Organzier:
bvitg
Messe Berlin
08–10 APR 2025
DMEA - Connecting Digital Health
08–10 APR 2025
Page content

Data protection notification of bvitg Service GmbH for program participation

DMEA

General information on data protection

In this Data Protection Notification, we (bvitg Service GmbH, hereinafter referred to as "bsg" oder "we") inform you about the processing of personal data in the context of your program participation in the DMEA and the associated use of an external registration portal (hereinafter referred to as "portal").

1. Contact

The contact person and responsible party for the processing of your personal data when visiting this portal within the meaning of the General Data Protection Regulation (DSGVO) is the

bvitg Service GmbH
Friedrichstrasse 200
10117 Berlin
E-mail: dmea@bvitg.de

For all questions regarding data protection in relation to our events and services or the use of this portal, you are always welcome to contact our data protection officer. He or she can be reached at the above postal address and at the e-mail address indicated above (Attn. "Data Protection Officer"). We expressly point out that if you use this e-mail address, the contents will not be exclusively disclosed to our data protection officer. If you wish to exchange confidential information, please first contact us directly via this e-mail address.

2. Data processing in the context of your registration and use of the portal for program participation in the DMEA

2.1. Use of the portal / access data

Each time you use the portal, access data is collected that your browser automatically transmits to enable you to visit the portal The access data includes, for example :

  • IP address of the requesting device,
  • Date and time of the request,
  • Address of the portal accessed and the requesting website,
  • Information about the browser used and the operating system,
  • online identifiers (e.g., device identifiers, session IDs).

The data processing of these access data is essential to enable the visit of the portal, to ensure the permanent functionality and security of our systems as well as for the general administrative maintenance of the portal. The access data is also temporarily stored in internal log files for the purposes described above, for example in the likelihood of repeated or criminal visits that endanger the stability and security of the portal and to take action against them.

The legal basis is Art. 6 para. 1 p. 1 lit. b DSGVO, to the extent that the page visit occurs during the initiation or execution of a contract, and otherwise Art. 6 para. 1 p. 1 lit. f DSGVO on basis of our legitimate interest in enabling the portal access and permanent functionality and security of our systems.

The log files are stored for an appropriate period of time.

2.2. Contacting us

You have various options for contacting us. This includes in particular the contact button. In this context, we process data exclusively for the purpose of communicating with you.

The legal basis is Art. 6 para. 1 p. 1 lit. b DSGVO, to the extent as your information is required to answer your inquiry or to initiate or execute a contract, and otherwise Art. 6 para. 1 p. 1 lit. f DSGVO due to our legitimate interest that you contact us and that we can answer your inquiry. We will only contact you for advertising purposes if you have given your consent. The legal basis in these cases is Art. 6 para. 1 p. 1 lit. a DSGVO.

The data collected by us when estabilishing contact with you will be automatically deleted after your request has been fully processed, unless we still need your request to fulfill contractual or legal obligations (see section 6 "Storage period").

2.3. Registration

You have the option of registering for the login area to be able to use the full range of functions on the portal. We have highlighted the data you are required to enter by marking them as mandatory fields. Registration is not possible without this data. These are in particular the following data:

  • First and last name including title
  • E-mail address
  • Full name of your company
  • Password

The legal basis for the processing is Art. 6 para. 1 p. 1 lit. b DSGVO.

You are not legally obligated to provide your data as described. However, if you do not wish to provide your data, this may mean that you cannot use the portal. In such case, the participation contract may also not be fulfilled. Additionally, the event may not be able to be open to you as requested or your submission may not be considered.

2.4. Submission of lectures (DMEA Congress)

If you apply for a lecture as a speaker or co-speaker on the portal, you must provide the mandatory information marked with an asterisk in the form provided for this purpose on our platform, which is required for your participation in the event and for your presentation to be considered. In particular, this includes the following information

  • Details of the presenting participant(s) (first and last name including title, role, position, company, email address, curriculum vitae and photo)
  • Title, topic, category and short description (abstract) of your submission

Optional information include telephone number, so that we can contact you by these means if we have any queries.

