abide by the existing laws and would like to inform you below about the collection of personal data in individual procedures. Personal data is all the data related to you personally (e.g. name, address, e-mail address, telephone number, date of birth etc.)

1. Contact details of the controller and data protection officer

The controller according to Article 4, paragraph 7 of the GDPR is

BEHNCKE GmbH, represented by Stephanie Behncke-Weber, Caroline Behncke-Wild and Markus Weber

Michael-Haslbeck-Straße 13, D-85640 Putzbrunn/Munich

info@behncke.com

Phone: +49 (0)89 45 69 17-0

Fax: +49 (0)89 46 85 11

The company data protection officer at BEHNCKE GmbH can be contacted at the above-mentioned address, stating for the attention of the data protection officer, or using the following e-mail address: datenschutz@behncke.com

datenschutz@behncke.com

2. Purpose and legal basis of the data processing

Credit check

The possible consequences of failure to provide the data are: The purpose of the data processing cannot

be fulfilled.

The processing is necessary for the fulfilment of a contract with the person concerned.

The processing is necessary for pre-contractual measures at the request of the person concerned.

Further processing is performed only if you have given your consent or legal permission has been granted.

3. Categories and individual recipient areas of the personal data

(1) Within our company, the only areas with access to your data are those that need the data to fulfil our contractual or statutory obligations. These areas receive the appropriate training and are obliged to safeguard the confidentiality of your personal data.

(2) In addition, we can transmit your personal data to other recipients, such as authorities, courts, social security institutions to fulfil statutory notification obligations, or also persons bound by professional confidentiality (e.g. tax consultants, lawyers) insofar as it is necessary to comply with statutory requirements or in order to protect our legitimate interest.

(3) Sometimes we use external service providers in the European Economic Area to process your data in order to fulfil contractual or statutory obligations. These service providers have been carefully selected, commissioned in writing and are bound by our instructions. They are regularly monitored by us. The service providers will not pass this data on to third parties, but delete it after fulfilment of the contract or conclusion of the statutory retention periods, in so far as you have given your consent to the further retention of the data. We use the following external service providers:

Euler Hermes Aktiengesellschaft

22746 Hamburg

(4) We adopt the latest technical measures to ensure the protection of personal data. These are adapted in each case to the latest technological standards.

4. Length of data retention

We delete your personal data as soon as it is no longer required for the above-mentioned purposes. We would like to point out that personal data is stored for the period in which claims can be asserted against our company and as far as we are required to do so by law. Statutory limitation periods and retention obligations that come into question due to commercial and tax regulations, amongst other things. After the expiry of these periods, the collected data is deleted or blocked if the data cannot be deleted immediately.

The retention period for the credit check procedure is then 10 years

5. Data protection rights of the person concerned

(1) You have the right at any time to request information concerning the information stored about you (Article 15 of the GDPR) at the above-mentioned address. You also have the right to request the correction of the data under the conditions set out in Article 16 of the GDPR, the deletion of the data under the conditions set out in Article 17 of the GDPR and the restriction of processing of the data under the conditions set out in Article 18 of the GDPR. You can also request the transfer of data at any time under the conditions set out in Article 20 of the GDPR, provided that the data is still stored.

(2) We process your personal data to safeguard a legitimate interest (Article 6, paragraph 1 S. 1 lit. f) of the GDPR); you can object to the processing of the data about you at any time for the future. In the case of an objection, we have to refrain from any further processing of your data for the above-mentioned purposes unless there are compelling legitimate grounds that outweigh your interests, rights and freedoms or that are required to establish, exercise or defend legal claims.

(3) If the processing of personal data about you is based on your consent, you have the right to revoke your consent at any time. The legality of the processing carried out on the basis of the consent up to the revocation is not affected by this (Article 7, paragraph 3 of the GDPR).

(4) You also have the option to complain to the competent supervisory authority about data protection issues. The supervisory responsible for our company can be contacted at the following address:

Bayerisches Landesamt für Datenschutzaufsicht (Bavarian State Data Protection Supervision Office), Promenade 18, 91522 Ansbach: PO Box 606, 91511 Ansbach Phone: +49 (0)981/180093-0 Fax: +49 (0)981/180093-99 E-mail: poststelle@lda.bayern.de Website: http://www.lda.bayern.de

(5) If we make an automated case-by-case decision without human influence, you will be notified that you have the right under the conditions of Article 22, paragraph 3 of the GDPR to receive information and an explanation about this decision and to have this checked by a member of staff.

6. Contact and updating of information obligations

Please send all information, requests for information, revocations or objections to data processing to our data protection officer by e-mail to datenschutz@behncke.com or in writing to the above-mentioned address, for the attention of the data protection officer.

These information obligations can be adapted at a later date due to changes, for example, to the statutory provisions. The current version of this information can be found at www.behncke.com

E-MAIL CORRESPONDENCE | Information obligations according to Article 13 and Article 14 of the GDPR

The protection of your personal data is of great importance to us. We abide by the existing laws and would like to inform you below about the collection of personal data in individual procedures. Personal data is all the data related to you personally (e.g. name, address, e-mail address, telephone number, date of birth etc.)

1. Contact details of the controller and data protection officer

The controller according to Article 4, paragraph 7 of the GDPR is

BEHNCKE GmbH, represented by Stephanie Behncke-Weber, Caroline Behncke-Wild and Markus Weber

Michael-Haslbeck-Straße 13, D-85640 Putzbrunn/Munich

info@behncke.com

Phone: +49 (0)89 45 69 17-0

Fax: +49 (0)89 46 85 11

The company data protection officer at BEHNCKE GmbH can be contacted at the above-mentioned address, stating for the attention of the data protection officer, or using the following e-mail address: datenschutz@behncke.com

datenschutz@behncke.com

2. Purpose and legal basis of the data processing

E-mail correspondence

The possible consequences of failure to provide the data are: The purpose of the data processing cannot

be fulfilled.

The processing is necessary for the fulfilment of a contract with the person concerned.

The processing is necessary for pre-contractual measures at the request of the person concerned.

Further processing is performed only if you have given your consent or legal permission has been granted.

3. Categories and individual recipient areas of the personal data

(1) Within our company, the only areas with access to your data are those that need the data to fulfil our contractual or statutory obligations. These areas receive the appropriate training and are obliged to safeguard the confidentiality of your personal data.

(2) In addition, we can transmit your personal data to other recipients, such as authorities, courts, social security institutions to fulfil statutory notification obligations, or also persons bound by professional confidentiality (e.g. tax consultants, lawyers) insofar as it is necessary to comply with statutory requirements or in order to protect our legitimate interest.

(3) Sometimes we use external service providers in the European Economic Area to process your data in order to fulfil contractual or statutory obligations. These service providers have been carefully selected, commissioned in writing and are bound by our instructions. They are regularly monitored by us. The service providers will not pass this data on to third parties, but delete it after fulfilment of the contract or conclusion of the statutory retention periods, in so far as you have given your consent to the further retention of the data. We use the following external service providers:

Microsoft

(4) We adopt the latest technical measures to ensure the protection of personal data. These are adapted in each case to the latest technological standards.

4. Length of data retention

We delete your personal data as soon as it is no longer required for the above-mentioned purposes. We would like to point out that personal data is stored for the period in which claims can be asserted against our company and as far as we are required to do so by law. Statutory limitation periods and retention obligations that come into question due to commercial and tax regulations, amongst other things. After the expiry of these periods, the collected data is deleted or blocked if the data cannot be deleted immediately.

The retention period for the e-mail correspondence procedure is then 10 years

5. Data protection rights of the person concerned

(1) You have the right at any time to request information concerning the information stored about you (Article 15 of the GDPR) at the above-mentioned address. You also have the right to request the correction of the data under the conditions set out in Article 16 of the GDPR, the deletion of the data under the conditions set out in Article 17 of the GDPR and the restriction of processing of the data under the conditions set out in Article 18 of the GDPR. You can also request the transfer of data at any time under the conditions set out in Article 20 of the GDPR, provided that the data is still stored.

(2) We process your personal data to safeguard a legitimate interest (Article 6, paragraph 1 S. 1 lit. f) of the GDPR); you can object to the processing of the data about you at any time for the future. In the case of an objection, we have to refrain from any further processing of your data for the above-mentioned purposes unless there are compelling legitimate grounds that outweigh your interests, rights and freedoms or that are required to establish, exercise or defend legal claims.

(3) If the processing of personal data about you is based on your consent, you have the right to revoke your consent at any time. The legality of the processing carried out on the basis of the consent up to the revocation is not affected by this (Article 7, paragraph 3 of the GDPR).

(4) You also have the option to complain to the competent supervisory authority about data protection issues. The supervisory responsible for our company can be contacted at the following address:

Bayerisches Landesamt für Datenschutzaufsicht (Bavarian State Data Protection Supervision Office), Promenade 18, 91522 Ansbach: PO Box 606, 91511 Ansbach Phone: +49 (0)981/180093-0 Fax: +49 (0)981/180093-99 E-mail: poststelle@lda.bayern.de Website: http://www.lda.bayern.de

(5) If we make an automated case-by-case decision without human influence, you will be notified that you have the right under the conditions of Article 22, paragraph 3 of the GDPR to receive information and an explanation about this decision and to have this checked by a member of staff.

6. Contact and updating of information obligations

Please send all information, requests for information, revocations or objections to data processing to our data protection officer by e-mail to datenschutz@behncke.com or in writing to the above-mentioned address, for the attention of the data protection officer.

These information obligations can be adapted at a later date due to changes, for example, to the statutory provisions. The current version of this information can be found at www.behncke.com

EC PAYMENTS | Information obligations according to Article 13 and Article 14 of the GDPR

The protection of your personal data is of great importance to us. We abide by the existing laws and would like to inform you below about the collection of personal data in individual procedures. Personal data is all the data related to you personally (e.g. name, address, e-mail address, telephone number, date of birth etc.)

