Data privacy statement

1. We are responsible for your data

Visitors to our website expect a high degree of quality and competence not only with regard to our events, but also the processing of your personal data by us.

We are responsible for handling your data, which we process according to your wishes and the provisions of the EU’s general data protection regulation (GDPR) as well as the German federal data protection act (BDSG). Personal data are those by which you can be identified or become identifiable. Your personal data are processed by us only if this is legally permissible or you have provided your consent.

We are Management Circle AG, Düsseldorfer Str. 36, 65760 Eschborn/Ts., Germany and our service providers who process your data on our behalf for the purposes mentioned below (hereinafter: Management Circle, “we”).

Our service providers include printers, lettershops, call centres, Internet service providers and data centres. Our service providers are prohibited from processing your data for purposes other than ours, or for their own purposes.

For offers involving advanced professional training, we also cooperate with our partners from the Management Circle group (this includes Management Circle AG, Management Circle Verlag GmbH, Haub + Partner GmbH and IMW Bildungsinstitut der Mittelständischen Wirtschaft GmbH, all located on Düsseldorfer Str. 36, 65760 Eschborn).

In addition to the postal address specified above, you can also reach us via e-mail at

By way of the details provided next, we consider it important to keep you informed at all times about which personal data are collected during your visit to our website and use of our services and offers. and how these data are subsequently processed by us.

2. How safe are your data?

We take technical and organizational precautions to protect your personal data against accidental or intentional manipulation, loss, destruction or access by unauthorized persons, and to protect your rights, besides ensuring compliance with applicable data protection regulations of the EU and the Federal Republic of Germany (Article 32 GDPR).

The employed measures are taken to ensure the confidentiality and integrity of your data, besides ensuring the availability and capacity of our systems and services for processing your data in the long term. They are also meant for quick restoration of data availability and access if a physical or technical incident occurs.

Our security measures include encryption of your data. All information you enter online is technically encrypted before transmission. As a result, this information cannot be viewed at any time by unauthorized third parties.

Our data processing and security measures are improved continuously in accordance with technological developments.

Needless to say, our employees are committed in writing to confidentiality and compliance with the data protection requirements of GDPR.

3. Our data protection officer

If you have any questions regarding data protection or data security, you can reach our data protection officer via e-mail at or via post at Management Circle AG, Datenschutz, Düsseldorfer Str. 36, 65760 Eschborn/Ts., Germany.

4. What are mandatory details / fields?

If certain data fields are identified as mandatory or marked with an asterisk (*) during data collection, submission of such data is either legally or contractually required, or we need these data for contract conclusion, provision of the desired service or the specified purpose. Needless to say, entry of such mandatory data is also entirely at your discretion. A failure to submit details may prevent us from fulfilling the contract, providing the desired service or achieving the specified purpose.

5. What are your data processed for?

a. Inquiries

We process your details in order to handle your inquiries. Conveyance of address and telecommunications details marked as mandatory is required to handle and respond to your concerns.

After your inquiry has been answered, we save it together with your details, usually in the form of a business letter, for 6 years (§257 Paragraph 4 German commercial code, §147 Paragraph 3 German tax code, Article 6 Paragraph 1 c) GDPR).

b. Online account

We process your required registration data and the other data voluntarily provided by you as a user in order to allow configuration and utilization of your online account (Article 6 Paragraph 1 b) GDPR).

We save the registration information for your online account until you cancel your online account again, insofar as this does not conflict with statutory storage obligations, e.g. based on your participation in events (see Item c).

c. Participation in events

The information which you provide to us when you register for an event is processed by us initially for the purpose of holding the event and invoicing (Article 6 Paragraph 1 b) GDPR). Communication of data marked as mandatory is necessary here for your participation and for invoicing. Voluntary submission of additional data facilitates our processing of your participation request.

Following contract conclusion according to statutory provisions (Article 6 Paragraph 1 c) GDPR), we save your data from participation in events and the associated documents (e.g. commercial letters, invoices) according to legal requirements for six years (§257 Paragraph 4 commercial code) or ten years (§147 Paragraph 3 tax code).

