§ 5 TMG (TELEMEDIENGESETZ)

Die Internetseiten spce-hub.org und ipgt.net werden betrieben von
IPGT Projects GmbH
Rollbergstr. 28A
12053 Berlin
Deutschland

Kontakt

Telefon: +49 30 3977 2765
Email: info@ipgt.net

Registergericht: Amtsgericht Berlin Charlottenburg
Registernummer: HRB 223598 B
Vertretungsberechtigte Geschäftsführer: Dr. Sebastian Schiek
Umsatzsteuer-Identifikationsnummer nach § 27a UStG: DE339336703

Privacy Policy

In this privacy policy, we inform you about the processing of your personal data in connection with the use of our website (www.spce-hub.org). Personal data refers to information which relates to an identified or identifiable person. This includes, in particular, information which makes it possible to draw conclusions about your identity, such as, for example, your name, telephone number or e-mail address. However, certain identifiers, such as your IP address or the device ID of the end device you are using, also constitute personal data.

1. Data controller and point of contact

Within the meaning of the General Data Protection Regulation (GDPR), the point of contact and so-called data controller with responsibility for processing your personal data when visiting this website is the

SPCE Hub – IPGT Projects GmbH
Rollbergstr. 28A
12053 Berlin
hereinafter referred to as: ‘IPGT’, ‘we’ or ‘us’.
Telephone: +49 (0) 30 3977 2765
E-mail: dataprotection(at)spce-hub(dot)org

For all queries regarding data protection in connection with our activities or the use of our website, please contact us at any time. You can contact us at the above postal address and e-mail address.

2. Data processing on our website

2.1 Visiting our website/connection data

Every time you use our website, our data processing service company collects the data which your browser automatically transmits in order to enable you to visit our website. This connection data comprise the so-called HTTP header information, including the user agent, and include in particular:

• The IP address of the software/browser that is making the request to the website;
• Methods (e.g. GET, POST), date and time of request;
• The address of the requested website and path of the requested file;
• If applicable, the previously accessed website/file (HTTP referrer);
• Information about the browser used and the operating system;
• A version of the HTTP protocol, the HTTP status code, the size of the delivered file;
• Request information such as language, type of content, encoding of content and character sets;
• At the moment, our website does not use cookies.

This connection data must be processed to enable the website visit, to guarantee the permanent functionality and security of our systems, and to facilitate the general administrative maintenance of our website. For the purposes described above, the connection data is also stored – temporarily and limited to the most necessary content – in internal log files. This allows us to find the cause of and take action against repeated or criminal attempts to access our website that endanger its stability and security.

The legal basis for this data processing is Article 6(1)(b) GDPR, insofar as the page view occurs in the course of the initiation or execution of a contract, and otherwise Article 6(1)(f) GDPR due to our legitimate interest in enabling access to the website and ensuring the permanent functionality and security of our systems. However, the automatic transmission of the connection data and the log files developed on that basis do not amount to accessing information in the end device within the meaning of the national laws developed by EU member states for the purpose of transposing the ePrivacy Directive (in Germany, Section 25 TTDSG).

The log files are generally stored in abbreviated form with no direct personal reference for seven days. In exceptional cases, individual log files and IP addresses are kept for longer than that in order to prevent further attacks from a particular IP address in the event of cyber-attacks and/or to take legal action against the attackers.

Our data processing service company is:
1&1 IONOS SE
Elgendorfer Straße 57
56410 Montabaur, Germany

2.2 Making contact

You can contact us by e-mail and by telephone. In this context, we only process your data for the purpose of communicating with you.

The legal basis for this processing is Article 6(1)(b) GDPR, insofar as your details are required to answer your question or to initiate or execute a contract, and otherwise Article 6(1)(f) GDPR due to our legitimate interest in enabling you to contact us and responding to your query.

The data we collect when you contact us will be deleted not later than six month after we have fully processed your enquiry, unless we still need your enquiry to fulfil contractual or legal obligations (see section 7 ‘Storage period’).

2.3 Newsletter

You have the opportunity to subscribe to our newsletter.

