Privacy policy
in accordance with the General Data Protection Regulation (GDPR)
The protection of your data is important to us. It goes without saying that we collect, store and use your data only in accordance with the legal requirements. Below you will find information about the way in which we collect, store and process your data.
I. Name and address of the person responsible
The controller within the meaning of the General Data Protection Regulation and other national data protection laws of the member states as well as other data protection regulations is the:
RETRO Messen GmbH
Schoellstraße 7
70599 Stuttgart
Tel.: +49 (0) 711 3403-2830
Fax: +49 (0) 711 3403-2859
E-Mail: info@retro-messen.de
II. Name and address of the data protection officer
III. General information on data processing
1. Scope of the processing of personal data
We collect and use our users' personal data only insofar as this is necessary to provide a functional website and our content and services. The collection and use of our users' personal data only takes place regularly with the user's consent. An exception applies in cases where it is not possible to obtain prior consent for factual reasons and the processing of the data is permitted by law.
2. Legal basis for the processing of personal data
Insofar as we obtain the consent of the data subject for the processing of personal data, Art. 6 para. 1 lit. a EU General Data Protection Regulation (GDPR) serves as the legal basis.
When processing personal data that is necessary for the performance of a contract to which the data subject is a party, Art. 6 para. 1 lit. b GDPR serves as the legal basis. This also applies to processing operations that are necessary to carry out pre-contractual measures.
Insofar as the processing of personal data is necessary to fulfill a legal obligation to which our company is subject, Art. 6 para. 1 lit. c GDPR serves as the legal basis.
In the event that vital interests of the data subject or another natural person require the processing of personal data, Art. 6 para. 1 lit. d GDPR serves as the legal basis.
If the processing is necessary to safeguard a legitimate interest of our company or a third party and if the interests, fundamental rights and freedoms of the data subject do not outweigh the first-mentioned interest, Art. 6 para. 1 lit. f GDPR serves as the legal basis for the processing.
3. Data erasure and storage duration
The personal data of the data subject will be deleted or blocked as soon as the purpose of storage no longer applies. Data may also be stored if this has been provided for by the European or national legislator in EU regulations, laws or other provisions to which the controller is subject. The data will also be blocked or erased if a storage period prescribed by the aforementioned standards expires, unless there is a need for further storage of the data for the conclusion or fulfillment of a contract.
IV. Provision of the website and creation of log files
1. Description and scope of data processing
Each time our website is accessed, our system automatically collects data and information from the computer system of the accessing computer.
The following data is collected:
Information about the browser type and version used
The user's operating system
The IP address of the user
Date and time of access
The data is also stored in the log files of our system. This data is not stored together with other personal data of the user.
2. Legal basis for data processing
The legal basis for the temporary storage of data and log files is Art. 6 para. 1 lit. f GDPR.
3. Purpose of data processing
Temporary storage of the IP address by the system is necessary to enable delivery of the website to the user's computer. For this purpose, the user's IP address must remain stored for the duration of the session.
The data is stored in log files to ensure the functionality of the website. We also use the data to optimize the website and to ensure the security of our information technology systems. The data is not analyzed for marketing purposes in this context.
These purposes also constitute our legitimate interest in data processing in accordance with Art. 6 para. 1 lit. f GDPR.
4. Duration of storage
The data is deleted as soon as it is no longer required to achieve the purpose for which it was collected. In the case of the collection of data for the provision of the website, this is the case when the respective session has ended.
If the data is stored in log files, this is the case after ninety days at the latest. Storage beyond this period is possible. In this case, the IP addresses of the users are anonymized so that it is no longer possible to identify the accessing client.
5. Possibility of objection and removal
The collection of data for the provision of the website and the storage of data in log files is absolutely necessary for the operation of the website. Consequently, the user has no option to object.
V. Integration of third-party providers to display the website
Data protection information Globalsign
Globalsign is a provider that issues SSL certificates. Our websites use such certificates issued by Globalsign to ensure the authenticity of the website, among other things. For this purpose, we embed the Globalsign seal in the footer of the website. For this purpose, the browser you are using must connect to the Globalsign servers. This gives Globalsign knowledge that our website has been accessed via your IP address. The use of Globalsign is in the interest of the security of processing and the transparency of our online offers. This constitutes a legitimate interest within the meaning of Art. 6 para. 1 lit. f GDPR.
The provider is
GMO GlobalSign Ltd,
Springfield House
Sandling Road
Maidstone
ME14 2LP
Great Britain
You can find Globalsign's privacy policy at downloads.globalsign.com/acton/attachment/2674/f-089a/1/-/-/-/-/GlobalSign-Privacy-Policy-Jun-15-2017-v206.pdf
Data protection information Google CDN
Google CDN is a service for delivering static content such as frequently used script libraries, graphics and styling definitions. This mechanism is used for load balancing and ensures an overall faster page load. Specifically, we use the Google CDN to deliver frequently used script libraries (“Angular”, “JQuery”), which are necessary for the proper functioning of this website. For this purpose, the browser you use must connect to the Google CDN servers. As a result, Google CDN becomes aware that our website has been accessed via your IP address. Google CDN is used in the interest of presenting our online services. This constitutes a legitimate interest within the meaning of Art. 6 para. 1 lit. f GDPR.
The provider is Google Inc., 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA.
