1. Who is the data controller?
Responsible for the processing in connection with the event website is:
HOMAG Group AG
Phone: +49 7443 130 0
For any question relating to data protection, you may use the above-mentioned contact details or contact our data protection officer via email@example.com.
2. What personal data is collected and stored for what purposes?
On our event website, we conduct digital networking events, product presentations, webinars, discussion panels, meetings and other events to which visitors can attend online (hereinafter referred to as an "event").
We process personal data (hereinafter referred to as "data") in this context, i.e. information relating to an identified or identifiable natural person ("data subject") including, e.g. name, address, telephone number, date of birth and IP address. In the following we describe which data we use in this context and on what legal basis.a) Using our website
When using our website, the following of your data are stored in system log files for internal system-related and statistical purposes:
- information about browser type and version used by you,
- your IP address,
- date and time of access,
- last visited website.
The legal basis for the temporary storage of this data, which will not be merged with other personal data we process about you, is Art. 6 (1)(f) of the General Data Protection Regulation (GDPR), our following legitimate interests (in this case matching the purposes of the processing):
- to enable the delivery of the website to your computer.
- to ensure the functionality of the website,
- to optimize the website and, and
- to ensure the security of our information technology systems.
The data will be deleted as soon as they cease to be necessary for the purpose they were collected for. If collected for the provision of the website, this is the case when the respective session is terminated but not later than seven days. In the case of the storage of the data in log files, the IP addresses of the users are deleted or alienated, so that an assignment of the calling user is no longer possible.b) HubSpot: Login, Registration
For our event website we use the customer relation management, content and marketing services provided to us by HubSpot Ireland Limited, 2nd Floor, 30 North Wall Quay, Dublin 1, Ireland (hereinafter referred to as “HubSpot”).
On our event website, we offer you the opportunity to log in with a username and password for certain contents provided on our website (e.g. attend to an event, download files). Registration for these services takes place either after personal contact with our employees or after registration on our website via the registration form and subsequent activation by one of our employees. Registration data, in particular, the following:
- First and last name, title
- Company affiliation
- Position in the company
- e-mail address
- other voluntary information, such as a photo that you can upload, or your areas of interest,
The legal basis for our processing of the data you provided during registration is apart from the aforesaid Art. 6 (1)( b) GDPR for contractual acts carried out, or besides a contract, Art. 6 (1)(f) GDPR, our legitimate interests (matching the purpose of the processing) (i) to provide you with the information requested, and (ii) to carry out the event in which you are interested and for which you have registered. Attendance without registration is not possible, among other things, because we may provide confidential and internal information via our event website.
The data will be deleted as soon as they are no longer necessary for the purpose they were collected for. For example, if the data cease to be necessary for the execution of a contract. Even after the conclusion of the contract, there may be a need to store personal data of the contracting party in order to comply with contractual or legal obligations.
You may cancel the registration at any time. You can have the data stored about you changed at any time. To have your data changed, just send us an email to firstname.lastname@example.org.
If the data are necessary for the performance of a contract or for the implementation of pre-contractual measures, early deletion of the data is only possible unless contractual or legal obligations preclude deletion.c) Communication, chat, contact form
For certain functions of our website (e.g. requests from customers, visitors or the press), we offer you various contact options, including via e-mail, a chat function and a contact form.
We use the services of the provider HubSpot (for details see above under clause 2.b) in this context (e.g. contact form, chat). The user's data transmitted via the contact form or chat and usage data, or the data transmitted by e-mail will be stored. This includes information on the chat participants, the time and content of the messages, and which user has used which form. HubSpot analysis this information in an aggregated form (i.e. the total number of users of the respective form).
We will only use your data to process your request and may contact you for this purpose using the contact details provided. The legal basis for the processing of the data transmitted in the course of contacting is Art. 6 (1)(f) GDPR, our legitimate interest in answering the request. If the contact is aimed at concluding a contract, the legal basis for the processing is Art. 6 (1)(b) GDPR.