2.3.1 Subscribing to the SPCE Hub Newsletter

For subscriptions to our newsletter, we use the so-called double opt-in procedure, i.e. we will only send you newsletters by e-mail after you click on a link in our notification e-mail to confirm that this is your e-mail address. Provided you confirm that this is your e-mail address, we save it along with the time of registration and the IP address used for registration until such time as you unsubscribe from the newsletter. We store this information solely for the purpose of sending you the newsletter and proving that you have registered. In addition, we check whether our newsletter can in fact be delivered.

The legal basis for this data processing is Article 6(1)(a) GDPR. You can revoke your consent at any time with future effect by unsubscribing from the newsletter. A corresponding unsubscribe link can be found in every newsletter. A notification to this effect sent via e-mail or letter to the addresses specified above or in the newsletter would also suffice.

2.3.2 Newsletter tracking

We want to use our newsletter to share the most relevant possible content with our subscribers and better understand what actually interests them. That is why we use customary technologies for measuring interactions with the newsletter (e.g. opening the e-mail, links clicked). We pseudonymise this data for general statistical evaluations and for the optimisation and further development of our content and communications with subscribers. To this end, we use tiny graphic elements embedded in the newsletter (pixels), which establish a connection with the image server when the e-mail is opened. In addition, we use links where we first register a click on this link and only then redirect the user to the desired target page.

The legal basis for this is your consent in accordance with Article 6(1)(a) GDPR. You can revoke your consent to the analysis of your usage behaviour at any time with future effect by unsubscribing from the newsletter. You can also prevent the measurement of your email opening rate by deactivating graphics or the output of HTML content in your e-mail programme by default.

2.4 Conferences and others events

When you register for our events by email or if you are a speaker at our events, we collect and process personal information such as name, email, phone number, institutional affiliation, address, dietary preferences, accessibility needs.
We use these data on the basis of our legitimate interest to conduct a safe and effective event pursuant to Article 6(1)(f) GDPR.

3. Use of tools on the website

3.1 Technologies used

This website uses various services and applications (referred to collectively as ‘tools’), which are provided either by us or by third parties. This includes, in particular, tools that use technologies to store or access information in the end device:

• Cookies: At the moment, we do not use cookies on our website. This may change in the future. We will inform website visitors about is. If so, information stored on the end device, consisting in particular of a name, a value, the storing domain and an expiry date. Session cookies (e.g. PHPSESSID) are deleted after the session, while persistent cookies are deleted after the specified expiry date. Cookies can also be removed manually.
• Web storage (local storage/session storage): information stored on the end device, consisting in particular of a name and a value. Information in the session storage is deleted after the session, while information in the local storage has no expiry date and generally continues to be stored unless a mechanism for deletion has been set up (e.g. storage of a local storage with time entry). Information in the local and session storage can also be removed manually.
• JavaScript: programming codes (scripts) embedded in or accessed from the website which, for example, set cookies and web storage or actively collect information from the end device or about the usage behaviour of the visitor. JavaScript can be used for ‘active fingerprinting’ and usage profiling. JavaScript can be blocked by a setting in the browser, although most services will then no longer function.

With the help of these technologies and also through the mere establishment of a connection on a page, so-called ‘fingerprints’ can be created, i.e. usage profiles that do not require the use of cookies or web storage and can still recognise visitors. Fingerprints due to connection establishment cannot be completely prevented manually.

Most browsers are set by default to accept cookies, run scripts and display graphics. However, you can usually adjust your browser settings to reject all or certain cookies or block scripts and graphics. If you completely reject cookies and block graphics and scripts, our services will probably not work or not work properly.

In what follows, we list the tools we use by category, informing you in particular about the providers of the tools, the storage period foreseen for the cookies or information in local storage and session storage, and the transfer of data to third parties. We also explain the cases in which we obtain your voluntary consent to use the tools and how you can revoke it.

3.2  Legal basis and revocation

3.2.1 Legal basis

We use tools necessary for the operation of our website on the basis of our legitimate interest in ensuring the basic functions of our website pursuant to Article 6(1)(f) GDPR. In certain cases, these tools may also be necessary for the fulfilment of a contract or for the implementation of pre-contractual measures, in which case the processing is carried out in accordance with Article 6(1)(b) GDPR. Access to and the storage of information in the end device is absolutely necessary in these cases and takes place on the basis of the national laws developed by EU member states for the purpose of transposing the ePrivacy Directive (in Germany, Section 25 paragraph 2 TTDSG).

