DATA PROTECTION
TABLE OF CONTENTS
PRIVACY POLICY
Last update 10.10.9.24Expovina AG, Binzmühlestrasse 170c, 8050 Zurich, Switzerland, attaches great importance to the protection of your data and collects, processes and uses your personal data exclusively in compliance with the principles of the Swiss Federal Act on Data Protection ("FADP") and the European General Data Protection Regulation ("EU GDPR") and in accordance with the principles described below.
The entity responsible for the operation of this website ("Website") is Expovina AG with registered office at Binzmühlestrasse 170c, 8050 Zurich. This purely informative website presents current information about EXPOVINA and the events offered by EXPOVINA. When you visit this website, certain data may be stored by us. We explain this in detail below:
EXPOVINA AG Privacy Policy
(as of September 2024)
1. general information
Expovina AG (hereinafter also "we", "us") obtains and processes personal data concerning you or other persons (hereinafter "third parties"). In the following, we also refer to personal data as data.
Personal data is data that relates to specific or identifiable persons, i.e. conclusions can be drawn about their identity from the data itself or in conjunction with corresponding additional data. Please refer to section 3 to find out which data we process within the scope of this privacy policy. By "processing" we mean any handling of personal data, e.g. collecting, storing, using, adapting, disclosing and deleting.
In this Privacy Policy, we describe what we do with your data when you use www.expovina.ch, other websites of ours or our apps (hereinafter collectively referred to as the "Website"), purchase our services or products, otherwise enter into a contract (e.g. ticket purchase, exhibition contract, supplier contract, etc.).
If you transmit or disclose data to us about other persons, such as family members, work colleagues, customers, etc., we assume that you are authorized to do so and that you are transmitting correct data to us. By transmitting data about third parties, you confirm this. Please also ensure that these third parties have been informed about this privacy policy.
This Privacy Policy complies with the requirements of the EU General Data Protection Regulation ("GDPR") and the Swiss Data Protection Act ("DPA").
2 Who is responsible for processing your data?
Expovina AG, Binzmühlestrasse 170c, 8050 Zurich, is responsible under data protection law for the data processing described in this data protection declaration, unless otherwise stated in individual cases, e.g. in other data protection declarations, on forms or in contracts.
For each data processing operation, there are one or more bodies responsible for ensuring that the processing complies with the requirements of data protection law. This body is referred to as the controller. It is responsible, for example, for responding to requests for information (section 10) or for ensuring that personal data is secured and not used unlawfully.
Further information on third parties with whom we work and who are themselves responsible for processing can be found in sections 3, 7 and 12. If you have any questions or wish to exercise your rights vis-à-vis these third parties, please contact them directly.
You can contact us as follows for your data protection concerns and to exercise your rights in accordance with section 10:
Expovina AG
Binzmühlestrasse170c
8050 Zurich
Telephone: +41 44 752 33 66
E-mail: expo@expovina.ch
3 What data do we process?
This depends on how you contact us, which event you attend and which services and products you purchase from us. We explain the most important categories of this data below:
Technical data
When you use our website, our app or other digital services (e.g. Wi-Fi), we collect the IP address of your end device and other technical data to ensure the functionality and security of these services. This data also includes logs that record the use of our systems. We generally store technical data for a period of 5 years. To ensure the functionality of these services, we may also assign you or your end device an individual identifier (e.g. in the form of a cookie, see section 11). The technical data does not allow any conclusions to be drawn about your identity. However, it may be linked to other categories of data (and thus possibly to your person) in the context of user accounts, registrations, access controls or contract processing.
The technical data includes the IP address and details of the operating system of your end device, the date, region and time of use as well as the type of browser you use to access our digital offers. This can help us to provide you with the correct formatting of the website or to show you a subpage for your region, for example. Although we know which provider you are using to access our offers (and therefore also which region you come from) based on your IP address, we are generally unable to deduce who you are from this. This changes if you create a user account, for example, as personal data can then be linked to technical data (e.g. we can see which browser you use to access an account on our website). Examples of technical data include logs that are generated in our systems (e.g. the log of user logins on our website).
Registration data
Certain offers and services (e.g. login areas of our website, newsletter dispatch, WLAN access, etc.) can only be used with a user account or registration, which can be done directly with us or via our external login service providers. In doing so, you must provide us with certain data and we collect data on the use of the offer or service. If we or our contractual partners issue you with vouchers or invitations to events, we may request certain data from you when you redeem them, which we will pass on to the issuing contractual partner (see section 7). Registration data may be required for access control to certain facilities. Registration data is generally stored by us for a period of 5 years after the end of use of the service or closure of the user account.
Registration data includes, among other things, the information you provide when setting up an account on our website (e.g. user name, password, name, e-mail address). However, registration data also includes the data that we may request from you before you can use certain free services such as our visitor WLAN service, in this case: name, e-mail and telephone number; or the redemption of vouchers (e.g. for admission to our events or invitations), in this case: name, address, contact details, date of redemption. You must also register if you wish to subscribe to our newsletter. As part of access controls, it may be necessary for us to register you with your data (access codes in badges) (see the "Other data" category).
Communication data
If you contact us via the contact form, by e-mail, telephone, chat, letter or other means of communication, we collect the data exchanged between you and us, including your contact details and the marginal data of the communication. If we want or need to establish your identity, e.g. in the case of a request for information, we collect data that identifies you (e.g. a copy of your ID). We generally retain this data for 5 years after the last communication with you. This period may be longer if this is necessary for evidentiary purposes or to comply with legal or contractual requirements or for technical reasons. Emails in personal mailboxes and written correspondence are generally stored for at least 10 years. Chats are generally stored for 5 years.
