Privacy Policy

Protecting your informational self-determination and privacy is an important concern for us, EQS Group AG, Karlstr. 47, 80333 Munich, Germany. That is why we collect, process and use personal data exclusively in accordance with the applicable laws on data protection and data security. The following disclosures are provided for your information. Please note that the website of the EQS Group may contain links to other providers’ websites to which this Privacy Notice does not extend.

This Privacy Notice does not apply to data or other content that we process, store or host in EQS Group systems aspart of the provision of EQS Group offers to our customers. This is subject to the respective privacy notice of our customers.

1. Websites and cookies

Our websites use so-called “cookies,” text files that are stored on your computer and, among other things, ensure optimal use of the website. You can find a list of the cookies we use and their purpose, as well as more detailed information on how you can make individual cookie settings, in our Cookie Policy.

a) The following data are always collected and processed when you visit our website, as these are necessary for the operation of our website:

  • Operating system and version
  • Browser type, version and plug-in types
  • Set browser language
  • End device used
  • Display resolution
  • Time-zone setting
  • Location data: country, timezone
  • Date and time of the server request
  • http response code
  • Cookie consent
  • Info on cookie consent status
  • IP address (will be anonymized after 24 hours)
  • Login information
  • Number of clicks (anonymous)

 

When you visit our websites, we collect and process your personal data on the basis of our legitimate interest for the following purposes:

  • For the efficient operation of our online offer and web presence.
  • To ensure the operation of IT systems. Ensuring operation includes, inter alia, the following activities:
  • Backup and recovery of data processed in IT systems
  • Incident and problem management for troubleshooting IT systems
  • Detection and defense against unauthorized access
  • Logging and monitoring of transactions to check the correct functioning of IT systems

You can always visit our websites without notifying us of who you are, and without your personal data being processed. To do this, please make the settings as described in our Cookie Policy.

b) The following data will be collected and processed during your visit to our website, should you have consented to the use of Marketing cookies:

  • Contact details, if you have made these available to us
  • Referral URL
  • The Marketing activity through which you became aware of us
  • Cookie ID
  • Pixel ID
  • IP address
  • Login information
  • Whether you open or forward messages from us
  • Information about how you use the website (for retargeting activities):
     
  • Time of the visit
  • Number of sessions
  • Retention time
  • Location information
  • Click path
  • visited pages
  • Number of visits
  • Interaction with advertisements, services and products
  • Conversion activities (downloads, requests etc.)

 

If you consent to the use of Marketing cookies, we collect and process your personal data when you visit our website for the following purposes:

  • To ensure product quality, research and development of new products
  • For the optimization and efficient operation of our online services, our web presence and email communications
  • To determine the effectiveness of marketing campaigns
  • For the creation of user profiles and retargeting measures

 

You can revoke your consent with effect for the future at any time. Further details are described in our Cookie Policy.

 c) The followingdata will be collected and processed during your visit to our website, shouldyou have consented to the use of statistical cookies:

  • Information about how you use the website:
  • Retention time
  • Number of sessions
  • Referrer URL
  • Click path
  • Click depth
  • IP address (anonymized)
  • Cookie ID
  • Browser information
  • Device information
  • Conversion activities (downloads, requests etc

If you consent to the use of statistical cookies, we collect and process your personal data when you visit our website for the following purposes:

  • To ensure product quality, research and development of new products
  • For the optimization and efficient operation of our online services, our web presence and email communications
  • To determine the effectiveness of marketing campaigns

You can revoke your consent witheffect for the future at any time. Further details are described in our Cookie Policy.

2. Contact forms/newsletter

We collect and process personal data whenever you submit a request to us or otherwise contact us, for example in the context of white papers, newsletters, email marketing, news service, event reminders or webinars. The data you provide us includes:

  • Name
  • Address
  • Company
  • Telephone number
  • Country
  • E-mail address
  • Job title

 

We collect and process these data for the purposes for which you provide them to us.

We also use the data for direct marketing, provided that you have given us separate consent for this purpose, or the authorization stems from an existing contractual relationship or the initiation of such a relationship. You can object to the direct marketing measures at any time.