Our use of all other optional tools with additional functions is based on your consent in accordance with Article 6(1)(a) GDPR. Access to and the storage of information in the end device then takes place on the basis of the national laws developed by EU member states for the purpose of transposing the ePrivacy Directive (in Germany, Section 25 paragraph 1 TTDSG). Data is processed using these tools only if we have received your consent in advance.

If personal data is transferred to third countries (e.g. the USA), we refer you to section 6 of this policy, also with regard to the risks this may entail: ‘Data transfer to third countries’. We will inform you if an adequacy decision exists for the third country in question or if standard contractual clauses or other guarantees have been concluded for the use of certain tools. If you have consented to the use of certain tools and to the associated transfer of your personal data to third countries, we (also) transfer the data processed when using the tools to third countries on the basis of this consent pursuant to Article 49(1)(a) GDPR.

3.2.2 Obtaining your consent

At the moment, we do not use cookies on our website and thus do not require consent. This may change in the future. We will inform website visitors about changes.

3.2.3 Revoking your consent or changing your selection

Consent-Management

You can revoke your consent for certain tools, i.e. for the storage of and access to information in the end device, the processing of your personal data and the transfer of your data to third countries, at any time with future effect. To do so, click on the link “Privacy” in the footer of this website. There, you can also change the selection of tools you wish to consent to using and obtain additional information on the tools used. Alternatively, you can assert your revocation for certain tools directly with the provider.

3.3 Necessary own tools

We use our own necessary tools (list tools) to access or store information on the end device, in particular

• To save your language settings,
• To register that you have already been shown information placed on our website – so that this is not shown again on your next visit to the website.
• To enable the basic functions of our website (‘necessary tools’). Without these tools we could not provide our service. Therefore, necessary tools are used without obtaining your consent.

We use necessary tools for the operation of our website on the basis of our legitimate interest in ensuring the basic functions of our website pursuant to Article 6(1)(f) GDPR. In those cases where the provision of the respective website functions is necessary for the fulfilment of a contract or for the implementation of pre-contractual measures, data processing is carried out in accordance with Article 6(1)(b) GDPR. Access to and the storage of information in the end device is absolutely necessary in these cases and takes place on the basis of the national laws developed by EU member states for the purpose of transposing the ePrivacy Directive (in Germany, Section 25 paragraph 2 TTDSG).

In the event that personal data is transferred to third countries (such as the USA), we refer to section 6 of this policy in addition to the information provided below: ‘Data transfer to third countries’.

3.4 Functional tool: embedding of YouTube content

We also use optional tools to improve our website’s user experience and to provide you with more features (‘functional tools’). While these tools are not essential to support the website’s basic functions, they can offer users significant benefits, mainly as regards the provision of additional communication channels. This may include, in particular, the embedding of external content such as videos.

The legal basis for this use of functional tools is your consent in accordance with Article 6(1)(a) GDPR, which you submit via the consent banner or the tool itself by allowing the use of the tool individually via an overlay. Access to and storage of information on the end device are then governed by the national laws developed by EU member states for the purpose of transposing the ePrivacy Directive (in Germany, Section 25 paragraph 1 TTDSG). For information on revoking your consent, see Section 3.2.3: ‘Revoking your consent or changing your selection’.

In cases where personal data is transferred to third countries (e.g. the USA), your consent explicitly extends to this data transfer as well (Article 49(1)(a) GDPR). For information about the risks involved, please refer to Section 6: ‘Data transfer to third countries’.

YouTube videos

We have embedded videos in our website; these videos are stored by YouTube and can be played back from our website. YouTube is a multimedia service provided by YouTube LLC, 901 Cherry Ave., San Bruno, CA 94066, USA (‘YouTube’) and supplied to users in the European Economic Area and Switzerland by Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland, and to all other users by Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA (collectively known as ‘Google’). YouTube may place items of information such as cookies and local storage and session storage data on your end device; it may also execute the JavaScript function, which accesses information on your device.