1. Contact details of the controller and data protection officer

The controller according to Article 4, paragraph 7 of the GDPR is

BEHNCKE GmbH, represented by Stephanie Behncke-Weber, Caroline Behncke-Wild and Markus Weber

Michael-Haslbeck-Straße 13, D-85640 Putzbrunn/Munich

info@behncke.com

Phone: +49 (0)89 45 69 17-0

Fax: +49 (0)89 46 85 11

The company data protection officer at BEHNCKE GmbH can be contacted at the above-mentioned address, stating for the attention of the data protection officer, or using the following e-mail address: datenschutz@behncke.com

datenschutz@behncke.com

2. Purpose and legal basis of the data processing

EC payments

The possible consequences of failure to provide the data are: The purpose of the data processing cannot

be fulfilled.

The processing is necessary for the fulfilment of a contract with the person concerned.

Further processing is performed only if you have given your consent or legal permission has been granted.

3. Categories and individual recipient areas of the personal data

(1) Within our company, the only areas with access to your data are those that need the data to fulfil our contractual or statutory obligations. These areas receive the appropriate training and are obliged to safeguard the confidentiality of your personal data.

(2) In addition, we can transmit your personal data to other recipients, such as authorities, courts, social security institutions to fulfil statutory notification obligations, or also persons bound by professional confidentiality (e.g. tax consultants, lawyers) insofar as it is necessary to comply with statutory requirements or in order to protect our legitimate interest.

(3) Sometimes we use external service providers in the European Economic Area to process your data in order to fulfil contractual or statutory obligations. These service providers have been carefully selected, commissioned in writing and are bound by our instructions. They are regularly monitored by us. The service providers will not pass this data on to third parties, but delete it after fulfilment of the contract or conclusion of the statutory retention periods, in so far as you have given your consent to the further retention of the data. We are not currently using external service providers.

(4) We adopt the latest technical measures to ensure the protection of personal data. These are adapted in each case to the latest technological standards.

4. Length of data retention

We delete your personal data as soon as it is no longer required for the above-mentioned purposes. We would like to point out that personal data is stored for the period in which claims can be asserted against our company and as far as we are required to do so by law. Statutory limitation periods and retention obligations that come into question due to commercial and tax regulations, amongst other things. After the expiry of these periods, the collected data is deleted or blocked if the data cannot be deleted immediately.

The retention period for the EC payment procedure is then 10 years

5. Data protection rights of the person concerned

(1) You have the right at any time to request information concerning the information stored about you (Article 15 of the GDPR) at the above-mentioned address. You also have the right to request the correction of the data under the conditions set out in Article 16 of the GDPR, the deletion of the data under the conditions set out in Article 17 of the GDPR and the restriction of processing of the data under the conditions set out in Article 18 of the GDPR. You can also request the transfer of data at any time under the conditions set out in Article 20 of the GDPR, provided that the data is still stored.

(2) We process your personal data to safeguard a legitimate interest (Article 6, paragraph 1 S. 1 lit. f) of the GDPR); you can object to the processing of the data about you at any time for the future. In the case of an objection, we have to refrain from any further processing of your data for the above-mentioned purposes unless there are compelling legitimate grounds that outweigh your interests, rights and freedoms or that are required to establish, exercise or defend legal claims.

(3) If the processing of personal data about you is based on your consent, you have the right to revoke your consent at any time. The legality of the processing carried out on the basis of the consent up to the revocation is not affected by this (Article 7, paragraph 3 of the GDPR).

(4) You also have the option to complain to the competent supervisory authority about data protection issues. The supervisory responsible for our company can be contacted at the following address:

Bayerisches Landesamt für Datenschutzaufsicht (Bavarian State Data Protection Supervision Office), Promenade 18, 91522 Ansbach: PO Box 606, 91511 Ansbach Phone: +49 (0)981/180093-0 Fax: +49 (0)981/180093-99 E-mail: poststelle@lda.bayern.de Website: http://www.lda.bayern.de

(5) If we make an automated case-by-case decision without human influence, you will be notified that you have the right under the conditions of Article 22, paragraph 3 of the GDPR to receive information and an explanation about this decision and to have this checked by a member of staff.

6. Contact and updating of information obligations

Please send all information, requests for information, revocations or objections to data processing to our data protection officer by e-mail to datenschutz@behncke.com or in writing to the above-mentioned address, for the attention of the data protection officer.

These information obligations can be adapted at a later date due to changes, for example, to the statutory provisions. The current version of this information can be found at www.behncke.com

ELECTRONIC PAYMENT TRANSACTIONS | Information obligations according to Article 13 and Article 14 of the GDPR

The protection of your personal data is of great importance to us. We abide by the existing laws and would like to inform you below about the collection of personal data in individual procedures. Personal data is all the data related to you personally (e.g. name, address, e-mail address, telephone number, date of birth etc.)

1. Contact details of the controller and data protection officer

The controller according to Article 4, paragraph 7 of the GDPR is

BEHNCKE GmbH, represented by Stephanie Behncke-Weber, Caroline Behncke-Wild and Markus Weber

Michael-Haslbeck-Straße 13, D-85640 Putzbrunn/Munich

info@behncke.com

Phone: +49 (0)89 45 69 17-0

Fax: +49 (0)89 46 85 11

The company data protection officer at BEHNCKE GmbH can be contacted at the above-mentioned address, stating for the attention of the data protection officer, or using the following e-mail address: datenschutz@behncke.com

datenschutz@behncke.com

2. Purpose and legal basis of the data processing

Electronic payment transactions

The possible consequences of failure to provide the data are: The purpose of the data processing cannot be fulfilled.

The processing is necessary for the fulfilment of a contract with the person concerned.

Data processing for the purpose of employment – Section 26 of the German Data Protection Act

Further processing is performed only if you have given your consent or legal permission has been granted.

3. Categories and individual recipient areas of the personal data

(1) Within our company, the only areas with access to your data are those that need the data to fulfil our contractual or statutory obligations. These areas receive the appropriate training and are obliged to safeguard the confidentiality of your personal data.

(2) In addition, we can transmit your personal data to other recipients, such as authorities, courts, social security institutions to fulfil statutory notification obligations, or also persons bound by professional confidentiality (e.g. tax consultants, lawyers) insofar as it is necessary to comply with statutory requirements or in order to protect our legitimate interest.

(3) Sometimes we use external service providers in the European Economic Area to process your data in order to fulfil contractual or statutory obligations. These service providers have been carefully selected, commissioned in writing and are bound by our instructions. They are regularly monitored by us. The service providers will not pass this data on to third parties, but delete it after fulfilment of the contract or conclusion of the statutory retention periods, in so far as you have given your consent to the further retention of the data. We are not currently using external service providers.

(4) We adopt the latest technical measures to ensure the protection of personal data. These are adapted in each case to the latest technological standards.

4. Length of data retention

We delete your personal data as soon as it is no longer required for the above-mentioned purposes. We would like to point out that personal data is stored for the period in which claims can be asserted against our company and as far as we are required to do so by law. Statutory limitation periods and retention obligations that come into question due to commercial and tax regulations, amongst other things. After the expiry of these periods, the collected data is deleted or blocked if the data cannot be deleted immediately.

The retention period for the electronic payment transaction procedure is then 10 years

5. Data protection rights of the person concerned

(1) You have the right at any time to request information concerning the information stored about you (Article 15 of the GDPR) at the above-mentioned address. You also have the right to request the correction of the data under the conditions set out in Article 16 of the GDPR, the deletion of the data under the conditions set out in Article 17 of the GDPR and the restriction of processing of the data under the conditions set out in Article 18 of the GDPR. You can also request the transfer of data at any time under the conditions set out in Article 20 of the GDPR, provided that the data is still stored.

(2) We process your personal data to safeguard a legitimate interest (Article 6, paragraph 1 S. 1 lit. f) of the GDPR); you can object to the processing of the data about you at any time for the future. In the case of an objection, we have to refrain from any further processing of your data for the above-mentioned purposes unless there are compelling legitimate grounds that outweigh your interests, rights and freedoms or that are required to establish, exercise or defend legal claims.

(3) If the processing of personal data about you is based on your consent, you have the right to revoke your consent at any time. The legality of the processing carried out on the basis of the consent up to the revocation is not affected by this (Article 7, paragraph 3 of the GDPR).

(4) You also have the option to complain to the competent supervisory authority about data protection issues. The supervisory responsible for our company can be contacted at the following address:

Bayerisches Landesamt für Datenschutzaufsicht (Bavarian State Data Protection Supervision Office), Promenade 18, 91522 Ansbach: PO Box 606, 91511 Ansbach Phone: +49 (0)981/180093-0 Fax: +49 (0)981/180093-99 E-mail: poststelle@lda.bayern.de Website: http://www.lda.bayern.de

(5) If we make an automated case-by-case decision without human influence, you will be notified that you have the right under the conditions of Article 22, paragraph 3 of the GDPR to receive information and an explanation about this decision and to have this checked by a member of staff.

6. Contact and updating of information obligations

Please send all information, requests for information, revocations or objections to data processing to our data protection officer by e-mail to datenschutz@behncke.com or in writing to the above-mentioned address, for the attention of the data protection officer.

These information obligations can be adapted at a later date due to changes, for example, to the statutory provisions. The current version of this information can be found at www.behncke.com

E-MAILS | Information obligations according to Article 13 and Article 14 of the GDPR

The protection of your personal data is of great importance to us. We abide by the existing laws and would like to inform you below about the collection of personal data in individual procedures. Personal data is all the data related to you personally (e.g. name, address, e-mail address, telephone number, date of birth etc.)

1. Contact details of the controller and data protection officer

The controller according to Article 4, paragraph 7 of the GDPR is

BEHNCKE GmbH, represented by Stephanie Behncke-Weber, Caroline Behncke-Wild and Markus Weber

Michael-Haslbeck-Straße 13, D-85640 Putzbrunn/Munich

info@behncke.com

Phone: +49 (0)89 45 69 17-0

Fax: +49 (0)89 46 85 11

The company data protection officer at BEHNCKE GmbH can be contacted at the above-mentioned address, stating for the attention of the data protection officer, or using the following e-mail address: datenschutz@behncke.com

datenschutz@behncke.com

2. Purpose and legal basis of the data processing

E-mails

The possible consequences of failure to provide the data are: The purpose of the data processing cannot be fulfilled.

A justified interest (balance of interests) if it does not stand in the way of the legitimate interests (especially relating to children)

Further processing is performed only if you have given your consent or legal permission has been granted.

