DATA PRIVACY STATEMENT

When you visit and use this website, your personal data is processed by us in our capacity as the controller (party responsible for data processing) and stored for the period necessary to comply with specified purposes and statutory requirements. We should like to inform you in this document about what data is involved, how it is processed and what rights you have in this regard.

Personal data as defined in Art. 4 No. 1 of the General Data Protection Regulation (GDPR) is all information that relates to an identified or identifiable natural person.

1. Name and contact details of the controller (party responsible for data processing)

This Data Protection Statement applies to data processing on the website – online-print-symposium.de/en – by the following controller:

zipcon consulting GmbH
Am Buchenhain 4
45239 Essen
Germany

E-Mail: [email protected]
Telefon: +49-201-81175-0
Fax: +49-201-81175-22

(hereafter referred to as OPS)

2. Processing of personal data and the purposes of data processing

a) When visiting the website

You can access the website, online-print-symposium.de/en without having to disclose details about your identity. The browser used on your terminal device automatically sends information (e.g. browser type and version, date and time of visit) only to the server hosting our website.

This also includes the IP address of your requesting terminal device. This address is temporarily stored in a so-called logfile and automatically deleted after 14 days.

The IP address is processed for technical and administrative connection set-up and stability purposes in order to guarantee the security and functionality of our website and to be able to track any illegal attacks against it, if necessary.

The legal basis for processing the IP address is Art. 6 Par. 1 S. 1 lit. f of the GDPR. Our legitimate interest is based on our above-mentioned interest in ensuring the security of and on the necessity of providing failure-free access to our website.

We cannot directly infer anything about your identity from processing your IP address and other information in the logfile.

Furthermore we utilize cookies and analysis services during your visit to our website. You can find more detailed explanations about these in Items 4 and 5 of this Data Protection Statement.

b) When registering for the event and information about future events

We collect the following compulsory information from you when you register for the Online Print Symposium at our website:

  • Company;
  • Name (Surname, First Name);
  • E-Mail-Adress;
  • Adress (Street Name and Number, Place, Postal Code, Country)
  • Telephone Number
  • Status as a Representative of the Media

The provision of other information is voluntary.

The data mentioned above is processed based on Art. 6 Par. 1 S. 1 lit. b of the GDPR, where this is required to meet the terms of the contract with you or to provide the pre-contractual services requested by you. We process your voluntary information on the basis of our legitimate interest in the effective conclusion of a contract in accordance with Art. 6 (1) p. 1 lit. f DSGVO.

The data mentioned above is processed accordingly, in particular

  • to know who our contractual partner is;
  • to calculate the participation fee (reduced participation fee for members);
  • to check the plausibility of the data submitted and your eligibility as an entrepreneur;
  • to contact you, if necessary, if any issues need to be clarified and

Provided you have not objected to its use, we use your e-mail address to inform you about future online print events that we organize. We base the processing on our legitimate interest in sending information about similar events according to Art. 6 para. 1 p. 1 lit. f DSGVO. You can object to such use of your e-mail address in the future at any time by contacting us at [email protected]. You can find more information under point 10.

Your data will be deleted when the purpose ceases to exist.

c) Participation in the Community Tool

We offer you the opportunity to digitally exchange information with other participants via a community tool before the event. As soon as you are a participant in the Community Tool, your information will also be visible to other participants.

If you wish to participate in the Community Tool voluntarily, the data you collected for registration will be forwarded to the Community Tool. You also have the option of adding further information.

The data processing is based on Art. 6 para. 1 p. 1 lit. f DSGVO. We have a legitimate interest in providing you with a digital exchange opportunity with other participants.

To provide our community tool, we use the Congreet service of A4Q Global Services GmbH, Keltenring 15, 82041 Oberhaching.

Your data will be deleted when the purpose ceases to exist.

