Data Privacy
Last update: May 31, 2022
This privacy policy informs you about processing of personal data on our Websites or in our App. This privacy policy is available on each of our Websites and in our App and may be printed at any time. We reserve the right to adjust this privacy policy at any point in time to ensure that it is in line with the current legal requirements at all times, or in order to accommodate changes in the application process or other processes.
GENERAL INFORMATION
What are Personal Data?
“Personal data” are any information relating to an identified or identifiable individual person, such as a person’s name or also their hobbies. We process personal data only to the extent necessary and for the purpose of providing a functional and user-friendly internet presence and App, including its contents and the services offered there.
“Processing” of data means any operation or set of operations carried out with or without the aid of automated processes relating to personal data, such as collection, recording, organization, sorting, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or integration, limitation, erasure or destruction.
The legal basis for data protection can be found in particular in Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of individuals with regard to the processing of personal data, on the free movement of such data and repealing Directive 95/46/EC (“General Data Protection Regulation”, GDPR), as well as in the Federal Data Protection Act (BDSG) and the Telemedia Act (TMG).
Controller
The Business Romantic Society Verwaltungs GmbH
c/o Thema1, Torstraße 154, 10115 Berlin, Germany
registered at local court (Amtsgericht) Berlin-Charlottenburg under HRB 214167 B
represented by managing directors Till Grusche, Tim Leberecht
TAX ID 30/557/51379 / VAT ID DE328976290
email: collaborate@thebusinessromanticsociety.com
We also refer to the further third party providers named in this privacy policy who control your data.
Controller is any natural or business person, which decides on the purpose and means of data processing on its own or jointly with others.
We as well as our external service partners, such as hosting providers, process your data for the purpose of providing the Services on our Websites and in our App, including our online events, online shop as well as providing hard- and software through such external service partners. The data categories affected are contact information, user behavior or other information that constitutes personal data provided to us.
In general, we process your personal data in the EU/EEA. If third-party providers engaged by us process personal data outside the EU/EEA, data protection standards applicable in the EU are ensured (for details see below). Most of our third-party providers have implemented the EU Standard Contractual Clauses in order to protect you Data. As far as required by the law, we have carried out a risk assessment with respect to the transfer of Data to ensure that GDPR standards are met by the engaged third-party providers. For more information you may also contact us via email to: collaborate@thebusinessromanticsociety.com
We process your personal data as follows (or as otherwise described in this privacy policy or information provided to you):
Data | Purpose | Legal Basis |
contact data, contract data, usage data, other data provided | Communication in order to establish, implement and/or process a contractual relationship (also orally) with you | Art. 6 para. 1 s.1 lit. b. GDPR |
contact data (name, email, shipping/billing address) contract data (organization you belong to, choice of event or product, event details, special requests, etc.) | Sign-up process Purchases in our online shop Booking of our on- or offline events Communication in order to establish and process a contractual relationship with you | Art. 6 para. 1 s.1 lit. b. GDPR |
contact data, contract data, other data provided | compliance with legal obligations, e.g. commercial, tax and social security detention obligations | Art. 6 para. 1 s.1 lit. c. GDPR |
contact data, contract data, other data provided | enforcement, exercise and defense of legal claims with our legitimate interest that may be, for example, in the assertion of legal claims and defense in legal disputes | Art. 6 para. 1 s.1 lit. f. GDPR |
contact data, usage data, other data provided | analysis of data with our legitimate interest of, for example, quality assurance or marketing | Art. 6 para. 1 s.1 lit. a. GDPR |
contact data, usage data, other data provided | consent to data processing for the purpose named in this privacy policy or information provided to you | Art. 6 para. 1 s.1 lit. a. GDPR |
In the event you refrain from providing such data you may face legal disadvantages, for example, no answer to your email sent to us.
Furthermore, we have implemented technical and organizational measures to ensure that the data protection regulations are observed both by us and by external service providers. Each of our Websites are operated through a safe SSL-connection. If an SSL-connection is activated third parties are prevented from reading any data that are transferred by you to us.
Your Rights
You have the following rights:
the right to access,
the right to rectification or erasure,
the right to restriction of processing
the right to data portability,
the right to withdraw your consent.
You further have the right to object, on grounds relating to your particular situation, at any time to processing of your personal data based on point e or f of Art. 6 para. 1 s.1 GDPR, including profiling based on those provisions.
To act according to your rights set forth above you may contact us via email to: collaborate@thebusinessromanticsociety.com
You have the right to lodge a complaint with the data protection authority of your choice (for example: Berliner Beauftragte für Datenschutz und Informationsfreiheit, Friedrichstr. 219, 10969 Berlin or mailbox@datenschutz-berlin.de).
