Privacy Policy

Information on data protection in accordance with Art. 13, 14 and 21 of the EU General Data Protection Regulation (GDPR)

1. Data protection at a glance

The following information provides a simple overview of what happens to your personal data when you visit our website. Personal data is any data by which you can be personally identified. Detailed information on the subject of data protection can be found in our privacy policy listed below this text.

Who is responsible for data collection on this website?

Data processing on this website is carried out by the website operator. You can find their contact details in the legal notice of this website.

How do we collect your data?

Your data is collected in part when you provide it to us. This may, for example, be data that you enter into a contact form.

Other data is collected automatically by our IT systems when you visit the website. This is primarily technical data (e.g. internet browser, operating system or time of page access). This data is collected automatically as soon as you enter our website.

What do we use your data for?

Part of the data is collected to ensure the error-free provision of the website and our services. Other data may be used to analyze your user behavior.

What rights do you have regarding your data?

You have the right at any time to obtain information free of charge about the origin, recipient and purpose of your stored personal data. You also have the right to request correction, blocking or deletion of this data. For this purpose, as well as for further questions on the subject of data protection, you can contact us at any time at the address given in the legal notice. Furthermore, you have the right to lodge a complaint with the competent supervisory authority.

Analysis tools and third-party tools

When visiting our website, your surfing behavior may be statistically evaluated. This is mainly done with cookies and so-called analysis programs. The analysis of your surfing behavior is generally anonymous; the surfing behavior cannot be traced back to you. You can object to this analysis. We will inform you about the objection options in this privacy policy.

2. General information and mandatory information

The operators of these pages take the protection of your personal data very seriously. We treat your personal data confidentially and in accordance with statutory data protection regulations and this privacy policy.

When you use this website, various personal data is collected. Personal data is data with which you can be personally identified. This privacy policy explains which data we collect and what we use it for. It also explains how and for what purpose this is done.

We point out that data transmission on the internet (e.g. communication by email) may have security gaps. Complete protection of the data against access by third parties is not possible.

Controller responsible for data processing:

impact media projects GmbH
Represented by: Thilo Jörgl, Anita Würmser
Eckherstr. 10 b
85737 Ismaning, Germany
Phone: +49 89 215384612 – thilo.joergl@impact-mp.de

The controller is the natural or legal person who alone or jointly with others decides on the purposes and means of processing personal data.

3. Data collection and processing on this website:

We generally collect and use personal data of our users only to the extent necessary to provide a functional website as well as our content and services, and where a legal basis permits us to do so. Automated decision-making or profiling does not take place.

Your data is collected:

• through information you provide to us (e.g. by filling out a contact or registration form, email inquiry)
• automatically by our IT systems when visiting the website (e.g. IP address, browser type, operating system, time of access)

Legal bases

Processing is carried out in accordance with:

• Art. 6 para. 1 lit. a GDPR (consent)

• Art. 6 para. 1 lit. b GDPR (performance of a contract)

• Art. 6 para. 1 lit. c GDPR (legal obligation)

• Art. 6 para. 1 lit. f GDPR (legitimate interest)

Consent is any freely given, specific, informed and unambiguous indication of the data subject’s wishes by which they, by a statement or by a clear affirmative action, signify agreement to the processing of personal data relating to them.

Purposes of processing

• Provision of a functional website

• Execution and processing of contracts (e.g. ticket purchase, event management)

• Execution and processing of our offers, awards and events

• Communication with you

• Analysis of user behavior and optimization of our offerings

• Fulfillment of legal obligations

Hosting

Our websites are hosted by:
Strato AG, Otto-Ostrowski-Straße 7, 10249 Berlin, Germany
https://www.strato.de/datenschutz/

SSL or TLS encryption

For security reasons and to protect the transmission of confidential content, such as orders or inquiries that you send to us as the website operator, this site uses SSL or TLS encryption. You can recognize an encrypted connection by the browser’s address line changing from “http://…” to “https://…” and by the lock symbol in your browser line.

If SSL or TLS encryption is activated, the data you transmit to us cannot be read by third parties.

Cookies and tracking

Our websites use cookies to make our offering more user-friendly, effective and secure. Cookies are small text files that your browser stores. Session cookies are automatically deleted after your visit; other cookies remain stored until you delete them. You can block cookies in your browser settings or allow them in individual cases; however, this may limit the functionality of the website.

Cookies that are required for the operation of the site or desired functions (e.g. shopping cart) are stored on the basis of Art. 6 para. 1 lit. f GDPR.