Communication data is your name and contact details, the manner, place and time of communication and, as a rule, its content (i.e. the content of e-mails, letters, chats etc.). This data may also include information about third parties. For identification purposes, we may also process your ID card number or a password chosen by you or your press card. For secure identification, the following mandatory information is required for media inquiries: publisher, name of the publication, title, first name, surname, postal address, e-mail address, telephone/mobile number, function in the company, portrait photo, copy of the press card or a comparable document proving the journalistic activity of the reporting person.
Master data
We define master data as the basic data that we require in addition to the contractual data (see below) for the processing of our contractual and other business relationships or for marketing and advertising purposes, such as name, contact details and information about your role and function, for example, your bank details, your date of birth, your customer history, powers of attorney, signing authorizations and declarations of consent. We process your master data if you are a customer, visitor or other business contact or work for one (e.g. as a contact person for the business partner) or because we want to contact you for our own purposes or for the purposes of a contractual partner (e.g. exhibitor, organizer) (e.g. as part of marketing and advertising, with invitations to events, with vouchers, with newsletters, etc.).We receive master data from you yourself (e.g. when you purchase services or products or as part of a registration), from bodies for which you work or from third parties such as our contractual partners, associations and address dealers as well as from publicly accessible sources such as public registers or the Internet (websites, social media, etc.). We generally store this data for 10 years after the last communication between us, but at least until the end of the contract. This period may be longer if this is necessary or technically required for evidence purposes or to fulfill legal or contractual obligations. In the case of pure marketing and advertising contacts, the period is generally much shorter, usually no longer than 5 years since the last contact.
Inventory data includes, for example, data such as name, address, email address, telephone number and other contact details, gender, date of birth, nationality, details of associated persons, websites, social media profiles, photos and videos, copies of identification documents; furthermore, details of your relationship with us (customer, supplier, visitor, service recipient, etc.), details of your status with us, details of your relationship with us (customer, supplier, visitor, service recipient, etc.), details of your relationship with us (customer, supplier, visitor, service recipient, etc.) and details of your relationship with us (customer, supplier, visitor, service recipient, etc.). We also collect information about your relationship with us (customer, supplier, visitor, service recipient, etc.), information about your status with us, assignments, classifications and distribution lists, information about our interactions with you (possibly a history of these with corresponding entries), reports (e.g. from the media) or official documents (e.g. extracts from the commercial register, authorizations, etc.) that relate to you. For example, we collect your bank details and account number as payment data. Consent or blocking notices are also part of the master data, as is data about third parties, e.g. contact persons, service recipients, advertising recipients or representatives.
In the case of contact persons and representatives of our customers, visitors, suppliers and partners, we process master data such as name and address, details of role, function in the company, qualifications and, if applicable, details of superiors, employees and subordinates as well as details of interactions with these persons. Master data is not collected comprehensively for all contacts. Which data we collect in detail depends in particular on the purpose of the processing.
Contract data
This is data that arises in connection with the conclusion or processing of a contract, e.g. information on contracts and the services to be provided or provided as well as data from the run-up to the conclusion of a contract, the data required or used for processing and information on reactions (e.g. complaints or information on satisfaction, etc.). As a rule, we collect this data from you, from contractual partners and from third parties involved in the execution of the contract, but also from third parties (e.g. providers of creditworthiness data) and from publicly accessible sources. We generally store this data for a period of 10 years from the last contractual activity, but at least from the end of the contract. This period may be longer if this is necessary for evidence purposes, to fulfill legal or contractual requirements or for technical reasons.
Contract data includes information about the conclusion of the contract, about your contracts, e.g. type and date of conclusion of the contract, information from the application process (e.g. an application for our products or services or a registration to participate in or attend an event) and information about the respective contract (e.g. its term) as well as about the processing and administration of the contracts (e.g. information in connection with invoicing, customer service, support with technical issues and the enforcement of contractual claims). Contract data also includes information about defects, complaints and contract adjustments as well as information about customer satisfaction, which we can collect, for example, through surveys. Contract data also includes financial data such as creditworthiness information (i.e. information that allows conclusions to be drawn about the likelihood of claims being settled), dunning and debt collection. We receive some of this data from you (e.g. when you make payments), but also from credit agencies and debt collection agencies as well as from publicly accessible sources (e.g. the commercial register).
Behavioral and preference data
Depending on the relationship we have with you, we try to get to know you better and better tailor our products, services and offers to you. To this end, we collect and use data about your behavior and preferences. We do this by evaluating data about your behavior on our websites and, if necessary, supplementing this data with data from third parties, including from publicly accessible sources. On this basis, we can, for example, calculate the probability that you will use certain services or behave in a certain way. Some of the data processed for this purpose is already known to us (e.g. when you use our services) or we obtain this data by recording your behavior (e.g. how you navigate our website or by determining your movement profile through the use of your cell phone). We anonymize or delete this data when it is no longer relevant for the purposes pursued, which can be between 3 years (for movement profiles) and 5 years (for product and service preferences), depending on the type of data. This period may be longer if this is necessary for evidentiary purposes, to comply with legal or contractual requirements or for technical reasons. We describe how tracking works on our website in section 12.
Behavioral data is information about certain actions, e.g. about your reaction to electronic communication (e.g. whether and when you opened an email) or about your location as well as about your interaction with our social media profiles and your participation in competitions, contests and similar events. For example, we may collect your location data wirelessly via unique codes sent by your cell phone or when you use our website. We will inform you of the collection of such anonymous movement profiles at the respective locations by means of appropriate signs; we will only create a personalized movement profile with your consent.
