Notice regarding the processing of personal data to shareholders, shareholder representatives and guests in relation to the Annual General Meeting of RWE Aktiengesellschaft on 28 April 2020

We take the protection of your personal data very seriously. Your privacy is very important to us, and we would thus like to inform you how we will process your data in our company for the Annual General Meeting and how you can exercise your rights.

1. Who is responsible for data processing and how you can get in touch with our Data Privacy Officer

The entity responsible for processing your personal data is RWE Aktiengesellschaft, RWE Platz 1, 45141 Essen, Germany. You can reach our Data Privacy Officer at the aforementioned address, via the phone at +49(0)201-5179-5311, via facsimile at +49(0)201-5179-5005 or via e-mail at datenschutz@rwe.com

2. Which of your personal data will we process and why?

If you register for the Annual General Meeting, we will process such data as your name, address, where applicable your e-mail address, and information concerning your shares (number and type of share ownership) as well your participation ticket number and check number, in order to enable you to exercise your rights as shareholder in connection with the AGM. 

If you authorise someone else to exercise your rights pertaining to the Annual General Meeting, we will process such data as their name, address and, where applicable, their e-mail address in order to ensure the orderly conduct of the Annual General Meeting. 

When we receive requests for supplements to the Agenda, countermotions or candidate nominations, we are obliged to publish some of your personal data to comply with German stock corporation law. Further personal information we receive from you may be processed in this context.

When you submit questions to the Executive Board and these questions are answered individually in the virtual Annual General Meeting, your name will only be disclosed if you expressly consented to do so.

Shareholders and their agents who are represented at the Annual General Meeting by the voting proxies nominated by the Company are included in the participants register mandated by law. 

3. What sources does the data come from?

We will process personal data that we receive from your or via your depositary bank. If you are acting as an agent of a shareholder, we will receive the personal data from the shareholder. As a rule, shareholders are obligated to provide the data required to carry out the Annual General Meeting.

4. What is the legal basis for processing the data?

RWE Aktiengesellschaft will process your personal data only for the following purposes:

  • exercise of your shareholder rights before and during the Annual General Meeting,
  • fulfilment of requirements under German stock corporation law (e.g. compilation of the participants register) and
  • fulfilment of further statutory obligations, e.g. monitoring regulations and archiving obligations.

The legal basis for this data processing can be found in Article 6, Paragraph 1, Sentence 1(c) of the German General Data Protection Regulation in conjunction with the provisions of the German Stock Corporation Act and the German Act Concerning Measures Under the Law of Companies, Cooperative Societies, Associations, Foundations and Commonhold Property to Combat the Effects of the COVID-19 pandemic ('German COVID-19 Act').

Furthermore, we may process your personal data in accordance with Article 6, Paragraph 1(f) of the German General Data Protection Regulation to safeguard justified interests such as

  • organisation and orderly conduct of the Annual General Meeting,
  • defence in litigation and
  • statistics (e.g. shareholder development and an overview of the major shareholders).

Image and audio recordings will be used for the web simulcast of the Annual General Meeting. The legal basis for this can be found in Section 118, Paragraph 4 of the German Stock Corporation Act in conjunction with our Articles of Incorporation.

In addition, the processing of your personal data (first and last name, address, telephone contact) may be necessary due to the current situation regarding the coronavirus disease in order to protect your or other persons’ vital interests. The purpose of the processing in this case is also to safeguard the legitimate interests of the entity responsible or of a third party. The legal basis for this purpose can be found in Article 6, Paragraph 1, Sentence 1(d) and (f) of the German General Data Protection Regulation.

No automatic decisions will be taken and no profiling will be performed. 

5. Who will receive your personal data?

In connection with the conduct of the Annual General Meeting, RWE Aktiengesellschaft commissions various external service providers and advisors which process your personal data on commission from RWE Aktiengesellschaft solely within the EU ('Contracted Data Processing Entities'). These Contracted Data Processing Entities act solely on instructions from RWE Aktiengesellschaft and receive only the personal data required for them to meet their contractual obligations to RWE Aktiengesellschaft. 

The data of shareholders and their agents who are represented at the Annual General Meeting by the voting proxies nominated by the Company recorded in accordance with Section 129 of the German Stock Corporation Act is included in the participants register, which every shareholder has the right to inspect on request for two years from the end of the Annual General Meeting.

You may request further information and copies of the relevant agreements at any time. You can reach the Data Privacy Officer via the contact information provided in Item 1.

6. How long is your personal data stored?

Personal data regarding the Annual General Meeting is generally stored for up to three years. This personal data is usually deleted after this period. Moreover, personal data is stored, if so required, to meet legal obligations to discharge the company's burden of proof and archive the data, or in the event that the Company has a justified interest in prolonging the storage period, for instance in connection with litigation and out-of-court disputes concerning the Annual General Meeting.

7. What data privacy rights do you have?

You can exercise the following rights in compliance with the following statutory regulations:

  • Article 15 of the German General Data Protection Regulation: right to information;
  • Article 16 of the German General Data Protection Regulation: right to request corrections to erroneous data;
  • Article 17 of the German General Data Protection Regulation: right to request deletion of your data if there are no legal grounds for its continued storage;
  • Article 18 of the German General Data Protection Regulation: right to request a limitation of processing 
  • Article 20 of the German General Data Protection Regulation: right to determination of transmission of all data provided to us by you. This means that we provide it to you in a structured, customary and machine-readable format and 
  • Article 21 of the German General Data Protection Regulation: right to object to data processing pursuant to Article 6, Paragraph 1(f) of the German General Data Protection Regulation if substantiated by your specific situation.

To exercise these rights, please get in touch with us via the contact information provided in Item 1.

Without prejudice to other legal recourse, you are entitled to file a complaint with a regulatory authority, in particular in the member state of your place of residence, your place of work or the place of the alleged infringement. 

The regulatory authority of relevance to RWE Aktiengesellschaft is:

The Officer for Data Protection and Freedom of Information of the State of North Rhine-Westphalia
P.O. Box 20 04 44
40102 Düsseldorf 
Germany

T: +49 211 38424 – 0
F: +49 211 38424 – 10
E-mail: poststelle@ldi.nrw.de