NEHER DIA GmbH & Co. KG attaches high importance to the protection of your personal details. We provide information below of which details we store when our website is used, and how we use this information.

1 Name and contact details of the person responsible for processing data and of the in-house data protection officer

This data privacy information applies for data processing by:  Responsible: NEHER DIA GmbH & Co. KG Am Sägebach 6 88356 Ostrach-Einhart, Germany Email: info@neher-group.com Phone: +49 (0)7585/93206-0 Fax: +49 (0)7585/93206-21 The email address of the in-house data protection officer at Neher Dia GmbH & Co. KG is dsb@neher-group.com

2 Collection and storage of personal data and the nature and purpose of its use

a) When visiting the website

When you visit our website (www.neher-group.com), the browser used on your device automatically sends information to our website server. This information is stored temporarily in a log file. The following information is read without any action on your part, and is stored until deleted automatically::

• IP address of the computer accessing the site
• Date and time of the access
• Name and URL of the file accessed
• Website from which access is performed (referrer URL)
• Browser and, possibly, operating system used on your computer, and the name of your access provider

The information stated is processed by us for the following purposes:

• To guarantee smooth connection set-up for the website
• To guarantee our website is easy to use
• To analyse system security and stability
• For other administrative purposes

The legal basis for data processing is Article 6 para. 1 sentence 1 lit. f GDPR. The aforementioned purposes for data collection constitute our legitimate interest. Under no circumstances do we use the data collected for the purposes of drawing conclusions about you as a person. Furthermore, we use cookies and analysis services for visits to our website. More detailed explanations are available in Sections 4 and 5 of this data privacy statement.

b) When signing up to our newsletter

When you expressly consent as in Art. 6 para 1 sentence 1 lit. a GDPR, we use your email address to regularly send you our newsletter. All you need to do to receive the newsletter is specify an email address. You can unsubscribe at any time (by for example using the link at the end of every newsletter). Or you can email your wish to unsubscribe to info@neher-group.com.

c) When using our contact form

For questions of any kind, we provide you with a form on the website for contacting us. A valid email address is required so we know who the query is from and are able to respond. Any additional information is voluntary. The legal basis for data processing for the purposes of contacting us is Art. 6, para. 1, sentence 1, lit. a GDPR provided that you voluntarily issue your consent. The personal data collected by us for usage of the contact form is automatically deleted once the query made by yourself is concluded.

3 Forwarding of data

Your personal data will not be forwarded to third parties other than for the purpose stated below. We only pass on your personal details to third parties:

• when you have expressly issued consent in accordance with Art. 6 para 1 sentence 1 lit. a GDPR
• when forwarding is required for enforcing, exercising or defending legal claims according to Art. 6 para 1 sentence 1 lit. f GDPR, and there are no grounds to believe you have a predominant interest in your data not being transferred that is worthy of protection
• when there is a legal obligation for data transfer as laid down in Art. 6 para 1 sentence 1 lit. c GDPR
• when it is permitted by law and, in accordance with Art. 6 para 1 sentence 1 lit. b GDPR, required for the performance of a contract with you As part of order processing, service providers contracted by us (carrier and logistics firms for example) receive details necessary for order processing and fulfilment. These details may only be used by our service providers to perform this task.
• when a creditworthiness check is required due to our upfront service. To protect our interests, we will seek as required creditworthiness information from SCHUFA Holding AG, Kormoranweg 5, 65201 Wiesbaden, Germany. Your interests worthy of protection are covered by legal regulations.

4 Cookies

We use cookies on our website. Cookies are small files created automatically by your browser and stored on your device (laptop, tablet, smartphone, etc.) when you visit our site. Cookies are not harmful to your device and do not contain any viruses, Trojans or other malware. A cookie stores information arising in each case in conjunction with the specific device used. This does not mean, however, that as a result we receive direct information about your identity. Cookies are used to make our website more user-friendly. For example, we use “session cookies” to identify whether you have already visited individual pages of our website. Session cookies are deleted automatically when you leave our site. Furthermore, we also use temporary cookies to optimise user-friendliness. They are stored on your device for a certain, fixed time. If you visit our site again to make use of our services, it will automatically recognise your device and your entries and settings you may have configured so you need not enter them again. We also use cookies to record the usage of our website statistically, and to analyse our site for the purpose of optimisation (see Section 5). When you visit our site again, these cookies enable us to automatically recognise that you have already visited us. These cookies are deleted automatically after a defined time. The data processed by cookies are required for the purposes stated to protect our legitimate interests, and those of third parties, as laid down in Art. 6 para 1 sentence 1 lit. f GDPR. Most browsers accept cookies automatically. However, you can configure your browser so that no cookies are stored on your computer or that a message is always shown before a new cookie is created. Fully disabling cookies can however mean you cannot use all of the functions of our website.

