Data privacy statement

Any collection, processing and use (hereinafter "use") of data is solely for the purpose of providing our services. The services of Event Destinations GmbH have been designed to use as little personal information as possible. For that matter, "personal data" is understood as all individual details about a person or factual circumstances of an identifiable natural person (so-called "affected person").

The following statements on data protection describe what types of data are collected when accessing our website, what happens with these data and how you may object to data usage.

Person Responsible (controller)

Responsible within the meaning of the EU General Data Protection Regulation (GDPR) is:

Event Destinations GmbH
Obentrautstr. 55
10963 Berlin

Tel:     +49 30 5697 7464
Fax:    +49 30 5697 7463
E-Mail: team@event-destinations.com

Data Security Officer

The data security officer is:

Christian Scholtz of Webersohn & Scholtz GmbH

If you have questions about data protection, you can contact Webersohn & Scholtz at the following e-mail address:

event-destinations@ws-datenschutz.de

or by mail:

WS Datenschutz GmbH

Meinekestraße 13

D-10719 Berlin

www.ws-datenschutz.de

 

Which data will be used

When visiting our website, our web servers temporarily store every access in a log file. The following data is collected and stored until automated deletion:

  • Detection data of the browser and operating system used
  • Website from which access is made
  • Other data may be retrieved by our partners. You will find information about this below

The processing of this data serves: the purpose of enabling the use of the website (connection establishment), the system security, the technical administration of the network infrastructure, as well as to optimize the Internet site. The legal basis is Art. 6 para. 1 s. 1 lit. f) GDPR. The IP address is evaluated only in case of attacks on our network infrastructure or the network infrastructure of our Internet provider.

Furthermore, no input of your personal data is required to use our website.

Protection of your data

We have taken technical and organizational measures to ensure that the requirements of the EU General Data Protection Regulation (GDPR) are met by us, as well as, by external service providers working for us.

If we work with other companies to provide our services, such as email and server providers, this will only be done after an extensive selection process. In this selection process, each individual service provider is carefully selected for its suitability in terms of technical and organizational data protection skills. This selection procedure will be documented in writing and an agreement on the order processing of data (order processing contract) will only be concluded if the third party complies with the requirements of Art. 28 GDPR.

Your information will be stored on specially protected servers. Access to it is only possible for a few specially authorized persons. Our website is SSL/TLS encrypted, as can be seen by the https:// at the start of our URL.

Use of cookies

a) In addition to the aforementioned data, cookies are stored on your computer when you use our website. Cookies are small text files that are stored on your hard drive assigned to the browser you use. Through this the stored information flows to Event Destinations or the party that sets the cookie. Cookies cannot run programs or transmit viruses to your computer. Cookies are used to analyze the use of www.event-destinations.com in anonymized or pseudonymized form. Also, cookies enable personalized advertisements on this website.

This website uses the following types of cookies. The extend and function of which are explained below:

- Transient cookies (see b)

- Persistent cookies (c)

b) Transient cookies are automatically deleted when you close the browser. These include session cookies. Transient cookies store your session ID, with which various requests from your browser can be assigned to the common session. This will allow your computer to be recognized when you return to our website. The session cookies are deleted when you log out or close the browser.

c) Persistent cookies are automatically deleted after a specified period of time, which may differ depending on the cookie.

You can delete the cookies in the security settings of your browser at any time. Please be aware that you may not be able to use all features of this site, when deleting the cookies from your browser history. The setting of cookies can be prevented by appropriate settings in the user's Internet browser at any time.

This processing is legally based on Art. 6 para. 1 s. 1 lit. f) GDPR. Our legitimate interests are to provide a stable connection and an easy, uninterrupted user experience for the visitors of our website. Also, we evaluate all visits of our website. This happens for safety, improvement and stability reasons.

Deletion of personal data

We process personal data only if necessary. As soon as the purpose of the data processing is fulfilled, deletion of the data is carried out according to the standards of the deletion concept, unless legal regulations oppose this.