We process your data from participation in events also for postal advertising and customer analyses (see Item d below).

d. Advertising

Postal advertising and customer analysis
We process the data from your participation in events and other data collected outside the Internet to the legally permissible extent for advertising via post, for offers concerning advanced professional training, also by our partners from the Management Circle group, and for our customer analyses (Article 6 Paragraph1 f) GDPR). Our analyses are performed regularly using pseudonyms on the basis of a customer number.

Telephone callback service and telephone advertising
If you make use of our callback service with your explicit consent which can be revoked at any time, we will inform you once by phone at a date/time selected by you about the topic specified by you (§7 Paragraph 2 No. 2 of German laws against unfair competition, Article 6 Paragraph 1 a) GDPR).

We process your mandatory details submitted with your consent in order to personally address you.

If you give us your consent online, your IP address is also recorded and stored for documentation purposes (Article 7 Paragraph 1, Article 6 Paragraph 1 c) GDPR).

We also inform our event participants by phone about the Management Circle group’s offers regarding advanced professional training (§7 Paragraph 2 No. 2 of German laws against unfair competition).

E-mail advertising
With your explicit consent which is revocable at any time, we inform you via e-mail about offers regarding advanced professional training by us and our partners from the Management Circle group (§7 Paragraph 2 No. 3 of German laws against unfair competition, Article 6 Paragraph 1 a) GDPR).

If you have notified us of your e-mail address in connection with participating in one of our events, we also inform you via e-mail about further events similar to the one booked by you (§7 Paragraph 3 of German laws against unfair competition). Of course, you can object to this at any time at base rates (see below) (die “Basistarife” werden unten nicht mehr erwähnt).

We process your mandatory details submitted with your consent in order to personally address you.

To obtain your consent to e-mail advertising, we use the “double opt-in” online procedure to prevent our e-mail advertisements from being sent to the e-mail addresses of people who have not requested them. In this case, your IP address is also recorded and stored for documentation purposes (Article 7 Paragraph 1, Article 6 Paragraph 1 c) GDPR).

If you send us your consent by post, we save it as a scan or in the original form, also for documentation purposes (Article 7 Paragraph 1, Article 6 Paragraph 1 c) GDPR).

Storage durations for advertising
We store your data collected for advertising purposes until we receive revocation of your consent or your objection to the processing of your data for advertising purposes (see Item 6).

Change in purpose
Should we change the purpose of processing in the course of time, we will inform you in advance by updating this data privacy statement.

e. Online applications

If you apply for any of our job vacancies (§26 of the federal data protection act), speculatively or as a speaker (Article 6 Paragraph 1 b) GDPR), we process your address, telecommunication and application data exclusively for handling your application. Specification of your address and telecommunications data marked as mandatory fields is required to be able to establish contact with you regarding your application.

If your job application does not result in recruitment, your data are saved regularly for another six months for documentation purposes, after which they are deleted / destroyed just like the documents submitted to us, unless you have given us your consent to use the data for future applications (Article 6 Paragraph 1 a) GDPR).

f. Extended storage periods

The specified storage periods can be extended accordingly if a longer legal or contractual storage period applies in individual cases, in particular, when data are processed for different purposes.

6. Right to objection and revocation at any time

You have the right, at any time for reasons arising from your particular situation, to appeal against the processing of your data (Article 21 Paragraph 1 GDPR) if the legal prerequisites for this are fulfilled.

If you object to the processing of your data for advertising purposes (Article 21 Paragraph 2 GDPR) or want to revoke an issued consent, it is sufficient at any time so send a short message via by e-mail to our data protection officer at, or via post to Management Circle AG, Abteilung Datenschutz, Düsseldorfer Str. 36, 65760 Eschborn/Ts, Germany. Your data are then no longer processed for the advertising purposes affected by the objection or withdrawal of consent.

This does not affect the lawfulness of the processing carried out until objection or revocation.

After you object to the processing of your personal data for advertising purposes or withdraw your consent, we are obliged by data privacy laws in accordance with Article 21 Paragraph 3 GDPR to include the related, necessary data (name, address, e-mail address) in our internal advertising block list, save them permanently (in blocked mode) – only for this purpose – and use them for matching with our future advertising files (Article 6 Paragraph 1 c), f) GDPR). This makes it possible to permanently ensure compliance with your objection to advertising / revocation of your consent.