3. Disclosure of personal data

3a. Disclosure of personal data

Provided this is legally permitted and required as per Art. 6 Par. 1 S. 1 lit. b of the GDPR for the handling of the contractual relationship with you or as per Art. 6 Par. 1 S. 1 lit. f of the GDPR to enable us to protect our interests or those of third parties, your personal data is disclosed to third parties. This includes in particular

  • the disclosure of your registration details to our ticket store service provider, doo GmbH, St.-Martin-Str. 58-68, 81541 Munich, Germany for the purposes of online registration and payment processing;
  • the disclosure of your registration details to the other event organizers, Bundesverband Druck und Medien e.V., Friedrichstraße 194-199, 10117 Berlin, Germany for the purposes of event planning and execution as well as
  • the disclosure of your data to enable us to exercise our rights, in particular to enforce any claims arising out of this contractual relationship with you as well as
  • the disclosure of your name and contact details to our partner exhibitors for networking purposes after the event. The Online Print Symposium also specifically involves an online print industry networking event. Our partner exhibitors accordingly have a legitimate interest in the disclosure of your data, which is based on an interest in establishing contact at the OPS and remaining in contact with you after the event as well as expanding the professional network associated with the Online Print Symposium. Should you not wish your data to be disclosed to our partner exhibitors for networking purposes, you can notify us of such at the following e-mail address: [email protected]. Your right to object as per Item 9 remains unaffected.

The data disclosed to third parties may only be used by those third parties for the purposes specified.

Your first and last name and your function will be listed on participant lists of the event, which will be issued to other participants upon request. This data processing serves the networking of the participants and therefore the fulfillment of the contract for participation in the event and is based on Art. 6 para. 1 sentence 1 b) DSGVO.

3b. Transfer to third countries

A transfer of personal data to third countries will only take place if the requirements of Art. 44 ff. DSGVO are given.

A third country is defined as a country outside the European Economic Area (EEA) in which the DSGVO is not directly applicable. A third country is deemed to be insecure if the EU Commission has not issued an adequacy finding for this country in accordance with Art. 45 (1) DSGVO, confirming that adequate protection for personal data exists in the country.

With the ECJ ruling of 16 July 2020 (C-311/18), the (partial) adequacy decision for the USA, the so-called privacy shield, was declared null and void. The USA is thus a so-called unsafe third country. This means that the USA does not offer a level of data protection comparable to that in the EU. The following risks exist when personal data is transferred to the USA. There is a risk that U.S. authorities may gain access to personal data on the basis of the PRISM and UPSTREAM surveillance programs based on Section 702 of the FISA (Foreign Intelligence Surveillance Act), as well as on the basis of Executive Order 12333 or the Presidential Police Directive 28. EU citizens are not entitled to effective legal protection in the USA or the EU against such access.

We will inform you in this privacy information when and how we transfer personal data to the USA or other unsafe third countries. We will only transfer your personal data if
– the recipient provides sufficient guarantees in accordance with Art. 46 DSGVO for the protection of personal data,
– you have expressly consented to the transmission, after we have informed you of the risks, in accordance with Art. 49 para. 1 letter a) DSGVO,
– the transmission is necessary for the fulfilment of contractual obligations between you and us
– or another exception from Art. 49 DSGVO applies.
Guarantees under Art. 46 DSGVO can be so-called standard contract clauses. In these standard contractual clauses, the recipient assures to protect the data sufficiently and thus to guarantee a level of protection comparable to the DSGVO. We have previously assured ourselves that the recipient can also fulfill the agreed guarantees.

3c. Other transfer of data

Personal data may be disclosed at most if there is a statutory obligation of disclosure in accordance with Art. 6 Par. 1 S. 1 lit. c of the GDPR.

4. Cookies

We use cookies and other functions such as pixel tags or similar on our site (hereinafter: cookies). These are small alphanumeric files that your browser automatically generates and that are saved on your terminal device (laptop, tablet, smartphone or similar) when you visit our website. Cookies do not damage your terminal device and do not contain viruses, trojans or other malware.