3. Categories and individual recipient areas of the personal data

(1) Within our company, the only areas with access to your data are those that need the data to fulfil our contractual or statutory obligations. These areas receive the appropriate training and are obliged to safeguard the confidentiality of your personal data.

(2) In addition, we can transmit your personal data to other recipients, such as authorities, courts, social security institutions to fulfil statutory notification obligations, or also persons bound by professional confidentiality (e.g. tax consultants, lawyers) insofar as it is necessary to comply with statutory requirements or in order to protect our legitimate interest.

(3) Sometimes we use external service providers in the European Economic Area to process your data in order to fulfil contractual or statutory obligations. These service providers have been carefully selected, commissioned in writing and are bound by our instructions. They are regularly monitored by us. The service providers will not pass this data on to third parties, but delete it after fulfilment of the contract or conclusion of the statutory retention periods, in so far as you have given your consent to the further retention of the data. We use the following external service providers:

Microsoft

(4) We adopt the latest technical measures to ensure the protection of personal data. These are adapted in each case to the latest technological standards.

4. Length of data retention

We delete your personal data as soon as it is no longer required for the above-mentioned purposes. We would like to point out that personal data is stored for the period in which claims can be asserted against our company and as far as we are required to do so by law. Statutory limitation periods and retention obligations that come into question due to commercial and tax regulations, amongst other things. After the expiry of these periods, the collected data is deleted or blocked if the data cannot be deleted immediately.

The retention period for the e-mail procedure is then: after the purpose has been fulfilled

5. Data protection rights of the person concerned

(1) You have the right at any time to request information concerning the information stored about you (Article 15 of the GDPR) at the above-mentioned address. You also have the right to request the correction of the data under the conditions set out in Article 16 of the GDPR, the deletion of the data under the conditions set out in Article 17 of the GDPR and the restriction of processing of the data under the conditions set out in Article 18 of the GDPR. You can also request the transfer of data at any time under the conditions set out in Article 20 of the GDPR, provided that the data is still stored.

(2) We process your personal data to safeguard a legitimate interest (Article 6, paragraph 1 S. 1 lit. f) of the GDPR); you can object to the processing of the data about you at any time for the future. In the case of an objection, we have to refrain from any further processing of your data for the above-mentioned purposes unless there are compelling legitimate grounds that outweigh your interests, rights and freedoms or that are required to establish, exercise or defend legal claims.

(3) If the processing of personal data about you is based on your consent, you have the right to revoke your consent at any time. The legality of the processing carried out on the basis of the consent up to the revocation is not affected by this (Article 7, paragraph 3 of the GDPR).

(4) You also have the option to complain to the competent supervisory authority about data protection issues. The supervisory responsible for our company can be contacted at the following address:

Bayerisches Landesamt für Datenschutzaufsicht (Bavarian State Data Protection Supervision Office), Promenade 18, 91522 Ansbach: PO Box 606, 91511 Ansbach Phone: +49 (0)981/180093-0 Fax: +49 (0)981/180093-99 E-mail: poststelle@lda.bayern.de Website: http://www.lda.bayern.de

(5) If we make an automated case-by-case decision without human influence, you will be notified that you have the right under the conditions of Article 22, paragraph 3 of the GDPR to receive information and an explanation about this decision and to have this checked by a member of staff.

6. Contact and updating of information obligations

Please send all information, requests for information, revocations or objections to data processing to our data protection officer by e-mail to datenschutz@behncke.com or in writing to the above-mentioned address, for the attention of the data protection officer.

These information obligations can be adapted at a later date due to changes, for example, to the statutory provisions. The current version of this information can be found at www.behncke.com

ACCOUNTING | Information obligations according to Article 13 and Article 14 of the GDPR

The protection of your personal data is of great importance to us. We abide by the existing laws and would like to inform you below about the collection of personal data in individual procedures. Personal data is all the data related to you personally (e.g. name, address, e-mail address, telephone number, date of birth etc.)

1. Contact details of the controller and data protection officer

The controller according to Article 4, paragraph 7 of the GDPR is

BEHNCKE GmbH, represented by Stephanie Behncke-Weber, Caroline Behncke-Wild and Markus Weber

Michael-Haslbeck-Straße 13, D-85640 Putzbrunn/Munich

info@behncke.com

Phone: +49 (0)89 45 69 17-0

Fax: +49 (0)89 46 85 11

The company data protection officer at BEHNCKE GmbH can be contacted at the above-mentioned address, stating for the attention of the data protection officer, or using the following e-mail address: datenschutz@behncke.com

datenschutz@behncke.com

2. Purpose and legal basis of the data processing

Accounting

The possible consequences of failure to provide the data are: The purpose of the data processing cannot be fulfilled.

The processing is necessary to fulfil a legal obligation of the controller responsible for the processing

Further processing is performed only if you have given your consent or legal permission has been granted.

3. Categories and individual recipient areas of the personal data

(1) Within our company, the only areas with access to your data are those that need the data to fulfil our contractual or statutory obligations. These areas receive the appropriate training and are obliged to safeguard the confidentiality of your personal data.

(2) In addition, we can transmit your personal data to other recipients, such as authorities, courts, social security institutions to fulfil statutory notification obligations, or also persons bound by professional confidentiality (e.g. tax consultants, lawyers) insofar as it is necessary to comply with statutory requirements or in order to protect our legitimate interest.

(3) Sometimes we use external service providers in the European Economic Area to process your data in order to fulfil contractual or statutory obligations. These service providers have been carefully selected, commissioned in writing and are bound by our instructions. They are regularly monitored by us. The service providers will not pass this data on to third parties, but delete it after fulfilment of the contract or conclusion of the statutory retention periods, in so far as you have given your consent to the further retention of the data. We are not currently using external service providers.

(4) We adopt the latest technical measures to ensure the protection of personal data. These are adapted in each case to the latest technological standards.

4. Length of data retention

We delete your personal data as soon as it is no longer required for the above-mentioned purposes. We would like to point out that personal data is stored for the period in which claims can be asserted against our company and as far as we are required to do so by law. Statutory limitation periods and retention obligations that come into question due to commercial and tax regulations, amongst other things. After the expiry of these periods, the collected data is deleted or blocked if the data cannot be deleted immediately.

The retention period for the accounting procedure is then 10 years

5. Data protection rights of the person concerned

(1) You have the right at any time to request information concerning the information stored about you (Article 15 of the GDPR) at the above-mentioned address. You also have the right to request the correction of the data under the conditions set out in Article 16 of the GDPR, the deletion of the data under the conditions set out in Article 17 of the GDPR and the restriction of processing of the data under the conditions set out in Article 18 of the GDPR. You can also request the transfer of data at any time under the conditions set out in Article 20 of the GDPR, provided that the data is still stored.

(2) We process your personal data to safeguard a legitimate interest (Article 6, paragraph 1 S. 1 lit. f) of the GDPR); you can object to the processing of the data about you at any time for the future. In the case of an objection, we have to refrain from any further processing of your data for the above-mentioned purposes unless there are compelling legitimate grounds that outweigh your interests, rights and freedoms or that are required to establish, exercise or defend legal claims.

(3) If the processing of personal data about you is based on your consent, you have the right to revoke your consent at any time. The legality of the processing carried out on the basis of the consent up to the revocation is not affected by this (Article 7, paragraph 3 of the GDPR).

(4) You also have the option to complain to the competent supervisory authority about data protection issues. The supervisory responsible for our company can be contacted at the following address:

Bayerisches Landesamt für Datenschutzaufsicht (Bavarian State Data Protection Supervision Office), Promenade 18, 91522 Ansbach: PO Box 606, 91511 Ansbach Phone: +49 (0)981/180093-0 Fax: +49 (0)981/180093-99 E-mail: poststelle@lda.bayern.de Website: http://www.lda.bayern.de

(5) If we make an automated case-by-case decision without human influence, you will be notified that you have the right under the conditions of Article 22, paragraph 3 of the GDPR to receive information and an explanation about this decision and to have this checked by a member of staff.

6. Contact and updating of information obligations

Please send all information, requests for information, revocations or objections to data processing to our data protection officer by e-mail to datenschutz@behncke.com or in writing to the above-mentioned address, for the attention of the data protection officer.

These information obligations can be adapted at a later date due to changes, for example, to the statutory provisions. The current version of this information can be found at www.behncke.com

ISO 9001 | Information obligations according to Article 13 and Article 14 of the GDPR

The protection of your personal data is of great importance to us. We abide by the existing laws and would like to inform you below about the collection of personal data in individual procedures. Personal data is all the data related to you personally (e.g. name, address, e-mail address, telephone number, date of birth etc.)

1. Contact details of the controller and data protection officer

The controller according to Article 4, paragraph 7 of the GDPR is

BEHNCKE GmbH, represented by Stephanie Behncke-Weber, Caroline Behncke-Wild and Markus Weber

Michael-Haslbeck-Straße 13, D-85640 Putzbrunn/Munich

info@behncke.com

Phone: +49 (0)89 45 69 17-0

Fax: +49 (0)89 46 85 11

The company data protection officer at BEHNCKE GmbH can be contacted at the above-mentioned address, stating for the attention of the data protection officer, or using the following e-mail address: datenschutz@behncke.com

datenschutz@behncke.com

2. Purpose and legal basis of the data processing

ISO 9001

The possible consequences of failure to provide the data are: The purpose of the data processing cannot be fulfilled.

The processing is necessary for the fulfilment of a contract with the person concerned.

Further processing is performed only if you have given your consent or legal permission has been granted.

3. Categories and individual recipient areas of the personal data

(1) Within our company, the only areas with access to your data are those that need the data to fulfil our contractual or statutory obligations. These areas receive the appropriate training and are obliged to safeguard the confidentiality of your personal data.

(2) In addition, we can transmit your personal data to other recipients, such as authorities, courts, social security institutions to fulfil statutory notification obligations, or also persons bound by professional confidentiality (e.g. tax consultants, lawyers) insofar as it is necessary to comply with statutory requirements or in order to protect our legitimate interest.

