Privacy Policy

Privacy Policy Project A Knowledge Conference 2023

Prologue

The Project A Knowledge Conference 2023 is co-organised by Project A Services Gmbh & Co. KG and Project A Ventures Management GmbH.

With this privacy statement, we inform you how personal data is collected, processed and used when you visit our website, when you apply, register for, and attend the Project A Knowledge Conference 2023 and how we use the data in connection with the event and afterwards.

For information on the data processing in connection with the Project A website (www.project-a.com), please refer to the Project A website privacy policy.

1. Contact

The person responsible within the meaning of the EU General Data Protection Regulation (GDPR) for the collection, processing and use of personal data of event participants (hereinafter “you”) in connection with the registration, execution, and documentation of the Project A Knowledge Conference 2023 (hereinafter "Knowledge Conference") is Project A Services GmbH & Co. KG, Julie-Wolfthorn-Straße 1, 10115 Berlin, Germany (hereinafter: "Project A" or "we"). If you have any questions regarding the registration and execution of the event, including the relevant data processing, please contact knowledge-conference@project-a.com at any time.

If you have any questions or suggestions regarding data protection, please do not hesitate to contact us. You are welcome to address your data protection concerns by e-mail to dataprotection@project-a.com. You can find our complete contact details at https://www.project-a.com/imprint.

2. Data processing in connection with the Project A Knowledge Conference website

Visiting the site

In principle, it is possible to visit our website without providing additional personal data. Personal data is only collected if this is necessary for technical reasons to use our website or if you use certain functions or services offered on our website, e.g. the application form. The following access data are automatically recorded every time our website is accessed:

  • date and time of access
  • name of the file requested
  • website from which the file was requested
  • access status (e.g. file transferred, file not found)
  • your web browser and your device’s operating system
  • the IP address of the requesting device

It is necessary to process this data to make it possible to visit the website and to guarantee the long-term functionality, availability and security of our systems. The legal basis for this data processing is Art. 6(1) lit b GDPR.

For the purposes described above, the access data specified is also temporarily stored in internal log files in order to generate statistical data on the use of our website, to further develop our website with regard to the usage habits of our visitors (e.g. if the proportion of mobile devices with which the pages are accessed increases) and for the general administrative maintenance of our website. The legal basis for this data processing is Art. 6(1) lit. f GDPR, based on our legitimate interest in appropriately optimising our website.

The information stored in the log files does not allow any conclusions about your person and we only store IP addresses in the log files in shortened, anonymised form. 

Webflow

We use the external service provider Webflow (Webflow Inc., 398 11th Street, 2nd Floor, 94103 San Francisco, CA, USA) to build and host our website. We do not use Webflow, nor have we instructed Webflow, to collect, analyse or process user data. We have nonetheless concluded a data processing agreement with Webflow, Inc., pursuant to Art. 28 GDPR, to ensure that Webflow processes any data in accordance with our instructions and the European data protection principles. If Webflow transfers data to companies outside Europe (e.g. to the USA), Webflow has taken contractual and technical  precautions to ensure compliance with the European data protection principles. However, when personal data is processed outside Europe, it may in individual cases be the case that the rights of EU citizens cannot or cannot fully be enforced. 