Cookies store information, which is of relevance to us in terms of what specific terminal device you use to visit our website. However this does not mean that we gain immediate knowledge of your identity.

On the one hand cookies are used for the purposes of making our website more convenient for you to use. We therefore use so-called session cookies, which enable us to detect that you have already visited certain pages at our site.

Furthermore we also use temporary cookies to enhance the user friendliness of our website and these cookies are stored on your terminal device for a specified period. If you revisit our site in order to make use of our services, these cookies enable us to recognize automatically that you have already visited, as well as tell us what data you have input and what your settings are, so that you do not have to re-input this information.

On the other hand we use cookies to collect statistics on the use of our website and to analyze these statistics for the purposes of enhancing our offering (see Item 5). When you revisit our website, these cookies enable us to recognize automatically that you have already visited. These cookies are automatically deleted after a specified time period.

We only use cookies to the extent that you have consented to them via our cookie management tool. We use cookies that are technically necessary for the provision of a service requested by you without requiring your consent. We process the data processed by cookies on the basis of your consent in accordance with Art. 6 para. 1 letter a DSGVO or on the basis of our legitimate interests in accordance with Art. 6 para. 1 letter f DSGVO. The purposes mentioned in this paragraph are necessary to protect our legitimate interests.

You can withdraw your consent for the future at any time using our cookie management tool or change your settings.

As a cookie management tool, we use the consent management service of Borlabs, Benjamin A. on our website. Bornschein, Rübenkamp 32, 22305 Hamburg, Germany (hereinafter referred to as Borlabs). In this context, the date and time of the visit, browser information, consent information, device information and the anonymized IP address of the requesting device are processed. The legal basis for this is Art. 6 para. 1 lit. f DSGVO. The obtaining and administration of legally required consents is to be regarded as a legitimate interest within the meaning of the aforementioned provision. The revocation of a previously granted consent is stored for the duration of 1 year.

5. Web analysis: Google Analytics

On our website we use Google Analytics, a web analysis service provided by Google LLC (1600 Amphitheatre Parkway, Mountain View, CA 94043, USA; hereafter referred to as “Google”). As part of this process pseudonymized usage profiles are generated and cookies (cf. Item 4) are used. The information generated by the cookie about your use of this website, such as

  • browser typ/version,
  • operating system used,
  • referrer URL (the website visited prior to ours),
  • hostname of the accessing computer (IP address),
  • time of the server request,

is transmitted to and stored on a Google server in the USA. We have concluded a contract data processing agreement with Google covering the use of Google Analytics. By signing this agreement, Google undertakes to process data in accordance with the General Data Protection Regulation and to ensure that the rights of data subjects are protected.

This information is used to analyze use of this website and to compile reports on website activity and to provide other services relating to website activity and Internet usage for the purposes of market research and appropriate website design.

Google may also disclose this information to third parties, provided it is required to do so by law or in cases where Google commissions third parties to process this data. Google will definitely not match your IP address to any other personal data of yours that it holds. IP addresses are anonymized, meaning any match to a data subject’s identity is not possible (IP masking).

You can obtain further information about data protection in relation to Google Analytics at Google Analytics Support.

Google transfers data to servers in the USA and processes it there. The USA is an insecure third country. The transmitted data are only pseudonyms, a conclusion on your name is not possible. We have concluded a contract with Google for the processing of your data, including the EU standard contract clauses. This guarantees a level of protection comparable to that in the EU (see also point 3 b for data transfer to the USA).

6. Cloudflare

We use on our Website the service Cloudflare, the Cloudflare Inc, 101 Townsend pc., San Francisco, CA 94197, USA (in the following: Cloudflare) in order to make the Website faster and safer. Cloudflare uses Cookies and processes visitor data. We use Cloudflare to recognize malicious visitors to our website and to minimize the blocking of legitimate users. To do this, cookies are placed on end users’ devices to identify individual clients behind a common IP address and apply security settings on a per-client basis. To do this, Cloudflare stores and processes the IP address. The IP address is pseudonymized, converted into a hash value and stored for 30 days.