Contact

Via the website www.event-destinations.com it is possible to contact us via e-mail. This will require different data to answer the request, which will be automatically saved for processing. Your data will not be passed on to third parties, unless you have given your consent.

The legal basis depends on what the reason for your request is: Therefor data processing will be based on Art. 6 para. 1 s. 1 lit. a) GDPR or Art. 6 para. 1 s. 1 lit. b) GDPR.

Registration on the website

The data subject can register on our website. This requires the data subject to enter personal data in the registration form. The following data is at least collected for this: first and last name, email address, postal code, city, country, language and phone number. The user can optionally specify the following data: postal address, working position, title. The information provided by the data subject in the registration mask will be used exclusively for processing and will not be disclosed to third parties.

During and after the registration, the data subject is free to change, correct or delete their personal data.

If the data subject enters mandatory personal data in the registration form, the legal basis of the data processing is based on Art. 6 para. 1 s. 1 lit. b GDPR. However, if the user also enters personal data in the optional input field, the data processing is based on Art. 6 para. 1 s. 1 lit. a GDPR.

Newsletter

On our website www.event-destinations.com we offer the opportunity to subscribe to our newsletter. When subscribing to the newsletter, personal data is requested for the purpose of processing the newsletter entry form. Input fields marked with a "*" are mandatory fields. These mandatory fields are necessary in order to send the affected person the newsletter. All other fields are to be filled voluntarily by the affected person, whereby it is expressly pointed out that these fields are not mandatory.

The newsletter has the function of informing the affected parties about offers and news from Event Destinations at regular intervals. The newsletter will be sent via e-mail. On request, a newsletter may also be sent by post. The newsletter is only received after registration for the newsletter. In order to meet the requirements of the GDPR, we use DOI (Double Opt-In). If the person concerned signs up for our newsletter, he will receive a confirmation e-mail on the electronic mailbox which he has named in the entry field. This e-mail contains a confirmation link that the affected person must click on. Following this procedure, the affected person has successfully registered for the newsletter. To perform the procedure, the IP address, date and time of login are stored. This is done in order to prevent abuses. We use a mailing service called “Mailjet”. Apart from this service your data will not be given to any third party.

The consent to processing personal data in order to receive the newsletter can be terminated at any time. For this purpose, the affected person can click on the integrated link in each newsletter to unsubscribe. It is also possible to inform Event Destinations about the revocation of the consent in any other way, e.g. via post or e-mail.

This processing is legally based on Art. 6 para. 1 lit. a) GDPR.

The use of social media on our website

We integrated social media platforms on our website via "plug-ins", which may result in social media providers receiving data from you if necessary. We will break this down for you in the following.

Facebook

Event Destinations integrated Facebook on the website. The Facebook button can be found on the website at the bottom right.

Responsible for Facebook is:

Facebook, Inc., 1 Hacker Way, Menlo Park, CA 94025, USA.

If an affected person lives outside the US or Canada and Facebook processes data, the person responsible is:

Facebook Ireland Ltd., 4 Grand Canal Square, Grand Canal Harbor, Dublin 2, Ireland.

If the user clicks on the Facebook button, the website is accessed by Facebook. By accessing Facebook through the website of Event Destinations, Facebook will receive the respective reference data of Event Destinations. Through this Facebook receives the information that the user has visited the website of Event Destinations. The plug-ins used by Facebook can be accessed at:

https://developers.facebook.com/docs/plugins/?locale=en_US

If, at the time of visiting Event Destinations' website, the user is logged in on Facebook (it does not matter if it is their own Facebook account), Facebook receives further information, such as which pages the user has visited on Event Destinations’ website. Facebook collects this information, so theoretically it is possible to assign this information to the Facebook account. The same applies to the "Like" button or when using the comment field; Facebook can also assign this information to the respective logged-in Facebook account.

To prevent this, the user has to visit www.event-destinations.com after logging off from Facebook. For this the user has to log out via the website Facebook.com.