Youtube

We have embedded links to videos on our website that are stored on YouTube and can be played by clicking on the links that lead you to youtube.com. The legal basis for integrating YouTube and the associated data processing is Art. 6(1) lit.f GDPR, based on our legitimate interest in integrating video and visual content to make our website more attractive. YouTube is a service provided by YouTube LLC, 901 Cherry Ave., San Bruno, CA 94066, USA (“YouTube”), which is provided by Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland ("Google") for users from the European Economic Area, Switzerland and Liechtenstein and by Google LLC 1600 Amphitheatre Parkway Mountain View, CA 94043, USA for all other users. When you visit subpages on which YouTube videos are embedded, Google receives the information that you have retrieved from the corresponding subpage of our website. This happens regardless of whether you are logged in to Google or a YouTube account or not. If you are logged in, the information that you played the video will be directly assigned to your Google and YouTube accounts. If you do not want this to happen, you will need to log out before playing the video. Google stores your data and may use it for purposes of advertising, market research and the demand-oriented design of its own websites. Such an evaluation even occurs for users who are not logged in. You can configure your browser to refuse the storage of cookies as described above, or you can prevent the recording of data generated by cookies and relating to your use of this website and the processing of this data by Google by disabling the "Ads Personalisation" button in Google’s Ads Settings. In this case, Google will then also only display general advertising in connection with YouTube, which has not been selected based on information collected about you. If Google transfers data to companies outside Europe (e.g. to the USA), Google has taken contractual precautions to ensure compliance with the European data protection principles. However, when personal data is processed outside Europe, it may in individual cases be the case that the rights of EU citizens cannot or cannot fully be enforced, e.g. when US security authorities store and analyse data.

3. Cookies and usage analysis

3.1 General use of cookies and comparable technologies

When you visit and use our website, a variety of cookies and comparable technologies (e.g. storage of data in the local memory of your device, so-called local storage technology or counting pixels, which serve to (temporarily) store information on specific users or usage processes) are used. Cookies are small text files stored in your web browser’s memory that contain information that can be used to recognise you when you visit web servers later on. Cookies cannot execute any programs or transfer viruses to your computer. For reasons of readability for cookies and the comparable technologies mentioned, the term "cookies" is used in the following.

In the following, we list the cookies we use by category, informing you in particular about the providers of the cookies, the storage period and the transfer of data to third parties. We also explain in which cases we obtain your voluntary consent to use the cookies and how you can revoke this consent.

Legal basis. We use cookies necessary for our website’s operation and  its base functions based on our legitimate interest pursuant to Art. 6(1) lit. f GDPR to enable you to use our website more conveniently and to make its use as time-saving as possible. In certain cases, these cookies may also be necessary for the fulfillment of a contract or for the implementation of pre-contractual measures, in which case the processing is carried out in accordance with Art. 6(1) lit. b GDPR. Access to and storage of information in your device (e.g. your smartphone or desktop computer) is absolutely necessary in these cases and takes place on the basis of the implementation laws of the ePrivacy Directive of the EU member states, in Germany according to § 25(2) TTDSG.

All other cookies, in particular those for marketing purposes and optional tools as well as additional functions of our website, we use on the basis of your consent pursuant to Art. 6(1) lit. a GDPR. Access to and storage of information in your device then takes place on the basis of the implementation laws of the ePrivacy Directive of the EU member states, in Germany in accordance with § 25(1) TTDSG. Data processing with the help of these cookies only takes place if we have received your consent for this in advance.

If personal data is transferred to third countries outside Europe, we refer you to section 7 ("Data transfer to third countries"), also with regard to the possible associated risks. We will inform you if we have concluded standard contractual clauses or other guarantees with the providers of certain cookies and tools. If you have given your consent to use optional cookies, we (also) transfer the data processed to third countries on the basis of this consent (Art. 49(1) lit. a GDPR). You can revoke your consent by changing the cookie settings and declining all optional cookies via the cookie settings at the bottom of this page.

Necessary cookies. We use certain cookies to enable the basic functions of our website ("necessary Cookies "). Without these cookies, we would not be able to provide our website. Therefore, necessary cookies are used without your consent in accordance with § 25(2) TTDSG and based on our legitimate interests according to Art. 6(1) lit. f GDPR or to fulfil a contract or to perform pre-contractual measures according to Art. 6(1) lit. b GDPR.

We use such cookies in particular:

  • to note that information placed on our website has been displayed to you so that it will not be displayed again the next time you visit the website.

You can prevent the storage of cookies by adjusting your browser settings to disable the acceptance of cookies via this website. If you do not accept cookies, however, this may in some cases lead to considerable functional restrictions on our website.

