innogy SE (hereinafter referred to as “the Company”), Opernplatz 1, 45128 Essen, Germany, T 0800 9944009, F 0800 9944099, e-mail email@example.com is responsible for processing personal data.
To enable shareholders to participate in and exercise their rights at the General Meeting, the Company must process personal data that it receives directly from the shareholder (e.g. when motions are filed) or indirectly above all from the depositary banks. This personal data primarily includes the name, place of residence and possibly further shareholder contact information, the number of shares held, the type of share ownership and the admission ticket number. The legal basis for data processing can be found in Article 6, Paragraph 1(c) of the German General Data Protection Regulation in conjunction with national provisions, in particular in conjunction with the German Stock Corporation Act.
As a rule, personal data is anonymised or deleted as soon as it is no longer needed for the aforementioned purpose and as long as it is not required to fulfil legal documentation or archiving duties (in particular arising from the German Stock Corporation Act, the German Commercial Code and the German Tax Code) requiring their extended storage, which normally lasts up to three years, or there are no legal grounds justifying longer storage periods. To safeguard the Company's justified interests, it may be justified to archive such data until the end of the eleventh year from its collection or – in individual cases – even longer than that.
Some personal data is processed by other external companies involved in carrying out the General Meeting on commission from the Company ("Contracted Data Processing Entities", in particular IT service providers and other AGM service providers) and – in isolated cases – for instance to issue legally mandated voting right notifications by publication media as well. In addition, personal data of participating shareholders recorded in the participants' register in accordance with Section 129 of the German Stock Corporation Act can be viewed by co-shareholders.
Statutory regulations grant shareholders the right to be informed of, correct, delete, limit the processing of, and object to the processing and transfer of their personal data. These rights can be exercised vis-à-vis the Company, which can be reached using the aforementioned contact information. Furthermore, shareholders are entitled to file a complaint with a regulatory authority, in particular in the member state of their place of residence, their place of work or the place of the alleged infringement. The regulatory authority of relevance to the Company is the Information Security and Data Protection Bureau of the State of North Rhine-Westphalia.
In addition, shareholders can contact the Company's Data Privacy Officer at the e-mail address firstname.lastname@example.org.
Additional information on data privacy can be found on the Company’s website iam.innogy.com (footnote: “Data privacy”).
Last updated: January 2020