Each time you visit our website, data about the accessing system is automatically collected, including:

• Browser type and version

• Operating system

• Internet service provider

• IP address

• Date and time of access

• Websites from which you accessed our site

• Websites that you access via our site

The data is stored in log files of our system as well as in central systems for evaluation, but is not merged with other personal data of the users.

Server log files

The provider of the website automatically collects and stores information in so-called server log files, which your browser automatically transmits to us. These are:

• Browser type and version

• Operating system used

• Referrer URL

• Hostname of the accessing computer

• Time of the server request

• IP address

A merging of this data with other data sources does not take place. The legal basis for data processing is Art. 6 para. 1 lit. b GDPR, which permits the processing of data for the performance of a contract or pre-contractual measures.

Contact forms

We provide you with the possibility to contact us via contact forms provided on our website. To be able to respond to an inquiry, your name, your company, a valid email address, and your telephone number are required. The storage of the IP address when sending the form is necessary for the secure operation of the website and the underlying IT systems.

Further information may be provided voluntarily. Voluntary fields in the form are those that are not clearly marked as mandatory fields (red asterisk or other symbols). We use this personal data to contact you for any follow-up questions, to conclude contracts, issue invoices, send orders and offers, or otherwise respond to concerns.

The data is processed and stored on the basis of Art. 6 para. 1 lit. b or f GDPR until the purpose ceases or you request deletion. Mandatory legal provisions, in particular retention periods, remain unaffected.

Apps

When using our apps or third-party apps, we process only the data necessary to provide the app (e.g. device ID). Location data can only be used to the extent you allow it.

Newsletters, information services, network information, and email contact

When registering, we use your name and email address to send you personalized newsletters and network information. Registration takes place via a contact form or on personal request. For registration, we use your name, email address, and, if applicable, IP address and registration date to prevent misuse. Dispatch is carried out exclusively based on your consent according to Art. 6 para. 1 lit. a GDPR. You can unsubscribe at any time; the data may be stored for up to three years to document your consent.

Newsletter registration is carried out via a double opt-in process: after your registration, you will receive an email requesting confirmation of your registration. Only with this confirmation is the registration effective.

Participation in awards, competitions, sweepstakes, or surveys

In the context of participation in our awards, competitions, sweepstakes, or surveys, we collect data of participants or contact persons, as well as information about your company, professional position, and industry as mandatory information. Additional data may be collected on a voluntary basis.

We may collect the following data:

• IP address – anonymized

• User’s operating system

• Time the user is online

• Other information (chat options via third parties)

In the registration/admission process for our awards and events, we collect the following personal data as mandatory information from the contact person:

• Salutation

• Company

• First name

• Last name

• Position/function

• Phone/mobile phone

• Full company address

• Country of the company

• Email address

• Other information (e.g. allergies)

• VAT ID number

In detail, users can find all mandatory and other voluntary information in the current registration form for the registration/admission process.

The data is stored for the execution and processing of award applications as well as for market research purposes, in order to identify and inform you as a possible finalist or winner.

By participating, you consent to receiving email messages (e.g. participation confirmation, applicant information, nomination information, prize notification) and to the publication of your first and last name, title, position, company name, and product name in connection with a nomination or award on our website and in our publications.

For awards, sweepstakes, or surveys conducted together with cooperation partners, your data will be shared exclusively with these partners, insofar as this is necessary for the execution of the respective event, for evaluation and interpretation of the results, and for necessary follow-up inquiries.

The legal basis for processing is Art. 6 para. 1 lit. b and f GDPR.

Events (On-site/Online)

When registering for our events (gala receptions, award ceremonies, congresses, seminars, workshops, exhibitions, etc.), we collect participant data including first and last name, title, address, email address, as well as company, professional position, and industry as mandatory information. Additional information may be collected voluntarily.

We may collect the following data:

• IP address – anonymized

• User’s operating system

• Time the user is online

• Password

• Other information (chat options via third parties)

Mandatory information in the registration/admission process for events:

• Salutation

• Company

• Title

• First name

• Last name

• Position/function

• Phone/mobile phone

• Full address

• Email address

• Other information (e.g., allergies, accompanying persons)

In detail, users can find all mandatory and other voluntary information in the current registration form.

Legal basis: Art. 6 para. 1 lit. b and f GDPR, to fulfill the contract for the purpose of attending the event. This includes in particular:

• Access control

• Customer support (contact person for logistics/business)

• Accompanying measures (photography, video recordings for reporting, social media, website, marketing)

Data sharing with cooperation partners

If necessary for the organization and execution of the event, personal data is shared with cooperation partners (e.g., co-organizers, service providers, exhibitors with booked services). Further sharing of your data with sponsors or advertising partners for marketing purposes is only done with your explicit consent (opt-in).