You can find Google CDN's privacy policy at www.google.com/policies/privacy/
Privacy policy Bootstrap CDN
Bootstrap CDN is a service for delivering static content such as frequently used script libraries, graphics and styling definitions. This mechanism is used for load distribution and ensures an overall faster page load. Specifically, the Bootstrap CDN is used here to deliver the Bootstrap library and static fonts that are used by this page for the front-end design. For this purpose, the browser you are using must connect to Bootstrap's servers. This gives Bootstrap knowledge that our website has been accessed via your IP address. Bootstrap is used in the interest of presenting our online services. This constitutes a legitimate interest within the meaning of Art. 6 para. 1 lit. f GDPR.
The provider of Bootstrap CDN is MaxCDN DBA StackPath, privacy@stackpath.com
You can find Bootstrap CDN's privacy policy at www.bootstrapcdn.com/privacy-policy/
Privacy policy Amazon CDN
Amazon CDN is a service for delivering static content such as frequently used script libraries, graphics and styling definitions. This mechanism is used for load balancing and ensures an overall faster page load. Specifically, the Amazon CDN is used here to deliver the PCI DSS seal in the footer of the website.
For this purpose, the browser you are using must connect to Amazon's servers. This gives Amazon knowledge that our website has been accessed via your IP address. Amazon is used in the interest of presenting our online offers and transparency. This constitutes a legitimate interest within the meaning of Art. 6 para. 1 lit. f GDPR.
The provider is
Amazon Web Services, Inc.
410 Terry Avenue North
Seattle WA 98109
United States
You can find Amazon's privacy policy at aws.amazon.com/de/privacy/
Cloudflare CDN privacy policy
Cloudflare CDN is a service for delivering static content such as frequently used script libraries, graphics and styling definitions. This mechanism is used for load balancing and ensures an overall faster page load. Specifically, we use the Google CDN to deliver frequently used script libraries (“UnderscoreJS”, “Angular-filter.js”), which are necessary for the proper functioning of this website. For this purpose, the browser you are using must connect to Cloudflare's servers. As a result, Cloudflare becomes aware that our website has been accessed via your IP address. Cloudflare is used in the interest of presenting our online services. This constitutes a legitimate interest within the meaning of Art. 6 para. 1 lit. f GDPR.
The provider is
Cloudflare, Inc.
101 Townsend St.
San Francisco, CA 94107
You can find Cloudflare's privacy policy at www.cloudflare.com/security-policy/
Activated Google address completion
This website uses the Google Places API web service and Google's automatic location completion.
In order for us to receive this information from Google, your IP address and the content you have entered will be transmitted to Google.
For this purpose, the browser you are using must connect to Google's servers. As a result, Google becomes aware that our website has been accessed via your IP address. The use of Google is in the interest of simplifying the filling of the input fields when entering the location in our online offer. This constitutes a legitimate interest within the meaning of Art. 6 para. 1 lit. f GDPR.
The provider is Google Inc., 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA.
Further information on Google Places Api Web Services can be found in Google's privacy policy: www.google.com/policies/privacy/
VI. Use of cookies
Description and scope of data processing
Our website uses Google Analytics, a web analysis service of Google Inc (“Google”). Google Analytics uses “cookies”, which are text files placed on your computer, to help the website analyze how users use the site.
This site also uses Google APIs, a program interface provided by Google. As part of this use, data, in particular the IP address, may also be transmitted to Google. (See point VIII for further information)
Our website does not use any other cookies.
Cookies are text files that are stored in the Internet browser or by the Internet browser on the user's computer system. When a user accesses a website, a cookie can be stored on the user's operating system. This cookie contains a characteristic string of characters that enables the browser to be uniquely identified when the website is called up again.
VII. Newsletter
1. Description and scope of data processing
You can subscribe to a free newsletter on our website and Facebook page. When registering for the newsletter, the data from the input mask is transmitted to us and MailChimp (see point 2):
E-mail address
First name
Last name
Salutation (gender)
We only use your first name, surname and gender to optimize and personalize the content of our newsletter. If necessary, we may ask you to provide further data; this information is only used to adapt the content to the readers.
The following data is also collected:
Login and confirmation time
IP address
Registration for the newsletter is logged using this data in order to be able to prove registration in accordance with legal requirements.
In the same way, changes to your profile are logged by MailChimp.
Your consent is obtained for the processing of the data during the registration process and reference is made to this privacy policy.
Registration takes place using the so-called double opt-in procedure. After entering your email address, you will receive an email from us asking you to confirm that you wish to receive our newsletter. This second confirmation serves to protect against misuse of your e-mail address.
The data collected will be used by us exclusively for sending the newsletter.
If you purchase goods or services (tickets) on our website and enter your e-mail address, we may subsequently use it to send you newsletters. In such a case, we will only send direct advertising for our own similar goods or services.
2. Use of the mailing service provider “MailChimp”
The newsletter is sent via the newsletter distribution platform “MailChimp” of the US provider Rocket Science Group, LLC, 675 Ponce De Leon Ave NE #5000, Atlanta, GA 30308, USA.
