Data Protection Policy

1. The data processor as per Art. 4 no. 7 GDPR is, depending on the type of data processing (see item 2.2), jointly or separately,

Berlin Tourismus & Kongress GmbH, Schöneberger Straße 15, 10963 Berlin

Executive Director: Burkhard Kieker, Sabine Wendt

Tel.: 030/250025

E-mail: info@visitberlin.de

Registered with the Amtsgericht Berlin-Charlottenburg under register number HRB 48652      

As the organiser, Berlin Tourismus & Kongress GmbH is responsible for all data

processing activities in accordance with Art. 26 GDPR.

The following personal information is retrieved and processed for purposes of participant reservation:

  •  First and last name
  •  Company name
  •  E-mail address
  •  Country of origin
  •  Telephone number
  •  Acceptance of terms of participation (time and date)
  •  Registration / ticket number
  •  Industry
  •  Date and time of beginning of participation in the event

3. Video and photo recordings may be made (including via drone and/or helicopter).

4. Personal information as per section 9.2 is processed in order to organise and execute the event, and in particular for admission management (assessing authorisation to participate). The information is then entered into the entire event management system for the event. The legal basis for this processing is Art. 6 para. 1 lit. b) GDPR (fulfilling a contract). We also reserve the right to compare invited participants in order to prevent duplications. The legal basis for this processing is our justified interest pursuant to Art. 6 para. 1 lit. f) GDPR. Refer to section 7 below for information on your right of cancellation.

5. Berlin Tourismus & Kongress GmbH reserves the right to send participants information about the event itself by e-mail before, during and after the event. In accordance with Section 7 (3) UWG, we do not need to obtain separate consent from you for this. In this respect, data processing is carried out solely on the basis of our legitimate interest in information/advertising in accordance with Art. 6 para. 1 lit. f GDPR. For your right to object, see section 7 below. In addition, we process your personal data on the basis of your consent in order to send you information about our future events, offers or similar services by email. The legal basis for the processing of your personal data is Art. 6 para. 1 lit. a GDPR (consent). We will not send you any information about other events without your express consent. You can revoke your consent at any time (see section 7).

6. The personal information listed in section 9.2 is also processed to adhere to other legal requirements to which organisers are bound (in particular commercial and fiscal law). The legal basis is Art. 6 para. 1 lit. c) GDPR (fulfilling a legal obligation). The photo and video recordings described in section 9.4 are created for purposes of press and public relations and are placed on the websites and social media accounts of Berlin Tourismus & Kongress GmbH. However, these recordings only show groups of persons, or the recordings are not limited to an individual. The legal basis is our justified interest in press and public relations as per Art. 6 para. 1 lit. f) GDPR. If individual recordings are to be made, the subject will be asked for their separate consent as per Art. 6 para. 1 lit. a) GDPR.

7. The personal information is forwarded to the respective data processor responsible for the processing in order to fulfil the legal obligations of the GDPR.

We also work with service providers to execute and organise the event (in particular the registration portal, e-mail, admission management, IT and hosting, photo/video recordings) who are acting on our behalf and may have access to the data. Data entered on websites or in social media are visible to all users worldwide. The providers of the respective social media (Twitter, YouTube, Facebook, Instagram, LinkedIn) who have their own terms of use/General Terms and Conditions (GTCs) and privacy policies also have access.

8. There is no plan to forward your personal information to a third country or countries outside of the EU or EEA (known as third countries). Refer to the Privacy Policy at https://www.visitberlin.de/de/datenschutzerklaerung to learn more about the publication of information on the websites or accounts of the social media providers, or the information provided when you are asked for separate consent.

9. Google Maps: On the Bestival website we use Google Maps (API) from Google Ireland Limited, Gordon House, 4 Barrow St, Dublin, D04 E5W5, Ireland ("Google"). Google Maps is a web service that displays interactive maps to visually present geographical information. The service shows a variety of locations and possible directions to a destination. Upon visiting those subpages where Google Maps is integrated, information on your use of our website (such as your IP address) is forwarded to Google servers and stored there. This may also entail forwarding to the servers of Google LLC in the USA. This is the case regardless of whether Google provides a user account through which you are logged in, or whether you have a user account. If you are logged in to Google, your data are directly allocated to your account. If you do not consent to the allocation with your Google profile, you must log out before activating the button. Google saves your data (included for users who are not logged in) as user profiles and evaluates them. The retrieval, storage, and evaluation occur on the basis of Art. 6 para. 1 lit. f) GDPR on the basis of Google's justified interest in the integrated of personalised marketing, market research, and/or needs-based configuration of Google websites. You have a right to object to the creation of these user profiles, and you must contact Google to exercise this right. If you do not consent to the future forwarding of your data to Google for purposes of using Google Maps, you are also able to fully deactivate Google Maps by deactivating JavaScript in your browser. This prevents the use of Google Maps and the map display on this website. Google's terms of use can be found at https://www.google.de/intl/de/policies/terms/regional.html, and the additional terms of use for Google Maps can be found at https://www.google.com/intl/de_US/help/terms_maps.html. Detailed information on data protection pertaining to the use of Google Maps can be found on the Google website (Google Privacy Policy): https://www.google.de/intl/de/policies/privacy/. If legally required, we have obtained your consent as per Art. 6 para. 1 lit. a) GDPR for the aforementioned processing of your data. You can revoke your consent at any time with effect for the future.

