Data protection policy of NürnbergMesse GmbH
Last update: 12/2021
We thank you for visiting our website and for your interest in our company. We are very serious about protecting your personal data. We process your data in accordance with the laws and regulations applicable to the protection of personal data, particularly including the EU General Data Protection Regulation (EU-GDPR) and the country-specific implementing laws applicable to us. In this data protection policy, we provide you with comprehensive information about the processing of your data by NürnbergMesse GmbH and your rights in this respect.
Personal data is information that makes it possible to identify a natural person, particularly including the name, date of birth, address, telephone number, e-mail address and IP address.
Anonymous data is data from which no one can establish a personal connection to the user.
1. Controller amd Data Protection Officer
The controller according to the definition of the General Data Protection Act and other national data protection laws of the EU member states and other data protection regulations is:
Contact information of the Data Protection Officer:
2. Your rights as a data subject
First, we would like to inform you of your rights as a data subject. These rights are codified in Art. 15 - 22 EU-GDPR. They are:
- The right of access (Art. 15 EU-GDPR),
- The right to erasure (Art. 17 EU-GDPR),
- The right to rectification (Art. 16 EU-GDPR),
- The right to data portability (Art. 20 EU-DSGVO),
- The right to restriction of data processing (Art. 18 EU-GDPR),
- The right to object to data processing (Art. 21 EU-GDPR).
To assert these rights, please contact:
Any questions about data processing in our company should be directed to the same e-mail address. You are also entitled to complain to the data protection supervisory authority.
3. Rights of objection
Please note the following with respect to the rights of objection:
When we process your personal data for purposes of direct advertising, you have the right to object to such data processing at any time without indication of reasons. The same applies to profiling to the extent that it is related to direct advertising.
When you object to processing for purposes of direct advertising, we will no longer process your personal data for these purposes. You can notify you objection free of charge and without observing requirements of form, ideally at:
In the event that we process your data for the sake of legitimate interests, you can object to such processing at any time for reasons having to do with your particular situation; the same applies to any profiling on the basis of these provisions.
We will no longer process your personal data unless we can demonstrate compelling, legitimate reasons for the processing that override your interests, rights and freedoms, or when the processing serves the purpose of asserting, exercising or defending against legal claims.
4. Purposes and legal grounds of data processing
In processing your personal data, we comply with the provisions of the EU-GDPR and all other applicable provisions of data protection law. The legal grounds for data processing are particularly set out in Art. 6 EU-GDPR.
We use your data for business initiation, the fulfilment of contractual and statutory obligations, the performance of the contractual relationship, the offering of products and services and the strengthening of customer relationships, which can also include analyses for marketing and direct advertising purposes. This particularly includes the organisation of trade fairs, exhibitions, congresses and similar events and the operation of the Exhibition Centre Nuremberg. Specifically, we use data for the following purposes, although this list is not exhaustive:
- Order/payment processing
- Registration as exhibitor and/or visitor
- Purchase of tickets
- Redemption of coupons. Coupons can be redeemed online and an e-ticket can be printed out. That saves you wait times on site.
- Registration of future tickets “with a click”. For some trade visitor exhibitions, pre-legitimation information is sent by e-mail or letter (legitimation of trade visitors), which makes it easier to purchase tickets the next time.
- Delivery, payment and online publication of trade fair directories and catalogues (e.g. exhibitors and products database).
- Verification of a person’s status as a trade visitor (trade visitor legitimation).
- Personalisation of ID cards in ID management: exhibitor IDs, assembly and disassembly IDs, tickets.
- Planning your trade fair visit on the basis of announcements and targeted trade information sent by e-mail and post.
- Smooth execution of your trade fair participation as an exhibitor by providing targeted information about service offers and services.
- Registration for newsletters.
- Voluntary participation in market and opinion research surveys.
- Review of conditions for the accreditation of media representatives and bloggers.