For more information on the topic of data protection on Facebook, we refer to the following data policy of Facebook:

https://www.facebook.com/about/privacy/

Google+

Event Destinations uses Google+. This is visible through a corresponding button at the bottom right of the website of Event Destinations.

Responsible Person is:

Google Inc., 1600 Amphitheater Pkwy, Mountain View, CA 94043-1351, USA.

The use of Google+ allows Google to gain information about which pages and subpages the user has accessed. More detailed information can be found under the following link:

https://developers.google.com/+/

If the user is logged in parallel to Google+ (it does not matter which account the user is logged in), Google recognizes that and can exactly understand on which subpages the user resides. This allows Google to draw conclusions about the user behavior.

To prevent this, the user has the opportunity to log out of MANDANT.com on Google+. This requires logging out of the Google+ website.

For more information about Google privacy notices, please refer to the following link:

https://policies.google.com/privacy?hl=en-GB&gl=de

For more information about the Google+ button, please refer to the link below:

https://developers.google.com/+/web/buttons-policy

Instagram

Event Destinations has integrated the services of Instagram on this website. Instagram can be reached via the button at the bottom right of the website of Event Destinations.

Responsible Person is:

Instagram LLC, 1 Hacker Way, Building 14 First Floor, Menlo Park, CA, USA.

If the user clicks on the Instagram button, the website is entered by Instagram. By accessing the Instagram website via Event Destinations website ("though clicking the button"), the relevant reference data of Event Destinations will be transmitted to Instagram. Instagram receives the information that the user has visited the website of Event Destinations.

If, at the time of visiting Event Destinations's website, the user is simultaneously logged in via an Instagram account (it does not matter which Instagram account is logged in), Instagram will receive further information, such as which pages of the user visited. Instagram collects this information, so theoretically there is the possibility to assign this information to the Instagram account.

To prevent this, the user has the opportunity to sign out on Instagram.

For more information on privacy, we refer to the following data policy from Instagram:

https://help.instagram.com/155833707900388

and

https://www.instagram.com/about/legal/privacy .

LinkedIn

Event Destinations has integrated LinkedIn components into its website. LinkedIn can be reached via the button at the bottom right of the website.

Responsible Person is:

LinkedIn Corporation, 2029 Stierlin Court Mountain View, CA 94043, United States.

If an affected person lives outside of the United States or Canada and LinkedIn processes personal data, the responsible person is:

LinkedIn Ireland, Privacy Policy Issues, Wilton Plaza, Wilton Place, Dublin 2, Ireland.

If the user clicks on the LinkedIn button, LinkedIn will visit the website. By accessing the LinkedIn website through the Event Destinations website, LinkedIn is provided with the relevant Event Destinations reference information. LinkedIn receives the information that the user has visited the website of Event Destinations. The plug-ins used by LinkedIn can be found at:

https://developer.linkedin.com/plugins

If, at the time of visiting Event Destinations' website, the user is logged in through a LinkedIn account at the same time (no matter if it's their own LinkedIn account), LinkedIn will get more information about what pages the user has visited. LinkedIn collects this information, so there is a theoretical possibility to associate that information to the LinkedIn account.

To prevent this, the user must log out via the LinkedIn website.

For more information about privacy at LinkedIn, we refer to the following LinkedIn data policy:

https://www.linkedin.com/legal/privacy-policy

Twitter

Event Destinations uses Twitter. The Twitter button can be found on the website at the bottom right.

Responsible Person is:

Twitter, Inc., 1355 Market Street, Suite 900, San Francisco, CA 94103, United States.

If the user clicks on the Twitter button, the website is entered by Twitter. By entering the website of Twitter through the website of Event Destinations, Twitter will be provided with the respective reference data of Event Destinations. Twitter receives the information that the user has visited the website of Event Destinations.

If, at the time of visiting the Event Destinations website, the user is logged in at the same time via a Twitter account (it does not matter if it is their own Twitter account), Twitter will receive further information, i.e. which pages the user has visited on the website. Twitter collects this information, so theoretically it is possible to assign this information to the Twitter account.