Preference data provides us with information about your needs, which products or services might interest you or when and how you are likely to react to messages from us. We obtain this information from the analysis of existing data, such as behavioral data, so that we can get to know you better, better tailor our advice and offers to you and improve our offers overall. To improve the quality of our analyses, we can link this data with other data that we also receive from third parties such as address dealers, authorities and from publicly accessible sources such as the Internet, e.g. with information on your household size, income class and purchasing power, shopping behavior and contact details of relatives as well as anonymized data from statistical offices.
Behavioral and preference data can be evaluated on a personal basis (e.g. to show you personalized advertising), but also on a non-personal basis (e.g. for market research or product development). Behavioral and preference data can also be combined with other data (e.g. movement data can be used for contact tracing as part of a health protection concept).
Other data
We also collect data from you in other situations. For example, data (such as files, evidence, etc.) is collected in connection with official or legal proceedings, which may also relate to you. We may also collect data for health protection reasons (e.g. as part of protection concepts). We may receive or create photos, videos and audio recordings in which you are recognizable (e.g. at events, through security cameras, etc.). We may also collect data about who enters certain premises when or has corresponding access rights (including as part of access controls, based on registration data or visitor lists, etc.), who participates in events or campaigns when or who uses our infrastructure and systems when. The retention period of this data depends on the purpose and is limited to what is necessary. This ranges from a few days for many security cameras and usually a few weeks for contact tracing data to visitor data, which is usually kept for 5 years, to event reports with images, which can be kept for several years or longer.
You provide us with much of the data mentioned in this section 3 yourself (e.g. via forms, as part of communication with us, in connection with contracts, when using the website, etc.). You are not obliged to do so unless there is an official order or a legal obligation. If you wish to conclude contracts with us or make use of services, you must also provide us with data as part of your contractual obligation in accordance with the respective contract, in particular master data, contract data and registration data. When using our website, the processing of technical data is unavoidable. In order to gain access to certain systems or buildings, you must provide us with registration data. In the case of behavioral and preference data, however, you always have the option of objecting or not giving your consent.
We only make certain services available to you if you provide us with registration data because we or our contractual partners want to know who is using our services or who has accepted an invitation to an event, because it is technically necessary or because we want to communicate with you. If you or a person representing you (e.g. your employer) wish to conclude or fulfill a contract with us, we must collect corresponding inventory, contract and communication data from you and process technical data if you wish to use our website or other digital services for this purpose. If you do not provide us with the data required for the conclusion and performance of the contract, you must expect that we will refuse to conclude the contract, that you will commit a breach of contract or that we will not perform the contract. Likewise, we can only send you an answer to your inquiry if we process the relevant communication data and - if you communicate with us online - technical data if necessary. It is also not possible to use our website without providing us with technical data.
Unless prohibited, we also obtain data from publicly accessible sources (e.g. debt collection register, land register, commercial register, media or internet including social media) or from other third parties (e.g. credit agencies, address dealers, associations, exhibitors and other contractual partners, internet analysis services, etc.).
The categories of personal data that we receive about you from third parties include, in particular, data from public registers, data that we receive in the context of official or judicial proceedings, data in connection with your professional functions and activities (so that we can, for example (e.g. so that we can conclude and process transactions with your employer with your help), data about you from correspondence and meetings with third parties, credit information (insofar as we conclude transactions with you personally), data about you that people in your environment (family, advisors, legal representatives, etc.) provide to us so that we can conclude contracts with you. ) so that we can conclude or process contracts with you or with your involvement (e.g. references, your address for deliveries, powers of attorney), information about you from the media and the Internet (insofar as this is appropriate in a specific case, e.g. as part of an application, marketing/sales, press review, etc.), your address and, if applicable, interests and other socio-demographic data (in particular for marketing and research) as well as data in connection with the use of third-party websites and online offers, insofar as this use can be attributed to you.
4 For what purposes do we process your data?
We process your data for the purposes of communicating with you, in particular to respond to inquiries and to assert your rights (section 11) and to contact you in the event of queries. For this purpose, we use in particular communication and inventory data as well as registration data in connection with the offers and services you use. We store this data to document our communication with you, for training purposes, for quality assurance and for queries.
This includes all purposes in the context of which you and we communicate, be it in the context of customer support or advice, for authentication when using the website or for training and quality assurance purposes (e.g. in the area of customer service). We process communication data in order to be able to communicate with you by email, telephone, messenger services, chat, social media, letter and fax. Communication with you usually takes place in connection with other processing purposes, e.g. so that we can provide services or respond to an inquiry. Our data processing also serves as proof of the communication and its content.
We process data to establish, manage and process contractual relationships.
We conclude contracts of various kinds with our business and private customers, with suppliers, subcontractors or other contractual partners such as project partners or parties in legal disputes. In particular, we process master data, contract data and communication data and, under certain circumstances, registration data of the customer or of persons to whom the customer provides a service. These may be, for example, visitors to events who receive vouchers and invitations from our customers and who may themselves become our customers when they redeem them. In this case, we process the data for contract processing with these visitors, but also with the inviting contractual partners.
As part of the business initiation process, personal data - in particular master data, contract data and communication data - is collected from potential customers or other contractual partners (e.g. in an order form or contract) or results from communication. We also process data in connection with the conclusion of the contract to check creditworthiness and to establish the customer relationship. In some cases, this data is checked to fulfill legal requirements.
