tekom - conferences

Data protection

The EU General Data Protection Regulation (hereinafter “GDPR”) obligates us to take relevant measures regarding the processing of data, as well as with regard to providing information to you. Our data protection notice therefore contains the following information:

1. Our contact details

The controller in line with data protection law is:
tcworld GmbH
Heilbronner Straße 86
70191 Stuttgart
Germany
+49 711 65704-0
info@tekom.org

2.     Details concerning the processing of your data

What data from you we collect and process is a result of the relevant context, and results from the relevant form that we use for data collection, for example. Apart from that, we also process data that you provide to us (name, e-mail address, postal address, telephone number, fax number, photo, voice, etc.).

(1)    Purposes of the data processing
Your data is collected in order to
·       be able to identify you as a speaker
·       be able to communicate with you
·       be able to issue invoices
·       be able to implement the contract
·       be able to use your contributions at our event, in advertising, etc., namely:
o    for the purposes of promoting the event in print and online media (including social media), newsletters, and mailings
o    for the contribution during the conference at the venue
o    for the complete or partial live transmission to conference participants taking part digitally online
o    for the recorded images and sound for contributions not transmitted live and necessary processing of the recording
o    for portrait photos and interview questions
o    for provision of the recordings and the slides to the conference participants up to three months afterwards
o    for sale of the recordings on the Internet over a period of up to two years
o    for partial use for reference and advertising purposes for subsequent events in print media, on tcworld GmbH’s own website, third-party websites, and on social media.

(2)    Legal bases for data processing
The legal basis for the processing is Art. 6(1)(b) GDPR (performance of a contract), as the granting of exploitation rights and the provision of your data are part of our contract with you. If and insofar as the data processing is not carried out for the purposes of performing the contract, it is carried out based on our legitimate interest as per Article 6(1)(f) GDPR.

(3)    Disclosure of your data
We will disclose your data to Gesellschaft für Technische Kommunikation – tekom Deutschland e.V. and the European Association for Technical Communication – tekom Europe e.V. (hereinafter “tekom”). We have concluded an order processing contract with both associations.
To the extent necessary and appropriate, we will disclose your data to sub-contractors or commissioned service providers if this is necessary or advisable in order to perform the contract (e.g. planning and implementation of the event).
We will only disclose your data which is the subject of an invoice (first name, last name, company name, postal address) to our tax adviser insofar as it concerns an activity relevant to tax law (e.g. conclusion of a contract), or to our bank insofar as it concerns payments from or to you
We will only disclose your data that is the subject of transmissions and/or recordings to technical service providers and platform operators (including social media) to the extent necessary and appropriate.
In some cases, external suppliers (delivery service providers for sending advertising materials, agents for creating advertising and information materials, service providers for Internet hosting and software providers) assist our specialist departments in fulfilling their duties. We have concluded the necessary data protection contracts and taken measures with all of these service providers.
Other than that, data will not be disclosed to third parties. An exception to this is if there is a legal obligation to disclose.

(4)    Duration of storage
The data will be erased as soon as it is no longer required for fulfilling the purpose it was collected for.
We will store all data collected in this context until the end of the contract and claims can no longer be asserted from the contract or the contract initiation, i.e. until the expiration of the limitation period. The general limitation period as per Section 195 of the German Civil Code is three years. However, the limitation period for certain claims, for example claims for damages, is 30 years. If there is good reason to believe that this is relevant in an individual case (e.g. threat of claims against us), we will therefore store personal data beyond this period. The specified periods of limitation start at the end of the year (i.e. on 12/31) in which the claim arose and the creditor acquired knowledge of the circumstances substantiating the claim and of the person of the debtor or should have learned thereof without gross negligence.
We also note that, in addition to this, we are subject to legal retention requirements due to tax-related and accounting reasons. The requirements oblige us to store certain data over a period of six up to ten years as evidence of our accounting; this may also include personal data. These retention periods prevail over the above-mentioned erasure obligations. The retention periods also start at the conclusion of the relevant year, i.e. on the 12/31, respectively.

