We are delighted that you have downloaded and are using our event app (hereinafter referred to as “app”). We would like to inform you about the processing of your personal data and your rights as a data subject in connection with the use of our app.

Deutscher Fachverlag GmbH

Mainzer Landstr. 251

60326 Frankfurt am Main

info@hotel-gastromedien.de

(hereinafter also referred to as “we” or “dfv Conference Group GmbH”),

as the controller within the meaning of data protection law, would like to inform you about the following.

1. Subject matter of data protection, legal basis, and sources

The subject matter of data protection is the protection of personal data. Personal data is any information relating to an identified or identifiable natural person (“data subject”). Your personal data therefore includes all data that allows you to be identified, such as your name, address, telephone number, or email address. Personal data also includes information that is necessarily generated through the use of our app, such as the start, end, and scope of use, or your IP address.

Personal data will continue to be collected, for example, to the extent that you yourself enter content into your user profile (profile data).

We will only process your data if this is permitted by applicable law. We will base the processing of your data on the following legal bases, among others:

- Consent (Art. 6 (1) (a) GDPR): We will only process certain data on the basis of your prior express and voluntary consent. You have the right to withdraw your consent at any time with effect for the future.

- Performance of a contract or implementation of pre-contractual measures (Art. 6 (1) (b) GDPR): We require certain data from you, in particular for the initiation or implementation of your user agreement with dfv Conference Group GmbH.

- Fulfillment of a legal obligation (Art. 6 (1) (c) GDPR): In addition, we process your personal data to fulfill legal obligations, such as commercial and tax law retention obligations.

- Protection of legitimate interests (Art. 6 (1) (f) GDPR): dfv Conference Group GmbH will process certain data to protect its own interests or those of third parties. However, this only applies if your interests do not outweigh these interests in individual cases.

Please note that this is not a complete or exhaustive list of possible legal bases, but merely examples intended to make the legal bases for data protection more transparent. For more detailed information on the legal bases for individual data processing in our app, please refer to the explanations in the following sections.

2. Downloading the app

When you download our app, necessary information is transferred to the respective app store. This includes, in particular, your username, email address, time of download, and individual device identification number. This data collection is initiated by the respective app store operator. This data is not stored by us.

In this context, please also note the respective privacy policies of the app store operators:

- for the iOS App Store: Apple Distribution International Ltd., Hollyhill Industrial Estate, Hollyhill, Cork, Ireland, available at www.apple.com/de/privacy/privacy-policy/, and

- for the Google Play Store: Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland, available at https://policies.google.com/privacy?hl=de.

Our app can be found and downloaded from the aforementioned app stores via our software developer, Online Software AG, Forum 7, 69126 Heidelberg, Germany.

3. Usage data

You can use our app without providing any personal information. However, when you use our app, the following information about your access and use may be stored:

- IP address of the requesting device,

- screens accessed,

- Date, time, duration, and time zone of the server request or interaction (e.g., first/last opening/closing of the app, last login, screens/videos viewed, starting/ending a training session, clicking a call-to-action button),

- Browser type and version,

- Operating system used by the requesting device,

- Your device model, unique number of the device used.

When you access our app, relevant information may be stored on your device and/or relevant information already stored on your device may be accessed.

We process this usage data on the basis of our legitimate interests pursuant to Art. 6 (1) (f) GDPR for the purpose of providing the app, ensuring its technical operation, and guaranteeing the security of our information technology systems. In doing so, we pursue the interest of enabling and permanently maintaining the use of our app and its technical functionality. This data is processed automatically when you access our app. Without this provision, you cannot use our app.

The automatically collected data is usually deleted or anonymized once the purpose has been fulfilled, unless we need it for the above-mentioned purposes for a longer period of time in exceptional cases. In such a case, we delete the data once the purpose has been fulfilled.

You cannot object to the processing of your usage data, as this data is essential for the smooth operation of the app. It is not possible to use the app without processing this data.

4. Cookies

Our app uses cookies. Cookies are text files that are stored in the Internet browser or on the device. When you access an app, a cookie may be stored on your device. This cookie contains a characteristic string of characters that enables the device to be uniquely identified when the app is accessed again.

We use cookies to make our app more user-friendly. These cookies help to make an app usable by enabling basic functions such as page navigation and access to secure areas of the app.

The legal basis for the use of technically necessary cookies is Section 25 (2) No. 2 TTDSG. The purpose of their use in these cases is to simplify the use of apps for you. Some functions of our app cannot be offered without the use of cookies. This is our legitimate interest in data processing.

You can deactivate or restrict the transfer of cookies by changing the settings on your device. Cookies that have already been saved can be deleted at any time. This can also be done automatically if necessary. If cookies are deactivated for our app, it may no longer be possible to use all functions of the app to their full extent.