Analysis Cookies. Other optional cookies are used to analyse the use of our websites for statistical purposes. This enables us to find out, for example, which type of device was used to access our websites and how the use was made. This enables us to adjust the pages and the layout and the individual page elements to the most important browser types and end devices and to adapt them to actual usage habits. We only use these analysis cookies if you agree to this use via our cookie banner. The legal basis for the data processing in connection with the analysis cookies is your consent Art. 6 (1) lit. a DSGVO. You can revoke your consent by calling up the cookie settings and declining all optional cookies via the cookie settings adjustment button at the bottom of the page.

Marketing cookies. We also use cookies for advertising purposes when we use techniques to display ads or references to our job advertisements on other pages and, for example, in social networks for users who have already visited our website (so-called retargeting). We also only use these marketing cookies if you agree to this use via our cookie banner. The legal basis for the data processing in connection with the marketing cookies is your consent, Art. 6 (1) lit. a DSGVO (and according to § 25(1) TTDSG). You can revoke your consent by calling up the cookie settings and changing the corresponding selection there. 

3.2. Specific Tools and external cookies

Google Analytics

Our website uses the web analytics service Google Analytics, which is offered for users from the European Economic Area, Switzerland and Liechtenstein by Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland ("Google") and for all other users by Google LLC, 1600 Amphitheatre Parkway Mountain View, CA 94043, USA. Google Analytics uses analysis cookies (including JavaScript and Pixel technologies) to access information in your device and store Cookies and information on your device when you visit our website. This is used to analyse your usage behaviour in form of pseudonymous user profiles. We will process the information obtained to evaluate your use of the website and to compile reports on website activities for the website operators. The data generated in this context may be transferred by Google to a server in the USA for evaluation and stored there. Your IP address is anonymised beforehand.

We have made the following data protection settings for Google Analytics:

  • IP anonymisation (truncation of the IP address before evaluation);
  • Automatic deletion of old logs / limitation of the storage period;
  • Deactivated advertising function (including target group remarketing by GA Audience);
  • Disabled remarketing;
  • Disabled cross-device and cross-page tracking;
  • Disabled data sharing with other Google products and services; Benchmarking, technical support, account manager.

The following data is processed by Google Analytics:

  • IP address;
  • Referrer URL (previously visited page);
  • Pages accessed (date, time, URL, title, duration of visit);
  • Downloaded files;
  • Clicked links to other websites;
  • Achievement of specific goals (conversions), if applicable;
  • Technical information: Operating system; Browser type, version and language; Device type, brand, model and resolution;
  • Approximate location (country and city, if applicable, based on anonymised IP address).

We have concluded a data processing agreement with Google Ireland Limited for the use of Google Analytics. In the event that Google Ireland Limited transfers personal data to the USA, Google Ireland Limited und Google LLC have contractually agreed to observe the European data protection principles (standard contractual clauses). However, in the case of data processing outside of Europe, it may in individual cases be the case that the rights of EU citizens cannot or cannot fully be enforced, e.g. if US security authorities store and analyse data. Data transfer to the USA is only carried out if you have agreed to the use of Google Analytics within the framework of our cookie banner. You can revoke your consent at any time by deactivating the web analysis by Google via the cookie settings at the bottom of this page. For further information, please refer to the Google Analytics privacy policy.

Google Tag Manager

Our website uses Google Tag Manager, a service, which is offered for users from the European Economic Area, Switzerland and Liechtenstein by Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland ("Google") and for all other users by Google LLC, 1600 Amphitheatre Parkway Mountain View, CA 94043, USA. The Google Tag Manager is used to manage tracking tools and other services, so-called website tags. A tag is an element that is stored in the source code of our website, for example, to record predefined usage data. The Google Tag Manager works without the use of cookies. The Google Tag Manager ensures that the usage data required by our partners (cf. the data processing procedures described above) is forwarded to them. The Google Tag Manager itself does not collect any personal data itself. The tool ensures that other tags are triggered, which in turn may collect data and which are further explained in this privacy notice. If no consent is given to the use of the analysis and marketing cookies, no data will be processed in connection with the Tag Manager. You can also read more about the Tag Manager in Google's Tag Manager information. The use of the Tag Manager is technically necessary.

