Annual Stockholders’ Meeting 2018

Information on how to vote and the Stockholders’ Portal

You have the following options for exercising your right to vote at the Stockholders’ Meeting:

  • You may attend the Stockholders’ Meeting in person
  • You may appoint one of the proxies designated by the Company, to whom you may then issue instructions for the exercise of your voting rights at the Stockholders’ Meeting
  • You may appoint a proxy of your choice to exercise your voting rights at the Stockholders’ Meeting
  • You may exercise your voting rights through postal vote.

In all cases, you must register in due time to be able to exercise your right to vote at the Stockholders’ Meeting. The deadline for registration for this year’s Stockholders’ Meeting passes at midnight on May 18, 2018, 24:00 CEST.

Please use the attendance form to notify us of your intention to attend the Annual Stockholders’ Meeting. The attendance form will be sent to every shareholder at the end of April.

In the Stockholders’ Portal you can submit notification of your intention to attend the Annual Stockholders’ Meeting, order admission tickets, grant power of attorney to a proxy of your choice, grant power of attorney and issue instructions to proxies designated by the company or exercise your voting rights through postal vote after registering for the Annual Stockholders’ Meeting.

Irrespective of registration before the deadline are the instructions for the proxy designated by the company as well as changes to or the retraction of such. Any such instructions may be given or changed using our Stockholders’ Portal until May 24, 2018, 12:00 CEST.

You can register on the Stockholders’ Portal if in future you wish to receive the invitation to the Stockholders’ Meeting by e-mail. Please take advantage of this service to help us reduce printing costs and for the sake of the environment.

Further information around the Stockholders’ Meeting can be found in the Service section.

Disclaimer

No warranty is given, or liability accepted, for the operability, availability, stability or reliability of the Internet-assisted proxy and instruction system, or for access to the system, including any third-party Internet services and network elements utilized. Furthermore, we assume no responsibility for errors or defects in the hardware or software used to cast votes via the Internet, including that of contracted service companies, insofar as no intent or gross negligence is present.


Data Protection Information for Bayer Aktiengesellschaft Shareholders

New data protection rules will come into force from May 25, 2018 as a result of the European General Data Protection Regulation (GDPR). At its heart, this regulation promotes transparency in how data is processed. We take the protection of our shareholders’ data very seriously. The following information is intended to give you an overview of how we process your personal data and your rights under data protection legislation.

1. Who is responsible for data processing and whom can you contact?
Bayer Aktiengesellschaft is responsible for your data (controller). Our address is Kaiser Wilhelm Allee 1, 51368 Leverkusen (Germany). You can contact the Global Data Privacy Officer at this address. If you have any questions regarding protection of data in the shareholders’ register, please contact the address above or ir@5298e482d8fe46f8b6c1a5ff9ca3eb30bayer.com.

2. What data do we process, and on what legal basis?
We process your personal data pursuant to the European General Data Protection Regulation (GDPR), the German Federal Data Protection Act (Bundesdatenschutzgesetz, BDSG), the German Stock Corporation Act (Aktiengesetz, – AktG), and all other pertinent statutes.

Shares in Bayer Aktiengesellschaft are registered shares. § 67 German Stock Corporation Act stipulates that registered shares must be registered in the company’s shareholders’ register along with the shareholder’s name, date of birth, address, number of shares held or share serial numbers. In the case of nominal value shares, the amount must also be recorded. The financial institutions involved in the sale of or holding your Bayer registered shares regularly forward the details required for the shareholders’ register to us on your behalf along with information on your nationality. This is done via Clearstream Banking Frankfurt. As the central securities depository it is responsible for the technical aspects of processing securities transactions and for the custody of shares on behalf of the financial institutions. We are also informed via Clearstream Banking Frankfurt if you sell your shares.

We process your personal data for the purposes foreseen in the German Stock Corporation Act. These include, in particular, managing the shareholders’ register, corresponding with you in your capacity as a shareholder, and organizing the annual general meeting. Furthermore, we only use your data for other purposes compatible with the above (in particular to prepare statistics, e.g., on trends in share ownership or the number of transactions, or to gain an overview of major shareholders). The legal basis for the processing of your personal data is the German Stock Corporation Act read in combination with Article 6 (1c) and (4) of the GDPR.