The data will be deleted as soon as they are no longer necessary for the purpose of their collection. For data you have provided to us when contacting us this is the case when the respective conversation with you has ended, which can be inferred from the circumstances that the facts in question have been finally clarified. In principle, we store the written chat history for a period of four weeks after its recording, or insofar as a separate deletion is not possible, it will be deleted together with the conference recording. However, we may be entitled and, if necessary, also obliged to store the data for a longer period of time, e.g. due to a legal obligation to provide documentation.d) Video and audio chats and videoconferencing (e.g. webinars or lectures)
As a registered user, you can visit our website on the basis of Art. 6 (1)(b) GDPR specially set up chat rooms for your event and talk to our staff, the moderators and other attendees. In addition, we offer on our website video conferences of various forms (e.g. webinars, lectures, panel discussions, networking events).Microsoft:
In some cases, we may record the chat, your attendance, your comment/question. By turning on your camera or microphone and attending to/participating in our event, you agree (Art. 6 (1)(a) GDPR) that your image and voice will be recorded. You can revoke your consent at any time if you do not want your voice or image to be recorded by turning off your camera and/or microphone. We would like to point out that the withdrawal of your consent does not remove the legality of any processing that had taken place up to that point. Even, if you turn off your microphone and/or camera, you can still ask questions in writing either during the event or afterwards. We will store the chats for a period of four weeks after recording, or, insofar as deletion separately from the conference recording is not possible, e.g. because you have asked a question during a conference and your speech has been recorded, together with the conference. Depending on the event, we keep the recording of the event available on the Internet as long as we deem it appropriate. However, we may be entitled and, if necessary, also obliged to store the data for a longer period of time, e.g. due to a legal obligation to provide documentation.e) Marketing communication (e.g. e-mail newsletter, invites)
To receive further information about our offer, or invites to future events, you can subscribe to our marketing communications (e.g. newsletters). For the processing of the data for marketing communications as specified below, including for the evaluation of your usage of the newsletter (e.g. when you open the newsletter), your consent is requested during the subscription process. The legal basis for the processing is your consent which may be revoked at any time with effect for the future Art. 6 (1)(a) GDPR.
Your e-mail address is used to deliver the marketing communication. The collection of other data in the context of the subscription process serves to prevent misuse of the services or the e-mail address.
The data will be deleted as soon as they are no longer necessary for the purpose of their collection. Your e-mail address will therefore be stored as long as the subscription to the communication is not cancelled, which you may do at any time via the unsubscribe link in each email.1. Online publications HOMAG Group
- e-mail address
- Company (optional)
- Salutation and title (optional)
- First and last name (optional)
- Address (optional)
The newsletters sent on our behalf by Mailchimp contain a tracking pixel that transmits information to Mailchimp as soon as you have opened the newsletter. This information is then retrieved by us from the servers of Mailchimp in order to generate statistical evaluations and to measure the success of our newsletter campaigns. In addition, the data obtained will be used to provide you with information that meets your specific interests.
This information allows us to determine whether and when newsletters are opened, and which links are clicked therein. The evaluations serve us primarily to determine the degree of interest in certain topics and to measure the effectiveness of our communication measures. The legal basis for the processing of your data is the consent given when subscribing to the newsletter in accordance with Art. 6 (1)(a) GDPR, which you can revoke at any time via the corresponding link in any mailing or by e-mail to email@example.com with effect for the future.
2. Future invites
If you want to be invited to our future events, you may also subscribe accordingly to the respective service, provided by our service provider HubSpot (see above under 2.b) for details on HubSpot).
The invitation e-mails sent on our behalf by HubSpot contain a tracking pixel, that transmits information to HubSpot as soon as you have opened the e-mail. This information is then retrieved by us from the servers of HubSpot in order to generate statistical evaluations, to measure the success of our invitation emails and to verify whether you have been invited when you register to an event. The tracking pixel in the e-mails is used to track whether the e-mail or a link in it was opened and, in some cases, for how long. If an e-mail is sent to several recipients, it cannot be assigned who opened the e-mail/link, but only that the e-mail or link was opened by one of the addressees. This information is also used to perform anonymous analyses, statistics or evaluations.
(1) Transient and persistent cookies
Transient cookies are automatically deleted when you close the browser. This includes, in particular, session cookies. These store a so-called session ID, which can be used to assign various requests from your browser to the session. This allows your computer to be recognized when you return to our website. Session cookies are deleted when you log out or close the browser.
We use transient cookies to make our website more user-friendly.