To prevent this, the user must log out via the Twitter website.

For more information on privacy on Twitter, we refer to the following data policy from Twitter:

https://twitter.com/en/privacy

Xing

Event Destinations has integrated XING components on its website. XING can be reached via the button at the bottom right of the website.

Responsible Person is:

XING SE, Dammtorstrasse 30, 20354 Hamburg, Germany.

If the user clicks on the XING button, the website will be entered by XING. By accessing the website of XING via the website of Event Destinations, XING receives the respective reference data from Event Destinations. XING receives the information that the user has visited the website of Event Destinations. The plug-ins used by XING can be found at:

https://dev.xing.com/plugins

If, at the time of visiting Event Destinations' website, the user is logged in on a XING account (it does not matter if it is your own XING account), XING will receive further information such as on what pages the user visited the website. XING collects this information, so theoretically it is possible to associate this information with the XING account.

To prevent this, the user must log out via the XING website.

For more information on data protection at XING, we refer to the following data policy of XING:

https://privacy.xing.com/en/privacy-policy

YouTube

YouTube Video

Event Destinations has integrated the services of YouTube on its website.

Responsible person is:

YouTube LLC , 901 Cherry Avenue, San Bruno, CA 94066, USA,

represented by

Google LLC., 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA.

When you visit www.event-destinations.com with embedded videos, your IP address will be sent to YouTube and cookies will be installed on your computer. If you are logged in to YouTube, your data, such as IP address and provider used, is assigned to your user account (you can prevent this by logging out of YouTube before clicking the video). Event Destinations has no influence on any possible collection or use of your data by YouTube.

For more information about privacy, please refer to the following data policy of YouTube:

https://www.google.de/intl/de/policies/privacy/  

The legal basis for this data processing is Art. 6 para. 1 s. 1 lit. f GDPR. We use YouTube to make our company better known.

Tracking and analytics

For the continuous improvement of our website www.event-destinations.com we use the following tracking and analysis tools. Which personal data is processed in each case and how you can reach the respective service providers, you will find below:

Amazon CloudFront

Our website uses Amazon CloudFront. This is a Java Script code from the Amazon Web Services company that will be reloaded on the page when you open it. It is a Content Delivery Network (CDN).

Responsible person is:

Amazon Web Services, Inc., P.O. Box 81226, Seattle, WA 98108, USA (Amazon CloudFront – Content Delivery Network (CDN)

If you have enabled JavaScript in your browser and have not installed a Java Script Blocker, your browser may submit personal information to Amazon CloudFront. A CDN is a service that helps deliver content from our website, especially large media files, such as graphics or scripts, using regionally distributed and Internet-connected servers. The processing of the data place exclusively for the aforementioned purposes and to maintain the security and functionality of the CDN.

 

Use is made based on our legitimate interests. Our interest in a secure and efficient provision, analysis and optimization of our online offer acc. Art. 6 para. 1 lit. f. DSGVO.

For further information please refer to: https://aws.amazon.com/de/privacy/?nc1=f_pr

To prevent this Java based processing of your data you can install a java blocker. (e.g.   http://www.noscript.net  or http://www.ghostery.com ).

Google Analytics

The website www.event-destinations.com uses Google Analytics. This is a service for analyzing access to websites of Google LLC. ("Google") and allows us to improve our website. Legal basis is the Art. 6 para 1 s. 1 lit. f) GDPR. Our interest is to provide a compatible website and to optimize our online services.

Responsible Person is:

Google LLC., 1600 Amphitheater Pkwy, Mountain View, CA 94043-1351, USA.

Cookies enable us to analyze your use of our website. The information collected by a cookie (IP address, access time, access duration) is transmitted to a Google server in the USA and stored there. The evaluation of your activities on our website is transmitted to us in the form of reports. Google may pass on the collected information to third parties, if required by law or if third parties process this data on behalf of Google. The Google tracking codes of our Internet offer use the function "_anonymizeIp ()", thus IP addresses are processed only shortened, in order to exclude a possible direct personal link to you.

