Protecting the security and privacy of your personal data is important to HARTMANN. Therefore, HARTMANN (“HARTMANN“ shall mean the PAUL HARTMANN AG, and any of its direct or indirect subsidiaries) operates this websites and its pages (hereafter referred to as the “Website”) in compliance with applicable laws on data protection and data security.

In the following, we provide information on the kinds of data we collect on the Website, the purposes for which we use such data, and the parties with which we share such data, where applicable.

Data We Collect

We employ cookies on the Website. You will find additional information on this subject in our Cookie Policy. This policy also tells you how to block the use of cookies and the use of data collected by cookies in anonymized or pseudonymized usage profiles.

Accesses to the Website are logged for the purpose of security analysis reports and to defend against cyber-attacks. With the exception of the IP address, no personal data is ever collected or used in this connection. IP addresses are analyzed only in the event of a cyber-attack. Log data is promptly deleted on a regular basis.

In addition, we collect personal data (e.g. names, addresses, telephone numbers, or e-mail addresses) in connection with the operation of the Website only when you have voluntarily provided such data to us (e.g. through registration, contact inquiries, surveys, etc.) and when we are entitled to process or use such data by virtue of permission granted by you or on the basis of a statutory provision.

Purpose of Processing

Our guiding principle is that we use such data only for the purpose for which you divulged the data to us, such as to answer your inquiries, process your orders, or grant you access to certain information or offerings. We must always have a legal basis for processing your information. Examples of these legal basis are explained below:

Consent - HARTMANN will ask you for permission so that we can store and process your data. We will supply full details of why and how we wish to use your data. You may withdraw your consent at any time. For example; HARTMANN may use consent when we’re asking you to confirm your marketing preferences.

Contractual - When using some of our services we may enter into a contract to which you are a party. These contracts may influence the processing of personal data as we comply with contractual and regulatory requirements. For example; HARTMANN may use consent when we’re asking you to confirm your marketing preferences.

Legal Obligation - HARTMANN may be under a legal obligation to hold and disclose your personal data. For example; We may be asked to share your data with law enforcement agencies. Or as another example, we are obliged to retain data relating to financial transactions for a minimum period of time.

Legitimate Interest - HARTMANN may hold and process your personal data for own legitimate interests. This is to allow us to manage our business to allow us to offer our customers the best service we can. Where we use legitimate interest we will consider the impact on you and take a balanced approach. Our legitimate interests don't automatically override your interests. For example; We have an interest in making sure our marketing is relevant for you, so we process your information to send you marketing that's tailored to your interests.

Your Rights

Under data protection law, you have rights we need to make you aware of. The rights available to you depend on our reason for processing your information (see above).

• Right of Access
• Right to rectification
• Right to erasure
• Right to restriction of processing
• Right to object to processing
• Right to data portability

Please contact ukdataprotection@hartmann.info when you have enquiries or wish to exercise any of your data protection law rights.

You have the right to make a complaint at any time to the Information Commissioner's Office (ICO), the UK supervisory authority for data protection issues (www.ico.org.uk) We would, however, appreciate the chance to deal with your concerns before you approach the ICO so please contact us in the first instance.

No fee usually required:

You will not have to pay a fee to access your personal data (or to exercise any of the other rights). However, we may charge a reasonable fee if your request is clearly unfounded, repetitive or excessive. Alternatively, we may refuse to comply with your request in these circumstances.

What we may need from you:

We may need to request specific information from you to help us confirm your identity and ensure your right to access your personal data (or to exercise any of your other rights). This is a security measure to ensure that personal data is not disclosed to any person who has no right to receive it. We may also contact you to ask you for further information in relation to your request to speed up our response.

Time limit to respond:

We try to respond to all legitimate requests within one month. Occasionally it may take us longer than a month if your request is particularly complex or you have made a number of requests. In this case, we will notify you and keep you updated.

To protect your data from unauthorised access by third parties, we are obliged to carefully verify your identity. In order to answer your written requests, we reserve the right to request further information.

