Privacy Policy

I. Controller for Data Processing

Yoummday GmbH
Infanteriestraße 11A
80797 München
Tel: +49 89 231 6600 00

Managing Directors:
Dr. Klaus Harisch, Pablo Harisch, Frank Moser, Claas van Delden

Email:
info@yoummday.com

Legal information:
www.yoummday.com/imprint 

II. Contact to the Data Protection Officer

You can contact our DPO via: datenschutz@yoummday.com.

III. Provision of Videoconferences, Online Meetings, and Screen Sharing

As part of the yoummday Talent Summit 2024, we use platforms and applications from other providers for the purpose of conducting video and audio conferences and other types of video and audio meetings (hereinafter collectively referred to as "Summit Services"). When selecting the service providers and their services, we comply with legal requirements.

1. What Data is Processed During the Talent Summit
In registering and participating in the yoummday Talent Summit 2024, we process the following personal data of you.
The scope of the processing depends on the data required for usage (e.g., providing access data or real names) and optional information (e.g., in text, audio, or video contributions) provided by you. In addition to processing for the event, your data is processed for security purposes and service optimization.

The processed data includes

• personal details (first name, last name)
• contact information (email address, phone number)
• access data (access codes or passwords)
• profile pictures
• information about professional position/function,
• the (anonymized) IP address of the internet access
• information about users' devices, their operating system, browser, and technical and language settings
• information on communication processes, i.e., inputs in chats as well as audio and video data

Communication content is encrypted to the extent technically provided by the event providers.

2. Logging and Recordings
If text inputs, participation results (e.g., from surveys), as well as video or audio recordings are logged, you will be informed in advance and asked for your consent if necessary. Consent can be withdrawn at any time with effect for the future and without stating any reasons.

3. User Data Protection Measures
Contributions to the yoummday Talent Summit 2024 will be recorded. Users will only be recorded if they participate in person at the summit in Munich or if they engage in moderation, presentations, interviews, or questions (via video, audio, or text input) during the event.

Please refer to the privacy notices of the services used for details on the processing of your data and select the optimal security and privacy settings available to you.

Please also ensure data and personal protection in the background of your recording during the summit (e.g., by using the function to blur the background if technically possible).

Your link to the yoummday Talent Summit 2024 (and your access data) must not be shared with third parties.

4. Information on Legal Bases

a) Consent, Art. 6 para 1 point a GDPR
If we process your data and ask for your consent for the services used or specific functions, the legal basis for the processing is this consent.

b) Fulfillment of contractual obligations, Art. 6 para 1 point b GDPR
Furthermore, processing may be necessary for the fulfillment of contractual obligations (e.g., organization and execution of the event by employees, etc.).

c) Legitimate interest, Art. 6 para 1 point f GDPR
Additionally, the data can be processed based on our legitimate interests in efficient and secure communication with our communication partners or within the framework of the event. In furtherance of your participation in our Talent Summit, we process the data for postprocessing purposes strictly in conjunction with the event you attended. Our legitimate interest lies in this postprocessing.

• Types of Processed Data: Inventory data (e.g., names, addresses), contact data (e.g., email, phone numbers), content data (e.g., inputs in online forms), usage data (e.g., visited websites, interest in content, access times), meta/communication data (e.g., device information, IP addresses).
• Affected Persons: Users (e.g., website visitors, users of the online offering, especially participants and speakers of the event), employees, business partners.
• Purposes of Processing: Planning, conducting, and post-processing of the event, contact inquiries and communication, office and organizational procedures, security measures.
• Legal Bases: Consent (Art. 6(1)(a) GDPR), contract fulfillment or execution (Art. 6(1)(b) GDPR), legitimate interests (Art. 6(1)(f) GDPR).

5. Used Services and Service Providers

• storytile GmbH: Development, provision, operation, and support of the event platform, including online offerings, user-friendliness, video conferences, web conferences, and messaging; ensuring platform security. Service provider: storytile GmbH, Gollierstraße 70, 80339 München. Website: www.storytile.net/; Privacy Policy: www.storytile.net/datenschutzerklaerung. 

