1. Our data privacy principles
2. How safe are your data?
3. Our data protection officer
4. What are mandatory details/fields?
5. What are your data processed for?
6. Badge Scanning
7. Right to objection and revocation at any time
8. What are cookies and what are they used for?
9. Web tracking
10. Logging
11. Social Media
12. Data privacy notices regarding photo and video recordings at our Conference and Trade Show
13. Videoconference-Software
14. Surveys
15. Use of the digital platform for virtual participation in CCW
16. How can you exercise your data privacy rights?
17. Amendments
Visitors to our website expect a high degree of quality and competence not only with regard to our events, but also the processing of your personal data by us.
We are responsible for handling your data, which we process according to your wishes and the provisions of the EU’s general data protection regulation (GDPR) as well as the German federal data protection act (BDSG). Personal data are those by which you can be identified or become identifiable. Your personal data are processed by us only if this is legally permissible or you have provided your consent.
We are Management Circle AG, Düsseldorfer Str. 36, 65760 Eschborn/Ts., Germany and our service providers who process your data on our behalf for the purposes mentioned below (hereinafter: Management Circle, “we”).
Our service providers include printers, lettershops, call centres, Internet service providers and data centres. Our service providers are prohibited from processing your data for purposes other than ours, or for their own purposes.
For offers involving advanced professional training, we also cooperate with our partners from the Management Circle group (this includes Management Circle AG, Management Circle Verlag GmbH, Haub + Partner GmbH and IMW Bildungsinstitut der Mittelständischen Wirtschaft GmbH, all located on Düsseldorfer Str. 36, 65760 Eschborn).
In addition to the postal address specified above, you can also reach us via e-mail at info@managementcircle.de.
By way of the details provided next, we consider it important to keep you informed at all times about which personal data are collected during your visit to our website and use of our services and offers. and how these data are subsequently processed by us.
We take technical and organizational precautions to protect your personal data against accidental or intentional manipulation, loss, destruction or access by unauthorized persons, and to protect your rights, besides ensuring compliance with applicable data protection regulations of the EU and the Federal Republic of Germany (Article 32 GDPR).
The employed measures are taken to ensure the confidentiality and integrity of your data, besides ensuring the availability and capacity of our systems and services for processing your data in the long term. They are also meant for quick restoration of data availability and access if a physical or technical incident occurs.
Our security measures include encryption of your data. All information you enter online is technically encrypted before transmission. As a result, this information cannot be viewed at any time by unauthorized third parties.
Our data processing and security measures are improved continuously in accordance with technological developments.
Needless to say, our employees are committed in writing to confidentiality and compliance with the data protection requirements of GDPR.
If you have any questions regarding data protection or data security, you can reach our data protection officer via e-mail at datenschutz@managementcircle.de or via post at Management Circle AG, Datenschutz, Düsseldorfer Str. 36, 65760 Eschborn/Ts., Germany.
If certain data fields are identified as mandatory or marked with an asterisk (*) during data collection, submission of such data is either legally or contractually required, or we need these data for contract conclusion, provision of the desired service or the specified purpose. Needless to say, entry of such mandatory data is also entirely at your discretion. A failure to submit details may prevent us from fulfilling the contract, providing the desired service or achieving the specified purpose.
a. Inquiries
We process your details in order to handle your inquiries. Conveyance of address and telecommunications details marked as mandatory is required to handle and respond to your concerns.
After your inquiry has been answered, we save it together with your details, usually in the form of a business letter, for 6 years (§257 Paragraph 4 German commercial code, §147 Paragraph 3 German tax code, Article 6 Paragraph 1 c) GDPR).
b. Online account
We process your required registration data and the other data voluntarily provided by you as a user in order to allow configuration and utilization of your online account (Article 6 Paragraph 1 b) GDPR).
We save the registration information for your online account until you cancel your online account again, insofar as this does not conflict with statutory storage obligations, e.g. based on your participation in events (see Item c).
c. Participation in events
The information which you provide to us when you register for an event is processed by us initially for the purpose of holding the event and invoicing (Article 6 Paragraph 1 b) GDPR). Communication of data marked as mandatory is necessary here for your participation and for invoicing. Voluntary submission of additional data facilitates our processing of your participation request.
