This Privacy Policy explains the nature, scope and purpose of the processing of personal data (hereinafter referred to as “data”) within our online offering and the associated websites, functions and content, as well as external online presences such as our social media profiles (hereinafter collectively referred to as “online offering”). With regard to the terminology used, such as “processing” or “controller”, we refer to the definitions in Art. 4 of the General Data Protection Regulation (GDPR).

Website Operator and Data Controller:

Reinbeckhallen Betriebs GmbH Reinbeckstr. 17 10459 Berlin Represented by the Managing Director Karsten Knobbe

E-Mail: event@reinbeckareal.de Web: www.reinbeckareal.de

Commercial Register: HRB 96779 B

Types of Data Processed Personal data (e.g. names, addresses), contact data (e.g. email, phone numbers), content data (e.g. text entries, photographs, videos), usage data (e.g. websites visited, interest in content, access times), meta/communication data (e.g. device information, IP addresses).

Purposes of Processing Provision of the online offering, its functions and content; responding to contact requests and communicating with users; security measures; reach measurement/marketing.

Definitions

“Personal data” means any information relating to an identified or identifiable natural person. A natural person is considered identifiable if they can be identified directly or indirectly, in particular by reference to an identifier such as a name, identification number, location data, online identifier (e.g. cookie) or one or more factors specific to their physical, physiological, genetic, mental, economic, cultural or social identity.

“Processing” means any operation or set of operations performed on personal data, whether or not by automated means. The term is broad and covers virtually any handling of data.

“Controller” means the natural or legal person, public authority, agency or other body which, alone or jointly with others, determines the purposes and means of the processing of personal data.

Applicable Legal Bases

In accordance with Art. 13 GDPR, we inform you of the legal bases for our data processing. Where the legal basis is not specified in this Privacy Policy, the following applies: the legal basis for obtaining consent is Art. 6(1)(a) and Art. 7 GDPR; for processing to fulfill our services and carry out contractual measures and respond to inquiries it is Art. 6(1)(b) GDPR; for processing to fulfill our legal obligations it is Art. 6(1)(c) GDPR; and for processing to protect our legitimate interests it is Art. 6(1)(f) GDPR. Where the processing of personal data is necessary to protect the vital interests of the data subject or another natural person, Art. 6(1)(d) GDPR serves as the legal basis.

Security Measures

We ask you to regularly review the content of our Privacy Policy. We update the Privacy Policy as soon as changes to our data processing activities make this necessary. We will inform you as soon as changes require your action (e.g. consent) or individual notification.

Collaboration with Processors and Third Parties

If we disclose, transfer or otherwise grant access to data to other persons or companies (processors or third parties) in the course of our processing, this is only done on the basis of a legal permission (e.g. where transfer of data to third parties such as payment service providers is required for contract performance under Art. 6(1)(b) GDPR), with your consent, pursuant to a legal obligation, or on the basis of our legitimate interests. Where we engage third parties to process data under a data processing agreement, this is done pursuant to Art. 28 GDPR.

Transfers to Third Countries

If we process data in a third country (i.e. outside the European Union or the European Economic Area), or if this occurs in the context of using third-party services or disclosing or transferring data to third parties, this only takes place to fulfill our (pre-)contractual obligations, on the basis of your consent, due to a legal obligation, or on the basis of our legitimate interests. Subject to legal or contractual permissions, we process or have data processed in a third country only where the specific requirements of Art. 44 et seq. GDPR are met – for example on the basis of specific safeguards such as an officially recognized finding of a data protection level equivalent to that of the EU (e.g. for the USA through the “Privacy Shield”) or compliance with officially recognized specific contractual obligations (so-called “standard contractual clauses”).

Rights of Data Subjects

You have the right to request confirmation as to whether relevant data is being processed and to obtain information about such data, as well as further information and a copy of the data pursuant to Art. 15 GDPR.

You have the right pursuant to Art. 16 GDPR to request the completion or correction of inaccurate data concerning you.

You have the right pursuant to Art. 17 GDPR to request the immediate erasure of relevant data, or alternatively pursuant to Art. 18 GDPR to request restriction of its processing.

You have the right to receive data concerning you that you have provided to us, and to request its transmission to other controllers, pursuant to Art. 20 GDPR.

You also have the right pursuant to Art. 77 GDPR to lodge a complaint with the competent supervisory authority.

Right of Withdrawal

You have the right to withdraw consent granted pursuant to Art. 7(3) GDPR with effect for the future.

Right to Object

You may object at any time to the future processing of data concerning you pursuant to Art. 21 GDPR. The objection may in particular be directed against processing for direct marketing purposes.

