DATA PRIVACY STATEMENT

The following Data Privacy Statement applies to the use of the website https://www.teqport.com, referred to below as "website" and "online offer".

TEQPORT Services GmbH attaches great importance to data protection. We only collect and process your personal data in compliance with the applicable data protection regulations, in particular the General Data Protection Regulation (GDPR). We collect and process your personal data in order to be able to offer you this website. This Data Privacy Statement describes how and for what purpose your personal data is collected and used, and what options you have in this context.

By using this website, you consent to the collection, use and transmission of your data in accordance with this Data Privacy Statement. If you do not wish us to collect, process or use your data as a whole or for individual measures in accordance with this Data Privacy Statement, you can address your objection to the responsible party.

1 Responsible party

The party responsible for the collection, processing and use of your personal data as defined by the GDPR is:

TEQPORT Services GmbH
Merscheider Str. 3
D-42699 Solingen
Phone: +49 212 784 681 0
E-mail: info@teqport.com
Managing Director: Sebastian Neubeck, Lutz Arnold

1.2 General information

Types of data processed:

• Contact data (e.g. e-mail, telephone numbers);
• Content data (e.g. text input, photos, videos);
• Usage data (e.g. visited websites, interest in content, access times);
• Meta/Communication data (e.g. device information, IP addresses);

Categories of data subjects

Visitors and users of the online offer. In the following we also refer to the data subjects as "users".

Purpose of processing

• Provision of the online offer, its functions and contents;
• Responding to contact requests and communicating with users;
• Security measures;
• Measurement of usage/-marketing

Terms used

"Personal data" means any information relating to an identified or identifiable natural person (hereinafter referred to as "data subject"). A natural person is considered to be identifiable if he or she can be identified, directly or indirectly, in particular by assignment to an identifier such as a name, identification number, location data, online identifier (e.g. cookie) or to one or more special features that express the physical, physiological, genetic, psychological, economic, cultural or social identity of that natural person.

"Processing" means any operation carried out with or without the aid of automated procedures or any such series of operations in connection with personal data. The term is broad and covers practically every handling of data.

"Party responsible" means the natural or legal person, authority, institution or other body which, alone or jointly with others, decides on the purposes and means of processing personal data.

Hosting

The hosting services we use serve to provide the following services: infrastructure and platform services, computing capacity, memory space and database services, security services and technical maintenance services that we use for the purpose of operating this online offer.

We or our hosting provider process inventory data, contact data, content data, usage data, meta and communication data of customers, interested parties and visitors to this website on the basis of our legitimate interests in an efficient and secure provision of this online offer in accordance with Art. 6 para. 1 lit. f GDPR in conjunction with. Art. 28 GDPR (conclusion of an order-processing contract).

Cookies

Our website uses a session cookie as part of the "HTTPS-Check" online service to make automated requests through CAPTCHA more difficult.

2 General use of this website

2.1 Access data

TEQPORT collects information about you when you use this website. We automatically collect information about your usage behaviour and interaction with us and record data about your computer or mobile device. We collect, store and use data about every access to our online offer (server log files). The access data includes the name and URL of the accessed file, the date and time of access, the transferred data volume, the notification of successful access (HTTP response code), the browser type and browser version, the operating system, the referrer URL (i.e. the previously visited page), the IP address and the requesting provider.

We use this log data, without allocation to your person or other profiling, for statistical evaluations for the purpose of the operation, security and optimisation of our online offer, but also for anonymised recording of the number of visitors to our website (traffic) and the extent and type of use of our website and services. Based on this information, we can provide personalised and location-based content, analyse traffic, troubleshoot and correct errors, and improve our services. We reserve the right to check the log data subsequently if there is a justified suspicion of illegal use based on concrete evidence. We store IP addresses in the log files for a limited period of time, if this is necessary for security purposes or for the provision of services. We also store IP addresses if we have specific suspicions of a criminal offence in connection with the use of our website.

2.2 Contact via e-mail and contact form

If you contact us (e.g. via contact form or e-mail), we store your details for processing the enquiry and in the event that follow-up questions arise. We only store and use further personal data if you give your consent or if this is legally permissible without special consent.

