Data Privacy

Information pursuant to the EU General Data Protection Regulation (GDPR) for users of the online ticket shop


Messe Berlin GmbH attaches great importance to data protection. This information notice informs you about the processing of the personal data in connection with the ticket sale. This notice supplements our General Data Protection Policy, which can be found at https://www.messe-berlin.de/Datenschutz. For particular processing activities there will be separate information notices, where necessary.

 

1.    Controller and data protection officer

Messe Berlin GmbH, Messedamm 22, 14055 Berlin, Germany, e-mail: central@messe-berlin.de, is the entity responsible for the processing of the personal data (the so-called controller) within the meaning of the GDPR in connection with the ticket sale and customer account and service provider. If you have any queries relating to data protection, please feel free to contact our group data protection officer (address: as above; e-mail: datenschutz@messe-berlin.de).

 

MB Capital Service GmbH sells tickets as a representative of the respective organizer and as such is authorized to complete the ticket sale at its own discretion, but in the name and for the account of the organizer. Contractual relationships are established exclusively between the buyer and the respective organizer.

 

2.    Categories of personal data

When using our ticket shop, you as a buyer will be asked to enter your e-mail address and certain personal data. Entering the data allows you to execute your ticket purchases and other benefits, such as the later personalization, modification or re-download of the tickets. The following categories of data are collected during the ordering process: e-mail address, password, salutation, first name, surname, language and address. Depending on the event and as part of the personalization process, further data may be collected, e.g., for trade visitors company/organization, industry and function or company focus and number of employees. In addition to the ticket data, our visitors can also provide voluntary information when purchasing tickets, e.g., title and main areas of interest. Trade visitors can also voluntarily provide project-related information.

 

In addition, the payment processing for the online ticket requires the mandatory provision of your payment data.

 

The tickets are not transferable, so personalization (i.e. provision of the name) of the purchased ticket is required. If you purchase a ticket for another person (third party), we will process at least the first and last name of the third party. You will ensure that you are entitled to provide the data and that the person concerned has been sufficiently informed by you about the processing of their data by Messe Berlin GmbH.

 

3.    Purposes and legal basis of processing

a.             Performance of the contract

We process the personal data pursuant to section 2 for the establishment and execution of your contractual relationship with Messe Berlin GmbH (legal basis: Art. 6 (1) lit. b GDPR). In the case of events which are held in cooperation with associations or business partners, we also pass on your data to these for this purpose. The payment processing of the ticket purchase takes place for the purpose of fulfilling the contract. You can thereby select various payment service providers who directly collect and process the personal data during the ordering process. The respective payment service provider is responsible for the processing of your payment data. Ticket dispatch also takes place on the legal basis of contract fulfilment in accordance with Art. 6 (1) lit. b GDPR. The tickets will be e-mailed to you so that the tickets can either be printed, saved as a file on a mobile device, or used as a wallet entry as proof of purchase on-site.

 

If you have started an order process in our ticket shop, but have not yet completed it or have not yet paid, we will send you a reminder e-mail to the e-mail address you provided. We also process your personal data to remind you before the event begins to personalize and print out the ticket(s) you have already purchased. The legal basis for this is our legitimate interest in allocating the valid ticket to the correct person (identification purpose) and thus ensuring smooth admission to the event (Art. 6 (1) lit. f GDPR).


b.             Credit check and reminder e-mails

If you choose electronic payment methods such as credit cards, PayPal, Klarna or similar when purchasing tickets, a credit check will be carried out. During this process, a payment service provider processes your personal data for the purpose of checking your solvency in order to avoid non-payment. The legal basis for this is our legitimate interest according to Art. 6 (1) lit. f GDPR. If the credit assessment is positive, payment can be made according to the chosen payment method; if it is negative, we cannot offer you the respective payment method. In this case, a different payment method should be selected.

 

c.    Support of companies with headquarters outside Germany

If you are a trade visitor from a company based outside of Germany, we will transmit your data to the foreign representative responsible for you or your company in your home country for the purpose of optimal support. This representative will be available to you as a local contact person for information in connection with your trade fair visit and will assist you in dealing with visa matters. You can find the foreign representative responsible for you at: https://www.messe-berlin.de/Unternehmen/MesseBerlinWeltweit/index.jsp. The data will be transmitted on the basis of our legitimate interest in ensuring the best possible support for our trade visitors, taking into account local particularities (legal basis: Art. 6 (1) lit. f GDPR).

 

d.    Lead tracking service and transmission

We offer our exhibitors and trade visitors at some fairs a so-called lead tracking service. This service enables the exhibitor to scan the trade visitor's ticket (badge) and thus obtain their contact information similar to the exchange of business cards. In this case the exhibitor will receive the following data of the ticket holder for the purpose of contacting him also by e-mail and electronic marketing for his own products and services: company name, salutation, title, first and last name, function, postal address, country, telephone number(s), e-mail address and any other information you may have provided about interests and/or your company. The data is only collected at your personal request. With your permission vis-à-vis the exhibitor to scan your ticket (badge), you give your consent to the transmission of your data to the exhibitor. In some cases, we will obtain your separate consent for the direct transfer of data to exhibitors for the aforementioned purposes when you order tickets. The processing takes place on the basis of your consent (legal basis: Art. 6. (1) lit. a GDPR). Please note that these exhibitors may also be based outside the EU and therefore outside the scope of the GDPR. Your consent insofar also extends to the transfer of your personal data to a third country (see section 5).