For your protection and for the fastest possible traceability of possible chains of infection with the Covid-19 virus ("Corona"), we are also obliged to document your presence in the event area. The exhibitors, visitors and service providers entering the event area will be registered (last name, first name, an address and secure contact information [phone number, email address], and period of stay) to enable contact persons to be identified in the event of a subsequently identified Covid-19 case among exhibitors, visitors, service providers or personnel.
The purpose of this data processing is to protect the health of employees, exhibitors, visitors and service providers, to contain the pandemic with a view to tracing chains of infection and to comply with the legal provisions applicable in the course of the pandemic.
The legal basis for this data processing is Article 6 para. 1 letter c GDPR in conjunction with Section 6 of the Bavarian Infection Prevention Measures Ordinance (BayIfSMV) and with Sections 1.3 and 1.9 of the Framework Concept for Trade Fairs and Exhibitions from the joint announcement of the Bavarian State Ministries of Economic Affairs, Regional Development and Energy and of Health and Care dated December 10, 2021.
Your consent is also required under data protection laws. In asking for your consent, we inform you about the purposes of data processing and your right to object. If the consent also refers to the processing of special categories of personal data, we will expressly inform you of this in the consent declaration.
Processing of special categories of personal data within the meaning of Art. 9 para. 1 EU-GDPR is only done when required by statutory regulations and there is no reason to assume that your legitimate interests in preventing such processing are overriding.
5. Transfer to third parties
We will transfer your data only within the limits of the statutory provisions or when you have granted your consent. Otherwise, your personal data will not be transferred to third parties unless we are obligated to do so by virtue of binding statutory regulations (transfer to external entities such as supervisory authorities or criminal prosecution authorities).
6. Recipients of data / categories of recipients
Within our enterprise, we ensure that only those persons who need your personal data to fulfil our contractual and statutory obligations receive it. Because NürnbergMesse GmbH operates all over the world, we may possibly send your data to subsidiaries or international representatives of the NürnbergMesse Group, and specifically to the subsidiary or international representative that is located in your country or is responsible for your territory in order to process your order or request.
In many cases, our departments are assisted in the performance of their duties by service providers and service partners, e.g. visitor registration processing, newsletter distribution, e-mailings, payment processing, order processing, credit check, web hosting, maintenance and analysis of data. All service providers and service partners have been carefully selected and the necessary data protection agreements have been concluded with all service providers and service partners. Personal data is processed by our service providers and service partners in compliance with the applicable data protection regulations for the provision of support and information to customers and interested parties and to provide the offered services.
Your data will be transmitted to exhibitors in the following cases:
- When you use a coupon for your trade fair visit, you accept that the data you enter in your visitor registration will be transmitted to the exhibitor who has invited you to visit the trade fair free of charge. This can serve the purpose of billing the tickets between the exhibitor and NürnbergMesse GmbH, the inspection of the redeemed coupons and communication between exhibitors and their visitors. If you do not agree to this, you naturally have the option of purchasing your admission ticket at the cash desk without providing information.
- If you participate in so-called “lead tracking”. You participate in lead tracking when you allow an exhibitor to scan the bar code on your ticket while visiting an event. In a manner similar to providing a business card, scanning the bar code means that the contact data you provided in your visitor registration (company name, form of address, title, last name, first name, company, street address, postal code, post town, e-mail, possibly also sector information and other information provided by you) will be transmitted to the exhibitor,regardless of whether the exhibitor is from Germany, the EU or other third countries. Your participation in lead tracking is voluntary and will not take place without your further cooperation.
Personal data will only be transferred to the competent health authority upon request and for the purpose of tracing chains of infection with the Covid-19 virus.
7. Transmission of data / Intent to transmit data to third countries
The transmission of data to third countries (outside of the European Union or the European Economic Area) is only done when this is necessary to fulfil our obligations or is legally required or when you have granted us your consent to do this.