Cookies and Right to Object to Direct Marketing

“Cookies” are small files stored on users’ devices. Cookies can store various types of information. A cookie primarily serves to store information about a user (or the device on which it is stored) during or after their visit to an online offering. Temporary cookies, or “session cookies”, are deleted after a user leaves an online offering and closes their browser. Persistent cookies remain stored even after the browser is closed, allowing for example login status to be retained when users return after several days. Cookies can also store users’ interests for reach measurement or marketing purposes. “Third-party cookies” are cookies offered by providers other than the controller operating the online offering.

We may use both temporary and persistent cookies, as described in this Privacy Policy.

If users do not wish cookies to be stored on their device, they are asked to disable the relevant option in their browser settings. Stored cookies can be deleted in the browser settings. Disabling cookies may result in functional limitations of this online offering.

A general objection to the use of cookies for online marketing purposes can be declared for a large number of services, particularly in the case of tracking, via the US website http://www.aboutads.info/choices/ or the EU website http://www.youronlinechoices.com/. Cookies can also be disabled through browser settings. Please note that in this case not all functions of this online offering may be available.

Deletion of Data

Data processed by us is deleted or restricted in its processing in accordance with Art. 17 and 18 GDPR. Unless expressly stated in this Privacy Policy, stored data is deleted as soon as it is no longer required for its intended purpose and no statutory retention obligations prevent deletion. If data is not deleted because it is required for other legally permissible purposes, its processing is restricted – meaning the data is blocked and not processed for other purposes. This applies for example to data that must be retained for commercial or tax law reasons.

Under German law, retention applies in particular for 10 years pursuant to §§ 147(1) AO, 257(1) nos. 1 and 4, (4) HGB (books, records, management reports, accounting documents, commercial books, tax-relevant documents, etc.) and 6 years pursuant to § 257(1) nos. 2 and 3, (4) HGB (commercial correspondence).

Under Austrian law, retention applies in particular for 7 years pursuant to § 132(1) BAO (accounting documents, vouchers/invoices, accounts, records, business papers, income and expenditure statements, etc.), for 22 years in connection with real property, and for 10 years for documents relating to electronically supplied services, telecommunications, broadcasting and television services provided to non-entrepreneurs in EU member states for which the Mini-One-Stop-Shop (MOSS) is used.

Collection of Access Data and Log Files

We, or our hosting provider, collect data on the basis of our legitimate interests pursuant to Art. 6(1)(f) GDPR regarding every access to the server on which this service is located (so-called server log files). Access data includes the name of the website accessed, file, date and time of access, volume of data transferred, notification of successful access, browser type and version, the user’s operating system, referrer URL (the previously visited page), IP address and the requesting provider.

Log file information is stored for security purposes (e.g. to investigate misuse or fraud) for a maximum of 7 days and then deleted. Data whose further retention is necessary for evidentiary purposes is exempt from deletion until the relevant incident is finally resolved.

Registration, Participation in Competitions, Reservation of Places

Users may optionally create a user account, participate in competitions, register to receive further information, or reserve places for events (“registration”). Required mandatory information is communicated to users during registration. Data entered during registration is used for the purposes of using the offering. Users may be informed by email about offering- or registration-related changes, such as changes in scope or technical circumstances. If users cancel their account, their data will be deleted insofar as retention is not required for commercial or tax law reasons pursuant to Art. 6(1)(c) GDPR. It is the responsibility of users to back up their data prior to contract termination. We are entitled to permanently delete all data stored during the contract period.

In connection with our registration and login functions and use of the user account, we store the IP address and the time of the respective user action. Storage is based on our legitimate interests as well as those of users in protection against misuse and unauthorized use. This data is not passed on to third parties unless required to pursue our claims or there is a legal obligation pursuant to Art. 6(1)(c) GDPR. IP addresses are anonymized or deleted within 7 days at the latest.

Contact

When contacting us (e.g. via contact form, email, telephone or social media), users’ details are processed for the purpose of handling the contact request and its processing pursuant to Art. 6(1)(b) GDPR. Users’ details may be stored in a Customer Relationship Management system (“CRM system”) or comparable request management system.

We delete requests once they are no longer required. We review necessity every two years; statutory archiving obligations also apply.

Press Releases and Communications to Business Partners and Interested Parties

We send press releases to companies, editorial offices and service providers on the basis of our legitimate interests pursuant to Art. 6(1)(f) GDPR. Recipients are informed at every general point of contact of the possibility of objecting to such contact. Press releases and communications contain exclusively information from or about our business customers, their services, or our own services.

Newsletter

We send newsletters, emails and other electronic notifications containing promotional information (“newsletter”) only with recipients’ consent or a legal permission. Registrations for the newsletter are logged in order to demonstrate the registration process in accordance with legal requirements, including storage of the registration and confirmation time as well as the IP address.

To subscribe to the newsletter, it is sufficient to provide your email address. Optionally, we ask for a name for personalized address.