Following contract conclusion according to statutory provisions (Article 6 Paragraph 1 c) GDPR), we save your data from participation in events and the associated documents (e.g. commercial letters, invoices) according to legal requirements for six years (§257 Paragraph 4 commercial code) or ten years (§147 Paragraph 3 tax code).
We process your data from participation in events also for postal advertising and customer analyses (see Item d below).
d. Digital participant confirmations and certificates
We create digital certificates and participant confirmations with Virtualbadge.io. Virtualbadge.io is a company of FutureNext GmbH based in Germany (Julius-Harty-Straße 1, 68163 Mannheim). We have concluded an order processing contract with FutureNext GmbH, which ensures that the service provider processes your personal data in compliance with the GDPR and in accordance with our instructions.The data collected includes in particular
First name and surname of the badge recipient
Email address of the badge recipient
Seminar- and badge-ID
IP address
The use of Virtual Badge is based on our legitimate interest in accordance with Art. 6 Paragraph 1 lit. f GDPR. Your personal data for the creation of digital certificates and participant confirmations will remain with us until the purpose for data processing no longer applies. If you assert a justified request for deletion or revoke your consent to data processing, your data will be deleted, provided that there are no legal or contractual retention periods to prevent deletion.
e. Advertising
Postal advertising and customer analysis
We process the data from your participation in events and other data collected outside the Internet to the legally permissible extent for advertising via post, for offers concerning advanced professional training, also by our partners from the Management Circle group, and for our customer analyses (Article 6 Paragraph1 f) GDPR). Our analyses are performed regularly using pseudonyms on the basis of a customer number.
Telephone callback service and telephone advertising
If you make use of our callback service with your explicit consent which can be revoked at any time, we will inform you once by phone at a date/time selected by you about the topic specified by you (§7 Paragraph 2 No. 2 of German laws against unfair competition, Article 6 Paragraph 1 a) GDPR).
We process your mandatory details submitted with your consent in order to personally address you.
If you give us your consent online, your IP address is also recorded and stored for documentation purposes (Article 7 Paragraph 1, Article 6 Paragraph 1 c) GDPR).
We also inform our event participants by phone about the Management Circle group’s offers regarding advanced professional training (§7 Paragraph 2 No. 2 of German laws against unfair competition).
E-mail advertising
With your explicit consent which is revocable at any time, we inform you via e-mail about offers regarding advanced professional training by us and our partners from the Management Circle group (§7 Paragraph 2 No. 3 of German laws against unfair competition, Article 6 Paragraph 1 a) GDPR).
If you have notified us of your e-mail address in connection with participating in one of our events, we also inform you via e-mail about further events similar to the one booked by you (§7 Paragraph 3 of German laws against unfair competition). Of course, you can object to this at any time at base rates (see below) (die “Basistarife” werden unten nicht mehr erwähnt).
We process your mandatory details submitted with your consent in order to personally address you.
To obtain your consent to e-mail advertising, we use the “double opt-in” online procedure to prevent our e-mail advertisements from being sent to the e-mail addresses of people who have not requested them. In this case, your IP address is also recorded and stored for documentation purposes (Article 7 Paragraph 1, Article 6 Paragraph 1 c) GDPR).
If you send us your consent by post, we save it as a scan or in the original form, also for documentation purposes (Article 7 Paragraph 1, Article 6 Paragraph 1 c) GDPR).
Storage durations for advertising
We store your data collected for advertising purposes until we receive revocation of your consent or your objection to the processing of your data for advertising purposes (see Item 6).
Change in purpose
Should we change the purpose of processing in the course of time, we will inform you in advance by updating this data privacy statement.
f. Online applications
If you apply for any of our job vacancies (§26 of the federal data protection act), speculatively or as a speaker (Article 6 Paragraph 1 b) GDPR), we process your address, telecommunication and application data exclusively for handling your application. Specification of your address and telecommunications data marked as mandatory fields is required to be able to establish contact with you regarding your application.
If your job application does not result in recruitment, your data are saved regularly for another six months for documentation purposes, after which they are deleted / destroyed just like the documents submitted to us, unless you have given us your consent to use the data for future applications (Article 6 Paragraph 1 a) GDPR).
g. Extended storage periods
The specified storage periods can be extended accordingly if a longer legal or contractual storage period applies in individual cases, in particular, when data are processed for different purposes.