MailChimp is a service that can be used to organize and analyse the sending of newsletters, among other things. MailChimp is certified in accordance with the “EU-US Privacy Shield”. The “Privacy Shield” is an agreement between the European Union (EU) and the USA, which is intended to ensure compliance with European data protection standards in the USA. The data collected within the scope of this information is stored by MailChimp on servers in the USA. MailChimp uses this data for the following purposes:
Sending newsletters on our behalf
Evaluation of the newsletters on our behalf (e.g. to determine the recipients' regions of residence)
MailChimp may, according to its own information, use this data to improve its own services (e.g. for the technical optimization of dispatch and presentation)
MailChimp does not use the collected data itself to contact or pass it on to third parties.
3. Statistical survey and analysis
A so-called “web-beacon” is contained in the newsletters sent. This is a pixel-sized file that is called up by the MailChimp server when the newsletter is opened. This file collects the following technical information:
Opening of the newsletter
Time of retrieval
Links clicked on
In addition, technical information is retrieved that cannot be assigned to the respective user:
IP address
Browser type
Operating system
4. Purpose of data processing
This information is used to improve the service based on technical data or to determine the target group and your reading behavior based on the retrieval locations (determinable by IP address) and access times. Neither we nor MailChimp observe or analyze individual users in any way. The evaluations are only used to recognize the reading habits of the users and to adapt the content to them or to send different content according to the interests of the users.
The collection of the user's e-mail address is used to deliver the newsletter. The collection of other personal data as part of the registration process serves to prevent misuse of the services or the e-mail address used.
5. Conclusion of a data processing agreement
We have concluded a so-called “Data Processing Agreement” with MailChimp, in which we oblige MailChimp to protect our customers' data and not to pass it on to third parties. This agreement can be viewed at the following link: HTTPS://MAILCHIMP.COM/LEGAL/FORMS/DATA-PROCESSING-AGREEMENT/SAMPLE-AGREEMENT/
6. Online call and data management
There are cases in which we direct newsletter recipients to the MailChimp website. For example, our newsletters contain a link that newsletter recipients can use to retrieve the newsletter online (e.g. in the event of display problems in the email program). Newsletter recipients can also correct their data, such as their email address, at a later date. MailChimp's DATA PRIVACY POLICY is also only available on their website.
In this context, we would like to point out that cookies are used on MailChimp's websites and that personal data is therefore processed by MailChimp, its partners and service providers (e.g. Google Analytics). We have no influence on this data collection. Further information can be found in the PRIVACY POLICY from MailChimp. We would also like to draw your attention to the options for objecting to the collection of data for advertising purposes on the websites http://www.aboutads.info/choices/ und http://www.youronlinechoices.com/ (for the European region).
7. Legal basis for data processing
The legal basis for the processing of data after registration for the newsletter by the user is Art. 6 para. 1 lit. a GDPR if the user has given consent.
The legal basis for sending the newsletter as a result of the sale of goods or services is Section 7 (3) UWG.
8. Duration of storage
The data will be deleted as soon as it is no longer required to achieve the purpose for which it was collected. The user's email address and other data mentioned above will therefore be stored for as long as the subscription to the newsletter is active. After unsubscribing from the newsletter, the data will be deleted both from our servers and those of MailChimp.
9. Information about stored data
You can request information about your stored data free of charge at any time.
You can access your profile via the link at the bottom of every newsletter. There you can check, change or delete the data you have entered.
You can also contact us free of charge by e-mail at datenschutz@retro-messen.de to obtain information about your stored data.
10. Possibility of objection and removal
The subscription to the newsletter can be canceled by the user concerned at any time free of charge. For this purpose, there is a corresponding link in every newsletter. Users can also unsubscribe via the link to their profile, which is also included in every newsletter.
Unsubscribing from the newsletter and deleting the stored data can also be done free of charge at datenschutz@retro-messen.de.
You must unsubscribe from the newsletter if you do not agree to your data being transmitted to MailChimp for analysis purposes or if you wish to withdraw your consent.
The legality of the data processing operations that have already taken place remains unaffected by the revocation. Data stored by us for other purposes (e.g. ticket purchase) remain unaffected by this.
VIII. Contact form and e-mail contact
1. Beschreibung und Umfang der Datenverarbeitung
There is a contact form on our website that can be used to contact us electronically. If a user makes use of this option, the data entered in the input mask will be transmitted to us and stored. These data are
Salutation
First name and surname
Place of residence
Telephone, fax
e-mail address
The following data is also stored when the message is sent:
First name, last name, telephone number, email, message
The IP address of the user
Date and time of registration
Destination e-mail
Your consent is obtained for the processing of the data as part of the sending process and reference is made to this privacy policy.
Alternatively, you can contact us via the e-mail address provided. In this case, the user's personal data transmitted with the e-mail will be stored.
The data will not be passed on to third parties in this context. The data is used exclusively for processing the conversation.
2. Legal basis for data processing
The legal basis for the processing of the data is Art. 6 para. 1 lit. a GDPR if the user has given consent.
The legal basis for the processing of data transmitted in the course of sending an email is Art. 6 para. 1 lit. f GDPR. If the e-mail contact is aimed at the conclusion of a contract, the additional legal basis for the processing is Art. 6 para. 1 lit. b GDPR.
3. Purpose of data processing
The processing of the personal data from the input mask serves us solely to process the contact. In the case of contact by email, this also constitutes the necessary legitimate interest in processing the data.
The other personal data processed during the sending process is used to prevent misuse of the contact form and to ensure the security of our information technology systems.