7. What are cookies and what are they used for?

a. Cookies

Cookies are small text files transferred to your computer’s hard drive via your web browser or other programs. These are stored locally on your computer’s hard drive for later retrieval.

By clicking on the “Ok” button in the consent banner at our website, you provide your approval, which can be revoked at any time, to a use of the cookies described there (Article 6 Paragraph1 a) GDPR).

b. Use of cookies

We use cookies:

  • To enable and ensure the necessary technical functions such as login recognition, shopping cart (Article 6 Paragraph1 b), f) GDPR).
  • To make our website user-friendly and match it optimally to your needs (Article 6 Paragraph 1 a) GDPR).
  • To evaluate visits to our website on the basis of pseudonyms for marketing and optimization purposes (Article 6 Paragraph 1 a) GDPR), also known as web tracking.
  • To comply with rejection of cookies and / or revocation of your consent to a use of cookies (“do not track or retarget cookies”) (Article 6 Paragraph 1 c) ,f) GDPR).

Under certain conditions, cookies are also used by third-parties to enable functions from third-party providers (e.g. integration of YouTube videos).

Session cookies are used only for the current session. These cookies are deleted again after the end of the session, i.e. when the user leaves our website or closes the browser window.

Other cookies remain on your device for a longer period of time and allow us or the services used at our website (see Items 8, 9 below) to recognize your browser on your next visit (persistent cookies).

c. Deactivation of cookies / revocation of your consent

If you wish to revoke your consent and turn off pseudonymous web tracking as well as retargeting, please click here on “Do not track or retarget”. In the window which then opens, remove the green check mark from “Marketing” and then click “Ok”. Stored on your device as a result is a cookie which stops the collection of pseudonymous data at our website, as well as delivery of pseudonymous cookie IDs to our advertising networks for retargeting.

Please note that deleting all cookies on your terminal device also deletes the “do not track or retarget” cookie for compliance with revocation.

You can set your web browser such that it notifies you when cookies are set, or rejects all or at least some cookies (for example, only third-party cookies) to generally prohibit web tracking and retargeting. If you disable cookies from your browser, however, various functions on our website will become unusable for you.

The following links provide information about this possibility for most of the browsers in use:

Internet Explorer:
Google Chrome:

8. Web tracking

a. Google Analytics

If you click on the consent banner at our website, this website will use Google Analytics, a web service of Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Irland (“Google”). Google Analytics uses cookies which are stored on your computer to enable analysis of website usage by you (Article 6 Paragraph 1 a) GDPR). Information generated by cookies about your use of this website is usually transmitted to a Google server in the United States and stored there.

When IP anonymization is active at our website, however, your IP address is previously truncated by Google within member states of the European Union or in other states which are party to the agreement on the European Economic Area. Only in exceptional cases is a full IP address transmitted to a Google server in the USA and truncated there.

Google uses this information to evaluate your use of the website and compile reports on website activity for us, besides providing further services on our behalf relating to website and Internet usage.

In addition, you can prevent data generated by cookies and relating to your use of the website (including your truncated IP address) from being collected and processed by Google, by downloading and installing a browser plug-in from the following link:

b. Adobe’s Omniture SiteCatalyst

If you click on the consent banner at our website, it will also use Adobe’s Omniture SiteCatalyst, a web analysis service of Adobe Systems Software Ireland Limited, 4-6 Riverwalk, Citywest Business Campus, Dublin 24, Ireland (“Adobe”). Adobe uses cookies which enable analysis of your use of the website, known as web tracking (Article 6 Paragraph 1 a) GDPR). The details generated by cookies about your use of our website (your usage profile), for example, your browser’s activity while you visit our website, the website path, general information about the visitor’s Internet service provider and host, times of visiting our website, entry and exit pages, as well as visitors’ IP addresses are evaluated on an anonymized basis by Adobe on our behalf. The IP address communicated by your browser is anonymized beforehand by Adobe in an obfuscation procedure normally taking place at Adobe data centres in the European Union. Information from web tracking is not merged with your personal data.

