Data privacy statement

Data privacy statement

Thank you for your interest in our company and for visiting us at www.worldccbonn.com.

The privacy and protection of your personal data, e.g., date of birth, name, phone number, address etc., is a matter of great concern to us.

The purpose of this data privacy statement is to inform you about the processing of your personal data that we collect when you visit our website. Our data privacy policy is in line with the legal stipulations of the EU General Data Protection Regulation (GDPR) and the Federal Data Protection Act (Bundesdatenschutzgesetz – BDSG). The following data privacy notice meets the GDPR information requirements. These requirements can be looked up, inter alia, in Art. 13 and 14 ff. of the GDPR.

Data controller

The data controller (person or entity) responsible for the processing of data on this website under Art. 4 (7) GDPR is the one who decides alone or in consultation with others on the purpose and means of processing personal data.

Our data controller is:
Bonn Conference Center Management GmbH
Platz der Vereinten Nationen 2
53113 Bonn
Germany
E-mail: info(at)worldccbonn.de
Phone: +49 (0) 228 / 9267-0
Fax: +49 (0) 228 / 9267-2119

Contact data of the data protection officer

We have designated a data protection officer (DPO) pursuant to Art. 37 GDPR. If you have any questions, you may use the following contact details:
Gerd Büttner
my-dsb.com UG, Theodor-Heuss-Anlage 12, 68165 Mannheim
E-Mail: datenschutz@worldccbonn.com

Providing the website and creating log files

Each time our website is accessed, our system automatically collects data and information which your browser sends us automatically from your electronic device (e.g., computer, cell phone, tablet, etc.).

Type and scope of data collection and processing

(1) information on the type of browser and the version used
(2) operating system used by your device
(3) hostname of the accessing computer
(4) IP-address of your device
(5) date and time of the data fetch
(6) websites and resources (pictures, files, other content) accessed from our website
(7) websites from which the user’s system gained access to our website (referrer tracking, referrer URL);
(8) notice of successful retrieval
(9) quantity of data transferred

These data are stored in the log files of our system. These data are not stored together with personal data of specific users, which precludes individual visitors from being identified.

Legal basis for processing personal data

The basis for data processing is Art. 6 (1) lit. f GDPR (“legitimate interests”). It is within our legitimate interests to ensure that the purpose described below is achieved.

Purpose of data processing

The temporary (automated) storage of data is necessary for a successful website visit and, thus, to deliver the website to the data subject. Moreover, the storage and processing of personal data is necessary to maintain the compatibility of our website for all visitors to the best possible degree, and also to prevent fraudulent misuse of our website and enable troubleshooting. To this end, it is necessary to save log files with all technical data of the retrieving computer in order to be able to react as early as possible to display errors, attacks on our IT system and/or bugs in the functionality of our website. Furthermore, saving the data in log files helps us to optimize our website and to ensure the security of our IT system.

Duration of storage

The afore mentioned technical data are deleted as soon as they are no longer needed in order to ensure the compatibility of our website for all visitors, but no later than three months after visiting our website.

Right to object and deletion option

At any point in time you may object to the processing of your personal data in accordance with Art. 21 GDPR and demand that your data are deleted in line with Art. 17 GDPR. You will find a listing of your rights and how to claim them at the bottom of this data privacy notice.

Special website features

Our website provides several features that automatically collect, process and save personal data when you access these features. In the following you can read what happens with that data:

Contact forms

  • Type and scope of processing personal data

The data you enter in the input mask of our contact form

  • Legal basis for data processing

Art. 6 (1) lit. a GDPR (consent given by unambiguous confirmatory act or conduct)

  • Purpose of data processing

We will use the data collected via our contact form only to process the specific request made through the contact form. Please be aware that in order to answer your request we may send you an e-mail to the address that you have indicated. The purpose of this is to give you a confirmation of proper receipt for your request. However, it is not mandatory for us to send you such confirmation e-mail as it serves merely information purposes.

  • Duration of storage

The data are deleted as soon as your request has been processed, provided there are no statutory storage obligations precluding it.   

  • Right to object and deletion option

The right to object and deletion of data correspond to the general rules governing data privacy as detailed below in this data privacy statement.

