Privacy policy for the PERFORMANCE DAYS app
We take the protection of your personal data very seriously and treat it confidentially and in accordance with data protection regulations (GDPR, TTDSG and BDSG new). This privacy policy applies to our mobile iPhone and Android apps (hereinafter referred to as "APP"). It describes the type, purpose and scope of data collection when using the APP.
Responsible for data processing:
Design & Development GmbH Textile Consult
Mayerbacherstr. 32
85737 Ismaning / Germany
Email: info@performancedays.com
Phone: +49 89 93946060
The external company data protection officer is
Mr Matthias Haßler LL.M.
Project 29 GmbH & Co KG
Ostengasse 14
93047 Regensburg
E-mail: anfragen@projekt29.de
Phone: 0941-2986930
Table of contents
1. General
2. Encryption
3. Information on the processing of your data
3.1. Information collected during download
3.2. Information that is collected automatically
3.3. Access rights of the app
3.4. Creating a user account (registration) and logging in
4. Receiving messages (push notification):
5. Management of favourites.
6. Appointment request.
7. My Bag.
8. Processing of personal data for advertising purposes.
9. Services and data analysis.
9.1. Google Firebase.
10. Recipients of the data.
11. Transfer to third countries.
12. Disclosure and transfer of data.
12.1. Misuse or violation of laws.
12.2. Further development.
13. Changes of purpose.
14. Data storage period.
15. Your rights as a data subject.
15.1. Right to information.
15.2. Right to rectification of inaccurate data.
15.3. Right to cancellation.
15.4. Right to restriction of processing.
15.5. Right to data portability.
16. Right of objection.
1. General
When you use the app, we process personal data about you. Personal data means any information relating to an identified or identifiable natural person. Because the protection of your privacy when using the app is important to us, we would like to provide you with the following information about which personal data we process when you use the app and how we handle this data. In addition, we will inform you of the legal basis for processing your data and, if processing is necessary to protect our legitimate interests, also of our legitimate interests.
2. Encryption
This APP uses encryption for security reasons and to protect the transmission of confidential content, such as enquiries that you send to us as the APP operator or communication between APP users. This encryption prevents the data you transmit from being read by unauthorised third parties.
3. Information on the processing of your data
Certain information is already processed automatically as soon as you use the app. We have listed exactly which personal data is processed for you below:
3.1 Information collected during download
When you download the app, certain required information is transmitted to the app store you have selected (e.g. Google Play or Apple App Store), in particular the user name, email address, customer number of your account, the time of the download, payment information and the individual device identification number may be processed. This data is processed exclusively by the respective app store and is beyond our control.
3.2 Information that is collected automatically
As part of your use of the app, we automatically collect certain data that is required for the use of the app. This includes
- internal device ID,
- Version of your operating system,
- Time of access
This data is processed automatically for the following reasons:
- Provision of the app environment
- Improving the app
- Prevention of malfunctions
This data processing is justified by the fact that the processing is necessary for the fulfilment of the contract between you as the data subject and us in accordance with Art. 6 para. 1 lit. b) GDPR for the use of the app and we also have a legitimate interest in ensuring the functionality and error-free operation of the app and in being able to offer a service in line with the market and interests, which outweighs your rights and interests in the protection of your personal data within the meaning of Art. 6 para. 1 lit. f) GDPR.
3.3 Access rights of the app
In order to provide our services via the APP, we require the access rights listed below. listed below, which allow us to access certain functions of your device:
- Camera
- Location
Access to the device functions is necessary to ensure the functionality of the APP. The legal basis for this data processing is our interest within the meaning of Art. 6 para. 1 lit. f GDPR, your consent within the meaning of Art. 6 para. 1 lit. a GDPR and § 25 para. 1 TTDSG and - if a contract has been concluded - to fulfil our contractual obligations (Art. 6 para. 1 lit. b GDPR).
3.4 Creation of a user account (registration) and login
You always have the option to use the app as a guest and therefore use it without providing personal data. However, some functions are restricted as a result: e.g. ordering products, scanning QR codes, calling up products, using the personalised functions.