10. The data are stored until the contract has been fulfilled, pending the necessity of longer storage for reasons pertaining to other warranty rights of participants or other legal claims, or fiscal and commercial retention periods that prevent this (6 to 10 years according to commercial and fiscal law). The personal information listed in section 9.3 is deleted two (2) weeks or 48 hours after your visit according to the Third SARS-CoV-2 Infection Protection Measures Ordinance, or the contact information cannot be used for the purpose specified in section 9.3 after this period. Photographs and recordings are processed until they are no longer required for fulfilment of the specified purpose.

11. Data protection law grants you extensive data subject rights with regard to the processing of your personal information, which are listed below. You can

• as per Art. 15 GDPR, request disclosure of your personal information that we process. In particular, you can request disclosure of the purposes of processing, the category of personal information, the categories of recipients to whom your information was or is disclosed, the planned storage period, the existence of a right to correction/deletion/limitation of the processing, the existence of a right to objection, the existence of a right to file a complaint, the origin of your data if we did not retrieve them ourselves, and the existence of automated decision-making, including profiling, as well as any pertinent information on the characteristics thereof;

• as per Art. 16 GDPR, request the immediate correction of incorrect, or completion of incomplete personal information of yours that we store;

• as per Art. 17, GDPR, request the deletion of your personal information that we store provided the processing thereof is not required to exercise the right to freedom of expression and information, to fulfil a legal obligation, for reasons pertaining to the public interest, or to assert, exercise, or defend legal claims;

• as per Art. 18, GDPR, request the limitation of processing of your personal information, provided you contest the accuracy of the data, the processing is illegal but you reject the deletion thereof and we no longer require the data, but you still require them to assert, exercise, or defend legal claims, or you have objected to the processing thereof as per Art. 21 GDPR;

• as per Art. 20 GDPR, request provision of your personal information you have provided to us in a structured, conventional, and machine-readable format, or provision thereof to another data processor if the processing is based on consent (right to data portability);

• as per Art. 7 para. 3 GDPR, revoke any consent you have previously granted to us. This will result in us no longer being allowed to continue the processing based on this consent; and

• as per Art. 77 GDPR, file a complaint with a supervisory authority if you believe that the processing of your personal information violates the GDPR. Please find the contact information for the supervisory authority responsible for us below.

Right to objection

• as per Art. 21 GDPR, object to the processing based on Art. 6 para. 1 letter f) GDPR for reasons pertaining to your particular situation;

• as per Art. 21 GDPR and § 7 UWG, object at any time to the processing of personal information for marketing purposes or to the use thereof for marketing purposes.

You can contact datenschutz@visitBerlin.de to exercise your rights and to obtain information on the agreement formed with the data processor responsible for processing as per Art. 26 GDPR.

12. Contact information of the data protection officer:
TÜV Rheinland i-sec GmbH
Herr Oliver Gröger
Alboinstraße 56, 12103 Berlin
E-Mail: datenschutz@visitBerlin.de

13. You are able to file a complaint with the supervisory authority:
Berliner Beauftragte für Datenschutz und Informationsfreiheit
Meike Kamp
Alt-Moabit 50-61, 10555 Berlin
Tel.: +49 (0)30 13889-0
E-Mail: mailbox@datenschutz-berlin.de

The event is organised by:
Berlin Tourismus & Kongress GmbH
Schöneberger Straße 15, 10963 Berlin
Tel.: +49 30/ 25 00 25
Fax: +49 30/ 25 00 24 24
E-Mail: info@visitberlin.de
CEO: Burkhard Kieker, Sabine Wendt
Chair of the Supervisory Board: Oliver Schuhmacher
Commercial Register: Amtsgericht Charlottenburg, HRB 48652
VAT ID: DE 160 475 096

Updated: September 2024