Data protection

privacy statement

We appreciate your visit to our website www.gdpr-conference.eu and your interest in our company. The protection of your personal data is important to us. Personal data is information about personal or factual circumstances of a specific or identifiable natural person. This includes, for example, the civil name, the address, the telephone number and the date of birth, but also all other data that can be related to an identifiable person.
Since personal data enjoy special legal protection, they are only collected by us insofar as this is necessary for the provision of our website and the provision of our service. Below, we describe which personal information we collect during your visit to our website and how we use it.
Our data protection practice is in accordance with the legal regulations, in particular those of the German Federal Data Protection Act (BDSG), the German Telemedia Act (TMG) and the General Data Protection Regulation of the EU (GDPR). We will only collect, process and store your personal data insofar as this is necessary for the functional provision of this website and our contents and services, as well as for the processing of enquiries and, if applicable, for the processing of orders/contracts, but only insofar as there is a justified interest within the meaning of Art. 6 Para. 1 S.1 lit.f GDPR or any other provision of permission. Your data will only be used for further purposes if you have previously given your consent separately, and in such cases they will only be used for the purposes which are precisely specified in the consent, e.g. for sending advertising information by newsletter.

1. Responsible person in terms of art. 4 no. 7 GDPR

The Controller within the meaning of the GDPR and of national data protection laws of the member states as well as other data protection provisions is:

DURY Compliance & Consulting GmbH
Beethovenstr. 24
66111 Saarbrücken

Fax: +49 (0) 681 940 054 333
Telefon: +49 (0) 681 940 054 377

Email:office@datenschutz-compliance.de

2. Provision of the website and creation of logfiles

Whenever you access our website, our system automatically collects data and information from the computer system of the accessing computer. The following data is collected:

Scope processing of the data

(1) Information about browser type and version used
(2) The operating system of the retrieval device
(3) The IP address of the retrieval device
(4) Date and time of access
(5) Websites and resources (images, files, other page content) accessed on our website.
(6) Websites from which the user's system accessed our website (referrer tracking)
This data is stored in the log files of our system. These data are not stored together with the personal data of a specific user, so that individual site visitors are not identified.

  • Art. 6 para.1 lit. f GDPR (legitimate interest). Our legitimate interest consists in ensuring that the purpose described below is achieved.

  • Purpose of data processing

    The logging is done to maintain the compatibility of our website for as many visitors as possible, for troubleshooting and to combat abuse. For this it is necessary to log the technical data of the accessing computer in order to be able to react as early as possible to display errors, attacks on our IT systems and/or errors in the functionality of our website. In addition, the data is used to optimise the website and to generally ensure the security of our information technology systems.

  • Duration of storage

    The above-mentioned technical data will be deleted as soon as they are no longer needed to ensure the compatibility of the website for all visitors, but no later than 3 months after our website has been accessed.

  • Possibility of logging an objection and of erasure of data

    The possibility of lodging an objection and erasure of data is based on the general regulations described in the following data protection declaration regarding the right of objection under data protection law and the right to erasure.

3. Special functions of the Internet page

Our site offers you various functions, the use of which involves the collection, processing and storage of personal data by us. Below, we explain what happens with these data:

  • Ticket system:
    • Scope of processing of personal data
    • We use a ticket system of the company Pretix - owner Raphael Michel, Römerstraße 245, 69126 Heidelberg (hereinafter: PRETIX). By using our ticket system on our website you will be redirected to the domain of PRETIX. Within the framework of your booking, we receive the data entered by you via our shopping cart system, such as name, first name, address, etc..

    • The legal basis for data processing is the existing contract with Pretix for order processing (AVV) pursuant to Art. 28 GDPR and Art. 6 Para. 1 lit. b GDPR (contract initiation) or Art. 6 Para. 1 lit. f GDPR (legitimate interest). The legitimate interest is to ensure that the ticket system functions and displays correctly and to enable the purchase of tickets for the event.

    • Purpose of data processing
    • The purpose of data processing is to process your order and thus enable us to fulfil the contract.

    • Duration of Storage
    • The data will be deleted as soon as they are no longer required for processing the order and there are no longer any legal storage obligations. This will normally be after 10 years (see § 147 Para. 2 i. V. m. Para. 1 No. 1, 4 and 4a German Fiscal Code (AO), § 14b Para. 1 German VAT Act (UStG).

    • Possibility of lodging an objection and of erasure of data
    • The possibility of lodging an objection and of data erasure are based on the general regulations described in the following data protection declaration regarding the right of objection under data protection law and the claim for erasure.

  • Contact form(s):
    • Scope of processing personal data

      The data you enter in our contact forms.