  • Requirement to enter personal data

When you use our contact form, be aware that this is by choice and that this is not a contractually or legally prescribed way of contacting us. You are not obliged to use the contact form for contacting us, but you may use other ways to contact us, as described on our website. Should you wish to use the contact form, you must fill in the mandatory information. If you fail to fill in mandatory information you will either not be able to send off the contact form, or we will not be able to process your request.

Embedding external web services and processing of data outside of the EU

  • On our website we use active content from external providers, known as “web services”. When you access our website, these external providers may receive personal information on your visit to our website. In this case, it may be possible that the data are processed outside of the EU. You can prevent this by installing a suitable browser plug-in or by deactivating the execution of scripts in your browser. This may lead to functionality limitations on the websites you visit.

We use the following external web services:

  • Google


We use on our website a web service known by the name “Google”, which is provided by the company Google LLC, 1600 Amphitheatre Parkway, 94043 Mountain View, USA; e-mail: support(at)google.com, URL: http://www.google.com/. The data is also processed in a third state for which the European Commission has not adopted an adequacy decision. Therefore, in such transfers the usual level of data protection as prescribed in the GDPR cannot be safeguarded, since it is possible that, for instance, official authorities in the third country might gain access to the collected personal data.

The legal basis for transmitting personal data is your consent or explicit consent given on our website, which is in accordance with Art. 6 (1) lit. a GDPR and Art. 9 (2) lit. a., respectively.

We use Google to upload on our website further services provided by Google.

You may withdraw your consent anytime. You can find more information on how to withdraw your consent on the page where you are asked to mark your consent or at the end of this data privacy statement.

Further information on the handling of transmitted personal data is available in the data privacy statement of the service provider at  https://policies.google.com/privacy.

  • Google Fonts

We use on our website a web service known by the name “Google Fonts”, which is provided by the company Google LLC, 1600 Amphitheatre Parkway, 94043 Mountain View, USA; e-mail: support(at)google.com, URL: http://www.google.com/. The data is also processed in a third state for which the European Commission has not adopted an adequacy decision. Therefore, in such transfers the usual level of data protection as prescribed in the GDPR cannot be safeguarded, since it is possible that for instance official authorities in the third country might gain access to the collected personal data.

The legal basis for transmitting personal data is your consent or explicit consent given on our website, which is in accordance with Art. 6 (1) lit. a GDPR and Art. 9 (2) lit. a., respectively.

We use Google Fonts for uploading on our website further fonts to be able to display our website in a version of improved visual quality.

You may withdraw your consent anytime. You can find more information on how to withdraw your consent on the page where you are asked to mark your consent or at the end of this data privacy statement.

Further information on the handling of transmitted personal data is available in the data privacy statement of the service provider at  https://policies.google.com/privacy.

  • Google Maps
    • Type and scope of collecting and processing personal data

We use on our website a web service known by the name “Google Maps”, which is provided by the company Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland. Google Maps is integrated in our website via Google API in order to visualize locations and display them on a map. The processing of the IP address by Google Maps is a technical requirement for displaying the map. Regarding further web services integrated via Google APIS, the rules concerning Google APIS described in the relevant sections of this data privacy statement shall apply.

 

    • Legal basis for data processing

The legal basis for transmitting personal data is legitimate interest, which is in accordance with Art. 6 (1) lit. f GDPR. Our legitimate interest is to be able to give you a visual representation of locations in standard internet format.

    • Purpose of data processing

 

On behalf of us Google Maps will use the collected information to display the map to you. Google Maps will help you to find us quicker and with more precision than with a non-interactive drawing of the route to take.

    • Duration of storage

Google will store the data relevant for the functioning of Google Maps as long as is necessary to deliver the web service booked. The data are collected anonymously. Should there be any data that contain references to individuals, these data are deleted as soon as your request has been processed, provided there are no statutory storage obligations precluding it. All data will be deleted after the statutory storage obligation expires.  

    • Right to object and deletion option

You can prevent the collection and transmitting of your personal data to Google (particularly your IP address) and any further processing by Google by deactivating the operation of script code in your browser, by installing a script blocker in your browser or by activating the “do not track” setting in your browser. You can find Google’s data security and privacy policy at https://policies.google.com/privacy.

