Responsible party as per data protection law is:
WE EVENTS DMCC,service license DMCC-843886,
Unit No. 3403-D05, Swiss Tower, Plot No. JLT-PH2-Y3A, Jumeirah Lakes Towers, Dubai, United Arab Emirates
Email: firstname.lastname@example.org (hereafter: WE EVENTS).
Below you will be informed of which data are recorded during a visit to our website and how these are used, processed and provided to others.
Data protection officer and EU data protection representative of WE EVENTS:
- SBS DATA PROTECT GmbH
- Hans-Henny-Jahnn-Weg 49
- 22085 Hamburg
- CEO: Thilo Noack
- E-mail: email@example.com
As the responsible party as per the data protection conditions, WE EVENTS is obligated to protect its customers' privacy and personal data, and to treat them as confidential. The retrieval, storage, alteration, transfer, blockage, deletion and usage of personal data occur based on the applicable legal terms, in particular the General Data Protection Regulation.
WE EVENTS uses technical and organizational security precautions to protect customers' data against access by unauthorized persons, random or deliberate manipulation, destruction, or loss.
§ 1 Access data
In the event of informational usage of the website, WE EVENTS only retrieves the personal data that the customers' browser provides to the WE EVENTS server. If the customer would like to view WE EVENTS' website, WE EVENTS retrieves the following data, which are technically required to display the website to the customer and to ensure stability and security:
- IP address
- Date and time of the request
- Time zone difference based on Greenwich Mean Time (GMT) Contents of the request (specific page)
- Access status/HTTP status code Respectively transferred data quantity Website from which the command originates Browser
- Operating system and interface
- Language and version of browser software
However, the web server stores these data separately from other data, making allocation of these data to a certain individual by WE EVENTS impossible.
The access data collected in the course of using our website is only stored for the period of time for which this data is required to achieve the above purposes. Your IP address is stored on our web server for a maximum of 7 days for IT security purposes.
Insofar as you visit our website in order to obtain information about our range of products and services or to use them, the basis for the temporary storage and processing of access data is Art. 6 para. 1 p. 1 lit. b GDPR (legal basis), which permits the processing of data for the performance of a contract or for the implementation of pre-contractual measures. In addition, Art. 6 para. 1
p. 1 lit. f GDPR serves as the legal basis for the temporary storage of technical access data. Our legitimate interest here is to be able to provide you with a technically functioning and user-friendly website and to ensure the security of our systems.
§ 2 Usage of cookies
In addition to the data specified above, cookies are also stored on the customer's computer when using the website. Cookies are small text files that are allocated to the customer's browser and stored on the customer's hard drive, and through which certain information is provided to the location that installed the cookie. Cookies cannot operate programs or transmit viruses to the computer. They serve to make the internet presence more user-friendly and effective overall.
The WE EVENTS website uses the following types of cookies, the scope and functionality of which are explained below:
- Transient cookies are automatically deleted when you close the browser. These mainly include session cookies. These store a so-called session ID, with which different requests from your browser can be allocated to the same session. This allows your computer to be recognized when you return to our website. The session cookies are deleted when you log out.
- Persistent cookies are automatically deleted after a specific period of time, which may vary from one cookie to the next. You can delete these cookies at any time in your browser's security settings.
- Flash cookies are not recorded by your browser, but rather by your Flash plug-in. These objects store the required data regardless of browser, and have no automatic expiration date.
- Third-party cookies are not installed by WE EVENTS, but rather by a third-party provider. Cookies from third-party providers are created by, for example, the services of Google Analytics, which are integrated into the WE EVENTS website. These third-party cookies are generated by integrated plug-ins or technology from the respective organizations.
WE EVENTS has no influence over the cookies and privacy settings of these services or organizations, and expressly notes that the services from third-party providers that are utilized are solely subject to their respective data protection guidelines.
You can find information on cookies from the following third-party services with the links below:
The customer may configure their browser settings as they please and decline the acceptance of cookies. If the customer does not wish for the processing of Flash cookies, they must install a corresponding add-on, e.g. "Better Privacy" for Mozilla Firefox
alternatively, the Adobe Flash Killer cookie for Google Chrome. The customer may prevent the usage of HTML5 storage objects by using private mode in their browser. Furthermore, WE EVENTS recommends regularly manually deleting the cookies and browser history. WE EVENTS notes that the deactivation of cookies may prevent the usage of all functions on this website.
This data processing is based on Art. 6 para. 1 s. 1 lit. f GDPR to protect the justified interests of WE EVENTS, namely optimization of the web presence.