When you create a user account or log in, we use your access data email address and password to grant you access to your user account and to manage it. Mandatory information is marked with an asterisk during registration and is required for the conclusion of the user contract. If you do not provide this data, you will not be able to create a user account. We process the following data for registration:
- Company Name
- Company Country
- Company City
- Company Street + Number
- Company Postal Code
- Business Branch
- Product Interest
- Company Website
- First Name
- Last Name
- Title
- Job Function
- Password
The processing of this personal data is necessary to ensure the functionality of the APP. The legal basis for this data processing is our legitimate interest pursuant to Art. 6 para. 1 lit. f GDPR, your consent pursuant to GDPR, your consent pursuant to Art. 6 para. 1 lit. a GDPR and § 25 para. 1 TTDSG and - if a contract has been concluded - for the fulfilment of our contractual obligations (Art. 6 para. 1 lit. b GDPR).
4. Receipt of messages (push notification):
You have the option of activating "push notifications" in the app (push technology or server push describes a type of communication in which data is transmitted even though the receiving app is running in the background). With "Push Notifications" you can be informed when, for example, news is available in a news channel that provides information for you. You can configure this option via the "Settings" icon in the app tab bar and activate/deactivate the notifications separately for each service (channel, comments and chat).
To enable "push notifications", we store your identification data, activation or deactivation of "push notifications" per service, activation or deactivation of "push notifications" in general, push tokens of your mobile device (only if at least one "push notification" is activated).
The storage is only visible to the logged-in user of the app. The storage of this personal data in the context of "push notifications" is carried out for the purpose of promoting the information of the users of the app. The personal data collected is not analysed for any purposes other than those described.
The basis for data processing is your consent as part of the voluntary use of this service in accordance with Art. 6 para. 1 lit. a GDPR and § 25 para. 1 TTDSG.
5. Management of favourites
You can manage your favourites in the app. Every product, every company and every Expert Talk in the database can be added to your personal favourites and viewed under your own account in the favourites. This allows you to find products, companies or Expert Talks more quickly or remember interesting products, companies and Expert Talks for later.
Your selected favourites are not analysed, but merely assigned to your profile. The legal basis is therefore your active favouriting of the products and thus your consent in accordance with Art. 6 para. 1 lit. a GDPR. You can remove your favourites at any time and thus revoke your consent.
6. Appointment request
To avoid having to wait for appointments during PERFORMANCE DAYS, you can send an appointment request to companies via the app/website (The Loop). The selected company will directly receive the visitor's details, the day and a message entered in order to be able to create a personalised agenda in advance, including with external companies and contacts. Your account information is also processed.
The legal basis for processing is Art. 6 para. 1 lit. b GDPR. If no contract is concluded or similar. relationship, your data will be deleted after the purpose has expired.
7. My Bag
If you would like to view interesting products in more than just digital form, you can place the desired products in the "My Bag" shopping basket, just like in an online shop, and then request them from the companies as samples.
You can change the delivery address or confirm the one already entered in the following window. Your data will then be forwarded to the relevant exhibitor for contract processing. The product provider is responsible for processing the contract. The legal basis is therefore Art. 6 para. 1 lit. b GDPR.
8. Processing of personal data for advertising purposes
You can object to the use of your personal data for advertising purposes at any time, either as a whole or for individual measures, without incurring any costs other than the transmission costs according to the basic rates.
Subject to the legal requirements of Section 7 (3) UWG, we are authorised to use the email address you provided when concluding the contract for direct advertising for our own similar goods or services. You will receive these product recommendations from us regardless of whether you have subscribed to a newsletter.
If you do not wish to receive such recommendations from us by e-mail, you can object to the use of your address for this purpose at any time without incurring any costs other than the transmission costs according to the basic rates. A message in text form is sufficient for this. Of course, each e-mail always contains an unsubscribe link.
9. Services and data analysis
We have integrated external services for the provision of the app and some functions. We have concluded corresponding order processing contracts with these service providers in accordance with Art. 28 GDPR.
When you access our APP, your behaviour may be statistically evaluated with the help of certain analysis tools and analysed for the purposes of advertising, market research or to improve our offers. When using such tools, we ensure compliance with the statutory data protection regulations. When using external service providers (processors), we ensure through appropriate contracts with the service providers that data processing is subject to German and European data protection standards.