4. Data processing in connection with the Project A Knowledge Conference

4.1 Application & Registration

To apply and register for the Project A Knowledge Conference, we collect various personal data. Usually, these are title, surname, first name, position, company and seniority level, functional area as well as contact data (e.g. e-mail address, LinkedIn profile). This data is referred to in the following as "participant data". We collect the participant data as part of the application process. Mandatory data are marked as such. We use your participant data to plan and organize the event (e.g. to the expected number of participants), invite you and to contact you in the course of communication if necessary. The legal basis for this data processing is Art. 6 para. 1 lit. b GDPR. We also collect information regarding your interest in networking at the Project A Knowledge Conference to understand what participants will expect from this year’s Project A Knowledge Conference, improve the overall efficiency and experience of networking at the event and allow interested parties (us or partners of the event) to contact interested participants. You may also have the option of providing further information when registering (e.g. details of interests and wishes with which you can provide us with further details on your planned participation in the event). These data are summarised below as "voluntary data". We would like to meet your needs about your participation in the Project A Knowledge Conference as best as possible and adapt our event optimally to the interests of the participants. The legal basis for this data processing is Art. 6 para. 1 lit. f GDPR, based on our common interest in an event that is as closely related as possible to the interests of the participants. We store the above-mentioned data in our contact database for future contact maintenance (see also Section 2.6 and 2.7) in connection with your existing data, if applicable.

Tally. We use the external service Tally (BV) (Muidepoort 19/ A, 9000, Gent, Belgium) for our registration form. As a European Service Provider, Tally adheres to the GDPR and the European data protection principles. 

Make. We use the external service Make from Celonis SE (Theresienstr. 6, 80333 München, Deutschland) to connect several of our tools and services. As a European Service Provider, Celonis adheres to the GDPR and the European data protection principles. 

Eventbrite. We use the external service provider Eventbrite (Eventbrite Inc., 535 Mission Street, 8th Floor, 94105 San Francisco, CA, USA) for the onsite registration system and the payment for onsite tickets. We have concluded a data processing agreement with Eventbrite, Inc., pursuant to Art. 28 GDPR, to ensure that Eventbrite processes the data in accordance with our instructions and the European data protection principles. If Eventbrite transfers data to companies outside Europe (e.g. to the USA), Eventbrite has taken contractual precautions to ensure compliance with the European data protection principles. However, when personal data is processed outside Europe, it may in individual cases be the case that the rights of EU citizens cannot or cannot fully be enforced. You can revoke consent and withdraw your registration at any time.

Botswerk BV. We use the external service Botswerk BV (Van Randwijcklaan 105M, 3814AG Amersfoort, Netherlands. 6) to print the attendee badges onsite. As a European Service Provider, Botswerk BV adheres to the GDPR and the European data protection principles.

Mailjet. We use the external service provider Mailjet (Mailjet SAS, 30 Rue Blondel, 75002 Paris, France) to send you E-mails for the registration for the event and, if you decide to subscribe to them, for sending our newsletters and managing our subscriptions. As a European Service Provider, Mailjet adheres to the GDPR and the European data protection principles. 

In our newsletters, we use market-standard technologies to allow us to measure interactions with the email (e.g. opening of the email, which links are clicked on). We use this data for general statistical evaluations as well as to optimise and further develop our content and customer communication. This is done with the help of small graphics (pixels) embedded in the emails. The data is collected in pseudonymous form only and not linked to your other personal data. The legal basis for this is our aforementioned legitimate interest pursuant to Art. 6(1) lit. f GDPR. With our newsletters, our aim is to share content that is as relevant as possible for our users and to better understand what the readers are actually interested in. If you do not want your usage behaviour to be analysed in this way, you can unsubscribe from the newsletter at any time or disable the display of graphics in your email client by default. The data about how you interact with our newsletters is stored in pseudonymous form for 30 days before being completely anonymised.