§ 3 Retrieval and usage of personal data during a contact request
If you send us inquiries via the contact form, your message (comment) including the contact data you provided there will be stored and processed accordingly for the purpose of processing and answering the inquiry as well as for the case of follow-up questions. We do not pass on this data to third parties unless this is necessary in the context of processing and answering your contact request or you have given us your corresponding consent.
If you contact us within the framework of an existing contractual relationship or contact us in advance for information about our range of services or our other services, the data and information you provide will be processed for the purpose of processing and responding to your contact request in accordance with Art. 6 (1) sentence 1 lit. b GDPR (legal basis). Incidentally, for the protection of our legitimate interests pursuant to Art. 6 para. 1 p. 1 lit. f GDPR for the proper response to customer/contact inquiries.
The data you enter in the contact form will remain with us until the purpose for the data storage/processing no longer applies (e.g. after the processing of your inquiry has been completed). Mandatory legal provisions - in particular retention periods - remain unaffected.
§ 4 Retrieval of personal data during formation of a contract and payment
The following data are stored for purposes of an order:
- Telephone number,
- E-mail address,
- Delivery address if different from address,
- Payment information.
WE EVENTS uses these data solely to execute the contract with the customer and for any necessary communication with the customers. These include the initiation, formation, execution, provision, and any reverse transaction of the contract. The data are stored until complete execution of the contract. If there are any commercial or fiscal retention periods, the duration period may last up to 10 years.
§ 5 Transmission of data
WE EVENTS only provides customers' personal data to other parties to the extent required to execute the contract or to ensure WE EVENTS' justified interests. WE EVENTS utilizes external service providers (data processors) to execute the contract.
Separate data processing contracts were formed with these service providers in order to ensure the security of the customers' personal data.
To process payments, the customer's payment information, namely first name, surname, address, e-mail address, telephone number, date of birth and bank account, is sent to our payment processing provider.
This data processing is based on Art. 6 para. 1 s. 1 lit. b GDPR for the execution of the contract.
§ 6 Usage of data for marketing purposes, newsletter
WE EVENTS uses personal customer data to send a newsletter to the customer only if the customer has granted their prior consent to this usage.
For registration for the newsletter, WE EVENTS uses the so-called double opt-in procedure. This means that after registration, the customer receives an e-mail at the address provided in which WE EVENTS asks for confirmation that the customer would like to receive the newsletter. If the customer does not confirm their registration within 24 hours, their information will be blocked and automatically deleted after one month. Furthermore, WE EVENTS stores the IP address and the times of registration and confirmation. The purpose of this procedure is to verify registration and to be able to resolve any potential misuse of personal data.
The e-mail address is the only information required to send the newsletter. The provision of other, specially designated information is voluntary and will be used to personally address the customer. After confirmation, we save the customer's e-mail address for purposes of sending the newsletter.
The customer may revoke their consent to receive the newsletter and unsubscribe at any time. The customer may revoke their consent by clicking on the link provided in every newsletter email, through the form on the WE EVENTS website, or by e-mailing
§ 7 Usage of Google Analytics
WE EVENTS uses Google Analytics, a web analysis service of Google LLC ("Google"). Google Analytics uses so-called cookies, or text files that are stored on the customer's computer and which allow for an analysis of their usage of the website. The information about the usage of the website created by the cookie is generally sent to a Google server in the USA and stored there. In the event that IP anonymization is activated on this website, Google will truncate the customer's IP address in advance within member states of the European Union or in other signatory states of the Agreement on the European Economic Area. Only in exceptional cases the entire IP address will be sent to a Google server in the USA and truncated there. As ordered by WE EVENTS, Google will use this information to evaluate customer usage of the website, to compile reports about website activities, and to render other services associated with website usage and internet usage for WE EVENTS.
Google will not consolidate the IP address provided by the customer's browser with other data.
The customer may prevent the storage of cookies through a corresponding setting in their browser software; however, WE EVENTS notes that in this event the customer may not be able to fully utilize all functions of this website. Furthermore, the customer may prevent the recording of the information created by the cookie and concerning their usage of the website by Google (incl. their IP address), as well as the processing of this information by Google, by downloading and installing the browser plug-in available at the following link:
Alternatively, the customer may prevent recording by Google Analytics by clicking on the following link. This will install an opt-out cookie that prevents the future recording of your data when visiting this website:
Activate "opt-out cookie" for Google Analytics!