We have enabled YouTube’s privacy-enhanced mode. According to its own documentation, this means that Google then receives less usage information from YouTube and its video recommendations and advertisements will be non-personalised. However, cookies will continue to be placed and data stored in the local storage and session storage on your end device, including, in particular, your device ID and other information relating to video playback, which can be accessed by Google. The specific information that will be stored/read depends on various factors, principally whether you are already logged into your YouTube account when accessing our pages and which browser you are using.
The following cookies may be placed by YouTube:

• “PREF” (8 months): used to store your preferences like autoplay choices and player size.
The following cookies may be placed in your device’s local storage:
• “yt-remote-device-id”: stores the device ID;
• “yt-player-headers-readable”: stores the option to read the player header information;
• “yt.innertube::requests”: stores the user’s requests;
• “yt.innertube::nextId”: stores the ID of the next video;
• “yt-remote-connected-devices”: stores the connected end devices;
• “yt-player-bandwidth”: stores the connection bandwidth;
• “yt-player-volume”: stores volume preferences;
• “yt-player-quality”: stores the video quality/resolution;
• “yt-player-performance-cap”: stores possible performance cap based on connection bandwidth;
• “yt-html5-player-modules::subtitlesModuleData::module-enabled”: stores whether subtitles are enabled.

The following cookies may be stored in session storage:

• “yt-remote-session-app”: stores the type of end device;
• “yt-remote-cast-installed”: stores whether YouTube streaming is installed;
• “yt-remote-session-name”: stores the type of end device;
• “yt-remote-cast-available”: stores whether YouTube streaming is available;
• “yt-remote-fast-check-period”: stores the check on the connection bandwidth;
• “yt-player-volume”: stores volume preferences;
• “yt-player-caption-language-preferences”: stores the language of subtitles.

The legal basis for this data processing is your consent in accordance with Article 6(1)(a) GDPR. Access to and storage of information on the end device are then governed by the national laws developed by EU member states for the purpose of transposing the ePrivacy Directive (in Germany, Section 25 paragraph 1 TTDSG). The transfer of your data to the USA and other third countries requires your explicit consent under Article 49(1)(a) GDPR.
When you visit our website, YouTube and Google will be notified that you have accessed the corresponding page of our website. This takes place whether or not you are logged into YouTube or Google. YouTube and Google use this data for advertising and market research purposes and in order to tailor their services to identified needs. If you access YouTube from our website while you are logged into your YouTube or Google account, YouTube and Google will be able to associate this event with your corresponding profile. To avoid this, you must log out of Google before accessing our website.

In addition to your right to revoke your consent, you have the option to disable personalised advertising in Google’s Ad Settings. In this case, Google will display non-personalised advertisements only: https://adssettings.google.com/notarget.

For further information, please refer to the Google Privacy Policy, which is also applicable to YouTube: https://policies.google.com/privacy.

4. Online presence in social networks

We maintain an online presence in social networks, among other things in order to communicate with users and inform them about our activities. These social networks generally process users’ data for market research and advertising purposes. In this way, user profiles can be compiled on the basis of users’ interests. Cookies and other identifiers are stored on the data subjects’ devices for this purpose. Based on these profiles, advertisements, for example, can then be placed on these social networks and on third-party websites.
During the operation of our online presence, we may, on occasion, be able to access information provided by the social networks, such as statistics on the use of our online presence. These statistics are aggregated and may include, in particular, demographic information (e.g. age, gender, region, country) and data about interactions with our online presence (e.g. likes, subscriptions, shares, views of images and videos) and related posts and content. These in turn may reveal information about users’ interests and indicate which content and topics are particularly relevant to them. We may also use this information in order to adapt the design, activities and content of our online presence and optimise them for our audience. Please refer to the list below for details and links relating to the social network data that we are able to access as an operator of an online presence. The collection and use of these statistics are generally subject to joint controllership. The relevant contract, where applicable, is stated below.

The legal basis for this data processing is Article 6(1)(f) GDPR for the purposes of our legitimate interest in effective provision of information and communication with users.
If you have an account with the social network, we may be able to view your publicly available information and media when we access your profile. Furthermore, the social network may, under certain circumstances, enable us to make contact with you, e.g. via direct messaging or posts. The communication of content via the social network and the processing of content-related data are subject to the controllership of the social network as the messaging and platform service.