5. Functions of the app

a) Contacts (list of persons)

Our app may also store the contacts (list of persons) of individuals (e.g., event participants, speakers, employees). When you click on a contact, a details page appears with that person's contact information (e.g., email address). You can contact that person directly via the links on this details page.

When you click on a corresponding link, corresponding applications or apps provided by other providers (third-party providers) will open on your device (for example, the email program installed on your device).

Please note that these third-party applications and apps may process personal data. Please contact the providers of these applications and apps directly for more information. The respective provider and controller can be found in the legal notice and the respective data protection information in the corresponding application or app.

b) Locations

In our app, you have the option of displaying specific locations (e.g., event venues) with corresponding detailed information about these locations in a list or on a map. If you share your location, the distance from your location to the individual locations will also be displayed.

We process the following data as part of this function:

- Exact geographical location.

Processing is carried out on the basis of Section 25 (2) No. 2 TTDSG in conjunction with Art. 6 (1) (b) GDPR in order to provide you with the desired function within the scope of a user relationship.

The app will also ask you to grant the appropriate device permission (to use your location). Granting permission is voluntary. However, if you want to receive the specific distances to locations, you must grant this permission, as you will otherwise not be able to use this function.

The permission remains active as long as you do not disable it on your device. You can disable and re-enable the use of your geographic location at any time.

c) Speaker requests

Our app allows you to anonymously ask speakers questions during an event. Your message with your question will be sent to the event moderator, who will then ask the speaker.

We process the following data as part of this function:

- Your individual message and question.

This data is processed on the basis of Art. 6 (1) (b) GDPR in order to be able to offer you this function of our app within the framework of the execution of a user agreement.

d) Permissions on the end device / push notifications

The app supports the display of notifications (so-called push notifications) on the home screen of your end device and within the app (so-called in-app messages). Therefore, the app may ask you to grant the appropriate device permission. Granting permission is voluntary. However, if you wish to receive push notifications, you must grant this permission, as you will otherwise be unable to use this function. We require this permission in order to provide you with the desired services within the framework of a (free) user relationship with you (Section 25 (2) No. 2 TTDSG in conjunction with Art. 6 (1) (b) GDPR).

In order to display push notifications or in-app messages to you, your device is assigned a pseudonymized notification ID. This serves as the destination for push notifications or in-app messages.

The permission remains active as long as you do not disable it on your device. Push notifications can be disabled and reactivated at any time.

e) Links to third-party websites and other apps on your device

aa) Websites

If we link to third-party websites, clicking on the links will redirect you to the respective third-party offering via hyperlink.

Please note that third-party offers linked from our app may install cookies on your device or collect personal data. Please contact the providers of these linked third-party offers directly for more information. The respective provider and responsible party can be found in particular in the legal notice and the respective data protection information on the corresponding websites.

bb) Apps

The “Overview of other apps” function may display other apps from other providers (“third-party providers”) in connection with the content of our app. If you click on these apps, the respective third-party provider's app or the third-party provider's presence in the app store will open, where you can download the third-party provider's app.

Please note that third-party apps may process personal data. Please check with the providers of these apps directly for more information. The respective provider and controller can be found in particular in the legal notice and the respective privacy policy in the corresponding app.

6. Third-party services

We also use services on our website that we use for reach measurement, online marketing, and the integration of third-party content and functions.

When measuring reach, we analyze the surfing behavior of website visitors, i.e., we evaluate the behavior and interests of users, e.g., to determine which content is particularly interesting or which functions need to be optimized. Cookies or similar methods with the same purpose can be used for this purpose to create user profiles of website visitors. In addition to the IP address, information about visited websites, viewed content, and technical characteristics such as the browser used, as well as information about usage times and location data, may be processed in this context.

As part of online marketing, we process the personal data of website visitors for the purpose of marketing advertising space or displaying advertising content. This content should be tailored to the potential interests of users, which is why we measure its effectiveness. Cookies or similar methods with the same purpose may be used for this purpose and user profiles of website visitors may be created. In addition to the IP address, information about visited websites, viewed content, and technical characteristics such as the browser used, as well as information about usage times and location data, may be processed in this context. These cookies can later be read on other websites that use the same online marketing method, analyzed for the purpose of displaying content, supplemented with further data, and stored on the server of the online marketing method provider.

In addition, we integrate functional and content elements (e.g., images, videos, text, and buttons) from third-party providers on our website. These functional and content elements are usually obtained from the servers of these third-party providers. In order to display this content and these functions, it is necessary for the providers to process the IP address of the users so that the content can be sent to the browser.

The providers of the functional and content elements may also use so-called pixel tags or “web beacons,” i.e., invisible graphics, for statistical and marketing purposes. This information may also be stored in cookies. In addition to the IP address, information about visited websites, viewed content, and technical characteristics, such as the browser used, as well as information about usage times and the use of our offers, may be processed in this context. This information may also be linked to information from other sources.