We will store the data you enter along with the time of entry in your user account. The contents, with the exception of contact details, will be passed on to the respective session managers for the purpose of evaluation.

The legal basis for the processing is the necessity of the processing of the data for the execution of the entered participation contract according to Art. 6 para. 1 p. 1 lit. b DSGVO.

You are not legally obligated to provide your data as described. However, if you do not wish to provide your data, this may mean that you cannot use the portal. In such case, the participation contract may also not be fulfilled. Additionally, the event may not be able to be open to you as requested or your submission may not be considered.

2.5. Submission of presentations (DMEA nova Award)

If you apply for a presentation as a startup on the portal, you must provide the mandatory information marked with an asterisk in the form provided for this purpose on the portal, which is required for your participation in the event and for your presentation to be considered. In particular, this includes the following information:

  • Details of the contact person(s) (first and last name including title, role, job title, company, e-mail address)
  • Name of the startup, brief description (product, company and team), trade register entry/business registration, logo

Optional information include telephone number, so that we can contact you by these means if we have any queries.

We will store the data you enter along with the time of entry in your user account. The contents, with the exception of contact details, will be passed on to the respective session managers for the purpose of evaluation.

The legal basis for the processing is the necessity of the processing of the data for the execution of the entered participation contract according to Art. 6 para. 1 p. 1 lit. b DSGVO.

You are not legally obligated to provide your data as described. However, if you do not wish to provide your data, this may mean that you cannot use the portal. In such case, the participation contract may also not be fulfilled. Additionally, the event may not be able to be open to you as requested or your submission may not be considered.

2.6. Application for the DMEA Newcomer Award

If you apply for the DMEA Newcomer Award on the portal with your bachelor's or master's thesis, you must provide the mandatory information marked with an asterisk in the form provided for this purpose on the portal, as this information is required for your participation in the event to be considered. In particular, this includes the following information

  • Title, topic, category and short description (abstract) of your submission, statement on the practical relevance of the topic
  • Information on the author(s) (first and last name including title, role, position, company, e-mail address, curriculum vitae and photo)
  • The thesis as PDF
  • Grade of the thesis (optional)
  • Name of the university, name of the course of study

Optional information include telephone number, so that we can contact you by these means if we have any queries.

We will store the data you enter along with the time of entry in your user account. The contents, with the exception of contact details, will be passed on to the respective session managers for the purpose of evaluation.

The legal basis for the processing is the necessity of the processing of the data for the execution of the entered participation contract according to Art. 6 para. 1 p. 1 lit. b DSGVO.

You are not legally obligated to provide your data as described. However, if you do not wish to provide your data, this may mean that you cannot use the portal. In such case, the participation contract may also not be fulfilled. Additionally, the event may not be able to be open to you as requested or your submission may not be considered.

2.7. Booking of presentation slots (DMEA Guided Tours / Solutions Hub)

If you book a time frame (“slot”) for a presentation as a Speaker on the portal, you must provide the mandatory information marked with an asterisk in the form provided for this purpose on the portal, as this information is required for booking your slot. In particular, this includes the following information:

  • Details of the presenting participant(s) (first and last name including title, role, position, company, e-mail address, curriculum vitae, photo, participation status (exhibitor or non?exhibitor), full company name incl. billing address
  • Title, topic, category, brief description (abstract) of as well as accompanying multimedia content (company logo, video, image, audio file) for your presentation

Optional information include telephone number, so that we can contact you by these means if we have any queries.

We will store the data you enter along with the time of entry in your user account.

The legal basis for the processing is the necessity of the processing of the data for the execution of the entered participation contract according to Art. 6 para. 1 p. 1 lit. b DSGVO.

You are not legally obligated to provide your data as described. However, if you do not wish to provide your data, this may mean that you cannot use the portal. In such case, the participation contract may also not be fulfilled. Additionally, the event may not be able to be open to you as requested or your booking for the desired format not being considered.