Please note that, should you delete the cookies in your browser settings, this may result in the deletion of the opt-out cookie and you may have to reactivate it. The WE EVENTS website uses Google Analytics with the extension "anonymize ()". This truncates IP addresses for processing, ruling out the possibility of personal identification. If a customer's data that has been retrieved is allocated to them, it will instantly be eliminated and the personal data are immediately deleted.
WE EVENTS uses Google Analytics to analyze the usage of its website and to regularly improve it. WE EVENTS can use the statistics it acquires to improve its internet presence and make it more interesting for the user. In the exceptional event in which personal data are transferred to the USA, this takes place on the basis of the EU Standard Contractual Clauses.
Information about the third-party provider:
Google Dublin, Google Ireland Ltd., Gordon House, Barrow Street, Dublin 4, Ireland,
Fax: +353 (1) 436 1001.
Overview of data protection:https://marketingplatform.google.com/about/
This website also uses Google Analytics for inter-device analysis of visitor flows, which is performed via user ID. The customer can deactivate this inter-device analysis of their use in their customer account under "My data", "Personal data".
This data processing is conducted on the basis of your voluntary consent. The legal basis is Art. 6 para. 1 s. 1 lit. a GDPR.
§ 8 Integration of social media links
This website contains links to the following social media channels: Facebook, YouTube, and VK.
You can recognize these links by the respective company logo of the social media provider. When you click on the link you will be redirected to WE EVENTS'account on the respective social media channel.
Only at this point will data be processed by the respective provider of the social media channel. You can learn about this processing of your personal data when using the website from the data protection information:
Facebook Inc., 1601 S California Ave, Palo Alto, California 94304, USA;http://www.facebook.com/policy.php
further information on the retrieval of data:http://www.facebook.com/help/186325668085084
as well ashttp://www.facebook.com/about/privacy/your-info-on-other#applications
In the exceptional event in which personal data are transferred to the USA, this takes place on the basis of the EU Standard Contractual Clauses.
YouTube LLC, 901 Cherry Ave., San Bruno, CA 94066, USA, further information on the retrieval of data: policies.google.com/privacy. In the exceptional event in which personal data are transferred to the USA, this takes place on the basis of the EU Standard Contractual Clauses.
LLC "V Kontakte", 1-N, bld. 12-14, Lit. A, Khersonskaya St., St. Petersburg, Russia; https://vk.com/privacy. VK has voluntarily committed to the European General Data Protection Regulation GDPR, https://www.eugdpr.org/
If you follow the links while visiting our website and are logged into your personal account on the linked social media channel, the information that you have visited our website will be transmitted to the respective social media channel. The social media providers can also link your visit to the website with your account. This information is sent to the social media providers and stored there. In order to prevent this, you must first log out of your respective account before clicking on the social media link.
This data processing is conducted on the basis of your voluntary consent. The legal basis is Art. 6 para. 1 s. 1 lit. a GDPR.
§ 9 Facebook fan page
For the informational service provided here, WE EVENTS utilizes the technical platform and services of Facebook Ireland Ltd., 4 Grand Canal Square Grand Canal Harbor, Dublin 2, Ireland ("Facebook").
According to the ECJ, there is a shared responsibility as per Art. 26 GDPR between Facebook and the administrator of a Facebook fan page for the personal data processed through the Facebook fan page. For this reason, Facebook and WE EVENTS have formed an agreement on their shared responsibility, which you may view here.
WE EVENTS provides you with the following information on data processing on our Facebook fan page:
- Responsible persons
Your personal data are processed on the Facebook fan page of WE EVENTS in shared responsibility with:
Facebook Ireland Ltd., 4 Grand Canal Square Grand Canal Harbor, Dublin 2, Ireland
- Data processing
When accessing our Facebook page, your end device's IP address is sent to Facebook. According to Facebook, this IP address is anonymized and deleted after 90 days, as long as the IP address in question is a German IP address. Furthermore, Facebook stores additional information about its users'end devices, such as the internet browser they use. It may thus be possible for Facebook to link IP addresses with certain users. If you are logged into your Facebook account when you visit our fan page, a cookie with your Facebook ID is installed on your end device. Through this cookie, Facebook can learn that you have visited our fan page and how you used it. Facebook uses this information to present you with customized content or advertisements.
If you do not wish for this to occur, you should log out of your Facebook account or deactivate the "stay logged in" function. We also recommend that you delete the cookies on your device, and close and restart your browser. This process deletes Facebook information that Facebook can connect to you.