We collect and process your personal data so that exhibitors can contact you after the end of the trade fair (direct advertising). After the exhibitor has scanned the QR code on your badge with the QR code scanner at our congress trade shows, we provide the exhibitor with the following data: Title, first and last name, company, function, postal address and e-mail address. By authorising the scanning, you expressly consent to the data transfer described above by the exhibitor and the processing of your personal data. The lawfulness of this processing is thus given by your consent in accordance with Art. 6 para. 1 a GDPR. You can withdraw your consent at any time.
You have the right to object to the processing of your data at any time for reasons arising from your particular situation if the legal requirements are met (Art. 21 para. 1 GDPR). If you wish to object to the processing of your data for advertising purposes (Art. 21 para. 2 GDPR) or revoke your consent, simply send a short message to our data protection officer by e-mail to datenschutz@managementcircle.de or by post to Management Circle AG, Data Protection Department, Düsseldorfer Str. 36, 65760 Eschborn/Ts. Your data will then no longer be processed for the advertising purposes covered by the objection to advertising or the revocation of consent.
This will not affect the lawfulness of the processing carried out prior to the objection or revocation.
In order to observe and permanently ensure your objection to advertising, we will collect the data required for this (name, address, email address) in accordance with Art. 21 Para. 3 GDPR in conjunction with Art. 17 Para. 3 b, b) GDPR. Art. 17 para. 3 b, 6 para. 1 c, f GDPR in our internal advertising block list in order to store it permanently - only for this purpose. In this way, we ensure that your address is NOT re-entered into our database as part of general research and that you may receive advertising from us again. If your data were to be completely deleted, there would be precisely this risk of your address being collected again. This procedure of using an advertising blacklist to prevent re-admission to an advertising mailing list after cancellation is also explicitly recommended by the data protection authorities. In this context, we refer to the explanations of the "Düsseldorfer Kreis", the working group of the Conference of Federal and State Data Protection Commissioners (see the following link, in particular point 5.1 "Objection to advertising and request for data deletion"). https://www.datenschutzkonferenz-online.de/media/oh/OH-Werbung_Februar%202022_final.pdf
a. Cookies
Cookies are small text files transferred to your computer’s hard drive via your web browser or other programs. These are stored locally on your computer’s hard drive for later retrieval.
By clicking on the “Ok” button in the consent banner at our website, you provide your approval, which can be revoked at any time, to a use of the cookies described there (Article 6 Paragraph1 a) GDPR).
b. Use of cookies
We use cookies:
Under certain conditions, cookies are also used by third-parties to enable functions from third-party providers (e.g. integration of YouTube videos).
Session cookies are used only for the current session. These cookies are deleted again after the end of the session, i.e. when the user leaves our website or closes the browser window.
Other cookies remain on your device for a longer period of time and allow us or the services used at our website (see Items 8, 9 below) to recognize your browser on your next visit (persistent cookies).
If you wish to revoke your consent and turn off pseudonymous web tracking as well as retargeting, please click here on “Do not track or retarget”. In the window which then opens, remove the green check mark from “Marketing” and then click “Ok”. Stored on your device as a result is a cookie which stops the collection of pseudonymous data at our website, as well as delivery of pseudonymous cookie IDs to our advertising networks for retargeting.
Please note that deleting all cookies on your terminal device also deletes the “do not track or retarget” cookie for compliance with revocation.
You can set your web browser such that it notifies you when cookies are set, or rejects all or at least some cookies (for example, only third-party cookies) to generally prohibit web tracking and retargeting. If you disable cookies from your browser, however, various functions on our website will become unusable for you.
The following links provide information about this possibility for most of the browsers in use:
Internet Explorer: support.microsoft.com/gp/cookies/en
Firefox: support.mozilla.com/en-US/kb/Cookies
Google Chrome: https://support.google.com/chrome/?hl=en#topic=7439538
Safari: https://support.apple.com/guide/safari/manage-cookies-sfri11471/mac
Opera: www.opera.com/browser/tutorials/security/privacy
a. Google Analytics
If you click on the consent banner on our web pages, this website uses functions of the web analysis ser-vice Google Analytics. The provider is Google Ireland Limited ("Google"), Gordon House, Barrow Street, Dublin 4, Ireland.
