Privacy Policy

The protection of your data at eco – Association of the Internet Industry

I.General

We, the eco – Association of the Internet Industry, Lichtstrasse 43h, 50825 Cologne (hereinafter referred to as “eco”), take the protection of your personal data very seriously, and we strictly comply with the regulations of the data protection statutes. The following declaration provides you with an overview as to how we ensure this protection. In particular, we would like to explain to you – as a visitor to our website, a subscriber to our newsletter, as a guest at one of our numerous events, or as an applicant to eco – which types of data we gather, why we collect these types of data, how we use this data, and how you at any and all times can determine how your personal data is treated.

According to the General Data Protection Regulation (GDPR) you have various rights which you can assert in relation to us. This includes, among others, the right to withdraw consent to the processing of data, in particular data processing for the purposes of marketing. The possibility to withdraw consent is typographically highlighted.

Should you have questions regarding this Privacy Policy, you can contact our data protection officer at any time. The contact details can be found below.

II. Name and contact details of the person responsible for processing and the data protection officer

This Privacy Policy applies to the processing of data by eco – Association of the Internet Industry, Lichtstrasse 43h, 50825 Cologne (“person responsible”).

Our data protection officer, Mr. Jan Stumpf, can be contacted via the email address dataprotection@eco.de, by post to: eco – Association of the Internet Industry, Mr. Jan Stumpf, Lichtstrasse 43h, 50825 Cologne, with the keyword “Data Protection,” or by fax at the number +49 (221) 70 00 48-111.

III. Purpose of data processing, legal basis, and legitimate interests that are pursued by eco or a third party, and categories of recipients

  • Surfing on this website

eco gathers and automatically stores log file information in its server, which your browser deposited with us while you were surfing.

In brief, here is the key data that we store:

  • Type of browser/browser version
  • The operating system used
  • Referrer URL (the page visited previously)
  • URLs / pages on this website that have been accessed
  • IP address of the accessing computer along with its name
  • Time of the server request
  • Visitor history

Furthermore, we record the complete Uniform Resource Locator (URL) Clickstream through and from our website, i.e. the sequence of the pages of our website that you visit, including date and time, cookie or flash cookie number, and the content that you viewed or for which you searched.

During your visits, we sometimes use JavaScript in order to gather and evaluate information, including the time it takes a website to load, download errors, the duration of the visit on a subpage, information regarding the interaction between pages (e.g. scrolling, clicking, mouse-overs) and leaving the page.

The legal basis for the processing of the IP address is Article 6, Para 1f) of the GDPR. Our legitimate interest results from the following list of purposes of the data processing. Please note on this point that it is not possible for us to draw any direct conclusions about your identity on the basis of the data collected, nor do we attempt to draw such conclusions.

The IP address of your device and the remaining data listed above is used by us for the following purposes:

  • Ensuring a seamless establishment of the connection
  • Ensuring the comfortable use of our website
  • Assessing the system security and stability

The data is saved for a period of 7 days, after which it is automatically deleted or anonymized. Further, we make use of so-called cookies, tracking tools and social media plug-ins for our website. Exactly what process is undertaken and how your data is used for these is clarified in Section III below.

  • Contact Form and Email Contact

On our website, you have the option of getting in contact with us via a contact form or via email. The information you impart via the contact form is usually:

– Surname

– First name

– email

The personal data imparted to us will be used exclusively for the purpose of processing your enquiry and will be deleted after processing your query. The legal basis for this is your consent within the meaning of Art. 6 No. 1) a GDPR, as well as Art. 6 No. 1) f GDPR. The proper processing of your enquiry is to be regarded as a legitimate interest within the meaning of the GDPR. You can withdraw your consent to the processing of the personal data imparted to us at any time with effect for the future, using the contact information provided under II. From the moment of withdrawal, it will no longer be possible to process your enquiry.

