Privacy Policy

Privacy Policy

Welcome to our DMEXCO website – we’re glad you’re here!

Like all websites, our site collects personal data from our visitors.

The protection and security of your data are important to us, and our website complies with the European General Data Protection Regulation (GDPR) and the German Federal Data Protection Act (BDSG). Below you can read about what data we use during your visit, why we might pass these data along, and, if so, to whom.

 

1. Controller within the meaning of the GDPR

a) The controller within the meaning of the laws for the protection of privacy is:

Koelnmesse GmbH
Messeplatz 1
50679 Cologne
Germany

b) Data Protection Officer:

Koelnmesse GmbH
Messeplatz 1
50679 Cologne
Germany
E-Mail: datenschutz-km(at)koelnmesse.de

 

2. Which personal data are processed?

Personal data is any information relating to an identified or identifiable natural person. These include things such as your name, date of birth, your E-Mail address, address and telephone number and profile picture. But personal data also include information that is automatically collected about the use of our website, our ticket shop and our digital event platform (known as “access data”). In addition to the access data, we will process personal data only if you voluntarily provide it to us, e.g. in the context of a registration, contact request or newsletter subscription, or when ordering tickets. Personal data will be used only to the extent required and only for such purposes as you have approved and/or as are permissible under law.

 

2.1 Collection of access data

For technical reasons, whenever you access our website, your end device automatically transmits data. The following data are stored separately from other data that you may transmit to us:

· date, time and duration of your visit to our website

· IP address

· the webpage visited

· the user tool (i.e. web browser, operating system) you used to access the website

· the action carried out on our website

· the search term entered in search engines and in the site search function, as well as the search result

· whether the access attempt was successful or not

· information retrieved, including downloads

· your server and the website that directed you to our website

We store these data in log files and delete them after 14 days. The data contained in the log files are stored separately from your other data.

Data is only stored for periods longer than this in certain individual cases (e.g. in case of suspicion of abuse or fraud). In these cases, the respective log files are stored until the facts have been clarified and any subsequent measures required have been completed.

For technical reasons, we require the access data to display the website to you, and to ensure stability and security. The legal basis for this is Article 6(1), subparagraph 1, point (f) of the GDPR, since we have a legitimate interest in offering you our services in a technically flawless, secure and optimized manner.

To provide our website and the services associated with it, we rely on service providers that process your data as set forth in this Privacy Policy exclusively on our behalf and according to our instructions (known as “processors” pursuant to Article 28 of the GDPR). These include:

· Website hosting service provider: PlusServer GmbH

· Custom relationship management provider: HubSpot, Inc.

· Service provider for operation of the ticket shop: Tito Limited or dimedis GmbH

· Service provider for integration of the press box function: Press 1 – HighText Verlag Graf und Treplin OHG

· Service provider for integration of videos: Vimeo, Inc.

· Service provider for the digital event platform: Swapcard Corporation SAS

· Service provider for surveys: Typeform S.L. and Easyfeedback GmbH

· Service provider for link shorteners: Rebrandly (Radiate Capital Limited)

 

2.2 Contact

You can contact us by phone, e-mail, or using our contact form (via HubSpot). The data processing that occurs when you contact us can be performed for different purposes, depending on the nature of your expressed concern. As a rule, we store and process the data provided so that we can process the matter you contacted us about. Your data are also stored and processed in a CRM (customer relationship management) system. We currently use software by HubSpot for this purpose. The legal basis for this use of your personal data is provided under Article 6(1), subparagraph 1, point (f) of the GDPR.

However, if the content of your message serves to execute a contractual relationship between us, we will base the processing of your data on Article 6(1), subparagraph 1, point (b) of the GDPR.

Provided there are no legal retention obligations that prevent us from erasing the data processed in connection with contacting us, we will erase these data as soon as we no longer require them.

 

2.3 Event Calendar

As a DMEXCO exhibitor or partner, you have the opportunity to list your own events on the digital event platform. These events will then appear under the “(Side) Events” tab on the platform and in the DMEXCO App. This generates visibility for your events and allows registered attendees and website users to find them more quickly and easily. However, there is no entitlement to have the event included.

Your personal data are processed on the basis of Art. 6 (1) (b) GDPR, since your participation in this offer constitutes a license agreement.

In order to offer you this service, we process the following personal data:

  • Your status (media representative, exhibitor, visitor, speaker),
  • Name,
  • E-Mail address, telephone number,
  • Contact for inquiries;

We also need the name of your company as well as a few additional details about the event and its target group. The details for this can be found in the inquiry screen.

The data you provide will not be disclosed to third parties. However, we do enlist the assistance of Hubspot and Swapcard for the technical implementation of the tool and the data processing associated with it.