4.2 Attendee list Project A Knowledge Knowledge Conference

We would like to give the Knowledge Conference partners access to the list of attendees to facilitate networking and to tailor the presentations and workshops to the audience. The legal basis for this data processing is Art. 6 para. 1 lit. b GDPR, i.e. we ask you in our registration form whether you consent to have your data shared with the Knowledge Conference parnters. Partners would also like to inform you by email about recruiting topics, other events as well as products, services, and programs for founders and digital businesses. The confirmed partners that will get access to the attendee list are:

Check our current list of partners and speakers here.

If you apply for the Knowledge Conference we will ask for your consent to pass your attendee data (name, e-mail, company, interests e.g. in funding or recruiting) to our partners. The legal basis for this data processing is Art. 6 para. 1 lit. a GDPR. You can revoke your consent at any time by unsubscribing from the event list or by sending an email to dataprotection@project-a.com.

4.3 Participation in the event

During the Project A Knowledge Conference, we may use your participant data for organizational reasons (to determine your attendance or to contact you). The legal basis for this data processing is Art. 6 para. 1 lit. b GDPR.

4.4 Recordings

Recordings (photo and video) will be made during the event. This includes stream recordings for the online part of the event and recordings made by photographers and camera teams for the on-site part. We would like to ensure the possibility of documenting the event for internal purposes or the purpose of external presentations.

We would like to use the images and recordings taken in the context of our external presentation on our website and in our social media profiles (Facebook Fanpage, Twitter, LinkedIn, Xing, YouTube) in connection with the documentation of the Project A Knowledge Conference. To do this, we first want to edit individual recordings (e.g. by selecting the image cut) and upload the edited recordings to the websites. The respective websites are freely accessible on the Internet and can therefore be accessed worldwide. The subpages of these websites, including any recordings, can be found via search engines. The providers of social media platforms process and use data that is posted on the platforms for their purposes if necessary. As soon as the content has been posted on the platforms, third parties (e.g. users of the platforms) can view, share, or download the content. In principle, recordings of speakers in the sessions will be published. Individual participants will only show up on the screen when they ask questions. Messages written to the chat will be shown to all speakers and participants in the session, with your name and title next to them, and might be read by the speaker during the session. There are also other networking features on the event platform, which allow you to interact with other participants, e.g. 1:1 video calls. These will also make your details available to other participants, but won’t be recorded or published.‍

You can contact us using the contact details given in section 1 and inform us that you wish to object to the use of the recordings on which you can be identified. The legal basis for this data processing is Art. 6 para. 1 lit. f GDPR, based on our legitimate interest in the documentation and advertising of our event as well as our external presentation. The recordings are usually published within a period of up to 48 months after the event.

4.5 Subsequent PAKCon updates

We will also use your participant data to provide you with further information on workshops, documents, or presentations from us or our speakers or further information on the Project A Knowledge Conference. The legal basis for this data processing is Art. 6 para. 1 lit. b GDPR.

4.6 Future PAKCon events

We store the fact that you attended the Project A Knowledge Conference this year in our contact database so that we can inform you by email about similar future events and the next Project A Knowledge Conference.‍

The legal basis for this data processing is Art. 6 para. 1 lit. f GDPR, based on our interest in advertising our future events. We store this data for the duration of our business relationship. If you do not wish to be contacted again, you have the right to object to this use of your data at any time. Please do not hesitate to contact us at any time using the contact details listed in section 1. You will also always find a link to unsubscribe in the emails.

4.7 Interview for recruitment purposes

When registering for the event we ask whether you are interested in being interviewed for a job with us or one of our ventures. If you have indicated that you would be interested, we may get in contact with you. We deploy the service provider Greenhouse Software, Inc., (18 West 18th Street, 11th Floor, New York, NY 10011 USA) during our recruitment process. The legal basis for this data processing is Art 6 para. 1 lit a GDPR. You can withdraw your consent at any time and request deletion of your data. Please do not hesitate to contact us at any time using the contact details listed in section 1.

