Data Privacy Policy
Data Privacy Policy
Executive Insights GmbH & Co. KG
“www.enterprise-architecture-insights.eu” is an event website landing page by Executive Insights GmbH & Co. KG
Responsible:
Company: Executive Insights GmbH & Co. KG
Adress : Josef-Orlopp-Str. 89-91 - 10365 Berlin, Germany
Trade Register /Nr.: HRA 54694 B
Managing Director & Partner: Manfred Erhardt
Phone: 030 – 767 29 34 0
E-Mail adress: info (at) executive-insights.com
The protection of your personal data is important to us!
Your data will be treated with appropriate care and used only for the purposes of event planning and implementation.
This data protection declaration informs you about the type, scope and purpose of the processing of personal data (hereinafter referred to as "data") within our online offer and the websites, functions and content associated with it, as well as external online presences, such as our social media profiles (hereinafter collectively referred to as "online offer"). With regard to the terms used, such as "personal data" or their "processing", we refer to the definitions in Article 4 of the General Data Protection Regulation (GDPR).
Contact on the subject of data protection:
E-mail address: datenschutz@executive-insights.com
Types of data processed:
Inventory data (company data: address).
Contact data (company data: contact person).
Content data (presenters: text entries, presenters/participants: photographs, videos).
Contract data (participants: subject of contract, term, company category).
Applicants (address, contact details, application documents).
Processing of special categories of data (Art. 9 (1) DSGVO):
In principle, no special categories of data are processed.
Categories of persons affected by the processing:
Customers or participants / interested parties / suppliers / speakers / applicants.
Hereinafter, we also collectively refer to the data subjects as "Users".
Purpose of processing:
Provision, administration and billing of contractual services.
Responding to contact requests and communicating with users.
Examination of an application.
1. relevant legal basis
In accordance with Art. 13 DSGVO, we inform you about the legal basis of our data processing. If the legal basis is not mentioned in the Privacy Policy, the following applies: The legal basis for obtaining consent is Art. 6(1)(a) and Art. 7 DSGVO, the legal basis for processing for the performance of our services and implementation of contractual measures and responding to inquiries is Art. 6(1)(b) DSGVO, the legal basis for processing for the performance of our legal obligations is Art. 6(1)(c) DSGVO, and the legal basis for processing for the protection of our legitimate interests is Art. 6(1)(f) DSGVO.
We also use your e-mail address collected in the course of registration or in the course of contract performance to inform you by e-mail about our own similar events, as well as about existing offers or about us in general. In this case, the processing of the e-mail address is based on our legitimate interest in advertising our events and related services (Art. 6 para. 1 lit. f DSGVO).
2. security measures
We take appropriate technical and organizational measures in accordance with Article 32 of the GDPR, taking into account the state of the art, the costs of implementation and the nature, scope, circumstances and purposes of the processing, as well as the varying likelihood and severity of the risk to the rights and freedoms of natural persons, in order to ensure a level of protection appropriate to the risk; the measures include, in particular, ensuring the confidentiality, integrity and availability of data by controlling physical access to the data, as well as access concerning them, input, disclosure, ensuring availability and their separation.
Furthermore, we have established procedures to ensure the exercise of data subjects' rights, deletion of data and response to data compromise. Furthermore, we already take the protection of personal data into account during the development and selection of hardware, software and processes, in accordance with the principle of data protection through technology design and through data protection-friendly default settings (Article 25 of the GDPR).
3. cooperation with processors and third parties
3.1 If, in the course of our processing, we disclose data to other persons and companies (processors or third parties), transmit it to them or otherwise grant them access to the data, this will only be done on the basis of legal permission (e.g. if a transfer of data to third parties, such as payment service providers, is necessary for the performance of the contract pursuant to Art. 6 (1) lit. b DSGVO), you have consented, or a legal obligation provides for this.
