Legal

Imprint

Gen­er­al information

bay­ern design GmbH
Man­ag­ing Direc­tor: Nadine Vicentini
Luit­pold­straße 3
90402 Nuremberg
Germany

 

Data Pro­tec­tion Offi­cer con­tact information:

IITR Daten­schutz GmbH, Dr. Sebas­t­ian Kras­ka, Marien­platz 2, 80331 Munich, Ger­many; email@iitr.de

 

Gen­er­al infor­ma­tion regard­ing data processing

Data con­cerned:

Your per­son­al data are col­lect­ed only if pro­vid­ed by you vol­un­tar­i­ly. No addi­tion­al per­son­al data will be col­lect­ed. Your per­son­al data will be processed beyond the scope of statu­to­ry reg­u­la­tions only with your express consent.

Pur­pose of processing: Ful­fill­ment of contract
Cat­e­gories of recipients: Pub­lic enti­ties in the case of over­rid­ing legislation
Third-par­ty ser­vice providers or oth­er contractors
Oth­er third par­ties pro­vid­ed the data sub­ject has giv­en con­sent or trans­mis­sion is admis­si­ble due to com­pelling interests
Trans­fers to third countries: Proces­sors locat­ed out­side the Euro­pean Union can be used to ful­fil contracts
Dura­tion of data storage: The dura­tion of data stor­age depends on legal reten­tion oblig­a­tions and gen­er­al­ly is 10 years

 

Web­site-spe­cif­ic information

Use of a newsletter

When sub­scrib­ing to our newslet­ter, you pro­vide us with your e‑mail address and with oth­er data at your option. We use this data exclu­sive­ly to send our newslet­ter to you. We store the data you pro­vide when sub­scrib­ing to our newslet­ter until you unsub­scribe. You can unsub­scribe at any time using the respec­tive link in our newslet­ter or by send­ing a mes­sage to us. By unsub­scrib­ing you are object­ing to our fur­ther use of your e‑mail address.

 

Usage-relat­ed data

When you access our web­site you trans­mit data to our web serv­er via your Inter­net brows­er (a tech­ni­cal req­ui­site). The fol­low­ing data are record­ed dur­ing active ses­sions to facil­i­tate com­mu­ni­ca­tion between your Inter­net brows­er and our web server:

  • date and time of your request
  • name of the file you request
  • page from which you request­ed the file
  • access sta­tus (file trans­mit­ted, file not found, etc.)
  • web brows­er and oper­at­ing sys­tem you used
  • full IP address of the com­put­er you used
  • vol­ume of data transmitted

 

For tech­ni­cal secu­ri­ty rea­sons includ­ing, but not lim­it­ed to, to stave off attacks on our web serv­er, we store these data tem­porar­i­ly. These data do not allow for any infer­ence to indi­vid­ual users. After a short peri­od of time, the data are anonymized by trun­ca­tion of the IP address at the domain lev­el and there­after infer­ence to indi­vid­ual users is not pos­si­ble. The anonymized data also are processed for sta­tis­ti­cal pur­pos­es; they are not matched against any oth­er exist­ing data and are not for­ward­ed to third par­ties in full or in part.

 

Web­site analy­sis by Matomo

We use the Mato­mo web analy­sis ser­vice to design our web­site on a needs-ori­ent­ed basis. To record and ana­lyze use of our web­site, this ser­vice trans­mits usage-relat­ed infor­ma­tion regard­ing our web­site to our serv­er and stores it for ana­lyt­i­cal pur­pos­es. Before being processed, your IP address is trun­cat­ed and thus anonymized. If you wish to object to the pro­cess­ing of your infor­ma­tion for analy­sis pur­pos­es, you can do so at any time with the click of your mouse. If you choose to do so, an opt-cut cook­ie that does not con­tain any usage-relat­ed infor­ma­tion will be stored in your brows­er and Mato­mo will not col­lect any ses­sion-relat­ed data.

