Jungheinrich AG
Notice on Data Protection

Data privacy and compliance with data privacy regulations are matters of great importance for Jungheinrich AG, especially the German Federal Data Protection Act and Telemedia Act. The purpose of the following data privacy statement is to explain to users of this electronic reporting system how reports that are received will be handled and to describe the nature, scope and purpose for which personal data is collected and used.

Intended purpose: The electronic reporting system is used to receive and clarify information regarding serious cases of suspicion involving white-collar crime (especially cases of banking or financial crimes, money laundering, financing of terrorism, fraud, corruption and other criminal offences which could endanger the client's assents). Reports that are received which are not relevant to these issues will not be followed up on. Please report minor concerns to your supervisor or direct contact persons at Jungheinrich, for example the responsible Human Resources department for personal matters.

Confidentiality: The electronic reporting system gives whistleblowers the opportunity to report information regarding the client with special safeguarding of confidentiality regarding their identity. We will handle your identity confidentially throughout the entire process. It is ensured that whistleblowers who report a specific case of suspicion in good faith have no negative consequences to fear from reporting the information.

Please report only information that is correct to the best of your knowledge. Use of the electronic reporting system to report information that is known to be incorrect or even libellous is prohibited. Should it turn out at a later date that the report was made with malicious intent, your identity will be disclosed and you may be subject to consequences.

Information can also be reported anonymously if preferred. However, we would appreciate it if you would include your name in the report.

Persons who can provide information: The electronic reporting system is available to Jungheinrich employees, and also to third parties (customers, business partners, suppliers and employees of associated companies, etc.) for reporting information.

Processing and using personal data: Personal data entered in this electronic reporting system is stored on specially secured servers of whistleblow GmbH, password-protected and encrypted. Access to these files is only permitted to the Compliance department of Jungheinrich.

Personal data in the required scope may be forwarded in electronic format to carefully selected individuals in the Jungheinrich Group if this is necessary to clarify the situation. Every person who is given access to the data is obliged to handle it confidentially.

Personal data will only be collected, processed and used for the intended purpose, to operate the reporting system and to verify and examine reports that are submitted.

Retention and deletion: Personal data will be retained for the duration necessary to clarify the information and make a final assessment of it. After the examination is complete, the personal data will be deleted within an appropriate period and in accordance with legal requirements, normally 2 months . In the event of a legal and/or disciplinary process, data may be retained until the completion of the process or until the legal remedy period lapses. Personal data related to reports submitted with no valid basis will be deleted without delay. If required by legal provisions or regulations of government institutions, personal data may be handed over to them.

Obligation to provide information: If this reporting system is used to collect and store personal data, Jungheinrich AG will inform the persons concerned regarding the purposes for which personal data is collected, processed and used. The client is entitled not to inform the person concerned until doing so does not pose a risk to clarifying the situation and collecting necessary evidence.

Responsible authority: The responsible authority for this electronic reporting system within the meaning of the Data Privacy Act is Jungheinrich AG. The responsible unit is generally the Central Compliance department. Should reports be related to Group Audit itself or the Central Compliance department though they will be taken care of by another central unit. The reporting system is operated by whistleblow GmbH on behalf of Jungheinrich AG.

Questions: If you have questions about data privacy and the use and dissemination of personal data, please contact the Group data privacy officer, Mr Frank Jastrob (frank.jastrob@jungheinrich.de).

Security: Jungheinrich AG and/or its contractor whistleblow GbmH use technical and organisational measures to collect, process and use the personal data managed while operating this electronic reporting system to protect it against unauthorised access, disclosure, misuse, tampering and destruction.

Right to access/change information: You have the right to be informed about stored personal data related to you. The identity of the whistleblower is excluded from this right to receive information. To the extent that exercising this right would endanger the examination of the circumstances or securing necessary evidence, Jungheinrich AG is permitted to wait until a later time to comply with this right. If so provided by statutory requirements, you are also entitled to have erroneous data corrected, locked or deleted. To exercise your rights to access or change information, please contact the Group Data Privacy Officer, Mr Frank Jastrob (frank.jastrob@jungheinrich.de)