Privacy statement Digital Expo
This privacy notice informs you about the type, scope and purpose of the processing of personal data within our virtual trade fair (hereinafter “DigitalExpo”). The privacy notice applies regardless of the domains, platforms and devices used (e.g. desktop, mobile, etc.).
Personal data within the meaning of the GDPR is all data that can be related to you personally, e.g. name, address, e-mail addresses, user behavior. Which data is processed in detail and how it is used depends largely on the services you use with us.
In our privacy notice, we use various other terms within the meaning of the GDPR. These include terms such as processing, restriction of processing, profiling, pseudonymization, controller, processor, recipient, third party, consent, supervisory authority and international organization. You can find the corresponding definitions for these terms in Art. 4 GDPR.
| 1. Who is controller for data processing and who can I contact? |
Controller is:
profine GmbH
Zweibrücker Strasse 200
66954 Pirmasens
Germany
+49 6331 56-0
+49 6331 56-2475
You can reach our data protection officer at:
mip Consult GmbH
Wilhelm-Kabus-Straße 9
10829 Berlin
Germany
| 2. What sources and data do we use? |
We process personal data that we receive from you as part of the use of our website and, if applicable, our business relationship.
If you use the website for purely informational purposes, i.e. if you do not register or otherwise provide us with information, we only collect the personal data that your browser transmits to our server. When you visit our website, we collect the following access data, which is technically necessary for us to display our website to you and to ensure stability and safety. The access data includes the IP address, date and time of the request, time zone difference to Greenwich Mean Time (GMT), content of the request (i.e. name of the specific website accessed), access status/HTTP status code, amount of data transferred in each case, referrer URL (previously visited page), operating system and its interface, language and version and type of browser software, notification of successful access.
Before entering DigitalExpo, we conduct a query about the technical or professional background of the respective visitor.
We also receive your personal data if you contact us via contact form or e-mail. Personal data here are, for example, first name, surname, address, e-mail address, telephone number and, if applicable, the data that you send us as a message (hereinafter referred to as “contact data”).
| 3. What do we process your data for (purpose of processing) and on what legal basis? |
We process personal data in accordance with the provisions of the European General Data Protection Regulation (GDPR) and the Federal Data Protection Act (BDSG) for the following purposes and on the following legal bases:
| Purposes | Legal basis |
| If you have given us your consent to process personal data for certain purposes, in particular for contacting you (e.g. via our contact form or by e-mail to process and handle your inquiry, sending newsletters, advertising by telephone, e-mail), the lawfulness of this processing is based on your consent.
Any consent given can be withdrawn at any time. Please note that the withdrawal is only effective for the future. Processing that took place before the withdrawal is therefore not affected by the withdrawal. The withdrawal can be sent to the contact details above. |
Consent, Art. 6 para. 1 sentence 1 lit. a) GDPR |
| When contacting us (via contact form or e-mail), your details will be processed to process the contact request and its handling. | Performance of pre-contractual measures at the request of the person, Art. 6 para. 1 sentence 1 lit. b) GDPR |
| When you visit our website for the first time, you will be asked whether you wish to accept non-essential cookies. If you consent to the use of non-essential cookies, this will enable us to display the virtual trade fair stands in the form of embedded videos and to analyze our website usage.
To find out more about the cookies we use, including how to manage and delete cookies, see the Cookies section below. |
Consent, Art. 6 para. 1 sentence 1 lit. a) GDPR, § 25 para. 1 TTDSG |
| We process your access data (see data listed above under point 2) to protect our legitimate interests or those of third parties. We pursue the following legitimate interests in particular:
• Ensuring IT security, in particular the safety of the website; • advertising or market and opinion research, unless you have objected to the use of your data; • Assertion of legal claims and defense in legal disputes; |
As part of the balancing of interests to safeguard legitimate interests, Art. 6 para. 1 sentence 1 lit. f) GDPR |
| 4. Who receives my data? |
Within our company, those departments that need your data to fulfill our contractual and legal obligations will have access to it.
Processors used by us (Art. 28 GDPR) may also receive data for the above-mentioned purposes. These are companies in the categories of IT infrastructure providers, software providers and marketing. If we pass on data to our service providers, they may only use the data to fulfill their tasks. The service providers have been carefully selected and commissioned by us. They are contractually bound by our instructions, have suitable technical and organizational measures in place to protect the rights of the data subjects, guarantee an appropriate level of data protection and are carefully monitored by us.
Data is only passed on to third parties who are not processors within the framework of the legal requirements. We only pass on user data to third parties if this is necessary, e.g. on the basis of Art. 6 para. 1 sentence 1 lit. b) GDPR for contractual purposes or on the basis of legitimate interests pursuant to Art. 6 para. 1 sentence 1 lit. f) GDPR in the economic and effective operation of our business operations or if you have consented to the transfer of data. When using the website for purely informational purposes, we do not pass on any data to third parties.
| 5. How long will my data be stored? |
For security reasons (e.g. to investigate misuse or fraud), log file information is stored for a maximum period of 12 months and then deleted (see point 2 above). Data whose further storage is required for evidentiary purposes is excluded from deletion until the respective incident has been finally clarified.