(3) Sometimes we use external service providers in the European Economic Area to process your data in order to fulfil contractual or statutory obligations. These service providers have been carefully selected, commissioned in writing and are bound by our instructions. They are regularly monitored by us. The service providers will not pass this data on to third parties, but delete it after fulfilment of the contract or conclusion of the statutory retention periods, in so far as you have given your consent to the further retention of the data. We use the following external service providers:

TÜV Austria, Deutschstraße 10, 1230 Vienna, Austria

(4) We adopt the latest technical measures to ensure the protection of personal data. These are adapted in each case to the latest technological standards.

4. Length of data retention

We delete your personal data as soon as it is no longer required for the above-mentioned purposes. We would like to point out that personal data is stored for the period in which claims can be asserted against our company and as far as we are required to do so by law. Statutory limitation periods and retention obligations that come into question due to commercial and tax regulations, amongst other things. After the expiry of these periods, the collected data is deleted or blocked if the data cannot be deleted immediately.

The retention period for the ISO 9001 procedure is then 10 years

5. Data protection rights of the person concerned

(1) You have the right at any time to request information concerning the information stored about you (Article 15 of the GDPR) at the above-mentioned address. You also have the right to request the correction of the data under the conditions set out in Article 16 of the GDPR, the deletion of the data under the conditions set out in Article 17 of the GDPR and the restriction of processing of the data under the conditions set out in Article 18 of the GDPR. You can also request the transfer of data at any time under the conditions set out in Article 20 of the GDPR, provided that the data is still stored.

(2) We process your personal data to safeguard a legitimate interest (Article 6, paragraph 1 S. 1 lit. f) of the GDPR); you can object to the processing of the data about you at any time for the future. In the case of an objection, we have to refrain from any further processing of your data for the above-mentioned purposes unless there are compelling legitimate grounds that outweigh your interests, rights and freedoms or that are required to establish, exercise or defend legal claims.

(3) If the processing of personal data about you is based on your consent, you have the right to revoke your consent at any time. The legality of the processing carried out on the basis of the consent up to the revocation is not affected by this (Article 7, paragraph 3 of the GDPR).

(4) You also have the option to complain to the competent supervisory authority about data protection issues. The supervisory responsible for our company can be contacted at the following address:

Bayerisches Landesamt für Datenschutzaufsicht (Bavarian State Data Protection Supervision Office), Promenade 18, 91522 Ansbach: PO Box 606, 91511 Ansbach Phone: +49 (0)981/180093-0 Fax: +49 (0)981/180093-99 E-mail: poststelle@lda.bayern.de Website: http://www.lda.bayern.de

(5) If we make an automated case-by-case decision without human influence, you will be notified that you have the right under the conditions of Article 22, paragraph 3 of the GDPR to receive information and an explanation about this decision and to have this checked by a member of staff.

6. Contact and updating of information obligations

Please send all information, requests for information, revocations or objections to data processing to our data protection officer by e-mail to datenschutz@behncke.com or in writing to the above-mentioned address, for the attention of the data protection officer.

These information obligations can be adapted at a later date due to changes, for example, to the statutory provisions. The current version of this information can be found at www.behncke.com

WEBSITE CONTACT FORMS | Information obligations according to Article 13 and Article 14 of the GDPR

The protection of your personal data is of great importance to us. We abide by the existing laws and would like to inform you below about the collection of personal data in individual procedures. Personal data is all the data related to you personally (e.g. name, address, e-mail address, telephone number, date of birth etc.)

1. Contact details of the controller and data protection officer

The controller according to Article 4, paragraph 7 of the GDPR is

BEHNCKE GmbH, represented by Stephanie Behncke-Weber, Caroline Behncke-Wild and Markus Weber

Michael-Haslbeck-Straße 13, D-85640 Putzbrunn/Munich

info@behncke.com

Phone: +49 (0)89 45 69 17-0

Fax: +49 (0)89 46 85 11

The company data protection officer at BEHNCKE GmbH can be contacted at the above-mentioned address, stating for the attention of the data protection officer, or using the following e-mail address: datenschutz@behncke.com

datenschutz@behncke.com

2. Purpose and legal basis of the data processing

Website contact forms

The possible consequences of failure to provide the data are: The purpose of the data processing cannot be fulfilled.

The processing is necessary for pre-contractual measures at the request of the person concerned.

Further processing is performed only if you have given your consent or legal permission has been granted.

3. Categories and individual recipient areas of the personal data

(1) Within our company, the only areas with access to your data are those that need the data to fulfil our contractual or statutory obligations. These areas receive the appropriate training and are obliged to safeguard the confidentiality of your personal data.

(2) In addition, we can transmit your personal data to other recipients, such as authorities, courts, social security institutions to fulfil statutory notification obligations, or also persons bound by professional confidentiality (e.g. tax consultants, lawyers) insofar as it is necessary to comply with statutory requirements or in order to protect our legitimate interest.

(3) Sometimes we use external service providers in the European Economic Area to process your data in order to fulfil contractual or statutory obligations. These service providers have been carefully selected, commissioned in writing and are bound by our instructions. They are regularly monitored by us. The service providers will not pass this data on to third parties, but delete it after fulfilment of the contract or conclusion of the statutory retention periods, in so far as you have given your consent to the further retention of the data. We use the following external service providers:

domainfactory GmbH, Oskar-Messter-Straße 33, 85737 Ismaning

(4) We adopt the latest technical measures to ensure the protection of personal data. These are adapted in each case to the latest technological standards.

4. Length of data retention

We delete your personal data as soon as it is no longer required for the above-mentioned purposes. We would like to point out that personal data is stored for the period in which claims can be asserted against our company and as far as we are required to do so by law. Statutory limitation periods and retention obligations that come into question due to commercial and tax regulations, amongst other things. After the expiry of these periods, the collected data is deleted or blocked if the data cannot be deleted immediately.

The retention period for the website contact form procedure is then 1 month

5. Data protection rights of the person concerned

(1) You have the right at any time to request information concerning the information stored about you (Article 15 of the GDPR) at the above-mentioned address. You also have the right to request the correction of the data under the conditions set out in Article 16 of the GDPR, the deletion of the data under the conditions set out in Article 17 of the GDPR and the restriction of processing of the data under the conditions set out in Article 18 of the GDPR. You can also request the transfer of data at any time under the conditions set out in Article 20 of the GDPR, provided that the data is still stored.

(2) We process your personal data to safeguard a legitimate interest (Article 6, paragraph 1 S. 1 lit. f) of the GDPR); you can object to the processing of the data about you at any time for the future. In the case of an objection, we have to refrain from any further processing of your data for the above-mentioned purposes unless there are compelling legitimate grounds that outweigh your interests, rights and freedoms or that are required to establish, exercise or defend legal claims.

(3) If the processing of personal data about you is based on your consent, you have the right to revoke your consent at any time. The legality of the processing carried out on the basis of the consent up to the revocation is not affected by this (Article 7, paragraph 3 of the GDPR).

(4) You also have the option to complain to the competent supervisory authority about data protection issues. The supervisory responsible for our company can be contacted at the following address:

Bayerisches Landesamt für Datenschutzaufsicht (Bavarian State Data Protection Supervision Office), Promenade 18, 91522 Ansbach: PO Box 606, 91511 Ansbach Phone: +49 (0)981/180093-0 Fax: +49 (0)981/180093-99 E-mail: poststelle@lda.bayern.de Website: http://www.lda.bayern.de

(5) If we make an automated case-by-case decision without human influence, you will be notified that you have the right under the conditions of Article 22, paragraph 3 of the GDPR to receive information and an explanation about this decision and to have this checked by a member of staff.

6. Contact and updating of information obligations

Please send all information, requests for information, revocations or objections to data processing to our data protection officer by e-mail to datenschutz@behncke.com or in writing to the above-mentioned address, for the attention of the data protection officer.

These information obligations can be adapted at a later date due to changes, for example, to the statutory provisions. The current version of this information can be found at www.behncke.com

REMINDERS | Information obligations according to Article 13 and Article 14 of the GDPR

The protection of your personal data is of great importance to us. We abide by the existing laws and would like to inform you below about the collection of personal data in individual procedures. Personal data is all the data related to you personally (e.g. name, address, e-mail address, telephone number, date of birth etc.)

1. Contact details of the controller and data protection officer

The controller according to Article 4, paragraph 7 of the GDPR is

BEHNCKE GmbH, represented by Stephanie Behncke-Weber, Caroline Behncke-Wild and Markus Weber

Michael-Haslbeck-Straße 13, D-85640 Putzbrunn/Munich

info@behncke.com

Phone: +49 (0)89 45 69 17-0

Fax: +49 (0)89 46 85 11

The company data protection officer at BEHNCKE GmbH can be contacted at the above-mentioned address, stating for the attention of the data protection officer, or using the following e-mail address: datenschutz@behncke.com

datenschutz@behncke.com

2. Purpose and legal basis of the data processing

Reminders

The possible consequences of failure to provide the data are: The purpose of the data processing cannot be fulfilled.

The processing is necessary for the fulfilment of a contract with the person concerned.

Further processing is performed only if you have given your consent or legal permission has been granted.

3. Categories and individual recipient areas of the personal data

(1) Within our company, the only areas with access to your data are those that need the data to fulfil our contractual or statutory obligations. These areas receive the appropriate training and are obliged to safeguard the confidentiality of your personal data.

(2) In addition, we can transmit your personal data to other recipients, such as authorities, courts, social security institutions to fulfil statutory notification obligations, or also persons bound by professional confidentiality (e.g. tax consultants, lawyers) insofar as it is necessary to comply with statutory requirements or in order to protect our legitimate interest.

(3) Sometimes we use external service providers in the European Economic Area to process your data in order to fulfil contractual or statutory obligations. These service providers have been carefully selected, commissioned in writing and are bound by our instructions. They are regularly monitored by us. The service providers will not pass this data on to third parties, but delete it after fulfilment of the contract or conclusion of the statutory retention periods, in so far as you have given your consent to the further retention of the data. We are not currently using external service providers.

(4) We adopt the latest technical measures to ensure the protection of personal data. These are adapted in each case to the latest technological standards.