5. Analyse-Tools

a) Analysis tools

The tracking measures listed below and used by us are based on Art. 6 para 1 sentence 1 lit. f GDPR. With these tracking measures, we want to ensure a needs-based design and continual optimisation of our website. We also use tracking measures to record the usage of our website statistically and to analyse our site for the purpose of optimisation. These interests are to be deemed legitimate within the meaning of the aforementioned provision. Refer to the corresponding tracking tools for the relevant data processing purposes and data categories.

b) Google Analytics

To continually optimise our website and design it in such a way that it meets users’ needs, we use Google Analytics, a web analysis service provided by Google Inc. (https://www.google.de/intl/de/about/) /) (1600 Amphitheatre Parkway, Mountain View, CA 94043, USA; hereafter “Google”). This involves the creation of pseudonymised user profiles and the use of cookies (refer to Section 4). The information generated by a cookie about your use of this website, such as the

• browser type/version,
• operating system used,
• referrer URL (the site visited previously),
• host name of the accessing computer (IP address),
• time of the server request,

are sent to a Google server in the USA and stored there. This information is used to analyse usage of the website, compile reports on website activity and provide other services associated with website and Internet usage for the purposes of market research and the needs-based design of these websites. This information is also passed on to third parties if this is legally required and provided that these third parties carry out the processing of this data on our behalf. Your IP address is never combined with other Google data. The IP addresses are anonymised, meaning associations are impossible (IP masking). You can disable the installation of cookies by means of a corresponding setting in your browser software; note, however, that in this case it might not be possible to make full use of all of the functions of this website. Furthermore, you can prevent Google from collecting and processing the data generated by the cookie and relating to your usage of the website (including your IP address) by downloading and installing a browser add-on  (https://tools.google.com/dlpage/gaoptout?hl=de). As an alternative to the browser add-on (in particular for browsers on mobile devices), you can click on this link to prevent the collection of data by Google Analytics. An opt-out cookie is set that prevents the future collection of your data when you visit this website. The opt-out cookie applies only to that browser and only to our website and is stored on your device. If you delete the cookies in that browser, you need to set the opt-out cookie again. More information on data protection in conjunction with Google Analytics is available for example in Google Analytics Help (https://support.google.com/analytics/answer/6004245?hl=de).

c) Google Adwords conversion tracking

To record usage of our website statistically and to analyse our website for the purpose of optimisation, we also use Google conversion tracking. If a user is directed to our website from a Google advert, Google Adwords places a cookie (see Section 4) on your computer. These cookies expire after 30 days and are not used for personal identification. If the user visits certain pages of the website of the Adwords customer and the cookie has not yet expired, Google and the customer can tell that the user clicked the advert and was forwarded to this page. Every Adwords customer receives a different cookie. This means cookies cannot be tracked via the websites of Adwords customers. Information obtained using a conversion cookie is used to compile conversion statistics for Adwords customers who have opted for conversion tracking. They can see the total number of users who have clicked their advert and been forwarded to a page featuring a conversion tracking tag. But they do not receive any information that can identify users personally. If you do not want to be part of the tracking process, you can also reject the setting of the cookie required for it, by using for example a browser setting that generally disables the automatic setting of cookies. You can also disable cookies for conversion tracking by setting your browser such that cookies from the domain „https://www.googleadservices.com“ are blocked. Google’s data protection instructions for conversion tracking are available under the following link: (https://services.google.com/sitestats/de.html).

 

6. Social media plugins

To raise the profile of our company, we use on our website the Facebook social network plugin on the basis of Art. 6 para 1 sentence 1 lit. f GDPR. The underlying promotional purpose is to be deemed as a legitimate interest as defined by the GDPR. Responsibility for ensuring operation is data protection compliant must be guaranteed by the respective provider. To provide the best possible level of protection for visitors to our website, we use the two-click method to integrate these plugins.