 

e.      Registration for networking tools as trade visitor

For some events we offer you the possibility to create a profile in a networking tool when you order a ticket. If you select this option, your personal data will be transferred to generate a profile in the networking tool to make it easier for you to register. This profile is visible to all persons who have access to the networking tool. You will receive an e-mail with a confirmation link which you must click to complete your registration. This processing takes place on the basis of your consent (legal basis: Art. 6 (1) lit. a GDPR).

 

f.     Contact for information and marketing purposes by companies of our group of companies and newsletter registration

We process the personal data for the purpose of contacting you in order to provide you with information accompanying the trade fair and information on opening, accompanying and subsequent events. Subsequent events also include other trade fairs and events organised or held by Messe Berlin GmbH or other group companies in Germany and abroad. For these purposes, we also transmit the data to other companies within the Messe Berlin group of companies. We also use the personal data for market research purposes and for voluntary online surveys in order to constantly improve our offers and our products and services and as part of a market and user analysis adapt them to the needs. The legal basis for this is our legitimate interest in the optimal support of our customers during and after the trade fair and the marketing of the same and similar products and services from the portfolio of the Messe Berlin group of companies (legal basis: Art. 6 (1) lit. f GDPR).

When you order your tickets we offer you the opportunity to subscribe to the event-specific or general Messe Berlin newsletter. You will subsequently receive an e-mail from us with a confirmation link which you must click to complete your subscription (legal basis: your consent (Art. 6 (1) lit. a GDPR)). You can unsubscribe from the newsletter(s) at any time using the "Unsubscribe" link at the end of the newsletter or by sending an e-mail to the address provided in the newsletter or to datenschutz@messe-berlin.de.


4.    Categories of recipients of the data

In addition to the transfer of data to the recipients mentioned in section 3 for the relevant purposes listed therein, we use the services of our subsidiary MB Capital Services GmbH and external service providers for carrying out particular processing activities in connection with the ticket sale and the operation of the ticketing platform (in particular lead tracking service, online ticket shop, communication measures, hosting, IT support, customer survey and direct marketing), which process the personal data on our behalf (so-called “processors”). In the case of events that are held in cooperation with associations or business partners, we will also pass on your data to them.

 

Insofar as persons subject to particular personal protection by the Federal Criminal Police Office (Bundeskriminalamt – BKA) or the Federal State Criminal Police Office (Landeskriminalamt – LKA) (for example, constitutional organs such as the Federal President or the Federal Government or foreign guests) participate in events, the BKA or LKA may examine all event participants. In the framework of such examination the BKA or LKA may request data such as name, company/organization and function from us.

 

In the case of incidents, disorder, emergencies and crises your data may also be transmitted to the (co-)organizer, the police, law enforcement authorities, the fire brigade and ambulances, other public authorities (such as the Health Office (Gesundheitsamt)) as well as the operational fire brigade, the security service and the ambulance service on-site. Internally your data may be disclosed to the respective fair/event management, the central security office and other departments involved in the emergency and crisis management of Messe Berlin GmbH.

 

We pass on your data to the payment providers you have selected. In the case of a direct debit, we pass on your data to banks.

 

For compliance with tax and trade laws and regulations, we share your personal data with the tax and other relevant public and regulatory authorities.

 

5.    Data transfer to third countries

Some of the foreign representatives, companies of the Messe Berlin group of companies, partner companies or processors are based in third countries outside the EU, which do not provide the same level of protection for the personal data as the EU, in particular due to the absence of a legal framework, independent supervisory authorities or data protection rights and remedies. We will only transfer personal data to those countries if the European Commission ("EU Commission") has adopted an adequacy decision in this respect (this is the case for our foreign representatives in Andorra, Argentina, Canada, New Zealand, Israel, Japan, Switzerland and Uruguay) (Art. 45 (3) GDPR) or otherwise where appropriate safeguards in accordance with Art. 46 GDPR have been provided, in particular standard data protection clauses adopted by the EU Commission pursuant to Art. 46 (2) lit. c GDPR. A copy of the safeguards can be obtained upon request (e.g., by e-mail – for contact details see section 1 above). If you consent to the transfer of data to exhibitors based in a third country, the legal basis for the transfer of data despite the lack of data protection is your express consent.

 

6.    Storage period

Stored personal data will be erased, once they are no longer needed for achieving the relevant purpose of their processing. In so far as the processing takes place on the basis of consent or a legitimate interest of Messe Berlin GmbH, the data in question will no longer be processed for the purpose in question, and where appropriate, erased after receipt of your revocation of your consent or your objection to the processing, unless the conditions for a statutory exception are met. Notwithstanding the foregoing, personal data which are subject to retention obligations under commercial or tax laws will only be deleted after the expiry of the statutory retention periods

 

7.    Your data protection rights

Pursuant to Art. 12-21 GDPR, you can excercise the following data subject rights at any time: the right to access, rectification and erasure of your personal data, the right to data portability and to restriction of processing. If the processing is based on legitimate interests, you have the right to object to the processing of your personal data at any time for reasons relating to your particular situation. Furthermore, you may object to the processing of the personal data for marketing purposes at any time. If you have given us your consent, you can revoke this consent at any time with effect for the future. If you are of the opinion that the data processing violates data protection law, you have the right to lodge a complaint with the competent supervisory authority of your choice (Art. 77 GDPR in conjunction with section 19 of the German Federal Data Protection Act (Bundesdatenschutzgesetz). To exercise your rights, you can contact the person responsible (for contact details see section 1 above).