Privacy policy

Thank you for visiting our website. As we find it very important to ensure the protection of your personal information, we would like to inform you below about the personal data we will collect when you visit our website and the purposes for which it will be used.

This privacy statement applies to the website operated by Digital Summit Euregio GbR, which can be accessed via digital-summit.eu and various other sub-domains (“our website”).

Who is responsible for data processing?

The “controller”, as defined in the General Data Protection Regulation (GDPR), is:

Digital Summit Euregio GbR
Sebastian van Deel
Sentmaringer Weg 61
D-48151 Münster

Contact for data protection issues
If you have any questions or comments about data protection or wish to object to the use of your personal data for advertising, market research or opinion polling, please contact: kerstin.weidner@ihk-nordwestfalen.de.

What is this privacy statement about?
This privacy statement meets the legal requirements for transparency in the processing of personal data. The term “personal data” is used to refer to any information related to an identified or identifiable natural person (e.g. name, age, address, telephone number, date of birth, email address, IP address, user behaviour when visiting a website). This does not include any information that cannot be related to you personally (or only with a disproportionate amount of effort). Your personal data may only ever be processed (e.g. collected, requested, used, stored or transmitted) on a specific legal basis or for a defined purpose.

Any personal data we hold on you will be deleted as soon as the purpose for which it was processed has been achieved and there are no legitimate reasons to continue storing it. We will let you know how long your data will be stored – or the relevant criteria used to determine this period – for each form of processing. Irrespective of this, we may store your personal data in individual cases to assert, exercise or defend our legal claims and/or to comply with statutory retention periods.

Who will receive your data?
We will only pass on the personal data processed on our website to third parties if this is necessary to achieve the specified purposes and if this is covered by a specific legal basis (e.g. consent or pursuit of legitimate interests). In some cases, we may also pass on your personal data to third parties if this serves to assert, exercise or defend our legal claims. In such cases, your personal data may be received by law enforcement agencies, lawyers, auditors, courts, etc.

If we use service providers to run our website and commission them to process personal data in accordance with Art. 28 GDPR, they may also receive your personal data. You can find more information on the use of such processors and web services in the overview of individual processing operations.


Use of cookies

Cookies

This cookie policy has been created and updated by CookieFirst.com.

Cookiefirst

Type and scope of processing
We have integrated Cookiefirst on our website. This is a consent solution from Digital Data Solutions B.V. (Plantagemiddenlaan 42A, 1018 DH Amsterdam, Netherlands) that can be used to obtain and document consent to the storage of cookies. Cookiefirst uses cookies or other web technologies to recognise users and store whether they have given or withdrawn their consent.

Purpose and legal basis
We will use this service on the basis of our legal obligation to obtain your consent to the use of cookies in accordance with point (c) of Art. 6 (1) GDPR.

Retention period
We have no control over the amount of time for which the processed data will be stored; this will be determined by Digital Data Solutions B.V. You can find more information in Cookiefirst’s data processing agreement: https://gimbal.com/gdpr/.

What are your rights?
If you meet the relevant requirements specified in the General Data Protection Regulation (GDPR), you have the following rights as a data subject:


How will your data be processed?

We would like to inform you below about each form of processing, the scope and purpose of data processing, the relevant legal basis, the obligation to provide data and the amount of time for which your data will be stored in each case. We will not perform any automated individual decision-making, including profiling.


Provision of our website

Type and scope of processing
When you access and use our website, we will collect the personal data that your browser automatically transmits to our server. The following will be temporarily stored in a so-called “log file”:

Our website is not hosted by us, but by a service provider who will process the data listed above on our behalf in accordance with Art. 28 GDPR.

Purpose and legal basis
The data listed above will be processed to pursue our overriding legitimate interest in displaying our website and ensuring security and stability on the basis of point (f) of Art. 6 (1) GDPR. The collection of your data and its storage in log files is absolutely necessary for us to operate the website. You do not have the right to object to such processing due to the exception under Art. 21 (1) GDPR. If the log files have to be stored for longer due to a certain legal requirement, your data will then be processed on the basis of point (c) of Art. 6 (1) GDPR. You are not legally or contractually obliged to provide your data; however, it will be technically impossible for you to access our website without providing your data.

