Bitkom Servicegesellschaft mbH, Albrechtstraße 10, 10117 Berlin, 030 27576-0, email@example.com (hereinafter: „we“), is the controller for data processing.
2. Purposes of data processing and legal basis
2.1. Registration for the event "hub.berlin"
The personal data collected as mandatory data during the registration process for the event will be processed for the event’s organization and implementation on the basis of Art. 6 (1) lit. b) GDPR. The provision of the data marked as mandatory data is necessary for participation.
In addition, you have the option to optionally provide further data from you. We process this data on the basis of your consent pursuant to Art. 6 (1) lit. a) and Art. 7 GDPR. You can revoke this consent at any time with effect for the future. There are no negative consequences associated with not providing this voluntary data.
2.2. Profile in the event platform
The event will be implemented with the supporting event app Swapcard. In order for you to be able to participate, a user profile will be created for you on the basis of Art. 6 para. 1 lit. b) DSGVO, in which your name, email address, position and company will be stored. Without creating a user profile, you will not be able to fully use all the services of the event.
Your profile is basically set so that your details are not visible to other app users. However, we would be pleased if you would make your details visible to other users in order to promote the exchange of information and networking. You can also optionally add further data about yourself to your user profile, e.g. a profile picture. The aforementioned data processing is voluntary and based on your consent pursuant to Art. 6 (1) a) DSGVO, which you can revoke at any time, e.g. by changing or deleting your profile settings or at firstname.lastname@example.org.
Further information about Swapcard and the Networking App can be found here www.swapcard.com/privacy-policy.
2.3. Data sharing with sponsors
If you consent to us passing on your data to our partner companies / sponsors so that they can send you promotional information, the data is passed on to the Sponsor on the basis of your consent in accordance with Art. 6 (1) a) GDPR. You can find our partner companies / sponsors in the overview linked in the consent text.
Some of the sponsors are based in countries outside the European Union. Some of these countries are considered unsafe third countries in terms of data protection law because the data protection laws there do not generally protect personal data to the same extent as is the case in the member states of the European Union. Thus, it cannot be ruled out that authorities are allowed to access data without the data subjects being able to assert effective legal protection against this access. Furthermore, the rights of the data subjects may be restricted.
The granting of consent is voluntary and not required for event participation. You can also revoke your consent at any time with effect for the future by sending an e-mail to email@example.com. Please note that from the time of data transmission, inparticular for the sending of advertising, our partner company / sponsor is the data controller.
2.4. Newsletter and information about Bitkom events and membership
As part of the registration process, you also have the option of voluntarily subscribing to a newsletter or to mailings for future events, services and activities of the Bitkom Group (Bitkom e.V., Bitkom Servicegesellschaft mbH and DFA Digital für alle GmbH) as well as information about Bitkom membership. After registration, you will receive an e-mail in which you must confirm your e-mail address for verification (so-called double opt-in procedure). The legal basis for storing the e-mail address and sending the information is your consent in accordance with Art. 6 (1) lit. a), 7 GDPR, which you can revoke at any time with effect for the future. You can easily revoke your consent, for example, by clicking on the unsubscribe link in every e-mail.
As part of the registration for the newsletter and mailing, we store additional data beyond the data already mentioned, insofar as this is necessary for us to prove that you have ordered our newsletter. This may include the storage of the full IP address at the time of the order or the confirmation of the newsletter, as well as a copy of the confirmation email sent by us. The corresponding data processing is based an Art. 6 (1) lit. f) GDPR and is done in the interest of being able to account for the legality of the consent.
2.5. Information about planned photo shoots at an event
We will have photographs taken at the event to document the event. We will use some of these photographs for information and representation purposes in our online and print media. Specifically, the photographs will be used in the following media:
- on our websites
- on our pages in social networks such as Twitter, LinkedIn, YouTube, Facebook, Instagram, Xing.
- for the design of electronic newsletters, print media, other print products.
Do you not want to appear in a photo? If so, please inform the person taking the photos. Please also take care yourself not to walk into the picture when photographs are being taken.
We have also invited representatives of the press, so it is to be expected that they will also take photos.
3. Data recipient
We will only transfer your data to third parties if we are authorized to do so under data protection law or if you have given your consent to the transfer of data.
We pass on the necessary data to service providers who support us in the implementation of the event.
If you have given us your consent, if this is necessary to carry out the event, or if we have a legitimate interest in doing so, we will pass on your data to other Bitkom Group companies to the extent necessary.
Your data may also be passed on by us to external service providers (e.g. IT- service providers) who support us in data processing as part of a contract processing strictly bound by instructions. This includes in particular the external service provider Swapcard Corporation SAS, which provides the event platform and networking app.
Where applicable, some of the service providers we use are located in a third country outside the European Union for which there is no adequacy decision by the European Commission and which has a lower data protection standard than the European Union. This may result in third parties, e.g. security authorities, gaining access to your data without your knowledge or restricting your data subject rights. In these cases, we oblige the service providers to comply with a European level of data protection through so-called Standard Contractual Clauses of the EU Commission or through equally suitable measures. Further information or copies are available upon request from our data protection officer.
4. Storage duration
Basically, we only store your personal data for as long as is necessary to fulfill the stated purposes or for the duration of statutory retention periods.
The data processed in connection with participation in the event will generally be stored for the duration of the event and deleted as soon as it is no longer required for the performance and processing of the contract (generally after three years) and there are no (longer) statutory retention periods.
Your user profile in our networking app will remain active until the user relationship is terminated and the data contained therein will be stored until the profile is deleted.
If you have subscribed to our newsletter or given your consent to our mailing, we will store your name and e-mail address until you revoke your consent. In addition, we store the data we need to prove the newsletter consent until the expiry of the limitation period of three years.
5. Rights of the data subject
As a data subject, you have the right of access to the personal data concerning you (Art. 15 GDPR), to rectification of inaccurate data (Art. 16 GDPR) and to erasure, if one of the reasons mentioned in Art. 17 GDPR applies. There is also the right to restriction of processing if one of the conditions set out in Art. 18 of the GDPR applies and, in the cases of Art. 20 of the GDPR, the right to data portability.
If the data processing is based on consent, you can revoke this consent at any time with effect for the future.
You also have the right to object to processing of personal data concerning you at any time for reasons arising from your particular situation, provided that the data processing is based on Art. 6 (1) f) GDPR. We will then no longer process your data unless there are demonstrably compelling legitimate grounds for the processing which override your interests, rights and freedoms.
To exercise your rights, please contact firstname.lastname@example.org.
In addition, you have the right to complain to a supervisory authority. The supervisory authority responsible for us is the Berlin Commissioner for Data Protection and Freedom of Information, Friedrichstr. 219, 10969 Berlin, e-mail: email@example.com.
6. Contact details of the data protection officer:
You can reach our data protection officer at datenschutz nord GmbH, Kurfürstendamm 212, 10719 Berlin, e-mail: firstname.lastname@example.org