Newsletter dispatch and associated success measurement is based on recipients’ consent pursuant to Art. 6(1)(a) and Art. 7 GDPR in conjunction with § 7(2) no. 3 UWG, or on the legal permission pursuant to § 7(3) UWG.

Cancellation/Withdrawal – You may cancel receipt of our newsletter at any time, i.e. withdraw your consent. A cancellation link is included at the end of every newsletter. We may retain unsubscribed email addresses for up to three years on the basis of our legitimate interests before deleting them, in order to be able to demonstrate previously given consent. Processing of this data is restricted to the purpose of potentially defending against claims. An individual deletion request is possible at any time, provided the prior existence of consent is confirmed.

Dispatch Service Provider for Newsletters and Press Releases

Dispatch is carried out either via personal email or using the dispatch service provider “MailChimp”, a newsletter dispatch platform operated by The Rocket Science Group, LLC, 675 Ponce De Leon Ave NE #5000, Atlanta, GA 30308, USA. The service provider’s privacy policy is available at: https://mailchimp.com/legal/privacy/. The Rocket Science Group LLC d/b/a MailChimp is certified under the Privacy Shield Agreement, thereby guaranteeing compliance with European data protection standards. The service provider is engaged on the basis of our legitimate interests pursuant to Art. 6(1)(f) GDPR and a data processing agreement pursuant to Art. 28(3) sentence 1 GDPR.

The service provider may use recipients’ data in pseudonymous form – i.e. without assignment to a user – to optimize or improve its own services, for example for technical optimization of dispatch or for statistical purposes. The service provider does not use our newsletter recipients’ data to contact them directly or to pass it on to third parties.

Success Measurement

Newsletters and press releases contain a so-called “web beacon” – a pixel-sized file that is retrieved from our server (or that of our dispatch service provider) when the newsletter is opened. Technical information such as browser and system information, IP address and time of retrieval are collected. This information is used to technically improve services based on technical data or target groups and their reading behavior. Statistical surveys also include whether newsletters are opened, when they are opened and which links are clicked. For technical reasons this information can be attributed to individual recipients, however it is neither our intention nor that of the service provider to monitor individual users. The evaluations serve to identify reading habits and adapt content accordingly.

Google Analytics

We use Google Analytics, a web analytics service provided by Google LLC (“Google”), on the basis of our legitimate interests pursuant to Art. 6(1)(f) GDPR. Google uses cookies. Information generated by cookies about users’ use of the online offering is generally transferred to and stored on a Google server in the USA. Google is certified under the Privacy Shield Agreement. Google will use this information on our behalf to evaluate use of our online offering, compile reports on activity, and provide further services related to use of the online offering and the internet. Pseudonymous usage profiles may be created from the processed data.

We use Google Analytics only with activated IP anonymization, meaning users’ IP addresses are truncated by Google within EU member states or other EEA contracting states. Only in exceptional cases is the full IP address transmitted to a Google server in the USA and truncated there. The IP address transmitted by users’ browsers is not merged with other Google data. Users can prevent storage of cookies by adjusting their browser settings, and can also prevent collection and processing of cookie-generated data by downloading and installing the browser plugin available at: http://tools.google.com/dlpage/gaoptout?hl=en.

Users’ personal data is deleted or anonymized after 14 months.

Google Tag Manager

We use Google Tag Manager provided by Google Ireland Ltd., Gordon House, Barrow Street, Dublin 4, Ireland, and Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA. The Google Tag Manager is an auxiliary service that itself only processes personal data for technically necessary purposes. It manages the loading of other components which may in turn collect data. The Google Tag Manager does not access this data. Use of Google Tag Manager is based on Art. 6(1)(f) GDPR. We have a legitimate interest in being able to integrate various services in a simplified and structured manner.

Google Ads Conversion Tracking

We use conversion tracking provided by Google Ireland Ltd. and Google LLC (“Google”). When you click on a Google ad, a conversion tracking cookie is set. These cookies expire after 30 days and are not used for personal identification. If a user visits certain pages of this website while the cookie is still valid, Google and we can recognize that the user clicked on the ad and was redirected to this page. Each Google Ads customer receives a different cookie that cannot be tracked across the websites of other Google Ads customers. The information obtained via the conversion cookie is used to generate conversion statistics for Google Ads customers who have opted for conversion tracking.

Processing of your personal data is based solely on your consent pursuant to Art. 6(1)(a) GDPR. An opt-out option is available in our cookie notice. You may also object by deactivating the Google conversion tracking cookie in your browser under user settings.

Further information: https://policies.google.com/privacy?hl=en

Facebook Pixel, Custom Audiences and Facebook Conversion

We use the “Facebook Pixel” of the social network Facebook, operated by Facebook Inc., 1 Hacker Way, Menlo Park, CA 94025, USA, or for EU residents, Facebook Ireland Ltd., 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland (“Facebook”), on the basis of our legitimate interests. Facebook is certified under the Privacy Shield Agreement.