Storing and Deleting Data
The data are deleted if you withdraw your consent and/or such data are no longer necessary for the purpose of processing. We or the engaged third-party services delete your data according to the following criteria: Time and completion of requests, lapse of legal retention periods, settings provided by third-party providers etc. Furthermore, we store your data if we are obliged to do so in accordance with legal retention periods (e.g. German Commercial Code (HGB) or German Fiscal Code (AO)).
DATA PROCESSING WHEN VISITING OUR WEBSITES OR USING OUR APP
Visiting a Website
We (or the web space provider) collect data on each visit to each of our Websites (so-called server log files) for statistical evaluations for the purpose of optimizing our services and in order to guarantee the stability and operational security of the Websites.
Data | Purpose | Legal Basis |
name of the Website visited, file, date and time of the visit, data amount transferred, information on a successful call, browser type as well as version, operating system of the user, referrer URL (the page visited before), IP address and the requesting provider as well as the following, if a mobile end device is being used: country code, language, name of device, name of operating system and version | optimizing our services and in order to guarantee the stability and operational security of the Website | Art. 6 para. 1 s.1 lit. f. GDPR based on our legitimate interest of quality assurance |
compliance with legal obligations | Art. 6 para. 1 s.1 lit. c. GDPR |
Downloading and Using the App
When downloading the App, the following personal data is transferred to the provider of the App-Store (Apple Distribution International Ltd.):
Data | Purpose | Legal Basis |
user name, email address, time of download, payment information, individual device code number | Enabling the download of our App | Art. 6 para. 1s.1 lit. b. GDPR |
When using the App we collect the personal data described below in order to enable convenient use of the functions:
Data | Purpose | Legal Basis |
Registration data (name, date of birth, user name, telephone number, email address, usual place of residence, GPS location data, content data voluntarily entered by the user (photos, videos, comments etc.), IP address, date and time of app access, time difference from Greenwich Mean Time (GMT), device identification and serial number, name of your mobile device, operating system and its interface | Use of the App | Art. 6 para. 1s.1 lit. b. GDPR |
When using the App, the device ID number is assigned to each device registered device. Our access to the device ID number is necessary to identify the device and the user account in order to improve the use of the App and to deactivate the App on stolen or lost devices.
For advertising purposes, we also use the so-called "Advertising Identifier" (IDFA). This is a non-personalized and non-permanent identification number for a specific device provided by iOS. The data collected via the IDFA is not linked to other device-related information. We use the IDFA to provide you with personalized advertising and to evaluate your usage. If you activate the option "no ad tracking" in the iOS settings under "Privacy" - "Advertising", we can only do the following: Measuring your interaction with banners by counting the number of times a banner is displayed without being clicked ("frequency capping"), click-through rate, detecting unique usage ("unique user"), and security measures, fraud prevention, and troubleshooting. You can delete the IDFA in the device settings at any time ("reset Ad-ID"), then a new IDFA will be created, which will not be merged with the previously collected data. Please note that you may not be able to use all the features of our app if you restrict the use of the IDFA.
Cookies
Our Websites and our App partly use so-called technical cookies for a user friendly and technical adequate presentation of the Websites and the App. Cookies are small text files which are stored on your device and in your browser. We use so-called session cookies. After the end of the session these cookies will be deleted automatically. The session cookies are used in order to associate successive page requests with the individual users, who at the same time access our respective Website or App. Other cookies will be stored on your device until you delete them. These cookies enable us to recognize your browser during your next visit. We also use third-party cookies for different purposes, including marketing. For details please refer to the following section and the list of third-party cookies and providers used by us.
You can adjust your browser to notify you, before you receive a cookie or to decide to accept cookies on a case-by-case basis, to completely or partly exclude all incoming cookies and to activate the deletion of cookies automatically when the browser is closed. You may manage many online advertisement cookies provided by companies via the American web page WebChoices: Digital Advertising Alliance's Consumer Choice Tool for Web US or the web page of the European Union Your ad choices. We would like to inform you that the usage and especially the convenience of usage without using any cookies may be limited.
In the event personal data are processed such processing is based on Art. 6 para. 1 s.1 lit. f. GDPR with our legitimate interest in the presentation of a user friendly and technical correct Website or App, or, in case of not technical cookies (e.g. for marketing purposes), your consent (legal basis Art. 6 para. 1 s.1 lit. a. GDPR).