    • Art. 6 para. 1 lit.a GDPR (consent through clear confirmatory action or conduct)

    • Purpose of data processing-
    • The data collected via our contact form or via our contact forms will only be used for processing the specific contact request received via the contact form.

    • Storage time
    • After processing your request, the collected data will be deleted immediately, unless there are legal retention periods.

    • Possibility of lodging an objection and of erasure of data
    • The possibility of lodging an objection and of data erasure are based on the general regulations described in the following data protection declaration regarding the right of objection under data protection law and the claim for erasure.

4. Integration of external web services and processing of data outside the EU

On our website, we use active Java Script content from external providers, so-called web services. When you access our website, these external providers may receive personal information about your visit to our website. In this case, it may be possible to process data outside the EU. You can prevent this by installing a Java Script blocker such as the browser plug-in 'NoScript' (www.noscript.net ) or by deactivating Java Script in your browser. This may result in function restrictions on Internet pages that you visit.
We use the following external web services:

  • Google-Dienste

    Our website uses several web services provided by Google Ireland Limited, Gordon House, Barrow Street, 4 Dublin, Ireland ("Google Services"):

    Google.com

    - This service ensures the general connectivity and functionality of the website and ensures that the other Google services can be reloaded.

    Gstatic.com

    This service is a part of Google Maps that ensures the functionality of the map section.

    Googleapis.com

    This Google service is the map provided by Google Maps. Only with the help of this script we can present you a map section with our event location.

    In this context, your browser may transmit personal data to Google services. The legal basis for data processing is Art. 6 Para. 1 lit. f GDPR. The legitimate interest lies in the error-free functioning of the website. The Google services have certified itself within the framework of the EU-US Privacy Shield Agreement (see https://www.privacyshield.gov/list ). The data will be deleted as soon as the purpose of their collection has been fulfilled. Further information on the handling of the transferred data can be found in the privacy policy of the Google services:

    https://policies.google.com/privacy . You can prevent the collection and processing of your data by Google by deactivating the execution of script code in your browser or by installing a script blocker in your browser (this can be found e.g. under www.noscript.net or www.ghostery.com ).

5. Information on the use of cookies

  • Scope of processing of personal data

    On various pages we use cookies to enable the use of certain functions of our website. The so-called 'cookies' are small text files that your browser can store on your computer. These text files contain a characteristic string of characters that enable the browser to be uniquely identified when you return to our website. The process of storing a cookie file is also called 'setting a cookie'.

  • Art. 6 para.1 lit. f GDPR (legitimate interest). Our legitimate interest consists in maintaining the full functionality of our website, increasing its usability and enabling a more individual approach to customers. We can only identify individual site visitors with the help of cookie technology if the site visitor has previously provided us with corresponding personal data on the basis of a separate consent.

  • purpose of data processing-

    The cookies are set by our website in order to maintain the full functionality of our website and to improve usability. In addition, cookie technology enables us to recognize individual visitors by means of pseudonyms, e.g. an individual, arbitrary ID, so that we are able to offer more individual services.

  • Duration of Storage

    Our cookies are stored in your browser until they are deleted or, if the cookie is a session cookie, until the session has expired.

  • Possibility of lodging an objection and of erasure of data

    You can set your browser according to your wishes so that the setting of cookies is generally prevented. You can then decide on the acceptance of cookies on a case-by-case basis or generally accept cookies. Cookies can be used for various purposes, e.g. to recognise that your PC has already been connected to our website (permanent cookies) or to save recently viewed offers (session cookies). We use cookies to provide you with increased user comfort. In order to use our comfort functions, we recommend that you allow the acceptance of cookies for our website. The possibilities for objection and erasure of data are also governed by the general regulations on the right of objection under data protection law and the right of erasure described in the following in this data protection declaration.

6. Data security and data protection, communication by e-mail

Your personal data is protected by technical and organisational measures during collection, storage and processing in such a way that it is not accessible to third parties. In the case of unencrypted communication by e-mail, we cannot guarantee complete data security on the transmission path to our IT systems, so we recommend using encrypted communication or communicating via the post for information with a high need for confidentiality.

7. Right to accessand correction requests - erasure & blocking of data - revocation of consents - right to object Art. 13 para. 1 lit. c GDPR in connection with Art. 13 Para. 2 lit. b, lit. c GDPR

Right to access
You have the right to request a confirmation as to whether we process your personal data. If this is the case, you have a right to access the informationspecified in Art. 15 para. 1 GDPR, provided that the rights and freedoms of other persons are not infringed (cf. Art. 15 para. 4 GDPR). We will also be pleased to provide you with a copy of the data.