As part of the processing of contractual relationships, we process data to maintain the customer relationship, to provide and demand contractual services (this also includes the involvement of third parties such as logistics companies, security companies, advertising service providers, banks, insurance companies or credit agencies, which may in turn provide us with data), for advice and for customer support. The enforcement of legal claims arising from contracts (debt collection, legal proceedings, etc.) is just as much a part of this as bookkeeping, the termination of contracts and public communication.
We process data for marketing purposes and to maintain relationships, e.g. to send our customers and other contractual partners (personalized) advertising about our own and third-party products and services (e.g. from exhibitors or guest trade fairs organized by third parties). This may, for example, take the form of newsletters and other regular contacts (electronically, by post, by telephone, via other channels for which we have your contact details), but also as part of individual marketing campaigns (e.g. events, competitions, prizes, etc.) and may also include free gifts (e.g. invitations, vouchers, etc.). You can object to such contacts at any time (see the end of this section 4) or refuse or revoke your consent to be contacted for advertising purposes. With your consent, we can target our online advertising to you more effectively (see section 11). Finally, we would also like to enable our contractual partners to contact our customers and other contractual partners for advertising purposes (see section 6).
For example, with your consent, we will send you information, advertising and product offers from us and from third parties (e.g. exhibitors, sponsors, event/trade fair partners) in printed, electronic or telephone form. For this purpose, we primarily process communication and registration data. Like most companies, we personalize communication in order to provide you with (individual) information and offers that meet your needs and interests. For this purpose, we link the data we process about you, determine preference data and use this as the basis for personalization. We also process data in connection with competitions, prize draws and similar events.
Relationship management also includes addressing existing customers and their contacts in a personalized manner based on behavioral and preference data. As part of relationship management, we may also operate a Customer Relationship Management System ("CRM") in which we store the data of customers, suppliers and other business partners required for relationship management, e.g. on contact persons, relationship history (e.g. on products and services purchased or supplied, interactions, etc.), and the data of customers, suppliers and other business partners.
All this processing is not only important for us to advertise our offers as efficiently as possible, but also to make our relationships with customers and other third parties more personal and positive, to focus on the most important relationships and to use our resources as efficiently as possible.
We may process your data for market research purposes, to improve our services and processes and for product development.
We strive to constantly improve our products and services (including our website) and to be able to react quickly to changing needs. We therefore analyze, for example, how you navigate our website or which products are used by which groups of people and in what way, and how new products and services can be designed (for details, see section 11). This gives us an indication of the market acceptance of existing products and services and the market potential of new products and services. In particular, we process master data, behavioral data and preference data, but also communication data and information from customer surveys, polls and studies as well as other information, e.g. from the media, social media, the internet and other public sources. Where possible, we use pseudonymized or anonymized data for these purposes. We may also use media monitoring services or conduct media monitoring ourselves and process personal data in order to carry out media work or to understand and respond to current developments and trends.
We use anonymized location data, for example, to identify hotspots and optimize visitor flows, to offer dynamic pricing for stand placements, to sell exhibitors statistics on numbers, length of stay and frequency, to give visitors recommendations for their visit to the trade fair (e.g. to avoid peak times). With your consent, we use non-anonymized location data to inform you of interesting exhibitors and products in your vicinity based on your position, to infer your interests from the location data (length of stay) and to inform you which exhibitors other visitors with similar interests have visited.
We may also process your data for security and access control purposes.
We continually review and improve the appropriate security of our IT and other infrastructure. Like all companies, we cannot rule out data security breaches with absolute certainty, but we do our best to minimize the risks. We therefore process data, for example, to monitor, control, analyze and check our networks and IT infrastructures, for system and error checks, for documentation purposes and as part of backup copies. Access control includes controlling access to electronic systems (e.g. login to user accounts) as well as physical access control (e.g. access to trade fairs). For security purposes (preventive and to investigate incidents), we also keep access logs and visitor lists and use surveillance systems (e.g. security cameras). We indicate surveillance systems at the relevant locations by means of appropriate signs.
We process personal data to comply with laws, official orders and recommendations as well as internal regulations ("compliance").
For these purposes, we process master data, contract data, registration data and technical data in particular, as well as behavioral and communication data. For example, as part of our financial management, we need to monitor our debtors and creditors and prevent us from becoming victims of crime and abuse, which may require the evaluation of data according to corresponding patterns. As part of the planning of our resources and the organization of our operations, we need to evaluate and process data about the use of our services and other offerings or exchange related information with third parties (e.g. outsourcing partners), which may include your data. The same applies to services that third parties provide for us. As part of our corporate development, we may sell businesses, parts of businesses or companies to others or acquire them from others or enter into partnerships, which may also lead to the exchange and processing of data (including from you, e.g. as a customer or supplier or as a supplier representative).
We may process your data for other purposes, e.g. for our internal processes, application procedures and administration.
These other purposes include, for example, training and further education purposes, administrative purposes (e.g. master data management, accounting and data archiving as well as the review, management and ongoing improvement of the IT infrastructure), the protection of our rights (e.g. for the judicial, pre-court and out-of-court assertion of claims and for the defense of claims before authorities at home and abroad, e.g. by preserving evidence, legal clarifications and participation in judicial or official proceedings) as well as the evaluation and improvement of internal processes. This also includes the protection of other legitimate interests, which cannot be listed exhaustively.