However, should you wish to use the interactive functions of our fan page, you must log back into Facebook with your Facebook login information. This will make it possible for Facebook to connect information to you.
Facebook has not clearly specified, nor are we aware, of the manner in which Facebook uses data from visits to Facebook pages for its own purposes, the extent to which activities on the Facebook page are allocated to individual users, how long Facebook stores these data, and whether data from visits to Facebook pages are disclosed to third parties. As a user of our fan page, we are only able to refer you to Facebook's statements on data protection. Facebook processes the data about you that are retrieved in this manner, and may transmit them to countries outside of the European Union.
Facebook provides a general description of which information Facebook receives and how it is used in its data usage guidelines. There you will also find ways to contact Facebook, as well as the settings for advertisements. The data usage guidelines can be found at the following link:
Facebook's complete data guidelines can be found here:
Possibilities for opting out can be set here: https://www.facebook.com/settings?tab=ads and here
Facebook Inc. is the American parent corporation of Facebook Ireland Ltd. In the exceptional event in which personal data are transferred to the USA, this takes place on the basis of the EU Standard Contractual Clauses.
As the administrator of the Facebook fan page, we are unable to assess the transmission and further processing of personal user data in third countries, such as the USA, as well as the associated potential risks for you as a user.
- Insight function
Furthermore, through the "Insights"function Facebook provides a range of statistical data for WE EVENTS as the fan page administrator. These statistics are created and prepared by Facebook. We, as the administrator of the fan page, have no influence over the creation of the statistics, and we are unable to prevent this function. As part of the "Insights"function, we are shown the following information for the categories "fans", "followers","people reached", and "people interacting" for a given period of time:
Page activities like page visits, page preview, actions on the page, scope activities such as "Likes", people reached and recommendations, post activities such as post interactions, video views, comments, shared content.
WE EVENTS uses these aggregated data to make posts and activities on the fan page more attractive for users, e.g. for planning the content and timing of posts. The legal basis for this data processing is Art. 6 para. 1 s. 1 lit. f GDPR, namely our justified interest in optimizing our web presence.
- Storage period
We save the information provided by Facebook for as long as your interest in deletion or anonymization does not outweigh our own interest.
If you no longer wish for the data processing described here in the future, please use the "Unlike this page" and/or "Unfollow this page"functions to terminate the connection between your user profile and our fan page.
- Your rights as the affected person
§ 10 Rights of the customer as the affected person
You are entitled to the following rights as a data subject under the statutory requirements:
Right to information: You are entitled at any time to request confirmation from us within the scope of Art. 15 GDPR as to whether we are processing personal data relating to you; if this is the case, you are also entitled within the scope of Art. 15 GDPR to receive information about this personal data as well as certain other information (including processing purposes, categories of personal data, categories of recipients, planned storage period, the origin of the data, the use of automated decision-making and, in the case of third country transfers, the appropriate safeguards) and a copy of your data. For German customers, the restrictions of § 34 BDSG apply.
Right to rectification: you are entitled to demand that we rectify the personal data stored about you if it is inaccurate or incorrect, in accordance with Art. 16 GDPR.
Right to erasure: You are entitled, under the conditions of Art. 17 GDPR, to demand that we delete personal data relating to you without delay. The right to erasure does not apply if the processing of the personal data is necessary, for example, for the fulfillment of a legal obligation (e.g. legal retention obligations) or for the assertion, exercise or defense of legal claims. In addition, for German customers the restrictions of § 35 BDSG apply.
Right to restrict processing: You are entitled to demand that we restrict the processing of your personal data under the conditions of Art. 18 GDPR.
Right to data portability: You are entitled, under the conditions of Art. 20 GDPR, to demand that we hand over to you the personal data concerning you that you have provided to us in a structured, common and machine-readable format.
Right of revocation: You may revoke your consent to the processing of personal data at any time. This also applies to the revocation of declarations of consent given to us before the applicability of the GDPR, i.e. before 25.5.2018. Please note that the revocation only takes effect for the future. Processing that took place before the revocation is not affected. To declare the revocation, an informal communication, e.g. by e-mail to us, is sufficient.
Right of objection: You are entitled to object to the processing of your personal data under the conditions of Art. 21 GDPR, so that we must stop processing your personal data. The right to object exists only within the limits provided for in Art. 21 GDPR. In addition, our interests may conflict with the termination of processing, so that we are entitled to process your personal data despite your objection. We will consider an objection to any direct marketing measures immediately and without weighing the existing interests again.