You can also prevent the installation of cookies from Google Analytics by setting your browser software accordingly. In this case, however, it may happen that you cannot fully use all the features of our website. Also through browser extensions e.g. http://tools.google.com/dlpage/gaoptout?hl=en Google Analytics can be disabled and controlled.

At https://www.google.com/intl/en/policies/

As well as under

https://www.google.com/analytics/terms/de.html

You can find out more about the terms of use and privacy of Google Analytics.

Google Tag Manager

Google Tag Manager is a solution that allows us to manage web site tags through one interface (including Google Analytics and other Google marketing services in our website). The tag manager itself (which implements the tags) does not process users' personal data. Regarding the processing of users' personal data, reference is made to the details of the Google services. Google Tag Manager usage policies can be viewed here:

https://www.google.com/intl/de/tagmanager/use-policy.html 

NewRelic

This website uses NewRelic. This is Analysis tool for web services.

Responsible person is:

New Relic Inc., 101 Second Street, 15th Floor, San Francisco, CA 94105

This service allows statistical evaluation of the speed of accessing our website. Through a plugin, NewRelic receives the information that a user has accessed the corresponding website. If you are logged in as a NewRelic user, NewRelic can assign the visit to your account. If you are not a member of NewRelic, there is still the possibility that NewRelic will learn and store your IP address.

The data processing is based on Art. 6 para. 1 p. 1 lit. f GDPR. Our legitimate interest is to monitor and ensure the speedy accessibility of our website.

For further information please refer to:

https://newrelic.com/privacy  

If you own a NewRelic account and you do not want NewRelic to collect data about you on our sites, you must log out of NewRelic before visiting our pages.

Tools for advertisement and marketing

Tools are also included on our website to ensure that our website is displayed to you during an internet search, as a relevant search result or as an advertisement. Below, the programs used in connection with our website have been broken down for you:

Google Ads

Event Destinations has integrated the services of Google AdWords on its website. Google AdWords is an internet advertising service. The legal basis is Art. 6 para. 1 s.1 lit. f) GDPR. In particular, Event Destinations uses Google AdWords to gain relevance in the results of Google's search engine.

Responsible Person is:

Google LLC., 1600 Amphitheater Pkwy, Mountain View, CA 94043-1351, USA.

If the user accesses the Event Destinations website through a Google ad, Google will set a so-called conversion cookie on the user's system. For the explanation of the cookies, please refer to the pass to the cookies. The conversion cookie is used to create and analyze web-use statistics. 30 days after setting the conversion cookie the cookie loses its validity. This means that the user can no longer be identified. Within these 30 days both Event Destinations and Google can track which subpages have been accessed. The conversion cookie stores the IP address when visiting the website. This data is stored in the USA. It is possible that Google will share this information with third parties.

The setting of cookies can be prevented by appropriate settings in the user's Internet browser at any time. The already set cookies can also be deleted in the settings of the Internet browser. We express our concern that preventing cookies from being set may mean that not all features are fully available.

The user may separately object to interest-based personalized advertising by Google. Please refer to the following link:

www.google.de/settings/ads

For further privacy notices of Google refer to:

https://policies.google.com/privacy?hl=en&gl=de

Other tools of third-party providers

We also use third-party providers to help us with the site's appearance and functionality. These are listed below:

Google Maps

This site uses the Google Maps map service via an API. It is operated by Google LLC., 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA. To use Google Maps, it is necessary to save your IP address. This information is generally transmitted to a Google server in the USA and stored there. The provider of this site has no influence on this data transfer. The legal basis is Art. 6 para. 1 s.1 lit. f) GDPR. The use of Google Maps is in the interest of making our website appealing and to facilitate the location of places specified by us on the website.

Further information about handling user data, can be found in the data protection declaration of Google at:

https://www.google.de/intl/de/policies/privacy/.