The data is stored on servers in the EU and the USA. The USA is an insecure third country. The transmitted data are only pseudonyms, a conclusion on your name is not possible. We have concluded an order processing contract with Cloudflare, including the EU standard contract clauses. This guarantees a level of protection comparable to that in the EU (for data transfer to the USA see also point 3 b).

The service of Cloudflare is technically necessary for the secure provision of our website. We process your data on the basis of our legitimate interests in fraud prevention as described in this paragraph in accordance with Art. 6 para. 1 lit. f DSGVO.

7. Youtube

Based on consent provided in accordance with Art. 6 Par. 1 S. 1 lit. a of the GDPR, we incorporate components (videos) from YouTube, LLC 901 Cherry Ave., 94066 San Bruno, CA, USA (hereafter referred to as “YouTube”), a company owned by Google LLC., Amphitheatre Parkway, Mountain View, CA 94043, USA, (hereafter referred to as “Google”), on our website. You can give us this consent via the Consent Management Tool and revoke it for the future at any time.

Here we use the “Extended Privacy Mode” option provided by YouTube.

Every time you access a page on this website that features an embedded video, a direct link is established to the YouTube servers and the content of the video is displayed on the website by means of a notification to your browser.

According to YouTube, “Extended Privacy Mode” means that your data – in particular which of our websites you have visited as well as terminal device-specific information, including your IP address, – is only transferred to the YouTube servers in the USA if you watch the video. By clicking on the video you are consenting to this transfer of data.

If you are logged into YouTube at the same time, this information is matched to your YouTube membership account. You can prevent this by logging out of your account before you visit our website.

You can obtain further information about data protection in relation to YouTube in Google’s Privacy Policy.

Google transfers data to servers in the USA and processes it there. The USA is an insecure third country. The transmitted data are only pseudonyms, a conclusion on your name is not possible. We have concluded a contract with Google for the processing of your data, including the EU standard contract clauses. This guarantees a level of protection comparable to that in the EU (see also point 3 b for data transfer to the USA).

8. Google Maps

We use on our website for the display of an interactive map based on your consent pursuant to Art. 6 para. 1 lit. a DSGVO the offer of Google Maps of Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA (hereinafter referred to as “Google”). You can revoke your consent for the future at any time using the Consent Management Tool. Due to the implementation, Google collects device-related information, log data including the IP address and location-related information. The personal data collected by Google is transferred to a Google server in the USA and stored there. The USA are so-called unsafe third countries (see also point 3b). This means that no level of data protection is guaranteed in the USA that is comparable to that in the EU. We have concluded a contract with Google that includes the EU standard contract clauses. This guarantees a level of protection comparable to that in the EU (see also Section 3 b) for data transfer to the USA).

Google uses the personal data to evaluate the use of the website, to compile reports on the website activities and to provide further services associated with the use of the website and the Internet for the purposes of market research and the design of these Internet pages in line with requirements. Google may also transfer this information to third parties if required by law or if third parties process this data on our behalf. Further information on data protection in connection with Google Maps can be found in the Google data protection declaration.

9. LinkedIn Insight Tag

Our website uses the “LinkedIn Insight Tag” conversion tool from LinkedIn Ireland Unlimited Company. This tool creates a cookie in your web browser that enables the collection of the following data, among others: IP address, device and browser characteristics and page events (e.g. page views). This data is encrypted, anonymized within seven days and the anonymized data is deleted within 90 days. LinkedIn does not share any personal data with zipcon consulting GmbH, but offers anonymized reports on the website target group and display performance. In addition, LinkedIn offers the possibility of retargeting via the Insight Tag. zipcon consulting GmbH can use this data to display targeted advertising outside its website without identifying you as a website visitor. You can find more information on data protection at LinkedIn in the LinkedIn privacy policy: https://www.linkedin.com/legal/privacy-policy.