Third-Party Cookies and Similar Technologies on Our Websites
Our Websites and our App use third-party cookies and similar technologies. Some of these third-party cookies and similar technologies are necessary for our online service, some are needed for improving the functionality of our online services or used by us for marketing purposes. Details about the third-party cookies, similar technologies as well as other third-party services used on our Website or in our App are set out here:
Name, provider | Personal data affected | Purpose | Legal basis for data processing | More information / OPT-OUT | Data processing outside the EU/EEA and applicable safeguards |
Google Analytics by Google (inter alia Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland and Google LLC, Mountain View, CA, USA) | Cookies; Usage Data | Tracking and Analytics | Art. 6 para. 1 s.1 lit. a. GDPR | OPT-OUT: | This integration of Google Analytics anonymizes your IP address. It works by shortening users’ IP addresses within member states of the EU/EEA. Google LLC processes data in the USA and guarantees GDPR compliance through the EU Standard Contractual Clauses (SCCs). |
Google Ads (by Google, inter alia Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland and Google LLC, Mountain View, CA, USA) | Cookies; Usage Data | analyze and show relevant ads | Art. 6 para. 1 s.1 lit. a. GDPR | Settings / OPT-OUT: Opt out of seeing personalised ads - Ads Help | Google LLC processes data in the USA and guarantees GDPR compliance through the EU Standard Contractual Clauses (SCCs). |
CONTACTING US, NEWSLETTERS, FURTHER THIRD PARTY PROVIDERS
Contacting Us
If you send us any requests via email, online contact form or otherwise contact us your details in this request are processed by us as follows:
Data | Purpose | Legal Basis |
contact data, name, email address and other data provided | deal with your inquiry or to be able to contact you at a later time for follow up questions | Art. 6 para. 1 s.1 lit. a GDPR Art. 6 para. 1 s.1 lit. b GDPR |
We may also engage third party providers for processing your data for the purposes mentioned above.
Newsletters
With the email newsletter we inform you about our products, events and services.
For the registration to the newsletter only the email address is needed. If you register for the newsletter, your email address will be transmitted to us (or to the engaged third party provider) and stored there. After registration, you receive an email to confirm the registration (“double opt-in”).
You may also receive emails and newsletters from us based on an existing contractual relationship with you.
You may unsubscribe from such newsletters anytime and will not incur any costs other than the transmission costs according to the basic tariffs.
Data | Purpose | Legal Basis |
email address, IP address, the device name, the mail provider as well as (optional) the first and last name and the date of the registration | registration of the newsletter; this storage serves solely as proof in the event that a third party misuses an email address and registers for receiving the newsletter without the knowledge of the authorized party | Art. 6 para. 1 s.1 lit. a GDPR |
email address, IP address, the device name, the mail provider as well as (optional) the first and last name and the date of the registration | Sending newsletters based on your consent | Art. 6 para. 1 s.1 lit. a GDPR |
email address, IP address, the device name, the mail provider as well as the first and last name | Sending newsletters based on an existing relationship with you | Art. 6 para. 1 s.1 lit. b GDPR, Section 7 para. 3 German Unfair Competition Act (UWG) |
IP address, browser type and operating system | analyze the behavior, such as whether users open the email sent or click certain links in emails (when the newsletter is opened, the contained information (so-called web-beacon) connects to the servers of Segment in order to analyze the behavior) for such data processing our legitimate interests (or the legitimate interests of third parties) in quality assurance or marketing apply | Art. 6 para. 1 s.1 lit. f GDPR |
We use “Mailchimp” by The Rocket Science Group LLC d/b/a Mailchimp, 675 Ponce de Leon Ave NE, Suite 5000, Atlanta, GA 30308, USA as third party provider for the purpose of sending emails and newsletters. For this purpose, the provider of Mailchimp processes the IP address, device name, mail provider, first and last name and date on servers in the USA. The US company of Mailchimp guarantees GDPR compliance through the EU Standard Contractual Clauses (SCCs). For more information please also refer to Mailchimp’s privacy policy (Mailchimp's Privacy Policy) and our mutual data processing agreement with (Mailchimp Data Processing Addendum).