2.8. Submission of an entry in the Guide for Talents

If you wish to submit an entry in the Guide for Talents on the portal, you must provide the mandatory information marked with an asterisk in the form provided for this purpose on the portal, which is required for consideration in the publication. In particular, this includes the following information

  • Information about the company (company name, product/service category, number of employees, company headquarters, other locations (optional), information about entry opportunities, URL of the company website, the fields "Who we are", "What sets us apart" and "What we offer", logo as jpg/png
  • Contact details for junior staff (first and last name including title, role, position, company, e-mail address) (only name and email address will be published)
  • Details of the submitter (first and last name including title, role, position, company, e-mail address and telephone number).

Optional information include telephone number, so that we can contact you by these means if we have any queries.

We will store the data you enter along with the time of entry in your user account.

The legal basis for the processing is the necessity of the processing of the data for the execution of the entered participation contract according to Art. 6 para. 1 p. 1 lit. b DSGVO.

You are not legally obligated to provide your data as described. However, if you do not wish to provide your data, this may mean that you cannot use the portal. In such case, the participation contract may also not be fulfilled and will result in your submission not being taken into account.

2.9. Newsletters and e-mails with information on offers that may be of interest to you

You have the option of subscribing to our newsletters and e-mails about other events and offers that may be of interest to you, in which we will regularly inform you about updates to our products and promotional campaigns. You can unsubscribe from the newsletter at any time. A corresponding unsubscribe link can be found in every newsletter. A notification to the contact details provided above or in the newsletter (e.g., by e-mail or letter) is of course also sufficient for this purpose. The legal basis for the processing is your consent pursuant to Art. 6 para. 1 p. 1 lit. a DSGVO.

We use standard market technologies in our newsletters that can be used to measure interactions with the newsletters (e.g., opening of the email, links clicked). We use this data in pseudonymous form for general statistical evaluations and to optimize and further develop our content and customer communications. This is achieved with the help of small graphics embedded in the newsletters (known as pixels). The data is collected only in pseudonymous form and is not linked to any other personal data. The legal basis for this is your consent in accordance with Art. 6 para. 1 p. 1 lit. a DSGVO. We want to share content as relevant as possible for our customers via our newsletter and have a better understanding of what readers are actually interested in. If you do not want the analysis of use behavior, you can unsubscribe from the newsletters or disable graphics in your email program by default. The data on interaction with our newsletters is stored pseudonymously for 30 days and afterwards completely anonymized..

3. Use of cookies and comparable technologies

Name Purpose Legal Basis Storage Time
Session Dependent Session ID Art. 6 (1) lit. f DSGVO 1440 Minutes
Cookies Enabled Cookie Management Art. 6 (1) lit. f DSGVO 1440 Minutes
AWSELB
AWSALB		 Load Balancing Art. 6 (1) lit. f DSGVO Session
8 Hours

4. Disclosure of data

Disclosure of the data collected by us will only take place in principle only if:

  • you have given your express consent to this in accordance with Art. 6 Para. 1 Sentence 1 lit. a DSGVO,
  • the disclosure is necessary for the assertion, execution or defense of legal claims pursuant to Art. 6 (1) sentence 1 lit. f DSGVO and there is no reason to assume that you have an overriding interest in not having your data disclosed,
  • we are legally obligated to disclose your data in accordance with Art. 6 Para. 1 Sentence 1 lit. c DSGVO, or
  • this is legally permissible and necessary according to Art. 6 para. 1 p. 1 lit. b DSGVO for the processing of contractual relationships with you or for the implementation of pre-contractual measures that take place at your request.

Part of the data processing may be carried out by our service providers. In addition to the service providers mentioned in this data protection notification, these may include, in particular, data centers that store our portal sites and databases, software providers, IT service providers that maintain our systems, agencies, market research companies, group enterprises and consulting firms. Where we disclose data to our service providers, they may only use the data to perform their tasks. The service providers have been carefully selected and commissioned by us. They are contractually bound to our instructions, have suitable technical and organizational measures in place to protect the rights of the data subjects and are regularly monitored by us.

In addition, data may be disclosed in connection with official inquiries, court decisions and legal proceedings if this is necessary for legal prosecution or enforcement.