Google Analytics enables the website operator to analyse the behaviour of website visitors. In doing so, the website operator receives various usage data, such as page views, length of stay, operating systems used and the origin of the user. This data is assigned to the respective end device of the user. An assign-ment to a user ID does not take place.
Furthermore, Google Analytics allows us to record your mouse and scroll movements and clicks, among other things. Furthermore, Google Analytics uses various modelling approaches to complement the data sets collected and uses machine learning technologies in the data analysis.
Google Analytics uses technologies that are stored on your computer and enable the recognition of the user for the purpose of analysing user behaviour (e.g. cookies or device fingerprinting). The information collected by Google about the use of this website is usually transferred to a Google server in the USA and stored there.
The use of this service is based on your consent according to Art. 6 para. 1 lit. a GDPR and § 25 para. 1 TDDDG. The consent can be revoked at any time.
Data transfer to the USA is based on the standard contractual clauses of the EU Commission. Details can be found here: https://privacy.google.com/businesses/controllerterms/mccs/. In addition, Google has committed to continue to comply with the self-imposed obligations from the former so-called Privacy Shield Agreement or now EU-U.S. Data Privacy Framework.
IP anonymisation
We have activated the IP anonymisation function on this website. This means that your IP address is shortened and thus anonymised by Google within member states of the European Union or in other con-tracting states to the Agreement on the European Economic Area before being transmitted to the USA. Only in exceptional cases will the full IP address be transmitted to a Google server in the USA and short-ened there.
On behalf of the operator of this website, Google will use this information for the purpose of evaluating your use of the website, compiling reports on website activity and providing other services relating to website activity and internet usage to the website operator. The IP address transmitted by your browser as part of Google Analytics will not be merged with other Google data.
Browser plugin
You can prevent the collection of the data generated by the cookie and related to your use of the web-site (including your shortened IP address) as well as the processing of your data by Google by download-ing and installing the browser plugin available at the following link: https://tools.google.com/dlpage/gaoptout?hl=en.
You can find more information on how Google Analytics handles user data in Google's privacy policy: https://support.google.com/analytics/answer/6004245?hl=en.
b. Google Tag Manager
We use the Google Tag Manager. The provider is Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland. The Google Tag Manager provides a technical platform for executing and bundling other web services and web tracking programmes by means of so-called "tags". This data sent by individual tags integrated in the Google Tag Manager is brought together, stored and processed by the Google Tag Manager under a uniform user interface. The Google Tag Manager itself does not create any user pro-files, does not store any cookies and does not perform any independent analyses. It only serves to man-age and play out the tools integrated via it. However, the Google Tag Manager records your IP address, which may also be transmitted to Google's parent company in the United States.
Google will store the data relevant to the function of the Google Tag Manager for as long as is necessary to fulfil the booked web service. Data collection and storage are anonymised. If there is a reference to a person, the data will be deleted immediately, as long as it is not subject to any legal obligations to retain data. In any case, the data will be deleted after expiry of the retention period.
You can prevent the collection and forwarding of personal data to Google (in particular your IP address) and the processing of this data by Google by deactivating the execution of script code in your browser, installing a script blocker in your browser or activating the "Do Not Track" setting of your browser. You can also prevent the collection of data generated by the Google cookie and related to your use of the website (including your IP address) by Google and the processing of this data by Google by downloading and installing the browser plug-in available at the following link https://tools.google.com/dlpage/gaoptout?hl=en. Google's security and privacy policy can be found at https://policies.google.com/privacy?hl=en.
The use of the Google Tag Manager is based on Art. 6 (1) lit. f GDPR. The website operator has a legiti-mate interest in a quick and uncomplicated integration and management of various tools on its website. If a corresponding consent has been requested, the processing is carried out exclusively on the basis of Art. 6 para. 1 lit. a GDPR and § 25 para. 1 TDDDG, insofar as the consent includes the storage of cookies or access to information in the user's terminal device (e.g. device fingerprinting) as defined by the TDDDG. The consent can be revoked at any time.
c. Google Ads
The website operator uses Google Ads. Google Ads is an online advertising programme of Google Ireland Limited ("Google"), Gordon House, Barrow Street, Dublin 4, Ireland.