For information about the legal basis for data processing by the social networks under their controllership, please refer to the privacy notice of the social network concerned. Further information on this data processing and on opportunities to lodge objections is available via the links below.

We would point out that the most efficient way to obtain an answer to data protection enquiries is to contact the social network provider concerned, as only the providers have access to the data and are in a position to take the appropriate measures. You may, of course, bring the matter to our attention as well. In this case, we will process your enquiry and forward it to the relevant social network provider.

Below, we provide a list with information about the social networks on which we maintain an online presence:

• Facebook (USA and Canada: Facebook Inc., 1601 Willow Road, Menlo Park, California 94025, USA; all other countries: Facebook Ireland Ltd., 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland)
◦ Joint controllership of the Facebook fan page based on a joint controllership arrangement (Page Insights Controller Addendum): https://www.facebook.com/legal/terms/page_controller_addendum
◦ Information about processed Page Insights data and contact details for data protection enquiries: https://www.facebook.com/legal/terms/information_about_page_insights_data
◦ Privacy Policy: https://www.facebook.com/about/privacy/
◦ Opt-Out: https://www.facebook.com/settings?tab=ads and http://www.youronlinechoices.com.
• Google/YouTube (Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland)
◦ Privacy Policy: https://policies.google.com/privacy
◦ Opt-Out: https://www.google.com/settings/ads.
• Twitter (Twitter International Company, One Cumberland Place, Fenian Street, Dublin 2, D02 AX07 Ireland)
◦ Privacy Policy: https://twitter.com/de/privacy
◦ Opt-Out: https://twitter.com/personalization

5. Transfer of data

In principle, data collected by us is passed on only if, in the specific case, a legal basis for doing so exists in data protection law, in particular if:
• you have given your explicit consent to the transfer in accordance with Article 6(1)(a) GDPR,
• the forwarding of the data in accordance with Article 6(1)(f) GDPR is necessary for the establishment, exercise or defence of legal claims and there are no grounds to assume that you have an overriding interest, which requires protection, in preventing the onward transmission of your data,
• we have a statutory obligation to pass on the data in accordance with Article 6(1)(c) GDPR; this applies particularly if, on the grounds of requests from public authorities, judicial decisions or legal proceedings, this is necessary for the pursuit or enforcement of justice,
• this is authorised by law and, in accordance with Article 6(1)(b) GDPR, is necessary for the performance of a contract to which you are party or in order to take steps at your request prior to entering into a contract.
Some of the data processing may be undertaken by our service providers. In addition to those mentioned in this Privacy Policy, these service providers may include, in particular, computer centres which store our website and databases, software providers, IT service providers who service our systems, agencies, market research companies, affiliated companies and consultancy firms. If we pass on data to our service providers, they must use the data solely for the performance of their tasks. We have carefully chosen and commissioned the service providers. They are contractually bound by our instructions, have put in place appropriate technical and organisational measures for the protection of the rights of the data subjects and are regularly checked by us.

6. Data transfer to third countries

As stated in this Privacy Policy, we use services whose providers, in some cases, are located in third countries (outside the European Union and the European Economic Area) or process personal data there; these are countries whose level of data protection may not reach the level applicable in the European Union. Insofar as this is the case and the European Commission has not adopted an adequacy decision in respect of these countries (Article 45 GDPR), we have taken corresponding measures to ensure an adequate level of data protection for any transfer of data that may be made. These measures include the European Union’s standard contractual clauses and binding corporate rules.

If this is not possible, we base the data transfer on derogations under Article 49 GDPR, particularly your explicit consent or the necessity of the transfer for the performance of a contract or the implementation of pre-contractual measures.

Insofar as transfer to a third country is envisaged and no adequacy decision or appropriate guarantees are available, there is both a possibility and a risk that public authorities in the third country concerned (e.g. intelligence services) may gain access to the transferred data for the purposes of data-gathering and analysis and that the enforceability of your rights as the data subject may not be guaranteed. Information on this topic will be provided to you when you give your consent via the consent banner.

7. Storage duration

In principle, we only store personal data for as long as is necessary for the fulfilment of the purposes for which we collected the data. After this, we delete the data without undue delay unless we still require the data until the expiry of the statutory limitation period for purposes of proof for civil law claims or due to statutory periods of safekeeping, or if, in the specific case at hand, another legal basis exists in data protection law justifying the continued processing of your data.