 

2.4 Use of the Usercentrics Consent Management Platform

We use the Usercentrics Consent Management Platform to meet our legal obligation pursuant to Art. 7 (1) GDPR and §25 TTDSG (New German Telecommunications-Telemedia Data Protection Act). The operator is Usercentrics GmbH. The Usercentrics Consent Management Platform collects log file data, user agent (device, browser type, browser language, browser version, resolution) and consent data (consent yes/no, time stamp, data scope, data attributes, ControllerID, ProcessorID, ConsentID) via a JavaScript. This JavaScript enables us to notify the user about certain tags and web technologies on our website and to obtain, manage and document his or her consent. The legal basis for processing these data is Art. 6 (1) (c) GDPR, as we have an obligation under law to provide proof of consent (according to Art. 7 (1) GDPR).

The goal is to know the preferences of our users and implement these accordingly, and to document them in a legally sound manner. The data are erased as soon as they are no longer required for our logging, provided that this erasure does not conflict with legal retention obligations.

You can permanently prevent the execution of JavaScript at any time by using appropriate settings in your browser; this would also prevent Usercentrics from executing the JavaScript. For more information on the privacy practices of Usercentrics, please visit: Usercentrics Privacy Policy

 

2.5 General information about cookies

We use what are known as “browser cookies” to collect information about your use of our website. These are small text files that are stored to your data medium and save specific settings and data for exchange with our system via your browser. As a rule, a cookie contains the name of the domain from which the cookie data were sent as well as information about the age of the cookie and an alphanumeric identifier. Cookies enable our systems to recognize the user’s device and make any presettings available immediately. As soon as a user accesses the platform, a cookie is transferred to the hard disk of that user’s computer.

The cookies we use have different purposes. They are used, on the one hand, to ensure security during website visits (“necessary cookies”), and on the other to implement certain features such as standard language settings (“functional cookies”), to improve the user experience or performance on the website (“performance cookies” and “session cookies”), and for purposes of direct marketing (“targeting/advertising cookies”).

We use so-called “session cookies” for the DMEXCO profile picture generator. These also serve for performance optimization and ensure that connections with the provider system can take place. These cookies contain a random identifier, which, however, does not allow any conclusions to be drawn about personal data. These cookies have a lifespan of 60 minutes.

Specifically, we use the following cookies (cookie name | purpose pf processing | cookie duration | provider):

  • _ga |Traffic analysis / functional | 2 years | Google Analytics
  • _gid | Traffic analysis / functional | 24 hours | Google Analytics
  • _gat | Minimization of data traffic / functional | 1 minute | Google Analytics
  • __hstc | Traffic analysis | 13 months | Hubspot
  • hubspotutk | Traffic analysis | 24 hours | Hubspot
  • __hssc | Traffic analysis | 24 hours | Hubspot
  • pll_language |Saves the language setting / functional | 24 hours | Polylang WordPress Plugin
  • _fbp | Marketing/targeting | 24 hours | Facebook
  • lidc I Marketing/Retargeting I 24 Stunden I LinkedIn
  • ajs_anonymous_id | Video tool/functional | 1 year | Go Essential
  • ajs_user_id | Video tool/functional | 1 year | Go Essential
  • ajs_group_id | Video tool/functional | 1 year | Go Essential
  • JSESSIONID | 24 hours | SAP | General purpose platform session cookie, used by sites written in JSP. Usually used to maintain an anonymous user session by the server.
  • ROUTE | 24 hours | SAP | SAP Commerce Cloud load-balancer server value
  • OptanonConsent | 1 year| OneTrust | This cookie is set by the cookie compliance solution from OneTrust. It stores information about the categories of cookies the site uses and whether visitors have given or withdrawn consent for the use of each category. This enables site owners to prevent cookies in each category from being set in the users browser, when consent is not given. The cookie has a normal lifespan of one year, so that returning visitors to the site will have their preferences remembered. It contains no information that can identify the site visitor.
  • OptanonAlertBoxClosed | 1 year | OneTrust | This cookie is set by websites using certain versions of the cookie law compliance solution from OneTrust. It is set after visitors have seen a cookie information notice and in some cases only when they actively close the notice down. It enables the website not to show the message more than once to a user. The cookie has a one year lifespan and contains no personal information.
  • ttp | On our website, we utilize the TikTok Pixel to gain a deeper comprehension of your interaction with our content and enhance our tailored propositions for you. This enables us to present more precise advertisements and assess the efficiency of our campaigns. The data gathered by the pixel is transmitted to TikTok in an anonymous manner. | 389 days | TikTok
  • Adform Pixel | Cookie: C, lifespan: 27 days | lifespan: CM, lifespan: 1 day | Cookie: uid, lifespan: 60 days | You will find further information on data protection and cookies from Adform A/S, Wildersgade 10B, 1st floor, DK-1408 Copenhagen, Denmark here.