2.3 Website traffic analysis with Matomo

Within the scope of Matomo's website traffic analysis and on the basis of our legitimate interests (i.e. interest in analysing and optimising our online offer as defined by Art. 6 para. 1 lit. f. GDPR), the following data is processed: your browser type and version, the operating system you use, your country of origin, date and time of the server request, the number of visits, your time spent on the website and the external links you click. The IP address of the users is anonymised before it is stored. Matomo uses cookies, which are stored on the user's computer, and which enable an analysis of the use of our online offer by the user. Pseudonymous user profiles can be created from the processed data. The cookies are stored for one week. The information generated by the cookie about your use of this website is only stored on our server and not disclosed to third parties. Users can object to the anonymised data collection by the Matomo program at any time with effect for the future by clicking on the link below. In this case, an opt-out cookie is stored in your browser, which means that Matomo no longer collects any session data. If users delete their cookies, however, this means that the opt-out cookie is also deleted and must therefore be activated again by the users.

2.4 Integration of third-party services and content

We use content or service offers from third-party providers in our online offer based on our legitimate interests (i.e. interest in the analysis, optimisation and commercial operation of our online offer as defined by Art. 6 para. 1 lit. f. GDPR) to incorporate their content and services, such as videos or fonts (hereinafter referred to as "content").

This always requires that the third-party providers of this content know the IP address of the users, since without the IP address they could not send the content to their browsers. The IP address is therefore required for the display of this content. We make every effort to use only content, the respective providers of which use the IP address only to deliver the content. Third-party providers may also use pixel tags (invisible graphics, also known as "web beacons") for statistical or marketing purposes. Pixel tags can be used to evaluate information such as visitor traffic on the pages of this website. The pseudonymous information may also be stored in cookies on the user's device and may include technical information about the browser and operating system, referring websites, visit time and other information about the use of our online offer, and linked to such information from other sources.

Google Maps

We integrate the maps of the "Google Maps" service provided by Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland. Processed data may contain the users IP-address and location data. These data will only be collected by the users consent, which is granted via the mobile devices settings.
Data may be processed in the United States of America.

Data Privacy Statement: https://www.google.com/policies/privacy/, Opt-Out: https://adssettings.google.com/authenticated.

2.5 Online presence in social media

We maintain online presences within social networks and platforms, in order to communicate with active customers, interested parties and users and to inform them about our services. When accessing the respective networks and platforms, the terms and conditions and the data processing guidelines of their respective operators apply.

Unless otherwise stated in our Data Privacy Statement, we process the data of users, in as much as they communicate with us within social networks and platforms, e.g. write articles on our websites or send us messages.

XING

The "XING Share Button" is used on this website. Using this button connects you to XING AG servers ("XING") via your browser, which are used to provide the functions of the "XING Share Button" (in particular the calculation/display of the counter value). XING does not store any personal data about you when you access this website. In particular, XING does not store any IP addresses. Nor is your usage behaviour in connection with the "XING Share Button" evaluated using cookies. The latest data protection information on the "XING Share Button" and additional information can be found on this website: https://www.xing.com/app/share?op=data_protection

LinkedIn

Our online offer may contain functions and contents of the LinkedIn service, offered by LinkedIn Ireland Unlimited Company Wilton Place, Dublin 2, Ireland. This may include, for example, content such as images, videos or texts and buttons for users to express their appreciation of the content, subscribe to the authors of the content or our contributions. If the users are members of the LinkedIn platform, LinkedIn can assign the usage of the above-mentioned contents and functions to such profiles of the users. The Data Privacy Statement of LinkedIn: https://www.linkedin.com/legal/privacy-policy. LinkedIn is certified under the Privacy Shield Agreement, thus guaranteeing its compliance with European data protection law( https://www.privacyshield.gov/participant?id=a2zt0000000L0UZAA0&status=Active).
Data Privacy Statement: https://www.linkedin.com/legal/privacy-policy?_l=en_US
Opt-Out: https://www.linkedin.com/psettings/guest-controls/retargeting-opt-out.

Use of Facebook Social Plugins

On the basis of our legitimate interests (i.e. interest in the analysis, optimisation and commercial operation of our online offer as defined by Art. 6 para. 1 lit. f. GDPR) we use Social Plugins ("plugins") of the social network facebook.com, which is operated by Facebook Ireland Ltd, 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland ("Facebook"). The plugins can display interaction elements or content (e.g. videos, graphics or text contributions) and are identified by one of the Facebook logos (white "f" on blue tile, the terms "Like", "Gefällt mir" or a "thumbs up" symbol) or are marked with the addition "Facebook Social Plugin". The list and appearance of Facebook Social Plugins can be viewed here: https://developers.facebook.com/docs/plugins/.

Facebook is certified under the Privacy Shield Agreement, which guarantees its compliance with European data protection law ( https://www.privacyshield.gov/participant?id=a2zt0000000GnywAAC&status=Active).

