Ensuring confidentiality, data privacy and data security is of the utmost importance to us. The most significant rules in this regard are set out with binding effect for all members of staff in our Code of Conduct and in our information security and data privacy policies.
Furthermore, our established structures ensure that personal data is handled in conformity with all laws. In this regard, our Data Protection Officer assumes all functions, responsibilities and rights as set out according to the Federal Data Protection Act (BDSG). His tasks include, among others, working to ensure adherence to provisions governing data privacy, e.g. monitoring the proper use of programs that are used to process personal data. Sharing knowledge about data privacy and drawing up the annual activity report also form part of his scope of duties. We are making intensive preparations for the entry into force effective May 2018 of the EU General Data Protection Regulation (GDPR). The GDPR is an important step towards a harmonised single European market and hence a consistent level of data protection Europe-wide.
No complaints were received about privacy breaches affecting personal data or the loss of such data during the period under review. There was therefore no requirement to fulfil the duty to notify data breaches pursuant to § 42a BDSG.