The use of cookies is justified on the basis of our legitimate interest in a needs-based design, statistical evaluation of our website and an increase in advertising efficiency in accordance with Art. 6 (1) (f) GDPR. If you do not wish to use browser cookies, you can set your browser so that storage of cookies is not accepted. Please note that in this case you may only be able to use our website to a limited extent or not at all. If you only want to accept our own cookies, but not the cookies of our service providers and partners, you can select your browser setting to “Block third-party cookies.”

 

2.6 Tools for website analysis

We use the services of the following third parties:

Google Analytics with Conversion Tracking

We use Google Analytics, a web analytics service provided by Google Inc. (“Google”), including the Conversion Tracking feature. Google Analytics uses so-called “cookies,” text files that are stored on your device and permit analysis of your use of the website, the products you view and any purchases you make. No personal data are collected in the process. The information the cookie generates (including your truncated IP address) is transmitted to a Google server in the USA and stored there. Google will use this information to evaluate this information, to compile reports about website activities and about products viewed or sold for the website operators, and to provide additional services relating to the website and the use of the Internet. Google may also forward this information to third parties where required by law, or where these third parties have been commissioned by Google to process these data.

For more information about how Google uses your information, please consult Google’s policy on privacy: Google Privacy Policy

If you do not want website analysis, you can use a browser add-on to disable Google Analytics. You can download this here: Browser add-on to disable Google Analytics

The use of Google Analytics with conversion tracking is based on our legitimate interest in a demand-oriented design, statistical analysis, and efficient promotion of our website, and the fact that your legitimate interest does not outweigh, according to Art. 6 (1) sentence 1 lit. f) of the GDPR.

 

Google Tag Manager

Google Tag Manager is a solution that allows us to manage various website tags through an interface. The Tag Manager tool itself (which implements the tags) is a cookieless domain and does not collect any personal data. The tool triggers other tags, which in turn may collect data under certain circumstances. The Google Tag Manager does not access this data. If deactivation occurs at domain or cookie level, it remains in use for all tracking tags, which are implemented by Google Tag Manager.

 

Bing Ads

(1) This website uses Bing Ads Universal Event Tracking (UET) to collect and store data, which is used to create pseudonymised usage profiles. This is a service provided by Microsoft Corporation, One Microsoft Way, Redmond, WA 98052-6399, USA. This service enables us to track your activity on our website when you visit our website through ads displayed by Bing Ads. If you reach our website through such an ad, a cookie will be set on your computer. A Bing UET tag is embedded on our website. This is a code that is used in conjunction with the cookie to store some non-personal information about your use of the website. This includes, but is not limited to, the length of time spent on the website, which areas of the website were accessed and which advertisement direct users to the website.

(2) The information collected is sent to a Microsoft server in the US and stored there, generally for no more than 180 days. You can prevent the data generated by the cookie about your use of the website from being sent to and processed by disabling cookies from being set. This may restrict the functionality of the website under certain circumstances.

(3) In addition, Microsoft may be able to track your usage patterns across multiple electronic devices using cross-device tracking, which enables Microsoft to display personalised ads on or within Microsoft websites and apps. You can disable this by visiting Microsoft Privacy Ad Settings.

(4) The legal basis for processing your data is Article 6 Paragraph 1 Sentence 1(a) GDPR. For more information on Bing’s analytics services, please visit the Bing Ads website. For more information on data protection at Microsoft and Bing, please see Microsoft’s privacy policy.

 

2.7 Marketing and optimization tools

Facebook Conversion Pixel

On this website we use what is known as the “Facebook Pixel” of the provider Facebook (for EU: Facebook Ireland Ltd., 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland; International: Facebook Inc., 1601 S. California Ave, Palo Alto, CA 94304, USA). This is a small, invisible pixel that connects to Facebook servers when you visit our website. Personal data may be transmitted in the process, such as the IP address and additional information including browser type/version, the operating system in use, the page you previously visited, the host name of the accessing device and the IP address and time of the request. This enables Facebook to identify users of our website and display advertisements targeting users with an interest in our website. In addition, we can use the Facebook Pixel to track whether our Facebook ads are effective.

You will find Facebook’s privacy policy here: Facebook Data Use Policy. You can object to the collection of your data by the Facebook Pixel and the use of these data here: Facebook Ad Preferences.

 

Twitter Pixel

We also use what is known as “Conversion Tracking” with Twitter Pixel, a tool of Twitter Inc. (Twitter Inc., 1355 Market Street, Suite 900, San Francisco, CA 94103, USA).

With Conversion Tracking, Twitter downloads a cookie to your device if you click on a Twitter ad to visit our website.

Conversion Tracking is used solely for the generation of statistics, and not to identify individuals. We simply want to be able to evaluate which Twitter ads or interactions lead users to our website. We can use this information to more effectively manage banner advertising and calculate the cost/benefit ratio accordingly.

