PRIVACY POLICY

1 DATA PROTECTION

TAURUS Systems GmbH (hereinafter "TSG” or "we“/"us") appreciates your visit to our internet pages and mobile applications (together also referred to as "Online Offerings") and your interest in our company and our products. The protection of your privacy throughout the course of processing personal data as well as the security of all business data is an important concern to us. We process personal data that was gathered during your visit to our Online Offerings in confidence and only in accordance with statutory regulations. Data protection and information security are included in our corporate policy.

2 CONTROLLER

TSG is the controller responsible for the processing of your data; exceptions are outlined in this data protection notice. Our contact details are as follows:

TAURUS Systems GmbH
Hagenauer Forst 27
86529 Schrobenhausen
phone: +49 8252 996766
e-mail: info@taurus-systems.de
Link to the impressum: https://taurus-systems.de/disclaimer/

The contact details of our Data Protection Officer are as follows:

TAURUS Systems GmbH
Data Protection Officer
Hagenauer Forst 27
86529 Schrobenhausen
e-mail: datenschutz@mbda-systems.de

3 PROCESSING OF PERSONAL DATA

3.1 Principles

Personal data consists of all information related to an identified or identifiable natural person; this includes, e.g. names, addresses, phone numbers, e-mail addresses, contractual master data, contract accounting and payment data, which is an expression of a person's identity. We collect, process and use personal data (including IP-addresses) only when there is either a statutory legal basis to do so or you have given your consent to the processing or use of personal data concerning this matter, e.g. by means of registration.

3.2 Processed categories of data

The following categories of data are processed: • Communication Data/Log-Files (e.g. IP-address)

3.3 Processing purposes and legal bases

We and service providers commissioned by us process your personal data for the following processing purposes:

• Performance of a contract (preparation, performance, termination):

o Granting access to certain information and offers.

• Legitimate interests pursued by TSG

o Justification or protection of legal claims or defence against lawsuits

o Prevention of abuse or other illegal activities

o Ensuring data security

3.4 Log-Files

Every time you use the internet, your browser transmits certain information which we store in so-called log files (e.g. internet browser and operating system used; domain name of the website from which you were referred, number of visits, average time spent on our website, pages viewed). This information is not assigned to a specific person. We save log files for a short time solely to determine disturbances and for security reasons (e.g. to clarify attack attempts) and delete them afterwards. Log files which need to be maintained for evidence purposes are excluded from deletion until the respective incident has been completely resolved and may, on a case-by-case basis, be passed on to investigating authorities.

4 OBLIGATION TO PROVIDE PERSONAL DATA

If an agreement is in place between TSG and you, you are obliged to provide those personal data which are required for commencing, executing and terminating a business relationship and for compliance with the associated contractual obligations or the collection of which is imposed upon us by law. Without these data, we will generally not be able to enter into agreements with you, to perform under such an agreement or to terminate it. Where the processing of data in connection with the use of this website is not required for commencing, performing or terminating a contractual relationship or for complying with contractual obligations and is not imposed by law, provision of your data is voluntary. Please keep in mind that certain functionalities of the website or services may not be available if the required data are withheld.

5 CHILDREN

TSG will not knowingly process personal data of children without explicitly pointing out that such data should only be transmitted with the consent of the legal guardians or if this is provided for by applicable legal provisions. The personal data of children will only be used or passed on by TSG, insofar as this is permitted by law, to obtain the parental consent required by law or to protect the children.

6 DATA TRANSFER

6.1 Data transfer to other controllers

As a matter of principle, your personal data is forwarded to other controllers only when required for the fulfilment of a contract, in a case where we or the third party have a legitimate interest in the transfer, or when your consent has been given. Third parties may also be other companies of the MBDA group. When data is transferred to third parties based on a justified interest, this is explained in this data protection notice. Additionally, data may be transferred to other controllers when we are obliged to do so due to statutory regulations or enforceable administrative or judicial orders.

6.2 Service providers

We have commissioned external service providers with tasks such as sales and marketing services, contract management, payment handling, programming, data hosting and hotline services. We have chosen these service providers carefully and review them regularly, especially regarding their diligent handling and protection of the data that they have stored. All service providers are obliged to maintain confidentiality and to abide by the statutory provisions. Service providers may also be other MBDA group companies.

7 TRANSFER TO RECIPIENTS OUTSIDE THE EEA

We can also transfer personal data to recipients located outside the EEA in so-called third countries. In such cases, we ensure prior to the transfer that the data recipient either provides an appropriate level of data protection (e.g. due to a decision of adequacy by the European Commission for the respective country or due to the agreement based on so-called EU model clauses with the recipient) or that you have consented to the transfer.