4. Duration of storagerung
The data is deleted as soon as it is no longer required to achieve the purpose for which it was collected. For the personal data from the input screen of the contact form and those sent by email, this is the case when the respective conversation with the user has ended. The conversation is ended when it can be inferred from the circumstances that the matter in question has been conclusively clarified.
The additional personal data collected during the sending process will be deleted after a period of seven days at the latest.
5. Possibility of objection and removal
The user has the option to revoke their consent to the processing of personal data at any time. If the user contacts us by email, they can object to the storage of their personal data at any time. In such a case, the conversation cannot be continued.
The revocation of consent and the objection to storage can be sent by e-mail to datenschutz@retro-messen.de,
and by letter to
RETRO Messen GmbH
Messepiazza 1
70629 Stuttgart
be declared. If you only wish to partially revoke your consent or only partially object to the storage, please specify exactly to which area your request is limited, otherwise all data that we are not legally obliged to store will be deleted. Please understand that we may need to verify your identity before complying with your request.
All personal data stored in the course of contacting us will be deleted in this case.
IX. Services from external providers that are used on our site.
Google Fonts
Type and scope of processing
We use Google Fonts from Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland, as a service to provide fonts for our online offering. To obtain these fonts, you establish a connection to the servers of Google Ireland Limited, whereby your IP address is transmitted.
Purpose and legal basis
The use of Google Fonts is based on your consent in accordance with Art. 6 para. 1 lit. a. GDPR and § 25 para. 1 TTDSG.
We intend to transfer personal data to third countries outside the European Economic Area, in particular the USA. The data transfer to the USA is carried out in accordance with Art. 45 para. 1 GDPR on the basis of the adequacy decision of the European Commission. The US companies involved and/or their US subcontractors are certified in accordance with the EU-U.S. Data Privacy Framework (EU-U.S. DPF).
In cases where no adequacy decision of the European Commission exists (including US companies that are not certified under the EU-U.S. DPF), we have agreed other appropriate safeguards with the recipients of the data within the meaning of Art. 44 et seq. GDPR have been agreed. Unless otherwise stated, these are standard contractual clauses of the EU Commission in accordance with Implementing Decision (EU) 2021/914 of June 4, 2021. You can obtain a copy of these standard contractual clauses athttps://eur-lex.europa.eu/legal-content/DE/TXT/HTML/?uri=CELEX:32021D0914&from=DE .
In addition, before such a third country transfer, we obtain your consent in accordance with Art. 49 para. 1 sentence 1 lit. a. GDPR, which you give via the consent in the Consent Manager (or other forms, registrations, etc.). We would like to point out that in the case of third country transfers, there may be risks that are unknown in detail (e.g. data processing by security authorities in the third country, the exact scope and consequences of which for you we do not know, over which we have no influence and of which you may not become aware).
Storage duration
The specific storage period of the processed data cannot be influenced by us, but is determined by Google Ireland Limited. Further information can be found in the privacy policy for Google Fonts: https://policies.google.com/privacy .
Google Tag Manager
Type and scope of processing
We use the Google Tag Manager of Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland. Google Tag Manager is used to manage website tags via an interface and enables us to control the precise integration of services on our website.
This allows us to flexibly integrate additional services in order to evaluate user access to our website.
Purpose and legal basis
The use of Google Tag Manager is based on your consent in accordance with Art. 6 para. 1 lit. a. GDPR and § 25 para. 1 TTDSG.
We intend to transfer personal data to third countries outside the European Economic Area, in particular the USA. The data transfer to the USA is carried out in accordance with Art. 45 para. 1 GDPR on the basis of the adequacy decision of the European Commission. The US companies involved and/or their US subcontractors are certified in accordance with the EU-U.S. Data Privacy Framework (EU-U.S. DPF).
In cases where no adequacy decision of the European Commission exists (including US companies that are not certified under the EU-U.S. DPF), we have agreed other appropriate safeguards with the recipients of the data within the meaning of Art. 44 et seq. GDPR have been agreed. Unless otherwise stated, these are standard contractual clauses of the EU Commission in accordance with Implementing Decision (EU) 2021/914 of June 4, 2021. You can obtain a copy of these standard contractual clauses at https://eur-lex.europa.eu/legal-content/DE/TXT/HTML/?uri=CELEX:32021D0914&from=DE .
In addition, before such a third country transfer, we obtain your consent in accordance with Art. 49 para. 1 sentence 1 lit. a. GDPR, which you give via the consent in the Consent Manager (or other forms, registrations, etc.). We would like to point out that in the case of third country transfers, there may be risks that are unknown in detail (e.g. data processing by security authorities in the third country, the exact scope and consequences of which for you we do not know, over which we have no influence and of which you may not become aware).
Storage duration
The specific storage period of the processed data cannot be influenced by us, but is determined by Google Ireland Limited. Further information can be found in the privacy policy for Google Tag Manager: marketingplatform.google.com/about/analytics/tag-manager/use-policy/.
Google Analytics
Type and scope of processing
We use Google Analytics from Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland, as an analysis service for the statistical evaluation of our online offering. This includes, for example, the number of visits to our website, subpages visited and the time spent by visitors.
Google Analytics uses cookies and other browser technologies to evaluate user behaviour and recognize users.
This information is used, among other things, to compile reports on website activity.
Purpose and legal basis
The use of Google Analytics is based on your consent in accordance with Art. 6 para. 1 lit. a. GDPR and § 25 para. 1 TTDSG.