4. Length of data retention

We delete your personal data as soon as it is no longer required for the above-mentioned purposes. We would like to point out that personal data is stored for the period in which claims can be asserted against our company and as far as we are required to do so by law. Statutory limitation periods and retention obligations that come into question due to commercial and tax regulations, amongst other things. After the expiry of these periods, the collected data is deleted or blocked if the data cannot be deleted immediately.

The retention period for the reminder procedure is then 10 years

5. Data protection rights of the person concerned

(1) You have the right at any time to request information concerning the information stored about you (Article 15 of the GDPR) at the above-mentioned address. You also have the right to request the correction of the data under the conditions set out in Article 16 of the GDPR, the deletion of the data under the conditions set out in Article 17 of the GDPR and the restriction of processing of the data under the conditions set out in Article 18 of the GDPR. You can also request the transfer of data at any time under the conditions set out in Article 20 of the GDPR, provided that the data is still stored.

(2) We process your personal data to safeguard a legitimate interest (Article 6, paragraph 1 S. 1 lit. f) of the GDPR); you can object to the processing of the data about you at any time for the future. In the case of an objection, we have to refrain from any further processing of your data for the above-mentioned purposes unless there are compelling legitimate grounds that outweigh your interests, rights and freedoms or that are required to establish, exercise or defend legal claims.

(3) If the processing of personal data about you is based on your consent, you have the right to revoke your consent at any time. The legality of the processing carried out on the basis of the consent up to the revocation is not affected by this (Article 7, paragraph 3 of the GDPR).

(4) You also have the option to complain to the competent supervisory authority about data protection issues. The supervisory responsible for our company can be contacted at the following address:

Bayerisches Landesamt für Datenschutzaufsicht (Bavarian State Data Protection Supervision Office), Promenade 18, 91522 Ansbach: PO Box 606, 91511 Ansbach Phone: +49 (0)981/180093-0 Fax: +49 (0)981/180093-99 E-mail: poststelle@lda.bayern.de Website: http://www.lda.bayern.de

(5) If we make an automated case-by-case decision without human influence, you will be notified that you have the right under the conditions of Article 22, paragraph 3 of the GDPR to receive information and an explanation about this decision and to have this checked by a member of staff.

6. Contact and updating of information obligations

Please send all information, requests for information, revocations or objections to data processing to our data protection officer by e-mail to datenschutz@behncke.com or in writing to the above-mentioned address, for the attention of the data protection officer.

These information obligations can be adapted at a later date due to changes, for example, to the statutory provisions. The current version of this information can be found at www.behncke.com

NEWSLETTER DISTRIBUTION | Information obligations according to Article 13 and Article 14 of the GDPR

The protection of your personal data is of great importance to us. We abide by the existing laws and would like to inform you below about the collection of personal data in individual procedures. Personal data is all the data related to you personally (e.g. name, address, e-mail address, telephone number, date of birth etc.)

1. Contact details of the controller and data protection officer

The controller according to Article 4, paragraph 7 of the GDPR is

BEHNCKE GmbH, represented by Stephanie Behncke-Weber, Caroline Behncke-Wild and Markus Weber

Michael-Haslbeck-Straße 13, D-85640 Putzbrunn/Munich

info@behncke.com

Phone: +49 (0)89 45 69 17-0

Fax: +49 (0)89 46 85 11

The company data protection officer at BEHNCKE GmbH can be contacted at the above-mentioned address, stating for the attention of the data protection officer, or using the following e-mail address: datenschutz@behncke.com

datenschutz@behncke.com

2. Purpose and legal basis of the data processing

Newsletter distribution

The possible consequences of failure to provide the data are: The purpose of the data processing cannot be fulfilled.

The legal basis is the justified interest if it does not stand in the way of the legitimate interests

Further processing is performed only if you have given your consent or legal permission has been granted.

3. Categories and individual recipient areas of the personal data

(1) Within our company, the only areas with access to your data are those that need the data to fulfil our contractual or statutory obligations. These areas receive the appropriate training and are obliged to safeguard the confidentiality of your personal data.

(2) In addition, we can transmit your personal data to other recipients, such as authorities, courts, social security institutions to fulfil statutory notification obligations, or also persons bound by professional confidentiality (e.g. tax consultants, lawyers) insofar as it is necessary to comply with statutory requirements or in order to protect our legitimate interest.

(3) Sometimes we use external service providers in the European Economic Area to process your data in order to fulfil contractual or statutory obligations. These service providers have been carefully selected, commissioned in writing and are bound by our instructions. They are regularly monitored by us. The service providers will not pass this data on to third parties, but delete it after fulfilment of the contract or conclusion of the statutory retention periods, in so far as you have given your consent to the further retention of the data. We are not currently using external service providers.

(4) We adopt the latest technical measures to ensure the protection of personal data. These are adapted in each case to the latest technological standards.

4. Length of data retention

We delete your personal data as soon as it is no longer required for the above-mentioned purposes. We would like to point out that personal data is stored for the period in which claims can be asserted against our company and as far as we are required to do so by law. Statutory limitation periods and retention obligations that come into question due to commercial and tax regulations, amongst other things. After the expiry of these periods, the collected data is deleted or blocked if the data cannot be deleted immediately.

The retention period for the newsletter distribution procedure is then 10 years

5. Data protection rights of the person concerned

(1) You have the right at any time to request information concerning the information stored about you (Article 15 of the GDPR) at the above-mentioned address. You also have the right to request the correction of the data under the conditions set out in Article 16 of the GDPR, the deletion of the data under the conditions set out in Article 17 of the GDPR and the restriction of processing of the data under the conditions set out in Article 18 of the GDPR. You can also request the transfer of data at any time under the conditions set out in Article 20 of the GDPR, provided that the data is still stored.

(2) We process your personal data to safeguard a legitimate interest (Article 6, paragraph 1 S. 1 lit. f) of the GDPR); you can object to the processing of the data about you at any time for the future. In the case of an objection, we have to refrain from any further processing of your data for the above-mentioned purposes unless there are compelling legitimate grounds that outweigh your interests, rights and freedoms or that are required to establish, exercise or defend legal claims.

(3) If the processing of personal data about you is based on your consent, you have the right to revoke your consent at any time. The legality of the processing carried out on the basis of the consent up to the revocation is not affected by this (Article 7, paragraph 3 of the GDPR).

(4) You also have the option to complain to the competent supervisory authority about data protection issues. The supervisory responsible for our company can be contacted at the following address:

Bayerisches Landesamt für Datenschutzaufsicht (Bavarian State Data Protection Supervision Office), Promenade 18, 91522 Ansbach: PO Box 606, 91511 Ansbach Phone: +49 (0)981/180093-0 Fax: +49 (0)981/180093-99 E-mail: poststelle@lda.bayern.de Website: http://www.lda.bayern.de

(5) If we make an automated case-by-case decision without human influence, you will be notified that you have the right under the conditions of Article 22, paragraph 3 of the GDPR to receive information and an explanation about this decision and to have this checked by a member of staff.

6. Contact and updating of information obligations

Please send all information, requests for information, revocations or objections to data processing to our data protection officer by e-mail to datenschutz@behncke.com or in writing to the above-mentioned address, for the attention of the data protection officer.

These information obligations can be adapted at a later date due to changes, for example, to the statutory provisions. The current version of this information can be found at www.behncke.com

INVOICES | Information obligations according to Article 13 and Article 14 of the GDPR

The protection of your personal data is of great importance to us. We abide by the existing laws and would like to inform you below about the collection of personal data in individual procedures. Personal data is all the data related to you personally (e.g. name, address, e-mail address, telephone number, date of birth etc.)

1. Contact details of the controller and data protection officer

The controller according to Article 4, paragraph 7 of the GDPR is

BEHNCKE GmbH, represented by Stephanie Behncke-Weber, Caroline Behncke-Wild and Markus Weber

Michael-Haslbeck-Straße 13, D-85640 Putzbrunn/Munich

info@behncke.com

Phone: +49 (0)89 45 69 17-0

Fax: +49 (0)89 46 85 11

The company data protection officer at BEHNCKE GmbH can be contacted at the above-mentioned address, stating for the attention of the data protection officer, or using the following e-mail address: datenschutz@behncke.com

datenschutz@behncke.com

2. Purpose and legal basis of the data processing

Invoices

The possible consequences of failure to provide the data are: The purpose of the data processing cannot

be fulfilled.

The processing is necessary for the fulfilment of a contract with the person concerned.

Further processing is performed only if you have given your consent or legal permission has been granted.

3. Categories and individual recipient areas of the personal data

(1) Within our company, the only areas with access to your data are those that need the data to fulfil our contractual or statutory obligations. These areas receive the appropriate training and are obliged to safeguard the confidentiality of your personal data.

(2) In addition, we can transmit your personal data to other recipients, such as authorities, courts, social security institutions to fulfil statutory notification obligations, or also persons bound by professional confidentiality (e.g. tax consultants, lawyers) insofar as it is necessary to comply with statutory requirements or in order to protect our legitimate interest.

(3) Sometimes we use external service providers in the European Economic Area to process your data in order to fulfil contractual or statutory obligations. These service providers have been carefully selected, commissioned in writing and are bound by our instructions. They are regularly monitored by us. The service providers will not pass this data on to third parties, but delete it after fulfilment of the contract or conclusion of the statutory retention periods, in so far as you have given your consent to the further retention of the data. We are not currently using external service providers.

(4) We adopt the latest technical measures to ensure the protection of personal data. These are adapted in each case to the latest technological standards.

4. Length of data retention

We delete your personal data as soon as it is no longer required for the above-mentioned purposes. We would like to point out that personal data is stored for the period in which claims can be asserted against our company and as far as we are required to do so by law. Statutory limitation periods and retention obligations that come into question due to commercial and tax regulations, amongst other things. After the expiry of these periods, the collected data is deleted or blocked if the data cannot be deleted immediately.

The retention period for the invoice procedure is then 10 years

5. Data protection rights of the person concerned

(1) You have the right at any time to request information concerning the information stored about you (Article 15 of the GDPR) at the above-mentioned address. You also have the right to request the correction of the data under the conditions set out in Article 16 of the GDPR, the deletion of the data under the conditions set out in Article 17 of the GDPR and the restriction of processing of the data under the conditions set out in Article 18 of the GDPR. You can also request the transfer of data at any time under the conditions set out in Article 20 of the GDPR, provided that the data is still stored.