Data Security

We have put in place appropriate security measures to prevent your personal data from being accidentally lost, used or accessed in an unauthorised way, altered or disclosed. In addition, we limit access to your personal data to those employees, agents, contractors and other third parties who have a business need to know. They will only process your personal data on our instructions and they are subject to a duty of confidentiality.

The personal data that we collect from you is stored on secure information technology systems located in the EEA which are operated by us.

Some data processing in relation to web and email services and delivery of any products ordered by you is carried out on our behalf by a third party. We will take all steps reasonably necessary to ensure that your personal data is kept secure and in accordance with this privacy notice.

Unfortunately, the transmission of information from you via the internet is not completely secure. Although we will do our best to protect your personal data, we cannot guarantee the security of your personal data transmitted to our site; any transmission is at your own risk. Once we have received your personal data, we will use strict procedures and security features to prevent unauthorised access.

Our website uses up-to-date industry procedures to protect your personal information. We also protect the security of your data during transmission using Transport Layer Security (TLS) technology. We may vary this in the future if we feel you will benefit from greater security whilst using our site.

We have appropriate security measures in place in our physical facilities to protect against the loss, misuse or alteration of information that we have collected from you via our site.

We have put in place procedures to deal with any suspected personal data breach and will notify you and any applicable regulator of a breach where we are legally required to do so.

Protection of minors

As a rule, children and persons under the age of 18 years do not submit any personal data to HARTMANN without the consent of their parents or legal guardians. We do not solicit personal information about children, and we assure you that you will not knowingly collect, use, or otherwise disclose any personal information about children.

Sharing of data

Insofar as you have provided your consent or when we are otherwise legally entitled to do so, we will share your personal data with subsidiaries of HARTMANN, where applicable, for the purposes indicated above.

In connection with the operation of the Website and the services provided by way of the Website, HARTMANN works with service providers such as hosting or IT maintenance service providers, for example.

These recipients may possibly be located in countries outside of the European Economic Area (“third countries”), in which applicable laws do not offer the same level of data protection as in your home country. In such cases, HARTMANN takes measures to ensure an appropriate level of data protection.

Data is shared only in connection with and in compliance with applicable laws and regulations. We do not sell or otherwise market your personal data to third parties.

Social Media

We may obtain information posted publicly on social media sites and use it to help us understand how our different customers interact with us and what they think of us.

Social Media Bookmarks & Plug-ins
To make our websites more attractive and user-friendly, we use social bookmarks and social plug-ins. In accordance with Art. 6 para. 1 lit. f) EU GDPR to make HARTMANN better known. The underlying commercial purpose is to be regarded as legitimate interest within the meaning of the EU GDPR. Responsibility for the operation compliant with data protection is to be guaranteed by their respective providers.

What are Social Media Bookmarks & Plug-ins?
Social bookmarks are Internet bookmarks that allow you to see what other people found interesting about a particular subject, like HARTMANN for example. They are stored at their respective providers:

Facebook (Facebook Inc., 1 Hacker Way, Menlo Park, Calif. 94025, USA),
Twitter (Twitter, Inc., 795 Folsom St., Suite 600, San Francisco, CA 94107, USA),
YouTube (YouTube LLC, 901 Cherry Ave, San Bruno, CA 94066, USA),
Instagram (Instagram LLC, 1601 Willow Rd, Menlo Park, Calif. 94025, USA),

This means that the social bookmarks (buttons) are included as links. By clicking on the buttons, you will be forwarded to our site at the respective providers, i.e. your information will be transmitted to the respective provider only by first clicking and forwarding.

If you visit a page of our website that contains plug-ins, these are initially deactivated. Only when you click the provided button of the provider, such as Facebook, the plug-ins are activated. With this activation you connect to Facebook and declare your consent to the transmission of data. If you are logged in to Facebook, for example, Facebook can assign the visit to your local account. If you press the Facebook button, the corresponding information will be transmitted directly from your browser to Facebook and stored there.

Purpose and extent of the data collection, the further processing and use of the data by the provider as well as your rights and options to protect your privacy, please refer to the privacy policy of the respective provider.