Claims for correction
Pursuant to Art. 16 GDPR, you have the right to have incorrectly stored personal data (such as address, name, etc.) corrected by us at any time. You can also request the completion of the data stored by us at any time. A corresponding adjustment will be made without delay
. Right of erasure
Pursuant to Art. 17 Para. 1 GDPR, you have the right to have the personal data collected about you deleted if one of the following grounds aplies:
  • when the data is no longer needed
  • due to the revocation of your consent, the legal basis of the processing has been canceled without replacement
  • you have objected to the processing and there are no legitimate reasons for the processing
  • your data have been unlawfully processed
  • a legal obligation requires this or the personal data have been collected in relation to the offer of information society services referred to in Article 8(1).

The right does not exist according to art. 17 para. 3 GDPR,

  • if the processing is necessary for the exercise of the right to freedom of expression and information
  • if the datahave been collected on the basis of a legal obligation
  • if the data are necessary for reasons of public interest
  • if the data are required for the assertion, exercise or defence of legal claims.
Right to restriction of processing
According to Art. 18 Para. 1 GDPR, you have the right in individual cases to demand the restriction of the processing of your personal data. This is the case if

  • the accuracy of personal data is disputed by you;
  • he data are no longer required for the purpose of the processing, but they are required by the data subject for the establishment, exercise or defence of legal claims.
  • an objection has been filed against the processing pursuant to Art. 21 (1) GDPR and it is still unclear which interests outweigh which.

Right of revocation
If you have given us express permission to process your personal data (Art. 6 para. 1 lit. a GDPR or Art. 9 para. 2 lit. a GDPR), you may revoke such permission at any time. Please note that this does not affect the lawfulness of the processing carried out on the basis of your consent until revocation.

Right of objection
Pursuant to Art. 21 GDPR, you have the right to object at any time to the processing of personal data relating to you which has been collected on the basis of Article 6 Para. 1 lit. e or lit. f. You are only entitled to this right if special circumstances speak against the storage and processing of your personal data.
How do I exercise my rights?
You can exercise your rights at any time by contacting us using the contact details below:


DURY Compliance & Consulting GmbH
Beethovenstr. 24
66111 Saarbrücken
Fax: +49 (0) 681 940 054 333
Telefon: +49 (0) 681 940 054 377
Email:office@datenschutz-compliance.de

8. Right to data portability - Art. 13 Par. 1 lit c DSGVO in connection with Art. 13 Para. 2 Letter b DSGVO

Pursuant to Art. 20 GDPR, you have a right to the transfer of personal data concerning you. The data will be made available by us in a structured, common and machine-readable format. The data can be sent either to yourself or to a responsible person named by you. We will provide you with the following data on request in accordance with Art. 20 Para. 1 GDPR:

  • Data collected on the basis of express consent pursuant to Art. 6 para. 1 lit. a GDPR or Art. 9 para. 2 lit. a GDPR
  • Data we have received from you pursuant to Art. 6 para. 1 lit. b GDPR within the scope of existing contracts
  • Data processed within the framework of an automated procedure

We will transfer personal data directly to a responsible person of your choice as far as this is technically feasible. Please note that according to art. 20 GDPR we are not allowed to transfer data that interfere with the freedoms and rights of other persons. The right to data transfer does not apply to the processing of personal data necessary for the performance of a task carried out in the public interest or in the exercise of public authority.

9. Right of appeal to the supervisory authority pursuant to Art. 77 Para. 1 GDPR

If you suspect that your data is being illegally processed on our site, you can of course at any time bring about a judicial clarification of the problem. Irrespective of this, you have the option of contacting a supervisory authority pursuant to Art. 77 para. 1 GDPR. You are entitled to the right of appeal pursuant to Art. 77 DSGVO in the EU member state of your place of residence, your place of work and/or the place of the alleged infringement, i.e. you can choose the supervisory authority to which you apply from the above-mentioned places. The supervisory authority to which the complaint was submitted will then inform you of the status and results of your complaint, including the possibility of a judicial remedy pursuant to Art. 78 GDPR.
.

10. Order processing

In order to provide the content of our website and for hosting purposes, we work together with a service provider who supports us in providing the necessary technical services and server capacities. Your data collected within the website will be processed for this purpose on servers operated by Vindler GmbH, Bahnhof 1, 35619 Braunfels. The processing of your data by this company takes place on the basis of a contract for order processing pursuant to Art. 28 GDPR, which constitutes the legal basis for the transfer of the data to these companies.
.
© IT Law Firm DURY - www.dury.de
Copyright © 2019 #GDPR+1. All Rights Reserved.