Data protection notice for the Digital Event Platform
You can view this information under “Data Protection” at any time.
1. Data controller/contact
2. Personal data
3. Collection and use of your data
3.1 Collection of access data
When you access our website, your terminal automatically transfers data for technical reasons. The following data are stored separately from other data that you may possibly transmit to us:
- date, time and duration of your visit to our websites
- IP address, that has been assigned to you by your Internet provider
- the web page visited
- the user tool (i.e. web browser, operating system) you have used to access the site
- the action that you carried out on our website
- the terms you used in the search engines and in the site search and the search result
- whether a site was successfully accessed or not
- what information was called up (incl. downloads)
- from which server you accessed the website and the website from which you reached the current website
- These data are exclusively stored for technical purposes and are not at any time associated with a specific person.
The handling of your personal data for the purposes of providing this website and of communicating via this website are carried out on the basis of our legitimate interest pursuant to Article 6 (1) (f) General Data Protection Regulation (GDPR). It is technically necessary for us to process specific personal data (e.g. IP address) in order to provide this website. In order for you to communicate with us, it is necessary for us to handle respective personal data.
In the context of the necessary balancing of interests we have balanced your interest in the respective privacy of your personal data and our interest in the provision of this website and the establishment of contact with one another. Your interest in privacy is outweighed in both cases. If this were not the case, we would be unable to provide this website or to react to your contact query.
3.2 Ticket Shop
Various data on the visitor are required in order to purchase a ticket from our Ticket Shop. The following mandatory details are necessary:
- Your name
- Your e-mail address
- Company (only for trade visitors)
- Address (place, street, house number, postcode)
- Marketing characteristics
- A password
These data are necessary in order to set up and manage a user account for you. In the Digital Event-Platform and also in the app, the registration must be made with the same data (e-mail address and password) as in the ticket store. Not least we require these and possibly other data in order to be able to respond to possible future queries from you.
We process these data in order to be able to provide you with the services of our ticket shop and to fulfil the respective contracts agreed with you pursuant to Article 6 (1) (b) GDPR. The data is also processed for the promotion of our events and services (on the basis of Section 7 Paragraph 3 UWG (German Fair Trade Practices Act)) and for optimization and for market research and opinion research.
Insofar as we, as described above, require your data for the purposes of providing the functions of our ticket shop, you are contractually obliged to provide us with these data. Without these data we are unable to provide you with these functions.
Furthermore, you can enter the following voluntary details in the course of your registration in your profile:
- Academic title
- Other title
- Company (only voluntary for private visitors)
- House number
- P.O. Box
- P.O. Box, postcode:
- Web address
The entry of these details is voluntary and not necessary in order to purchase a ticket.
The processing of this personal data is only carried out on the basis of the express consent you have provided to us pursuant to Article 6 (1) (a) GDPR.
3.3 Community functions
The networking function, when enabled, gives the user the opportunity to directly contact other participants registered on the event's Digital Event-Platform. The platform differentiates between the 'public participants' of the event and the 'private participants'. This distinction is relevant to whether and when the respective contact is available to the user for networking.
"Public participants" are (i.) the persons named by the respective exhibitor and those (ii.) who provide a specific service within the scope of an agreement with Koelnmesse, such as a speaker or moderator. These persons are generally available for the networking function as part of the performance of the contract.
"Private participants" include trade visitors to our event. These persons are included in the directory if and only if (i.) consent to the network function was already given at the time of ticket purchase or (ii.) consent was given at any later time within the Digital Event-Platform.
As a result, this means that all other users who have purchased a ticket and given consent to participate in networking are available to the user for the networking function.
The networking function is activated by default. However, the user can deactivate it in his profile and activate it again after deactivation. For use, the user's contact data known to us is imported into the platform from previous systems (e.g. ticket store or CRM system). The user can then add to or complete this data in the platform at any time.
Please note that the networking function could, corresponding to your settings, be accessible to other participants of the Digital Event-Platform, and that all personal information that you set within them or provide in the course of your registration can be seen by others. We cannot control how other users of our website utilize this information. In particular, we cannot prevent unwanted messages being sent to you. Content placed in the Digital Event-Platform can be stored for an unlimited period. Should you, at some future time, wish the removal of specific placed material, send us a corresponding e-mail at the address given above.
We collect all data entered in the context of the networking function in order to be able to provide you with the networking function as intended, Article 6 (1) (b) GDPR.
Insofar as we, as described above, require your data for the purposes of providing the networking function, you are contractually obliged to provide us with these data. Without these data we are unable to provide you with the corresponding networking function.