We are obliged to store contractual data, in particular, for purposes of proof for three years after the end of the year in which the business relationship with you ends. Any claims lapse at this point in time, at the earliest, following the usual statutory limitation period.
Even after this time, we are required to store some of your data for accounting reasons. We have an obligation to do so due to statutory duties of documentation, which may arise, for example, from the Commercial Code or the German Fiscal Code. The time-limits prescribed therein for the safekeeping of documents are between two and ten years.

8. Your rights, particularly revocation and objection

As the data subject, you may, at any time, assert the following rights, as provided for in Article 7(3), Articles 15–21 and Article 77 GDPR, provided that the relevant legal requirements are met:
• Right to withdraw your consent (Article 7(3) GDPR);
• Right to object to the processing of your personal data (Article 21 GDPR);
• Right to information about the processing of your personal data by us (Article 15 GDPR);
• Right to rectification of inaccurate personal data concerning you and stored by us (Article 16 GDPR);
• Right to erasure of your personal data (Article 17 GDPR);
• Right to restriction of processing of your personal data (Article 18 GDPR);
• Right to portability of your personal data (Article 20 GDPR);
• Right to lodge a complaint with a supervisory authority (Article 77 GDPR).

In order to assert your rights described here, you may, at any time, make use of the contact details provided above. The same applies if you wish to receive copies of guarantees proving an adequate level of data protection. Provided that the relevant legal requirements are met, we will comply with your data protection request.

Your requests to assert your data protection rights and our replies will be held in safekeeping for a period of up to three years for documentation purposes and occasionally, in individual cases, for longer periods for the establishment, exercise or defence of legal claims. The legal basis is Article 6(1)(f) GDPR for the purposes of our interest in mounting a defence against any civil law claims (Article 82 GDPR), avoiding administrative fines (Article 83 GDPR) and fulfilling our duty of accountability (Article 5(2) GDPR).

You have the right to revoke consent already granted in relation to us at any time. This has the consequence that we will no longer continue the data processing based on this consent for the future. Revocation of the consent does not affect the lawfulness of the processing which took place in the past on the basis of the consent until the time of revocation.
Insofar as we process your data for the purposes of our legitimate interests, you have the right to object, on grounds relating to your particular situation, at any time to processing of your personal data. Where personal data are processed for direct marketing purposes, you have a general right of objection which we will also respect even without a statement of reasons.

If you wish to assert your right of revocation or objection, simply notify us using the contact details provided.

You also have the right to lodge a complaint with a supervisory authority responsible for data protection. You may, for example, exercise this right by lodging a complaint with a supervisory authority in the member state of your habitual residence, place of work or place of the alleged infringement. In Berlin, where SPCE Hub/IPGT Projects GmbH is based, the supervisory authority is the Berlin Commissioner for Data Protection and Freedom of Information:

Die Berliner Beauftragte für Datenschutz und Informationsfreiheit,
Friedrichstr. 219,
10969 Berlin.

9. Changes to this Privacy Policy

We occasionally update this Privacy Policy, for example if we make changes to our website or if the relevant statutory or administrative provisions have been amended.

Data protection declaration for events organized by SPCE Hub / IPGT Projects

[pursuant to Art. 13 GDPR – Duty to inform when collecting personal data from the data subject]

[pursuant to Art. 14 GDPR – duty to inform if the personal data were not collected from the data subject].

As of: 01/2023

1. Responsible for the processing of personal data

The person responsible for the processing of your personal data within the meaning of data protection law is

IPGT Projects GmbH as project manager of the SPCE Hub
Rollbergstr. 28A
12053 Berlin
Phone: +49 (0)30 39772765
e-mail: info(at)ipgt.net
Director: Dr Sebastian Schiek

If you have any questions about data protection, you can contact our data protection officer at any time:

2. Data protection officer

You can contact our data protection officer as follows:

Data Protection Officer of
IPGT Projects GmbH – social entrepreneurship company
Rollbergstr. 28A
12053 Berlin
E-Mail: dataprotection(at)spce-hub.org

3. Further information on the processing of your data

When you register for an event, we require certain data from you, depending on the type of event. The invitation or registration form indicates which information is required and which is voluntary. Your data will not be passed on to third parties. Any exceptions (e.g. at cooperation events) will be clearly communicated during registration.