(5)    Opportunity to object and for erasure
You have the opportunity to demand the erasure of your data at any time. If you demand erasure, this will also always be accompanied by termination of the contract, i.e. you can no longer use our services or we will be released from our obligation to perform. Your erasure request in principle does affect our claim to the fee agreed upon or reimbursement of costs, insofar as legal reasons do not exclude our claim (e.g. justified cancellation).
Insofar as we invoke the legitimate interest, you have the right to submit an objection to us at any time to the processing of personal data concerning you due to reasons resulting from your particular situation. If we are unable to demonstrate any compelling legitimate grounds for the further processing that outweigh your interests, rights, and freedoms, or if we process your relevant data for the purposes of direct advertising, we will then no longer process your data (cf. Art. 21 GDPR). For this purpose, you can contact us via post or via e-mail (see A.1.).

3.     Your rights as the data subject

If personal data concerning you is processed, you are the “data subject” and you are entitled to the following rights vis-à-vis us as the controller (you can find our contact details above under A.):

(1)    Access to personal data
You have the right to receive a confirmation from us free of charge as to whether we process personal data concerning you. If this is the case, then you have the right to access this personal data and further information you can find in Art. 15 GDPR. For this purpose, you can contact us via post or via e-mail (see A.1. above).

(2)     Right to rectification
You have the right to demand immediate rectification by us of incorrect personal data concerning you. Taking into account the purposes of processing mentioned above, you also have the right to demand the completion of incomplete personal data – including by means of an explanatory declaration. For this purpose, you can contact us via post or via e-mail (see A.1. above).

(3)    Right to erasure
You have the right to demand the immediate erasure of personal data concerning you if one of the requirements of Art. 17 GDPR is met. For this purpose, you can contact us via post or via e-mail (see A.1. above). We have described the legal consequences under 2(1) in the information about data processing.

(4)    Right to object to processing due to legitimate interest
Insofar as we process your data based on Art. 6(1)(f) GDPR (i.e. due to our legitimate interest), you have the right to submit an objection at any time to the processing of personal data concerning you due to reasons resulting from your particular situation. If we are unable to demonstrate any compelling legitimate grounds for the further processing that outweigh your interests, rights, and freedoms, or if we process your relevant data for the purposes of direct advertising, we will then no longer process your data (cf. Art. 21 GDPR). For this purpose, you can contact us via post or via e-mail. A technical process used by you, for example clear technical information your web browser sends to us (“Do Not Track” message) is also considered a valid objection in this respect.

(5)     Right of revocation if consent is granted
You have the right to revoke consent you have granted to the collection and use of personal data at any time with effect for the future. For this purpose, you can contact us via post or via e-mail (see A. above). The legality of the processing that was carried out based on the consent up to the revocation is not affected by this.

(6)    Right to have processing restricted
You have the right to demand we restrict processing if one of the requirements of Art. 18 GDPR is met. For this purpose, you can contact us via post or via e-mail (see A.1. above).

(7)    Right to be informed
If you have asserted the right to rectification, erasure, or to have processing restricted against us, we are obliged to inform all recipients to whom personal data concerning you has been disclosed about this rectification or erasure of data or restriction of processing, unless this proves to be impossible or involves disproportionate effort. You have the right to be informed about these recipients by us.

(8)     Right to data portability
You have the right to receive the personal data concerning you that you have provided to us in a structured, commonly used, and machine-readable format, and you have the right to transmit this data to another controller without hindrance from us if the requirements of Art. 20 GDPR are met. For this purpose, you can contact us via post or via e-mail (see A.1. above).

(9)Automated decision-making including profiling
We do not use automated decision-making.

(10)   Right to lodge a complaint with a supervisory authority
You have the right to lodge a complaint with a supervisory authority for data protection without prejudice to other rights, in particular in the Member State in which you have your residence, your workplace, or the location of the suspected violation, if you are of the view that the processing of the personal data relating to you breaches data protection law.