3.2 If we commission third parties with the processing of data on the basis of a so-called "order processing agreement", this is done on the basis of Art. 28 DSGVO. Listed here in the form of our CRM solution (hosted in the EU) in Amazon AWS. Further information can be found at https://aws.amazon.com/de/compliance/gdpr-center/
3.3 Traffic data is generated when visiting our website. In this context, the temporary storage of the IP address is technically necessary to enable delivery of the website to the user's computer. This traffic data is processed by our hoster the company Host Europe GmbH, in accordance with the DSGVO, in accordance with the data protection regulation of the company Host Europe GmbH. For more information, please visit: https://www.hosteurope.de/AGB/Datenschutzerklaerung
4. rights of the persons concerned
4.1 You have the right to request confirmation as to whether data in question is being processed and to obtain information about this data and further information and a copy of the data in accordance with Article 15 of the GDPR.
4.2 You have according to. Art. 16 DSGVO the right to request the completion of the data concerning you or the correction of incorrect data concerning you.
4.3 In accordance with Art. 17 of the GDPR, you have the right to demand that data concerning you be deleted without delay, or alternatively, in accordance with Art. 18 of the GDPR, to demand restriction of the processing of the data.
4.4 You have the right to request that the data concerning you that you have provided to us be received in accordance with Art. 20 of the GDPR and to request that it be transferred to other data controllers. 4.5 You also have the right to lodge a complaint with the competent supervisory authority in accordance with Art. 77 DSGVO.
5. right of revocation
You have the right to revoke given consents according to Art. 7 para. 3 DSGVO with effect for the future.
6. right of objection
You may object to the future processing of data concerning you in accordance with Art. 21 DSGVO at any time. The objection can be made in particular against processing for purposes of direct advertising.
7. deletion of data
7.1 The data processed by us will be deleted or restricted in its processing in accordance with Articles 17 and 18 DSGVO. Unless expressly stated within the scope of this data protection declaration, the data stored by us will be deleted as soon as they are no longer required for their intended purpose and the deletion does not conflict with any statutory retention obligations. If the data is not deleted because it is required for other and legally permissible purposes, its processing will be restricted. I.e. the data is blocked and not processed for other purposes. This applies, for example, to data that must be retained for reasons of commercial or tax law.
7.2 In accordance with legal requirements, data is retained in particular for 6 years pursuant to Section 257 (1) of the German Commercial Code (commercial books, inventories, opening balances, annual financial statements, commercial letters, accounting vouchers, etc.) and for 10 years pursuant to Section 147 (1) of the German Fiscal Code (AO) (books, records, management reports, accounting vouchers, commercial and business letters, documents relevant for taxation, etc.).
8. cookies and right to object to direct advertising
We use temporary cookies, i.e. small files that are stored on the users' devices (for an explanation of the term and function, see the last section of this privacy policy). Cookies are necessary for the operation of our online offer (e.g. for the display of the website) or to store the user decision when confirming the cookie banner.
You can deactivate cookies in your browser at any time, which may mean that some functions of our website are no longer available.
9. provision of contractual services
9.1 We process inventory data (e.g. names and addresses as well as contact data of users), contractual data (e.g. services used, names of contact persons) for the purpose of fulfilling our contractual obligations and services pursuant to Art. 6 para. 1 lit b. DSGVO. The entries marked as mandatory in online forms are required for the conclusion of the contract.
9.2 The deletion takes place after the expiry of legal warranty and comparable obligations, the necessity of storing the data is reviewed every three years; in the case of legal archiving obligations, the deletion takes place after their expiry (end of commercial law (6 years) and tax law (10 years) storage obligation); information in the customer account remains until its deletion.
9.3 The specified storage periods may change accordingly if the statutory retention period changes.
10. contacting
When contacting us (via contact form, e-mail or telephone), the user's details are processed for the purpose of handling the contact request and its processing pursuant to Art. 6 para. 1 lit. b) DSGVO.
The user's details may be stored in our Customer Relationship Management System ("CRM System") or comparable inquiry organization.
We use the CRM system on the basis of our legitimate interests (efficient and fast processing of inquiries about our events). For this purpose, we have concluded a contract with the provider with so-called standard contractual clauses, in which the provider undertakes to process user data only in accordance with our instructions and to comply with the EU data protection level.
We delete the requests if they are no longer necessary. We review the necessity every 6 months; we store requests from customers who have a customer account permanently and refer to the customer account details for deletion. In the case of legal archiving obligations, deletion takes place after their expiry (end of commercial law (6 years) and tax law (10 years) retention obligation).
