Privacy Statement
Hack Formenbau GmbH

Dated: April 2019

1. Name and contact details of the person responsible for the processing as well as of the company data protection officer

Responsible authority in the sense of the Data Protection Laws, in particular of the EU General Data Protection Regulation (GDPR), is

Hack Formenbau GmbH

Wielandstraße 11

73230 Kirchheim unter Teck

represented by Mr. Herrn Gunnar Hack

E-mail: info@hack-formenbau.de

Phone: +49 (0)7021 97560

hereinafter also called “we”.

The company data protection officer of the Hack Formenbau GmbH is available under the a.m. address or mail address

datenschutz@hack-formenbau.de

2. Collection, storage and processing of personal data as well as nature and purpose and their use

2.1 When visiting the website

When using our website only for informational purposes, i.e. if you do not register or send us any other information, we will only collect the personal data which your browser transmits to our server.

By using our website the browser used on your terminal will automatically send information to the server of our website. This information will be temporarily saved in a so-called logfile. In doing so, the following information will be collected without any action on your part and will be saved until their automatic deletion:

• IP address of the requesting PC,

• Date and time of the access,

• Time zone difference to the Greenwich Mean Time (GMT),

• Content of the demand (specific page),

• Name and URL of the requested file,

• Access status / HTTP status code,

• Volume of the transmitted data,

• Website, from which access is made (referrer URL),

• Used browser,

• Operating system of your PC and its interface,

• Language and version of the browser software,

• Name of your access providers.

The mentioned data will be processed by us for the following purposes:

• Guaranteeing a smooth connection establishment to the website,

• Guaranteeing a comfortable usage of our website,

• Evaluation of the system security and stability as well as

• for further administrative purposes.

The legal basis for this data processing is the art. 6 para. 1 p. 1 lit. f GDPR. Our legitimate interest results from the above listed purposes for the data collection. In any event, we will use the data collected for the purpose to draw conclusions regarding you as a person.

Furthermore, when you visit our website, we will be using cookies as well as analytics services as described below in this Privacy Statement.

2.2 When contacting by e-mail

We will only save your personal data such as family name, first name, address, phone number or e-mail address, if you provide them voluntarily, e.g. if you contact us by e-mail or if you ask us to call you back. The data processing for the purpose of contacting is performed according to the art. 6 para. 1 p. 1 lit. a GDPR on the basis of your voluntarily given approval.

The personal data which you have provided for contacting you will only be temporarily saved by us for the processing of your inquiry and will be automatically deleted after having responded to your request. We will not forward these data to third parties.

If you commission us with the rendering of services, we will collect, process and use your personal data only to fulfil the contracting relationship coming into existence between you and us. The legal basis for this data processing is the art. 6 para. 1 p. 1 lit. b GDBR

We would like to point out that unencrypted e-mails may be read along or modified unauthorized on the transmission path; therefore we recommend the encryption of messages which include sensible or personal data.

We are using a software to filter undesired e-mails (spam filter). With the spam filter it is possible to reject e-mails, if applicable, if they have wrongly been identified as spam by certain characteristics. These spam mails will be immediately deleted after a daily check.

2.3 In case of an online application

If you transmit personal data to us in the form of application documents in electronic form, we will process and use this information only to process the application procedure and for the possible initiation of an employment relationship. We will not forward these data to third parties.

After having completed the employment procedure, the personal data which you have transmitted to us will be automatically deleted at the latest after 6 months. If the application procedure is followed by an employment relationship, your data will be processed in the frame of the then applicable data protection regulations for our employees.

3. Transfer of data

We will only forward your personal data to third parties, if

a) You have given your express consent according to art. 6 para. 1 p. 1 lit. a GDBR, or

b) It is permitted by law and necessary for the processing of contractual relationships with you according to art. 6 para. 1 p. l lit. b GDPR or

c) There is a legal obligation for the transfer according to art. 6 para. 1 p. 1 lit. c GDPR, to which we are subject and are required to follow, or

d) The forwarding of personal data according to art. 6 para. 1 p. 1 lit. f GDPR to claim, exercise or defend legal claims on our part is required and there is no reason to believe, that you have an overriding interest warranting protection relating to non-forwarding of your data.

4. Cookies

We are using cookies on our website. These are small files, which your browser generates automatically and which are saved on your terminal (laptop, tablet, smartphone or the like), when you visit our site. Cookies do not cause damage on your terminal, they do not include any viruses, trojans or other malware. Information which result in connection with the specifically used terminal will be filed in the cookie. However, this does not mean that we do not receive immediate knowledge of your identity.

On the one hand, the use of cookies serves to make the usage of our offer more comfortable for you. On the other hand, we are using cookies, in order to collect statistical data and to evaluate them for the purpose of optimising our quotation.

We are using transient cookies, in order to recognise that you have already visited individual pages of our website. Transient cookies will be automatically deleted, when you close the browser. This includes in particular the session cookies. They save a so-called session ID, which allows assigning different requests of your browser to the mutual session. In this way, it is possible to recognise your PC as soon as you return to our website. The session cookies will be deleted, when you log out or close the browser.