Please note: When you erase cook­ies, you also erase the opt-out cook­ie and you may have to reac­ti­vate it in future visits.

You may choose to pre­vent this web­site from aggre­gat­ing and ana­lyz­ing the actions you take here. Doing so will pro­tect your pri­va­cy, but will also pre­vent the own­er from learn­ing from your actions and cre­at­ing a bet­ter expe­ri­ence for you and oth­er users.


You are not opt­ed out. Uncheck this box to opt-out.

 

Our own ded­i­cat­ed cook­ies are used to store the set­tings required to dis­play our web­site (cook­ies are datasets trans­mit­ted from the web serv­er to your brows­er and stored there for future use). Our own cook­ies do not store any per­son­al data. You can pre­vent the use of cook­ies alto­geth­er by deac­ti­vat­ing the cook­ie stor­age func­tion in your browser.

 

Infor­ma­tion regard­ing oth­er types of data processing

Spe­cif­ic infor­ma­tion regard­ing the pro­cess­ing of data con­cern­ing customers/prospects

Data con­cerned: Data pro­vid­ed for con­tract ful­fill­ment; if applic­a­ble, addi­tion­al data for pro­cess­ing based on your express consent
Pur­pose of processing: Con­tract ful­fill­ment includ­ing offers, orders, sales, invoic­ing, and qual­i­ty management
Cat­e­gories of recipients: Pub­lic enti­ties in the case of over­rid­ing legislation
Exter­nal ser­vice providers or oth­er con­trac­tors: for data pro­cess­ing, host­ing, dis­patch­ing, trans­porta­tion, logis­tics, etc.; ser­vice providers: for print­ing and dis­patch­ing information
Oth­er third par­ties pro­vid­ed the data sub­ject has giv­en con­sent or trans­mis­sion is admis­si­ble due to com­pelling inter­ests: for cred­it-rat­ing infor­ma­tion if pur­chas­es are made against receipt of an invoice, for elec­tron­ic dis­patch of infor­ma­tion, and for qual­i­ty management
Trans­fers to third countries: As part of con­tract ful­fill­ment, proces­sors out­side the Euro­pean Union includ­ing e‑mail ser­vice providers may be used
Dura­tion of data storage: The dura­tion of data stor­age depends on legal reten­tion oblig­a­tions and gen­er­al­ly is 10 years

 

 

Spe­cif­ic infor­ma­tion regard­ing the appli­ca­tion process

 

Data con­cerned: Appli­ca­tion-relat­ed information
Pur­pose of processing: Exe­cu­tion of the appli­ca­tion process
Cat­e­gories of recipients: Pub­lic enti­ties in the case of over­rid­ing legislation
Exter­nal ser­vice providers or oth­er con­trac­tors: for data pro­cess­ing, host­ing, etc.
Oth­er third par­ties pro­vid­ed the data sub­ject has giv­en con­sent or trans­mis­sion is admis­si­ble due to com­pelling interests
Trans­fers to third countries: As part of con­tract ful­fill­ment, proces­sors out­side the Euro­pean Union includ­ing e‑mail ser­vice providers may be used
Dura­tion of data storage: Fol­low­ing com­mu­ni­ca­tion of the deci­sion to the appli­cant, appli­ca­tion-relat­ed data typ­i­cal­ly are erased with­in four (4) months unless the appli­cant has giv­en con­sent to an extend­ed stor­age peri­od for admis­sion to the pool of applicants

 

Spe­cif­ic infor­ma­tion regard­ing the pro­cess­ing of employ­ee data

 