We process your data for the following purposes:

• for the organisation, execution and execution of the event. This includes, in certain cases, the preparation of panelists for whom it may be important to know who will be attending the event.
• to network the participants of the event by issuing name tags and displaying lists of participants if necessary: on your name tag we only list your name; your name, your function and your institution will appear on the list of participants, unless you object to this,
• to plan future events and research activities and, if suitable, to invite you to attend them,
• to check whether you should be included in our general address database because you are important for our future projects,
• to prove that we may process your data, in particular send you information by e-mail,
• to fulfil our statutory, fiscal and budgetary obligations and interests including controlling, the fight against fraud and corruption and the documentation of our activities; in particular if you are fed during the event or receive refunds, we must store your registration and, if applicable, invoice and payment data,
• only if expressly pointed out, also for the documentation of the event by photo and film recordings, which can also be used for public relations of our work.

In the case of cooperation events, your data may also be transmitted to the cooperation partner and processed by him for the aforementioned purposes. Please note the supplementary information on the individual events.

Your data will not be used by us for automated decision making or for profiling within the meaning of Art. 22 GDPR.

4. Legal basis of processing and duration of storage

The legal basis for data processing for the organisation, implementation and handling of the event is Art. 6 para. 1 subpara. 1 letter b GDPR, except in the case of passing on the list of notified participants, for which the legal basis is Art. 6 para. 1 subpara. 1 letter f GDPR and the legitimate interest is the proper preparation of the panelist.

The legal basis for data processing for the purpose of networking the participants of the event is Art. 6 para. 1 subpara. 1 letter f GDPR. The interest of SPCE Hub/IPGT Projects GmbH and the participants in specialized networking and the interest of SPCE Hub/IPGT Projects GmbH in realizing its mission, namely the planning and co-implementation of living lab projects and the publication of reports and scientific studies in the field of green transformations with the aim of promoting and supporting green transformations and ethical and equitable global engagement, for which the contacts to be established through networking are useful.

The legal basis of data processing for the purpose of planning future events and research activities and, if suitable, of inviting you to attend them, is Art. 6 para. 1 subpara. 1 letter f GDPR. The legitimate interest in this respect is the fulfilment of the statutory purpose of the SPCE Hub/IPGT Projects GmbH, namely the planning and co-implementation of living lab projects and the publication of reports and scientific studies in the field of green transformations with the aim of promoting and supporting green transformations and ethical and equitable global engagement.

The legal basis for data processing for the purpose of checking whether you should be included in the general address list of the SPCE Hub is Art. 6 para. 1 subpara. 1 letter f GDPR. The legitimate interest in this respect is the fulfilment of our mission, namely the planning and co-implementation of living lab projects and the publication of reports and scientific studies in the field of green transformations with the aim of promoting and supporting green transformations and ethical and equitable global engagement.

The legal basis of the data processing for the purpose of proof of permission is Art. 6 para. 1 subpara. 1 letter c in connection with. Art. 5 para. 2 GDPR and Art. 24 para. 1 GDPR as well as Art. 6 para. 1 subpara. 1 letter f GDPR. Justifiable interest is the defence against legal claims.

The legal basis for tax retention is Article 6 (1) (1) (c) of the GDPR in conjunction with Article 6 (1) (c) of the GDPR. § 147 AO.

Legal basis for processing in order to fulfil our obligations and interests under statutory and budgetary law, including the controlling, the Fighting fraud and corruption and documenting our activities is Art. 6 para. 1 subpara. 1 letter f GDPR. Justified interests are the fulfilment of our statutory and budgetary obligations in order to continue our work properly and to continue to receive benefits, the economical and appropriate use of our resources, the fight against fraud and corruption and ensuring that our work meets our ethical requirements.

The legal basis for the production of photographs and films and the subsequent processing is Art. 6 para. 1 subpara. 1 letter f GDPR or, if you are expressly asked for your consent, Art. 6 para. 1 UAbs. 1 letter a GDPR. Rightful interests are the documentation and publication of the work of SPCE Hub/IPGT Projects GmbH and the statutory and meaningful use of funds, which in today’s time often requires photography and filming, at suitable events also the documentation and public dissemination of the entire or essential content of the event.