The Facebook Pixel enables Facebook to identify visitors to our online offering as a target audience for Facebook Ads. We use the Facebook Pixel to show our Facebook Ads only to those users who have shown interest in our online offering or who exhibit certain characteristics. The Facebook Pixel also allows us to track the effectiveness of Facebook ads for statistical and market research purposes by seeing whether users were redirected to our website after clicking a Facebook ad (“conversion”).

Data processing by Facebook is governed by Facebook’s data use policy: https://www.facebook.com/policy.php. Information on the Facebook Pixel: https://www.facebook.com/business/help/651294705016616.

You can object to collection by the Facebook Pixel and use of your data for Facebook Ads via: https://www.facebook.com/settings?tab=ads, http://www.aboutads.info/choices/ or http://www.youronlinechoices.com/. Settings apply across all devices.

Online Presence on Social Media

We maintain presences on social networks and platforms to communicate with active customers, prospects and users and to inform them about our services. The terms and conditions and data processing policies of the respective operators apply when accessing these networks and platforms. We process users’ data when they communicate with us within social networks, e.g. by posting on our presences or sending us messages.

Integration of Third-Party Services and Content

We integrate content and service offerings from third-party providers within our online offering on the basis of our legitimate interests pursuant to Art. 6(1)(f) GDPR, in order to embed their content and services such as videos or fonts (“content”). This always requires third-party providers to process users’ IP addresses, as they cannot send content to browsers without an IP address. We endeavor to use only content whose providers use the IP address solely for delivery. Third-party providers may also use pixel tags for statistical or marketing purposes. These “pixel tags” can be used to evaluate visitor traffic on this website. Pseudonymous information may also be stored in cookies on users’ devices.

Vimeo: We may embed videos from Vimeo Inc., Attention: Legal Department, 555 West 18th Street, New York, NY 10011, USA. Privacy policy: https://vimeo.com/privacy. Note that Vimeo may use Google Analytics.

YouTube: We embed videos from YouTube, provided by Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA. Privacy policy: https://www.google.com/policies/privacy/. Opt-out: https://adssettings.google.com/authenticated.

Google Fonts: We embed fonts from Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA. Privacy policy: https://www.google.com/policies/privacy/. Opt-out: https://adssettings.google.com/authenticated.

Google ReCaptcha: We embed the bot detection function (“ReCaptcha”) from Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA. Privacy policy: https://www.google.com/policies/privacy/. Opt-out: https://adssettings.google.com/authenticated.

Google Maps: We embed maps from Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA. Processed data may include users’ IP addresses and location data, which are not collected without their consent. Data may be processed in the USA. Privacy policy: https://www.google.com/policies/privacy/. Opt-out: https://adssettings.google.com/authenticated.

Use of Facebook Social Plugins

We use social plugins (“plugins”) of the social network facebook.com, operated by Facebook Ireland Ltd., 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland (“Facebook”), on the basis of our legitimate interests. Plugins can display interaction elements or content (e.g. videos, graphics or text posts) and are identifiable by one of the Facebook logos or the addition “Facebook Social Plugin”. When users access a function of our online offering that contains such a plugin, their device establishes a direct connection with Facebook’s servers. Facebook transmits the plugin content directly to users’ devices and integrates it into the online offering. Usage profiles may be created from the processed data.

By integrating the plugins, Facebook receives the information that a user has accessed the corresponding page. If users are logged into Facebook, Facebook can assign the visit to their Facebook account. When users interact with plugins (e.g. clicking the Like button or posting a comment), the corresponding information is transmitted directly from their device to Facebook and stored there. Even if a user is not a Facebook member, Facebook may obtain and store their IP address. According to Facebook, only an anonymized IP address is stored in Germany.

For information on the purpose and scope of data collection and further processing and use of data by Facebook, as well as related rights and privacy settings, please refer to Facebook’s privacy policy: https://www.facebook.com/about/privacy/.

If a user is a Facebook member and does not want Facebook to collect data about them via this online offering and link it to their Facebook membership data, they must log out of Facebook and delete their cookies before using our online offering. Further settings and objections to data use for advertising purposes are possible in the Facebook profile settings: https://www.facebook.com/settings?tab=ads or via http://www.aboutads.info/choices/ or http://www.youronlinechoices.com/. Settings apply across all devices.

Copyright

The content and works created by the site operators on these pages are subject to German copyright law. Reproduction, editing, distribution and any form of use beyond the limits of copyright law require the written consent of the respective author or creator. Downloads and copies of this site are permitted for private, non-commercial use only. Where content on this site has not been created by the operator, third-party copyrights are respected and identified as such. Should you become aware of a copyright infringement, please notify us accordingly. We will remove such content immediately upon becoming aware of any legal violation.