    • Joint processing

Regarding the use of Google Maps we have signed a contract with Google on the joint processing of data. You can find the content of the contract at  https://privacy.google.com/intl/de/businesses/mapscontrollerterms/.

  • Google APIs

Our website uploads a web service known by the name “Google APIs”, which is provided by the company Google LLC, 1600 Amphitheatre Parkway, 94043 Mountain View, CA, USA; e-mail:  support(at)google.com, URL: http://www.google.com/. The data is also processed in a third state for which the European Commission has not adopted an adequacy decision. Therefore, in such transfers the usual level of data protection as prescribed in the GDPR cannot be safeguarded, since it is possible that, for instance, official authorities in the third country might gain access to the collected personal data.

The legal basis for transmitting personal data is your consent or explicit consent given on our website, which is in accordance with Art. 6 (1) lit. a GDPR and Art. 9 (2) lit. a., respectively.

We use Google APIs for uploading on our website further Google web services.  Google APIs is a collection of application programming interfaces to facilitate communication between different Google web services that are used on your website.

For the processing as such the web service and/or we collect the following data: your IP address

You may withdraw your consent anytime. You can find more information on how to withdraw your consent on the page where you are asked to mark your consent or at the end of this data privacy statement.

Further information on the handling of transmitted personal data is available in the data privacy statement of the service provider at  https://policies.google.com/privacy.

  • Gstatic

Our website uploads a web service known by the name “Gstatic”, which is provided by the company Google LLC, 1600 Amphitheatre Parkway, 94043 Mountain View CA, USA; e-mail:  support(at)google.com, URL: http://www.google.com/. The data is also processed in a third state for which the European Commission has not adopted an adequacy decision. Therefore, in such transfers the usual level of data protection as prescribed in the GDPR cannot be safeguarded, since it is possible that, for instance, official authorities in the third country might gain access to the collected personal data.

The legal basis for transmitting personal data is your consent or explicit consent given on our website, which is in accordance with Art. 6 (1) lit. a GDPR and Art. 9 (2) lit. a., respectively.

Gstatic is a web service used by Google to retrieve static content in order to reduce bandwidth utilization and to upload necessary catalogue files in advance.

You may withdraw your consent anytime. You can find more information on how to withdraw your consent on the page where you are asked to mark your consent or at the end of this data privacy statement.

Further information on the handling of transmitted personal data is available in the data privacy statement of the service provider at  https://policies.google.com/privacy.

  • vistour.de

Our website uploads a web service known by the name „vistour.de“, which is provided by the company iTouring GmbH, Technologiezentrum Europaplatz, Dennewartstr. 25-27, 52068 Aachen, Germany. The transmission and processing of data takes place exclusively on servers within the European Union.

The legal basis for transmitting personal data is your consent or explicit consent given on our website, which is in accordance with Art. 6 (1) lit. a GDPR and Art. 9 (2) lit. a., respectively.

This web service is a plug-in that we need in order to be able to display all content of our website. With this plug-in our website becomes more attractive and perceptible to our visitors.

You may withdraw your consent anytime. You can find more information on how to withdraw your consent on the page where you are asked to mark your consent or at the end of this data privacy statement.

Further information on the handling of transmitted personal data is available in the data privacy statement of the service provider at http://www.itouring.de/website/#.

  • BLUEITS

Our website uploads a web service known by the name „BLUEITS“, which is provided by the company BLUEITS GmbH, Auf den Hochäckern 5, 92224 Amberg, Germany, e-mail: info(at)blueits.com, URL: https://www.db-app.de/. The transmission and processing of data takes place exclusively on servers within the European Union.

The legal basis for transmitting personal data is your consent or explicit consent given on our website, which is in accordance with Art. 6 (1) lit. a GDPR and Art. 9 (2) lit. a., respectively.

This web service is a plug-in that we need in order to be able to display all content of our website. With this plug-in our website becomes more attractive and perceptible to our visitors.

You may withdraw your consent anytime. You can find more information on how to withdraw your consent on the page where you are asked to mark your consent or at the end of this data privacy statement.

Further information on the handling of transmitted personal data is available in the data privacy statement of the service provider at https://www.db-app.de/.

