General Data Privacy Declaration

imc Test & Measurement GmbH

(in the following “imc”)

imc takes data protection very seriously. We adhere to the requirements of the following privacy policy in accordance with the EU Data Protection Regulation (GDPR, (“DSGVO“)), the Federal Data Protection Act (“BDSG”) and the Telecommunications Telemedia Data Protection Act (“TTDSG”):

1. Name and contact details of the controller and the company data protection officer

This data protection declaration applies to data processing by:

imc Test & Measurement GmbH

Voltastraße 5

13355 Berlin (Germany)

E-Mail: datenschutz@imc-tm.de

Website: www.imc-tm.com

2. Collection and storage of personal data, as well as the type and purpose of such data and their use

When you engage us, we collect the following information:

• Salutation, first name, last name,
• company data,
• a valid e-mail address,
• address,
• telephone number (landline and/or mobile)
• information necessary for the implementation of the contractual services and counter-performances

The collection of this data is done,

• to be able to identify you as our customer
• for correspondence with you;
• to process your or our orders;
• for invoicing purposes.

The data processing is carried out in response to your request and is necessary according to Art. 6 para. 1 p. 1 lit. b GDPR for the aforementioned purposes for the appropriate processing of the contract and for the mutual fulfillment of obligations arising from the contract.

The personal data collected by us for the processing of the contract will be stored until the expiry of the statutory limitation period (3 years after the end of the calendar year in which the contract was terminated, sec. 195 German Civil Code (“Bürgerliches Gesetzbuch, “BGB”)) and thereafter deleted, unless we are required pursuant to Art. 6 para. 1 S. 1 lit. c GDPR to store data for a longer period due to tax and commercial law retention and documentation obligations (from German Tax and Commercial Law obligations) or you have consented to storage beyond this period in accordance with Art. 6 Para. 1 S. 1 lit. a GDPR.

3. Disclosure of data to third parties and within the imc group, data security

• Your personal data will not be transferred to third parties for purposes other than those listed below:
• Within imc group companies, your personal data may be transferred to imc group companies and their affiliated sales and service partners (see: https://www.imc-tm.com/our-partners/distributor/) in order to process any existing contractual relationship with you or to protect legitimate interests. In addition, there may be intra-group data transfers due to commissioned processing in accordance with Art. 28 GDPR. In the event of data transfer abroad, this will take place within the EU or the European Economic Area or in a country that has an adequate level of data protection according to the decision of the EU Commission. In the case of data transfers to imc group companies based in other countries, imc guarantees that the imc group companies importing the data are obliged to comply with an appropriate level of data protection. This applies in particular to data transfers to the USA, which are carried out on the basis of current standard contractual clauses and additional security measures.
• Insofar as this is necessary for the processing of contracts with you according to Art. 6 para. 1 p. 1 lit. b GDPR, your personal data will be passed on to third parties. This includes in particular the disclosure to suppliers / subcontractors. The data passed on may be used by the third party exclusively for the purposes stated.
• Furthermore, we use order processors bound by instructions according to Art. 28 GDPR, for example for logistics or IT services.

Pursuant to Artt. 5, 32 GDPR, we take the organizational and technical measures necessary to protect personal data that are risk-adequate and reasonable. We use appropriate technical and security measures to protect your data against accidental or intentional manipulation, partial or complete loss, destruction or against unauthorized access by third parties. Our security measures are continuously improved in line with technological developments.

4. Data subject rights

You have the right

• in accordance with Art. 7 (3) GDPR to revoke your consent once given to us at any time. This has the consequence that we may no longer continue the data processing based on this consent for the future;
• to request information about your personal data processed by us in accordance with Art. 15 GDPR. In particular, you may request information about the processing purposes, the category of personal data, the categories of recipients to whom your data have been or will be disclosed, the planned storage period, the existence of a right to rectification, erasure, restriction of processing or objection, the existence of a right of complaint, the origin of your data if it has not been collected by us, and the existence of automated decision-making, including profiling, and, if applicable, meaningful information about its details;
• pursuant to Art. 16 GDPR, to request the correction of incorrect or incomplete personal data stored by us without undue delay;
• pursuant to Art. 17 GDPR, to request the erasure of your personal data stored by us, unless the processing is necessary for the exercise of the right to freedom of expression and information, for compliance with a legal obligation, for reasons of public interest or for the establishment, exercise or defense of legal claims;
• pursuant to Art. 18 GDPR, to request the restriction of the processing of your personal data, insofar as the accuracy of the data is disputed by you, the processing is unlawful, but you object to its erasure and we no longer require the data, but you need it for the assertion, exercise or defense of legal claims or you have objected to the processing pursuant to Art. 21 GDPR;
• pursuant to Art. 20 GDPR, to receive your personal data that you have provided to us in a structured, common and machine-readable format or to request the transfer to another controller; and
• complain to a supervisory authority in accordance with Art. 77 GDPR. As a rule, you can contact the supervisory authority of your usual place of residence or workplace or our registered office for this purpose.

5. Right of objection

If your personal data is processed on the basis of legitimate interests pursuant to Art. 6 (1) p. 1 lit. f GDPR, you have the right to object to the processing of your personal data pursuant to Art. 21 GDPR, provided that there are grounds for doing so that arise from your particular situation.

If you wish to exercise your right to object, simply send an e-mail to datenschutz@imc-tm.de.

6. Data collection via our website

For data collection via our website (including newsletter requests), the separately available privacy policy at https://www.imc-tm.com/about-imc/privacy/ applies.

7. Who is my contact person if I have questions about data protection?

If you have any questions or suggestions, you can contact the imc data protection officer at any time:

imc Test & Measurement GmbH

Data Protection Officer

Max-Planck-Str. 22b

D-61381 Friedrichsdorf/Ts.

E-mail: datenschutz@imc-tm.de

8. How long is this Privacy Policy valid?

This Privacy Policy is current and dated December 2022. We reserve the right to change this Privacy Policy at any time, effective for the future, as necessary, in particular to adapt it to future website developments or to implement new technologies.