3.4 Registration as an exhibitor, a media representative or a visitor
You can register on our Ticket Shop as a visitor, trade visitor, media representative or exhibitor. We process the personal data that you have provided us with in the course of your registration in order to accomplish this.
The processing of your personal data is carried out for the purposes of initiating, executing and winding up the corresponding user contract, Article 6 (1) (b) GDPR.
You are required to register in order to use the Digital Event-Platform.
In detail, we process your personal data for the following purposes:
- The purchase of tickets for our events;
- The redeeming of vouchers;
- The registration of future tickets "with one click";
- Checking trade visitor status;
- Pre-filling of the networking profile for participation in the networking function of Koelnmesse media representatives;
- Announcements, trade information and other materials concerning events of interest to you;
- The offer of individually customized services;
- Query regarding participation in our market and opinion research;
- The prevention or discovery of misuse and fraud, in particular in the case of vouchers and free tickets;
- If necessary, simple actualization of your personal data over the Internet.
Data collected subsequently is also assigned to your customer account. These include, for example, data collected when ordering a ticket.
We reserve the right pursuant to Section 7 (3) UWG to send you by e-mail information on goods and services similar to those that you have purchased from us. You can object to the receipt of such information via e-mail at any time. Every e-mail contains the information about how you can unsubscribe from the receipt of future e-mails.
5. Information on cookies and targeting
We use so-called browser cookies to collect information about your use of our website. Cookies are small text files that are stored on your hard drive where specific preferences and data regarding the exchange of information between our system and your browser is stored. A cookie generally contains the name of the domain from which the cookie data was sent and information about the age of the cookie and an alphanumeric identification sign. Cookies enable our systems to recognize the user’s device and to make possibly existing settings available immediately. As soon as a user accesses the platform, a cookie is transferred to the hard drive of the respective user’s computer. Cookies help us to improve our website and enable us to offer you a better service that is even-more customized to your needs. They enable us to recognize your computer when you return to our website and so:
- To store information about your preferred activities on our website and so to orient our website on your individual interests. This includes, for example, advertising that corresponds to your personal interests;
- To increase the speed with which your queries are processed;
The cookies used by us only store the aforementioned data about your use of our website. This is carried out not on the basis of an assignment to you personally, but by the allocation of an identification number to the cookie (“cookie ID”). The cookie ID is not associated with your name, IP address or similar data that would enable the attribution of the cookie to you. You can find out how to prevent the use of browser cookies under Item 5.5.
Our website uses so-called tracking technologies (you will find further details in Item 6). We use these technologies in order to make the Internet offer more interesting for you. This technology enables Internet users who have already shown an interest in our website to be presented with advertising on the websites of our partners. The display of these advertisements on our partners’ websites takes place based on the use of cookie technology and an analysis of the previous user behaviour. This analysis is carried out using a pseudonym and user profiles with your personal data are not put together.
Should you wish to opt out of this tracking process, you can refuse to allow the setting of a cookie required by this process:
- For example, by means of a browser setting that deactivates the automatic setting of cookies in general. Please use e.g. the “Do not track” (“DNT”) option of your web browser.
Please note that you must carry out this step individually for every one of your terminals and/or browsers.
Should you not wish the use of browser cookies, you can set your browser in such a way that the storage of cookies is not accepted. Please note that in this case you may only be able to use our website on a limited basis or not at all. Should you wish to only accept our own cookies, and not the cookies of our service providers and partners, you can select the setting “Block third-party cookies” in your browser.
7. Transfer of data
In principle, a transfer of your personal information without your prior express consent will only take place in the following cases:
- When it is required for the investigation of an unlawful use of our services or for the prosecution, personal data are transferred to the law-enforcement authorities and if necessary to injured third parties. However, this only occurs when there are concrete indications of unlawful or abusive behaviour. A transfer can also take place when it is necessary for the enforcement of terms and conditions of use or of other agreements. We are also legally obliged to provide information to specific public authorities on request. These are prosecutorial authorities, authorities that prosecute misdemeanours punishable by fines and the financial authorities. The transfer of this data takes place on the basis of our legitimate interest in combatting misuse, the prosecution of criminal offences, the safeguarding, assertion and enforcement of claims and the fact that your rights and interests with regard to the protection of personal data are not overriding pursuant to Article 6 (1) (f) GDPR.
A possible transfer of the personal data is justified by our legitimate interests in adapting our business form to economic and legal factors as required and the fact that your rights and interests with regard to the protection of personal data are not overriding pursuant to Article 6 (1) (f) GDPR.