When a user calls up a function of this online offer that contains such a plugin, his/her device establishes a direct connection to the Facebook servers. The content of the plugin is transmitted by Facebook directly to the user's device and integrated into the online offer. The processed data can be used to create user profiles. We therefore have no influence on the amount of data Facebook collects with the help of this plugin and therefore inform users according to our level of knowledge.

By integrating the plugins, Facebook receives information that a user has called up on the corresponding page of the online offer. If the user is logged in to Facebook, Facebook can assign the visit to that user's Facebook account. When users interact with the plugins, e.g. clicking the Like button or posting a comment, the information is sent directly from your device to Facebook and stored there. If a user is not a member of Facebook, it is still possible for Facebook to obtain and store their IP address. According to Facebook, only an anonymised IP address is stored in Germany.

The purpose and scope of the data collection and the further processing and use of the data by Facebook, as well as the relevant rights and setting options for the protection of the privacy of users, can be found in the Facebook Data Privacy Statement:
https://www.facebook.com/about/privacy/.

If a user is a Facebook member and does not want Facebook to collect data about them via this online offer and link it to their membership data stored on Facebook, the user must log out of Facebook before using our online offer and delete his/her cookies. Further settings and objections to the use of data for advertising purposes are possible in the Facebook profile settings: https://www.facebook.com/settings?tab=ads or via the US website http://www.aboutads.info/choices/ or the EU website http://www.youronlinechoices.com/. The settings are platform-independent, i.e. they are applied to all devices, such as desktop computers and mobile devices.

2.6 Legal basis and duration of storage

The legal basis for data processing in accordance with the above sections is Art 6 para. 1 lit. f) GDPR. Our interests in data processing are in particular to ensure the operation and security of the website, to investigate the manner in which visitors use the website, and to simplify the use of the website.

Unless specifically stated, we only store personal data for as long as is necessary to fulfil the purposes pursued.

3 Your rights as a Data Subject

According to the applicable laws, you have various rights regarding your personal data. If you wish to assert these rights, please direct your request to the website operator by e-mail or by post, clearly identifying yourself (see section 1). As a Data Subject, you have the following rights:

3.1 Right to access/information

You have the right to receive confirmation from us at any time as to whether we are processing personal data concerning you. If this is the case, you have the right to receive from us free of charge information about the personal data stored about you together with a copy of this data. You also have the following rights:

• To be told the purposes of the processing;
• To be told the categories of personal data processed;
• To be told the recipients or categories of recipient to whom the personal data have been or will be disclosed, in particular recipients in other countries or international organisations;
• To be told, where possible, the envisaged period for which the personal data will be stored, or, if not possible, the criteria used to determine that period;
• To request rectification or erasure of the personal data concerning you;
• To restrict processing by the party responsible
• To object to such processing;
• To lodge a complaint with a supervisory authority;
• Where the personal data are not collected from you, to any available information as to their source;
• To be informed about the existence of automated decision-making, including profiling, referred to in Art. 22 para. 1 and 4 and, at least in those cases, to meaningful information about the logic involved, as well as the significance and the envisaged consequences of such processing for you.

When personal data are transmitted to another country or an international organisation, you have the right to be informed of the appropriate guarantees under Article 46 GDPR in relation to the transmission.

3.2 Right to rectification

You have the right to request us to rectify any inaccurate personal data concerning you without delay. Taking into account the purposes, you have the right to request the completion of incomplete personal data, also by means of a supplementary declaration.

3.3 Right to erasure ("right to be forgotten")

You have the right to request us to delete personal data concerning you immediately and we are obliged to delete personal data immediately if one of the following reasons applies:

• The personal data are no longer necessary for the purposes for which they were collected or otherwise processed.
• You revoke your consent on which the processing was based pursuant to Art. 6 para. 1 GDPR or Art. 9 para. 2 lit. a GDPR, and there is no other legal basis for the processing.
• You file an objection to the processing pursuant to Art. 21 para. 1 GDPR and there are no overriding legitimate reasons for the processing (e.g. statutory retention periods), or you file an objection to the processing pursuant to Art. 21 para. 2 GDPR.
• The personal data have been processed unlawfully.
• The erasure of personal data is necessary to fulfil a legal obligation under Union law or the law of the Member States to which we are subject.
• The personal data have been collected in relation to information society services provided in accordance with Art. 8 para. 1 GDPR.

If we have made personal data public and we are obliged to erase it, we will take appropriate measures, including technical measures, taking into account the available technology and implementation costs, to inform processors who process the personal data that you have requested them to delete all links to this personal data or copies or replications of this personal data.