It should be noted, however, that because Twitter data can be stored and processed, a connection to the respective user profile is possible. Further information on this can be found in the Twitter privacy statement: Twitter Privacy Policy. To edit your privacy preferences and the consent you provide on Twitter, go to Twitter Account Settings.

The use of the Twitter Pixel is in the interest of optimizing our online offerings. This represents a legitimate interest within the meaning of Art. 6 (1) (f) GDPR.

 

LinkedIn Insight Tag

On our website, we use the “LinkedIn Insight Tag”. This is a conversion and retargeting tool from the LinkedIn Ireland Unlimited Company, Wilton Place, Dublin 2, Ireland. It enables us to receive information about the use of our website in order to show you customized ads on LinkedIn. Furthermore, it makes it possible to create anonymous reports on the effectiveness of the advertisements and website interaction, which we receive from LinkedIn in the context of anonymous reports. A cookie is placed in your browser for this function.

The data collected is encrypted, anonymized within seven days and the anonymized data deleted within 90 days. The legal basis for the processing of personal data is Art. 6 para. 1 lit. f GDPR. In this context, our legitimate interest in an effective advertising and marketing campaign prevails.

In LinkedIn’s privacy policy you can find more information on data collection and use, as well as your possibilities and rights for protecting your privacy. You can deactivate LinkedIn Insight by opting out under the following link: LinkedIn Marketing settings

 

Hubspot

HubSpot is another provider we use for purposes of analysis (i.e. not only for the technical distribution of our newsletters). HubSpot, a service of Hubspot Inc., is an American company with a branch in Ireland (Contact: HubSpot, 2nd Floor 30 North Wall Quay, Dublin 1, Ireland, Tel.: +353 1 5187500).

HubSpot uses cookies that are stored on your computer and permit us to analyze your use of the website. HubSpot evaluates the information collected (e.g. IP address, location, browser, duration of the visit, pages accessed) on behalf of this website in order to generate statistics on use of the website. These statistics are needed to ensure the smooth operation of the websites and of the offering and to continuously optimize it. The data are also used for targeted marketing.

If you generally do not want HubSpot to collect data, you can prevent the storage of cookies at any time by selecting the appropriate settings in your browser. For instructions, please visit: Deutscher Datenschutz-Rat Online Werbung (only available in German language). If you do not wish your data to be used to display targeted advertising, you can click to unsubscribe at Your Online Choices.

 

TikTok Pixel

We use TikTok Pixel on our website, which is a conversion tracking tool for advertisers. The service provider is the Chinese company TikTok. For the European region, responsibility is shared between TikTok Technology Limited (10 Earlsfort Terrace, Dublin, D02 T380, Ireland) and TikTok Information Technologies UK Limited.

TikTok processes data from you, including in the United States. We would like to inform you that, according to the European Court of Justice, there is currently no adequate level of protection for data transfers to the USA. This could entail various risks for the legality and security of data processing.

As the basis for data processing for recipients located in third countries (outside the European Union, Iceland, Liechtenstein, Norway – particularly in the USA) or for data transfers to such countries, TikTok uses what are known as Standard Contractual Clauses (Art. 46(2) and (3) of the GDPR). Standard Contractual Clauses (SCC) are template contracts provided by the EU Commission and are intended to ensure that your data continues to adhere to European data protection standards, even when they are transferred to and stored in third countries (such as the USA). Through these clauses, TikTok commits to maintaining European data protection standards when processing your relevant data, even if the data is stored, processed, and managed in the USA. These clauses are based on an implementing decision by the EU Commission.

To learn more about the Standard Contractual Clauses and the data processed through the use of TikTok Pixel, please refer to their Privacy Policy and the Controller to Controller Data Terms.

 

Adform Pixel

The Adform Pixel is used on our websites for the following purposes following your consent pursuant to art. 6 para. 1 sentence 1 lit. a) GDPR:

Campaign impact tracking

Through tracking, contacts that users have with advertisements on other websites (visual contacts and clicks on advertising banners) are related to subsequent interactions on our website. The data collected is statistically analysed in order to be able to optimise the performance of the media campaigns. All usage data collected is stored using a pseudonym. The collected data is not used to personally identify visitors to our website and is not merged with personal data about the bearer of the pseudonym.

Control of user-based online advertising (so-called retargeting)

The service provider collects and processes pseudonymously your usage behaviour on websites operated by us. This data is used to address users again with targeted advertising according to their usage behaviour after visiting our websites. These advertisements are displayed outside our websites.The third-party cookies described on the following page are used to collect data: https://site.adform.com/privacy-center/adform-cookies/.