Further Third Party Providers
Apart from the Cookies and similar technologies used on our Websites and in our Aoo we have engaged further third party providers that process your data for the purposes mentioned in this privacy policy or further information provided to you. The processing of such data is based on your consent (Art. 6 para. 1 s.1 lit. a. GDPR). Such third party providers may process your data in and outside the EU/EEA as set out in more detail below:
Name, provider | Purpose | More information / data processing agreement | As applicable: Data processing outside the EU/EEA and applicable safeguards |
Adobe Systems Software Ireland Limited | PDF editing | https://www.adobe.com/de/privacy/policy.html | Adobe Inc. (as a partner of Adobe Systems Software Ireland Limited) processes data in the and guarantees GDPR compliance through the EU Standard Contractual Clauses (SCCs). |
Artgrid’s EU representative information: | Film footage licensing site | https://artgrid.io/privacy-policy | |
Amazon Web Services, Inc. | Cloud Service | Datenschutzhinweis https://d1.awsstatic.com/legal/privacypolicy/AWS_Privacy_Notice_German_2020-08-15.pdf AWS Europe FAQ | Amazon Web Services, Inc. (affiliate of the Amazon.com, Inc.) processes data in the USA and guarantees GDPR compliance through the EU Standard Contractual Clauses (SCCs). |
Canva by Canva Pty Ltd | pictures and design tool | Canva Pty processes data in Australia and guarantees GDPR compliance through the EU Standard Contractual Clauses (SCCs). | |
Calendly LLC | Online Appointment scheudling | https://calendly.com/de/pages/privacy | Calendly LLC processes data in the USA and guarantees GDPR compliance through the EU Standard Contractual Clauses (SCCs). |
Craft CMS | Online shop | Pixel & Tonic, Inc. processes data in the USA and guarantees GDPR compliance through the EU Standard Contractual Clauses (SCCs). | |
Eventbrite by Eventbrite Inc. | ticketing for events | Eventbrite Inc. processes data in the USA and guarantees GDPR compliance through the EU Standard Contractual Clauses (SCCs). | |
Fastbill by FastBill GmbH | online accounting tool | ||
Google Cloud / GSuite by Google | hosting / IT infrastructure | Google LLC processes data in the USA and guarantees GDPR compliance through the EU Standard Contractual Clauses (SCCs). | |
A Medium Corporation, P.O. Box 602, San Francisco, CA 94104, USA (EU representative: VeraSafe Ireland Ltd. | Online publishing platform/ our online journal | https://policy.medium.com/medium-privacy-policy-f03bf92035c9 | |
PayPal (Europe) S.à r.l. et Cie, S.C.A. | Online Payment system | https://www.paypal.com/de/webapps/mpp/ua/privacy-full?locale.x=de_DE | |
Rocket Reach by RocketReach | finding and managing addresses, phone and social details | RocketReach processes data in the USA and guarantees GDPR compliance through the EU Standard Contractual Clauses (SCCs). | |
Salesforce.com, inc. Salesforce Tower, 415 Mission Street, 3rd Floor, San Francisco, CA 94105, United States (German representative: salesforce.com Germany GmbH | Customer Relationship Management | Saleforce Privacy Policy Salesforce Processor Binding Corporate Rules | Saleforce processes data in the USA and guarantees GDPR compliance through the EU Standard Contractual Clauses (SCCs). |
Sendible Limited | Social Media scheduling | Sendible processes data in the UK and guarantees GDPR compliance through the EU Standard Contractual Clauses (SCCs). | |
SoundCloud Global Limited & Co. KG | Online audio distribution platform | https://soundcloud.com/pages/privacy | |
Spotify AB | Audio Streaming Service | https://www.spotify.com/de/legal/privacy-policy/ | |
Stripe by Stripe Inc., | payment provider for online shop | Stripe Inc. processes data in the USA and guarantees GDPR compliance through the EU Standard Contractual Clauses (SCCs). | |
Squarespace Ireland Limited, Le Pole House | online shop service | ||
Typeform by TYPEFORM SL, Carrer Bac de Roda 163, 08018 Barcelona, Spain | online forms and surveys | Typeform's terms, conditions & policies | |
WP Engine, Inc. 504 Lavaca St #1000, Austin, TX 78701, USA | Website building | WP Engine processes data in the USA and guarantees GDPR compliance through the EU Standard Contractual Clauses (SCCs). | |
Zapier, Inc. 548 Market St. #62411 San Francisco, CA 94104-5401 | Web applications integrations | Zapier processes data in the USA and guarantees GDPR compliance through the EU Standard Contractual Clauses (SCCs). | |
Zoom by Zoom Video Communications, Inc., | video conference tool |
Zoom Video Communications, Inc. Global Data Processing Addendum | Zoom Video Communications, Inc. processes data in the USA and guarantees GDPR compliance through the EU Standard Contractual Clauses (SCCs). |
1&1 IONOS SE Elgendorfer Str. 57 56410 Montabaur | Web hosting company | https://www.ionos.de/terms-gtc/terms-privacy |
Further information about third party providers engaged by us are contained in this privacy policy or further information provided by us. You may also contact us for details via a message to: collaborate@thebusinessromanticsociety.com
DATA PROCESSING ON OUR SOCIAL MEDIA PAGES
General
We operate social media pages on Facebook, Instagram and LinkedIn, whereas data are processed by us and the provider of the social media. This type of service allows interaction with social networks or other external platforms.