Google Ads enables us to display advertisements in the Google search engine or on third-party websites when the user enters certain search terms on Google (keyword targeting). Furthermore, targeted adver-tisements can be played on the basis of the user data available at Google (e.g. location data and inter-ests) (target group targeting). As the website operator, we can evaluate this data quantitatively by ana-lysing, for example, which search terms have led to the display of our advertisements and how many advertisements have led to corresponding clicks.
The use of this service is based on your consent according to Art. 6 para. 1 lit. a GDPR and § 25 para. 1 TDDDG. The consent can be revoked at any time.
Data transfer to the USA is based on the standard contractual clauses of the EU Commission. Details can be found here: https://policies.google.com/privacy/frameworks and https://privacy.google.com/businesses/controllerterms/mccs/. In addition, Google has committed to continue to comply with the self-imposed obligations from the former so-called Privacy Shield Agreement or now EU-U.S. Data Privacy Framework.
Google Ads Remarketing
This website uses the functions of Google Ads Remarketing. The provider is Google Ireland Limited ("Google"), Gordon House, Barrow Street, Dublin 4, Ireland.
With Google Ads Remarketing, we can assign people who interact with our online offering to specific target groups in order to subsequently display interest-based advertising to them in the Google advertis-ing network (remarketing or retargeting).
Furthermore, the advertising target groups created with Google Ads Remarketing can be linked with Google's cross-device functions. In this way, interest-based, personalised advertising messages that have been adapted to you depending on your previous usage and surfing behaviour on one end device (e.g. mobile phone) can also be displayed on another of your end devices (e.g. tablet or PC).
If you have a Google account, you can object to personalised advertising at the following link: https://www.google.com/settings/ads/onweb/.
The use of this service is based on your consent according to Art. 6 para. 1 lit. a GDPR and § 25 para. 1 TDDDG. The consent can be revoked at any time.
Further information and the data protection provisions can be found in Google's data protection declara-tion at: https://policies.google.com/technologies/ads?hl=en.
Google Conversion Tracking
This website uses Google Conversion Tracking. The provider is Google Ireland Limited ("Google"), Gordon House, Barrow Street, Dublin 4, Ireland.
With the help of Google conversion tracking, Google and we can recognise whether the user has per-formed certain actions. For example, we can evaluate which buttons on our website were clicked how often and which products were viewed or purchased particularly frequently. This information is used to create conversion statistics. We learn the total number of users who clicked on our ads and what actions they took. We do not receive any information with which we can personally identify the user. Google itself uses cookies or comparable recognition technologies for identification.
The use of this service is based on your consent according to Art. 6 para. 1 lit. a GDPR and § 25 para. 1 TDDDG. The consent can be revoked at any time.
You can find more information on Google conversion tracking in Google's privacy policy: https://policies.google.com/privacy?hl=en.
d. Pardot
We use the Pardot Marketing Automation System ("Pardot MAS") of Pardot LLC, 950 E. Paces Ferry Rd. Suite 3300 Atlanta, GA 30326, USA ("Pardot") on our websites. Pardot is a special software for recording and evaluating the use of a website by website visitors. Insofar as Pardot LLC processes personal data, the processing is carried out exclusively on our behalf and in accordance with our instructions. We have ensured Pardot LLC's compliance with the EU Data Protection Directive via an individual agreement with Pardot LLC.
When you visit our website, Pardot MAS records your click path and uses it to create an individual usage profile using a pseudonym. Cookies are used for this purpose, which allow your browser to be recognised. By agreeing to the use of cookies when using our website for the first time by confirming the so-called cookie acceptance banner or by continuing to use our website, you also agree to the use of cookies by Pardot.