(2) We process your personal data to safeguard a legitimate interest (Article 6, paragraph 1 S. 1 lit. f) of the GDPR); you can object to the processing of the data about you at any time for the future. In the case of an objection, we have to refrain from any further processing of your data for the above-mentioned purposes unless there are compelling legitimate grounds that outweigh your interests, rights and freedoms or that are required to establish, exercise or defend legal claims.

(3) If the processing of personal data about you is based on your consent, you have the right to revoke your consent at any time. The legality of the processing carried out on the basis of the consent up to the revocation is not affected by this (Article 7, paragraph 3 of the GDPR).

(4) You also have the option to complain to the competent supervisory authority about data protection issues. The supervisory responsible for our company can be contacted at the following address:

Bayerisches Landesamt für Datenschutzaufsicht (Bavarian State Data Protection Supervision Office), Promenade 18, 91522 Ansbach: PO Box 606, 91511 Ansbach Phone: +49 (0)981/180093-0 Fax: +49 (0)981/180093-99 E-mail: poststelle@lda.bayern.de Website: http://www.lda.bayern.de

(5) If we make an automated case-by-case decision without human influence, you will be notified that you have the right under the conditions of Article 22, paragraph 3 of the GDPR to receive information and an explanation about this decision and to have this checked by a member of staff.

6. Contact and updating of information obligations

Please send all information, requests for information, revocations or objections to data processing to our data protection officer by e-mail to datenschutz@behncke.com or in writing to the above-mentioned address, for the attention of the data protection officer.

These information obligations can be adapted at a later date due to changes, for example, to the statutory provisions. The current version of this information can be found at www.behncke.com

COMPLAINTS | Information obligations according to Article 13 and Article 14 of the GDPR

The protection of your personal data is of great importance to us. We abide by the existing laws and would like to inform you below about the collection of personal data in individual procedures. Personal data is all the data related to you personally (e.g. name, address, e-mail address, telephone number, date of birth etc.)

1. Contact details of the controller and data protection officer

The controller according to Article 4, paragraph 7 of the GDPR is

BEHNCKE GmbH, represented by Stephanie Behncke-Weber, Caroline Behncke-Wild and Markus Weber

Michael-Haslbeck-Straße 13, D-85640 Putzbrunn/Munich

info@behncke.com

Phone: +49 (0)89 45 69 17-0

Fax: +49 (0)89 46 85 11

The company data protection officer at BEHNCKE GmbH can be contacted at the above-mentioned address, stating for the attention of the data protection officer, or using the following e-mail address: datenschutz@behncke.com

datenschutz@behncke.com

2. Purpose and legal basis of the data processing

Complaints

The possible consequences of failure to provide the data are: The purpose of the data processing cannot be fulfilled.

The processing is necessary for the fulfilment of a contract with the person concerned.

The processing is necessary to fulfil a legal obligation of the controller responsible for the processing

Further processing is performed only if you have given your consent or legal permission has been granted.

3. Categories and individual recipient areas of the personal data

(1) Within our company, the only areas with access to your data are those that need the data to fulfil our contractual or statutory obligations. These areas receive the appropriate training and are obliged to safeguard the confidentiality of your personal data.

(2) In addition, we can transmit your personal data to other recipients, such as authorities, courts, social security institutions to fulfil statutory notification obligations, or also persons bound by professional confidentiality (e.g. tax consultants, lawyers) insofar as it is necessary to comply with statutory requirements or in order to protect our legitimate interest.

(3) Sometimes we use external service providers in the European Economic Area to process your data in order to fulfil contractual or statutory obligations. These service providers have been carefully selected, commissioned in writing and are bound by our instructions. They are regularly monitored by us. The service providers will not pass this data on to third parties, but delete it after fulfilment of the contract or conclusion of the statutory retention periods, in so far as you have given your consent to the further retention of the data. We are not currently using external service providers.

(4) We adopt the latest technical measures to ensure the protection of personal data. These are adapted in each case to the latest technological standards.

4. Length of data retention

We delete your personal data as soon as it is no longer required for the above-mentioned purposes. We would like to point out that personal data is stored for the period in which claims can be asserted against our company and as far as we are required to do so by law. Statutory limitation periods and retention obligations that come into question due to commercial and tax regulations, amongst other things. After the expiry of these periods, the collected data is deleted or blocked if the data cannot be deleted immediately.

The retention period for the complaint procedure is then 10 years

5. Data protection rights of the person concerned

(1) You have the right at any time to request information concerning the information stored about you (Article 15 of the GDPR) at the above-mentioned address. You also have the right to request the correction of the data under the conditions set out in Article 16 of the GDPR, the deletion of the data under the conditions set out in Article 17 of the GDPR and the restriction of processing of the data under the conditions set out in Article 18 of the GDPR. You can also request the transfer of data at any time under the conditions set out in Article 20 of the GDPR, provided that the data is still stored.

(2) We process your personal data to safeguard a legitimate interest (Article 6, paragraph 1 S. 1 lit. f) of the GDPR); you can object to the processing of the data about you at any time for the future. In the case of an objection, we have to refrain from any further processing of your data for the above-mentioned purposes unless there are compelling legitimate grounds that outweigh your interests, rights and freedoms or that are required to establish, exercise or defend legal claims.

(3) If the processing of personal data about you is based on your consent, you have the right to revoke your consent at any time. The legality of the processing carried out on the basis of the consent up to the revocation is not affected by this (Article 7, paragraph 3 of the GDPR).

(4) You also have the option to complain to the competent supervisory authority about data protection issues. The supervisory responsible for our company can be contacted at the following address:

Bayerisches Landesamt für Datenschutzaufsicht (Bavarian State Data Protection Supervision Office), Promenade 18, 91522 Ansbach: PO Box 606, 91511 Ansbach Phone: +49 (0)981/180093-0 Fax: +49 (0)981/180093-99 E-mail: poststelle@lda.bayern.de Website: http://www.lda.bayern.de

(5) If we make an automated case-by-case decision without human influence, you will be notified that you have the right under the conditions of Article 22, paragraph 3 of the GDPR to receive information and an explanation about this decision and to have this checked by a member of staff.

6. Contact and updating of information obligations

Please send all information, requests for information, revocations or objections to data processing to our data protection officer by e-mail to datenschutz@behncke.com or in writing to the above-mentioned address, for the attention of the data protection officer.

These information obligations can be adapted at a later date due to changes, for example, to the statutory provisions. The current version of this information can be found at www.behncke.com

PHONE SYSTEM | Information obligations according to Article 13 and Article 14 of the GDPR

The protection of your personal data is of great importance to us. We abide by the existing laws and would like to inform you below about the collection of personal data in individual procedures. Personal data is all the data related to you personally (e.g. name, address, e-mail address, telephone number, date of birth etc.)

1. Contact details of the controller and data protection officer

The controller according to Article 4, paragraph 7 of the GDPR is

BEHNCKE GmbH, represented by Stephanie Behncke-Weber, Caroline Behncke-Wild and Markus Weber

Michael-Haslbeck-Straße 13, D-85640 Putzbrunn/Munich

info@behncke.com

Phone: +49 (0)89 45 69 17-0

Fax: +49 (0)89 46 85 11

The company data protection officer at BEHNCKE GmbH can be contacted at the above-mentioned address, stating for the attention of the data protection officer, or using the following e-mail address: datenschutz@behncke.com

datenschutz@behncke.com

2. Purpose and legal basis of the data processing

Phone system

The possible consequences of failure to provide the data are: The purpose of the data processing cannot be fulfilled.

Data processing for the purpose of employment – Section 26 of the German Data Protection Act

Further processing is performed only if you have given your consent or legal permission has been granted.

3. Categories and individual recipient areas of the personal data

(1) Within our company, the only areas with access to your data are those that need the data to fulfil our contractual or statutory obligations. These areas receive the appropriate training and are obliged to safeguard the confidentiality of your personal data.

(2) In addition, we can transmit your personal data to other recipients, such as authorities, courts, social security institutions to fulfil statutory notification obligations, or also persons bound by professional confidentiality (e.g. tax consultants, lawyers) insofar as it is necessary to comply with statutory requirements or in order to protect our legitimate interest.

(3) Sometimes we use external service providers in the European Economic Area to process your data in order to fulfil contractual or statutory obligations. These service providers have been carefully selected, commissioned in writing and are bound by our instructions. They are regularly monitored by us. The service providers will not pass this data on to third parties, but delete it after fulfilment of the contract or conclusion of the statutory retention periods, in so far as you have given your consent to the further retention of the data. We are not currently using external service providers.

(4) We adopt the latest technical measures to ensure the protection of personal data. These are adapted in each case to the latest technological standards.

4. Length of data retention

We delete your personal data as soon as it is no longer required for the above-mentioned purposes. We would like to point out that personal data is stored for the period in which claims can be asserted against our company and as far as we are required to do so by law. Statutory limitation periods and retention obligations that come into question due to commercial and tax regulations, amongst other things. After the expiry of these periods, the collected data is deleted or blocked if the data cannot be deleted immediately.

The retention period for the phone system procedure is then 10 years

5. Data protection rights of the person concerned

(1) You have the right at any time to request information concerning the information stored about you (Article 15 of the GDPR) at the above-mentioned address. You also have the right to request the correction of the data under the conditions set out in Article 16 of the GDPR, the deletion of the data under the conditions set out in Article 17 of the GDPR and the restriction of processing of the data under the conditions set out in Article 18 of the GDPR. You can also request the transfer of data at any time under the conditions set out in Article 20 of the GDPR, provided that the data is still stored.

(2) We process your personal data to safeguard a legitimate interest (Article 6, paragraph 1 S. 1 lit. f) of the GDPR); you can object to the processing of the data about you at any time for the future. In the case of an objection, we have to refrain from any further processing of your data for the above-mentioned purposes unless there are compelling legitimate grounds that outweigh your interests, rights and freedoms or that are required to establish, exercise or defend legal claims.