3. Services or other performance by the EQS Group

We collect and process such personaldata provided as are necessary when initiating, or as part of, providing youwith a service or other performance. The data you provide us includes:

  • Name
  • Address
  • Company
  • Telephone number
  • e-mail address
  • Login information
  • Master data

 

Your personal data are collected and processed in order to initiate and fulfill contractual obligations, and in the event we have a legitimate interest in the use of your personal data, such as

  • to ensure product quality, research and development of new products,
  • to fulfill sales, service and administration processes
  • for improvement and economical operation our online offerings, our website and our e-mail communication,
  • to furnish you with advertising relative to similar products to those already purchased, unless you have objected to this,
  • to determine the effectiveness of marketing campaigns

4. Web beacons and tracking

a) We use web beacons (also referred to as “tracking pixels”) in relation to Webinars, events and resources only with your express consent.

For example, we may place web beacons in marketing e-mails to provide us with an idea of when you open our e-mail or click a link in the e-mail that redirects you to one of our websites.

The collected data is aggregated and analyzed for the purpose of optimizing our email communication and determining the effectiveness and reach of marketing campaigns by individually measuring, storing and evaluating open and click rates in recipient profiles.

You can revoke your consent to the use of this technology with future effect at any time. Furthermore you have the possibility to prevent our use of this technology by prohibiting HTML emails in the settings of your email client.

b) On our websites we use web beacons (also called tracking pixels) only with your express consent.

Through the tracking used on our websites, contacts you have with advertisements displayed on other websites (visual contacts and clicks on advertising banners) or with our emails are put in relation to interactions on our website.

The data collected is merged and evaluated for the purpose of optimizing and operating our online services, our website, and email communication, as well as for determining the effectiveness of marketing campaigns.

You can revoke your consent to the use of this technology with future effect at any time. Further details are described in our Cookie Policy.

c) For technical implementation we work with the following service providers

(1) HubSpot, Inc. 25 First Street, 2nd Floor, Cambridge, MA 02141 USA. The HubspotTracking Code uses cookies to track website traffic, create user profiles and improve the presentation of content on our websites. By concluded Standard ContractualClauses approved by the EU Commission with Hubspot, HubSpot agrees to comply with EU data protection requirements even when data is processed in the USA.

 

(2) In relation to Websites, Google Analytics, a web analysis service and Google Optimize that is provided by Google Inc. (1600 Amphitheatre Parkway, Mountain View, CA 94043, United States). As far as you have your habitual residence in the European Union or Switzerland, Google Ireland Limited (Gordon House, Barrow Street, Dublin 4, Ireland) is the responsible party for your data. We use Google Analytics to analyze website usage. The resulting data is used to optimize our website and advertising measures. This data is transferred und saved to a Google server in the USA. Google as well as governmental authorities have access to this data and it is also used by Google for its own purposes, such as profiling and merging it with other data about you. For this purpose, your data such as search history, personal accounts, usage data of other devices and all other data that Google has about you will be linked. In addition, we use the data collected by Google Analytics as part of the Google tool Optimize. Together with an additional cookie, Optimize allows us to test different versions of a website and how users react to these different versions. For example, we can test at which point within the website a particular piece of information is most attractive (A/B testing). The additional cookie is used to determine whether you are participating in a test and sets the end of the test. Further information and Google's applicable privacy policy can be found at https://www.google.de/intl/de/policies/privacy/ and http://www.google.com/analytics/terms/de.html. Google Analytics is explained in more detail under this link https://www.google.com/intl/de_de/analytics/

5. Re-targeting

We work with some advertising partners on the use of what is referred to as “re-targeting technology.” Under this technology, cookies from these partner companies (also known as“third-party cookies”) are also stored on your hard drive when you visit our website, if you have consented to the use of Marketing cookies.

The service provider collects and processesyour usage behavior on websites operated by us. These data are used to addressusers again after visiting our websites with targeted advertising based ontheir usage behavior. These advertisements are shown outside of our websites.Your interactions with these features are governed by the privacy policy of thecompanies that provide them. Please see our Cookie Policy for further details.

You can revoke your consent to the use of this technology on our website with future effect at any time. Further details are described in our Cookie Policy.