We may potentially transmit your personal data to subsidiaries or international representatives of NürnbergMesse GmbH outside of the European Economic Area: India, China, Brazil, United States. The international representatives of NürnbergMesse can be found on our website at www.nuernbergmesse.de/auslandsvertretungen.
Compliance with the level of data protection is ensured, among other things, by the use of EU standard data protection clauses and - where necessary - by additional guarantees. The service providers are obligated by corresponding contractual regulations to comply with the data protection standards and thus the data protection level of the EU. Data processing or storage in third countries may also take place on the basis of your consent (Art. 49 para. 1 p. 1 letter a EU-GDPR), in which case you will be informed of this separately when obtaining your consent.
8. Duration of data storage
We will store your data for as long as needed for the given processing purpose. Please note that numerous retention periods require that data continues to be stored. We are particularly required to do this by retention obligations under commercial law or tax law (e.g. German Commercial Code, Tax Code, etc.). Data is routinely erased as soon as no further retention obligations are in effect.
Data collected for the purpose of tracing chains of infection with the Covid-19 virus shall be retained for one month. Where another legal basis permits or requires the retention of the data for a longer period of time, the data may not be used for that purpose after one month has elapsed since their collection.
Furthermore, we may store your data when you have granted us your consent to do this or in the event of legal disputes, when we use the data as evidence for purposes of statutory limitation periods, which can last up to three years; the regular limitation period is three years.
9. Secure transmission of your data
We employ appropriate technical and organisational safeguards to protect the data stored with us as well as possible against accidental or intentional manipulations, loss, destruction or access by unauthorised persons. The level of security is continually reviewed and adapted to meet new security standards in collaboration with security experts.
Data transfers from and to our website are always encrypted. As the transmission protocol for our websites, we offer HTTPS and we always use the latest encryption protocols. It is also possible to use alternative communication channels (e.g. postal service).
10. Obligation to provide data
Some personal data is necessary for the establishment, performance and termination of the obligation and the fulfilment of the related contractual and statutory obligations. The same applies to the use of our website and the various functions it provides.
We summarised the details in the section above. In certain cases, data must also be collected and/or provided due to statutory provisions. Please note that it is not possible to process your request or perform the underlying contractual obligations without having this data provided to us.
11. Categories, sources and origin of data
The data we process is determined by the context: This depends, for example, on whether you place an order online or make a request to send us a job application or submit a complaint in our contact form.
Please note that we may also separately provide information for special processing situations in an appropriate place, as when uploading job application documents or making a contact request, for example.
When you visit our website and web shops, we collect and process the following data:
- Name of the Internet service provider
- Information about the website you visited before visiting us
- Web browser and operating system used
- The IP address assigned by your Internet service provider
- Requested files, transmitted data quantity, downloads/ file exports
- Information about the web pages you access on our websites, including dates and times
- For technical security reasons (particularly to defend against attempted attacks on our web server), this data is stored in accordance with Art. 6 para. 1 letter F EU-GDPR. After 7 days at the latest, the data is anonymised by shortening the IP address so that no link to the user can be established.
When you make a contact request, we collect and process the following data:
- Last name, first name
- Contact data (Email adress)
- Indications of desired information
When you place an order, we process the following data:
- Last name, first name
- Date of birth
- Shipping address
- Billing address
- E-mail address
- Data that may be permissibly processed from other sources
When you file online job applications, we collect and process the following data:
- Last name, first name
- Contact data
- Application data
- We also use data that we have permissibly obtained from publicly available directories (e.g. professional networks).
For newsletters, we collect and process the following data:
- Last name, first name
- E-mail address
12. Contact form / Contact by e-mail (Art. 6 para. 1 letter a, b EU-GDPR)
Contact form / contact by e-mail NürnbergMesse GmbH
A contact form that can be used for contacting us electronically is available on our website. When you write to us using the contact form, we will process the data you enter into the contact form to contact you and answer your questions and wishes.
