Section 1 — Definitions and contact information
1. “Personal data” is all data that relates to you personally or can be related to you personally, for example your name, address, email addresses or user behaviour.
2. The data controller is Freiburg Wirtschaft Touristik und Messe GmbH & Co. KG.
The data controller can be reached as follows:
Address: Neuer Messplatz 3, 79108 Freiburg
Phone: +49 761 3881 - 02
Fax: +49 761 3881 - 3006
3. The data Protection Officer of the FWTM Freiburg Wirtschaft Touristik und Messe GmbH & Co. KG ist the licensed lawyer for data protection Marc E. Evers.
Address: DataSEKure Rechtsanwaltsgesellschaft mbH, Burgunder Str. 20, 79104 Freiburg
Telefon: +49 761 3876955
Section 2 — Purpose of data processing and legal basis
1. Collection of personal data during visits to the website
When the website is used purely for information purposes, i.e. when you visit our website, we do not process any personal data, with the exception of the data that your browser transfers to enable you to visit the website. This means that we only store access data in files known as server log files, which are stored until they are automatically erased. Access data includes:
- IP address
- Date and time of access
- Time difference from Greenwich Mean Time (GMT)
- Content of the request (specific page)
- Access status / HTTP status code
- Quantity of data transmitted
- Website from which the request comes
- Operating system and interface
- Language and version of browser software.
We process the data listed for the following purposes:
- To ensure the website can establish a smooth connection
- To ensure the website can be used comfortably
- To evaluate system security and stability, and
- For other administrative purposes.
The legal basis for data processing is Article 6 para. 1 sentence 1 (f) of the General Data Protection Regulation (GDPR). Our legitimate interest is derived from the data collection purposes listed above. We never use the data collected for the purpose of drawing conclusions about you.
2. Collection of images or videos of individuals at events
Photos and videos are taken during events held in the rooms and open spaces used by Freiburg Wirtschaft und Touristik GmbH & Co. KG. As such, photos or videos may be taken in which individual visitors or organisers can be recognised. These photos and videos are collected for the purpose of presenting the events in brochures and press reports and on social media channels and FWTM websites.
This serves the purposes of our legitimate and, on balance, overriding interests in depicting the event for advertising purposes and in addressing our customers pursuant to Article 6 para. 1 sentence 1 (f) GDPR. We never use the data collected for the purpose of drawing conclusions about you.
Section 3 — Who receives your data
1. Your data will not be transferred to third parties without your explicit consent. We sometimes use external service providers to process your data. We carefully select and instruct these service providers, and they are bound to our instructions and are subject to regular checks. We will not transfer your personal data to third parties for any purposes other than those listed below.
We will only transfer your personal data to third parties if:
- You have given express consent pursuant to Article 6 para. 1 sentence 1 (a) GDPR,
- Data transfer is required for the establishment, exercise or defence of legal claims, and there is no reason to assume that you have an overriding legitimate interest in your data not being transferred, pursuant to Article 6 para. 1 sentence 1 (f) GDPR,
- Transfer is necessary for compliance with a legal obligation pursuant to Article 6 para. 1 sentence 1 (c) GDPR, and
- This is legally admissible and is necessary for the performance of a contract to which you are party pursuant to Article 6 para. 1 sentence 1 (b) GDPR.
2. We may also pass on your personal data to third parties in the event that we offer special promotions, competitions, the conclusion of contracts or similar services in collaboration with partners. You will receive more detailed information on this when you provide us with personal data or in the description of the offer in question.
3. If any of our service providers or partners are headquartered in a state outside of the European Economic Area (EEA), we will inform you of the implications of this in the description of the offer.
Section 4 — Duration of storage of your data
1. If you contact us by email, we will store the data you share with us (your email address and possibly your name and telephone number) so that we can reply to you. Once it is no longer necessary for us to store the data we receive in this context, we will erase it, or limit its processing if it is subject to statutory retention obligations.
2. Your data which we store will also be stored for the duration of the ongoing business relationship with you. In the event that this contractual relationship comes to an end or that you exercise the rights listed in Section 5, your data will be treated in accordance with the right or rights which you have exercised as set out in Section 5, and may be erased, unless a longer retention period is required by law.
Section 5 — Your rights
1. Right of access and right to rectification, erasure, restriction of processing, or data transmission
You have the right to obtain information from us at any time regarding the data concerning you which we store, as well as the origin of the data, the recipients or categories of recipients to whom this data is passed on and the purpose of storage.
You have the right to have the personal data which we store rectified or erased, or to have the processing of this data restricted, at any time, unless this is opposed by statutory retention periods.
You have the right to receive the personal data which you have provided to us, in a structured, commonly used and machine-readable format, or to request the transmission of these data to another controller.
2. Right to object or withdraw consent to the processing of your data at any time
(1) If you have given consent to the processing of your data, you can withdraw this consent at any time. Withdrawal of consent will affect the permissibility of processing your personal data from the point in time at which you communicate this withdrawal of consent to us.
(2) To the extent that we process your personal data based on the balancing of interests, you can object to this processing. This is the case in particular when the processing is not necessary for the performance of a contract with you, which is explained by us in the following description of functions. If you choose to exercise your right to object, please state the reason why you do not want us to continue processing your personal data in the way that we have done. When you communicate your objection and justification, we will assess the matter and will either cease or modify the processing of your data, or demonstrate to you the compelling legitimate grounds on which we shall continue this processing.
(3) You can of course object at any time to the processing of your personal data for the purposes of advertising and data analysis.
3. Right to lodge a complaint with a data protection authority
If you do not agree with our handling of the data concerning you which we store, you have the right to lodge a complaint with the competent data protection authority.