5. Data transfer to third countries

With regard to the operation of the portal, we use services whose providers are partly located in so-called third countries (outside the European Union or the European Economic Area) or process personal data there, i.e. countries whose level of data protection does not correspond to that of the European Union. Where this is the case and the European Commission has not issued an adequacy decision (Art. 45 GDPR) for these countries, we have taken appropriate precautions to ensure an adequate level of data protection for any data transfers. These include, among others, the standard contractual clauses of the European Union or binding internal data protection regulations.

Where this is not possible, we base the data transfer on exceptions of Art. 49 DSGVO, in particular your express consent or the necessity of the transfer for the performance of the contract or for the implementation of pre-contractual measures.

If a transfer to a third country is provided for and there is no adequacy decision or suitable guarantees, it is possible and there is a risk that authorities in the respective third country (e.g.,intelligence services) may gain access to the transferred data in order to record and analyze it, and that the enforceability of your data subject rights cannot be guaranteed. When obtaining your consent via the cookie banner, you will also be informed of this.

6. Storage period

In principle, we store personal data only as long as necessary to fulfill the purposes for which we collected the data. Thereafter, we delete the data promptly, unless we still need the data until the expiry of the statutory limitation period for evidence purposes for civil law claims or due to statutory retention obligations.

For evidentiary purposes, we must retain contractual data for three years from the end of the year in which the business relationship with you ends. Any claims become statute-barred at the earliest on this date in accordance with the statutory period of limitation. Even after this date, we may still need to store some of your data for accounting reasons. We are obliged to do so because of legal documentation obligations that may arise from the German Commercial Code, the German Fiscal Code, the German Banking Act, the German Money Laundering Act and the German Securities Trading Act. The periods specified there for the retention of documents are two to ten years.

7. Your rights, in particular revocation and objection

You are entitled to the data subject rights formulated in Art. 15 - 21, Art. 77 DSGVO at any time:

  • Right to revoke your consent;
  • Right to object to the processing of your personal data (Art. 21 DSGVO);
  • Right to information about your personal data processed by us (Art. 15 DSGVO);
  • Right to rectify your personal data stored by us that is incorrect (Art. 16 DSGVO);
  • Right to erasure of your personal data (Art. 17 DSGVO);
  • Right to restrict the processing of your personal data (Art. 18 DSGVO);
  • Right to data portability of your personal data (Art. 20 GDPR);
  • Right to lodge a complaint with a supervisory authority (Art. 77 DSGVO).

To exercise your rights described here, you can contact us at any time using the contact details above. This also applies if you would like to receive copies of guarantees to prove an adequate level of data protection. Provided that the respective legal requirements are met, we will comply with your data protection request.

Your requests to assert data protection rights and our responses to them will be stored for documentation purposes for a period of up to three years and, in individual cases, for the assertion, execution or defence of legal claims even longer. The legal basis is Art. 6 (1) p. 1 lit. f DSGVO, based on our interest in defending against any civil claims under Art. 82 DSGVO, avoiding fines under Art. 83 DSGVO and fulfilling our accountability obligations under Art. 5 (2) DSGVO.

You have the right to revoke your consent to us at any time. As a result, we will no longer continue the data processing based on this consent for the future. The revocation of consent shall not affect the legality of the processing carried out on the basis of the consent until the revocation.

Insofar as we process your data based on legitimate interests, you have the right to object to the processing of your data at any time on grounds relating to your particular situation. If it concerns an objection to data processing for direct marketing purposes, you have a general right of objection, which will also be implemented by us without giving reasons.

If you wish to exercise your right of revocation or objection, an informal noticification to the above contact details is sufficient.

Finally, you have the right to complain to a data protection supervisory authority. You can exercise this right, for example, a supervisory authority in the Member State of your residence, your workplace or the location of the alleged infringement. In Berlin, our headquarters, the competent supervisory authority is: Berlin Commissioner for Data Protection and Freedom of Information, Friedrichstr. 219, 10969 Berlin.

8. Changes to the data protection notification

We occasionally update this data protection notification, for example when we adapt the data processing or when legal or regulatory requirements change.

Version: 1.2 / Status: October 2023