You can revoke your consent at any time with effect for the future. To do so, please contact us using the contact details provided at the end of this privacy policy. In addition, you can deactivate the creation of pseudonymised usage profiles at any time by configuring your internet browser so that cookies from the domain "pardot.com" are not accepted. However, this may lead to certain restrictions in the functions and user-friendliness of our offer.
e. Use of SalesViewer® technology
On this website, the SalesViewer® technology of SalesViewer® GmbH is used to collect and store data for marketing, market research and optimization purposes based on the legitimate interests of the website operator (Art. 6 para.1 lit.f GDPR). For this purpose, a javascript-based code is used to collect company-related data and the corresponding usage. The data collected using this technology is encrypted using a non-reversible one-way function (known as hashing). The data is immediately pseudonymized and not used to personally identify the visitor to this website.The data collection and storage can be objected to at any time with effect for the future by please clicking on this link to prevent the collection by SalesViewer® within this website in the future: https://www.salesviewer.com/en/opt-out/?.
This will place an opt-out cookie for this website on your device. If you delete your cookies in this browser, you must click this link again.
Each time this website is visited, data about this event are temporarily stored in a log file (server log file) and processed (Article 6 Paragraph 1 c), f) GDPR). These data include:
For technical reasons, these server log data must be processed for the purpose of providing the service, subsequently ensuring system security, and for documentation. For technical purposes during processing and for ensuring system security, the data are anonymized through truncation of the IP address within seven days, unless further storage of the IP address is required for documentation purposes (Article 6 Paragraph 1 c), Article 5 Paragraph 2, Article 7 Paragraph 1 GDPR). These data are further evaluated anonymously for statistical purposes.
a. Online presence in social media
We maintain an online presence on social networks and platforms for the purpose of communicating with and providing information about our services to customers, potential customers and users who are active on social networks.
We wish to point out that user data may be processed outside the European Union. This could expose users to risks; it could, for example, make it more difficult for them to enforce their rights. However, US providers who are certified under the Privacy Shield are under an obligation to comply with EU data protection standards.
Furthermore, user data is normally processed for market research and advertising purposes. For example, user profiles can be created from user behaviour and interest indicators based on user actions. These user profiles can then be used, for example, to display advertisements on and outside the platforms that are likely to be of interest to the users. Cookies that track the usage habits and interests of the user are normally stored on the user’s computer for this purpose. User profiles can also contain data that is independent of specific devices, especially if the user is a member of a particular platform and has logged on to it.
Processing of the user’s personal data is undertaken on the basis of our legitimate interest in providing information to users and communicating with them in accordance with Art. 6 para. 1 (f) of the GDPR. If users are requested by the providers of the platforms to agree to the processing of their data as described above, the legal basis for the processing is Art. 6 Para. 1 (a) and Art. 7 of the GDPR.
– TikTok (TikTok Technology Limited, 10 Earlsfort Terrace, Dublin, D02 T380, Irland) – privacy policy: https://www.tiktok.com/legal/page/eea/privacy-policy/de , Opt-Out: https://www.tiktok.com/legal/privacy-policy
b. What happens with integrated YouTube videos?
Our website embeds YouTube videos which are stored at YouTube (the responsible party being Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Irland,), but can be played directly at our website. To safeguard your own privacy, you are first required to enable the videos at our site.
When you activate or play the videos, cookies from YouTube and DoubleClick by Google can be saved and/or read out on your terminal device, and data transmitted to YouTube and DoubleClick (both Google, USA); these data can include your IP address and cookie ID, the specific address of our page which was invoked, system date and time of the invocation, ID of your browser. Information on the purpose and scope of data collection and processing by YouTube and DoubleClick is provided by Google at: https://policies.google.com/privacy?hl=en&gl=en.
If you do not want YouTube or DoubleClick by Google to receive data about you through use of our website, do not enable the videos.
Data transmission takes place after enabling of videos, regardless of whether or not you possess a YouTube or Google user account via which you are logged in. If you are logged in, these data can be directly associated with your account. To avoid this, you have to log out during your visit before enabling the video.
Photos and films are taken at our events. The following data privacy notices are meant to inform you about the processing of such data and your related rights.
Which data of yours do we process? In addition to the actual photo and film recordings, “EXIF” (exchangeable image file) data are also stored. This is a standard for storing photographic information.