LinkedIn members can control the use of their personal data for advertising purposes in their account settings. To deactivate the Insight tag on our website (“opt-out”), click here: https://www.linkedin.com/psettings/guest-controls/retargeting-opt-out.

10. Data subject rights

You have the right:

  • as per Art. 7 Par. 3 of the GDPR to withdraw the consent you have provided us with at any time. That means that we are no longer permitted in future to continue to process any data covered by this consent;
  • as per Art. 15 of the GDPR to request information from us about the personal data of yours that we process. In particular you can request information about the purposes of processing your data, the categories of personal data involved, the categories of recipients to whom your data has been or will be disclosed, the envisaged storage or retention period, the existence of a right of rectification, deletion, restriction on processing or of objection, the existence of a right of complaint, the source of your data where this data has not been collected by us, as well as the existence of an automated decision-making process, including profiling and where appropriate, meaningful detailed information about the above;
  • as per Art. 16 of the GDPR to request the rectification of any incorrect or the completion of any incomplete personal data of yours that we have stored;
  • as per Art. 17 of the GDPR to request the deletion of personal data of yours that we have stored, provided processing of that data is not required for the exercising of the right of freedom of expression and information, for meeting a legal obligation, on the grounds of public interest or for the establishment, exercising or defence of legal claims;
  • as per Art. 18 of the GDPR to request a restriction on the processing of your personal data, if you dispute the accuracy of that data, if processing is unlawful and if we no longer require your data, but you object to its deletion, because you require it for the exercise or defence of legal claims or if you have objected to the processing of your data as per Art. 21 of the GDPR;
  • as per Art. 20 of the GDPR to request receipt of the personal data that you have provided us with in a structured, commonly used and machine-readable format or transfer of your personal data to another controller (party responsible for data processing) and
  • as per Art. 77 of the GDPR to lodge a complaint with a supervisory authority. As a rule you can contact the supervisory authority in your usual place of residence or place of work or in the city where our company is based.

11. Information about your right to object as per Art. 21 of the GDPR

You have the right to object, on grounds relating to your specific circumstances, at any time to the processing of your personal data, based on Art. 6 Par. 1 lit. e of the GDPR (data processing in the public interest) and Art. 6 Par. 1 lit. f of the GDPR (data processing based on a balancing of interests); this also applies to profiling based on this clause as defined in Art. 4 No. 4 of the GDPR.

Should you object, we will no longer process your personal data, unless we can demonstrate compelling, legitimate reasons that override your interests, rights and freedoms or that serve the establishment, exercising or defence of legal claims.

If you object to your personal data being processed for direct marketing purposes, we shall cease to process your data immediately. In this case you do not need to give a specific reason. This also applies to profiling, to the extent that this is related to direct marketing.

If you wish to exercise your right to object, all you need to do is send an e-mail to [email protected]

12. Data security

All data provided by you personally is transmitted in encrypted format using the commonly used, secure TLS (Transport Layer Security) standard. TLS is a secure, proven standard, which is also used in online banking, for example. You can identify a secure TLS connection by, for example, the suffix “s” on the end of http (i.e. https://..) in the address bar of your browser or by the padlock symbol in the lower section of your browser.

We also employ appropriate technical and organizational security measures to protect your data against accidental or deliberate manipulation, partial or complete loss, destruction or against unauthorized access by third parties. Our security measures are continuously improved in line with technological progress.

13. Up-to-dateness and amendment of this Data Protection Statement

This Data Protection Statement is currently valid and is dated August 2023.

As a result of enhancing our website and offerings or of changes to statutory or official regulations, it may be necessary to amend this Data Protection Statement. You can access the up-to-date Data Protection Statement on our website at

https://online-print-symposium.de/en/data-privacy/

and then print it out.