If you nonetheless want to revoke this tracking, you can click here to set an exclusion cookie.

c. Pardot

We use the Pardot Marketing Automation System (“Pardot MAS”) from Pardot LLC, 950 E. Paces Ferry Rd. Suite 3300 Atlanta, GA 30326, USA (“Pardot”) at our website. Pardot is a special software for registering and analyzing website usage by visitors. Insofar as Pardot LLC processes personal data, this takes place solely on our behalf and according to our instructions. Through individual agreement with Pardot LLC, we have ensured their compliance with the EU data protection directive.

When you visit our website, Pardot MAS captures your click path and creates an individual usage profile based on a pseudonym. Used for this purpose are cookies which allow recognition of your browser. By consenting to the use of cookies through confirmation of the cookie acceptance banner when first using our website, or through your continued use of our website, you also agree to the use of Pardot cookies.

You may revoke your consent at any time with future effect. For this, establish contact using the details provided at the end of this data privacy statement. In addition, you can disable creation of pseudonymous usage profiles at any time by configuring your Internet browser to reject cookies from the domain “”. However, this may place certain limitations on the functions and user-friendliness of our Internet offer.

9. Logging

Each time this website is visited, data about this event are temporarily stored in a log file (server log file) and processed (Article 6 Paragraph 1 c), f) GDPR). These data include:

  • Type and version of your web browser
  • Your operating system
  • Referrer URL category
  • Host name of the accessing terminal device
  • Date and time of server query
  • IP address

For technical reasons, these server log data must be processed for the purpose of providing the service, subsequently ensuring system security, and for documentation. For technical purposes during processing and for ensuring system security, the data are anonymized through truncation of the IP address within seven days, unless further storage of the IP address is required for documentation purposes (Article 6 Paragraph 1 c), Article 5 Paragraph 2, Article 7 Paragraph 1 GDPR). These data are further evaluated anonymously for statistical purposes.

10. Plugins and Tools

This website uses the plugin Wordfence Security to protect against viruses and malware and to ward off attacks by computer criminals. Wordfence Security secures our website, protecting visitors to the site from viruses and malware. Operator is Defiant, 800 5th Avenue Ste 4100, Seattle, WA 98104, USA. This constitutes a legitimate interest within the legal sense of Art. 6 para. 1 lit. f DSGVO. We have entered into an agreement with Wordfence/Defiant for the outsourcing of our data processing and fully implement the strict requirements of the German data protection authorities when using Wordfence/Defiant. You can read the data privacy statement here:

11. Social Media

a. Online presence in social media

We maintain an online presence on social networks and platforms for the purpose of communicating with and providing information about our services to customers, potential customers and users who are active on social networks.

We wish to point out that user data may be processed outside the European Union. This could expose users to risks; it could, for example, make it more difficult for them to enforce their rights. However, US providers who are certified under the Privacy Shield are under an obligation to comply with EU data protection standards.

Furthermore, user data is normally processed for market research and advertising purposes. For example, user profiles can be created from user behaviour and interest indicators based on user actions. These user profiles can then be used, for example, to display advertisements on and outside the platforms that are likely to be of interest to the users. Cookies that track the usage habits and interests of the user are normally stored on the user’s computer for this purpose. User profiles can also contain data that is independent of specific devices, especially if the user is a member of a particular platform and has logged on to it.

Processing of the user’s personal data is undertaken on the basis of our legitimate interest in providing information to users and communicating with them in accordance with Art. 6 para. 1 (f) of the GDPR. If users are requested by the providers of the platforms to agree to the processing of their data as described above, the legal basis for the processing is Art. 6 Para. 1 (a) and Art. 7 of the GDPR.

For a detailed explanation of how the various providers process your data and how you can object to this (opt-out), please refer to the links below. If you would like further information or wish to assert your user rights, we suggest that your most effective course of action is to contact the providers. Only the providers have access to user data and are able to take direct and appropriate action and answer queries. If you still require assistance, please contact us.