Retention period
The data listed above will be stored for as long as our website is displayed and, for technical reasons, for a maximum of 7 days thereafter.


Contact form

Type and scope of processing
We provide a contact form on our website for you to get in touch with us. The information requested in mandatory fields is required to process your enquiry. You can also voluntarily provide us with any additional information you think we might need to process your enquiry. Any information you enter in our contact form will not be shared with third parties.

Purpose and legal basis
If you use our contact form, your data will be processed for the purpose of communicating with you and processing your enquiry based on your consent in accordance with point (a) of Art. 6 (1) GDPR. If your enquiry concerns an existing contractual relationship with us, your data will be processed for the purpose of performing the contract on the basis of point (b) of Art. 6 (1) GDPR. You are not legally or contractually obliged to provide your data; however, we will be unable to process your enquiry if you do not provide the information requested in the mandatory fields. If you do not wish to provide this data, please contact us by alternative means.

Retention period
We will store the data you enter in the contact form until you withdraw your consent to its storage, until you request its deletion or until the purpose for which it was being processed no longer applies (e.g. once your enquiry has been fully processed). We reserve the right to comply with mandatory legal provisions, particularly retention periods.

Creating a customer account

Type and scope of processing
If you place an order with us, we will collect your personal data to enable you to create a customer account. The information requested in mandatory fields during the registration process (participant name, email address, company name, postal address) is necessary for us to process your order in our online shop. If you register a permanent user account, we will also collect a password that you can choose yourself. You can also voluntarily provide us with any additional information you think we might need to process your order. You also have the option of creating a guest profile.

Your personal data will only be passed on to third parties (e.g. payment service providers, ticketing systems) and processors pursuant to Art. 28 GDPR if this is necessary to process your order.

Purpose and legal basis
We will process your personal data for the purpose of creating a customer account to perform a contract with you in accordance with point (b) of Art. 6 (1) GDPR. You are contractually obliged to provide the data requested in mandatory fields, as we need this information to identify you and perform the contract with you. You are not legally obliged to provide your data; however, you will not be able to place an order in our online shop and conclude a contract with us without providing this information. You are not obliged to provide any additional optional information. You will be able to place an order in our online shop without providing such optional information.

Retention period
If you create a permanent customer account, we will continue to store the data related to the purchase after the contract has ended. We will only store your other data after the contract has ended to comply with statutory retention periods (e.g. under commercial and tax law).

 

eCommerce and payment providers

We will only ever collect, process and use your personal data if this is necessary for the establishment, development or amendment of a legal relationship (master data). This will be done on the basis of point (b) of Art. 6 (1) GDPR, which allows data to be processed for the performance of a contract or pre-contractual measures. We will only ever collect, process and use your personal data regarding your use of this website (usage data) to the extent necessary to allow you to use the service or for billing purposes. Your customer data will be deleted at the end of the order or business relationship. However, we reserve the right to comply with the statutory retention periods.

Data transferred when concluding contracts for services and digital content

We will only send your data to third parties if this is necessary to perform the contract (e.g. to the bank commissioned to process a payment or for ticketing purposes). Otherwise, your data will not be passed on to third parties unless you give your explicit consent. Your data will be processed on the basis of point (b) of Art. 6 (1) GDPR, which allows data to be processed for the performance of a contract or pre-contractual measures.

pretix

We have integrated features of a ticketing shop, pretix, on this website. This service is provided by rami.io GmbH, Berthold-Mogel-Straße 1, 69126 Heidelberg, Germany (hereinafter referred to as “pretix”). The plug-in will enable a direct connection to be established between your browser and the pretix server when you visit our website and data will then be loaded from the pretix server (e.g. Javascript file/s). As a result, pretix will receive your data required for the order and will be informed that you have visited our website with your IP address. Please note that cookies are used in conjunction with pretix. prefix is solely responsible for its integrated features. As the website operator, we have no control over such processing. According to pretix, our customers’ data is not passed on to third parties.

