Koelnmesse GmbH (Koelnmesse) attaches a high value to your privacy and observes the legal stipulations regarding data protection. In the following we would like to explain to you how we handle your personal data which is collected and processed within or via this app.
As part of the function of this app, we enable you to call up information regarding the trade fair. You can, for example, see which exhibitors have a stand and in which hall they are located. In the process, you can search for exhibitors alphabetically, by location or by product range. The app also offers you a hall plan, an overview of the events and additional features related to the trade fair.
When you use the app, we process your personal data. All information relating to an identified or identifiable natural person is to be considered personal data.
2. Data controller/contact
The data controller responsible under the data protection laws is Koelnmesse GmbH, Messeplatz 1, 50679 Köln, Germany
Our data protection officer can be contacted under the following e-mail address: firstname.lastname@example.org
3. Information regarding the processing of your data
Certain information is automatically processed as soon as you use the app. We have listed exactly which personal data we process below:
- 3.1 Information that is collected during the download
Certain necessary information is transferred to your chosen app store (e. g. Google Play or Apple App Store) when the app is downloaded in particular the username, the e-mail address, the customer number of your account, the time of the download, payment information and the individual identification number of your device can be processed. The processing of this data is carried out exclusively by the respective app store and is beyond our control..
- 3.2 Information that is collected automatically
This data is automatically transferred to us, (1) in order to provide you with the service and the functions associated with the service; (2) to improve the functions and features of the app and (3) to prevent and eliminate misuse and malfunctions. This data processing is lawful because (1) the processing is necessary for the purpose of fulfilling the contract between you as the data subject and ourselves pursuant to Article 6 (1) (b) GDPR for the use of the app, or (2) we have a legitimate interest in guaranteeing the functioning and the error-free operation of the app and being able to offer a service which is appropriate to the market and our interests, which in this case overrides your rights and interests in the protection of your personal data pursuant to Article 6 (1) (f) GDPR.
- 3.3 Creation of a user account (registration) and logon
You can create a user account via the respective trade fair website and use it for your registration in the app. Mandatory information required during registration is indicated with an asterisk and is required for the agreement of a contract of use. If this data is not supplied, you cannot create a user account.
We use voluntary information in order to display these items according to the settings that you have made while using the app and to make them accessible to other users of the app at your request.
This data processing is lawful because (1) the processing is necessary for the purpose of fulfilling the contract between you as the data subject and ourselves pursuant to Article 6 (1) (b) GDPR for the use of the app, or (2) we have a legitimate interest in guaranteeing the functioning and the error-free operation of the app, which in this case over-rides your rights and interests in the protection of your personal data pursuant to Article 6 (1) (f) GDPR.
- 3.4 Use of the app
The app also requires the following permissions for the use of all its functions, which you can optionally set:
- Internet access: This is required to download the current trade fair data to your device. In addition, functions such as sending contact requests (networking) or watching livestreams (event programme) require internet access.
- Camera access: This is required so that QR codes can be scanned. These are used, for example, to import contact details of scanned trade fair participants (QR code on trade fair ticket or networking QR code in the app) into the networking address book in the app. The function also makes it possible to transfer favourites from the online exhibitor search to the app. In addition, the camera access is required for navigation purposes on the Koelnmesse exhibition grounds, provided that this service is offered at the respective event.
- Location and Bluetooth access: Access is required for location-based navigation and information purposes on the Koelnmesse exhibition grounds, provided this service is offered at the respective event (see also Item 3.7).
- Access to the gallery: This is required if you wish to upload a profile photo from your photo album.
- Access to the address book: This is required in order to be able to save contacts in the address book of your device.
- Calendar access: This is required in order to import/save appointments made via the app into your calendar.
- Device memory access: This is needed to save export files of contact lists on your device.
- 3.5 Cookies
Cookies are small data files that are saved on your terminal when the app is used. If you call up the app again, your terminal will send the contents of the cookies back to the respective provider and so enable the terminal to be recognized. These cookies can be used in order to determine whether your terminal has already communicated with us. Only the cookie on your terminal is identified. You have the possibility of blocking, deleting or deactivating cookies using the functions supported by your browser or device.
We only receive pseudonymized information from our use of cookie technology. This information concerns, for example, which pages have been visited, which products have been viewed etc.
You will find further information on third-party cookies and similar technologies and how you can prevent their use on the following websites:
When you use the app, we automatically collect data that could possibly refer to your person using:
Google Analytics SDK
- 3.6 Participant groups
The app differentiates between 'public + private participants' of the event. This differentia-tion is relevant to whether and when the respective contact is listed in public directories and whether this service is optional, if applicable.
• "Public participants" are (i.) the persons named by the respective exhibitor and (ii.) those who provide a specific service within the scope of an agreement with Koelnmesse, such as a moderator. These persons are always listed in the respective lists of persons and can optionally participate in networking. Public participants also include (iii) trade visitors who have not deactivated the networking functions.
• "Private attendees" are all attendees who have deactivated the networking function. These persons, if they have deactivated this function, will be removed from the People directory.
The networking function is activated by default. However, you can deactivate or reactivate it under Home/"My Profile".
Furthermore, the app can be used by third parties (e. g. private visitors) who are not as-signed to any of the aforementioned participant groups.
- 3.7 Further functions
In addition to the basic functions, there are so-called additional functions which are reserved for registered and logged-in participants (in part only with a valid ticket). Details of these functions can be found in the relevant terms and conditions, unless otherwise stated in this data protection notice.