In order to prevent the providers from collecting data about you via our website, you must log out of your user accounts before you visit our website.

Field of application
Orders are only effected on the basis of the following purchasing conditions, which will also be applied to all future business transactions without pointing this out separately. Our purchasing conditions are considered to be accepted with the execution of the order at the latest, even if the supplier refers to his conditions. Sales conditions of the supplier must be specially confirmed in writing by us to become effective; this does not apply to arrangements about the reservation of ownership which are accepted by us. It is not possible to deduce effectiveness of differing conditions from the acceptance of the ordered goods or services.

Placing of orders
Orders are only effective in writing with two signatures. The supplier has to confirm the orders with making use of our attached order duplicate and with binding signature immediately. The supplier declares himself prepared to issue a supplier´s declaration according to ECC-regulation 3351/83 for the goods delivered. If this is not possible, the supplier is asked to contain the term "not entitled to preference" in his acknowledgement.

Meeting of the deadline
The delivery period begins with the day when the order is placed. The supplier must inform us about all circumstances which endanger the meeting of the deadline or make it impossible, giving the reasons and the estimated delay. However, this does not effect his obligation to deliver the goods on time. In the case of a delay in delivery we are entitled to claim a contractual penalty of 0.1% of the order amount for each day of the delayed delivery, up to a maximum of 8% without any further proof. In addition, crediting the contractual penalty, compensation for all damages sustained directly or indirectly as a result of the delay can be claimed. If the supplier does not effect delivery within a reasonable extension, we are entitled, crediting the contractual penalty, to choose to claim for damages due to non-fulfillment or alternatively to withdraw from the contract. The argument of acts of God only relieves the supplier if he informs us immediately about the circumstances and if he was not already behind when they occured. Deliveries in part and deliveries ahead of time must be agreed with us in advance.

Obligation to accept the goods
Unforeseen incidents, such as acts of God, war, governmental actions and operational interruptions beyond our control release us from the obligation to accept the ordered goods. In this case the supplier is not able to claim damages. In other cases of operational stoppage we are entitled to demand an adequate prolongation of the acceptance period. After the expiry of this period or if we fail to accept the goods without acting negligent or willful, the supplier has the right to withdraw from the contract within the scope of the legal regulations. He is not entitled to make any further demands.

Shipping documents, payment
The supplier must attach a delivery note which contains our order-no., article-no., a list of the delivered (sterilization-) batches, the description of the articles, the quantity delivered (in the given quantity unit), the weight (gross and net), as well as information about the used packing materials to each delivery. AlI this information, together with the name of the supplier, must also be attached to the pallets and packaging in a clearly visible manner. For deliveries from non-EU countries, a duplicate of the invoice must be attached to the delivery note. If agreed upon, an examination certificate or an analysis certificate must be enclosed; to each delivery of sterile products a sterilization certificate must be attached without request. If any preference or trade agreements exist between the FRG and the country of origin, certificates of origin confirmed by the competent authorities must be attached to the deliveries. The supplier has to render an invoice for each delivery and send it in duplicate to the parent company in Heidenheim, irrespective of the place of delivery within Germany. In particular, the invoice must include our Order No., Item No. and Article No. Payment shall be effected in the customary commercial manner, namely within 10 days at a four percent discount or within 30 days with a 2.2 percent discount, or after 60 days purely net, calculated in terms of delivery/performance and receipt of invoice.

Transportation, Payment of Duties and Insurance
All deliveries to us shall be effected in line with the conditions set out in Incoterms 2000. Unless "franco domicile" delivery has been agreed upon, the supplier may charge transportation costs for partial or complete shipments according to "Güterfernverkehrstarif" (GFT) less a maximum margin of 20 percent. Transportation costs for individual parcels may be charged at a rate which does not exceed the GFT individual parcel rate or customer rate minus a margin of 20 percent. We have taken out transportation insurance which is internationally valid. This means that all deliveries should be shipped without insurance. We are a "Verzichtskunde" according to German SLVS (SLVS = Speditions-, Logistik- und Lagerversicherungsschein) which means that it is not permissible to charge us for transportation insurance. If any invoices are raised, these will be charged to the supplier´s account. Crediting costs or presentation commissions will not be accepted if invoiced to us. All deliveries to Heidenheim should be marked Selbstabholung (self-collecting), we will not recognize any claims for the costs of delivery directly to our premises. We are not liable to present goods to the customs authorities. Unless otherwise agreed, goods will be cleared through customs by us. We will not accept any customs charges or fees for issuing customs documents.