Moreover, we also process your personal data to comply with other statutory obligations such as regulatory requirements and retention requirements under stock corporation, commercial, and tax law. For example, in compliance with stock corporate law obligations we are required to record verifiable data of proxies nominated for the shareholders’ meeting and must store this data for 3 years (§ 134 (3) sentence 5 Stock Corporation Act). The legal basis to process your data in this case is the corresponding statutory provisions read in combination with Article 6 (1c) GDPR.

We are legally required to contact you in advance before processing your data for any purpose not listed above.

3. Who has access to your data?
Within Bayer Aktiengesellschaft only those requiring access to your data to fulfill our duties to you are granted such access. Service providers and vicarious agents working for us may also be granted access to your data for these purposes. Such partner companies only have access to our shareholders’ personal data as part of commissioned data processing as set out explicitly in the relevant legislation (Art. 28 GDPR). In such cases too, Bayer Aktiengesellschaft remains responsible for protecting your data. When working with your data, the partner must follow our instructions at all times. To ensure that this is the case, we have put in place strict contractual regulations and will carry out technical/organizational measures and extra checks as necessary. Our partners include the following sorts of companies: service providers managing the shareholders’ register, IT service providers, and service providers who prepare and organize the annual general meeting.

If you attend the annual general meeting then, pursuant to §129 Stock Corporation Act, other Bayer shareholders will be able to view any personal data concerning you in the list of participants.

We also transmit your data to other recipients. They are permitted to process your data on their own responsibility. This includes public authorities to fulfill statutory notification obligations (i.e., where voting rights ceilings set down in law are exceeded).

4. Is my data transmitted to third countries?
Recipients permitted to process your data on their own responsibility (e.g., authorities fulfilling statutory notification obligations) may also be located in a third country.

With this exception, Bayer Aktiengesellschaft does not transmit any personal data to bodies in third countries or international organizations at this time. Personal data is only transmitted to service providers outside the European Economic Area (EEA) to the extent that the European Commission has confirmed that the third country in question has put in place a suitable data protection framework or other appropriate data protection guarantees (e.g., binding internal corporate data protection rules or the European Commission’s standard contractual clauses).

5. How long will my data be stored?
To the extent that we are not required to store your data under a statutory burden of proof or retention obligation (e.g., under the German Stock Corporation Act, German Code of Commerce, German Tax Code), your data is generally anonymized or erased as soon as no longer required for the purposes listed above. The retention period for data gathered for the purposes of the annual general meeting is usually up to 3 years. The data recorded in the shareholders’ register must usually be retained for 10 years after shares are sold. Additionally, we retain personal data in individual cases where necessary for claims made against the company

6. Am I as a shareholder obliged to provide certain data?
As a shareholder you are obliged to provide the company with the personal data set out above. The financial institutions involved in transferring or holding registered shares are also required to provide Bayer Aktiengesellschaft with the requisite data to manage the shareholders’ register (§ 67 (1, 4) Stock Corporation Act).

7. What are your rights as a data subject?
You can contact the address above for information regarding what data is held about you. At https://www.investor.bayer.de/en/stock/stockholders-portal/, under the section for the shareholders’ register service, you can view the main data held in the shareholders’ register about you and, where required, change your address. Furthermore, under certain circumstances you can also demand that your data be erased or restrict the processing of your data (e.g., if your data is processed unlawfully). Where we process your personal data to safeguard legitimate interests, you can object to this processing at the address mentioned above if, based on your specific circumstances, there are grounds against us processing your data. In such cases we will cease processing your data unless we have overwhelming and compelling interests to protect.

You can contact either our Global Data Privacy Officer at the address above or a relevant supervisory authority. The supervisory authority responsible for Bayer Aktiengesellschaft is:

Landesbeauftragte für Datenschutz und Informationsfreiheit Nordrhein-Westfalen,
Postfach 20 04 44,
40102 Düsseldorf, Germany