Some elements of our website require that the calling browser can be identified even after a page change. In the cookies. e.g. the following data are stored and transmitted:
- Settings of the browser with respect to cookies (whether these are activated or not)
- Language settings of the user
- Log-in information.
We also use persistent cookies on our website, which enable an analysis of the user's browsing behaviour. Persistent cookies are automatically deleted after a predetermined duration, which may vary depending on the cookie. In this way, the click behavior of users on our websites can be recorded and evaluated (collected data are e.g. - browser data, click frequency, bounce rate, etc.).
The data collected via persistent cookies are pseudonymized by technical precautions, therefore it is no longer possible to assign the data to the user account of the respective user. The data will not be stored together with other personal data of the users.
(2) Tracking/web bugs
Some of our services also use so-called tracking or web bugs or tracking pixels. These are code snippets that measure only 1x1 pixels, which are able to identify and recognize your browser type using the browser ID – the individual fingerprint of your browser. This allows the service provider to see when and how many users have accessed the pixel, or if and when an email has been opened or a website visited.
To prevent web bugs on our websites, you can use tools such as webwasher, bugnosys or AdBlock.
To prevent web bugs in our newsletter, please set your mail program so that no HTML is displayed in messages. Web bugs are also prevented when you read your emails offline.
Without your express consent, we will not use web bugs to secretly collect personal data about you or to transmit such data to third parties and marketing platforms.
(3) Local storage
In order to adapt our services to your needs and to present you with individual offers, besides cookies we use the so-called local storage technology. This technique stores certain data in your browser's local cache. This data will also be preserved after you have closed the browser and can be accessed and read by us the next time you visit our website.
Local Storage allows us to store your preferences when using our websites. The data from the local storage is used on our websites e.g. so that you do not have to make certain choices again after the first entry, that your selection for certain formats on our websites remains even when you visit again or you already receive a pre-selection of interesting articles.
The legal basis for the processing of personal data using technically necessary Cookies and similar technologies is Art. 6 (1)(f) GDPR. Such processing serves to facilitate and to simplify the use of websites for users. Some functions of our website cannot be offered without the use of such Cookies. For these, it is necessary that the browser is recognized even after a website was left.
For Cookies which are strictly necessary, the right of objection is excluded, as these are absolutely necessary in order to be able to display our website and its contents and to provide you with the functionalities of the website.
Not strictly necessary:
The use of technologies to enhance functionality, analysis and marketing purposes is done to improve the quality of our website and its content. Through the analysis cookies we learn how the website is used and can thus continuously optimize our offer. Processing, in particular on your terminal device, which are based on cookies or other identifiers (e.g. browser fingerprints, pixels, local storage) (hereinafter uniformly "cookies") and are not technically required for the functioning of our websites, we only carry out with your consent, which you can give via our cookie management tool when you visit our websites for the first time. The legal basis for these cookie-based processing is Art 6 (1)(a) GDPR.
You can revoke your consent to the collection of data by means of cookies at any time. To do so, please proceed as follows: Open the settings for cookies on our websites via the "Cookies" footer to open a window in which you have the option to revoke the data processing for individual categories of cookies and similar technologies (e.g. data storage in local storage).