You have the option to prevent the recording of usage data by the system at any time by setting an opt-out cookie here. If you delete the cookies in your browser, opt-out cookies will also be deleted. You must then carry out the opt-out again. Further information on data protection at Adform: https://site.adform.com/privacy-center/overview

 

Google Campaign Manager and Floodlight

This website uses functions of the “Google Campaign Manager” service, in particular the “Floodlight” function. The service provider is Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA. Campaign Manager is used to display interest-based advertisements to you throughout the Google advertising network. The ads can be targeted to the interests of the respective viewer with the help of Campaign Manager. For example, our ads may be displayed in Google search results or in banner ads on third party websites associated with Campaign Manager. In order to display ads to users that are tailored to their interests, Campaign Manager must be able to recognize the respective viewer. For this purpose, a cookie is stored in the user’s browser, behind which the websites visited by the user, clicks and various other information is stored. This information is combined into a pseudonymous user profile in order to display interest-based advertising to the user in question. In the process, data is transferred to Google. Insofar as personal data is transferred to the USA, the appropriate safeguards for the transfer to a third country are the standard data protection clauses; more detailed information can be found at https://privacy.google.com/businesses/processorterms/.

Floodlight is a so-called conversion tracking system that can be used to measure the effectiveness of advertising measures. With the help of a cookie, we can determine whether you perform certain actions on our website after clicking on one of our ads on Google or on third-party websites.
The storage of cookies and the processing of personal data are based on your consent pursuant to Art. 6 (1) p. 1 lit. a) GDPR. Consent is voluntary and you can revoke it at any time with effect for the future. You can also deactivate personalized advertising using Google’s “Advertising settings”. You will then no longer receive personalized advertising via Google services: https://www.google.com/settings/ads. For further information on how to object to the advertisements displayed by Google, please refer to the following links: https://policies.google.com/technologies/partner-sites and https://policies.google.com/privacy.

 

3. Registration

3.1 As a visitor in the ticket shop

a) If you want to participate in DMEXCO, you must first – if not already done – create a profile in the ticket shop through registration and then purchase a ticket or redeem a voucher code (register) on our website. Purchasing a ticket without registration is only possible during the event on-site. After the registration, you can log into our digital community (event platform), and app. For this purpose, we process the personal data that you provide to us during the registration process.

Our events are reserved for the professional public. To purchase a ticket through our ticket shop or to redeem a voucher code, we will require various data from you. The following information is required:

  • Name
  • E-mail address
  • Function
  • Company
  • Country
  • Address

After purchasing a ticket in the ticket shop, this data is required to create an account on the digital event platform. We also need this data to check your eligibility as a trade visitor and to put you in touch with relevant exhibitors or contact persons as part of our matchmaking service. Last but not least, we need this data to be able to respond to any queries you may send us.

b) In addition, you can provide the following optional information during registration or on your profile:

  • Academic Title
  • Phone number(s)
  • Interests/marketing attributes
  • Know-how / expertise
  • Company size and sector
  • Job title
  • Upload a profile picture

It is up to you whether to provide this information and it is not required to purchase a ticket.

We process personal data to be able to provide our ticket shop services and to initiate, execute and process the ticket purchase and the associated user contract as per Article 6 Paragraph 1 Sentence 1(b) GDPR. Data is also processed for the purpose of advertising our events and services on the basis of Section 7 Paragraph 3 of the German Act Against Unfair Practices (Gesetz gegen den unlauteren Wettbewerb [UWG]) or in the case of given consent in accordance with Art. 6 (1) sentence 1 lit. a) of the General Data Protection Regulation (GDPR) (see section 3.6)) as well as for optimization and market and opinion research.

c) Specifically, we process all your personal data for the following purposes:

  • Purchasing tickets for our events;
  • Redeeming vouchers;
  • Verifying trade visitor status;
  • Creating a user account on the digital event platform and in the app
  • Delivery and payment of other Koelnmesse products and services (e.g. trade fair directories and catalogues);
  • Sending newsletters and mailings with announcements, information and other materials for events and content of your interest;
  • Offering tailored services;
  • Requests to participate in market and opinion research;
  • Preventing or identifying abuse and fraud, in particular in the case of vouchers and free tickets;
  • Where applicable, simply to update your personal data online.

Data collected later will also be assigned to the customer account.

 

3.2 As the point person for a specific exhibitor

If you, as a contact person, register your company as an exhibitor at one of our events, we also collect and process the data mentioned in section 3.1 from you. In addition to the purposes mentioned there, we process your data for the following purposes:

  • For our sales team to send individual e-mails;
  • Sending e-mails and newsletters with contractually relevant information, e.g. credentials, ticket codes, information on participation, etc., as well as sending e-mails with offers relating to your participation, e.g. additional services and marketing services such as advertising space, etc.;
  • Requests to complete surveys.

We process personal data in order to provide you with online registration and for the initiation, execution, and fulfillment of the contract regarding your company’s participation as an exhibitor, pursuant to Art. 6 (1) sentence 1 lit. b) of the GDPR. The processing of data also occurs for the promotion of our events and services (based on § 7 (3) of the German Act against Unfair Competition (UWG) or in the case of granted consent in accordance with Art. 6 (1) sentence 1 lit. a) of the GDPR (see section 3.6)), as well as for optimization and market and opinion research.