Google Web Fonts

Event Destinations uses web fonts provided by Google for uniform representation of fonts on the website.

Responsible Person is:

Google LLC, 1600 Amphitheater Parkway, Mountain View, CA 94043, USA.

When you call up a page, your browser loads the required web fonts into your browser cache to display texts and fonts correctly. To do this, the browser you use must connect to Google's servers. As a result, Google learns that our website has been accessed via your IP address. The use of Google Web Fonts is in the interest of a consistent and attractive presentation of our online services. The legal basis is Art. 6 para. 1 s.1 lit. f) GDPR. The reason for us using Google web fonts is our interest to make our website vivid and user-friendly.

If your browser does not support web fonts, a default font will be used by your computer.

For more information about Google Web Fonts, see

https://developers.google.com/fonts/faq

and in Google's privacy policy:

https://www.google.com/policies/privacy/ .

Service providers from third countries

In order to be able to provide our services, we use the support of service providers from third party countries (non-EU countries). In order to ensure the protection of your personal data in this case, we conclude processing contracts with each - carefully selected - service provider. All of our processors provide sufficient guarantees to implement appropriate technical and organizational measures. Our third country data processors are either located in a country with an adequate level of data protection (Art. 45 GDPR) or provide appropriate safeguards (Art 46 GDPR). Below you may find our categories of processors, the country they are located at and the safeguards or guarantees they provide.

We use the support of the following providers:

  • Tracking service and Analysis Service, USA, member of the EU-US Privacy Shield

EU-US Privacy Shield: The Privacy Shield is an agreement between the United States of America and the European Union to ensure compliance with European privacy standards. For more information, see: https://www.privacyshield.gov/participant?id=a2zt000000001L5AAI&status=Active https://www.privacyshield.gov/participant?id=a2zt0000000TNPiAAO&status=Active https://www.privacyshield.gov/participant?id=a2zt0000000TOWQAA4&status=Active

Your rights

You have the following rights with respect to the personal data concerning you:

- Right to information,

- Right to rectification or deletion,

- Right to restriction of processing,

- Right to object to the processing,

- Right to data transfer,

- Right on confirmation.

In the case of a request for information, you must provide sufficient information about your identity and provide proof that it is your personal data. The information relates to data that has been stored regarding your person, the origin of the data, the recipient or the categories of recipients to which data has been transmitted and the purpose of the storage. To exercise these rights, please contact our Privacy Officer, which is mentioned at the beginning of the Privacy Policy.

If you have given your consent to the processing of your data, you can revoke at any time. Such revocation will affect the admissibility of processing your personal data by us.

Insofar as we base the processing of your personal data on the weighting of interests, you may object to the processing. This is the case if processing your data is not required to fulfill a contract with you, which is explained in the following description of the functions. In the event of such a revocation, we ask you to explain the reasons why we should not process your personal data. In the case of your justified objection, we will examine the situation and will either stop processing your data, adapt the data processing or point out to you our compelling legitimate reasons on which we continue the processing.

Of course, you may object to the processing of your personal data for advertising and data analysis purposes at any time. You may contact us or our responsible data security officer via the contact details stated at the beginning of the Privacy Policy.

How you perceive these rights

To exercise these rights, please contact our data security officer:

Christian Scholtz from Webersohn & Scholtz GmbH

event-destinations@ws-datenschutz.de

or by mail:

WS Datenschutz GmbH

Meinekestraße 13

D-10719 Berlin

supervisory authority

Without prejudice to any other administrative or judicial remedy, you shall have the right to complain to a supervisory authority in the Member State of its residence, place of work or place of alleged infringement, if you believe that the processing of your personal data infringes on the GDPR.

The supervisory authority to which the complaint has been submitted shall inform the complainant of the status and results of the complaint, including the possibility of a judicial remedy according to Article 78 GDPR.

Subject to change

We reserve the right to change this privacy policy in compliance with legal requirements.

September 2018