8 DURATION OF STORAGE; RETENTION PERIODS

Principally, we store your data for as long as it is necessary to render our Online Offerings and the services connected to them or for as long as we have a justified interest in storing the data (e.g. we might still have a justified interest in marketing by mail upon fulfilment of a contract). In all other cases we erase your personal data with the exception of data we must store to fulfil legal obligations (e.g. we are obliged due to retention periods under the tax and commercial codes to have documents such as contracts and invoices available for a certain period of time).

9 COOKIES

Cookies are small text files that are being stored on your computer when an Online Offering is visited. When you access this Online Offering another time, your browser sends the cookies' content back to the respective provider and, thus, allows the re-identification of the terminal device. Reading the cookies allows us to design our Online Offerings optimally for you and makes it easier for you to use them (e.g. by saving a user password). If you do not want TSG to reidentify your computer, please set your internet browser so that it deletes cookies from your hard drive, blocks all cookies or warns you before a cookie is stored.

10 WEB ANALYSIS

We do not use web analysis tools.

11 EXTERAL LINKS

Our Online Offerings may contain links to third party internet pages – by providers who are not associated with us. Upon clicking the link, we have no influence on collecting, processing and using personal data possibly transmitted by clicking the link to the third party (such as the IP-address or the URL of the site on which the link is located) as the behaviour of third parties is naturally outside our sphere of influence. We do not assume responsibility for the processing of such personal data by third parties.

12 SECURITY

Our employees and the companies providing services on our behalf are committed to confidentiality and compliance with the applicable data protection laws. We take all necessary technical and organisational measures to ensure an appropriate level of security and to protect your data that are administrated by us especially from the risks of unintended or unlawful destruction, manipulation, loss, change or unauthorized disclosure or unauthorized access. Our security measures are, pursuant to technological progress, constantly being improved.

13 USER RIGHTS

To enforce your rights, please use the details provided in the Controller section. In doing so, please ensure that an unambiguous identification of your person is possible. You have the right to obtain confirmation from us about whether or not your personal data is being processed, and, if this is the case, access to your personal data. You have the right of rectification of inaccurate personal data of yours without undue delay by us. Taking into account the purposes of the processing, you have the right to have incomplete personal data completed, including by means of providing a supplementary statement. This does not apply to data which is necessary for billing or accounting purposes or which is subject to a statutory retention period. If access to such data is not required, however, its processing is restricted (see the following). Provided statutory requirements are fulfilled, you have the right to demand request restriction of the processing of your data.

OBJECTION TO DATA PROCESSING:

You have the right to object to data processing by us at any time. We will no longer process the personal data unless we demonstrate compliance with legal requirements or state valid reasons for the further processing which are beyond your interests, rights and freedoms or for the establishment, exercise or defence of legal claims.

OBJECTION TO DIRECT MARKETING

Additionally, you may object to the processing of your personal data for direct marketing purposes at any time. Please take into account that, due to organisational reasons, there might be an overlap between your objection and the usage of your data within the scope of a campaign which is already running.

OBJECTION TO DATA PROCESSING BASED ON THE LEGAL BASIS OF “JUSTIFIED INTEREST”:

In addition, you have the right to object to the processing of your personal data any time, insofar as this is based on the legal basis of justified interest. We will then terminate the processing of your data, unless we demonstrate compelling legitimate grounds according to legal requirements for processing, which override your rights.

WITHDRAWAL OF CONSENT:

In case you consented to the processing of your data, you have the right to withdraw this consent with immediate effect. The legality of data processing prior to your revocation remains unchanged.

14 DATA PORTABILITY

You are entitled to receive data that you have provided to us in a structured, commonly used and machine-readable format or – if technically feasible – to demand that we transfer those data to a third party.

15 RIGHT OF COMPLAINT WITH SUPERVISORY AUTHORITY

You have the right to lodge a complaint with a supervisory authority. You can appeal to the supervisory authority which has jurisdiction for your place of residence or your state or to the supervisory authority having jurisdiction for us. This is:

Bayerisches Landesamt für Datenschutzaufsicht
P.O. Box 606
91511 Ansbach
phone: +49 981 53 1300
fax: +49 981 53 98 1300
e-mail: poststelle@lda.bayern.de

16 COPYRIGHT

Copyright TAURUS Systems GmbH. All rights reserved. All texts, pictures, graphics, sound, video and animation files as well as their arrangements are subject to copyright and other laws for the protection of intellectual property. They may not be copied for commercial purposes or for distribution, nor may they be modified and used on other websites. Some internet pages of TAURUS Systems GmbH also contain material that is subject to the copyright of those who have made it available.

17 CHANGES TO THE DATA PROTECTION NOTICE

We reserve the right to change our security and data protection measures if this is required due to technical development. In such cases, we will amend our data protection notice accordingly. Please therefore observe the current version of our data protection notice, as this is subject to change.

As of: 2018-07-23