If necessary, we process and store your personal data for the duration of our business relationship, which also includes, for example, the initiation of an agreement via the contact form or by email.
In addition, we are subject to various retention and documentation obligations, including those arising from the German Commercial Code (HGB) and the German Fiscal Code (AO). The retention and documentation periods specified there are two to ten years.
Finally, the storage period is also assessed according to the statutory limitation periods, which, for example, according to Sections 195 et seq. of the German Civil Code (BGB), are generally three years, but in certain cases can be up to thirty years, whereby the regular limitation period is three years.
If you assert your rights as a data subject, we will store the information provided to you in this regard for 3 years until the expiry of the statutory limitation period pursuant to Section 31 (2) No. 1 OWiG, Section 41 (1) BDSG, Art. 83 (5) (b) GDPR. This period may be extended if the statutory limitation period is extended due to interruptions of the limitation period (e.g. in the context of inquiries by the supervisory authorities).
| 6. Is data transferred to a third country or to an international organization? |
The data provided will be processed within the European Union and in the USA. When transferring data to the USA, we ensure that the recipients of the data are certified in accordance with the EU-U.S. Data Privacy Framework or that we agree EU standard data protection clauses with recipients without certification. If we base the data transfer on the EU standard data protection clauses, we will take additional security measures to protect your data and to achieve an adequate level of protection for your personal data. You have the opportunity to receive or view a copy of the EU standard data protection clauses. If necessary, we will obtain your express consent for the transfer of data to the USA.
| 7. What data protection rights do I have? |
Each person concerned has
- the right of access in accordance with Art. 15 GDPR (i.e. you have the right to request information about your personal data stored by us at any time) ,
- the right to rectification in accordance with Art. 16 GDPR (i.e. if your personal data is incorrect or incomplete, you can request the rectification of this data) ,
- the right to erasure pursuant to Art. 17 GDPR and the right to restriction of processing pursuant to Art. 18 GDPR (i.e. you may have the right to request the erasure or restriction of processing of your personal data if, for example, there is no longer a legitimate business purpose for such processing and statutory retention obligations do not require further storage) ,
- the right to data portability under Art. 20 GDPR (i.e. you may have the right to receive the personal data concerning you, which you have provided to us, in a structured, commonly used and machine-readable format and to transmit those data to another controller without hindrance from us) .
You can also withdraw your consent with effect for the future.
In addition, you have the right to lodge a complaint with a data protection authority (Art. 77 GDPR in conjunction with Section 19 BDSG). You can find the supervisory authority responsible for you at https://www.bfdi.bund.de/DE/Infothek/Anschriften_Links/anschriften_links-node.html
We would also like to draw your attention to your right to object in accordance with Art. 21 GDPR:
| Information about your right to object in accordance with Art. 21 GDPR
You have the right to object, on grounds relating to your particular situation, at any time to processing of personal data concerning you which is based on Article 6 (1) sentence 1 (e) GDPR (data processing in the public interest) and Article 6 (1) sentence 1 (f) GDPR (data processing on the basis of a balancing of interests); this also applies to profiling based on this provision within the meaning of Article 4 no. 4 GDPR. If you object, we will no longer process your personal data unless we can demonstrate compelling legitimate grounds for the processing which override your interests, rights and freedoms, or the processing serves the establishment, exercise or defense of legal claims. In individual cases, we process your personal data for direct marketing purposes. You have the right to object at any time to the processing of personal data concerning you for the purpose of such advertising; this also applies to profiling insofar as it is associated with such direct advertising. If you object to processing for direct marketing purposes, we will no longer process your personal data for these purposes. The objection can be made in any form and there are no costs other than the transmission costs according to the basic rates. If you would like to exercise your right to object, an informal message, e.g. to the contact details above, is sufficient. |
| 8. To what extent is there automated decision-making in individual cases, including profiling? |
When you access our website or contact us by form or email, we generally do not use fully automated decision-making pursuant to Article 22 GDPR. If we use these procedures in individual cases, we will inform you of this separately if this is required by law. We do not process your data automatically with the aim of evaluating certain personal aspects (profiling).
| 9. Is there an obligation for me to provide data? |
As part of our website, you must provide the personal data that is technically necessary for the use of our website or for IT security reasons. If you do not provide this data, you will not be able to use our website.
When contacting us by form or e-mail, you only need to provide the personal data required to process your request. Otherwise we will not be able to process your request.
| 10. Cookies |
We use cookies on our website. Cookies are small text files, usually consisting of letters and numbers, which are stored on the user’s computer when visiting certain websites. Some of these cookies are essential for our website to function, while other cookies help us to improve our website by giving us insights into how you use it.