3.4 Right to restriction of processing

You have the right to request us to restrict processing if one of the following conditions applies:

• The accuracy of the personal data is challenged by you for a period of time that enables us to verify the accuracy of the personal data;
• The processing is unlawful and you refused to delete the personal data and instead requested that the use of the personal data be restricted;
• The personal data is no longer needed for the purposes of processing, but you need the data to assert, exercise or defend legal claims;
• You have lodged an objection to the processing pursuant to Art. 21 para. 1 GDPR, as long as it is not yet clear whether the justified reasons of our company outweigh your reasons.

3.5 Right to data portability

You have the right to receive the personal data concerning you that you have provided to us in a structured, customary and machine-readable format, and you have the right to transmit this data to another party responsible without our interference, provided that

• The processing is based on consent pursuant to Art. 6 para. 1 lit. a GDPR or Art. 9 para. 2 lit. a GGDPR or on a contract pursuant to Art. 6 para. 1 lit. b GDPR, and
• The processing is carried out using automated methods.

When exercising your right to data portability pursuant to paragraph 1, you have the right to request that the personal data be transferred directly by us to another controller, insofar as this is technically feasible.

3.6 Right to object

You have the right to object at any time to the processing of personal data concerning you on the basis of Art. 6 para. 1 lit. e or f GDPR for reasons arising from your particular situation; this also applies to profiling based on these provisions. We no longer process personal data unless we can prove compelling grounds for processing that outweigh your interests, rights and freedoms, or the processing serves to assert, exercise or defend legal claims.

If we process personal data for direct marketing purposes, you have the right to object at any time to the processing of personal data concerning you for the purpose of such advertising; this also applies to profiling, insofar as it is associated with such direct marketing.

You have the right to object on grounds arising from your particular situation to the processing of personal data concerning you, for scientific or historical research purposes or for statistical purposes in accordance with Art. 9 para. 1 GDPR, unless the processing is necessary for the fulfilment of a task in the public interest.

3.7 Automated decisions including profiling

You have the right not to be subject to a decision based exclusively on automated processing – including profiling – that has legal effect against you or significantly impairs you in a similar manner.

3.8 Right to revoke consent under data protection law

You have the right to revoke your consent to the processing of personal data at any time.

3.9 Right to lodge a complaint with a supervisory authority

You have the right of appeal to a supervisory authority, in particular in the Member State where you reside, work, or at the place of the alleged infringement, if you believe that the processing of personal data concerning you is unlawful.
Supervisory authority responsible for TEQPORT: LDI NRW Landesbeauftragte für Datenschutz und Informationsfreiheit Nordrhein-Westfalen, Postfach 20 04 44, 40102 Düsseldorf

4 Data security

We strive to ensure the security of your personal data within the scope of the applicable data protection laws and technical possibilities.

We encrypt the transmission of your personal data. This applies to your orders and also to the customer login. We use SSL (Secure Socket Layer), but point out that data transmission via the Internet (e.g. communication by e-mail) can have security gaps. A complete protection of data against access by third parties is not possible.

To secure your data, we maintain technical and organisational security measures which we constantly adapt to the state of the art.

Furthermore, we do not guarantee that our offer will be available at certain times; disruptions, interruptions or failures cannot be ruled out. The servers we use are regularly and carefully secured.

5 Automated decision-making

Automated decision-making based on the personal data collected does not take place.

6 Disclosure of data to third parties, no data transmission into non-EU countries, non-EEA countries

We only use your personal data within our company.

If and to the extent that we involve third parties to fulfil contracts, they receive personal data only to the extent to which the transmission is necessary for the corresponding service.

In the event that we outsource certain parts of data processing ("contracted processing"), we contractually oblige our processors to use personal data only in accordance with the requirements of data protection laws and to ensure the protection of the rights of the data subject.

No data is or is planned to be transmitted to places or persons outside the EU or outside the cases mentioned in this Data Privacy Statement.

7 Data Protection Officer

If you have any questions about our data protection or this Data Privacy Statement, or if you would like to exercise your rights, please contact our Data Protection Officer at datenschutz@teqport.com / datenschutz@wupp.it or in writing to TEQPORT Services GmbH (for contact data see section 1 and the Legal Notice) adding "Datenschutz".

8 Changes to the Data Privacy Statement

TEQPORT Services GmbH reserves the right to change the Data Privacy Statement, in order to adapt it to changed legal situations or in the event of changes to the service or data processing. However, this only applies with regard to declarations on data processing. If the consent of users is required or components of the Data Privacy Statement contain provisions of the contractual relationship with the users, the changes will only be made with the users' consent.

Users are asked to inform themselves regularly about the contents of the Data Privacy Statement. You can save and print this Data Privacy Statement at any time.

(Issued: November 2021)