9.1 Google Firebase
We use the "Google Firebase" service in our app, an analysis and monitoring tool from Google Inc. (1600 Amphitheatre Parkway, Mountain View, CA 94043, USA) and Google Ireland Limited (Gordon House, Barrow Street Dublin 4, Ireland) ("Google"). As part of the use of Google Firebase, Google processes identifiers for mobile devices on our behalf, including mobile advertising IDs, Analytics App Instance IDs, IDFVs/Android IDs and Instance IDs.
The following Google Firebase functions are used in our app:
Analytics: This function uses identifiers for mobile devices and cookie-like technologies to analyse user behaviour (e.g. your screen views, button clicks, in-app purchases or the effectiveness of advertising measures) in the app. This allows us to further develop our app and advertising measures based on the needs of our users. You can find more information on data collection here: https://support.google.com/firebase/answer/6318039?hl=de
Crashlytics: This function enables us to technically analyse crashes. Various data (e.g. the time stamp, when the app was started and when the crash occurred) is processed to enable us to diagnose and solve problems in our app. In individual cases, this data may also contain personal data (e.g. pseudonymised device IDs). This personal data is not merged with your other profile information.
Performance monitoring: This is used to create and analyse reports on the network behaviour of our app in order to improve the stability of the infrastructure and therefore the performance of our app. Only the network behaviour between the app and its own endpoints accessible via the Internet is considered. We use this to determine the average start time of the app, for example.
The above-mentioned processing of personal data through the use of the service only takes place if you have given your consent in accordance with Art. 6 para. 1 lit. a GDPR. You can revoke your consent at any time with effect for the future via the settings in our app under Settings/Firebase.
The information generated about the use of our app is transmitted to a Google server in the USA with an anonymised IP address and stored there. Since personal data may be transferred to the USA and other third countries, further protective mechanisms are required to ensure the level of data protection required by the GDPR. To ensure this, we have agreed standard data protection clauses with the provider in accordance with Art. 46 para. 2 lit. c GDPR. These oblige the recipient of the data in third countries to process the data in accordance with the level of protection in Europe. In cases in which this cannot be ensured even by this contractual extension, we endeavour to obtain additional regulations and assurances from the recipient in the third countries.
Depending on the purpose, the data transmitted to Google will be deleted within 60 days and then only used by us in anonymised form, i.e. without personal reference.
You can find Firebase's privacy policy at https://firebase.google.com/support/privacy/.
10. Recipient of the data
Access to your data is only granted to those bodies that absolutely need it for the purposes stated above. In this context, processors and other service providers used by us may also receive data. These are companies in the IT services, call centre services and telecommunications categories. The legally prescribed contractual regulations in accordance with Art. 28 GDPR, on purpose limitation, confidentiality and, if necessary, secrecy have been concluded with these companies. In addition, we only pass on data if this is permitted or required by regulations or if you have given your consent.
11. Transmission to third countries
Depending on your use of the trade fair login, data may be transferred to recipients in third countries. However, as mentioned above, we would like to point this out to you in advance. In the context of remote maintenance of standard IT components, it cannot be ruled out in individual cases that an IT service provider from a third country may gain access to personal data in rare cases and to a limited extent. However, data will only be transferred if the third country has been confirmed by the EU Commission to have an adequate level of data protection or if EU standard contractual clauses have been concluded.
12. Disclosure and transfer of data
Your personal data will only be passed on without your express prior consent in addition to the cases explicitly mentioned in this privacy policy if it is legally permissible or required. This may be the case, for example, if the processing is necessary to protect the vital interests of the user or another natural person.
12.1 Abuse or violation of laws
If it is necessary to investigate unlawful or improper use of the app or for legal prosecution, personal data will be forwarded to law enforcement authorities or other authorities and, if necessary, to injured third parties or legal advisors. However, this only happens if there are indications of unlawful or abusive behaviour. Disclosure may also take place if this serves to enforce terms of use or other legal claims. We are also legally obliged to provide information to certain public authorities on request. These are law enforcement authorities, authorities that prosecute administrative offences subject to fines and the tax authorities.