By default, we only use necessary cookies. Necessary cookies enable the core functionalities of our website. The website cannot be displayed correctly without these cookies or individual areas may not function properly. Necessary cookies can only be prevented by making the appropriate settings in your browser.
We only use cookies that are not necessary for the website to function (“non-essential cookies”) if you have given your consent via our cookie banner. You can return to our privacy notice at any time and withdraw your consent or make changes.
Click here for information about the cookies we use:
Alternatively, you can prohibit the storage of cookies individually via the settings of your browser (you can find out how to set the cookie handling on the browser’s help page). You can find help on cookie management in the most common browsers at the following addresses:
- Mozilla Firefox: https://support.mozilla.org/de/kb/cookies-loeschen-daten-von-websites-entfernen
- Internet Explorer: https://support.microsoft.com/de-de/help/17442/windows-internet-explorer-delete-manage-cookies
- Google Chrome: https://support.google.com/accounts/answer/61416?hl=de
- Opera: http://www.opera.com/de/help
- Safari: https://support.apple.com/kb/PH17191?locale=de_DE&viewlocale=de_DE.
| 11 Processing of personal data in the context of the use of external online services |
| 11.1 Google services |
We use the services of Google Ireland Ltd, Gordon House, Barrow Street, Dublin 4, Ireland (“Google”) on our website.
When using the Google services mentioned below, the data collected in this context is generally transmitted to a server in the USA.
Data is collected and stored in accordance with Section 25 (1) TTDSG, the subsequent data processing in accordance with Art. 6 (1) sentence 1 lit. a GDPR only on the basis of your express consent. You can withdraw your consent at any time with effect for the future in the consent settings at the bottom of our website.
You can find more information on the processing of your data in the following paragraphs. You can find more information on the processing of your data by Google in Google’s privacy notice at http://www.google.de/policies/privacy/.
- Google Tag Manager
We use Google Tag Manager to integrate other third-party services, such as Google Ads or Google Analytics. The Google Tag Manager itself does not set any cookies, but Google receives your IP address when you use it.
- Google Ads Conversion Tracking
We use the online advertising program “Google Ads” to place advertisements within the Google advertising network. In connection with this service, we use Google Ads Conversion Tracking to measure the success of our advertising campaigns and to achieve a fair calculation of advertising costs. We also aim to show you advertising that is of interest to you and to make our website more attractive to you.
With conversion tracking, Google sets a cookie when a user clicks on an ad placed by Google. If the user visits certain pages of this website, Google and we can recognize that the user clicked on the ad and was redirected to this page. The following data is processed as part of this service: the IP address, browser and device information, the referrer URL, the time of the visit, the cookie ID and general usage data, such as the ads clicked on and the web request. The information collected using the conversion cookie is used to compile statistics. This tells us the total number of users who clicked on our ad and were redirected to our website. We do not receive any information that can be used to personally identify users. The standard lifespan of Google Ads cookies is 30 days. The data is deleted as soon as it is no longer required for processing purposes.
Further information on the use of data for marketing purposes by Google can be found on the overview page: https://www.google.com/policies/technologies/ads. You can opt out of personalized advertising at https://myadcenter.google.com/.
- Google Analytics
We use the web analysis service Google Analytics. Google collects information on our behalf about the use of our website in order to evaluate it, to compile reports on the activities within this website and to provide us with further services associated with the use of this website. For these purposes, Google sets cookies on our website, which are stored on your device.
The following data is processed as part of Google Analytics: the IP address and geographical location, browser and device information and the referrer URL. In addition, information on the usage behavior of our visitors on the website is recorded. Google creates pseudonymous user profiles. The data collected is stored for 14 months.
For access originating from the EU, IP address data is only used to derive location data and then deleted immediately. They are not logged, are not accessible and are not used for other use cases. In Google Analytics 4, all data from devices located in the EU (based on the geographical location according to the IP address) is collected via domains and servers in the EU before the traffic is forwarded to Analytics servers for processing. Google’s analytics servers are located in the USA.
| 12. Integration of videos with Wistia |
We have integrated videos into our online offering via iFrame, which are provided by the video platform “Wistia”, Wistia, Inc, 120 Brookline Street, Cambridge, Massachusetts, 02139 USA.
When you enter our virtual trade fair, a connection to the Wistia servers is established. This tells the Wistia server which of our pages you have visited. Wistia also obtains your IP address.
For Wistia, we use the so-called “Privacy Mode”, which only collects completely anonymized data by deactivating session tracking and anonymizing your IP addresses. This makes it impossible to track your user activity. If you are logged into your Wistia account, you enable Wistia to link your surfing behavior directly to your personal profile.
The use of Wistia is in the interest of an appealing presentation of our online offers. This constitutes a legitimate interest within the meaning of Art. 6 para. 1 lit. f GDPR.
Further information on the purpose and scope of data collection and its processing by Wistia can be found in the Wistia privacy notice. You can find the Wistia privacy notice at https://wistia.com/privacy.