In this respect, we observe the principle of data minimisation and data avoidance in that you only need to enter the data that we absolutely need to contact you. That includes your e-mail address and the message field itself. In addition, your IP address is also processed as a matter of technical necessity and for legal protection. All other data is requested in optional fields and can be provided optionally (e.g. to answer your questions more specifically in relation to you).
If you contact us by e-mail, we process the personal data communicated in the e-mail only for the purpose of processing your request.
Contact form for direct contact with exhibitors
In the exhibitors and products database on our website, you will find a specific contact form for each exhibitor that can be used to establish direct electronic contact with the exhibitor. If you write to the exhibitor using the contact form, the data entered into the entry form will be directly transmitted to the exhibitor and stored there. The exhibitor will process the data entered into the contact form for scheduling appointments, making contact and answering your questions and wishes. In this process, the principle of data minimisation and data avoidance is observed in that you only need to enter the data which the exhibitor definitely needs from you. This includes your e-mail address and the message field itself. In addition, your IP address will be processed as a matter of technical necessity and to legally protect your IP address. All other data are voluntary fields and can be indicated optionally (e.g. to answer your questions in a more individualised way).
13. Newsletter (Art. 6 para. 1 s. 1 letter a EU-GDPR)
You can also subscribe to a free newsletter on our website. The e-mail address indicated in the newsletter application and your name will be used for sending you the personalised newsletter.
In this respect, we observe the principle of data minimisation and data avoidance in that the only mandatory field is your e-mail address (and potentially your name, in the case of a personalised newsletter). As a matter of technical necessity and for legal protection, your IP address is also processed when you order the newsletter.
Naturally, you can always terminate the subscription by exercising the cancellation option provided in the newsletter, thereby revoking your consent. It is also possible to cancel your newsletter subscription directly in our website.
14. Online Exhibitor Shop / TicketCenter (Art. 6 para. 1 s. 1 letter b EU-GDPR)
If you do not consent to further use, we will process the data you entered into the order form only for the purpose of performing or executing the contractual relationship.
The principle of data minimisation and data avoidance is observed in that you only need to enter the data that we absolutely need to perform the contract and fulfil our contractual obligations (thus, your name, address, e-mail address and the payment data required for the chosen form of payment), or data that we are legally required to collect.
As a matter of technical necessity and for legal protection, your IP address will also be processed. Without this data, we would unfortunately have to refuse the contract or terminate an existing contract because we would not be able to perform it. Naturally, you can provide more data if you wish.
We offer exhibitors the option of registering with us by providing personal data. A particular advantage of registration is that you can view your order history and store the data you have entered into the order from so that when you place another order, you will not need to enter it again. Registration is therefore possible either to perform a contract with you (via our online shop) or to take pre-contractual measures. When the registration process is completed, your data will be stored with us so that you can use the protected customer section. As soon as you log in to our website with your e-mail address as your user name and password, this data will be provided for the actions you perform on our website (e.g. orders in our online shop). Orders that have been filled can be viewed in the order history. You can enter changes to the billing or shipping address here.
Registered persons are at liberty to make their own changes or corrections to the billing or shipping address in the order history. Our Customer Service will also gladly make such changes or corrections when you contact them. Naturally, you can always cancel the registration and delete your customer account.
15. Advertising purposes with established costumers (Art. 6 para. 1 s. 1 letter f EU-GDPR)
We have an interest in cultivating customer relationships with our exhibitors and visitors and providing you with information and offers about our own similar events and services. Therefore, the data transmitted upon submitting the application (company name, address, telephone/ fax number and e-mail address) is processed by us and possibly by our service partners so that we can send you event-related information and offers by e-mail, in accordance with Art. 6 para. 1 s. 1 letter f EU-GDPR.
If you do not want this, you can object to the use of your personal data for direct advertising purposes at any time; the same applies to profiling to the extent that it is related to direct advertising. When you notify your objection, we will no longer process your data for this purpose.