5 On what basis do we process your data?
Insofar as we obtain your consent for certain processing (e.g. for the processing of particularly sensitive personal data, for marketing mailings, for the creation of personalized movement profiles and for advertising control and behavior analysis on the website), we will inform you separately about the respective purpose of the processing. You can withdraw your consent at any time with effect for the future by notifying us in writing (by post) or, unless otherwise stated or agreed, by email; our contact details can be found in section 2. For information on withdrawing your consent to online tracking, see section 11. If you have a user account, you can also withdraw your consent or contact us via the respective website or service. Once we have received the withdrawal of your consent, we will no longer process your data for the purposes for which you originally gave your consent, unless there is another legal basis. The withdrawal of your consent does not affect the lawfulness of processing based on consent before its withdrawal.
If we do not ask you for your consent to processing, we base the processing of your personal data on the fact that the processing is necessary for the establishment or content of a contract with you (or the entity you represent) or that we or third parties have a legitimate interest in the processing, in particular in order to pursue the purposes and associated objectives mentioned in section 4 and to be able to carry out corresponding measures. This also includes the fulfilment of legal requirements, insofar as their fulfilment is not already recognized as a legal basis by the applicable data protection law. However, this also includes the marketing of our products and services, the interest in better understanding our markets and the secure and efficient management and further development of our company, including our business operations.
6 Who do we share your data with?
In connection with our contracts, the website, our services and products, our legal obligations or otherwise to protect our legitimate interests and the other purposes mentioned in section 4, we also transfer your personal data to third parties, in particular to the following categories of recipients:
Service providers
We work together with service providers who process data about you on our behalf or under joint responsibility with us or who receive data about you from us under their own responsibility (e.g. IT providers, shipping companies, advertising service providers, login service providers, cleaning companies, security companies, banks, insurance companies, debt collection companies, credit agencies or address verifiers). For the service providers used for the website, see also section 11. Central service providers for us in the IT area include Google Apps, Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland,(https://policies.google.com/privacy?hl=de), Bexio; bexio AG, 8640 Rapperswil,(https://www.bexio.com/de-CH/richtlinien/datenschutz) and Hubspot Inc. Hubspot.com, Inc, 2 Canal Park, Cambridge, MA 02141,(https://legal.hubspot.com/privacy-policy?), in the area of ticketing the company Ticketino AG, 6039 Root,(https://www.ticketino.com/de/DataProtection#), Infomaniak AG, Lausanne(https://www.infomaniak.com/de/agb/regelung-allgemeine-schutz-daten) and in the area of the organization and implementation of events in connection with exhibitors the company Profairs or web//Contact GmbH, 75334 Straubenhardt, Germany (https://www.profairs.de/de/datenschutz/). In order to operate our website, we must transmit certain personal data to our hosting provider, Hubspot (https://legal.hubspot.com/de/terms-of-service).
To enable us to provide our products and services efficiently and focus on our core competencies, we use third-party services in numerous areas. These include, for example, IT services, information dispatch, marketing, sales, communication or printing services, security and cleaning services, organization and implementation of events and receptions, debt collection, credit agencies, address checks (e.g. to update address databases when moving), services of consulting firms, lawyers, banks, insurance companies and telecommunications companies. We provide these service providers with the data required for their services, which may also relate to you. These service providers may also use this data for their own purposes, e.g. information about outstanding debts and your payment history with credit agencies or anonymized information to improve their services. We also conclude contracts with these service providers that contain provisions on data protection, insofar as this does not arise from the law.
Contractual partners including customers
These are primarily our customers (e.g. exhibitors, guest organizers, sponsors, visitors, etc.) and other contractual partners, as the transfer of data results from these contracts. For example, they receive registration data on vouchers, tickets, invitations, etc. that have been issued and redeemed. If you yourself work for such a contractual partner, we may also transfer data about you to them in this context. Recipients also include contractual partners with whom we cooperate or who advertise for us and to whom we therefore transmit data about you for analysis and marketing purposes (these may in turn be exhibitors and guest organizers, but also sponsors and providers of online advertising, for example). We require these partners to only send you advertising or place advertising based on your data if you have consented to this (for the online area, see section 11).
If you work for a company with which we have concluded a contract, the processing of this contract may result in us informing the company, for example, how you have used our service. Cooperation and advertising contract partners receive selected master, contract, behavioral and preference data from us so that they can carry out non-personal evaluations in their area (e.g. about the visitors they have received at our events) and also use the data for advertising purposes (including targeting you). For example, exhibitors should be able to communicate with suitable other customers of ours and send them advertising.
Authorities
We may transfer personal data to offices, courts and other authorities in Switzerland and abroad if we are legally obliged or entitled to do so or if this appears necessary to protect our interests. The authorities process the data they receive from us on their own responsibility.
Cases of application are, for example, criminal investigations, police measures (e.g. health protection concepts, combating violence, etc.), supervisory requirements and investigations, legal proceedings, reporting obligations and pre- and extrajudicial proceedings as well as statutory obligations to provide information and cooperate. Data may also be transferred if we wish to obtain information from public authorities, e.g. to justify an interest in obtaining information or because we need to provide information about whom we require information (e.g. from a register).
Other persons
This includes other cases in which the involvement of third parties arises from the purposes listed under point 4, e.g. service recipients, media and associations with whom we work, or if you are part of one of our publications.