Facebook

We use social media plugins from Facebook on our website in order to personalise your visits. We use the “LIKE” and “SHARE” buttons for this. They are a service provided by Facebook. When you visit a page on our website that contains such a plugin, your browser establishes a direct connection to the servers of Facebook. The content of the plugin is sent by Facebook directly to your browser, that incorporates it in the web page. With these integrated plugins, Facebook receives the information that your browser has accessed the relevant page of our website, even if you do not have a Facebook account or are not currently logged into it. This information (including your IP address) is sent by your browser directly to a Facebook server in the USA, where it is stored. If you are logged into Facebook, it can directly assign the visit to our website to your Facebook account. When you interact with the plugins (such as by pressing the “LIKE” and “SHARE” buttons), the relevant information is also sent to a Facebook server, where it is stored. The information is also posted on Facebook and displayed to your Facebook friends. Facebook can use this information for the purposes of advertising, market research and needs-based design of Facebook pages. For this, Facebook compiles usage, interest and relation profiles to, for example, analyse your usage of our website regarding the adverts shown to you in Facebook, to inform other Facebook users of your activities on our website, and to provide other services associated with Facebook usage. If you do not want Facebook to assign to your account information collected by Facebook about our website, you must log out of Facebook before visiting our website. Please refer to the data privacy information of Facebook (https://www.facebook.com/about/privacy/) /) for the purpose and scope of data collection, other additional processing and use of data by Facebook, your rights in this regard and the setting options for protecting your privacy.

7 Rights of those affected

You have the right:

• • under the terms of Art. 15 GDPR, to request information about your personal data we process. In particular, you have the right to request information on the purpose of such data processing, the category of personal data, the categories of recipients to whom your data is or has been disclosed, the planned duration of storage, the existence of a right for correction, deletion and restriction of data processing, or raising an objection, the existence of a right to lodge a complaint, the origin of this data if not collected by us, as well as about automated decision processes, including potential profiling and meaningful information on the details where applicable;
• under the terms of Art. 16 GDPR, to request immediate completion of personal data, or correction of incorrect personal data, stored by us;
• • under the terms of Art. 17 GDPR, to request deletion of your personal data stored by us, except where the processing is required for the exercise of the right to freedom of expression and information, for the fulfilment of a legal obligation, for reasons of public interest or for the enforcement, exertion or defence of legal claims;
• under the terms of Art. 18 GDPR, to request the limitation of the processing of your personal data provided the correctness of the data is contested by you, its processing is unlawful but you reject its deletion and we no longer require this data, but you require this information to assert, exercise or defend legal claims, or you have objected to the processing of personal data in accordance with Art. 21 GDPR;
• under the terms of Art. 20 GDPR, to receive the personal data you have provided to us in a structured, common and machine-readable format, or to request it to be sent to another person/entity responsible.;
• under the terms of Art. 7 para. 3 GDPR, to revoke at any time your consent once issued to us. As a result, we are not allowed to continue the data processing based upon this consent for the future.
• • under the terms of Art. 77 GDPR, to lodge a complaint with a supervisory authority. In such cases, you can contact the supervisory authority for your usual location or workplace, or for our law office.

8 Right of objection

If your personal data is processed based on legitimate interests as laid down in Art. 6 para 1 sentence 1 lit. f GDPR, you have the right under Art. 21 GDPR to file an objection against the processing of your personal data provided there are grounds resulting from your specific situation or the objection is directed against direct advertising. For the latter, you have a general right of objection that is realised by us without specification of a particular situation. If you would like to enforce a right to revocation or objection, simply send an email to  info@neher-group.com

9 Data security

During website visits, we use the prevalent SSL (Secure Socket Layer) method in conjunction with the highest encryption level supported by your browser. This is generally 256-bit encryption. If your browser does not support 256-bit encryption, we use 128-bit v3 technology instead. You can tell whether an individual page of our website is encrypted by the locked key/lock icon in the lower status bar of your browser. We also deploy technical and organisational security measures to protect your data from accidental and wilful manipulation, partial and complete loss, corruption and unauthorised access by third parties. Our security measures are being improved continually in line with technological advancements.

10 Validity of and changes to this data privacy statement

This data privacy statement is currently valid (as of May 2018). Continued development of our website and product offering, as well as amendments to statutory and regulatory requirements, can mean it is necessary to make changes to this data privacy statement. The most recent version of the data privacy statement is available for reference at any time from http://ww.neher-group.com, and can be printed.