8. Transfer of data to third countries
The data can in some cases be transferred in the scope described above to countries outside the European Economic Area (EEA). These countries do not have a standard of data protection comparable with the standard of protection within the EU (e. g. USA, China or India). For the protection of your data, those of our group companies and contract partners located outside the EEA to whom data should be transferred, such as foreign representatives, are obligated on the basis of the EU standard contractual clauses for the transfer of personal data to third countries to guarantee adequate data protection.
You will find the EU standard contractual clauses for the transfer of personal data to third countries under the following link: https://ec.europa.eu/info/law/law-topic/data-protection/data-transfers-outside-eu/model-contracts-transfer-personal-data-third-countries_de
You will also find information on international data protection under the following link: https://www.lda.bayern.de/en/international.html
9. Changes of purpose
The processing of your personal data for purposes other than those described will only take place to the extent permitted by a legal regulation or subject to your consent for the change of purpose of the data processing. In the event of further processing for purposes other than those for which the data were originally collected, we will inform you of these other purposes before the further processing and make all relevant information available to you.
10. The deletion of your data
We delete or anonymize your personal data as soon as they are no longer required for the purposes according to the aforementioned items for which we collected them. As a rule, we store your personal data for the duration of your user relationship with respect to the website.
After the expiry of these periods of notice, the data are deleted, insofar as these data are no longer required due to legal retention periods, for criminal prosecution or for the safeguarding, assertion or enforcement of legal claims. In this case, they are locked. The data are then no longer available for further use.
11. Automatic case-by-case decision making or profiling measures
Automated decision-making is not used to establish and implement the contractual relationship with you, to contact you for advertising purposes, or to process your participation in events or contests.
When you use our Digital Event-Platform, we evaluate your interests on the basis of the actions you have taken in order to display or send you information on products and services that is tailored to your interests, to be able to address you in a personalized manner with recommendations that are tailored to your interests, and to be able to make targeted suggestions to you about other users, exhibitors, and products on Koelnmesse GmbH's platforms. No automated decision-making takes place.
12. Your rights as an affected individual
12.1 Right to information
Pursuant to Article 15 GDPR, you have the right to request us at any time to provide you with information concerning personal data relating to you that we process. You can make this request by sending a postal letter or e-mail to the above address.
12.2 Right to rectification of incorrect data
You have the right to request us to immediately rectify your personal data if they are inaccurate. To do so, please contact the above addresses.
12.3 Right to erasure
You have the right to obtain from us the erasure of personal data on the grounds described in Article 17 GDPR. These grounds especially give you the right to erasure if the personal data are no longer necessary in relation to the purposes for which they were collected or otherwise processed, if the personal data have been unlawfully processed, if we have received an objection to the processing, or the personal data have to be erased in compliance with a legal obligation in Union or Member State law to which Koelnmesse is subject. With regard to the duration of the data storage, see Item 10 of this data protection declaration. To exercise the aforementioned right, please contact the above addresses.
12.4 Right to restriction of processing
You have the right to request us to restrict processing pursuant to Article 18 GDPR. This right applies, in particular, to the following cases: When the accuracy of the personal data is contested between the user and ourselves, for a period enabling us to verify the accuracy of the personal data; the user has an existing right to erasure but opposes the erasure of the personal data and requests the restriction of their use instead; the data are no longer needed for our purposes, but they are required by the user for the establishment, exercise or defence of legal claims; the user has objected to processing pending the verification whether our legitimate grounds override those of the user. To exercise the aforementioned right, please contact the above addresses.
12.5 Right to data portability
You have the right to receive the personal data concerning yourself, which you have provided to us, in a structured, commonly used and machine-readable format pursuant to Article 20 GDPR. To exercise the aforementioned right, please contact the above addresses.
12.6 Right to object
Pursuant to Article 21 GDPR, you have the right to object, on grounds relating to your particular situation, at any time to processing of personal data concerning yourself which is based on point (e) or (f) of Article 6 (1) GDPR. In that case, we shall no longer process your personal data unless we can demonstrate compelling legitimate grounds for the processing which override your interests, rights and freedoms or for the establishment, exercise or defence of legal claims.
12.7 Right of appeal
If you have a complaint, you also have the right to appeal to the responsible regulatory authority. The responsible regulatory authority is:
Landesbeauftragte für Datenschutz und Informationsfreiheit Nordrhein-Westfalen
Postfach 20 04 44
40102 Düsseldorf, Germany
Tel.: +49 211/38424-0
Fax: +49 211/38424-999
Status: 3 September 2021