Other recipients are, for example, delivery recipients or third-party payees specified by you, other third parties also in the context of agency relationships (e.g. if we transmit your data to your lawyer or your bank) or parties involved in official or legal proceedings. If we cooperate with the media and transmit material (e.g. photos) to them, you may also be affected under certain circumstances. The same applies to the publication of content (e.g. photos, interviews, quotes, etc.), e.g. on our website or in other publications. As part of our corporate development, we may sell or acquire businesses, parts of businesses, assets or companies or enter into partnerships, which may also result in the disclosure of data (including from you, e.g. as a customer or supplier or as a supplier representative) to the persons involved in these transactions. In the course of communication with our competitors, industry organizations, associations and other bodies, data may also be exchanged that also concerns you.
All these categories of recipients may in turn involve third parties, so that your data may also become accessible to them. We can restrict the processing by certain third parties (e.g. IT providers), but not the processing by other third parties (e.g. authorities, banks, etc.).
We reserve the right to disclose this data even if it is confidential data (unless we have expressly agreed with you that we will not disclose this data to certain third parties, unless we are legally obliged to do so). Irrespective of this, your data is subject to appropriate data protection even after disclosure in Switzerland and the rest of Europe. The provisions of section 7 apply to disclosure to other countries. If you do not wish certain data to be disclosed, please let us know so that we can check whether and to what extent we can comply with your wishes.
In many cases, the disclosure of confidential data is also necessary in order to process contracts or provide other services. As a rule, confidentiality agreements do not exclude such data disclosure, nor does disclosure to service providers. However, depending on the sensitivity of the data and other circumstances, we ensure that these third parties handle the data appropriately. We cannot take into account your objection to the transfer of data if the data transfer in question is necessary for our business activities.
We also allow certain third parties to collect personal data from you on our website and at events organized by us (e.g. press photographers at trade fairs, exhibitors in connection with their stands, providers of tools that we have integrated on our website, etc.). Insofar as we are not significantly involved in this data collection, the responsibility lies exclusively with these third parties. If you have any questions or wish to assert your data protection rights, please contact these third parties directly. For the website, see section 11.
7. is your personal data also transferred abroad?
As a rule, no. However, we cannot rule out the possibility that third-party providers and contractual partners of ours may transfer some of your data abroad. If third parties do this, they are obliged to comply with the relevant legal provisions.
If a recipient is located in a country without an adequate legal level of data protection, we contractually oblige the recipient to comply with data protection (we use the standard contractual clauses of the European Commission for this purpose), unless the recipient is already subject to a legally recognized regulation to ensure data protection and we cannot rely on an exemption clause.
Please also note that data exchanged via the Internet is often routed via third countries. We have no influence over this. Your data may therefore be sent abroad even if the sender and recipient are located in the same country.
8 How long will your data be processed?
We process your data for as long as required by our processing purposes, statutory retention periods and our legitimate interests in processing for documentation and evidence purposes or as long as storage is necessary for technical reasons. For more information on the respective storage and processing periods, please refer to the individual data categories in section 3 or the cookie categories in section 11. Provided there are no legal or contractual obligations to the contrary, we delete or anonymize your data after the storage or processing period has expired as part of our usual processes.
Documentation and evidence purposes include our interest in documenting processes, interactions and other facts in the event of legal claims, discrepancies, for the purposes of IT and infrastructure security and to demonstrate good corporate governance and compliance. Retention may be required for technical reasons if certain data cannot be separated from other data and we therefore have to retain it together with this data (e.g. in the case of backups or document management systems).
9 We protect your data
We take appropriate security measures to ensure the confidentiality, integrity and availability of your personal data, to protect it from unauthorized or unlawful processing and from loss, unintentional alteration, unauthorized disclosure or unauthorized access.
Security precautions of a technical and organizational nature include, for example, measures such as the encryption and pseudonymization of data, logging, access restrictions, storage of backup copies, instructions to our employees, confidentiality agreements and controls. We protect your data transmitted via our website during transportation by means of suitable encryption mechanisms. However, we can only secure areas that we control. We also require our processors to take appropriate security measures. However, it is generally not possible to completely rule out security risks; residual risks are unavoidable.
10 Your rights
Under certain circumstances, the applicable data protection law gives you the right to object to the processing of your data, in particular for the purposes of direct marketing and other legitimate interests in processing.
In order to guarantee you control over the processing of your personal data, you also have the following rights in connection with our data processing, depending on the applicable data protection law:
- the right to request information from us as to whether we are processing data about you and, if so, which data;
- the right to have us correct incorrect data;
- the right to request the deletion of data;
- the right to request that we provide you with certain personal data in a commonly used electronic format or transfer it to another controller
- the right to withdraw consent where our processing is based on your consent
- the right to receive, on request, further information useful for exercising these rights;
If you wish to exercise the aforementioned rights against us, please contact us in writing, in person or, unless otherwise stated or agreed, by e-mail; our contact details can be found under point 2. In order to prevent misuse, we must identify you (e.g. by means of a copy of your identity card, if this is not otherwise possible).
You are also entitled to these rights vis-à-vis other bodies that work with us under their own responsibility - please contact them directly if you wish to assert rights in connection with their processing. Information on our most important cooperation partners and service providers can be found under point 6, further information under point 11.
Please note that these rights are subject to conditions, exceptions or restrictions under the applicable data protection law (e.g. to protect third parties or business secrets).
In particular, it may be necessary for us to process and store your personal data in order to fulfill a contract with you, to protect our own legitimate interests, such as the assertion, exercise or defense of legal claims, or to fulfill legal obligations. To the extent permitted by law, in particular to protect the rights and freedoms of other data subjects or to protect legitimate interests, we may therefore refuse a request from the data subject in whole or in part (e.g. by redacting certain content relating to third parties or our business secrets). We may also restrict or reject requests for information if the request for information is manifestly unfounded, in particular if it pursues a purpose contrary to data protection law or is manifestly unlawful.