 

3.3 As a speaker

If you participate as a speaker at one of our events, we also collect the data mentioned in section 3.1 from you. Additionally, we collect and process your curriculum vitae. In addition to the purposes mentioned there, we process your data for the following purposes:

  • Speaker-related mailings (such as briefings, VIP events, and VIP services);
  • As well as for the promotion of the presentation:
  • Listing on the website;
  • Listing in the conference agenda;
  • Announcements of speaker slots on social media, newsletters, and other media.

 

3.4 Erasure of your account/user profile

If you want to erase your user account, including your data, please send us an e-mail to datenschutz-km(at)koelnmesse.de. We would be happy to comply with your request, provided it does not involve data we are required to retain under commercial or tax law. In that case, continued storage of your data is based on Article 6 Paragraph 1 Sentence 1(c) GDPR.

 

3.5 Networking feature

Through our digital community, event platform and APP (Swapcard), we offer a networking feature that allows you to interact with other users.

Profiles are visible by default. However, you can deactivate your profile (hide it), and it is possible to then reactivate it after it has been deactivated to make it visible again. When your profile is visible, the following basic information is displayed to other attendees: profile picture (if uploaded by the user), name, position, company details and social media links. Furthermore, contact details such as phone number, e-mail address, location, website, and an info section (if filled out) may be displayed.

In the course of networking with other users and any form of meeting request to other users and/or exhibitors, they are given the opportunity to export all contact and profile data of the user. This serves the purpose of targeted addressing by the other user or exhibitor.

 

3.6 Newsletter

You have the opportunity to subscribe to newsletters free of charge. When you subscribe to the newsletter, the data are transmitted to us from the input screen. We also collect data on the IP address and the time of registration as proof of your consent to receive the newsletter.

To prevent abuse, first you will receive an e-mail with a confirmation link that you must then activate in order to receive the actual newsletter (known as a “double opt-in” procedure). If you register in the Koelnmesse ticket shop and subscribe to the newsletter at the same time, the e-mail with the registration confirmation link substitutes for the double opt-in procedure.

As part of the registration process, your consent to the processing of data is obtained, and reference is made to this Privacy Policy. The legal basis for the processing of data is thus Article 6(1), subparagraph 1, point (a) of the GDPR. Because we have to record your e-mail address to deliver the newsletter, this information is mandatory. You are not required to indicate whether you are a visitor, exhibitor, speaker, or media representative. We use this information to provide you with targeted content in the medium and long term.

With registration you agree to the measurement, storage and evaluation of opening rates, click rates, reading duration and used e-mail client in your profile for the purpose of developing future e-mail newsletters according to your interests.

 

4. Data processing in the context of further online presences

In addition to the website, we are represented on online platforms and social networks as well. If you visit these online presences and communicate with us through them, the terms and conditions and the privacy policy in effect there, as well as this Privacy Statement, will apply (as we share responsibility for this with the provider under the provisions of data protection legislation).

If you communicate with us through these online presences, we will process the data in your messages and posts based on the content contained therein, and based on the purposes pursued with the communication, on the basis of either Article 6 (1) (1) (b) GDPR or Article 6 (1) (1) (f) GDPR.

We are represented in the following online platforms:

Facebook (Facebook Fanpage)

Facebook page is used for active communication with our customers and prospective customers. We use this platform to provide information about our events.

When you visit our Facebook page, your data can be automatically collected and stored for purposes of market research and advertising. These data are used, along with pseudonyms, to create what are known as “user profiles.” For this purpose, the cookies typically placed on your device store a record of visitor behavior and the user interests. Facebook provides further information on this under the following link: Facebook Insights

Within the framework of a balancing of interests, the statistical information provided by Facebook about the use of the Facebook page (“Facebook Insights”) is used in accordance with Art. 6 (1) (f) GDPR in exercise of our overriding legitimate interest in an optimized presentation of our offerings and effective communication with customers and prospective customers. Data are processed on the basis of an agreement between joint controllers in accordance with Art. 26 GDPR. This agreement can be consulted here: Controller addendum. You can find a link to the opt-out here: Facebook Settings

 

Twitter

You’ll find privacy information at Twitter (Twitter Inc., 1355 Market St, Suite 900, San Francisco, CA 94103, USA) here: Twitter Privacy Policy

If you would like to object to future data collection by Twitter, you can set an opt-out cookie here.

 

Xing

Information on data protection at Xing (Xing AG, Dammtorstraße 29-32, 20354 Hamburg, Germany) can be found here: Xing Privacy Policy

 

Instagram

Information about data protection at Instagram (Instagram LLC., 1601 Willow Road, Menlo Park, CA 94025, USA) and an opportunity to object can be found here: Instagram Privacy Policy

 

LinkedIn

Information on privacy at LinkedIn (LinkedIn Ireland Unlimited Company Wilton Place, Dublin 2, Ireland) can be found here: LinkedIn Privacy Policy.