Data con­cerned: Data pro­vid­ed for con­tract ful­fill­ment; if applic­a­ble, addi­tion­al data for pro­cess­ing based on your express consent
Pur­pose of processing: Con­tract ful­fill­ment as part of the employ­ment relationship
Cat­e­gories of recipients: Pub­lic enti­ties in the case of over­rid­ing leg­is­la­tion: finan­cial author­i­ties, social insur­ance com­pa­nies, trade asso­ci­a­tions, etc.
Exter­nal ser­vice providers or oth­er con­trac­tors: for data pro­cess­ing, host­ing, pay­roll account­ing, trav­el-expense report­ing, insur­ance ser­vices, etc.Other third par­ties, pro­vid­ed the data sub­ject has giv­en con­sent or trans­mis­sion is admis­si­ble due to com­pelling interests
Trans­fers to third countries: As part of con­tract ful­fill­ment, proces­sors out­side the Euro­pean Union includ­ing e‑mail ser­vice providers may be used
Dura­tion of data storage: The dura­tion of data stor­age depends on legal reten­tion oblig­a­tions and gen­er­al­ly is 10 years

 

Spe­cif­ic infor­ma­tion regard­ing the pro­cess­ing of sup­pli­er data

 

Data con­cerned: Data pro­vid­ed for con­tract ful­fill­ment; if applic­a­ble, addi­tion­al data for pro­cess­ing based on your express consent
Pur­pose of processing: Con­tract ful­fill­ment includ­ing inquiries, sourc­ing, and qual­i­ty management
Cat­e­gories of recipients: Pub­lic enti­ties in the case of over­rid­ing leg­is­la­tion; exter­nal ser­vice providers or oth­er con­trac­tors: for data pro­cess­ing, host­ing, book­keep­ing, pay­ment han­dling, etc.
Oth­er third par­ties pro­vid­ed the data sub­ject has giv­en con­sent or trans­mis­sion is admis­si­ble due to com­pelling interests
Trans­fers to third countries: As part of con­tract ful­fill­ment, proces­sors out­side the Euro­pean Union includ­ing e‑mail ser­vice providers may be used
Dura­tion of data storage: The dura­tion of data stor­age depends on legal reten­tion oblig­a­tions and gen­er­al­ly is 10 years

 

Spe­cif­ic infor­ma­tion regard­ing the use of soft­ware for video conferences/webinars

 

Data con­cerned: Data pro­vid­ed for the pur­pose of using the video con­fer­ence soft­ware or webi­nar soft­ware (main­ly first name, last name, e‑mail address; option­al: audio trans­mis­sion; option­al: image trans­mis­sion; option­al: queries regard­ing use of chat func­tions); as required for tech­ni­cal pur­pos­es: pro­cess­ing of data con­cern­ing your sys­tem to acti­vate a con­nec­tion with the con­fer­ence soft­ware provider
Pur­pose of processing: Hold­ing video con­fer­ences and/or webinars
Cat­e­gories of recipients: Pub­lic enti­ties in the case of over­rid­ing leg­is­la­tion; exter­nal ser­vice providers or oth­er con­trac­tors: for data pro­cess­ing, host­ing, etc.
Oth­er third par­ties pro­vid­ed the data sub­ject has giv­en con­sent or trans­mis­sion is admis­si­ble due to com­pelling interests
Trans­fers to third countries: Use of proces­sors out­side the Euro­pean Union (in this case, in the U.S.A.); stan­dard con­tract claus­es have been agreed upon with the respec­tive ser­vice provider
Dura­tion of data storage: Video con­fer­ences are record­ed only upon par­tic­i­pants’ pre­vi­ous­ly doc­u­ment­ed con­sent; tech­ni­cal data are erased if they no longer are required; in all oth­er cas­es, the dura­tion of data stor­age depends on legal reten­tion oblig­a­tions and gen­er­al­ly is 10 years

Addi­tion­al infor­ma­tion and con­tact information

In addi­tion, you can exer­cise your right to obtain infor­ma­tion, have data con­cern­ing you rec­ti­fied or erased, restrict the pro­cess­ing of data con­cern­ing you, or your right to object to the pro­cess­ing, and/or your right to data porta­bil­i­ty, at any time. To do so, you can write to us by e‑mail at datenschutz@bayern-design.de or send a let­ter to us. Also, you have the right to lodge a com­plaint with the data pro­tec­tion super­vi­sion author­i­ty responsible.