If you do not agree with our handling of your rights or data protection, please let us know or contact our data protection officer (Section 2).
11. do we use online tracking and online advertising technologies?
We use various technologies on our website that enable us and third parties commissioned by us to recognize you when you use our website and, under certain circumstances, to track you over several visits. We will inform you about this in this section.
Essentially, this is so that we can distinguish your accesses (via your system) from the accesses of other users in order to ensure the functionality of the website and to be able to carry out evaluations and personalization. We do not want to infer your identity, even if this is possible, insofar as we or third parties engaged by us can identify you through the combination with registration data. Even without registration data, however, the technologies used are designed in such a way that you are recognized as an individual visitor each time you visit the site, e.g. by our server (or a third party server) assigning you or your browser a specific identification number (so-called "cookie").
Cookies are individual identifiers (e.g. a serial number) which our server or a server of our service provider or advertising contract partner transmits to your system when you connect to our website and which your system (browser, cell phone) accepts and stores until the programmed expiry date. Each time you access our website again, your system transmits these codes to our server or the server of the third party. This allows you to be recognized, even if your identity is unknown.
Other techniques can also be used to recognize you with a greater or lesser degree of probability (i.e. to distinguish you from other users), e.g. "fingerprinting". Fingerprinting combines your IP address, the browser you are using, the screen resolution, the language selection and other information that your system communicates to each server to form a more or less unique fingerprint. In this way, cookies can be avoided.
Every time you access a server (e.g. when using a website or an app or because an image is visibly or invisibly integrated in an email), your visits can therefore be "tracked". If we integrate offers from an advertising contract partner or a provider of an analysis tool on our website, they can track you in the same way, even if you cannot be identified in individual cases.
We use such technologies on our website and allow certain third parties to do the same. However, depending on the purpose of these techniques, we may ask for your consent before we use them. You can program your browser to block, redirect or delete existing cookies or alternative technologies. You can also add software to your browser that blocks tracking by certain third parties. You can find more information on this in the help section of your browser (usually under the heading "Data protection") or on the websites of the third parties listed below.
A distinction is made between the following cookies (the other technologies are included here):
Required cookies
Some cookies are necessary for the website as such or for certain functions to work. For example, they ensure that you can switch between pages without losing information that you have entered in a form. They also ensure that you remain logged in. These cookies are only temporary ("session cookies"). If you block them, the website may not work. Other cookies are necessary so that the server can save the decisions or entries you have made beyond one session (i.e. one visit to the website) if you use this function (e.g. selected language, consent given, function for automatic log-in, etc.).
Performance cookies
We use cookies to record and analyze the use of our website, possibly even beyond the session, in order to optimize our website and the associated offers and to better tailor them to the needs of users. We use third-party analysis services for this purpose. These are listed below. Before we use such cookies, we will ask for your consent. Further information can be found on the websites of the third-party providers.
Marketing cookies
We and our advertising partners have an interest in targeting advertising, i.e. only showing it to the people we want to target. We have listed our advertising partners below. For this purpose, we and our advertising contract partners also use cookies - if you have consented to this - with which content accessed or contracts concluded can be recorded. This enables us and our advertising contract partners to display advertising on our website, but also on other websites that show advertising from us or our advertising contract partners, which we can assume is of interest to you. If you agree to the use of these cookies, you will be shown the relevant advertising. If you do not agree to the use of these cookies, you will not receive less advertising, but only different advertising.
In addition to marketing cookies, we use other techniques to control online advertising on other websites in order to reduce wastage. For example, we can pass on the email addresses of our users, customers and other people to whom we wish to display advertising to operators of advertising platforms (e.g. social media). If these people are registered there with the same email address (which the advertising platforms determine through a comparison), the operators will display the advertising we have placed specifically to these people. The operators do not receive the email addresses of people who are not yet known. However, in the case of known email addresses, they will find out that these people are in contact with us and what content they have accessed.
We may also integrate other third-party offers on our website, in particular from social media providers. These offers are usually deactivated by default. As soon as you activate them (e.g. by clicking a button), the respective providers can recognize that you are on our website. If you have an account with the provider, they can assign this information to you and thus track your use of online services. The internet providers process this data on their own responsibility.
We currently use offers from the following service providers and advertising contract partners (insofar as they use data from you or cookies set by you for advertising control), including
Google Analytics
The provider of the "Google Analytics" service is Google LLC. Google Ireland Ltd (together "Google") is responsible for the purposes of the GDPR and the FADP. Google tracks the behavior of visitors to our website (length of stay, frequency of page views, geographical origin of access, etc.) using performance cookies (see above) and compiles reports for us on the use of our website on this basis. We have configured the service so that the IP addresses of visitors to Google in Europe are truncated before being transmitted to the USA and therefore cannot be traced. Google provides us with reports and can therefore be regarded as our processor, but also processes data for its own purposes. Google may be able to draw conclusions about the identity of visitors from the data collected, create personal profiles and link this data to the Google accounts of these persons. You should assume this processing if you agree to the use of performance cookies. You can find information on Google Analytics data protection here and if you have a Google account, you can find further information on processing by Google here.
Hubspot CRM
The provider of the service is Hubspot.com, Inc, 2 Canal Park, Cambridge, MA 02141, United States. Hubspot CRM enables us to deliver targeted and secure advertising via the Marketing Cloud based on our CRM data. This allows us to offer you suitable advertising and find new customers whose interests and preferences are similar to those of our customers ("look like your customers"). Advertising networks such as Google, Facebook, Instagram and Twitter can be targeted with relevant advertisements. Information on data protection at Hubspot can be found here:https://legal.hubspot.com/privacy-policy?