Your data will be processed on the basis of point (b) of Art. 6 (1) GDPR, which allows data to be processed for the performance of a contract or pre-contractual measures. If your consent is requested, your data will be processed exclusively on the basis of point (a) of Art. 6 (1) GDPR and Section 25 (1) of the German Act on Data Protection and Privacy in Telecommunications and Telemedia (TTDSG), provided your consent extends to the storage of cookies or access to information on your device, as described in the TTDSG. You may withdraw your consent at any time.

You can find more information in pretix’s privacy policy: https://pretix.eu/about/de/privacy.

Payment services

We have integrated third-party payment services on our website. If you make a purchase with us, your payment data (e.g. name, payment amount, account details, credit card number) will be processed by the payment service provider for the purpose of processing your payment. Any such transactions will be subject to the respective payment service provider’s terms and conditions and data protection provisions. We use payment service providers on the basis of point (b) of Art. 6 (1) GDPR (performance of a contract) and in the interest of making the payment process as smooth, comfortable and secure as possible (point (f) of Art. 6 (1) GDPR). If your consent is requested for certain actions, point (a) of Art. 6 (1) GDPR will be the legal basis for such data processing; you may withdraw your consent at any time with future effect.

We use the following payment services / payment service providers on this website:

PayPal

This payment service is provided by PayPal (Europe) S.à.r.l. et Cie, S.C.A., 22-24 Boulevard Royal, L-2449 Luxembourg (hereinafter referred to as “PayPal”). The transfer of data to the USA is based on the standard contractual clauses of the European Commission.

You can find more details here: https://www.paypal.com/de/webapps/mpp/ua/pocpsa-full.

 Stripe

The provider for customers within the EU is Stripe Payments Europe, Ltd., 1 Grand Canal Street Lower, Grand Canal Dock, Dublin, Ireland (hereinafter referred to as “Stripe”). The transfer of data to the USA is based on the standard contractual clauses of the European Commission. You can find more details here: https://stripe.com/de/privacy and https://stripe.com/de/guides/general-data-protection-regulation. You can find more details in Stripe’s privacy policy: https://stripe.com/de/privacy.

Digital Summit Euregio – face-to-face event

We will record and store the entire event for our public relations, press releases, website and social media channels. We reserve the right to present all or part of the event to the public (e.g. for our public relations, press releases, website and social media channels). The event may also be attended by members of the press. You will have the opportunity to ask the speakers questions anonymously.

Purpose and legal basis
The data described above will be processed on the basis of point (f) of Art. 6 (1) GDPR. We have a legitimate interest in our public relations, press releases, website and social media channels. If your consent is requested, the data will be processed on the basis of your consent; you may withdraw your consent at any time with future effect.

Retention period
The data recorded by us will be deleted as soon as you request its deletion, as soon as you withdraw your consent to its storage or as soon as the purpose for which it was originally stored no longer applies.

Digital Summit Euregio – online event

Audio and video conferencing

Data processing
We will use online conferencing tools for the Digital Summit. The specific tools are listed below. If you communicate with us via online audio or video conferencing, your personal data will be collected and processed by us and the respective conferencing tool provider.

The conferencing tools will collect any data that you provide or use to utilise the tools (e.g. email address, first and last name and/or profile picture). The conferencing tools will also process the duration of the conference, the start and end (time) of your participation in the conference, the number of participants and other contextual information related to the communication process (metadata). In addition, the tool provider will process any technical data required to facilitate the online communication process. This particularly includes IP addresses, MAC addresses, device IDs, device type, operating system type and version, client version, camera type, microphone or loudspeaker and the type of connection. If any content is exchanged, uploaded or otherwise provided within a tool, this will also be stored on the tool provider’s servers. Such content may particularly include cloud recordings, chat / instant messages, voice messages, uploaded photographs and videos, files, whiteboards and any other information that may be shared during the use of the service. Please note that we do not have full control over the data processing operations related to the tools used. Our capabilities are largely based on each provider’s company policy. Further information on data processing can be found in the privacy policy for each tool used, which we have listed below.