The author­i­ty respon­si­ble for us is the BayL­DA Bay­erische Lan­desamt für Daten­schutza­uf­sicht, Prom­e­nade 18, 91522 Ans­bach, Ger­many. You also can con­tact the data pro­tec­tion author­i­ty respon­si­ble for your place of res­i­dence so your com­plaint can be for­ward­ed to the data pro­tec­tion super­vi­sion authority.

Ver­sion of this pri­va­cy state­ment dat­ed April 2021

And infor­ma­tion for data sub­jects pur­suant to Art. 13 and Art. 14 of the Gen­er­al Data Pro­tec­tion Regulation

The fol­low­ing pages pro­vide you with an overview of the pro­cess­ing of your per­son­al data (here­inafter, “Data”) in con­nec­tion with events orga­nized and/or host­ed by bay­ern design GmbH and of your rights regard­ing data protection.

 

1. Who is respon­si­ble for pro­cess­ing my Data?

bay­ern design GmbH
Man­ag­ing Direc­tor: Nadine Vicentini
Luit­pold­str. 3
90402 Nuremberg
Germany
E‑mail: datenschutz@bayern-design.de

is respon­si­ble for pro­cess­ing your Data detailed below. We process per­son­al data in accor­dance with the pro­vi­sions of the Euro­pean Gen­er­al Data Pro­tec­tion Reg­u­la­tion (here­inafter, “GDPR”) and the Fed­er­al Data Pro­tec­tion Act (here­inafter, “BDSG”).

You can con­tact our Data Pro­tec­tion Offi­cer by let­ter with the adden­dum “Data Pro­tec­tion” sent to the address spec­i­fied above or by e‑mail sent to datenschutz@bayern-design.de.

 

2. What type of per­son­al data will be stored?

We process the fol­low­ing cat­e­gories of per­son­al data:

  • con­tact infor­ma­tion includ­ing, but not lim­it­ed to, first and last name, title (if applic­a­ble), mail­ing address, tele­phone num­ber (if applic­a­ble), and e‑mail address
  • infor­ma­tion regard­ing the com­pa­ny or insti­tu­tion you work for
  • infor­ma­tion regard­ing your posi­tion at the com­pa­ny or insti­tu­tion you work for
  • if applic­a­ble, pho­tos and/or videos tak­en of you dur­ing the event

 

We gen­er­al­ly col­lect your Data direct­ly from you. In some cas­es, we obtain your Data from your employ­er to enable us to invite you to an event host­ed or orga­nized by us.

 

3. Why is my Data processed (rea­sons for pro­cess­ing) and on what legal basis?

We use your con­tact infor­ma­tion (name, mail­ing address, e‑mail address) to send you mailed or e‑mailed invi­ta­tions to events we plan to orga­nize and/or host or that match your inter­ests and to send you rel­e­vant mate­ri­als pri­or to the event (e.g., the pro­gram). The legal basis for this pro­ce­dure is Art. 6 para. 1 p. 1 lit. b) and f) of the GDPR based, among oth­er things, on our legit­i­mate inter­est in com­mu­ni­cat­ing our com­pa­ny strat­e­gy and busi­ness-relat­ed actions ade­quate­ly; infor­ma­tion regard­ing pub­lic events and the involve­ment of reporters are part of these communications.

If you do not wish to receive invi­ta­tions to our events going for­ward, you can object to the use of your Data for the afore­men­tioned pur­pos­es at any time. To do so, please e‑mail your objec­tion to datenschutz@bayern-design.de. Once we receive your e‑mail in this regard, we will cease send­ing you invi­ta­tions to our events with­out delay.