11. online applications
If you submit an unsolicited application for one of our job offers (Section 26 BDSG) or apply as a consultant (Art. 6 (1) b DSGVO), we will process your address, telecommunication and application data exclusively for the purpose of processing your application. The provision of your address and telecommunication data, which are marked as mandatory fields, is necessary in order to be able to contact you regarding your application.
If the application process for your job offer ends without employment, your data will be deleted or destroyed after a maximum of 6 months, like the documents sent to us, unless you have given us your consent to use the data for future application processes (Art. 6 para. 1 a DSGVO).
12. e-mail newsletter
In order to receive our e-mail newsletter, we require a valid e-mail address, as well as information that allows us to verify that you are the owner of the e-mail address provided (e.g., as part of the so-called double opt-in procedure); this data is stored and processed electronically by us.
Additional information (e.g. areas of interest) can be provided by you voluntarily at any time; in this case, your profile consists of your voluntary information and your e-mail address.
In addition, we evaluate - in order to further improve the newsletter offer - the user and click behavior and analyze it.
For the e-mail newsletter, it may also be necessary for us to pass on your data to external service providers as part of order data processing. You can revoke your consent to the storage and analysis of the data, the e-mail address and its use for sending the e-mail newsletter at any time.
13. e-mail optout
Users who no longer wish to receive our newsletter, click the unsubscribe link included in all emails sent or revoke at optout@executive-insights.com.
14. online presences in social media
14.1 We maintain online presences on Twitter, Linkedin, Xing and facebook in order to communicate with the customers, interested parties and users active there and to inform them about our services there. When calling up the respective networks and platforms, the terms and conditions and data processing guidelines of the respective operators shall apply.
14.2 Unless otherwise stated in our privacy policy, we only process the data of users if they communicate with us within the social networks and platforms, e.g. write posts on our online presences or send us messages.
14.3 Xing
We use functions of the XING network. The provider is XING AG, Dammtorstraße 29-32, 20354 Hamburg, Germany. Each time one of our pages containing Xing functions is called up, a connection to Xing servers is established. As far as we are aware, no personal data is stored in this process. In particular, no IP addresses are stored or usage behavior evaluated. Privacy policy: https://www.xing.com/app/share?op=data_protection
14.4 Linkedin
Within the scope of our online offer, functions and contents of the service LinkedIn, offered by LinkedIn Ireland Unlimited Company Wilton Place, Dublin 2, Ireland, may be integrated. This may include, for example, content such as images, videos or texts and buttons with which users can share content of this online offer within LinkedIn. If the users are members of the LinkedIn platform, LinkedIn can assign the call of the above-mentioned content and functions to the profiles of the users there. Privacy policy of LinkedIn: https://www.linkedin.com/legal/privacy-policy.. LinkedIn is certified under the Privacy Shield agreement and thereby offers a guarantee of compliance with European data protection law (https://www.privacyshield.gov/participant?id=a2zt0000000L0UZAA0&status=Active). Privacy policy: https://www.linkedin.com/legal/privacy-policy, Opt-Out: https://www.linkedin.com/psettings/guest-controls/retargeting-opt-out.
14.5. Twitter
Within the scope of our online offer, functions of the service or platform Twitter may be integrated (hereinafter referred to as "Twitter"). Twitter is a service of Twitter Inc., 1355 Market Street, Suite 900, San Francisco, CA 94103, USA. The functions include the display of our posts within Twitter as part of our online offer, the link to our profile on Twitter and the possibility to interact with the posts and the functions of Twitter, as well as to measure whether users reach our online offer via the advertisements placed by us on Twitter (so-called conversion measurement). Twitter is certified under the Privacy Shield agreement and thereby offers a guarantee of compliance with European data protection law (https://www.privacyshield.gov/participant?id=a2zt0000000TORzAAO&status=Active). Privacy policy: https://twitter.com/de/privacy, Opt-Out: https://twitter.com/personalization.
15. changes
From time to time it is necessary to adapt the content of this privacy policy. We therefore reserve the right to change them at any time. We will also publish the amended version of the privacy notice here. When you visit us again, you should therefore read through the data protection information again.
current state: june 2023