For more information on how to opt out of further use by the partner company, please see the partner company’s data privacy policy. We use the following third-party cookies, provided you have expressly consented:

a) LinkedIn Insight Tag of LinkedIn Corp., 2029 Stierlin Ct, Mountain View, CA 94043, USA (“LinkedIn”). For privacy matters outside the United States, LinkedIn Ireland, Privacy Policy Issues, Wilton Plaza, Wilton Place, Dublin 2, Ireland, is responsible. The LinkedIn InsightTag puts a cookie in the browser that is matched against the LinkedIn database to create anonymous user segments and enable retargeting. You can optout of LinkedIn retargeting in your LinkedIn settings. You can find the LinkedIn Privacy Statement here: https://www.linkedin.com/legal/privacy-policy

b) Twitter Website Tag from Twitter, Inc., 1355 Market Street, Suite 900, San Francisco, CA 94103, USA (“Twitter”). For privacy matters outside of the United States, Twitter International Company, One Cumberland Place, Fenian Street, Dublin 2 D02 AX07, Ireland, is responsible. The Twitter Website Tag puts a cookie in the browser, which is matched against the Twitter database to create anonymous user segments and enable retargeting. You can opt out of Twitter retargeting in your Twitter settings. You can find the Twitter Privacy Statement here: https://twitter.com/privacy

c) “Custom Audiences” from Facebook Inc. 1 Hacker Way, Menlo Park, CA 94025, USA (“Facebook”). If you have your habitual residence outside the USA or Canada, Facebook Ireland Ltd, 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland is the data controller. This function is used to show interest-related advertisements (“Facebook Ads”) to visitors to this website as part of their visit to the Facebook social network. For this purpose, the Facebook remarketing tag was implemented on this website. This tag establishes a direct connection to the Facebook servers when you visit the website. The Facebook server is notified that you have visited this website and Facebook assigns this information to your personal Facebook user account. Therefore, if you do not want this information to be associated with your Facebook account, please log out of Facebook before visiting our site and delete the cookies from your browser. For more information about Facebook’s collection and use of this information and your rights and choices about protecting your privacy, please see Facebook’s Privacy Notice at www.facebook.com/about/privacy/ Alternatively, you can disablethe remarketing feature “Custom Audiences” at www.facebook.com/settings/ To do this, you must be logged in to Facebook. In addition, various applications are available that make it possible to suppress data transmission to Facebook. Such applications can be used by you to suppress data transmission to Facebook.

d) Remarketing or “Affinity Audience”function and the “Google Ads” advertising program and, in this context, conversion tracking (visitor activity analysis) of Google LLC (1600 Amphitheatre Parkway, Mountain View, CA 94043, USA; (“Google”). If you are habitually resident in the European Economic Area or Switzerland, Google Ireland Limited (Gordon House, Barrow Street, Dublin 4, Ireland) is the data controller.

(1) The Remarketing or “Affinity Audience” feature is designed to analyze visitor behavior and interests. Google uses cookies to perform the analysis of website usage, which forms the basis for the creation of interest-related advertisements. Cookies are used to record visits to the website as well as anonymous data on the use of the website. Aspart of this technical process, Google obtains knowledge of personal data, such as the IP address or surfing behavior. When you visit another website in the Google Display Network, you will see ads that most likely reflect the product and information areas you have previously viewed. Your data may be transferred to the USA and possible forwarded to third parties. You can revoke your consent at any time with effect for the future. The use of cookies can be disabled on the Google Marketing Platform opt-out page or the Network Advertising Initiative opt-out page.

(2) The “Google Ads” advertising program and, in this context, conversion tracking (visitor activity analysis) is used to compile conversion statistics. These statistics tell us the total number of users who have clicked on one of our ads and been redirected to a page with a conversion tracking tag. When you click on an ad served by Google, a conversion tracking cookie is placed on your computer. These cookies are of limited validity, do not contain any personally identifiable information, and are therefore not used to personally identify you. If you visit certain pages on our site and the cookie hasn’t expired, Google and we can tell that you clicked on the ad and were redirected to that page. Each Google Ads customer receives a different cookie. As a result, there is no way that cookies can be tracked across the sites of ads customers. Google receives personal data, including your IP address. However, we do not receive any information that personally identifies users. Your information may be transferred to the USA. You can revoke your consent for the future at any time. To do so, go to www.google.de/settings/ads from each of your internet browser that you use and make the desired settings there. You can find further information and the Google data protection declaration at https://www.google.de/policies/privacy/.