(3) If the processing of personal data about you is based on your consent, you have the right to revoke your consent at any time. The legality of the processing carried out on the basis of the consent up to the revocation is not affected by this (Article 7, paragraph 3 of the GDPR).

(4) You also have the option to complain to the competent supervisory authority about data protection issues. The supervisory responsible for our company can be contacted at the following address:

Bayerisches Landesamt für Datenschutzaufsicht (Bavarian State Data Protection Supervision Office), Promenade 18, 91522 Ansbach: PO Box 606, 91511 Ansbach Phone: +49 (0)981/180093-0 Fax: +49 (0)981/180093-99 E-mail: poststelle@lda.bayern.de Website: http://www.lda.bayern.de

(5) If we make an automated case-by-case decision without human influence, you will be notified that you have the right under the conditions of Article 22, paragraph 3 of the GDPR to receive information and an explanation about this decision and to have this checked by a member of staff.

6. Contact and updating of information obligations

Please send all information, requests for information, revocations or objections to data processing to our data protection officer by e-mail to datenschutz@behncke.com or in writing to the above-mentioned address, for the attention of the data protection officer.

These information obligations can be adapted at a later date due to changes, for example, to the statutory provisions. The current version of this information can be found at www.behncke.com

WEBSHOP | Information obligations according to Article 13 and Article 14 of the GDPR

The protection of your personal data is of great importance to us. We abide by the existing laws and would like to inform you below about the collection of personal data in individual procedures. Personal data is all the data related to you personally (e.g. name, address, e-mail address, telephone number, date of birth etc.)

1. Contact details of the controller and data protection officer

The controller according to Article 4, paragraph 7 of the GDPR is

BEHNCKE GmbH, represented by Stephanie Behncke-Weber, Caroline Behncke-Wild and Markus Weber

Michael-Haslbeck-Straße 13, D-85640 Putzbrunn/Munich

info@behncke.com

Phone: +49 (0)89 45 69 17-0

Fax: +49 (0)89 46 85 11

The company data protection officer at BEHNCKE GmbH can be contacted at the above-mentioned address, stating for the attention of the data protection officer, or using the following e-mail address: datenschutz@behncke.com

datenschutz@behncke.com

2. Purpose and legal basis of the data processing

Webshop

The possible consequences of failure to provide the data are: The purpose of the data processing cannot

be fulfilled.

The processing is necessary for the fulfilment of a contract with the person concerned.

The processing is necessary for pre-contractual measures at the request of the person concerned.

Further processing is performed only if you have given your consent or legal permission has been granted.

3. Categories and individual recipient areas of the personal data

(1) Within our company, the only areas with access to your data are those that need the data to fulfil our contractual or statutory obligations. These areas receive the appropriate training and are obliged to safeguard the confidentiality of your personal data.

(2) In addition, we can transmit your personal data to other recipients, such as authorities, courts, social security institutions to fulfil statutory notification obligations, or also persons bound by professional confidentiality (e.g. tax consultants, lawyers) insofar as it is necessary to comply with statutory requirements or in order to protect our legitimate interest.

(3) Sometimes we use external service providers in the European Economic Area to process your data in order to fulfil contractual or statutory obligations. These service providers have been carefully selected, commissioned in writing and are bound by our instructions. They are regularly monitored by us. The service providers will not pass this data on to third parties, but delete it after fulfilment of the contract or conclusion of the statutory retention periods, in so far as you have given your consent to the further retention of the data. We are not currently using external service providers.

(4) We adopt the latest technical measures to ensure the protection of personal data. These are adapted in each case to the latest technological standards.

4. Length of data retention

We delete your personal data as soon as it is no longer required for the above-mentioned purposes. We would like to point out that personal data is stored for the period in which claims can be asserted against our company and as far as we are required to do so by law. Statutory limitation periods and retention obligations that come into question due to commercial and tax regulations, amongst other things. After the expiry of these periods, the collected data is deleted or blocked if the data cannot be deleted immediately.

The retention period for the webshop procedure is then 10 years

5. Data protection rights of the person concerned

(1) You have the right at any time to request information concerning the information stored about you (Article 15 of the GDPR) at the above-mentioned address. You also have the right to request the correction of the data under the conditions set out in Article 16 of the GDPR, the deletion of the data under the conditions set out in Article 17 of the GDPR and the restriction of processing of the data under the conditions set out in Article 18 of the GDPR. You can also request the transfer of data at any time under the conditions set out in Article 20 of the GDPR, provided that the data is still stored.

(2) We process your personal data to safeguard a legitimate interest (Article 6, paragraph 1 S. 1 lit. f) of the GDPR); you can object to the processing of the data about you at any time for the future. In the case of an objection, we have to refrain from any further processing of your data for the above-mentioned purposes unless there are compelling legitimate grounds that outweigh your interests, rights and freedoms or that are required to establish, exercise or defend legal claims.

(3) If the processing of personal data about you is based on your consent, you have the right to revoke your consent at any time. The legality of the processing carried out on the basis of the consent up to the revocation is not affected by this (Article 7, paragraph 3 of the GDPR).

(4) You also have the option to complain to the competent supervisory authority about data protection issues. The supervisory responsible for our company can be contacted at the following address:

Bayerisches Landesamt für Datenschutzaufsicht (Bavarian State Data Protection Supervision Office), Promenade 18, 91522 Ansbach: PO Box 606, 91511 Ansbach Phone: +49 (0)981/180093-0 Fax: +49 (0)981/180093-99 E-mail: poststelle@lda.bayern.de Website: http://www.lda.bayern.de

(5) If we make an automated case-by-case decision without human influence, you will be notified that you have the right under the conditions of Article 22, paragraph 3 of the GDPR to receive information and an explanation about this decision and to have this checked by a member of staff.

6. Contact and updating of information obligations

Please send all information, requests for information, revocations or objections to data processing to our data protection officer by e-mail to datenschutz@behncke.com or in writing to the above-mentioned address, for the attention of the data protection officer.

These information obligations can be adapted at a later date due to changes, for example, to the statutory provisions. The current version of this information can be found at www.behncke.com

POSTING OF INCOMING PAYMENTS | Information obligations according to Article 13 and Article 14 of the GDPR

The protection of your personal data is of great importance to us. We abide by the existing laws and would like to inform you below about the collection of personal data in individual procedures. Personal data is all the data related to you personally (e.g. name, address, e-mail address, telephone number, date of birth etc.)

1. Contact details of the controller and data protection officer

The controller according to Article 4, paragraph 7 of the GDPR is

BEHNCKE GmbH, represented by Stephanie Behncke-Weber, Caroline Behncke-Wild and Markus Weber

Michael-Haslbeck-Straße 13, D-85640 Putzbrunn/Munich

info@behncke.com

Phone: +49 (0)89 45 69 17-0

Fax: +49 (0)89 46 85 11

The company data protection officer at BEHNCKE GmbH can be contacted at the above-mentioned address, stating for the attention of the data protection officer, or using the following e-mail address: datenschutz@behncke.com

datenschutz@behncke.com

2. Purpose and legal basis of the data processing

Posting of incoming payments

The possible consequences of failure to provide the data are: The purpose of the data processing cannot be fulfilled.

The processing is necessary for the fulfilment of a contract with the person concerned.

Further processing is performed only if you have given your consent or legal permission has been granted.

3. Categories and individual recipient areas of the personal data

(1) Within our company, the only areas with access to your data are those that need the data to fulfil our contractual or statutory obligations. These areas receive the appropriate training and are obliged to safeguard the confidentiality of your personal data.

(2) In addition, we can transmit your personal data to other recipients, such as authorities, courts, social security institutions to fulfil statutory notification obligations, or also persons bound by professional confidentiality (e.g. tax consultants, lawyers) insofar as it is necessary to comply with statutory requirements or in order to protect our legitimate interest.

(3) Sometimes we use external service providers in the European Economic Area to process your data in order to fulfil contractual or statutory obligations. These service providers have been carefully selected, commissioned in writing and are bound by our instructions. They are regularly monitored by us. The service providers will not pass this data on to third parties, but delete it after fulfilment of the contract or conclusion of the statutory retention periods, in so far as you have given your consent to the further retention of the data. We are not currently using external service providers.

(4) We adopt the latest technical measures to ensure the protection of personal data. These are adapted in each case to the latest technological standards.

4. Length of data retention

We delete your personal data as soon as it is no longer required for the above-mentioned purposes. We would like to point out that personal data is stored for the period in which claims can be asserted against our company and as far as we are required to do so by law. Statutory limitation periods and retention obligations that come into question due to commercial and tax regulations, amongst other things. After the expiry of these periods, the collected data is deleted or blocked if the data cannot be deleted immediately.

The retention period for the posting of incoming payments procedure is then 10 years

5. Data protection rights of the person concerned

(1) You have the right at any time to request information concerning the information stored about you (Article 15 of the GDPR) at the above-mentioned address. You also have the right to request the correction of the data under the conditions set out in Article 16 of the GDPR, the deletion of the data under the conditions set out in Article 17 of the GDPR and the restriction of processing of the data under the conditions set out in Article 18 of the GDPR. You can also request the transfer of data at any time under the conditions set out in Article 20 of the GDPR, provided that the data is still stored.

(2) We process your personal data to safeguard a legitimate interest (Article 6, paragraph 1 S. 1 lit. f) of the GDPR); you can object to the processing of the data about you at any time for the future. In the case of an objection, we have to refrain from any further processing of your data for the above-mentioned purposes unless there are compelling legitimate grounds that outweigh your interests, rights and freedoms or that are required to establish, exercise or defend legal claims.

(3) If the processing of personal data about you is based on your consent, you have the right to revoke your consent at any time. The legality of the processing carried out on the basis of the consent up to the revocation is not affected by this (Article 7, paragraph 3 of the GDPR).

(4) You also have the option to complain to the competent supervisory authority about data protection issues. The supervisory responsible for our company can be contacted at the following address:

Bayerisches Landesamt für Datenschutzaufsicht (Bavarian State Data Protection Supervision Office), Promenade 18, 91522 Ansbach: PO Box 606, 91511 Ansbach Phone: +49 (0)981/180093-0 Fax: +49 (0)981/180093-99 E-mail: poststelle@lda.bayern.de Website: http://www.lda.bayern.de

(5) If we make an automated case-by-case decision without human influence, you will be notified that you have the right under the conditions of Article 22, paragraph 3 of the GDPR to receive information and an explanation about this decision and to have this checked by a member of staff.