The Project A Talent Acquisition team is onsite at the Project A Knowledge Conference and you can contact them and indicate your interest in being interviewed for a job with us or one of our ventures. You can also fill out a form and give them your contact details, so we may get in contact with you later. We use the service provider Typeform (see above) for the form and th legal basis for this data processing is Art 6 para. 1 lit b GDPR. If you decide to provide your contact details in this form onsite, our Talent Acquisition team will contact you within four weeks of filling out the form. If you no longer have interest in being interviewed for a job, your contact details will be deleted after those four weeks.

5. Links to other websites and online content

Our website may contain links to websites and online content of other providers not affiliated with us. If you activate these links, we naturally no longer have any influence on which data is collected by the respective providers and which data they record. For more detailed information on data collection and use, please refer to the privacy policies of the respective providers. Since the collection and processing of data by third parties is beyond our control, we cannot assume any responsibility for this.

6. Features from social networks

We maintain presences in the following social media networks:

6.1 Additional information on our Facebook fan page

If you visit our Facebook fan page, your data may also be processed in countries outside the European Union where the level of data protection is lower than in the European Union (e.g. the USA). We have contractually agreed with Facebook to comply with the European Data Protection Principles, in the case of data processing outside Europe. However, it may in individual cases be possible that the rights of EU citizens cannot be enforced or cannot be fully enforced, e.g. if US security authorities store and analyse data. Please therefore check carefully what personal information and messages you share on Facebook and, if in doubt, use other contact options offered by us to get in touch with us.

For more information on the type and scope of the statistics that we receive from Facebook about the visits and interactions with our fan page (so-called insights), please also see the Facebook information on page insights. Here you will also find a detailed description of the data that is processed when you visit the fan page to create these statistics (e.g. the content accessed, likes, subscriptions, recommendations and comments as well as clicks, mouse movements and date, time, Facebook user ID and demographic data. If you want to assert your rights against Facebook, you can use an online form from Facebook or contact us as mentioned above.

6.2 Additional information on our Twitter profile

We are responsible for our tweets and information shared by us. Twitter provides the technical platform and infrastructure for message exchange. If you communicate with us via Twitter and respond to our tweets, your data may also be processed in countries outside the European Union where the level of data protection is lower than in the European Union (e.g. in the USA). We have contractually agreed with Twitter to respect the European data protection principles. However, when data is processed outside Europe, it may in individual cases be the case that the rights of EU citizens cannot or cannot fully be enforced, e.g. when US security authorities store and analyse data. Please check carefully what personal information and messages you share on Twitter and, if in doubt, use other contact options offered by us.

We may also receive statistics from Twitter about the reach of our social media activity (e.g. the number of hits, interactions such as retweets and aggregated demographic and other information or audience insights and other statistics about followers). 

6.3 Additional information on our LinkedIn profile

We are responsible for our own content in our LinkedIn company profile and information shared by us there. LinkedIn provides the technical platform and infrastructure for the social network. If you communicate with us on LinkedIn, your data may also be processed in countries outside the European Union where the level of data protection is lower than in the European Union (e.g. the USA). We have contractually agreed with LinkedIn to respect the European Data Protection Principles. However, when data is processed outside Europe, it may in individual cases not be possible to enforce the rights of EU citizens, or not fully enforce them, e.g. when US security authorities store and analyse data. Please check carefully what personal information and messages you provide via LinkedIn and if in doubt, use other contact options we offer.

We may also receive statistics from LinkedIn regarding the use of our social media presence (such as the number of views of articles and posts, interactions such as "likes" and comments, and aggregated demographic and other information such as aggregated positions and locations of followers and group members or other statistics). 

7. Disclosure of data

7.1 General information

We will pass on the data raised by us in the context of the registration or the event in principle only if:‍

- you have given your express consent according to Art. 6 para. 1 lit. a GDPR,- the disclosure according to Art. 6 para. 1 lit. f GDPR is necessary for the assertion, exercise, or defense of legal claims and there is no reason to believe that there is an overriding legitimate interest in not disclosing the data,

- we are legally obliged to disclose such information according to Art. 6 para. 1 lit. c GDPR or

- this is legally permissible and, according to Art. 6 para. 1 lit. b GDPR, necessary for the execution of contractual relationships with you or for the implementation of pre-contractual measures which are taken at your request,

- insofar as this is stated in these data protection notices (in particular concerning the publication of photo and video recordings on the social media platforms).‍

Also, the data may be passed on in connection with official inquiries, court orders, and legal proceedings if this is necessary for legal prosecution or enforcement.