The legal basis for processing for the purpose of identity checks is Art. 6 para. 1 subpara. 1 letter f GDPR. The legitimate interests of the SPCE Hub/IPGT Projects GmbH and the participants of the event are the protection of the event from disruptions and the safety of the participants.

We delete your data for business letters and other tax-relevant documents regularly by 31 March of the seventh calendar year following their creation, and for booking receipts by 31 March of the eleventh calendar year following their creation. We delete your data three months after the end of the event for the purpose of the event, the networking of the participants of the event and, if applicable, the security check; for the purpose of proof of permission by 31 March of the fourth calendar year following the last mailing of information. The check as to whether you should be included in the general database of the SPCE Hub/IPGT Projects GmbH will take place within three months after the event, after which your data will no longer be processed for this purpose. In order to plan future events and research activities and, if suitable, to invite you to attend, we will check for each individual event whether the data will remain important for this purpose in the future. If this is the case, invitation distribution lists and participant lists of events are generally stored for an unlimited period of time. However, after 30 years at the latest and every ten years at the latest thereafter, the need for continued storage shall be reviewed; if further storage is not required, the data shall be deleted.

For the purpose of fulfilling our statutory and budgetary obligations and interests, including controlling, the fight against fraud and corruption and the documentation of our activities, we will process your data regularly no later than 31 March of the eleventh calendar year after its creation.

For the purpose of the documentation of the event by photo and film recordings and for the public relations work of SPCE Hub/IPGT Projects GmbH an unlimited processing takes place in principle. However, by 31 December of the following year of the end of the event at the latest, it will be checked whether the photographs and films are still required and, if so, whether processing can be limited in time. If the examination reveals that due to the importance of the event, processing cannot initially be limited, a new examination shall be carried out by 31 December of the year following the last examination at the latest.

5. Recipient of your data

Only our staff have access to your data, technically necessary also our IT administrators. For the purpose of planning future events and research activities and, if suitable, to invite you to attend, the employees entrusted with this task have access to invitation distribution lists and participant lists. For the purpose of networking, your name, function and institution are also accessible to other participants. Photographs and films, which are published or otherwise processed for documentation or public relations purposes may be accessible to anyone. In individual cases, we may use an order processor who uses your data exclusively for these activities on our behalf for certain activities. The latter is strictly bound by our instructions and may not process or pass on the data for his own purposes. The list of registered persons (with names and institution/position) can be passed on to the panelists. In the case of cooperation events, your data can also be passed on to the cooperation partner; please note the details of the respective event.

Your data will be processed by us or on our behalf exclusively in Germany. For cooperation events, please refer to the information in the individual case.

6. Voluntary disclosure of your data

The provision of your personal data is not mandatory. However, we cannot accept your registration without stating the data indicated as required in the registration form.

7. Your rights

According to the Basic Data Protection Ordinance you have

• the right to free information about your stored personal data,
• the right to rectification or cancellation or to limitation of processing,
• the right to object to the processing,
• the right to data transferability.

If the processing is based on consent, you have the right to revoke your consent at any time without prejudice to the legality of the processing carried out on the basis of the consent until revocation or the processing on another legal basis.

As far as a processing of your personal data is based on art. 6 para. 1 para. 1 lit. e or f GDPR, you have the right to object to the processing according to art. 21 GDPR. If your objection is made for reasons arising from your particular situation, we will no longer process your personal data unless we can prove compelling reasons worthy of protection for the processing, which outweigh your interests, rights and the processing serves to assert, exercise or defend legal claims.

You also have the right to complain to a data protection supervisory authority about our processing of your personal data, for example to the supervisory authority responsible for us:

Berlin Commissioner for Data Protection and Freedom of Information,
Friedrichstraße 219,
10969 Berlin,
Phone 030/138890,
Fax 030/2155050,
e-Mail: mailbox(at)datenschutz-berlin.de.

If you have any questions or requests regarding data protection, you can of course simply contact our data protection officer at any time: dataprotection(at)spce-hub.org.