  • Website-Check Siegel
  • Website-Check Siegel

Our website uploads a web service known by the name „Website-Check Siegel“, which is provided by the company Website-Check GmbH, Beethovenstraße 24, 66111 Saarbrücken, Germany, e-Mail: support(at)website-check.de, URL: http://www.website-check.de/. The transmission and processing of data takes place exclusively on servers within the European Union.

The legal basis for transmitting personal data is Art. 6 (1) lit. f GDPR (“legitimate interests”). It is within our legitimate interests to ensure that the purpose described below is achieved.

This script by Website-Check GmbH technically integrates the Website-Check Siegel (Siegel = seal) with our website. By using this seal of approval, we want to show that we take data protection very seriously. Based on the integration of the seal, non-personal data are transmitted to Website-Check GmbH as the issuing company of the seal of approval, so that they can handle the technical delivery.

Regarding the processing of data you may claim your right to object in accordance with Art. 21. You can find more information on this topic at the end of this data privacy statement.

Further information on the handling of transmitted personal data is available in the data privacy statement of the service provider at https://www.website-check.de/datenschutzerklaerung/.

 

Information regarding the use of cookies  

Scope of processing personal data

We use cookies on various pages to facilitate the use of certain functions on our website and to integrate external web services. The term “cookies” refers to small text files that your browser can store on your computer. These text files contain a characteristic sequence of characters which makes it possible to clearly recognize the browser if you return to our website. The act of storing a cookie file is also referred to as “placing a cookie”. Cookies can be placed by the website itself or by external web services.

Legal basis for data processing

Art. 6 (1) lit. f GDPR (legitimate interest), and/or Art. 6 (1) lit. a, and/or Art. 9 (2) lit. a GDPR (consent).

The table of cookies (below) explains which of the relevant Articles applies in the specific case.

In general, when using cookies based on legitimate interest, our legitimate interest is to maintain the functionality of our website and the integrated web services (cookies that are technically necessary). Also, cookies may possibly increase the user-friendliness of the website and help us to address our visitors in a more personal fashion. In this effort, we have balanced our interests against yours.

It is only possible to identify, analyze and track individual users of our website using cookie technology, if the visitors to our website have given their specific consent to placing cookies according to Art. 6 (1) lit. a GDPR. 

Purpose of data processing

Cookies are placed by our website or the external web services in order to maintain full functionality of our website and to improve user-friendliness or to pursue the purpose stated with your consent. Cookie technology also enables us to recognize individual visitors through the use of pseudonyms, such as an individual or random ID, allowing us to offer more individual services. You can find details in the following table:

Duration of storage

The cookies listed below will be stored in your browser until they are deleted or, in case of a session cookie, until the session is over. You can find details in the following table:

 

Cookie name

Server

Web service

Purpose

Legal basis

Duration of storage

Type

__cflb

vat.db-app.de

BLUEITS

The cookie assigns an ID to the visitor and calculates statistic data regarding the website visits of this user. This serves the purpose of providing the user with personalized ads.

Consent

Approx. 30 min.

Marketing

Right to object, right to withdraw your consent and deletion of data

You can set your browser according to your needs and, thus, prevent the placement of cookies in general. That way, you can decide on a case-by-case basis whether to accept cookies or not, or you can opt to accept cookies in general. Cookies can be used for different purposes, for instance, to recognize that your device is already connected to our website (permanent cookies) or to save the pages you have visited last (session cookies). If you have given your explicit consent for us to process your personal data, you can still withdraw your consent at any time. Please be aware that this does not affect the legality of processing that is done on the basis of prior consent until this has been withdrawn. 

 

Data security and data protection, communication by e-mail

Your personal data are protected by technical and organizational measures during collection, storage and processing in a way that they are not accessible for third parties. If you engage in unencrypted communication by e-mail, it is not possible for us to ensure complete data security whilst the data are transmitted to our IT systems; we therefore recommend using encrypted communication or the postal service for information with a high level of confidentiality.

Right to information and rectification – deleting and restricting data processing – withdrawing consent – right to object

Right to information

You have the right to request confirmation on whether we are processing your personal data. If so, you have the right to information on the items listed in Art. 15 (1) GDPR, unless the rights and freedoms of others are adversely affected (cf. Art 15 (4) GDPR). We would be glad to provide you with a copy of the data.

