Online Events Data protection notice

With this data protection notice, we inform you (in the following text also referred to as “user” or “data subject”) in a general way about the data processing within the framework of our online events.

Galileo Global Education Germany GmbH or Macromedia GmbH collects, processes and uses your personal data in compliance with the guidelines of the General Data Protection Regulation (“GDPR”) as well as the Federal Data Protection Act (“BDSG”).

 

1. The data controllers are:

Galileo Global Education Germany GmbH and Macromedia GmbH, Sandstraße 9, 80335 Munich, respectively.

The data protection officers for Macromedia GmbH and Galileo Global Education Germany GmbH can be reached via e-mail at datenschutz@gge-germany.de.

 

2. Categories of personal data

Personal data is information that can be used to find out personal or factual circumstances about you, such as name, address, telephone number or e-mail address. Information with which we cannot establish a connection to you is generally not personal data.

The following categories of data are processed by us as part of the execution of the online events (hereinafter the “Data”):

  • Inventory data (e.g. Names, addresses, functions, place of birth, country of birth, date of birth, organisational affiliation, etc.);
  • Contact details (e.g. E-mail, telephone/fax number etc.);
  • Content data (e.g. Text entries, image files, videos etc.);
  • Study related data (e.g. Certificates, CV, courses, exams)
  • Meeting metadata (e.g. participant IP addresses, device/hardware information)

 

3. Purposes and legal bases of data processing

Your personal data will only be used for the purpose of participating in online events, for example

  • Events for applicants and students such as
    • Sales presentations (presentation of the university and the courses offered),

      • Introduction days (information on the start of studies for all first semesters),

    • International Days (information regarding the semester abroad),
    • Career Days (information about internships and career opportunities),
    • Completion (Closing ceremonies for Bachelor’s and Master’s graduates)
  • Teaching events such as
    • Symposia (e.g. international expert discussions on various current topics of teaching),
  • Corporate events such as
    • cross-location teaching events (e.g. Faculty council meetings)
    • Christmas parties and other celebrations.

Your personal data will be used or processed exclusively for the purposes of contract execution, compliance with legal regulations, as well as for consulting and support purposes.

The legal basis for data processing is Art. 6 para. 1 sentence 1 lit. b) of the GDPR: processing is necessary for the performance of a contract to which the data subject is party or in order to take steps at the request of the data subject prior to entering into a contract.

 

4. Recipients or categories of recipients of personal data

To the extent that we disclose data during processing to other persons and companies, such as web hosts, processors, or third parties, send it to them or otherwise grant them access to the data, this shall be done on the basis of a legal authorisation (e.g. When a transfer of data to a third party is necessary for the fulfilment of a contract in accordance with Art. 6 para. 1 lit. b GDPR), if the persons concerned have agreed to this, or a legal obligation provides for this. In particular, this includes companies, partner universities and event participants.

 

5. Cooperation with data processors

As with any larger company, we also use external domestic and foreign service providers (e.g. for IT, telecommunications, sales, marketing) to handle our business transactions.

If your personal data is passed on by us to our subsidiaries or passed on to us by our subsidiaries (for example for advertising purposes), this is done on the basis of existing order processing relationships.

 

6. Transmission to third parties

Personal data will be transmitted to third parties if

  • according to Art. 6 para. 1 sentence 1 letter a) of the GDPR, the data subject has expressly consented to this,
  • the disclosure thereof is necessary for the establishment, exercise or defence of legal claims pursuant to Art. 6 para. 1 sentence 1 letter f) of the GDPR, and there is no reason to believe that the data subject has an overriding legitimate interest in not disclosing his or her data,
  • there is a legal obligation to transmit data in accordance with Art. 6 para. 1 sentence 1 letter c) of the GDPR, and/or
  • this is necessary for the fulfilment of a contractual relationship with the data subject in accordance with Art. 6 para. 1 sentence 1 letter b) of the GDPR.

In other cases, personal data will not be transferred to third parties.

 

7. Transmission to third countries

We do not transmit your data to third countries. If we transmit data to a third country (i.e. outside the European Union (EU) or the European Economic Area (EEA)) in the context of the use of third-party services or disclosure, or transfer of data to third parties, this only takes place if it is done to fulfil our (pre-)contractual obligations, on the basis of your consent, on the basis of a legal obligation or on the basis of our legitimate interests. Subject to legal or contractual permissions, we process data, or allow the data to be processed, in a third country only in the event of the existence of the specific conditions of Art. 44 et seq. GDPR i.e. the processing takes place, for example, on the basis of specific guarantees such as the officially recognised establishment of one of the EU compliant data protection levels or compliance with official recognised special contractual obligations (so-called “standard contractual clauses”).

 

8. Duration of retention of personal data

The criterion for the duration of storage of personal data is the respective statutory retention period. After the expiry of the deadline the corresponding data is deleted provided it is no longer necessary for achieving the purpose, fulfilment of the contract or contract initiation.