• Vimeo.com, Inc.: Provision of video, live streaming, and audio conference services; service provider: Vimeo.com, Inc., 330 West 34th Street, 5th Floor, New York, New York 10001, USA; Website: vimeo.com/; Privacy Policy: vimeo.com/privacy;  Standard contractual clauses (ensuring data protection level in third countries).

• Webex: Provision of video and audio conference services for the connection of speakers; service provider: Cisco Systems, Inc., Chief Privacy Officer, 170 West Tasman Dr., San Jose, CA 95134 USA. Website: www.webex.com/de/index.html; Privacy Policy: www.cisco.com/c/de_de/about/legal/privacy-full.html; Binding Corporate Rules (ensuring data protection level in third countries through binding corporate rules): www.cisco.com/c/de_de/about/legal/privacy-full.html (referred to as Global Privacy and Security Policy).

• Zoom: Provision of video and audio conference services for the connection of speakers; service provider: Zoom Video Communications, Inc., 55 Almaden Blvd., Suite 600, San Jose, CA 95113, USA; Website: zoom.us; Privacy Policy: explore.zoom.us/de/privacy/;  Standard contractual clauses (ensuring data protection level in third countries): explore.zoom.us/docs/doc/Zoom_GLOBAL_DPA.pdf?_ga=2.251769289.195750321.1646675462-801897819.1598290790 (referred to as Global DPA).

IV. Q&A Section within the Conference Offering

When contacting us via the Q&A section, the information provided by the inquiring persons is processed to the extent necessary to answer the respective inquiry. The legal basis for processing the users' data with Slido is the users' consent. Otherwise, processing is based on legitimate interests in answering inquiries.

• Q&A Section by Slido: Provision of an embedded Q&A section; service provider: Cisco Systems, Inc., Chief Privacy Officer, 170 West Tasman Dr., San Jose, CA 95134 USA; Website: www.sli.do/; Privacy policy: www.slido.com/terms#privacy-statement. 
• Types of Processed Data: Inventory data (e.g., names, addresses), contact data (e.g., email, phone numbers), content data (e.g., inputs in online forms).
• Affected Persons: Communication partners, users (especially participants and speakers of the event), employees, business partners.
• Purposes of Processing: Communication with users of the event or online offering.
• Legal Bases: Consent (Art. 6(1)(a) GDPR), legitimate interests (Art. 6(1)(f) GDPR).

V. Rights of the Data Subjects

Data subjects have various rights under the GDPR, which are primarily derived from Articles 15 to 21 GDPR:

• Right to Object: You have the right to object at any time, for reasons arising from your particular situation, to the processing of your personal data based on Art. 6(1)(e) or (f) GDPR, including profiling based on these provisions. If personal data is processed for direct marketing purposes, you have the right to object at any time to the processing of your personal data for such marketing, including profiling to the extent it is related to such direct marketing.
• Right to Withdraw Consent: You have the right to withdraw your consent at any time with effect for the future and without stating any reasons.
• Right of Access: You have the right to request confirmation as to whether data concerning you is being processed and to receive information about this data and further information and a copy of the data according to the legal requirements by us.
• Right to Rectification: You have the right, according to the legal requirements, to request the completion or correction of incorrect data concerning you.
• Right to Erasure and Restriction of Processing: You have the right, according to the legal requirements, to request the immediate erasure of data concerning yourself, or alternatively, to request the restriction of processing of the data according to the legal requirements.
• Right to Data Portability: You have the right to receive the data concerning yourself which you have provided to us in a structured, commonly used, and machine-readable format, or to request its transmission to another controller, according to the legal requirements.
• Right to Lodge a Complaint with a Supervisory Authority: In accordance with the legal requirements and without prejudice to any other administrative or judicial remedy, you have the right to lodge a complaint with a data protection supervisory authority, particularly in the Member State of your habitual residence, place of work, or place of the alleged infringement, if you consider that the processing of your personal data infringes the GDPR.

For yoummday, the competent supervisory authority is:

Bavarian State Office for Data Protection Supervision
Promenade 18
91522 Ansbach
Germany
E-Mail: poststelle@lda.bayern.de

Furthermore, we refer to our general privacy policy regarding the processing of data.