Information about your right to object according to Art. 21 GDPR
You have the right to object at any time to the processing of your data that is carried out on the basis of Art. 6 (1) sentence 1 lit. f GDPR (data processing on the basis of a balance of interests) or Art. 6 (1) sentence 1 lit. e GDPR (data processing in the public interest), if there are grounds for doing so that arise from your particular situation.
If you object, we will no longer process your personal data unless we can demonstrate compelling legitimate grounds for the processing that override your interests, rights and freedoms, or the processing serves to assert, exercise or defend legal claims.
The objection can be made form-free and should preferably be directed to:
WE EVENTS DMCC, service license DMCC-843886,
Unit No. 3403-D05, Swiss Tower, Plot No. JLT-PH2-Y3A, Jumeirah Lakes Towers, Dubai, United Arab Emirates
Right of appeal to a supervisory authority: Under the conditions of Art. 77 GDPR, you have a right of appeal to a competent supervisory authority. In particular, you can address a complaint to the supervisory authority responsible for us or any other competent supervisory authority. A list of data protection supervisory authorities and their contact details can be found at the following link: https://www.bfdi.bund.de/DE/Infothek/Anschriften_Links/anschriften_links-node.html
Other concerns: For further data protection questions and concerns, please contact our data protection officer. Corresponding inquiries as well as the exercise of your aforementioned rights should, if possible, be sent in writing to our address given above or by e-mail to firstname.lastname@example.org
§ 11 Other processing purposes
Compliance with legal requirements: We also process your personal data to comply with other legal obligations that may apply to us in connection with our business activities. These include, in particular, retention periods under commercial, trade or tax law. In doing so, we process your personal data in accordance with Article 6 (1) sentence 1 lit. c GDPR (legal basis) to fulfill a legal obligation to which we are subject.
Enforcement: We also process your personal data in order to assert our rights and enforce our legal claims. Likewise, we process your personal data to be able to defend ourselves against legal claims. Finally, we process your personal data to the extent necessary to prevent or prosecute criminal offences. In this regard, we process your personal data to protect our legitimate interests pursuant to Art. 6 (1) p. 1 lit. f GDPR (legal basis), insofar as we assert legal claims or defend ourselves in legal disputes or we prevent or investigate criminal acts (legitimate interest).
Consent: Insofar as you have given us consent to process personal data for certain purposes (e.g. sending information material and offers), the lawfulness of this processing is based on your consent. Consent given can be revoked at any time. This also applies to the revocation of declarations of consent given to us before the GDPR came into force, i.e. before 25.5.2018. Please note that the revocation only takes effect for the future and processing operations up to that point are not affected.
§ 12 Duration of data storage
We initially process and store your personal data for the duration for which the respective purpose of use requires corresponding storage (see above for the individual processing purposes). If applicable, this also includes the periods of initiating a contract (pre-contractual legal relationship) and processing a contract. On this basis, personal data is regularly deleted as part of the fulfillment of our contractual and/or legal obligations, unless its temporary further processing is necessary for the following purposes:
- Fulfillment of legal retention obligations. The periods specified there for storage or documentation are up to ten years.
- Preservation of evidence taking into account the statute of limitations. These limitation periods can be up to 30 years, with the regular limitation period being three years.
§ 13 Data security
Personal data is protected by us by means of suitable technical and organizational measures in order to ensure an appropriate level of protection and to safeguard the personal rights of the persons concerned. The measures taken serve, among other things, to prevent unauthorized access to the technical equipment used by us and to protect personal data from unauthorized disclosure by third parties. In particular, this website uses SSL or TLS encryption for security reasons and to protect the transmission of confidential content, such as your contact requests that you send to us as the site operator. You can recognize an encrypted connection by the fact that the address line of the browser changes from "http://" to "https://"and by the lock symbol in your browser line. If SSL or TLS encryption is activated, the data you transmit to us cannot be read by third parties. Nevertheless, we point out that data transmission on the Internet (eg when communicating by e-mail) can have security gaps. A complete protection of data against access by third parties is therefore not possible.
§ 14 Obligation to provide data
In principle, you are not obliged to provide us withyour personal data. However, if you do not do so, we will not be able to provide you with unrestricted access to our website or answer your inquiries to us. Personal data that we do not absolutely require for the above-mentioned processing purposes are marked accordingly as voluntary information.
§ 15 Automated decision making/profiling
We do not use automated decision making or profiling (an automated analysis of your personal circumstances).
We hope that this information has helped you understand your rights. If you would like more information on the data protection regulations, we are happy to assist you.