If you would like to object to future data collection by LinkedIn, you can set an optout cookie here: Set opt-out cookie

 

YouTube

We integrate videos from the “YouTube” platform of provider Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA. Information on privacy at YouTube can be found here: YouTube Privacy Policy

If you would like to object to future data collection by YouTube, you can set an opt-out cookie here.

 

TikTok

We also utilize TikTok, a social media and video platform. The service provider is the Chinese company Beijing Bytedance Technology Ltd. For the European region, responsibility is shared between the Irish company TikTok Technology Limited, 10 Earlsfort Terrace, Dublin, D02 T380, Ireland, and TikTok Information Technologies UK Limited.

You can find information about privacy on TikTok in the Privacy Policy here and in the Controller to Controller Data Terms here.

 

5. Survey Tools

For market research purposes, we regularly conduct surveys. We use various tools for this purpose:

Typeform S.L.

We use Typeform (Typeform S.L., B65831836, Bac de Roda, 163, Barcelona 08018, Spain) to conduct surveys. We conduct the surveys in order to continuously improve our range of services and the organization of events according to your feedback. That’s why your opinion is very important to us

If you decide to participate in the survey, Typeform will collect information about your device, IP address, the version of your operating system, and information on the browser type.

As part of the survey, we query the gender, age, status and position of the participants for purely statistical purposes. We do this in order to be able to include social components in the assessments of the results and to optimize them accordingly. In addition, you may voluntarily provide your first and last name as well as an e-mail address (“voluntary information”). We usually request this information when we offer a prize drawing among the participants. We need your voluntary information in order to contact you in the event that you win a prize. However, this information will be deleted once the prize drawing is completed.

The processing of your data is based on consent pursuant to Article 6(1), point (a) of the GDPR. Participation is on a voluntary basis.

You can contact us at any time to request erasure of your survey data, including personal data (by sending an e-mail to datenschutz-km(at)koelnmesse.de). However, individual responses cannot be corrected once the survey has been submitted.

Typeform collects your information on our behalf in order to create reports that we can use to analyze your satisfaction with the event offering and evaluate your suggestions.

We would like to point out that Typeform uses cookies. Information on this, as well as the duration of storage, can be found here. We also want to point out that Typeform usually transmits the data to a server in the USA and stores them there. A second back-up server is located in Frankfurt, Germany. You can find information about opting out of cookies here.

Detailed information about the data security measures implemented by Typeform can be found here.

 

easyfeedback GmbH

We use easyfeedback (easyfeedback GmbH, Ernst-Abbe-Straße 4, 56070 Koblenz, Germany) to conduct surveys. We conduct the surveys in order to continuously improve our range of services and the organization of events according to your feedback. That’s why your opinion is very important to us

If you decide to participate in the survey, easyfeedback will collect information about your device, IP address, the version of your operating system, and information on the browser type.

As part of the survey, we query the gender, age, status and position of the participants for purely statistical purposes. We do this in order to be able to include social components in the assessments of the results and to optimize them accordingly. In addition, you may voluntarily provide your first and last name as well as an e-mail address (“voluntary information”). We usually request this information when we offer a prize drawing among the participants. We need your voluntary information in order to contact you in the event that you win a prize. However, this information will be deleted once the prize drawing is completed.

The processing of your data is based on consent pursuant to Article 6(1), point (a) of the GDPR. Participation is on a voluntary basis. You have the option to cancel the survey at any time by closing the browser window. The answers provided to date will be made available to Koelnmesse GmbH.

You can contact us at any time to request erasure of your survey data, including personal data (by sending an e-mail to  datenschutz-km(at)koelnmesse.de). However, individual responses cannot be corrected once the survey has been submitted.

Easyfeedback collects your information on our behalf in order to create reports that we can use to analyze your satisfaction with the event offering and evaluate your suggestions.

We would like to point out that easyfeedback uses cookies. Cookies are small text files that are set in your browser when you start the survey. Using these cookies, the survey system can recognize whether you have already visited the survey and reassign the answers you have already given (interrupt & continue a survey). Likewise, the use of cookies can prevent multiple participation. The cookie is automatically deleted after 90 days, or if the survey is deleted prematurely. Information on this, as well as the duration of storage, can be found here. We also want to point out that easyfeedback usually stores the data in Germany at the Strato AG data center. You can find information about opting out of cookies here.

Detailed information about the data security measures implemented by easyfeedback can be found here.