– Facebook, Pages and groups, (Facebook Ireland Ltd., 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland) based on an agreement on the joint processing of personal data – privacy policy:, for Pages: , opt-out: and

– Google/ YouTube (Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Irland) – privacy policy:, opt-out:

– Twitter (Twitter Inc., 1355 Market Street, Suite 900, San Francisco, CA 94103, USA) – data privacy:, opt-out:

– LinkedIn (LinkedIn Ireland Unlimited Company Wilton Place, Dublin 2, Ireland) – privacy policy , opt-out:

– Xing (XING AG, Dammtorstrasse 29-32, 20354 Hamburg, Germany) – privacy policy/ opt-out:

– Instagram (Facebook Ireland Limited, 4 Grand Canal Square, Dublin 2, Ireland) – privacy policy: , opt-out: and

-Pinterest (Pinterest Europe Ltd., Palmerston House, 2nd Floor, Fenian Street, Dublin 2, Ireland) – privacy policy:

b. What happens with integrated YouTube videos?

Our website embeds YouTube videos which are stored at YouTube (the responsible party being Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Irland,), but can be played directly at our website. To safeguard your own privacy, you are first required to enable the videos at our site.

When you activate or play the videos, cookies from YouTube and DoubleClick by Google can be saved and/or read out on your terminal device, and data transmitted to YouTube and DoubleClick (both Google, USA); these data can include your IP address and cookie ID, the specific address of our page which was invoked, system date and time of the invocation, ID of your browser. Information on the purpose and scope of data collection and processing by YouTube and DoubleClick is provided by Google at:

If you do not want YouTube or DoubleClick by Google to receive data about you through use of our website, do not enable the videos.

Data transmission takes place after enabling of videos, regardless of whether or not you possess a YouTube or Google user account via which you are logged in. If you are logged in, these data can be directly associated with your account. To avoid this, you have to log out during your visit before enabling the video.

12. Data privacy notices regarding photo and video recordings at our conferences and congress fairs

Photos and films are taken at our events. The following data privacy notices are meant to inform you about the processing of such data and your related rights.

Which data of yours do we process? In addition to the actual photo and film recordings, “EXIF” (exchangeable image file) data are also stored. This is a standard for storing photographic information.

For which purposes do we use these data? We process photo and video recordings as part of our events, event documentation and public relations activities by Management Circle AG. Individual recordings can therefore be published via online and print media as well as social media channels of the responsible party, unless you have objected in individual cases. Included, in particular, but not exclusively are:

  • Streaming platforms to broadcast event content from our conferences and congress fairs
  • Print media of the organizer as well as digital formats (folders, brochures)
  • Own website and blogs
  • Social media channels

Legal basis: The legal basis is the responsible party’s legitimate interest, within the meaning of Article 6 Paragraph 1 Item (f) GDPR, in press and public relations as well as presentation of activities. In certain cases, §§ 22, 23 of the German Art Copyright Act also form a legal basis for processing.

Relay: In addition to employees in charge of press and public relations, we may pass on images to parties which participate in the production and dissemination of recordings and/or publications (e.g. photographers, PR agencies or press representatives who report on the event and the organizer’s activities for journalistic/editorial purposes).

Where are the data processed? There is no provision for transfer to recipients in a third country (outside the EU) or to an international organization.

Duration of storage
: The data are deleted after the end of their utilization, or in the second year at the latest. Insofar as they are kept for longer for historical purposes, their processing is restricted appropriately.

13. How can you exercise you data privacy rights?

a. Online seminars and webinars via “Zoom”

Purpose of the processing: We use the tool “Zoom” to conduct online seminars and/or webinars (hereinafter: “online meetings”). “Zoom” is a service provided by Zoom Video Communications, Inc. which is based in the USA.

The data controller for data processing directly related to the conduct of “Online Meetings” is Management Circle AG. Note: If you access the “Zoom” website, the provider of “Zoom” is responsible for data processing. However, accessing the website is only necessary to download the software for using “Zoom”.

What data is processed? Various types of data are processed when using “Zoom”. The scope of the data also depends on the data you provide before or when participating in an “online meeting”.