6. Google Fonts

In our website, we use Google Fonts to display external fonts; this establishes a connection to the Google server in the USA when our website is accessed. This is a service provided by Google Inc., 1600 Amphitheatre Parkway, Mountain View, CA 94043 (hereinafter referred to as “Google”). If you are habitually resident in the European Economic Areaor Switzerland, Google Ireland Limited (Gordon House, Barrow Street, Dublin 4, Ireland) is the data controller. Accessing our website establishes a connection to Google from which Google can identify the website from which your request has been sent and the IP address to which the fonts are to be transmitted for display. The legal basis for the processing of the IP address is our legitimate interest in optimizing and economically operating our website.

By concluded Standard Contractual Clauses approved by the EU Commission with Google,” Google agrees to comply with privacy regulations of the EU are also followed when data are processed in the US.

7. YouTube Videos

We integrate videos from the “YouTube” platform of provider Google LLC, 1600 Amphitheatre Parkway, MountainView, CA 94043, USA. If you are habitually resident in the European Economic Area or Switzerland, Google Ireland Limited (Gordon House, Barrow Street, Dublin 4, Ireland) is the data controller. Your interactions with this function are governed by Google’s privacy policy: https://policies.google.com/privacy

8. Fulfillment of legal obligations

We will also process personal data if there is a legal obligation to do so. We are subject to a variety of legal obligations. In order to comply with these obligations, we process your data to the extent necessary and, where indicated, pass these along to the responsible authorities within the framework of statutory reporting obligations. If necessary, we also process your data in the event of a legal dispute, if the legal dispute requires the processing of your data.

9. We protect your personal data

The EQS Group uses technical and organizational security measures to protect your data against manipulation, loss, destruction or access by unauthorized persons. These security measures are continuously improved in keeping with technological progress. This includes, for example, access authorizations, authentications, audits, controls, alarm messages, data storage and backups, transmission standards and environmental integrity. For EQS Group employees, there is a Code of Conduct that obliges them to comply with the principles of data protection and data security.

10. How long we keep your information

We will only retain your data for as long as necessary for the purposes for which we process your data. If we process data for multiple purposes, they will automatically be deleted or stored in a format that does not permit direct conclusions to be drawn about you once the last specific purpose has been fulfilled.

11. Whom do we provide with international access to your data, and how do we protect these data in the process?

The EQS Group is a global company. Personal data are processed by employees, by Group companies and by service providers commissioned by us, preferably within the EU. Should data be processed in countries outside the EU, we use suitable measures (e.g. EU standard contractual clauses including appropriate technical and organizational measures) to ensure that your personal data are processed in accordance with European-level data protections.

12. Privacy Notice for Shareholders

Our Privacy Notice for Shareholders provides a clear summary of all of the information around the processing of the personal data of our shareholders.  This information is available here for download.

13. Conference Platform European Compliance & Ethics Conference

For providing the virtual EuropeanCompliance & Ethics Conference, we use the Hubilo Technologies Inc, having its office at 505 Montgomery Street, 10th Floor, San Francisco, CA 94111, USA (“Hubilo”).

What data do we need from you to operate the HelloSpaces online conferencing solution? What data is collected and stored in the process of use?

a) Registration and Ticketing

Users who are attendees in an event might be buying tickets for that event or registering for the same. Information that you provide while creating an attendee account or registering for that event or using any of its services i.e. buying tickets or attending certain sessions will ask for your personal information including name, e-mail address, contact number, country. We will treat this information as set out in Section 2 above.

While registering and buying tickets of an event, the user might be asked to enter the transaction and financial information (credit card details, debit card details etc). For these financial transactions third-party providers are used i.e. Stripe (see below). Both these third-parties are responsible for any financial information being collected of the user and their terms and conditions and privacy policies apply. We DO NOT store any payment related, financial or transactional details of any user.

b) Creating and editing a profile

A user profile is created for you based on the information you provide during registration. You have the option of adjusting, changing or deleting the information in your profile. The information in your profile is generally visible to other users. However, you can use a switch within your profile, in order to set your details to be hidden and thus not shown to other users.

You also have the option to set a profile picture. You can either create a picture with your camera or use a picture from your photo gallery. If you want to create a picture with your camera, it is necessary to allow the application access to this function. If you want to use a picture from your photo gallery, it is necessary to allow the app access to it.