Right to rectification

According to Art. 16 GDPR, you have the right to ask for a rectification of inaccurate personal data (such as name, address, etc.) at any time. You can also request that we complete any incomplete data we have stored. We will make these adjustments without undue delay.

Right to deletion of data

According to Art. 17 (1) GDPR, you have the right to demand the deletion of personal data we have collected on you, if

  • the personal data are no longer necessary;
  • based on withdrawal of consent there is no longer a legal basis for further processing;
  • you object to processing and there are no overriding legitimate grounds for processing;
  • your personal data are being unlawfully processed;
  • there is a legal requirement to do so or if there has been a poll pursuant to Art. 8 (1) GDPR. 

According to Art. 17 (3) GDPR this right does not apply if

  • processing is necessary for exercising the right of freedom of expression and information;
  • your data have been collected on the basis of compliance with a legal obligation;
  • processing is necessary for reasons of public interest;
  • the data are necessary for the establishment, exercise or defense of legal claims. 

Right to restricting data processing

According to Art. (1) GDPR, in individual cases you have the right to demand from the controller the restriction of data processing. This applies in cases when

  • you contest the accuracy of the personal data;
  • the processing is unlawful and you oppose the erasure of the personal data;
  • the controller no longer needs the personal data for the purposes of the processing, but the data are required for the establishment, exercise or defense of legal claims;
  • you have objected to processing pursuant to Art 21 (1) GDPR and it is still unclear which interests are overriding.

Right to revoke your consent

If you have given us explicit consent to process your personal data (Art 6 (1) lit. a GDPR and Art. 9 (2) lit. a GDPR) you can revoke this consent at any time. If you have given your explicit consent for us to process your personal data, you can still withdraw your consent at any time. Please be aware that this does not affect the legality of processing that is done on the basis of prior consent until it has been withdrawn. 

Right to object

According to Art. 21 GDPR, at any time you have the right to object to the processing of personal data concerning you and which have been collected on the basis of Art 6 (1) lit f (legitimate interest). You are entitled to this right only if special circumstances relating to your particular situation speak against storage and processing.

How to claim your rights:

You may claim your rights at any point in time by contacting us, using the details below:

Bonn Conference Center Management GmbH
Platz der Vereinten Nationen 2
53113 Bonn, Germany
E-mail: info(at)worldccbonn.com 
Phone: +49 (0) 228 / 9267-0
Fax: +49 (0) 228 / 9267-2119

Right to data portability

According to Art 20 GDPR you have the right to receive the personal data concerning you. You will receive these data in a structured, commonly used and machine-readable format. Apart from instructing us to send you the data, you can also demand from us that we transfer these data to a data controller.

Upon your request pursuant to Art. 10 (1) GDPR we will provide you with the following data:

  • data that have been collected on the basis of explicit consent pursuant to Art. 6 (1) lit. a or Art. 9 (2) lit. a GDPR;
  • data that we have received from you pursuant to Art. 6 (1) lit. a GDPR in the context of existing contracts;
  • data that have been processed in the context of an automated process.

We will transmit the personal data directly to the data controller of your choice, if technically feasible. Please be aware that pursuant to Art 20 (4) GDPR the right to data portability does not apply to data that adversely affect the rights and freedoms of others.

Right to lodge a complaint with a supervisory authority according to Art. 77 (1) GDPR

If you suspect that your data are being processed unlawfully on our site, you can of course refer the matter to a court to clarify the issue at any time. Additionally, you can seek any other judicial remedy. Irrespective of this, according to Art. 77 (1) GDPR you also have the possibility of referring the matter to a supervisory authority. Pursuant to  Art. 77 (1), the right to lodge a complaint is available to you in the EU Member State of your habitual residence, your place of work and/or the place of the alleged infringement, i.e. you can select the supervisory authority you wish to refer the matter to at any of the aforementioned places. The supervisory authority with which the complaint has been lodged will then inform you about the status and outcome of your submission, including the possibility of a judicial remedy pursuant to Art. 78 GDPR.

Compiled by:
© DURY LEGAL Rechtsanwälte – www.dury.de
© Website-Check GmbH – www.website-check.de

 

 

Contact

Bonn Conference Center
Management GmbH
Platz der Vereinten Nationen 2
53113 Bonn

Tel. +49 (0)228 9267 0
info(at)worldccbonn.com

Contact form