  • Whitepaper Download

On our website, you have the opportunity to download whitepapers. This service is free of charge. Within the whitepaper download, we ask you to provide the following personal data as mandatory information:

  • email address

We require this data in order to be able to send you the selected whitepaper / study. We can also use your data to contact you individually from time to time for promotional purposes. The legal basis for this is Article 6, Para 1 a) of the GDPR.

Your thus declared consent can be withdrawn at any time with effect for the future by using the contact details provided under Section II.

  • Online Presence on Social Media

In addition to this website, we also maintain an online presence on the social media channels Facebook, Twitter, Xing, Linked-in, Youtube, and Flickr. You can access these by clicking on the corresponding menu items on our website.

We would like to point out that your use of these pages and their functions lies within your own responsibility. This applies in particular to the use of interactive functions (e.g., commenting, sharing, rating).

When visiting such a page, personal data may be transferred to the provider of the social media channel. The social media provider collects and processes your IP address, the type of processor and browser version used, including plug-ins and, where applicable, other information.

The data collected about you in this context will be processed by the provider of the social media channel and in some instances may be transferred to countries outside of the European Union.

If you are logged in with your personal user account of the respective channel during your visit to such a website, this channel can assign the visit to your account.

If you wish to avoid this, you should log out of the social media channel before visiting our online presence or deactivate the “remain logged in” function, delete the cookies present on your device, and exit and restart your browser. In this way, information which could be used to directly identify you is deleted.
The purpose and scope of the data collection and the further processing and use of the data by the provider of the respective social media channel, as well as your relevant rights and setting options for the protection of your privacy, can be found under the respective privacy policy information of the respective medium:

Facebook: https://de-de.facebook.com/about/privacy/
Twitter: https://twitter.com/privacy?lang=de
Xing: https://www.xing.com/privacy
Linked-In: https://www.linkedin.com/legal/privacy-policy
Youtube: https://www.google.de/intl/de/policies/privacy/
Flickr: https://policies.oath.com/ie/de/oath/privacy/products/flickr/index.html

As the operator of the respective online presence, we do not collect or process any further data from your use of the corresponding social media channel.

  • Online presence and website optimization

5.1. Cookies

Our Internet sites use so-called cookies at numerous points. Cookies are small text files that are automatically generated by your browser and saved on your device (laptop, tablet, smartphone, etc.). Cookies do not cause any damage to your device and they do not contain any viruses, Trojans, or other malware. In the cookie, information is stored which results from the connection with each specific device respectively. However, this does not mean that we gain any direct knowledge regarding your identity. Cookies can be used to store different information. This includes, for example, the language settings on our website. The use of cookies also serves the purpose of improving the user experience of our Internet presence. We therefore use so-called “session cookies” in order to recognize that you have already visited individual pages on our website. These are deleted automatically after the end of your visit. In addition to this, also for the purpose of increasing user-friendliness, we make use of temporary cookies that are saved on your device for a specific period of time. If you visit our website again to avail of our services, it will be automatically recognized that you have visited the site previously, and what input you made or settings you activated, so that you do not have to input them again.

Insofar as these cookies are those that are necessary to ensure the proper functioning of our website, the use of these takes place on the basis of Article 6 Para 1a) of the GDPR. Our interest in optimizing our website is thereby to be seen as legitimate in the sense of the aforementioned regulation. In all other cases, we ask you for your consent (pursuant to Article 6 Para 1a) of the GDPR), which allows us to set further cookies (analysis cookies, marketing cookies). No cookies are set (except required/essential cookies) without giving consent. Further information can be found in our “Individual Cookie Settings”.

You can change or withdraw your consent at any time in the “Individual Cookie Settings” or via the button “Change Cookie Settings” on our website.

Most browsers automatically accept cookies. You can, however, configure your browser so that no cookies are stored on your computer, or so that a warning always appears before a new cookie is created. However, the complete deactivation of cookies can result in your not being able to use all functions on our website. The storage duration of the cookies is dependent on their purpose and is not the same for all.