6. Contact and updating of information obligations

Please send all information, requests for information, revocations or objections to data processing to our data protection officer by e-mail to datenschutz@behncke.com or in writing to the above-mentioned address, for the attention of the data protection officer.

These information obligations can be adapted at a later date due to changes, for example, to the statutory provisions. The current version of this information can be found at www.behncke.com

CUSTOMS CLEARANCE | Information obligations according to Article 13 and Article 14 of the GDPR

The protection of your personal data is of great importance to us. We abide by the existing laws and would like to inform you below about the collection of personal data in individual procedures. Personal data is all the data related to you personally (e.g. name, address, e-mail address, telephone number, date of birth etc.)

1. Contact details of the controller and data protection officer

The controller according to Article 4, paragraph 7 of the GDPR is

BEHNCKE GmbH, represented by Stephanie Behncke-Weber, Caroline Behncke-Wild and Markus Weber

Michael-Haslbeck-Straße 13, D-85640 Putzbrunn/Munich

info@behncke.com

Phone: +49 (0)89 45 69 17-0

Fax: +49 (0)89 46 85 11

The company data protection officer at BEHNCKE GmbH can be contacted at the above-mentioned address, stating for the attention of the data protection officer, or using the following e-mail address: datenschutz@behncke.com

datenschutz@behncke.com

2. Purpose and legal basis of the data processing

Customs clearance

The possible consequences of failure to provide the data are: The purpose of the data processing cannot be fulfilled.

The processing is necessary to fulfil a legal obligation of the controller responsible for the processing

Further processing is performed only if you have given your consent or legal permission has been granted.

3. Categories and individual recipient areas of the personal data

(1) Within our company, the only areas with access to your data are those that need the data to fulfil our contractual or statutory obligations. These areas receive the appropriate training and are obliged to safeguard the confidentiality of your personal data.

(2) In addition, we can transmit your personal data to other recipients, such as authorities, courts, social security institutions to fulfil statutory notification obligations, or also persons bound by professional confidentiality (e.g. tax consultants, lawyers) insofar as it is necessary to comply with statutory requirements or in order to protect our legitimate interest.

(3) Sometimes we use external service providers in the European Economic Area to process your data in order to fulfil contractual or statutory obligations. These service providers have been carefully selected, commissioned in writing and are bound by our instructions. They are regularly monitored by us. The service providers will not pass this data on to third parties, but delete it after fulfilment of the contract or conclusion of the statutory retention periods, in so far as you have given your consent to the further retention of the data. We are not currently using external service providers.

(4) We adopt the latest technical measures to ensure the protection of personal data. These are adapted in each case to the latest technological standards.

4. Length of data retention

We delete your personal data as soon as it is no longer required for the above-mentioned purposes. We would like to point out that personal data is stored for the period in which claims can be asserted against our company and as far as we are required to do so by law. Statutory limitation periods and retention obligations that come into question due to commercial and tax regulations, amongst other things. After the expiry of these periods, the collected data is deleted or blocked if the data cannot be deleted immediately.

The retention period for the customs clearance procedure is then 6 years

5. Data protection rights of the person concerned

(1) You have the right at any time to request information concerning the information stored about you (Article 15 of the GDPR) at the above-mentioned address. You also have the right to request the correction of the data under the conditions set out in Article 16 of the GDPR, the deletion of the data under the conditions set out in Article 17 of the GDPR and the restriction of processing of the data under the conditions set out in Article 18 of the GDPR. You can also request the transfer of data at any time under the conditions set out in Article 20 of the GDPR, provided that the data is still stored.

(2) We process your personal data to safeguard a legitimate interest (Article 6, paragraph 1 S. 1 lit. f) of the GDPR); you can object to the processing of the data about you at any time for the future. In the case of an objection, we have to refrain from any further processing of your data for the above-mentioned purposes unless there are compelling legitimate grounds that outweigh your interests, rights and freedoms or that are required to establish, exercise or defend legal claims.

(3) If the processing of personal data about you is based on your consent, you have the right to revoke your consent at any time. The legality of the processing carried out on the basis of the consent up to the revocation is not affected by this (Article 7, paragraph 3 of the GDPR).

(4) You also have the option to complain to the competent supervisory authority about data protection issues. The supervisory responsible for our company can be contacted at the following address:

Bayerisches Landesamt für Datenschutzaufsicht (Bavarian State Data Protection Supervision Office), Promenade 18, 91522 Ansbach: PO Box 606, 91511 Ansbach Phone: +49 (0)981/180093-0 Fax: +49 (0)981/180093-99 E-mail: poststelle@lda.bayern.de Website: http://www.lda.bayern.de

(5) If we make an automated case-by-case decision without human influence, you will be notified that you have the right under the conditions of Article 22, paragraph 3 of the GDPR to receive information and an explanation about this decision and to have this checked by a member of staff.

6. Contact and updating of information obligations

Please send all information, requests for information, revocations or objections to data processing to our data protection officer by e-mail to datenschutz@behncke.com or in writing to the above-mentioned address, for the attention of the data protection officer.

These information obligations can be adapted at a later date due to changes, for example, to the statutory provisions. The current version of this information can be found at www.behncke.com

E-MAIL ARCHIVING PROCEDURE | Information obligations according to Article 13 and Article 14 of the GDPR

The protection of your personal data is of great importance to us. We abide by the existing laws and would like to inform you below about the collection of personal data in individual procedures. Personal data is all the data related to you personally (e.g. name, address, e-mail address, telephone number, date of birth etc.)

1. Contact details of the controller and data protection officer

The controller according to Article 4, paragraph 7 of the GDPR is

BEHNCKE GmbH, represented by Stephanie Behncke-Weber, Caroline Behncke-Wild and Markus Weber

Michael-Haslbeck-Straße 13, D-85640 Putzbrunn/Munich

info@behncke.com

Phone: +49 (0)89 45 69 17-0

Fax: +49 (0)89 46 85 11

The company data protection officer at BEHNCKE GmbH can be contacted at the above-mentioned address, stating for the attention of the data protection officer, or using the following e-mail address: datenschutz@behncke.com

datenschutz@behncke.com

2. Purpose and legal basis of the data processing

E-mail archiving

The possible consequences of failure to provide the data are: The purpose of the data processing cannot be fulfilled.

The processing is necessary to fulfil a legal obligation of the controller responsible for the processing

Further processing is performed only if you have given your consent or legal permission has been granted.

3. Categories and individual recipient areas of the personal data

(1) Within our company, the only areas with access to your data are those that need the data to fulfil our contractual or statutory obligations. These areas receive the appropriate training and are obliged to safeguard the confidentiality of your personal data.

(2) In addition, we can transmit your personal data to other recipients, such as authorities, courts, social security institutions to fulfil statutory notification obligations, or also persons bound by professional confidentiality (e.g. tax consultants, lawyers) insofar as it is necessary to comply with statutory requirements or in order to protect our legitimate interest.

(3) Sometimes we use external service providers in the European Economic Area to process your data in order to fulfil contractual or statutory obligations. These service providers have been carefully selected, commissioned in writing and are bound by our instructions. They are regularly monitored by us. The service providers will not pass this data on to third parties, but delete it after fulfilment of the contract or conclusion of the statutory retention periods, in so far as you have given your consent to the further retention of the data. We use the following external service providers:

EDV-ITK Systeme; Alletter; Am Nordberg 22; 85659 Forstern

(4) We adopt the latest technical measures to ensure the protection of personal data. These are adapted in each case to the latest technological standards.

4. Length of data retention

We delete your personal data as soon as it is no longer required for the above-mentioned purposes. We would like to point out that personal data is stored for the period in which claims can be asserted against our company and as far as we are required to do so by law. Statutory limitation periods and retention obligations that come into question due to commercial and tax regulations, amongst other things. After the expiry of these periods, the collected data is deleted or blocked if the data cannot be deleted immediately.

The retention period for the e-mail archiving procedure is then 10 years

5. Data protection rights of the person concerned

(1) You have the right at any time to request information concerning the information stored about you (Article 15 of the GDPR) at the above-mentioned address. You also have the right to request the correction of the data under the conditions set out in Article 16 of the GDPR, the deletion of the data under the conditions set out in Article 17 of the GDPR and the restriction of processing of the data under the conditions set out in Article 18 of the GDPR. You can also request the transfer of data at any time under the conditions set out in Article 20 of the GDPR, provided that the data is still stored.

(2) We process your personal data to safeguard a legitimate interest (Article 6, paragraph 1 S. 1 lit. f) of the GDPR); you can object to the processing of the data about you at any time for the future. In the case of an objection, we have to refrain from any further processing of your data for the above-mentioned purposes unless there are compelling legitimate grounds that outweigh your interests, rights and freedoms or that are required to establish, exercise or defend legal claims.

(3) If the processing of personal data about you is based on your consent, you have the right to revoke your consent at any time. The legality of the processing carried out on the basis of the consent up to the revocation is not affected by this (Article 7, paragraph 3 of the GDPR).

(4) You also have the option to complain to the competent supervisory authority about data protection issues. The supervisory responsible for our company can be contacted at the following address:

Bayerisches Landesamt für Datenschutzaufsicht (Bavarian State Data Protection Supervision Office), Promenade 18, 91522 Ansbach: PO Box 606, 91511 Ansbach Phone: +49 (0)981/180093-0 Fax: +49 (0)981/180093-99 E-mail: poststelle@lda.bayern.de Website: http://www.lda.bayern.de

(5) If we make an automated case-by-case decision without human influence, you will be notified that you have the right under the conditions of Article 22, paragraph 3 of the GDPR to receive information and an explanation about this decision and to have this checked by a member of staff.

6. Contact and updating of information obligations

Please send all information, requests for information, revocations or objections to data processing to our data protection officer by e-mail to datenschutz@behncke.com or in writing to the above-mentioned address, for the attention of the data protection officer.

These information obligations can be adapted at a later date due to changes, for example, to the statutory provisions. The current version of this information can be found at www.behncke.com