The objection can be notified without observing formal requirements and without indication of reasons and without incurring separate costs aside from customary transmission costs at standard rates. It should be directed to NürnbergMesse GmbH, Exhibition Centre, 90471 Nuremberg, or
16. Job application portal (Art. 6 para. 1 s. 1 letter a, b, Art 9 para. 2 letter a EU-GDPR)
We are pleased with your interest in working for NürnbergMesse GmbH. We are well aware of the importance of your data and will process the personal data you provide in the application form only for the purpose of effectively and correctly handling the application process and communicating with you in connection with the application process. Your data will not be transferred to third parties without your consent.
When filling out the application form, you will be asked to submit personal data. In this respect, we observe the principle of data minimisation and data avoidance in that you only need to indicate the data we need to completely review your application materials, such as your curriculum vitae for example, or data which we are legally required to collect. This mandatory information is marked with an asterisk (*). As a matter of technical necessity and for legal protection, your IP address will also be processed.
Without this data, we will unfortunately not be able to review your application materials and for this reason our application system will not permit you to upload your application materials. Naturally, you are at liberty to provide the voluntary information in the application form.
We employ appropriate safeguards to protect the security and confidentiality of your data as well as possible. Our application system will transmit your application documents to us in encrypted form.
We will store your data for the aforementioned purpose until the application process is completed and the related time periods have expired, and at the latest six months after you are notified of our decision. However, you will have the option of storing your application materials with us for a longer period of time and checking them against other vacant positions that match your profile.
You can provide the consent we need for this purpose by checking the box before uploading your application materials. In this case, we will store your data for 12 months. Naturally, you can always revoke your consent with future effect without indication of reasons by calling us at +49 9 11 86 06-0, sending us an e-mail at firstname.lastname@example.org or mailing us a letter to NürnbergMesse GmbH, Messezentrum, 90471 Nuremberg.
17. Use of the dialogue plattforms it-sa 365 and myBeviale.com
Through our dialogue platforms it-sa 365 and myBeviale.com we offer you the opportunity to participate in product presentations, webinars or workshops (so-called "actions") in digital form.
For this purpose, you must provide us with your address and contact data upon conclusion of the contract. We need these data for the initiation or fulfillment of the contract, in accordance with Art. 6 para. 1 letter b EU-GDPR.
You have the option of managing or deleting some of your contract data yourself in the personal area of the dialogue platform.
If you take part in an action, the information you provided during registration (surname, first name, company and e-mail address) will be forwarded to the service provider avodaq AG, Wendenstraße 21 b, 20097 Hamburg, Germany, who is responsible for the technical implementation of the action, insofar as this is necessary to carry out the action. Naturally, the necessary data protection agreements have been concluded with this service provider.
If you take part in an action, your first name and surname will be visible to the other participants of the same event in order to enable you to communicate and network with each other. The legal basis for this is Art. 6 para. 1 letter f EU-GDPR.
Furthermore, we will transmit your registration data (surname, first name, company and e-mail address) to the respective company that carries out the action in order to support customers and interested parties and to process the services offered. Participation in an action is voluntary and does not take place without your further participation. The data is only transmitted to the company when you participate in an action. The transmission is necessary so that we can carry out the online event (Art. 6 para. 1 letter b EU-GDPR).
The data will be deleted as soon as the purpose for collecting the data and statutory storage obligations have been fulfilled. Further information can also be found in the General Conditions of Participation for users of the online platforms it-sa 365 and myBeviale.com.
We embed Vimeo videos on our digital platforms. The operator of the corresponding plugins is Vimeo LLC, 555 West 18th Street, New York, New York 10011, USA. When you visit a page with the Vimeo plugin, a connection to Vimeo servers is established. This tells Vimeo which pages you visit. If you are logged in to your Vimeo account, Vimeo can personally track your surfing behavior. You can prevent this by first logging out of your Vimeo account.
