Compliance

An overview of our most important compliance regulations: Any trading in securities and derivative financial instruments of our platform and the issuing of recommendations in this regard based on the use of insider information are prohibited and punishable by law, as is the improper dissemination of insider information. The Compliance Officer must be informed immediately regarding the emergence of compliance-related information within the company. Our board shall make decisions regarding the immediate (ad-hoc) or delayed publication of insider information. The Compliance Officer, the Head of Corporate Communications and Investor Relations and the Head of Legal must be involved in a timely fashion in circumstances or projects that could result in an obligation to issue an ad-hoc announcement. The publication of ad-hoc-announcements and the informing of the Financial Market Authority (FMA) and the stock exchange (Frankfurt Stock Exchange) shall be carried out by Investor Relations. Compliance-related information is subject to the strictest rules too confidentiality.

It may only be disclosed in so far as this is necessary for business purposes and is limited to the extent that is absolutely necessary (need-to-know principle). Provisions for persons working in compliance areas: All persons working in compliance areas are to be listed in the insider register and reported to the Compliance Officer by means of a standard form. Persons working in compliance areas are subject to a ban on trading with financial instruments of our platform within the following vesting periods: From 3 weeks prior to the planned publication of quarterly figures to 48 hours after their actual publication From 6 weeks prior to the planned publication of annual figures to 48 hours after their actual publication 48 hours after an ad-hoc announcement our platform Compliance Guidelines – as at 27.06.2017 The dissemination of compliance-related information outside a compliance area may occur only on the basis of institutionalised, predefined information processes or under the condition of immediate notification to the Compliance Officer. Appropriate organisational measures are in place to prevent the misuse and dissemination of compliance-related information

Security

We have implemented security measures designed to secure your information from accidental loss and from unauthorized access, use, alteration or disclosure. However, we cannot guarantee that unauthorized persons will never gain access to your information, and you acknowledge that you provide your information at your own risk, except as otherwise provided by applicable law.