We intend to transfer personal data to third countries outside the European Economic Area, in particular the USA. The data transfer to the USA is carried out in accordance with Art. 45 para. 1 GDPR on the basis of the adequacy decision of the European Commission. The US companies involved and/or their US subcontractors are certified in accordance with the EU-U.S. Data Privacy Framework (EU-U.S. DPF).
In cases where no adequacy decision of the European Commission exists (including US companies that are not certified under the EU-U.S. DPF), we have agreed other appropriate safeguards with the recipients of the data within the meaning of Art. 44 et seq. GDPR have been agreed. Unless otherwise stated, these are standard contractual clauses of the EU Commission in accordance with Implementing Decision (EU) 2021/914 of June 4, 2021. You can obtain a copy of these standard contractual clauses at https://eur-lex.europa.eu/legal-content/DE/TXT/HTML/?uri=CELEX:32021D0914&from=DE .
In addition, before such a third country transfer, we obtain your consent in accordance with Art. 49 para. 1 sentence 1 lit. a. GDPR, which you give via the consent in the Consent Manager (or other forms, registrations, etc.). We would like to point out that in the case of third country transfers, there may be risks that are unknown in detail (e.g. data processing by security authorities in the third country, the exact scope and consequences of which for you we do not know, over which we have no influence and of which you may not become aware).
Storage duration
The specific storage period of the processed data cannot be influenced by us, but is determined by Google Ireland Limited. Further information can be found in the privacy policy for Google Analytics: https://policies.google.com/privacy.
Google Translate
Type and scope of processing
Our website offers the option of using the information provided in another language. For this purpose, we use Google Translate (operated by Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland). In addition to your IP address, the URL of the page visited is also transmitted to Google. With Google Translate, the translation is displayed directly on the page there.
Purpose and legal basis
The use of Google Translate is based on your consent in accordance with Art. 6 para. 1 lit. a. GDPR and § 25 para. 1 TTDSG.
We intend to transfer personal data to third countries outside the European Economic Area, in particular the USA. The data transfer to the USA is carried out in accordance with Art. 45 para. 1 GDPR on the basis of the adequacy decision of the European Commission. The US companies involved and/or their US subcontractors are certified in accordance with the EU-U.S. Data Privacy Framework (EU-U.S. DPF).
In cases where no adequacy decision of the European Commission exists (including US companies that are not certified under the EU-U.S. DPF), we have agreed other appropriate safeguards with the recipients of the data within the meaning of Art. 44 et seq. GDPR have been agreed. Unless otherwise stated, these are standard contractual clauses of the EU Commission in accordance with Implementing Decision (EU) 2021/914 of June 4, 2021. You can obtain a copy of these standard contractual clauses athttps://eur-lex.europa.eu/legal-content/DE/TXT/HTML/?uri=CELEX:32021D0914&from=DE .
In addition, before such a third country transfer, we obtain your consent in accordance with Art. 49 para. 1 sentence 1 lit. a. GDPR, which you give via the consent in the Consent Manager (or other forms, registrations, etc.). We would like to point out that in the case of third country transfers, there may be risks that are unknown in detail (e.g. data processing by security authorities in the third country, the exact scope and consequences of which for you we do not know, over which we have no influence and of which you may not become aware).
Storage duration
The specific storage period of the processed data cannot be influenced by us, but is determined by Google Ireland Limited. Further information can be found in the privacy policy for Google Translate: https://policies.google.com/privacy.
Google AdSense
Type and scope of processing
This website uses Google AdSense, a service for integrating advertisements from Google Inc (“Google”). The provider is Google Inc, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA.
Google AdSense uses “cookies”, which are text files placed on your computer, to help the website analyze how users use the site. Google AdSense also uses so-called web beacons (invisible graphics). These web beacons can be used to analyze information such as visitor traffic on these pages.
The information generated by cookies and web beacons about the use of this website (including your IP address) and the delivery of advertising formats is transmitted to a Google server in the USA and stored there. This information may be passed on by Google to contractual partners of Google. However, Google will not merge your IP address with other data stored by you.
Purpose and legal basis
AdSense cookies are stored on the basis of Art. 6 para. 1 lit. a GDPR and only after you have given us your express consent to do so. You can also prevent the installation of cookies by setting your browser software accordingly; however, we would like to point out that in this case you may not be able to use all functions of this website to their full extent. By using this website, you consent to the processing of data about you by Google in the manner and for the purposes set out above.
Storage duration
The specific storage period of the processed data cannot be influenced by us, but is determined by Google. Further information can be found in Google's privacy policy: https://policies.google.com/privacy.
Google Analytics Remarketing
Type and scope of processing
Our websites use the functions of Google Analytics Remarketing in conjunction with the cross-device functions of Google AdWords and Google DoubleClick. The provider is Google Inc, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA.
This function makes it possible to link the advertising target groups created with Google Analytics Remarketing with the cross-device functions of Google AdWords and Google DoubleClick. In this way, interest-based, personalized advertising messages that have been adapted to you depending on your previous usage and surfing behavior on one device (e.g. cell phone) can also be displayed on another of your devices (e.g. tablet or PC).
If you have given your consent, Google will link your web and app browsing history to your Google account for this purpose. In this way, the same personalized advertising messages can be displayed on every device on which you sign in with your Google account.
To support this function, Google Analytics collects Google-authenticated user IDs that are temporarily linked to our Google Analytics data to define and create target groups for cross-device advertising.