Google Ads (formerly Google Adwords)
We use the Google Ads Conversion service to draw attention to our products with the help of advertising material (so-called Google Ads) on external websites. We can use the data from the advertising campaigns to determine how successful the individual advertising measures were. We are interested in showing you advertising that is relevant to you and making our website more interesting for you. The advertising is delivered via so-called ad servers from Google. For this purpose, we use ad server cookies, with the help of which certain parameters for measuring success, such as the display of advertising or clicks by you, can be measured. If you access our website via a Google ad, Google Ads will store a cookie on your device. These cookies generally lose their validity after 30 days and are not intended to identify you personally. The unique cookie ID, the number of ad impressions per placement (frequency), the last impression (relevant for post-view conversions) and opt-out information (marking that the user no longer wishes to be addressed) are usually stored in this cookie as analysis values.
We also use the remarketing function within the Google Ads service. The remarketing function enables us to show you ads tailored to your interests on other websites within the Google advertising network (in Google search or on YouTube, so-called "Google ads" or on other websites). For this purpose, your interaction on our website is analyzed, e.g. which offers you were interested in, in order to be able to show you targeted advertising on other sites even after you have visited our website. For this purpose, Google stores cookies on your end device with which you visit certain Google services or websites in the Google Display Network. These cookies are used to log your visits. The cookies are used to uniquely identify a web browser on a specific end device and not to identify a person.
You can find more information on data protection at Google at http://www.google.com/intl/de/policies/privacy and https://services.google.com/sitestats/de.html. Alternatively, you can also visit the website of the Network Advertising Initiative (NAI) at http://www.networkadvertising.org.
12. what data do we process on our pages in social networks?
We may operate pages and other online presences ("fan pages", "channels", "profiles", etc.) on social networks and other platforms operated by third parties and collect the data about you described in section 3 et seq. there. We receive this data from you and the platforms when you contact us via our online presences (e.g. when you communicate with us, comment on our content or visit our presence). At the same time, the platforms evaluate your use of our online presences and link this data with other data about you that is known to the platforms (e.g. about your behavior and preferences). They also process this data for their own purposes under their own responsibility, in particular for marketing and market research purposes (e.g. to personalize advertising) and to control their platforms (e.g. which content is displayed to you).
We receive data about you when you communicate with us via online presences or view our content on the corresponding platforms, visit our online presences or are active there (e.g. post content, make comments). These platforms also collect technical data, registration data, communication data, behavioral data and preference data from you or about you (for the terms, see section 3). These platforms regularly statistically evaluate how you interact with us, how you use our online presence, our content or other parts of the platform (what you view, comment on, "like", forward, etc.) and link this data with other information about you (e.g. information on age and gender and other demographic data). In this way, they also create profiles about you and statistics about the use of our online presences. They use this data and profiles to show you our or other advertising and other content on the platform in a personalized way and to control your behaviour on the platform, but also for market and user research and to provide us and others with information about you and the use of our online presence. We can partially control the evaluations that these platforms create about the use of our online offerings.
We process this data for the purposes described in section 4, in particular for communication, marketing (including advertising on these platforms) and market research. Please refer to section 5 for the relevant legal bases. We may redistribute content that you publish yourself (e.g. comments on an advertisement) ourselves (e.g. in our advertising on the platform or elsewhere). We or the operators of the platforms can also delete or restrict content from or about you in accordance with the usage guidelines (e.g. inappropriate comments).
Further information about processing by the platform operators can be found in the platforms' data protection notices. There you can also find out in which countries they process your data, what rights of access, erasure and other rights of data subjects you have and how you can exercise these or obtain further information. We currently use the following platforms, among others
We are also represented on Facebook. Facebook Ireland Ltd, Dublin, Ireland, is responsible for the operation of the platform for users from Europe. Their privacy policy can be viewed at https://de-de.facebook.com/privacy/policy/.
Functions of the Instagram service may be integrated on our websites. These functions are offered by Instagram Inc, 1601 Willow Road, Menlo Park, CA 94025, USA. Instagram's privacy policy can be viewed here: https://privacycenter.instagram.com/policy/?section_id=0-WhatIsThePrivacy
YouTube
Videos from YouTube may be embedded on our websites. The operator of the service is Google Ireland Limited ("Google"), Gordon House, Barrow Street, Dublin 4, Ireland (https://www.YouTube.com/t/contact_us).
We would like to point out that you use this YouTube page and its functions at your own risk. This applies in particular to the use of interactive functions (e.g. commenting, sharing, rating).
When you visit our YouTube page, YouTube collects, among other things, your IP address and other information that is stored on your PC in the form of cookies. This information is used to provide us, as the operator of the YouTube pages, with statistical information about the use of the pages. YouTube provides more information on this at the following link: https://www.youtube.com/static?gl=DE&template=terms&hl=de
The data collected about you in this context is processed by Google Ireland Limited and may be transferred to countries outside the European Union. What information Google receives and how it is used is described by Google in general terms in its privacy policy. There you will also find information on how to contact YouTube and the settings options for advertising. The data usage guidelines are available at the following link: https://policies.google.com/privacy
13. can this privacy policy be changed?
This privacy policy is not part of a contract with you. We may change this privacy policy at any time. The version published on this website is the current version.
The French, Italian and English versions of the privacy policy have been translated by machine. The original German version takes precedence in all cases.