7.2 External service providers

Some of the data processing described in these data protection notices may be carried out by our service providers. In addition to the service providers mentioned in this Privacy Policy, this may include, in particular, data centers that store our databases, IT service providers that maintain our systems, and consulting firms. If we pass on data to our service providers, they may only use the data to fulfil their tasks. The service providers have been carefully selected and commissioned by us. They are contractually bound to our instructions, have suitable technical and organizational measures at their disposal to protect the rights of the persons concerned, guarantee an appropriate level of data protection, and are carefully monitored by us. Some of our service providers may process your personal data outside the European Union or the European Economic Area. In these cases, we protect your personal data by ensuring that the requirements of Art. 44 et seq. GDPR are fulfilled.

8. Data Transfer to third countries

As explained in this privacy policy, we use services whose providers are partly located in so-called third countries (outside the European Union or the European Economic Area) or process personal data there, i.e. countries whose level of data protection does not correspond to that of the European Union. If this is the case and the European Commission has not issued an adequacy decision (Art. 45 GDPR) for these countries, we have taken appropriate precautions to ensure an adequate level of data protection for any data transfers. These include, among others, the standard contractual clauses of the European Union or binding internal data protection regulations.

Where this is not possible, we base the transfer of data on exceptions to Art. 49 DSGVO, in particular your express consent or the necessity of the transfer for the performance of the contract or for the implementation of pre-contractual measures.

If a transfer to a third country is provided for and there is no adequacy decision or suitable guarantees, it is possible and there is a risk that authorities in the respective third country (e.g. intelligence services) may gain access to the transferred data in order to collect and analyse it, and that the enforceability of your affected rights cannot be guaranteed.

9. Your rights

You have the right to request information about the processing of your personal data by us at any time. We will explain the data processing to you in the context of the provision of information and provide you with an overview of the data stored about your person. If data stored by us is incorrect or no longer up to date, you have the right to have this data corrected. You may also request that your data be deleted. Should deletion not be possible in exceptional cases due to other legal provisions, the data will be blocked so that it is only available for this legal purpose. You can also have the processing of your data restricted, e.g. if you believe that the data stored by us is not correct. You also have the right to data transferability, i.e. we can send you a digital copy of the personal data you have provided on request.‍

To exercise the rights described here, you can contact us at any time using the contact details listed in section 1 above. This also applies if you wish to receive copies of guarantees proving an adequate level of data protection.‍

Finally, you have the right to complain to the data protection supervisory authority responsible for us. You may exercise this right with a supervisory authority in the Member State of your residence, workplace, or alleged infringement. The competent supervisory authority is in Berlin: Berlin Commissioner for Data Protection and Freedom of Information, Friedrichstr. 219, 10969 Berlin.

Right of withdrawal and objection

According to Art. 7 para. 3 GDPR, you have the right to withdraw your consent to us at any time. The consequence of this is that we will no longer continue the data processing based on this consent in the future. The revocation of the consent does not affect the legality of the processing carried out based on the consent up to the revocation.

If we process your data based on legitimate interests according to Art. 6 para. 1 lit. f GDPR, you have the right according to Art. 21 GDPR to object to the processing of your data and to give us reasons which arise from your particular situation and which, in your opinion, indicate that your interests worthy of protection prevail. If you wish to object to data processing for direct marketing, you have a general right of objection, which we will also implement without stating reasons. Also, you will always find an unsubscribe link in our information emails on future events. Concerning the preparation of the photo and video recordings, you can also contact the photographer or cameraman at any time and inform them that you do not want any recordings of yourself. If you wish to exercise your right of withdrawal or objection, simply send an informal message to the contact details listed above.

September 2023