Packing
The supplier has to use only pure packing materials which can be recycled. These materials must be marked with the corresponding symbols. We are en titled to dispose of the packing materials or to have them disposed of and to charge the costs arising in this connection on the supplier´s account.

Quality
The supplier guarantees that the delivered goods correspond to the regulations valid for these goods and the products which will be made, according to the supplier´s information, by making use of these products. The regulations mentioned above may be legal regulations of any kind, European rules, DlN-rules, pharmacopoeia monographs as well as all other accepted technical rules, especially the specification agreed upon with the supplier. If the goods come under the German Food and Consumer Goods Act (LMBG), the supplier guarantees that neither the goods nor their follow-up products or contaminations are noxious when used as directed and as foreseen, and that the goods are therefore physiologically harmless. If there is any recommendation of the plastics commission of the Federal Health Office (BGA), the supplier guarantees that the goods correspond to the version of the relevant recommendation valid at the moment. The supplier guarantees the compliance of every delivery with these regulations and places further documentation and validating documents on request at our disposal. The supplier guarantees the compliance of every delivery with these regulations and places further documentation and validating documents on request at our disposal. The supplier will conduct quality assurance commensurate to the type of article and volume and in keeping with the most recent technological standards. On request, he shall provide us with proof that this has been done.

Guarantee
For the judgement if the delivery is according to the rules, the number of pieces, measurements, weights and quality features ascertained on the occasion of our entrance examination are definitive. Obvious imperfections must be announced to the supplier within five working days after receipt of the goods. The supplier is obliged to give replacements free of charge and to compensate for damages which may occur even for imperfections which are not perceptible on reception of the goods, but only made evident during their laboratory examination, processing or use. Already effected payments cannot be interpreted as a renouncement of a complaint. The supplier guarantees for his deliveries according to the legal regulations effective in Germany. He assumes liability for the goods not infringing any intellectual property right of a third party. If we are held liable according to German law or the law of another country for violating mandatory safety regulations or product liability provisions or guarantees, the supplier must compensate for the sustained losses if his deliveries were defective and have caused the damage. The damage shall also cover the costs of a precautionary recall of the article(s) in question. The supplier shall take out due insurance coverage against all risks arising for product liability including the risk of recalling the article(s).

Production aids
If we pay for production aids of the supplier (e.g. tools, plates) wholly or predominantly, they are transferred to our ownership. The transfer is replaced by the arrangement of a secondment, which entitles the supplier to own the production aids until further notice. The supplier therefore has not the right to keep the aids.

Charging of claims
As far as it is authorized by legal regulations, we are entitled to set off all claims which we have on the supplier against all claims which the supplier has on us.

Place of fulfillment
The place of fulfillment is Heidenheim or the headquarters of the works which receives the delivery. Legal domicile is Heidenheim. The contract is subject to German law, even if it concerns deliveries from abroad. If any of the regulations of these purchasing conditions should be ineffective, the validity of the other regulations is not effected by this. The ineffective regulations will then be replaced by a legally admissible version, which will correspond to the original version as far as it is possible, concerning the economic results.

Child Labour
We do not tolerate child labour. In case of acceptance of an order, the supplier commits himself not to employ child labourers in his company. Labourers must not be aged under 15 (repectively under 14 in case the producer country does allow this) or, in producer countries where the minimum age is over 15, no person may be employed under the minimum age when compulsory education ends. In case of litigation the German version of the purchasing conditions is decisive. The English translation has no legal relevance. PAUL HARTMANN AG D-89522 Heidenheim.