If you choose to par­tic­i­pate in an event orga­nized and/or host­ed by us, we will process your Data as referred to in 2 above in con­nec­tion with our car­ry­ing out of the event and to enable you to par­tic­i­pate. This includes using your name, infor­ma­tion regard­ing the com­pa­ny or insti­tu­tion you work for and your cur­rent posi­tion so we can cre­ate name tags, if applic­a­ble, and/or pro­vide your Data (your name and the name of the com­pa­ny or insti­tu­tion you work for) to the facil­i­ta­tors of the event, if applic­a­ble, to enable them to car­ry out the event. In addi­tion, we use your afore­men­tioned Data to send you mate­ri­als rel­e­vant to the event (e.g., hand­outs with infor­ma­tion on the lec­tures) which are cre­at­ed post-event. Fur­ther­more, if applic­a­ble we for­ward your Data to insti­tu­tions that coop­er­ate with us to the extent required to car­ry out the event and to enable you to par­tic­i­pate in the event, for exam­ple, exter­nal guest man­age­ment. The legal basis for this pro­ce­dure is Art. 6 para. 1 p. 1 lit. b) of the GDPR.

For events that attract a lot of media inter­est because they are attend­ed by per­sons of pub­lic inter­est (e.g., the Munich Cre­ative Busi­ness Week recep­tion), we include the name and the title/position of such per­sons in the respec­tive list of guests/participants. Then, beyond the scope of use spec­i­fied in para­graph 2 above, we make this list avail­able on our web­site to third par­ties, includ­ing inter­est­ed media rep­re­sen­ta­tives, for view­ing and/or down­load­ing. The legal basis for this pro­ce­dure is Arts. 6 para. 1 p. 1 lit. b) and f) of the GDPR, based on our legit­i­mate inter­est in media report­ing about the event.

Pur­suant to Art. 21 para. 1 of the GDPR, you have the right to object, on grounds relat­ing to your par­tic­u­lar sit­u­a­tion, at any time to the pub­li­ca­tion of your Data includ­ed in the guest list pub­lished on our web­site, to take effect going for­ward. To do so, please e‑mail your objec­tion to datenschutz@bayern-design.de.

More­over, some of the pho­tos and/or videos tak­en reg­u­lar­ly at our events are pub­lished on our web­site, in our social media chan­nels, as part of exter­nal and/or inter­nal report­ing, and/or in our newslet­ters – in some cas­es togeth­er with the names of the per­sons in the pho­tos and/or in the videos. The legal basis for the pro­duc­tion, stor­age, and pub­li­ca­tion of pho­tos and videos is Art. 6 para. 1 p. 1 lit. b) of the GDPR. If the focus of a pho­to or video is on one or more indi­vid­u­als, at any time par­tic­i­pants have the right and the option to noti­fy the pho­tog­ra­ph­er or video­g­ra­ph­er to refrain from cap­tur­ing them in the pho­to or video.

Pur­suant to Art. 21 para. 1 of the GDPR, you have the right to object, on grounds relat­ing to your par­tic­u­lar sit­u­a­tion, at any time to the pro­duc­tion and stor­age of pho­tos and/or videos of you, to take effect going for­ward. To do so, please e‑mail your objec­tion to datenschutz@bayern-design.de.

We express­ly inform you that our events are attend­ed by exter­nal reporters who also may take pho­tos and/or make videos. Since we can­not influ­ence the cre­ation or use of pho­tos or videos pro­duced by exter­nal reporters, we can­not pro­vide any infor­ma­tion regard­ing the pur­pose or scope of the pro­cess­ing of your Data by these exter­nal reporters.

 

4. Do I have an oblig­a­tion to pro­vide my Data?

Your par­tic­i­pa­tion in any of our events is con­di­tion­al upon your pro­vi­sion of your Data. The legal basis for this pro­ce­dure is Art. 6 para. 1 lit. b) of the GDPR.

 

5. Who receives my Data?

Your Data are pro­vid­ed inter­nal­ly to staff mem­bers entrust­ed with pub­lic rela­tions activ­i­ties. Also, your Data are made avail­able to third par­ties includ­ing the media, edi­to­r­i­al depart­ments and edi­to­r­i­al sys­tems oper­at­ed by print media and online media, and social media providers. In this regard, we make ref­er­ence to the pur­pos­es and enti­ties spec­i­fied in 3 above.