 

6. Disclosure of data

In principle, your personal data will only be disclosed without your express prior consent in the following cases:

  • Disclosure of data to third parties takes place – as necessary – according to Art. 6 (1) sentence 1 lit. b) of the GDPR for payment processing to financial service providers, for the fulfillment of contractually agreed services, and according to Art. 6 (1) sentence 1 lit. c) of the GDPR within the scope of legally permissible actions to authorities and consultants.
  • If it is necessary to investigate unlawful use of our services or for prosecution, personal data will be passed on to law-enforcement authorities and, where appropriate, to third parties that have been harmed. This happens only when there are concrete indications of illegal or abusive conduct. We may also pass your data to third parties in order to enforce terms of use or other agreements. We are also legally obliged to provide information to certain public offices upon request. These are law enforcement agencies, authorities that pursue administrative offenses subject to fine, and tax authorities. These data are disclosed on the basis of our legitimate interest in combating abuse, prosecuting crimes and securing, asserting and enforcing claims, where your rights and interests in the protection of your personal data do not outweigh this interest, Art. 6 (1) (f) GDPR.
  • We rely on contracted third parties and external service providers (“processors”) to provide the services. In such cases, personal data will be passed on to these processors to enable them to continue processing. These processors are carefully selected and regularly reviewed by us to ensure that your privacy is respected. Processors may only use the data only for the purposes specified by us; we also place them under a contractual obligation to treat your data exclusively in accordance with this Privacy Statement and German laws on data protection.
  • As part of the further development of our business, the structure of Koelnmesse GmbH may change due to a change in the legal form, or through the establishment, acquisition or sale of subsidiaries, parts of companies or components. In such transactions, customer information is ordinarily passed along with that portion of the company that is to change hands. In any disclosure of personal data to third parties of a scope as described above, we ensure that this is done in accordance with this Privacy Statement and the relevant data protection laws.

 

Any disclosure of personal data is justified by the fact that we have a legitimate interest in adapting our corporate form to the economic and legal circumstances if necessary, provided that this is not outweighed by your rights and interests in the protection of your personal data, Art. 6 (1) (f) GDPR.

 

7. Erasure of data

We will delete or anonymize your personal data as soon as it is no longer required for the purposes for which we have collected or used it in accordance with the preceding provisions and no legal retention periods prevent its erasure, or the data is required for a longer period of time for criminal prosecution or to secure, assert or enforce legal claims.

 

8. Your right as a data subject

Right to information

You have the right to obtain information from us at any time upon request about the personal data processed by us concerning you within the scope of Art. 15 GDPR. To do so, you can submit an application by mail or e-mail to the address shown above.

 

Right to rectify inaccurate data

You have the right to ask us to rectify your personal data immediately if they are incorrect. To do so, please get in touch with us using the contact addresses shown above.

 

Right to erasure

You have the right to ask us to erase personal data concerning you under the conditions described in Art. 17 GDPR. Specifically, these conditions provide for a right of erasure where the personal data are no longer necessary for the purposes for which they were collected or otherwise processed and in cases of unlawful processing, the existence of an objection or the existence of an obligation to erase in accordance with Union law or the law of the Member State to which we are subject. To exercise your above right, please get in touch with us at the contact addresses shown above.

 

Right to restrict processing

You have the right to require us to restrict processing of your data in accordance with Art. 18 GDPR. This right exists in particular if the accuracy of the personal data is disputed between the user and us, for the duration that the verification of the accuracy requires and in the event that the user requires restricted processing in the case of an existing right to erasure in lieu of erasure; furthermore, in the event that the data are no longer necessary for the purposes pursued by us, but the user needs them in order to assert, exercise or defend legal claims, and if the successful exercise of an objection between us and the user is still in dispute. To exercise your above right, please get in touch with us at the contact addresses shown above.

 

Right to data portability

You have the right to receive from us the personal data concerning you that you have provided to us in a structured, conventional and machine-readable format in accordance with Art. 20 GDPR. To exercise your above right, please get in touch with us at the contact addresses shown above.

 

Right to object

Pursuant to Art. 21 GDPR, you have the right to object, on grounds relating to your particular situation, at any time to the processing of your personal data concerning you which is based, among other things, on Art. 6 (1) (e) or (f) GDPR. We will discontinue the processing of your personal data unless we can demonstrate compelling legitimate grounds for the processing which override your interests, rights and freedoms, or for the establishment, exercise or defense of legal claims.

 

9. Right to lodge a complaint

You also have the right to contact the relevant supervisory authority for data protection in the event of complaints. The supervisory authority with responsibility in the matter is:

 

State Officer for Data Protection and Freedom of Information North Rhine-Westphalia
P.O. Box 20 04 44
40102 Düsseldorf
Germany
Tel.: +49 (0)211/38424-0
Fax: +49 (0)211/38424-999
E-Mail: poststelle(at)ldi.nrw.de

 

10. Changes to this Privacy Statement

The current version of this Privacy Statement is always available under “Privacy Policy.”

 

Last revised: August 2023