Alternatively, you may also delete cookies at any time or adjust the corresponding cookie settings of the browser you use. For more information on how to delete and/or manage cookies by setting your browser, please visit the help pages of the respective browser. Data from local storage can also be removed by emptying the local storage of the browser you are using.c) Used Cookies
|Cookie name||Kind of Cookie||Name of the tool||Purpose of the Cookie||Storage|
|__hstc||Strictly necessary||Webinar assignment (Hubspot)||In order to be able to check whether a user is authorized to participate in an event, it is necessary that he/she is recognized. For this purpose, the cookie contains the domain, the user token (utk), the first timestamp (first visit), the last timestamp (last visit), the current timestamp (this visit) and the session number (increases with each subsequent session).||13 months|
|hubspotutk||Strictly necessary||Webinar assignment (Hubspot)||This cookie tracks the identity of a visitor. It is passed to the HubSpot software when a form is submitted and is used when de-duplicating contacts (i.e., merging identical records) to prevent another record from being created each time for a user who accesses the platform multiple times.||13 months|
|__hssc||Strictly necessary||Webinar assignment (Hubspot)||This cookie is used to determine if the HubSpot software needs to increase the session count and timestamps in the __hstc cookie (see there).||30 minutes|
|__hssrc||Strictly necessary||Webinar assignment (Hubspot)||Whenever the HubSpot software changes the session cookie, this cookie is also set. This determines whether the visitor has restarted the browser.||Until the end of the session|
|__hs_opt_out||Strictly necessary||Storage of Cookie-settings (Hubspot)||This cookie is set to give visitors the choice to disable cookies.||13 months|
|__hs_d_not_tracking||Strictly necessary||Storage of Cookie-settings (Hubspot)||This cookie is set so that the tracking code does not send any information to HubSpot.||13 months|
|__hs_initial_opt_||Strictly necessary||Storage of Cookie-settings (Hubspot)||This cookie is used to prevent cookie banners from being displayed each time visitors visit our website.||7 days|
|__hs_cookie_cat_pref||Functionality||Storage of Cookie-settings (Hubspot)||This cookie is used to record the categories of cookies to which a visitor has consented.||13 months|
|hs_ab_test||Strictly necessary||A/B-Testing (Hubspot)||This cookie is used to always show visitors the same version of an A/B test page that was previously displayed. This is relevant when two versions of a page exist and it should be analyzed which version attracts more users. If a different version is displayed for a user each time, this is usually confusing.||Until the end of the session|
|<id>_key||Strictly necessary||Password-Token (Hubspot)||When you visit a password-protected page, this cookie is set so that a login is no longer required for future visits to the page with the same browser.||14 days|
|hs-messages-is-open||Strictly necessary||Chat-Widget (Hubspot)||This cookie is used to determine and store whether the chat widget is open on future visits.||30 minutes|
|hs-messages-hide-welcome-message||Strictly necessary||Welcome message (Hubspot)||This cookie ensures that the welcome message is not displayed again for one day after closing.||1 day|
|hs-membershem-csrf||Strictly necessary||Member administration (Hubspot)||This cookie is used to ensure that accesses to private content cannot be faked.||Until the end of the session|
|hs_langswitcher_choice||Strictly necessary||Language settings (Hubspot)||This cookie is used to store the visitor's language selection.||2 years|
|messagesUtk||Functionality||Chat-Widget (Hubspot)||This cookie is used to recognize visitors who chat via the Chatflows tool.||13 months|
|__cduid||Strictly necessary||Bot access protection (CloudFlare)||This cookie is set by Cloudflare, HubSpot's CDN provider. It helps Cloudflare identify malicious visitors to our website and minimize blocking of legitimate users.||Until the end of the session but not later than 30 days|
|__cFroid||Strictly necessary||Rate limitation (CloudFlare)||This cookie is set by HubSpot's CDN provider to protect against unauthorized and potentially harmful network traffic.||Until the end of the session|
|__cfruid||Strictly necessary||Cloudflare||This cookie is used by CloudFlare to ensure confidential access. All cookies set by other websites are ignored when accessed.||12 months|
|__cfduid||Strictly necessary||Cloudflare||This is a cookie associated with websites that use CloudFlare to speed up page load times. According to CloudFlare, it is used to override any security restrictions based on the IP address the visitor comes from. It does not contain any user identification information.||12 months|
|Optanonconsent||Strictly necessary||Cookie-Compliance-Tool (OneTrust)||This cookie is set by OneTrust's cookie compliance solution. It stores information about the categories of cookies that the website uses and whether visitors have given or withdrawn their consent to the use of each category.||12 months|
|eupubconsent||Strictly necessary||Cookie-Compliance-Tool (OneTrust)||This cookie is set on all pages by the cookie compliance tool OneTrust. It stores the information whether a user rejects cookies, so that the query is not displayed again on every page.||12 months|
Web Analysis, Monitoring and Optimization
Web analysis is used to evaluate the visitor traffic on our website and may include the behaviour, interests or demographic information of users, such as age or gender, as pseudonymous values. With the help of web analysis we can e.g. recognize, at which time our online services or their functions or contents are most frequently used or requested for repeatedly, as well as which areas require optimization.
In addition to web analysis, we can also use test procedures, e.g. to test and optimize different versions of our online services or their components.