In addi­tion, we use ser­vice providers (proces­sors, e.g., providers of mail­ing ser­vices) on an instruc­tion basis, among oth­er things, for the dis­patch of invi­ta­tions by mail or dig­i­tal­ly and as part of our guest man­age­ment. The scope and peri­od of time in which proces­sors have access to your Data are lim­it­ed to those required to pro­vide the respec­tive ser­vices. If and when these ser­vice providers process data out­side of the Euro­pean Union, your Data may be trans­mit­ted to coun­tries that do not safe­guard the same data pro­tec­tion stan­dard as the Euro­pean Union. In this case, we ensure that the respec­tive ser­vice providers safe­guard, by con­tract or oth­er­wise, a lev­el of data pro­tec­tion that cor­re­sponds to that which applies in the Euro­pean Union. You can request a copy of such safe­guards by writ­ing to the con­tact infor­ma­tion spec­i­fied in 1 above.

 

6. How long will my Data be stored?

To accom­mo­date our legit­i­mate mutu­al inter­est in com­mu­ni­ca­tion or noti­fi­ca­tion, we store your con­tact infor­ma­tion for pur­pos­es of send­ing out invi­ta­tions until we receive an objec­tion from you. We will store your objec­tion for three years for pur­pos­es of preser­va­tion of evidence.

All oth­er Data col­lect­ed for pur­pos­es of car­ry­ing out the event are erased direct­ly after the event.

The stor­age of pho­tos and videos of you based on Art. 6 para. 1 p. 1 lit. b) of the GDPR will con­tin­ue until you raise a legit­i­mate objec­tion to such stor­age pur­suant to Art. 21 para. 1 of the GDPR, unless com­pelling legit­i­mate grounds for the pro­cess­ing pur­suant to Art. 21 para. 1 p. 2 of the GDPR exist.

The scope and dura­tion of the for­ward­ing of your Data to proces­sors bound by instruc­tions are lim­it­ed to the scope and dura­tion required for the pro­vi­sion of the ser­vices. We ensure com­pli­ance with agree­ments regard­ing data erasure.

 

7. What rights do I have con­cern­ing my Data?

You have the right to request infor­ma­tion at any time regard­ing your Data stored by us. If any of your Data is inac­cu­rate or not up-to-date, you have the right to request rec­ti­fi­ca­tion there­of. In addi­tion, you have the right to request that your Data be erased or the pro­cess­ing of your Data restrict­ed pur­suant to Arts. 17 or 18 of the GDPR. If and when you pro­vid­ed Data to us and the pro­cess­ing of your Data by auto­mat­ed means is based on your con­sent or on a con­tract entered into by us with you, you have the right to receive the Data you pro­vid­ed in a struc­tured, com­mon­ly used, and machine-read­able for­mat (right to data porta­bil­i­ty). To exer­cise these rights, you can con­tact the per­son spec­i­fied in 1 above at any time. For infor­ma­tion regard­ing your right to object, please refer to 3 above.

 

In addi­tion, you can opt to refer to a data pro­tec­tion super­vi­sion author­i­ty to lodge a com­plaint. The author­i­ty respon­si­ble for us is the BayL­DA Bay­erische Lan­desamt für Daten­schutza­uf­sicht, Prom­e­nade 18, 91522 Ans­bach, Ger­many. You also can con­tact the data pro­tec­tion author­i­ty respon­si­ble for your place of res­i­dence so your com­plaint can be for­ward­ed to the data pro­tec­tion super­vi­sion authority.

For more infor­ma­tion regard­ing data pro­tec­tion, please refer to our pri­va­cy state­ment.

 

Ver­sion of this pri­va­cy state­ment dat­ed April 2021

Infor­ma­tion to be pro­vid­ed in accor­dance with Arts. 13 and 14 of the GDPR in con­nec­tion with events