Section 6 — Cookies
2. Cookies store information that is generated in connection with the specific device used. However, this does not mean that we can directly identify you.
3. One purpose of using cookies is to make the use of our website more comfortable for you. For example, we use “session cookies” to detect that you have already visited individual pages on our website. These are automatically deleted once you have left our website.
4. To improve usability, we also use temporary cookies that are stored on your device for a specified period of time. If you visit our website again, it will automatically detect that you have already visited. It will also detect what submissions you have made previously and what settings you have configured, so that you will not need to re-enter this information.
6. The data processed by cookies is necessary for the purposes mentioned above in order to safeguard legitimate interests pursued by us or by a third party pursuant to Article 6 para. 1 sentence 1 (f) GDPR.
7. Most internet browsers accept cookies automatically. However, you can configure your browser so that no cookies are stored on your computer, or so that a message always appears before a new cookie is stored. Disabling cookies completely may prevent you from using all of the features of our website.
Section 7 — Use of MATOMO
We use the open-source software Matomo to analyse and statistically evaluate the use of the website. Cookies are used for this purpose (see Section 6). Cookies are text files that are stored on your computer to enable us to analyse how you use our website.
The information on website use produced by cookies is transferred to our server and, using pseudonyms, is consolidated into use profiles. The information is used to evaluate use of the website and to make it possible to structure our website according to user requirements. The information is not transferred to third parties.
The IP address is never associated with any other data concerning the user. The IP addresses are made anonymous so that it is not possible to match them to a user (IP masking).
Your visit to this website is currently being recorded by Matomo web analysis. Click here (https://matomo.org/docs/privacy/) to discontinue the recording of your visit.
Section 8 — Newsletter
1. You can choose to subscribe to our newsletter so that we can inform you about current interesting offers. The goods and services which are advertised in the newsletter are stated in the declaration of consent.
2. We use rapidmail to send our newsletter. Your data will therefore be transferred to rapidmail GmbH. However, rapidmail GmbH is prohibited from using your data for purposes other than dispatching the newsletter. rapidmail GmbH is not permitted to transfer or sell your information. rapidmail is a German certified newsletter software provider which we carefully selected in accordance with the requirements of the GDPR and the German Data Protection Act. A commissioned data processing agreement was concluded with rapidmail GmbH in compliance with Article 28 GDPR.
For newsletter subscriptions, rapidmail uses the “double opt-in” method. This means that, after you subscribe to the newsletter, an email will be sent to the email address you have provided asking you to confirm that you would like to receive the newsletter.
Your information will be stored by rapidmail until you confirm your subscription. The purpose of this procedure is to create proof of your subscription and to be able to resolve any potential misuse of your personal data.
3. The only information which we require in order to send the newsletter is your email address. Following your confirmation, rapidmail will store your email address as well as your IP address for the purpose of sending you the newsletter. The legal basis for this is Article 6 Paragraph 1 Sentence 1 (a) GDPR.
4. We use rapidmail to send our newsletter. Your data will therefore be transferred to rapidmail GmbH. However, rapidmail GmbH is prohibited from using your data for purposes other than dispatching the newsletter. rapidmail GmbH is not permitted to transfer or sell your information. rapidmail is a German certified newsletter software provider which we carefully selected in accordance with the requirements of the GDPR and the German Data Protection Act. A commissioned data processing agreement was concluded with rapidmail GmbH in compliance with Article 28 GDPR.
5. You can withdraw your consent to the sending of the newsletter and unsubscribe from the newsletter at any time. You can withdraw consent by clicking on the link provided in every newsletter email (unsubscribe from newsletter), or by sending us a message using the contact information provided under “Imprint” on our website.
6. Please note that we will analyse your user behaviour when we send you the newsletter. To enable this analysis, the emails which we send contain “web beacons” or “tracking pixels”, which represent single-pixel image files that are stored on our website. To carry out the analysis, we combine the data listed in Section 2 and the web beacons with your email address and an individual ID. The data will only be collected in pseudonymised form, which means that the IDs will not be combined with other personal data belonging to you and it will not be possible to directly identify you.
The information will be stored for as long as you subscribe to the newsletter. With the exception of your email address, all stored personal data will be deleted after you unsubscribe.
Section 9 — Use of social media plug-ins
Social media plug-ins (“plug-ins”) provided by social networks are used on our website. This serves the purposes of our legitimate and, on balance, overriding interests in optimal marketing of our range of products and services pursuant to Article 6 para. 1 sentence 1 (f) GDPR.
In order to strengthen the protection of your data when you visit our website, plug-ins are not directly integrated into the page but are embedded via an HTML link (using the “Shariff” solution developed by c’t). This means that, when you visit pages on our website containing plug-ins of this kind, this will not automatically create a connection with the servers of the social network provider in question. If you click on one of the buttons, a new browser window will open and will display the site of the relevant service provider, where you will be able to click the “like” or “share” button, for example (you may first need to enter your login details). Please consult the privacy statements of the service providers for information on the purpose and scope of data collection and the further processing and use of the data by the providers on their sites, as well as your rights in this regard and the settings which you can use to protect your privacy.
Section 10 — Data security
When you visit our website, your security is protected by the widely used SSL (Secure Sockets Layer) technology combined with the highest level of encryption which is supported by your browser. This is generally 256-bit encryption. If your browser does not support 256-bit encryption, we will instead use 128-bit v3 technology. If an individual page of our website is being transmitted in encrypted form, the key or lock depicted in the lower status bar of your browser will be shown as closed or locked.
We also take appropriate technical and organisational safety precautions in order to protect your data against accidental or deliberate manipulation, partial or complete loss, destruction or unauthorised access by third parties. We are continuously improving our safety precautions in line with technological developments.
Last updated April 2019