Lead management (on-site events)

At on-site events, a personal data record may be used for lead management offers. Participants may have the QR code printed on their ticket scanned by exhibitors or sponsors. By the active scan, participants give explicit consent for the data stored in the QR code to be processed by the respective exhibitor/sponsor and, if applicable, used for later marketing communication or for providing discounts and vouchers (Art. 6 para. 1 lit. a and f GDPR).

Press accreditation

For accredited press representatives, it is agreed through application and acceptance of accreditation that Art. 6 para. 1 lit. f GDPR serves as the legal basis for data processing.

Direct marketing and analysis

If data processing is not exclusively for contract fulfillment, it is carried out based on our legitimate interest according to Art. 6 para. 1 lit. f GDPR. This particularly concerns the processing and use of exhibitor and participant data for marketing purposes via mail or email.

In the case of emails, we may also analyze usage behavior based on § 7 para. 3 UWG to make our communication for events and services more target-oriented. The legal basis for this is our legitimate interest in targeted direct marketing.

Right to object

You can object to the processing of your data for direct marketing purposes at any time, without incurring any costs other than transmission costs at the basic rates.

Deletion

After the contract has been fully executed, once our interest in further processing ceases or you have revoked any given consent, your data will be deleted, taking into account tax and commercial retention periods, unless you have explicitly consented to further use of your data.

Consent for the use of photos and videos

During our on-site and online events, photos and videos may be taken. These may be published in various media (print, online, social media).

Legal basis: The creation and use of the recordings is either based on our legitimate interest under Art. 6 para. 1 lit. f GDPR for reporting, public relations, and marketing, or on your explicit consent according to Art. 6 para. 1 lit. a GDPR.

If you do not wish to be photographed or filmed, you can inform the photographer or videographer on-site. This will be respected.

By participating in our events, you consent to the use of image material in which you are identifiable, or that you provide to us, without restrictions in time, location, or content, for our communication purposes.

Use of recordings by us:

The recordings may be used in particular for:

• Reporting on the event

• Marketing and PR measures

• Presentation of our services and offers

• Publications on our websites, social media channels, and in print media

Press photos:

At events, accredited press representatives are usually present, who take their own photo and video recordings as part of their journalistic activities. These publications are made independently by the respective media based on press law and are outside our control. Please note that an objection to our use of images does not affect the work of external media representatives.

Revocation

If you wish to revoke a given consent, you can do so at any time with effect for the future. In this case, we will stop further publication and, as far as possible, remove existing image material.

5. Data Deletion and Storage Duration

Personal data is deleted or blocked as soon as the purpose of storage no longer applies. Storage may also continue as long as required by European or national legislation in EU regulations, laws, or other provisions to which the controller is subject (e.g., retention and documentation obligations under the German Commercial Code (HGB) or Tax Code (AO), as well as within the framework of statutory limitation periods under the German Civil Code (BGB)). Blocking or deletion of the data also occurs when a legally prescribed storage period expires, unless there is a necessity for further storage of the data for the conclusion or performance of a contract.

6. Transfer of Data to Third Parties

Personal data is only transferred in a legally permissible and purpose-bound manner, for example:

• For contract processing and the execution of events, including ticket codes

• To service providers within the scope of commissioned processing (hosting, IT, call centers, payment service providers, printing, logistics)

• To fulfill legal obligations or in the public interest

• In the legitimate interest of the company or third parties (e.g., authorities, debt collection agencies, lawyers)

• With the explicit consent of the data subject

Internal access: Only authorized employees may view personal data. External parties may use the data solely for the purpose for which it was transmitted.

Right to Object under Art. 21 GDPR

You have the right to object at any time to the processing of your personal data if such processing is based on Art. 6 (1) lit. f GDPR (data processing based on a balancing of interests) and reasons arise from your particular situation. This also applies to profiling based on this provision within the meaning of Art. 4 No. 4 GDPR.

If you object, we will no longer process your personal data unless we can demonstrate compelling legitimate grounds that override your interests, rights, and freedoms, or the processing serves the establishment, exercise, or defense of legal claims.

We may also process your personal data for direct marketing purposes. If you do not wish to receive advertising, you have the right to object at any time; this also applies to any related profiling. We will respect this objection for the future.

Status of the Privacy Policy: August 2025. Changes may occur in the course of the further development of our online offerings.