Any disclosure of personal data is justified by the fact that the processing is necessary to fulfil a legal obligation to which we are subject pursuant to Art. 6 para. 1 lit. f) GDPR in conjunction with national legal requirements for the disclosure of data to law enforcement authorities. national legal requirements for the disclosure of data to law enforcement authorities, or we have a legitimate interest in disclosing the data to the aforementioned third parties in the event of indications of abusive behaviour or to enforce our terms of use, other conditions or legal claims and your rights and interests in the protection of your personal data within the meaning of Art. 6 para. 1 lit. f) GDPR do not prevail.
12.2 Further development
As part of the further development of our business, the structure of our company may change by changing its legal form or by founding, buying or selling parts or components of the company. In such transactions, customer information may be passed on together with the part of the company to be transferred. Whenever personal data is passed on to third parties to the extent described above, we ensure that this is done in accordance with this data protection declaration and the applicable data protection law.
Any disclosure of personal data is justified by the fact that we have a legitimate interest in adapting our corporate form to the economic and legal circumstances as required and your rights and interests in the protection of your personal data within the meaning of Art. 6 para. 1 lit. f) GDPR do not outweigh this.
13. Changes of purpose
Your personal data will only be processed for purposes other than those described if this is permitted by law or if you have consented to the changed purpose of the data processing. In the event of further processing for purposes other than those for which the data was originally collected, we will inform you of these other purposes prior to further processing and provide you with all other relevant information.
14. Data storage period
We delete or anonymise your personal data as soon as it is no longer required for the purposes for which we collected or used it in accordance with the above paragraphs or you actively request that we delete it.
Specific information in this privacy policy or legal requirements for the retention and deletion of personal data, in particular those that we must retain for tax reasons, remain unaffected.
15. Your rights as a data subject
15.1 Right to acess
You have the right to request information from us at any time about the personal data concerning you that we process within the scope of Art. 15 GDPR. To do so, you can send a request by post or email to the address given below.
15.2 Right to rectification of incorrect data
You have the right to demand that we correct your personal data immediately if it is incorrect. To do so, please contact us at the addresses given below.
15.3 Right to erasure
You have the right to demand that we erase the personal data concerning you under the conditions described in Art. 17 GDPR. In particular, these conditions provide for a right to erasure if the personal data are no longer necessary for the purposes for which they were collected or otherwise processed, as well as in cases of unlawful processing, the existence of an objection or the existence of an obligation to erase under Union law or the law of the Member State to which we are subject. For the period of data storage, see also section 5 of this privacy policy. To assert your right to erasure, please use the contact addresses below.
15.4 Right to restriction of processing
You have the right to demand that we restrict processing in accordance with Art. 18 GDPR. This right exists in particular if the accuracy of the personal data is disputed between the user and us, for the period required to verify the accuracy, as well as in the event that the user requests restricted processing instead of deletion in the event of an existing right to deletion; furthermore, in the event that the data is no longer required for the purposes pursued by us, but the user requires it for the assertion, exercise or defence of legal claims and if the successful exercise of an objection between us and the user is still disputed. To assert your right to restriction of processing, please contact us at the addresses given below.
15.5 Right to data portability
You have the right to receive from us the personal data concerning you that you have provided to us in a structured, commonly used and machine-readable format in accordance with Art. 20 GDPR. To assert your right to data portability, please use the contact addresses below.
16. Right to object
You have the right to object, on grounds relating to your particular situation, at any time to processing of personal data concerning you which is based, inter alia, on point (e) or (f) of Article 6(1) GDPR pursuant to Article 21 GDPR. We will stop processing your personal data unless we can demonstrate compelling legitimate grounds for the processing which override your interests, rights and freedoms, or if the processing serves the establishment, exercise or defence of legal claims.
Right of appeal
You also have the right to lodge a complaint with the competent supervisory authority. The competent supervisory authority is
Bayerisches Landesamt für Datenschutzaufsicht (BayLDA)
Promenade 18
91522 Ansbach
0981 1800930
Changes to this privacy policy
We always keep this privacy policy up to date. We therefore reserve the right to amend it from time to time and to update it to reflect changes in the collection, processing or use of your data. The current version of the privacy policy is always available within the app.