Purpose and legal basis
We will use the conferencing tools to communicate with our prospective and existing contractual partners or to offer our customers certain solutions on the basis of point (b) of Art. 6 (1) GDPR. The tools will also be used to generally simplify and speed up communication with us or our company; this reflects our legitimate interest in accordance with point (f) of Art. 6 (1) GDPR. If your consent is requested, the relevant tools will be used on the basis of your consent; you may withdraw your consent at any time with future effect.

Retention period
The data collected by us via the video and conferencing tools will be deleted from our systems as soon as you request its deletion, as soon as you withdraw your consent to its storage or as soon as the purpose for which it was originally stored no longer applies. The cookies stored on your device will remain there until you delete them. However, we reserve the right to comply with the mandatory retention periods stipulated by law. We have no control over the amount of time for which the conferencing tool operators will store your data for their own purposes. For more details, please contact the conferencing tool operators directly.

Recording
We will record and store the entire event for our public relations, press releases, website and social media channels. We reserve the right to present all or part of the event to the public (e.g. for our public relations, press releases, website and social media channels). This means that your name and profile picture may also be published. If you do not want this to happen, you have the option of asking the speakers questions anonymously, to upload an avatar instead of a personal profile picture and/or to register a pseudonym as your username instead of your real name.

Conferencing tools used
We will use the following conferencing tools: venueless

This service is provided by rami.io GmbH (Berthold-Mogel-Straße 1, 69126 Heidelberg, Germany). Your data will not be transferred to third countries. You can find more details on data processing in the company’s privacy policy: https://venueless.org/de/privacy.html.

Commissioned processing
We have concluded a data processing agreement with the provider named above.

This is a contract required under data protection law to ensure that the provider only processes our customers’ personal data according to our instructions and in accordance with the GDPR.

Google CDN

Type and scope of processing
We use Google CDN to ensure that content is delivered properly on our website. Google CDN is a service provided by Google Ireland Limited that functions as a content delivery network (CDN) on our website.

The CDN helps us to deliver content more quickly on our website, particularly files such as graphics or scripts, with the help of regionally or internationally distributed servers. If you access such content, you will establish a connection to the servers operated by Google Ireland Limited (Gordon House, Barrow Street, Dublin 4 Ireland), which will facilitate the transmission of your IP address and, if applicable, browser data such as your user agent. This data will be used exclusively for the purposes outlined above and to maintain the security and functionality of Google CDN.

Purpose and legal basis
We use the content delivery network on the basis of our legitimate interest in ensuring the secure and efficient provision and optimisation of our website in accordance with point (f) of Art. 6 (1) GDPR.

Retention period
We have no control over the amount of time for which the processed data will be stored; this will be determined by Google Ireland Limited. You can find more information in Google’s privacy policy: https://policies.google.com/privacy.

Google DoubleClick

Type and scope of processing
We have integrated components of DoubleClick by Google on our website. DoubleClick is a Google brand under which special online marketing solutions are primarily marketed to advertising agencies and publishers. DoubleClick by Google transmits data to the DoubleClick server whenever a page impression is recorded and whenever clicks or other activities are registered.

Whenever data is transmitted to the servers as described above, a cookie request will be sent to your browser. If your browser accepts the request, DoubleClick will place a cookie on your browser.

DoubleClick uses a cookie ID that is required to complete the technical process. For example, the cookie ID is required to display an advertisement in a browser. DoubleClick can also use the cookie ID to record which advertisements have already been displayed in a browser to avoid them being shown more than once. The cookie ID also enables DoubleClick to record conversions. For example, conversions will be recorded if you have been shown a DoubleClick ad and subsequently made a purchase on the advertiser’s website with the same web browser.

DoubleClick cookies do not contain any personal data but may contain additional campaign identifiers. A campaign identifier can be used to identify the campaigns with which you have previously interacted on other websites. As part of this service, Google will also obtain data that it can use to prepare commission statements. For example, Google will be able to see that you have clicked on certain links on our website. In such cases, your data will be passed on to the company that operates DoubleClick (Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland). More information on DoubleClick and Google’s privacy policy can be found at https://policies.google.com/privacy.