 

9.   Your rights

As a data subject, you have the following rights:

  • Pursuant to Art. 7 para. 3 of the GDPR, to revoke your one-time-only consent you have granted to us at any time.
  • Pursuant to Art. 15 of the GDPR, to request information about your personal data processed by us. In particular, you can request to be informed about the processing purposes, the category of personal data, the categories of recipients to whom your data has been disclosed, or will be disclosed, the source of the data, if it was not collected by us, as well as the existence of automated decision-making including profiling and, where appropriate, meaningful information about the details;
  • pursuant to art. 16 of the GDPR, to request immediate correction of incorrect data, or completion of your personal data stored by us;
  • pursuant to art. 17 of the GDPR, to request the erasure of your personal data stored with us insofar as the processing is not necessary for the exercise of the right to freedom of expression and information, for the fulfilment of a legal obligation, for reasons of public interest or assertion, exercise of defence of legal claims;
  • pursuant to art. 18 of the GDPR, to request e restriction of the processing of your personal data insofar as you dispute the accuracy of the data, the processing is unlawful, but you reject its deletion and we no longer require the data, you, however, require it for the assertion, exercise, or defence of legal claims or in the event that you have filed an objection to the processing in accordance with art. 21 of the GDPR;
  • pursuant to art. 20 of the GDPR, if the conditions exist, you can request to receive your personal data that you have provided to us in a structured, commonly used and machine-readable format or request their transmission to another controller and
  • pursuant to art. 77 of the GDPR, you can lodge a complaint with a supervisory authority. As a rule, you can contact the supervisory authority assigned to your usual place of residence or work, or to our place of business.

The restrictions of §§ 34 and 35 of the Federal Data Protection Act (BDSG) apply to the right of access and the right of deletion. Processing would be necessary even after objection in accordance with art. 21 of the GDPR if we can demonstrate compelling legitimate grounds for the processing that outweigh the interests, rights and freedoms of the data subject, or if the processing is carried out for the purposes of asserting, exercising or defending legal claims.

To exercise the rights described above, please contact our business address or our Data Protection Officer in writing at the following email: datenschutz@gge-germany.

 

10. Right to objection

If your personal data are processed based on legitimate interests in accordance with Art. 6 para. 1 p. 1 lit. f. GDPR, you have the right to file an objection against the processing of your personal data in accordance with Art. 21 GDPR, provided that there are reasons for this arising from your particular situation.

If you would like to exercise your right of objection it is sufficient to send an e-mail to datenschutz@gge-germany.de.

 

11. Hopin

a) To carry out our online events (see point 3), we use the Hopin online platform.

Hopin events are structured in such a way that you can participate virtually in an event /trade fair.

Depending on the event, we activate different functions:

  1. Reception: This is the virtual foyer of the event. Here you will find general information about the process of the virtual event. In addition you have a direct view of the current programme item.
  2. Stage: This is where the events that we live-stream take place. In the program, these are the events that take place on the “stage“. As a participant, you can interact with the speaker via the chat. However, you may not go on stage yourself, or actively turn on your camera and audio.
  3. Sessions: The sessions of the event are listed here. You can actively join sessions and share your audio/video (optional) or chat with other session participants. Some sessions may be recorded (audio + video only).
  4. Networking: Meet other participants. You will be matched at random and can chat with each other for up to 3 minutes.
  5. Chat: The side menu, incl. the chat is always active. There are two different chat areas as soon as you join the stage, a session or an exhibition area. On the one hand there is a chat for the respective area in which you currently find yourself. On the other hand there is the global event chat which is constantly visible for event participants. You can jump between the chat areas at your leisure.
  6. Attendance: The number displayed next to the green dot shows how many guests are currently attending the event.
  7. Notifications: If you receive a new notification a red dot will appear next to the “bell” icon.
  8. Profile: This is where you can personalise your profile. Fill in the information in order to share your “business card” with other attendees. Feel free to upload a photo so that the virtual event is a little more personal.
  9. Chat function: You can have private video and text chats with other participants. These are not audible and visible to other participants. To do this search for the corresponding name in the participant overview and click on that person. A private 1:1 chat window will open with the button “invite to video call”. A link will appear in the chat window which must be clicked by both participants. A private video call window will open. If you are contacted by other participants via private message a red dot will appear next to the “envelope” icon. Note: The link which was created for a 1:1 video chat can also be sent to other participants. This way 5 participants can talk with one another separately from the public sessions. This room is not audible and visible to other participants.
  10. Expo: Companies introduce themselves during the Expo. You can receive general information; often the booth is “live” and you can contact the booth representative via chat or audio/video function.

b) In order to participate in our events via Hopin you must create a user account for the online platform used. A user account is necessary in order to participate in virtual conferences/events. This information is necessary to properly conduct the digital conference/event. Data which you provide us with as part of your participation in the online event will not be forwarded to Hopin (cf. Items 5 -8 of these instructions). Hopin independently processes your data. According to Hopin the following personal data is requested as part of the registration process:

First name, last name, email address.

You can delete or manage your Hopin account independently at any time. The Hopin terms of use apply: https://hopin.com/terms

The Hopin Data protection notice can be found here: https://hopin.com/privacy

 

12. Integration of third-party content

On the event platform you will find so-called hyperlinks to websites of other providers. When activating these links you will be forwarded from our website directly to the websites of other providers. You will be able to recognise this by seeing the change in the URL, among other things.

We cannot accept any responsibility for the handling of your data by these providers on these external websites because we have no influence on these providers handle your personal data. Please inform yourself about this directly on the websites of the respective provider.

 

13. Current status of, and updating, this data privacy statement

This data privacy statement is dated 27 May 2021. We reserve the right to update the data privacy statement, in due time, in order to improve data protection and/or to adapt it to changed institutional practice or jurisprudence.

For reasons of readability reference to all possible genders will be omitted. The use of one form always also includes all other genders conceivable (m, f, q, etc.).