For which purposes do we use these data? We process photo and video recordings as part of our events, event documentation and public relations activities by Management Circle AG. Individual recordings can therefore be published via online and print media as well as social media channels of the responsible party, unless you have objected in individual cases. Included, in particular, but not exclusively are:
Legal basis: The legal basis is the responsible party’s legitimate interest, within the meaning of Article 6 Paragraph 1 Item (f) GDPR, in press and public relations as well as presentation of activities. In certain cases, §§ 22, 23 of the German Art Copyright Act also form a legal basis for processing.
Relay: In addition to employees in charge of press and public relations, we may pass on images to parties which participate in the production and dissemination of recordings and/or publications (e.g. photographers, PR agencies or press representatives who report on the event and the organizer’s activities for journalistic/editorial purposes).
Where are the data processed? There is no provision for transfer to recipients in a third country (outside the EU) or to an international organization.
Duration of storage: The data are deleted after the end of their utilization, or in the second year at the latest. Insofar as they are kept for longer for historical purposes, their processing is restricted appropriately.
a. Online seminars and webinars via “Zoom”
Purpose of the processing: We use the tool “Zoom” to conduct online seminars and/or webinars (hereinafter: “online meetings”). “Zoom” is a service provided by Zoom Video Communications, Inc. which is based in the USA. In the case of a recording, the purpose is to provide content for registered participants who were unable to actively participate in the online event at short notice and/or to follow up with our event partners.
The data controller for data processing directly related to the conduct of “Online Meetings” is Management Circle AG. Note: If you access the “Zoom” website, the provider of “Zoom” is responsible for data processing. However, accessing the website is only necessary to download the software for using “Zoom”.
What data is processed? Various types of data are processed when using “Zoom”. The scope of the data also depends on the data you provide before or when participating in an “online meeting”.
The following personal data are subject to processing:
If it is necessary for the purposes of logging the outcomes of an online meeting, we will log the chat content. However, this will not usually be the case.
In the case of webinars, we may also process questions asked by webinar participants for the purposes of recording and following up webinars.
If you are registered as a user at “Zoom”, reports on “online meetings” (meeting metadata, telephone dial-in data, questions and answers in webinars, survey function in webinars) may be stored at “Zoom” for up to one month.
Automated decision-making within the meaning of Art. 22 GDPR is not used.
Legal basis for data processing: As the use of “Zoom” is an elementary component in the implementation of online meetings, Art. 6 para. 1 lit. f) GDPR is the legal basis for data processing. In these cases, our interest is in the effective implementation of “online meetings”. For the rest, the legal basis for data processing when conducting “online meetings” is Art. 6 para. 1 lit. b) GDPR, insofar as the meetings are conducted in the context of contractual relationships. In the case of the recording of the webinar, the legal basis is Art. 6 para. 1 lit. a GDPR.
Recipients / disclosure of data: Personal data processed in connection with participation in “online meetings” will not be passed on to third parties as a matter of principle, unless they are specifically intended to be passed on. Please note that the content of “online meetings”, as well as personal meetings, is often used to communicate information with customers, interested parties or third parties and is therefore intended to be passed on.
Other recipients: The provider of “Zoom” necessarily receives knowledge of the above-mentioned data insofar as this is provided for in the context of our order processing agreement with “Zoom”.
Data processing outside the European Union: “Zoom” is a service provided by a provider from the USA. A processing of personal data therefore also takes place in a third country. We have concluded an order processing agreement with the provider of “Zoom” which complies with the requirements of Art. 28 GDPR. An appropriate level of data protection is guaranteed by the conclusion of the so-called EU standard contractual clauses.
The recording will be made available for a limited period of time via a dedicated Management Circle cloud and will be deleted 4 weeks after the end of the webinar.
b. Conceptboard
The Conceptboard software from Digital Republic Media Group GmbH (Mansfelder Str. 56, 06108 Halle (Saale)) will be used for virtual collaboration between distributed teams. Registration on the online whiteboard is not required. The software can be used without registration and without specifying a clear name. Collaboration in Conceptboard takes place on interactive workspaces (the “boards”). Users can transfer data to these boards. When a user shares a board with other users, some of that data (e.g., usernames, optional profile pictures, contributed content, information about times of contribution) is also shared to enable collaboration. Conceptboard’s privacy policy (https://conceptboard.com/de/privacy/) applies regardless of the notices given above.