Purpose and legal basis
We will process your data using a DoubleClick cookie for the purpose of optimising and displaying advertising based on your consent in accordance with point (a) of Art. 6 (1) GDPR. You can give your consent by configuring your settings to enable cookies (cookie banner / consent manager), and you can always change your settings to withdraw your consent with future effect in accordance with Art. 7 (3) GDPR. These cookies can be used for various purposes (e.g. to display targeted ads and compile or improve reports on advertising campaigns. The cookies can also be used to avoid showing the same advertisement multiple times. Whenever you access a page with an integrated DoubleClick component on our website, the DoubleClick component will automatically prompt your browser to transmit data to Google for the purpose of carrying out online advertising and calculating commission. You are not legally or contractually obliged to provide your data. If you do not give us your consent, you will still be able to visit our website without restrictions; however, you may find that some features are not fully available.

Retention period
We have no control over the amount of time for which the processed data will be stored; this will be determined by Google Ireland Limited. You can find more information in Google’s privacy policy: https://policies.google.com/privacy.

Google Fonts

Type and scope of processing
We use Google Fonts, a service provided by Google Ireland Limited (Gordon House, Barrow Street, Dublin 4, Ireland) that delivers fonts for our website. To obtain such fonts, you will establish a connection to the servers operated by Google Ireland Limited and your IP address will subsequently be transmitted.

Purpose and legal basis
We use Google Fonts on the basis of our legitimate interest in ensuring the provision of a uniform website and its optimisation in accordance with point (f) of Art. 6 (1) GDPR.

Retention period
We have no control over the amount of time for which the processed data will be stored; this will be determined by Google Ireland Limited. You can find more information in Google’s privacy policy: https://policies.google.com/privacy.

Google reCAPTCHA

Type and scope of processing
We have integrated components of Google reCAPTCHA on our website. Google reCAPTCHA is a service provided by Google Ireland Limited that enables us to determine whether an enquiry has been sent by a real person or an automated programme. If you access such content, you will establish a connection to the servers operated by Google Ireland Limited (Gordon House, Barrow Street, Dublin 4 Ireland), which will facilitate the transmission of your IP address and, if applicable, browser data such as your user agent. In addition, Google reCAPTCHA will record the amount of time you spend on a web-page and your mouse movements, in order to differentiate between human and automated requests. This data will be used exclusively for the purposes outlined above and to maintain the security and functionality of Google reCAPTCHA.

Purpose and legal basis
We will use this service on the basis of our legitimate interest in ensuring the protection of data submitted in forms pursuant to point (f) of Art. 6 (1) GDPR.

Retention period
We have no control over the amount of time for which the processed data will be stored; this will be determined by Google Ireland Limited. You can find more information in Google’s privacy policy: https://policies.google.com/privacy?hl=en-US.

YouTube Video

Type and scope of processing
We have integrated YouTube Video on our website. YouTube Video is a component of the video platform operated by YouTube, LLC, enabling users to upload and share content online and obtain detailed statistics.

YouTube Video enables us to integrate content from the platform on our website.

YouTube Video uses cookies and other browser technologies to evaluate user behaviour, recognise users and create user profiles. This information is used for various purposes (e.g. to analyse the use of content that has been played and to compile reports). If you are registered with YouTube, LLC, YouTube Video will be able to match the videos you have watched to your profile.

If you access such content, you will establish a connection to the servers operated by YouTube, LLC (Google Ireland Limited, Gordon House, Barrow Street, Dublin 4 Ireland), which will facilitate the transmission of your IP address and, if applicable, browser data such as your user agent.

Purpose and legal basis
We will only use this service after obtaining your consent in accordance with point (a) of Art. 6 (1) GDPR.

Retention period
We have no control over the amount of time for which the processed data will be stored; this will be determined by YouTube, LLC. You can find more information in Google’s privacy policy: https://policies.google.com/privacy.