The legal basis for the processing of personal data by the services listed below is, provided you have given us your consent, Section 25 (1) sentence 1 TTDSG. For some data processing, however, § 25 (2) No. 2 TTDSG forms the legal basis. This serves the purpose of improving the quality of our website and its content. This allows us to learn how the website is used and thus continuously optimize our offerings.

Services used and service providers:

- Matomo: If you have consented to this, we use the open-source (web) analysis software Matomo (formerly “Piwik”) for statistical evaluation of usage behavior in our app in order to continuously improve our app and make it more user-friendly.

Matomo uses cookies and similar technologies (hereinafter collectively referred to as “cookies”). The information generated by the cookies about your use of our app is stored locally on servers in Germany operated by our web provider. The legal basis is Section 25 (1) TTDSG in conjunction with Art. 6 (1) (a) GDPR, as the data processing is based on your consent.

We will use the information collected with the help of cookies and generated by your device about the use of our app, in particular your anonymized IP address, device information (e.g., screen resolution, operating system used, language settings), date and time of use of the app, and duration of use, will be used to evaluate the use of the app, to compile reports on the activities in our app, and to design our app in line with requirements. No profiling or transfer of data to third parties takes place.

We only use Matomo with IP anonymization enabled. This means that the last digits of the users' IP addresses are truncated to make it more difficult to draw direct conclusions about individual users. The data is deleted as soon as it is no longer needed for our recording purposes. In our case, this is usually after 30 days. You can revoke your consent to the use of Matomo at any time by preventing the storage of cookies through the appropriate app settings. To do this, deactivate the “Allow usage analysis” function in the “Settings” menu.

Further information on data protection at Matomo can be found on the Matomo website at https://matomo.org/privacy/ and at https://matomo.org/gdpr-analytics/.

7. Recipients of personal data

We will only disclose your personal data to external recipients if this is necessary for the provision of the app, if we have your consent to do so, or if there is another legal basis for doing so.

External recipients may include, in particular:

- Processors: These are service providers that we use to provide services, for example in the areas of technical infrastructure and maintenance of our app. We carefully select and regularly review such processors to ensure that your privacy is protected. These service providers may only use the data for the purposes specified by us and in accordance with our instructions. We are authorized to use such processors in compliance with the legal requirements of Art. 28 GDPR.

8. Storage period and deletion

We only store your personal data for as long as is necessary to fulfill the purposes or, in the case of consent, for as long as you do not revoke your consent. In the event of an objection, we will no longer process your personal data unless further processing is permitted or even mandatory under the relevant legal provisions (e.g., in the context of commercial and tax law retention obligations).

For further information on the storage period of your personal data, please refer to the respective explanations in the above sections.

9. Your rights

As a data subject, you have numerous rights. Specifically, these are:

- Right of access (Art. 15 GDPR): You have the right to obtain information about the data we have stored about you.

- Right to rectification and erasure (Art. 16 and Art. 17 GDPR): You may request that we rectify incorrect data and, provided that the legal requirements are met, erase your data.

- Right to restriction of processing (Art. 18 GDPR): You may request that we restrict the processing of your data, provided that the legal requirements are met.

- Right to data portability (Art. 20 GDPR): If you have provided us with data on the basis of a contract or consent, you may, if the legal requirements are met, request that you receive the data you have provided in a structured and commonly used format or that we transfer it to another controller.

- Right to object to data processing based on legitimate interests (Art. 21 GDPR): You have the right to object to our processing of your data at any time for reasons arising from your particular situation, provided that this is based on legitimate interests within the meaning of Art. 6 (1) (f) GDPR. If you exercise your right to object, we will stop processing your data unless we can demonstrate compelling legitimate grounds for further processing that outweigh your rights.

- Withdrawal of consent (Art. 7 GDPR): If you have given us your consent to process your data, you can withdraw this consent at any time with effect for the future. The lawfulness of the processing of your data until withdrawal remains unaffected.

- Right to lodge a complaint with a supervisory authority (Art. 77 GDPR): You can also lodge a complaint with the competent supervisory authority if you believe that the processing of your data violates applicable law.

If you have any questions about the processing of your personal data, your rights as a data subject, and any consent you may have given, please contact our data protection officer using the communication channels listed in section 10.

10. Our data protection officer

You can contact the company data protection officer at: datenschutz@dfv.de or by post at Deutscher Fachverlag GmbH, Datenschutz, Mainzer Landstraße 251, 60326 Frankfurt.

11. Changes

From time to time, it may be necessary to amend the content of this privacy policy. We therefore reserve the right to change it at any time. We will also publish the amended version of the privacy policy here.

As of April 2024