Vimeo is used in the interest of an attractive presentation of our digital platforms. This represents a legitimate interest in the sense of Art. 6 Par. 1 letter f. If consent has been requested, processing will be carried out exclusively on the basis of Art. 6 Par. 1 letter a EU-GDPR; consent may be revoked at any time.
18. Automated decision-making
We do not employ purely automated processing procedures in making our decision.
19. Cookies (Art. 6 para. 1 letter, f EU-GDPR / Art. 6 para. 1 letter a EU-GDPR with consent, § 15 para. 1 German Telemedia Act)
Our web pages use so-called “cookies” in several places. They serve the purpose of making our offering more user-friendly, effective and secure. Cookies are small text files that are placed on your computer and stored by your browser (locally on your hard drive).
These cookies make it possible for us to analyse how users use our websites. They allow us to design the website contents to meet the needs of users, for example. Cookies also enable us to measure the effectiveness of a given advertisement and place it in accordance with the user’s topical interests, for example.
Most of the cookies we use are so-called “session cookies.” These are automatically deleted after your visit. Permanent cookies are automatically deleted by your computer when the corresponding period of validity has expired (usually after six months) or when you delete them yourself before the expiration of the period of validity.
Most web browsers accept cookies automatically. Usually, however, you can also change your browser settings if you would rather not send us the information. In this case, you will still be able to use the offerings of our website without restrictions (exception: configurators).
Please note that when you deactivate cookies, all the functions of our website may not be fully usable.
We have integrated the consent management tool Consentmanager
The purpose of integrating Consentmanager is to let the users of our website decide about the above-mentioned things and, as part of the further use of our website, to offer the option of changing settings that have already been made. By using Consentmanager, personal data and information from the end devices used, such as the IP address, are processed.
You can object to the processing. You have the right to object to reasons arising from your particular situation. To object, please send an email to email@example.com
20. User profiles / Web tracking processes
We use Google Analytics, a web analysis service of Google Inc. (“Google”), on our websites. Google Analytics uses so-called “cookies,” which are text files that are stored on your terminal device and enable us to analyze your use of our websites. The information about your use of our websites that is generated by the cookie is usually transmitted to a Google server in the United States and stored there. Because IP anonymization is activated, however, your IP address is first truncated by Google within the member states of the European Union or in other signatory states of the Agreement on the European Economic Area.
Only in exceptional cases is the full IP address transmitted to a Google server in the United States and truncated there. Google uses this information on our behalf to analyze your use of the website, to compile reports of website activities and to provide other services to us related to website use and Internet use. The IP address transmitted from your browser in connection with Google Analytics is not commingled with other data of Google.
You can prevent the storage of cookies by setting your browser software accordingly; if you do this, however, we point out that you may not be able to fully use all functions on our websites. You can also prevent the reporting of the data generated by the cookie and relating to your use of the website (including your IP address) to Google and the dissemination of these data by Google by downloading and installing the browser plug-in available at the following link: http://tools.google.com/dlpage/gaoptout?hl=en.
You can prevent the collection of your data by Google Analytics by clicking on the following link. This will place an opt-out cookie on your terminal device that will prevent the collection of your data on future visits to this website:
We also use Google Analytics to evaluate data from double-click cookies and AdWords for statistical purposes. If you do not want this to happen, you can deactivate this function in the ad settings manager https://adssettings.google.com/authenticated?hl=en.
We also point out that we use the Google Tag Manager. This function does not collect any personal data. Instead, the Tag Manager makes it easier for us to integrate and manage our tags. Tags are small code elements that serve to measure traffic and user behavior, register the effects of online advertising and social media channels, set up remarketing and the orientation to target groups and test and optimize websites, among other purposes. You can find additional information about the Google Tag Manager here: https://www.google.com/analytics/tag-manager/use-policy/.