You can permanently opt out of cross-device remarketing/targeting by turning off personalized advertising in your Google Account by following this link:
www.google.com/settings/ads/onweb/ .
Purpose and legal basis
The aggregation of the data collected in your Google Account is based solely on your consent, which you can give or withdraw from Google (Art. 6 para. 1 lit. a GDPR). For data collection processes that are not merged in your Google account (e.g. because you do not have a Google account or have objected to the merging), the collection of data is based on Art. 6 para. 1 lit. f GDPR. The legitimate interest arises from the fact that the website operator has an interest in the anonymized analysis of website visitors for advertising purposes.
Storage duration
The specific storage period of the processed data cannot be influenced by us, but is determined by Google. Further information can be found in Google's privacy policy: https://policies.google.com/privacy.
Google AdWords and Google Conversion-Tracking
This website uses Google AdWords. AdWords is an online advertising program of Google Inc, 1600 Amphitheatre Parkway, Mountain View, CA 94043, United States (“Google”).
As part of Google AdWords, we use what is known as conversion tracking. If you click on an advertisement placed by Google, a cookie is set for conversion tracking if you have given your consent. Cookies are small text files that the Internet browser stores on the user's computer. These cookies lose their validity after 30 days and are not used to personally identify the user. If the user visits certain pages of this website and the cookie has not yet expired, Google and we can recognize that the user clicked on the ad and was redirected to this page.
Each Google AdWords customer receives a different cookie. The cookies cannot be tracked via the websites of AdWords customers. The information collected using the conversion cookie is used to generate conversion statistics for AdWords customers who have opted for conversion tracking. Customers are told the total number of users who clicked on their ad and were redirected to a page with a conversion tracking tag. However, they do not receive any information that can be used to personally identify users. If you do not wish to participate in tracking, you can object to this use by easily deactivating the Google Conversion Tracking cookie via your Internet browser under user settings. You will then not be included in the conversion tracking statistics.
Purpose and legal basis
The storage of “conversion cookies” takes place on the basis of Art. 6 para. 1 lit. a GDPR. You can find more information about Google AdWords and Google Conversion Tracking in Google's privacy policy: www.google.de/policies/privacy/ .
You can set your browser so that you are informed about the setting of cookies and only allow cookies in individual cases, exclude the acceptance of cookies for certain cases or in general and activate the automatic deletion of cookies when closing the browser. If cookies are deactivated, the functionality of this website may be restricted.
Storage duration
The specific storage period of the processed data cannot be influenced by us, but is determined by Google. Further information can be found in Google's privacy policy: https://policies.google.com/privacy.
Revive-AdServer
We use Revive-AdServer on our website on the basis of our legitimate interests pursuant to Art. 6 para. 1 lit. f GDPR (interest in the economic operation of our online offer). The Revive-AdServer is an open source software tool for the integration and anonymized statistical evaluation of advertisements (banners). Personal data, such as the IP address, is neither collected nor processed or stored via the Revive AdServer.
Provider:
Revive Software and Services BV, Jonkersvaart 36, 9366 TC Jonkersvaart, Niederlande;
Website: https://www.revive-adserver.net/
Privacy policy: https://www.revive-adserver.net/privacy/
Detailed description of data processing: https://www.revive-adserver.com/privacy/personal-data/
The Revive AdServer stores cookies (text files) on your computer to control and measure the display of advertisements. A fixed, always identical, non-personal ID is stored in these cookies. The cookies (text files) are automatically exchanged between the web server and your web browser and are necessary for technical operation. A personal identification of a visitor does not take place and is not possible.
OAID cookies are stored on your computer for one year; the OAGEO cookie is a session cookie and is deleted when you close your browser. Revive-AdServer also uses tracking pixels. This documents the display frequency of our advertising media and stores it in our AdServer.
If you do not want Revive-AdServer to store cookies, you have the option of preventing the installation of cookies via your browser settings (information on this can be found in the browser's help function).
X. Usercentrics
Type and scope of processing
We have integrated Usercentrics on our website. Usercentrics is a consent solution from Usercentrics GmbH, Rosental 4, 80331 Munich, Germany, with which consent to the storage of cookies can be obtained and documented. Usercentrics uses cookies or other web technologies to recognize users and store the consent given or revoked.
Purpose and legal basis
The use of the service is based on the legally required consent to the use of cookies in accordance with Art. 6 para. 1 lit. c. GDPR.
Storage duration
The specific storage period of the processed data cannot be influenced by us, but is determined by Usercentrics GmbH. Further information can be found in the Usercentrics privacy policy: https://usercentrics.com/privacy-policy/ .
XI. Social media
Share content via plugins (Facebook, Google+1, Twitter & Co.)
The content on our pages can be shared on social networks such as Facebook, Twitter or Google+ in compliance with data protection regulations.
This tool does not automatically transfer user data to the operators of these platforms. If the user is logged in to one of the social networks, an information window appears when using the social buttons of Facebook, Google+1, Twitter & Co. in which the user can confirm the text before sending it.
Our users can share the content of this page on social networks in compliance with data protection regulations without complete surfing profiles being created by the network operators.