For these purposes, so-called user profiles can be created and stored in a file (so-called "cookie") or similar procedures in which the relevant user information for the aforementioned analyses is stored. This information may include, for example, content viewed, web pages visited and elements and technical data used there, such as the browser used, computer system used and information on times of use. If users have consented to the collection of their location data, these may also be processed, depending on the provider.
The IP addresses of the users are also stored. However, we use any existing IP masking procedure (i.e. pseudonymisation by shortening the IP address) to protect the user. In general, within the framework of web analysis, A/B testing and optimisation, no user data (such as e-mail addresses or names) is stored, but pseudonyms. This means that we, as well as the providers of the software used, do not know the actual identity of the users, but only the information stored in their profiles for the purposes of the respective processes.
- Processed data types: Usage data (e.g. websites visited, interest in content, access times), Meta/communication data (e.g. device information, IP addresses).
- Data subjects: Users (e.g. website visitors, users of online services).
- Purposes of Processing: Web Analytics (e.g. access statistics, recognition of returning visitors), Profiles with user-related information (Creating user profiles).
- Security measures: IP Masking (Pseudonymization of the IP address).
- Legal Basis: Consent (Article 6 (1) (a) GDPR), Legitimate Interests (Article 6 (1) (f) GDPR).
Services and service providers being used:
Futher information about the used cookies can be found here: https://www.homag.com/en/company/policy#c10596
4. Disclosure of your data
A transfer, sale or other transfer of your personal data to third parties takes place only if the transfer is necessary for the purpose of contract processing or for billing purposes or for the collection of the fee (e.g. shipping company or payment service provider) or if you have expressly consented. The legal basis for the transfer of data to third parties for the purpose of performance of a contract or for billing purposes is Art. 6 (1)(b) GDPR.
In addition, we may share your data with our (IT) service providers, who assist us in providing the website, sending you invitations, holding events, etc. (e.g. Microsoft, as already described in paragraph 2. d above, HubSpot, as described under 2.b) above but also the Thema AG, which supports us in setting up the website). We may also share your data with other companies in the Dürr Group if this is in our legitimate interest (Art. 6 (1)(f) GDPR) or if you have asked us to do so (Art. 6 (1)(a) GDPR).
We would like to point out that we are entitled to provide information on data in individual cases upon the request of the competent authority, insofar as this is necessary e.g. for the purposes of law enforcement, for security by the police authorities of the Länder, for the fulfilment of the legal tasks of intelligence services or for the enforcement of intellectual property rights.
5. Use and implementation of social networks and maps (plugins and hyperlinks)
To learn about our use and implementation (e.g. via plugin or hyperlink) of social media or maps, please read Clause 4 of our general online data protection (privacy) statement accessible via https://www.homag.com/en/company/policy.
6. Your data protection rights
If your data is processed, you are entitled to the following rights under the GDPR, which you may exercise towards us using the contact details listed above:
- Information, correction, restriction of processing and deletion
You have at any time the right to information about the data stored with us regarding your person, their origin and recipient as well as the purpose of data processing via our websites. In addition, you have the right to rectification, deletion and restriction of the processing of your data, provided that the legal requirements for this are met.
- Right to data portability
You have the right to data portability in a structured, common and machine-readable format for the data concerning you that you have provided to us as the controller. We may, at our discretion, exercise this right by providing a csv export of the data.
- Right to information
If you assert the right to rectification, erasure or restriction of the processing against us we are obliged to notify all recipients to whom the data concerning you have been disclosed, this rectification or deletion of the data or restriction of the processing, unless this proves impossible or involves a disproportionate effort.
- Right to object
You have the right to object at any time to the processing of the data concerning you, which takes place pursuant to Article 6 (1)(f) GDPR, for reasons arising from your particular situation. If you object to the processing, we will stop the processing, unless we can prove compelling legitimate grounds for the processing that outweigh your interests, rights and freedoms, or the processing serves to assert, exercise or defend legal claims.
If the data concerning you is processed for direct marketing purposes, you have the right to object at any time to the processing of the data concerning you for the purpose of such advertising; this also applies to profiling in so far as it is related to such direct marketing.
- Right to withdraw
- Right to complain
Without prejudice to any other administrative or judicial remedy, you shall have the right to complain to a supervisory authority, in particular at your place of residence, workplace or place of alleged infringement, if you believe that the processing of the data concerning you is in breach of the GDPR.
7. Changes to this policy