5.2. Matomo (formerly Piwik)

On the basis of Article 6 Para 1f) of the GDPR, our website uses the web analytics service Matomo. Matomo uses cookies, text files that are saved on your computer and enable us to analyze your use of the website. For this purpose, user information generated through the cookie (including your abbreviated IP address) is transferred to our server and stored for the purpose of analyzing website usage, which supports our website optimization. Your IP address is immediately anonymized in this process, so that you remain anonymous to us as a user. The information generated through the cookie about your use of this website is not transferred to any third parties. You can prevent cookies from being used by activating the corresponding settings in your browser software; however, this may result in your not being able to make complete use of all functions on this website.

You can dissent to the storage and analysis of your data by Matomo at any time by amending or withdrawing your “individual cookie settings”.

5.3. Website Tracking

We use tracking tools on our website to measure, analyze, and optimize the effectiveness of our promotional activities. Through the use of promotional pixels or tracking tags, we receive information about how visitors have arrived on our website and what content they view (conversion tracking). This information helps us to analyze our website (web analytics), to improve it, and to display content customized to various target groups and interests (retargeting). In doing so, it is not possible for us to draw any direct conclusions about your identity. The legal basis for this data processing is your consent in accordance with Article 6 Para 1a) of the GDPR. You can learn about the exact tools which we use under 5.3.1 – 5.3.3.

You can amend or withdraw your consent at any time in the “individual cookie settings” or via the “Change cookie settings” button on our website.   

5.3.1   Facebook Pixel

“Facebook Pixel” is a tool provided by Facebook Ireland Ltd, Hanover Reach, 5-7 Hanover Quay, Dublin 2, Ireland (“Facebook”), which enables an analysis of your use of our website. Your data is thereby transmitted to Facebook. Facebook processes this data and, when applicable, can merge it with your user profile. For more information on how Facebook handles your data, please refer to Facebook’s privacy policy at https://www.facebook.com/about/privacy/. To specifically see what content and information you have shared through your use of Facebook, you can manage it via the “Activity Log” tool or download it via Facebook’s “Download Your Data” tool. 

5.3.2 LinkedIn Insight Tag

Our website uses “Insight Tag”, a product of LinkedIn Ireland Unlimited Company, Wilton Plaza, Wilton Place, Dublin 2, Ireland (“LinkedIn”). By installing the “Insight Tag”, a direct connection to the LinkedIn server is established. LinkedIn processes this data and can link it to your user profile.

For more information on protecting your privacy on LinkedIn, please see LinkedIn’s privacy policy at https://www.linkedin.com/legal/privacy-policy.

5.3.3 Twitter Website Tag

“Website Tag for Remarketing” is a product of Twitter International Company, One Cumberland Place, Fenian Street, Dublin 2, D02 AX07, Ireland (“Twitter”), which also directly connects to Twitter servers. Twitter processes this data and may link it to your user profile. For more information on ways to protect your privacy on Twitter, please see Twitter’s privacy policy at https://twitter.com/personalization.

  • Joint controllers pursuant to Article 26 Para. 2 (2) of the GDPR

In order to spare resources and use them more effectively, eco e.V. and the deutsche medienakademie GmbH (German Media Academy), as a 100 percent subsidiary of eco e.V., use a joint database to manage their address databases.

As part of their joint data protection responsibility, eco and dma have agreed which of them fulfils which obligations under the GDPR. To this end, eco and dma have each assigned the individual data files to a company responsible for processing the personal data. This applies in particular to the observation of the rights of the data subjects and the fulfilment of the information obligations pursuant to Articles 13 and 14 of the GDPR.
You can assert your data protection rights centrally at: dataprotection@eco.de, or alternatively at: info@medienakademie-koeln.de.