———————————————–

Privacy information for participants in the face-to-face event

In accordance with the General Data Protection Regulation (GDPR) and the Federal Data Protection Act (BDSG), we would like to inform participants in the face-to-face event (hereinafter referred to as the “participants”) about the way in which we will process their personal data and about their rights as data subjects. This information is provided in accordance with Art. 13 or 14 GDPR. This privacy statement will be updated if necessary and published in an appropriate form that is accessible to data subjects. This may be done by letter or email, on the Internet or by means of a notice.

Who is responsible for data processing?

Digital Summit Euregio GbR
Sentmaringer Weg 61
D-48151 Münster
digital-summit.eu


How can the data protection officer be contacted?

Our company is not obliged to appoint a data protection officer. If you have any questions about data protection, please contact: kerstin.weidner@ihk-nordwestfalen.de.

Please send any postal enquiries to the address indicated in Section 1 with the following addition: “Data Protection – Personal / Confidential”.


What categories of personal data will be processed?

Where will the data come from (data source)?

The data will generally be obtained directly from the data subject, e.g.

Why will the data be processed and on what legal basis?

Personal data may be processed if there is a legal basis for processing. Participants’ data will be processed on the following legal grounds:

Performance of contractual obligations

Personal data will be processed for the purpose of performing the contractual agreement (e.g. to perform commissioned services). This also includes pre-contractual measures (e.g. quotations).

Compliance with a legal obligation

A large number of legal regulations must be observed when initiating or performing a contract. This includes:

The controller’s legitimate interest

Our company may have to process data to pursue a legitimate interest, provided our own interests are not outweighed by the interests or basic rights and freedoms of the data subject in question. This includes our company’s advertising measures, photographs and videos.

Consent

If data subjects have consented to the processing of personal data, their consent will be the legal basis for the form of processing specified. Data subjects may withdraw their consent at any time with future effect. If they withdraw their consent, this will only apply to future processing.

Who will personal data be shared with? 

When initiating and performing a contract, we may share data with third parties based within the European Union (EU) if this is necessary for us to perform the order. Such third parties will process the data on our behalf and according to our instructions.

We will transfer data to bodies outside the EU or the European Economic Area (EEA) – “third countries” – if this is necessary for us to execute an order or contract, if we are required to do so by law (e.g. tax reporting obligations), if we have a legitimate interest or if data subjects give their consent. In this context, personal data may be processed in a third country due to the involvement of service providers commissioned to process data. If the European Commission has not issued a decision confirming a suitable level of data protection in the country concerned, we will ensure that the basic rights and freedoms of data subjects are adequately safeguarded by concluding appropriate contracts that meet the EU data protection requirements.

 

How long will your personal data be stored?

Our company must observe the legal requirements when initiating and performing a contract.

The statutory retention period for accounting and tax documents is usually 10 years. There is a 6-year retention period for commercial letters, regardless of whether they are in paper form or digital (email).

Irrespective of the retention periods, we will ensure that data can only ever be accessed by authorised employees. This applies to both paper-based files and digital data in IT systems.

Paper-based files will be destroyed – and digital data in IT systems will be deleted – at an appropriate time when the statutory retention periods expire.

What are the rights of data subjects?

Personal data usually has to be processed when initiating or performing a contract.

The rights of data subjects must therefore be observed by fulfilling certain requirements under the General Data Protection Regulation (GDPR):

Are you obliged to provide your data?

Participants must provide the personal data required to establish, perform and terminate the contractual relationship as well as any personal data we are legally obliged to collect. If participants do not provide such data, we will not be able to conclude a contract or perform the tasks associated with the order or contract.

Will data be used for automated decision-making or profiling?

When initiating or performing a contract, we will not use any technologies that might facilitate profiling pursuant to Art. 4 No. 4 GDPR or automated decision-making pursuant to Art. 22 GDPR.

Visit us on 17.04.2024 at 9:00 am or watch the live stream here

Organizers

IHK Nord Westfalen Digital Hub Münsterland IT-Forum Ooost AHK