The data processing carried out in this context is necessary to provide our service in accordance with Art. 6 (1) sentence 1 lit. b GDPR, as requested by you. It should be noted, that the majority of the data is provided from your side and on a voluntary basis.

c) Chatting & meetings with other users

You can contact other users. The information you share in the chat is transmitted to the other users for this purpose. This exchange of information constitutes  the basic functionality of a chat. The data processing is therefore based on our legitimate interest, as our interest in enabling users to exchange information out weighs the interests and rights of users who do not wish to exchange data. It should be noted that this processing of personal data is based precisely on an action of the data subject. Furthermore, this processing is necessary for the performance of the contract between you and us according to Art. 6 (1) sentence 1 lit. b GDPR. Of course, we do not take access to the messages exchanged by users.

d) Use of the camera and/or photogallery

Among others, when creating a profile, scanning the QR code of your ticket and posting your company logo or header, you have the option of creating a picture directly via the camera of your device or using a picture from the photo gallery of your device. The data processing is hereby based on Art. 6 (1) sentence 1 lit. a GDPR, as you can freely choose to upload a photoand Art. 6 (1) sentence 1 lit. b GDPR, as data processing in this context is necessary to enable this function. In this context, we would like to inform you that you are only entitled to post pictures which you are permitted to use and post in our service.

e) Contacting the support

You have the possibility to contact our support via the corresponding button and to send us questions and suggestions. Contacting our support takes place by sending an e-mail via the relevant app  on your device. When sending an e-mail, your e-mail and the content of your message will be communicated inevitably to us and your e-mail will be stored on our servers. This data processing is necessary to make contacting us by e-mail technically possible at all and to make the e-mail retrievable for us. The data processing in this context is necessary to enable this function, so the data processing is based on Art. 6 (1) sentence 1 lit. b GDPR.

f) Which other services are used to provide the event platform?

Depending on the feature used in the application, the following additional suppliers may be used.

The legal basis for the aforementioned data processing is Art. 6 (1) f) GDPR based on our legitimate interest. We want to provide you with the technical infrastructure to be able to offer our products and services.

Twilio SendGrid
US
1801 California Street Suite 500 Boulder, CO 80202 United States
Customer communication platform for transactional and marketing emails
https://sendgrid.com/resource/general-data-protection-regulation-2/; https://sendgrid.com/policies/security/; https://sendgrid.com/files/SendGrid-FAQ.pdf
Zoom
Global
55 Almaden Boulevard, Suite 600, San Jose, CA 95113
Video Conferencing/Web Conferencing Platform
https://zoom.us/privacy#_Toc44414845; https://zoom.us/trust/legal-compliance
AWS
EU (Frankfurt)
410 Terry Avenue North, Seattle, WA 98109-5210
Application Hosting and Data Storage
https://d1.awsstatic.com/legal/aws-gdpr/AWS_GDPR_DPA.pdf; https://aws.amazon.com/compliance/programs/
AWS
EU (Frankfurt)
410 Terry Avenue North, Seattle, WA 98109-5210
Static / Image Asset Storage
https://d1.awsstatic.com/legal/aws-gdpr/AWS_GDPR_DPA.pdf; https://aws.amazon.com/compliance/programs/
Stripe Inc.
EU
505 Montgomery street 10th floor San Francisco CA 94111 US
Payment Processing
https://stripe.com/en-in/privacy
MUX
US
1182 Market St., Suite 425, San Francisco, CA 94102
A/V Ingestion, Transcoding & Distribution
https://mux.com/files/mux-dpa.pdf

14. Contacting us, your privacy rights and your right to lodge a complaint with the data protection authority

If you have granted consent to our processing of your personal data, you have the right to withdraw your consentat any time. The lawfulness of the processing of your personal data up until this withdrawal is not affected by the withdrawal. Further processing of this data under a different basis in law, for example to fulfill legal obligations, remains unaffected as well.

Do you have any further questions or comments on the subject of data protection, particularly as concerns information on the data stored about you? Do you want information about your data, the data we have stored, or to check, amend or delete your data? You want to limit our processing of your data or object to it? Then contact the EQS Group Data Protection Officer at datenschutz@eqs.com

We take your concerns and rights very seriously. However, if you believe that we have not adequately addressed your complaints or concerns, you have the right to file a complaint with a competent data protection authority.