For optimal use of the networking functions, we process your following personal data: Name, first name, position, company, country, mobile number, e-mail address, (profile) picture and interests. Your contact and profile data are imported into the app from previous systems such as the ticket shop and our CRM system, if available.
Contact data will only be displayed for approved profiles of trade visitors once you have accepted a "request" from the enquirer. Only in this case is your full profile linked to that of the enquirer and made visible.
The legal basis for data processing for private participants (trade visitors etc.) is based on Art. 6 para. 1 sentence 1 lit. a) GDPR and for public participants on Art. 6 para. 1 sentence 1 lit. b) and f) GDPR.
Each participant can revoke their consent for the networking function at any time in the app under Home/"My Profile" with the function "Deactivate Networking" with effect for the future (opt-out).
b) Push messages
If included in the scope of services of the respective app and if you have agreed to this function when using the app, the app will inform you about interesting news concerning your trade fair stay (e. g. event highlights, new products, etc.) via push messages on your terminal device. The push messages can be deactivated and reactivated at any time in the settings of your operating system.
The legal basis for data processing for participants (trade visitors, etc.) is also based on Art. 6 (1) sentence 1 lit. a) GDPR.
c) Location data and reception of interest-based messages
For selected events, Koelnmesse also offers a location- and interest-based messaging service in the app. This can be used by all participants by granting permission in the app to receive notifications and to access their Bluetooth function and location (optionally also when using the app in the background). Depending on their location at the exhibition grounds, participants can receive relevant information from exhibitors at the event as well as organizational and security-related information from Koelnmesse if the Bluetooth function is activated and depending on the data they provided during registration or ticket purchase (e.g. country of origin, interests).
This function uses a so-called geofencing/Bluetooth technology on the exhibition grounds, which makes it possible to trigger a message in the app from Koelnmesse based on the location of the mobile device. The location of the mobile device is not stored.
You can revoke access at any time in the settings of your operating system. Please note that some functions may not be available or not fully available if you do not allow access to your location data.
Koelnmesse does not pass on any data to the exhibitor as a result of the participant using this function.
The legal basis for data processing for participants (trade visitors, etc.) is also based on Art. 6 (1) sentence 1 lit. a) GDPR.
4. Transfer of data
Koelnmesse will not transfer your data to third parties at any time without your express permission unless Koelnmesse is obliged to do so due to a legal requirement. However, we can make use of services provided by third parties in order to provide you with the app and its functions. Insofar as these activities necessitate a disclosure of your personal data, we will ensure that the legal re-quirements are observed, including a corresponding agreement concerning the carrying out of such contract data processing insofar as this may be necessary.
5. Transfer of data to third countries
Data is not processed outside the European Economic Area.
6. Changes of purpose
The processing of your personal data for purposes other than those described will only take place to the extent permitted by a legal regulation or subject to your consent for the change of purpose of the data processing. In the event of further processing for purposes other than those for which the data were originally collected, we will inform you of these other purposes before the further processing and make all relevant information available to you.
7. Duration of the data storage
We delete or anonymize your personal data as soon as they are no longer required for the pur-poses according to the aforementioned items for which we collected or used them.
We utilize technical and organizational security measures in order to protect your personal data from accidental or wilful manipulation, loss, destruction or against access by unauthorized persons. Our data processing and our security measures are continually improved in line with the technological development.
At our company, data transferred during the use of the app are always securely transferred using encryption. We use the SSL (Secure Socket Layer) encryption system. Nobody can guarantee absolute protection. However, we secure our app and other systems against loss, destruction, access to and alteration or dissemination of your data by unauthorized persons to your data by means of technical and organizational measures.
9. Your rights as an affected individual
- 9.1 Right to information
Pursuant to Article 15 GDPR, you have the right to request us at any time to provide you with information concerning personal data relating to you that we process. You can make this request by sending a postal letter or e-mail to the address given below.
- 9.2 Right to rectification of incorrect data
You have the right to request us to immediately rectify your personal data if they are inaccurate. To do so, please contact the addresses given below.
- 9.3 Right to erasure
- 9.4 Right to restriction of processing
You have the right to request us to restrict processing pursuant to Article 18 GDPR. This right applies, in particular, to the following cases: When the accuracy of the personal data is contested between the user and ourselves, for a period enabling us to verify the accuracy of the personal data; the user has an existing right to erasure but opposes the erasure of the personal data and requests the restriction of their use instead; the data are no longer needed for our purposes, but they are required by the user for the establishment, exercise or defence of legal claims; the user has objected to processing pending the verification whether our legitimate grounds override those of the user. To exercise your right to the restriction of processing, please contact the addresses given below.
- 9.5 Right to data portability
You have the right to receive the personal data concerning yourself, which you have provided to us, in a structured, commonly used and machine-readable format pursuant to Article 20 GDPR. To exercise your right to data portability, please contact the addresses given below.
10. Right to object
Pursuant to Article 21 GDPR, you have the right to object, on grounds relating to your particular situation, at any time to processing of personal data concerning yourself which is based on e. g. point (e) or (f) of Article 6 (1) GDPR. In that case, we shall no longer process your personal data unless we can demonstrate compelling legitimate grounds for the processing which override your interests, rights and freedoms or for the establishment, exercise or defence of legal claims.
11. Right of appeal
If you have a complaint, you also have the right to appeal to the responsible regulatory authority. The responsible regulatory authority is:
Landesbeauftragte für Datenschutz und Informationsfreiheit Nordrhein-Westfalen
Postfach 20 04 44
40102 Düsseldorf, Germany
Telephone +49 211/38424-0
Fax +49 211/38424-999
Status: March 2023