The respective provider of social media assumes the data protection obligations towards you, such as information on data processing, and is the contact person for rights. This follows from the fact that such provider has direct access to the relevant information on the social media pages and the processing of data. However, you are also welcome to contact us if this should become necessary and we will then forward the request to the respective provider if necessary.
With social media pages we can communicate with and provide you with interesting information. We may receive further Data through comments, shared images, messages and reactions, which we then process to answer or communicate with you. If you use social media on several end devices, a cross-device analysis of the data can take place. Furthermore, the providers of the social media pages may also use cookies and tracking technologies to analyze and improve their services.
Data processing takes place with consent or for the purpose of answering user enquiries (Art. 6 para. 1 s.1 lit. a or b GDPR) or on the basis of legitimate interests in improving the services, advertising and marketing activities and presentation to the outside world (Art. 6 para. 1 s.1 lit. f GDPR). The interaction and information obtained on our Websites or in our App are always subject to your privacy settings for each social network. This type of service might still collect traffic data for the pages where the service is installed, even when you do not use it.
It is recommended to log out from the respective services in order to make sure that the processed data on our Websites or in our App is not being connected back to your social media profile.
The social media providers may process your data outside the EU/EEA (mainly: USA). The providers guarantee GDPR compliance through the EU Standard Contractual Clauses (SCCs).
Page Insights on Facebook
Facebook (by Facebook Ireland Ltd., 4 Grand Canal Square, Dublin 2, Ireland) and we use the Page Insights function to process statistical data from Users of Facebook pages (see also the agreement at: https://www.facebook.com/legal/terms/page_controller_addendum). This involves the processing of data in the form of so-called 'page insights', which are described in more detail at How to Manage Your Facebook business Pages.
Evaluations and statistics are generated in the form of page insights from the usage data of the Facebook pages, which support us in improving marketing activities and external presence. We may also learn about users and their behavior who interact with or use our Facebook Pages to display relevant content and develop features that may be of interest to them. These page statistics show, for example, which people from certain target groups interact most with Facebook Pages or which content on the Facebook Page was visited, shared or licked when and how often. When classifying people into target groups, demographic data or data about the location of a person is also included in order to place targeted advertisements with these people. The data collected in this way is statistically processed and usually anonymous, i.e. we cannot establish any reference to the individual person. Information on these page insights and data processing can be found, for example, in Facebook's data protection statement at Data Policy or at How to Manage Your Facebook business Pages. Facebook also uses cookies and storage technologies. More information can be found here: Printable Cookies Policy.
OPT-OUT/Settings: https://www.facebook.com/settings
Page Insights on Instagram
When using Instagram and you have an account there, Instagram can assign your activities to your profiles there. Instagram (by Facebook Ireland Ltd., 4 Grand Canal Square, Dublin 2, Ireland) and we use the Instagram Insights function to process statistical data from users of our Instagram pages (see also for Facebook which is connected to the provider of Instagram the agreement at: https://www.facebook.com/legal/terms/page_controller_addendum). This involves the processing of data in the form of so-called ‘Instagram Insights’ which are described in more detail at About Instagram Insights. Instagram also uses cookies and similar technologies. For more information please refer to: Data Policy.
OPT-OUT/Settings: https://www.instagram.com/accounts/privacy_and_security/
Page Insights on Linktree
Bolster Creative PTY LTD (Bolster, 1510 E. Hennepin Ave., Minneapolis, MN 55414, USA ) operates the linktr.ee Website. While using Linktree’s Service, you are asked to provide them with certain personally identifiable information that can be used to contact or identify you. Linktree also uses cookies and similar technologies. Linktree profiles are populated by the user’s who built the profile. More information: https://linktr.ee/s/privacy).
Data processing on our LinkedIn Page
We may interact with data included on the LinkedIn Page via the service by LinkedIn Ireland Unlimited Company, Wilton Plaza, Wilton Place, Dublin 2, Ireland / LinkedIn Corporation, 1000 W. Maude Ave., Sunnyvale, CA 94085, USA. LinkedIn also uses Cookies. More information: Privacy Policy
OPT-OUT/Settings: Settings