Facebook-Plugins (Like & Share-Button)
Plugins of the social network Facebook, provider Facebook Inc, 1 Hacker Way, Menlo Park, California 94025, USA, are integrated on our pages. You can recognize the Facebook plugins by the Facebook logo or the “Like” button on our site. You can find an overview of the Facebook plugins here: developers.facebook.com/docs/plugins/.
When you visit our pages, a direct connection is established between your browser and the Facebook server via the plugin. Facebook receives the information that you have visited our site with your IP address. If you click on the Facebook “Like” button while you are logged into your Facebook account, you can link the content of our pages to your Facebook profile. This allows Facebook to associate your visit to our pages with your user account. We would like to point out that, as the provider of the pages, we have no knowledge of the content of the transmitted data or its use by Facebook. You can find further information on this in Facebook's privacy policy at de-de.facebook.com/policy.php.
If you do not want Facebook to be able to associate your visit to our pages with your Facebook user account, please log out of your Facebook user account.
LinkedIn Plugin
Our website uses functions of the LinkedIn network. The provider is LinkedIn Corporation, 2029 Stierlin Court, Mountain View, CA 94043, USA.
Each time one of our pages containing LinkedIn functions is accessed, a connection to LinkedIn servers is established. LinkedIn is informed that you have visited our website with your IP address. If you click on the LinkedIn “Recommend” button and are logged into your LinkedIn account, LinkedIn is able to associate your visit to our website with you and your user account. We would like to point out that, as the provider of the pages, we have no knowledge of the content of the transmitted data or its use by LinkedIn.
Further information on this can be found in LinkedIn's privacy policy atwww.linkedin.com/legal/privacy-policy.
XING Plugin
Our website uses functions of the XING network. The provider is XING AG, Dammtorstraße 29-32, 20354 Hamburg, Germany.
Each time one of our pages containing XING functions is accessed, a connection to XING servers is established. To the best of our knowledge, no personal data is stored in the process. In particular, no IP addresses are stored or usage behavior evaluated.
Further information on data protection and the XING share button can be found in XING's privacy policy at www.xing.com/app/share.
XII. Links to other websites
AFAG Messen und Ausstellungen GmbH provides links to external websites in special areas. We have no influence on whether the operators of other websites comply with data protection regulations. The provider of these sites is solely liable for the content and in particular for damages resulting from the use or non-use of such information. AFAG Messen und Ausstellungen GmbH only checks websites at the time the links are created. All subsequent changes are the responsibility of the provider.
XIII. Visitor registration and disclosure of your personal data
In compliance with the General Data Protection Regulation, your personal data provided during registration will be passed on for marketing purposes, including contact (also by e-mail) to exhibitors at the event whose content you have viewed on the website or whose presentations or webinars you have attended. This also applies to the personal data that you voluntarily provide in your profile. It is at the sole discretion and responsibility of the exhibitor to decide how and whether to use the transmitted data set to contact the visitor. The personal data provided will also be collected and processed by AFAG Messen und Ausstellungen GmbH itself for these specified purposes. The legal basis for the transfer of your personal data is based on your consent in accordance with Art. 6 para. 1 lit. a) GDPR, which you gave when you registered.
XIV. Rights of the data subject
If your personal data is processed, you are a data subject within the meaning of the GDPR and you have the following rights vis-à-vis the controller:
1. Right to information
You can request confirmation from the controller as to whether personal data concerning you is being processed by us.
If such processing is taking place, you can request the following information from the controller:
- the purposes for which the personal data are processed
- the categories of personal data that are processed
- the recipients or categories of recipients to whom the personal data concerning you have been or will be disclosed
- the envisaged period for which the personal data concerning you will be stored, or, if specific information on this is not possible, the criteria used to determine that period
- the existence of a right to rectification or erasure of personal data concerning you, a right to restriction of processing by the controller or a right to object to such processing
- the existence of a right to lodge a complaint with a supervisory authority
all available information about the origin of - if the personal data is not collected from the data subject
- the existence of automated decision-making, including profiling, referred to in Art. 22 (1) and (4) GDPR and, at least in those cases, meaningful information about the logic involved, as well as the significance and the envisaged consequences of such processing for the data subject.
You have the right to request information as to whether the personal data concerning you is transferred to a third country or to an international organization. In this context, you may request to be informed of the appropriate safeguards pursuant to Art. 46 GDPR in connection with the transfer.
2. Right to rectification
You have a right to rectification and/or completion vis-à-vis the controller if the processed personal data concerning you is incorrect or incomplete. The controller must make the correction without delay.
3. Right to restriction of processing
You may request the restriction of the processing of your personal data under the following conditions:
- if you contest the accuracy of the personal data concerning you for a period enabling the controller to verify the accuracy of the personal data;
- the processing is unlawful and you oppose the erasure of the personal data and request the restriction of their use instead;
- the controller no longer needs the personal data for the purposes of the processing, but they are required by you for the establishment, exercise or defense of legal claims, or
- if you have objected to the processing pursuant to Art. 21 (1) GDPR and it is not yet certain whether the legitimate reasons of the controller outweigh your reasons.
f the processing of personal data concerning you has been restricted, this data - apart from its storage - may only be processed with your consent or for the establishment, exercise or defense of legal claims or for the protection of the rights of another natural or legal person or for reasons of important public interest of the Union or of a Member State.
If the restriction of processing has been restricted in accordance with the above conditions, you will be informed by the controller before the restriction is lifted.