The following personal data are subject to processing:

  • User details: first name, last name, telephone (optional), e-mail address, password (if “single sign-on” is not used), profile picture (optional), department (optional).
  • Meeting metadata: Topic, description (optional), participant IP addresses, device/hardware information.For recordings (optional):
  • MP4 file of all video, audio and presentation recordings, M4A file of all audio recordings, text file of the online meeting chat.
  • For dial-in with the telephone: information on the incoming and outgoing call number, country name, start and end time. If necessary, further connection data such as the IP address of the device can be stored.
  • Text, audio and video data: You may have the opportunity to use the chat, question or survey functions in an “online meeting”. In this respect, the text entries you make are processed in order to display them in the “online meeting” and, if necessary, to record them. In order to enable the display of video and the playback of audio, the data from the microphone of your terminal device and from any video camera of the terminal device are processed accordingly for the duration of the meeting. You can switch off or mute the camera or microphone yourself at any time via the “Zoom” applications. To participate in an “online meeting” or to enter the “meeting room”, you must at least provide information about your name.
  • Scope of processing: If we want to record “online meetings”, we will transparently inform you in advance and – if necessary – ask for consent.

If it is necessary for the purposes of logging the outcomes of an online meeting, we will log the chat content. However, this will not usually be the case.

In the case of webinars, we may also process questions asked by webinar participants for the purposes of recording and following up webinars.

If you are registered as a user at “Zoom”, reports on “online meetings” (meeting metadata, telephone dial-in data, questions and answers in webinars, survey function in webinars) may be stored at “Zoom” for up to one month.

Automated decision-making within the meaning of Art. 22 DSGVO is not used.

Legal basis for data processing: As the use of “Zoom” is an elementary component in the implementation of online meetings, Art. 6 para. 1 lit. f) DSGVO is the legal basis for data processing. In these cases, our interest is in the effective implementation of “online meetings”. For the rest, the legal basis for data processing when conducting “online meetings” is Art. 6 para. 1 lit. b) DSGVO, insofar as the meetings are conducted in the context of contractual relationships.

Recipients / disclosure of data: Personal data processed in connection with participation in “online meetings” will not be passed on to third parties as a matter of principle, unless they are specifically intended to be passed on. Please note that the content of “online meetings”, as well as personal meetings, is often used to communicate information with customers, interested parties or third parties and is therefore intended to be passed on.

Other recipients: The provider of “Zoom” necessarily receives knowledge of the above-mentioned data insofar as this is provided for in the context of our order processing agreement with “Zoom”.

Data processing outside the European Union: “Zoom” is a service provided by a provider from the USA. A processing of personal data therefore also takes place in a third country. We have concluded an order processing agreement with the provider of “Zoom” which complies with the requirements of Art. 28 DSGVO. An appropriate level of data protection is guaranteed by the conclusion of the so-called EU standard contractual clauses.

b. Conceptboard 

The Conceptboard software from Digital Republic Media Group GmbH (Mansfelder Str. 56, 06108 Halle (Saale)) will be used for virtual collaboration between distributed teams. Registration on the online whiteboard is not required. The software can be used without registration and without specifying a clear name. Collaboration in Conceptboard takes place on interactive workspaces (the “boards”). Users can transfer data to these boards. When a user shares a board with other users, some of that data (e.g., usernames, optional profile pictures, contributed content, information about times of contribution) is also shared to enable collaboration. Conceptboard’s privacy policy ( applies regardless of the notices given above.

14. How can you exercise you data privacy rights?

If you have any questions about the processing of your personal data by us, we will gladly provide information about the data concerning you (Article 15 GDPR).

Given fulfilment of the legal prerequisites, you also have a right to rectification (Article 16 GDPR), deletion (Article 17 GDPR), restriction of processing (Article 18 GDPR), objection to processing (Article 21 GDPR) and data portability (Article 20 GDPR).

In all such cases, please contact our data protection officer (see Item 3 above) at the specified communication addresses.

Finally, you have the right to appeal to a competent data protection supervisory authority (Article 77 GDPR, §19 federal data protection act).

15. Amendments

From time to time, it is necessary to adapt the contents of this data privacy statement. We therefore reserve the right to perform such amendments at any time. We also publish the data privacy statement’s amended version here. When revisiting us, you should therefore read this data privacy statement again.

Valid as of: May 2021