We collect your answers to individual questions in surveys. Participation in surveys is voluntary. We use the survey results to create anonymous evaluations that do not relate to you personally. To conduct these surveys, we use “Microsoft Forms”, an online service of Microsoft Corporation, One Microsoft Way, Redmond, WA 98052-6399 USA. Further information on Microsoft Forms can be found online at support.microsoft.com/de-de/forms.
The legal basis for the data processing in the survey is our legitimate interest in the sense of Art. 6 Para. 1 lit. f GDPR in improving our products and services. The survey is sent in the form of a link to the e-mail address you have provided to us. The survey is anonymous – you do not have to provide any personal data. Nevertheless, Microsoft may collect metadata such as your IP address when you call up the web application.
The data processing by Microsoft takes place in a European data centre. In the event that data is nevertheless processed in the United States, the EU standard contractual clauses apply between Microsoft and us. These ensure a level of data protection that complies with the GDPR in the event of data transfer to the United States. You can find more information in Microsoft’s privacy policy, available at: https://privacy.microsoft.com/de-de/privacystatement. In addition, Google has committed to continue to comply with the self-imposed obligations from the former so-called Privacy Shield Agreement or now EU-U.S. Data Privacy Framework.
We store your data as long as this is necessary for the implementation of the survey.
In 2024, you will be able to participate virtually in CCW for the first time. This is done by registering via the CCW website on a digital platform that offers you an unrivalled user experience. You can also access this digital platform as a participant in the face-to-face event.
When using this digital platform, personal data is processed. Both the security and the transparency of the processed data is an important concern for us. In the following, we will therefore inform you about the purpose, nature and legal basis of the data processing.
Personal data is any information relating to an identified or identifiable natural person (Article 4, 1 GDPR).
a. Registration and login on the digital platform
We automatically process the personal data that you provide when registering for the implementation of the virtual CCW and the associated organisational activities. The following personal data are mandatory and are requested in the user profile:
The data is processed by us in order to enable you to comfortably use the virtual event and its various areas. The legal basis for this processing is Article 6 Paragraph b) GDPR (contract performance).
As a participant in the virtual Conference, you will have the opportunity to get involved in various ways: You can follow the presence conference via livestream, use the chat as well as the Q & A function and create feedback sheets on the individual contributions. The following personal data will be requested for this purpose:
We process your personal data in this context to enable you to smoothly use the features that you booked with your registration for the event. The legal basis for the processing is Article 6 Paragraph b) GDPR (performance of contract).
b. Participation in matchmaking
The Matchmaker allows you to filter and display people by interests and to search for products/services that match you and your needs. The prerequisite for this is that you activate the Matchmaker. The following personal data is requested for this purpose:
We process your personal data for the purpose of enabling a precise match with the other participants/services/products and thereby achieving an optimal match with your interests and needs. The legal basis for this processing of your personal data is Article 6 Paragraph 1 b) GDPR. (contract performance)
c. Visit to the virtual Trade Show
By visiting the virtual Trade Show, you can enter into an exchange with the exhibitors/sponsors. The prerequisite for this is your prior explicit consent to your data (name, job title, company, e-mail) being passed on to the exhibitors at the event for the purpose of sending you promotional information on the services they offer. This consent only applies to the companies whose content you have accessed. The exhibitors/sponsors may then process your data for their own purposes, for example to contact you after the event. The data transfer is based on your explicit consent in accordance with Article 6 Paragraph 1 a) GDPR.
If you have any questions about the processing of your personal data by us, we will gladly provide information about the data concerning you (Article 15 GDPR).
Given fulfilment of the legal prerequisites, you also have a right to rectification (Article 16 GDPR), deletion (Article 17 GDPR), restriction of processing (Article 18 GDPR), objection to processing (Article 21 GDPR) and data portability (Article 20 GDPR).
In all such cases, please contact our data protection officer (see Item 3 above) at the specified communication addresses.
Finally, you have the right to appeal to a competent data protection supervisory authority (Article 77 GDPR, §19 federal data protection act).
From time to time, it is necessary to adapt the contents of this data privacy statement. We therefore reserve the right to perform such amendments at any time. We also publish the data privacy statement’s amended version here. When revisiting us, you should therefore read this data privacy statement again.