4. Right to erasure
a) Obligation to delete
You have the right to obtain from the controller the erasure of personal data concerning you without undue delay and the controller shall have the obligation to erase personal data without undue delay where one of the following grounds applies:
- The personal data concerning you are no longer necessary for the purposes for which they were collected or otherwise processed.
- You withdraw your consent on which the processing is based according to Art. 6 para. 1 lit. a or Art. 9 para. 2 lit. a GDPR, and where there is no other legal ground for the processing.
- You object to the processing pursuant to Art. 21 (1) GDPR and there are no overriding legitimate grounds for the processing, or you object to the processing pursuant to Art. 21 (2) GDPR.
- The personal data concerning you has been processed unlawfully.
- The deletion of personal data concerning you is necessary to fulfill a legal obligation under Union law or the law of the Member States to which the controller is subject.
- The personal data concerning you was collected in relation to information society services offered in accordance with Art. 8 para. 1 GDPR.
b) Information to third parties
If the controller has made the personal data concerning you public and is obliged to erase it pursuant to Article 17(1) GDPR, it shall take reasonable steps, including technical measures, taking into account the available technology and the cost of implementation, to inform controllers which are processing the personal data that you as the data subject have requested the erasure by such controllers of any links to, or copy or replication of, those personal data.
c) Exceptions
The right to erasure does not exist if the processing is necessary
- to exercise the right to freedom of expression and information;
- for compliance with a legal obligation which requires processing by Union or Member State law to which the controller is subject or for the performance of a task carried out in the public interest or in the exercise of official authority vested in the controller;
- for reasons of public interest in the area of public health in accordance with Art. 9 para. 2 lit. h and i and Art. 9 para. 3 GDPR;
- for archiving purposes in the public interest, scientific or historical research purposes or statistical purposes in accordance with Art. 89 para. 1 GDPR, insofar as the right referred to in section a) is likely to render impossible or seriously impair the achievement of the objectives of that processing, or
- for the assertion, exercise or defense of legal claims.
5. Right to information
If you have asserted the right to rectification, erasure or restriction of processing against the controller, the controller is obliged to notify all recipients to whom the personal data concerning you have been disclosed of this rectification or erasure of the data or restriction of processing, unless this proves impossible or involves a disproportionate effort.
You have the right vis-à-vis the controller to be informed about these recipients.
6. Right to data portability
You have the right to receive the personal data concerning you, which you have provided to the controller, in a structured, commonly used and machine-readable format. You also have the right to transmit this data to another controller without hindrance from the controller to which the personal data has been provided, where
- the processing is based on consent pursuant to Art. 6 para. 1 lit. a GDPR or Art. 9 para. 2 lit. a GDPR or on a contract pursuant to Art. 6 para. 1 lit. b GDPR and
- the processing is carried out using automated procedures.
In exercising this right, you also have the right to have the personal data concerning you transmitted directly from one controller to another, where technically feasible. The freedoms and rights of other persons must not be affected by this.
The right to data portability does not apply to the processing of personal data necessary for the performance of a task carried out in the public interest or in the exercise of official authority vested in the controller.
7. Right of objection
You have the right to object, on grounds relating to your particular situation, at any time to processing of personal data concerning you which is based on point (e) or (f) of Article 6(1) GDPR, including profiling based on those provisions.
The controller will no longer process the personal data concerning you unless the controller demonstrates compelling legitimate grounds for the processing which override your interests, rights and freedoms or for the establishment, exercise or defense of legal claims.
If your personal data is processed for direct marketing purposes, you have the right to object at any time to the processing of your personal data for such marketing, which includes profiling to the extent that it is related to such direct marketing.
If you object to processing for direct marketing purposes, the personal data concerning you will no longer be processed for these purposes.
You have the option, in connection with the use of information society services - notwithstanding Directive 2002/58/EC - to exercise your right to object by means of automated procedures that use technical specifications.
8. Right to revoke the declaration of consent under data protection law
You have the right to withdraw your declaration of consent under data protection law at any time. The withdrawal of consent shall not affect the lawfulness of processing based on consent before its withdrawal.
9. Automated decision in individual cases including profiling
You have the right not to be subject to a decision based solely on automated processing, including profiling, which produces legal effects concerning you or similarly significantly affects you. This does not apply if the decision
- is necessary for the conclusion or performance of a contract between you and the controller,
- is authorized by Union or Member State law to which the controller is subject and which also lays down suitable measures to safeguard your rights and freedoms and legitimate interests; or
- with your express consent.
However, these decisions may not be based on special categories of personal data pursuant to Art. 9 para. 1 GDPR, unless Art. 9 para. 2 lit. a or g GDPR applies and appropriate measures have been taken to protect the rights and freedoms as well as your legitimate interests.
With regard to the cases referred to in (1) and (3), the data controller shall implement suitable measures to safeguard your rights and freedoms and legitimate interests, at least the right to obtain human intervention on the part of the controller, to express your point of view and to contest the decision.
10. Right to lodge a complaint with a supervisory authority
Without prejudice to any other administrative or judicial remedy, you have the right to lodge a complaint with a supervisory authority, in particular in the Member State of your habitual residence, place of work or place of the alleged infringement if you consider that the processing of personal data relating to you infringes the GDPR.
The supervisory authority with which the complaint has been lodged shall inform the complainant on the progress and the outcome of the complaint including the possibility of a judicial remedy pursuant to Art. 78 GDPR.