Data protection is something BASF SE (hereinafter also referred to as “we”) takes very seriously. As you know, we are legally obligated to main a share register. In the following, we will inform you about how we process your personal data when you provide us with personal data for the share register via our website www.basf.com/hv-service, in writing or by email, or if you inform us about changes to your personal data that is stored in the BASF SE share register. We would also like to inform you about your data protection rights.
Information about your personal data that we collect and retain when you visit our website can be found here.
The controller in accordance with data protection policies is:
67056 Ludwigshafen, Germany
Phone: +49 (621) 60-0
Our Data Protection Officer can be reached by post at the above mailing address (please add “Data Protection Officer Alexandra Haug” as the recipient) or by email at firstname.lastname@example.org
We process your personal data in accordance with the E.U. General Data Protection Regulation (GDPR), the German Federal Data Protection Act (Bundesdatenschutzgesetz, BDSG), the German Stock Corporation Act (Aktiengesetz, AktG) and all other relevant legislation.
BASF SE’s shares are registered shares. According to Section 67 of the German Stock Corporation Act, registered shares are to be recorded in the Company’s share register listing the name, date of birth and address of the shareholder as well as the number of shares held. The shareholder is obligated to provide this information to the Company.
The credit institutions through which you purchase or hold your BASF SE registered shares regularly pass on information to us on your behalf which is relevant for the maintenance of the share register (e.g., also nationality and, where applicable, the sector in which you work). This occurs via Clear-stream Banking Frankfurt, the central depositary that carries out the technical settlement of securities transactions and holds the shares on behalf of the credit institutions. If you sell your shares, the new owner’s credit institution will inform us of this.
Prior to the Annual Shareholders’ Meeting of BASF SE, you can inform us via our website about any changes in your address, email address or, if applicable, your proxy and instructions.
If you make use of this possibility, we will process the personal data you provide only for the purpose of updating our share register with this information.
In addition, we process your personal data for handling the order of admission tickets for the Annual Shareholders’ Meeting of BASF SE via our website.
The legal basis for the processing of your personal data is the German Stock Corporation Act in connection with Article 6 (1) (c) GDPR.
Should we want to process your personal data for a purpose not mentioned above, we will inform you in advance in accordance with the statutory provisions.
External service providers:
We sometimes use external service providers for the administration and technical management of the share register (share register service company, IT service provider) as well as to put on the Annual Shareholders’ Meeting (annual meeting service provider).
Furthermore, we may transmit your personal data to other recipients, such as public authorities in order to meet statutory disclosure obligations (e.g., when legally defined voting rights thresholds are exceeded).
We delete your personal data as soon as it is no longer needed for the abovementioned purposes. However, we may need to store personal data for the period during which claims can be made against our Company (statutory limitation period of three years or as long as 30 years). As a rule, we save your personal data to the extent we are required to do so by law. The obligations to provide and retain supporting documents arise from the German Commercial Code, the German Fiscal Code and the German Money Laundering Act, among others. These establish storage periods of up to 10 years.
We do not intend to transmit your data to a third country outside of the European Economic Area (EEA) or an international organization. In the event that we transmit personal data to service providers outside of the European Economic Area (EEA), the transmission only occurs if the European Commission has confirmed that the third country offers an adequate level of data protection or if other appropriate safeguards (e.g., making use of binding corporate rules on data protection or standard data protection clauses adopted by the European Commission) are in place. Detailed information about this as well as about data protection at our service providers in third countries can be obtained via the contact information listed above.
You can request information from the controller named in this data protection declaration about your stored personal data. Furthermore, under certain conditions, you can demand the correction or deletion of your personal data. Moreover, you may have the right to limit the processing of your personal data as well as the right to have the personal data you have provided released in a structured, commonplace and machine readable format.
You have the possibility to contact the abovementioned Data Protection Officer or a data protection supervisory authority. The data protection supervisory authority responsible for us is:
Der Landesbeauftragte für den Datenschutz und die Informationsfreiheit Rheinland-Pfalz
Hintere Bleiche 34
55116 Mainz, Germany