IV. Your rights

  • Overview

Alongside the right to withdraw the consent given to us, you also have the following rights, when the respective legal conditions are extant:

  • Right of information regarding your personal data stored by us in accordance with Article 15 of the GDPR; in particular, you can obtain information about the purpose of processing, the category of personal data, the category of recipient for whom your data is or has been made available, the planned period of retention, the origin of your data, insofar as it was not collected directly from you,
  • Right of rectification of erroneous or to completion of correct data in accordance with Article 16 of the GDPR,
  • Right to deletion of your data stored by us in accordance with Article 17 of the GDPR, insofar as there are no legal or contractual requirements to retain the data, or other legal obligations or rights to the continued retention of the data,
  • Right to limit the processing of your data in accordance with Article 18 of the GDPR, insofar as you dispute the correctness of the data, the processing is illegal, but you oppose the deletion of said data; the data controller no longer requires the data, but you require said data for the assertion, exercise or defense of legal claims, or you have filed an objection to the processing in accordance with Article 21 of the GDPR,
  • Right to data portability in accordance with Article 20 of the GDPR, i.e. the right to receive selected data about you stored by us in a standard, machine-readable format, or to have this transmitted to another data controller,
  • Right to complain to a supervisory authority. As a rule, you can contact the supervisory authority of your normal place of residence or work, or of our association headquarters to do this.
  • Right to object

Under the conditions of Article 21, Para 1 of the GDPR, the data processing can be objected to on grounds arising out of the special situation of the data subject.

The above general right to object applies for all purposes of processing described in this Privacy Policy that are processed on the basis of Article 6, Para 1f) of the GDPR. In contrast to the special right to object to data processing for marketing purposes (see Section III.4.2. above), we are, according to the GDPR, only obligated to implement such a general right to object if you can provide grounds of superordinate importance (e.g. a possible risk to life or health).

V. Forwarding to third parties

The data collected by us are not sold. We provide information that we obtain to third parties exclusively to the extent described in the following:

  • Affiliated companies

Affiliated companies that are under the control of eco, if they are either subject to this Privacy Policy or adhere to guidelines that offer at least as much protection as this Privacy Policy.

  • Service providers

We commission other companies and individuals to fulfill tasks for us. Examples include supporting with the organization of events (e.g. competence groups, congresses, or LocalTalks), the sending of letters or emails, the maintenance of our contact lists, the analysis of our data bases, marketing measures (including the making available of search results and links), and the handling of payments (credit cards, bank transfers, and purchase order invoicing). These service providers have access to personal information that is necessary for fulfilling their tasks. However, they are not permitted to use this for other purposes. In addition to this, they are obligated to handle the information in accordance with this Privacy Policy and applicable data protection laws.

  • Protection of eco and third parties

We disclose personal data when we are legally obliged to do so, or when such disclosure is necessary to protect our rights and those of third parties.

  • Recipients outside of the EU

With the exception of the processing described in section III.5., we do not forward your data to recipients with headquarters outside of the European Union or the European Economic Area. The processing outlined in section III.5. causes a data transfer to the servers of the newsletter sender commissioned by us. These servers are located in Switzerland. The data transfer takes place on an adequacy decision of the EU for Switzerland.

 VI. Further information and notes

Our website, services, and initiatives evolve continuously. Equally, this Privacy Policy changes on occasion. Therefore, you should regularly visit our website and take note of any changes. Insofar as nothing is regulated in another manner, the use of all information that we have about you is subject to this Privacy Policy. We assure you that significant changes to our Privacy Policy that would result in weakened protection of already collected data will always only be made with your agreement as the respective data subject.

Your trust is very important to us. Therefore, we are available to answer your questions at any time regarding the processing of your personal data. If you have questions that could not be answered in this Privacy Policy, or if you would like more detailed information on one of the points, please contact our data protection officer, Mr. Jan Stumpf, at any time at the email address dataprotection@eco.de, at the postal address: eco – Association of the Internet Industry, Lichtstrasse 43h, 50825, Cologne (keyword “Data Protection”), or by fax to the number +49 (0)221 70 00 48-111.