In addition, we use persistent (temporary) cookies to optimise the user-friendliness, which will be saved on your terminal for a certain determined period of time. If you visit our site once again, in order to make use of our services, the system will automatically recognise that you have already visited our website and which entries and settings you have made so that it is not necessary to enter them once again.

Persistent cookies will automatically be deleted after a pre-set period of time, which may be different depending on the cookie. You can delete the cookies in the safety settings of your browser at any time.

The data processed by cookies are required for the mentioned purpose in order to protect our legitimate interests as well as of third parties according to art. 6 para. 1 p. 1 lit. f GDPR.

Most browsers automatically accept cookies. You can configure your browser in a way that no cookies will be saved on your PC or that a notice always appears before a new cookie is being created. The complete deactivation of cookies can lead to the fact that you cannot use all functions of our website. You can also delete cookies afterwards, in order to delete data, which the websites have filed on your PC.

5. Using script libraries (Google web fonts)

In order to represent contents correctly and graphically appealing in all browsers, we are using script libraries and fond libraries on this website such as Google web fonts made by

Google Inc., 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA

Google web fonts will be transmitted in order to avoid multiple loading in the cache of your browser.

If the browser does not support the Google web fonts or if it blocks the access, the contents will be displayed in a standard font. The calling of script libraries or font libraries automatically releases a connection to the operator of the library. In doing so, it is theoretically possible that the operator of corresponding libraries would collect data.

You will find extensive details, transparency and choices as well as data protection regulations under

https://policies.google.com/privacy?hl=de&gl=de .

In the data protection centre, you can also change your personal data protection settings.

6. Rights of the individuals affected

You have the right:

a) To request information about your personal data processed by us according to art. 15 GDPR. You can in particular request information about the processing purposes, the category of the personal data, the categories of recipients, to whom your personal data have been disclosed, the planned storage period, the existence of a right of adjustment, deletion, limitation of the processing or contradiction, the existence of a right of appeal, the origin of your data, if they have not been collected by us, as well as about the existence of an automatic decision making including profiling and meaningful information about their details, if applicable;

b) To request the immediate correction of incorrect or completion of your personal data saved with us according to art. 16 GDPR;

c) To request the deletion of your personal data saved with us according to art. 17 GDPR, is so far as not the processing for exercising the right on freedom of expression and information, to fulfil the legal obligation, for reasons of the public interest or for assertion, exercise or defending of legal claims is being required;

d) To request the limitation of the processing of your personal data according to art. 18 GDPR, in so far as you question the correctness of the data, the processing is unlawful, but you reject their deletion and we do not need the data any longer, but you require them for assertion, exercise or defending of legal claims or you have appealed to the processing according to art. 21 GDPR;

e) To request the transfer of your personal data which you have made available to us in a structured, common and machine-readable form by itself or the transfer to another person responsible according to art. 20 GDPR;

f) To revoke the once given consent to us at any time according to art. 7 para. 3 GDPR. This means that we must not continue the data processing which is based on this consent any longer in the future;

g) To complain with a supervisory authority according to art. 77 GDPR. As a rule, to do so, you can apply to the supervisory authority of you usual residence or workplace or our law office address. The responsible supervisory authority conforms to the federal state of your domicile, your work or the suspected infringement. You will find a list of the supervisory authorities (for the private sector) with addresses under

https://www.bfdi.bund.de/DE/Infothek/Anschriften_Links/anschriften_links-node.html.

If you would like to exercise these rights, it is sufficient to send an e-mail to datenschutz@hack-formenbau.de.

7. Right of objection

If your personal data are processed on the basis of legitimate interests according to art. 6 para. 1 p. 1 f GDPR, you have the right to lodge a complaint against the processing of your personal data according to art. 21 GDPR.

The objection is justified if good reasons exist, which do not result from your special situation or the contradiction are directed against direct advertising. In the latter case you have a general right of objection which will be implemented by us without indication of a special situation.

If you would like to exercise your right to objection, it is sufficient to send an e-mail to datenschutz@hack-formenbau.de.

8. Data security

For our website we are using the widespread SSL (Secure Socket Layer) procedure in connection with the correspondingly highest encryption, which is being supported by your browser. This is generally a 256 bit encryption. If your browser does not support a 256 bit encryption, the encryption will not take place.

The closed representation of the key or lock icon in the bottom status bar of your browser will indicate if an individual page of our website is being transmitted encrypted.

Otherwise, we are using suitable technical and organisational safety measures, in order to protect your data against random or deliberate manipulation, partial or complete loss, destruction or unauthorised access of third parties. Our safety measures will be continuously improved according to the technological development.

9. Timeliness and modification of this Privacy Statement

This Privacy Statement is currently valid and is dated February 2019.

With the further development of our website and offers thereon or due to the changed legal or official guidelines, it may become necessary, to change this Privacy Statement. You may call up and print the corresponding current Privacy Statement on the website under

www.hack-formenbau.de.

Hack Formenbau GmbH

Kirchheim unter Teck April 2019