We have turned on the advertising reports features in Google Analytics. The demographic and interest reports contain information on age, gender and interests. This allows us - without being able to assign this data to individual persons - to get a better impression of our users. You can learn more about advertising features at https://support.google.com/analytics/answer/3450482?hl=en_AT&utm_id=add.
You can stop the use of the activities and information of your Google account under "Settings for advertising" at https://adssettings.google.com/authenticated via checkbox.
You can find Google’s data protection notice here: https://policies.google.com/privacy?hl=en.
NürnbergMesse GmbH uses the ad server of the company ADITION technologies AG, Am Gatherhof 44, 40472 Düsseldorf.
How does ADITION handle data protection?
In all its data collection processes, ADITION operates in strict compliance with German data protection laws. All stored data is stored on servers located in the territory of Germany. ADITION also meets all P3P (Privacy Preferences Project) standards.
In addition, ADITION points out that all ADITION employees are bound to uphold data secrecy. ADITION’s customers are similarly bound by clauses in its General Terms and Conditions (GTCs) and separate data protection clauses.
Cookie opt-out / How can I deactivate the collection of anonymised data by ADITION?
The collection of anonymised data can be stopped by clicking on the following link. When you do this, ADITION will replace the current cookie with a new opt-out cookie. This opt-out cookie will delete all information stored to date, including the IP address, and prevent the further collection of anonymised information.
IMPORTANT NOTE: If this opt-out cookie is deleted, ADITION will no longer be able to tell that an opt-out has been performed. In this case, you will have to repeat the opt-out process.
How can cookies be completely deactivated?
Commonly used Internet browsers are set by default to accept cookies as a rule. This setting can be changed in the browser’s Internet options.
We use the offering of Google Adwords to bring attention to our attractive offerings with the aid of advertisements (so-called Google Adwords) on external websites. Based on data from advertising campaigns, we can determine the success of individual advertising measures. We do this in the interest of showing you ads that are of interest to you, making our website more interesting for you and ensuring the fair charging of advertising costs.
Google delivers these ads via so-called “ad servers”. To this end, we use ad server cookies with which certain parameters of success measurements, such as the placement of ads or clicks by the user. If you come to our website from a Google ad, Google Adwords stores a cookie on your PC. These cookies usually lose their validity after 30 days and are not meant to identify you personally. Analysis values such as the unique cookie ID, number of ad impressions per placement (frequency), last impression (relevant for post-view conversions) and opt-out information (indication that the user no longer wants to be targeted) are generally stored in this cookie.
These cookies allow Google to recognise your Internet browser again. If a user visits certain pages of the website of an Adwords customer and the cookie stored on his computer has not yet expired, Google and the customer can tell that the user clicked on the ad and was redirected to this page. A different cookie is assigned to every Adwords customer. Therefore, the cookies cannot be traced back to the web sites of Adwords customers. We ourselves do not collect or process any personal data in the aforementioned advertisement measures. We only receive statistical analyses from Google. Based on these analyses, we can determine which of our advertising measures are especially effective. We do not receive any data from the use of advertisements and in particular, we are unable to identify users on the basis of this data.
Due to the marketing tools in use, your browser automatically establishes a direct connection with the Google’s server. We have no influence over the scope and further use of data collected from Google’s use of this tool and therefore the following information reflects our current knowledge: Due to the integration of AdWords Conversion, Google receives the information that you have visited the corresponding part of our website or clicked on one of our ads. If you are registered for a Google service, Google can attribute the visit to your account. Even if you are not registered with Google or have not logged in, it is possible that the vendor may find out and store your IP address.
You can prevent your participation in this tracking process in different ways:
a) by changing the corresponding setting of your browser software; in particular, the suppression of third-party cookies means that you will no longer receive ads from third-party vendors;
b) by deactivating the cookies for conversion tracking by setting your browser in such a way that cookies from the domain “www.googleadservices.com” are blocked,
, these setting being deleted when you delete your cookies;
c) by deactivating the vendor’s interest-themed ads that are part of the self-regulation campaign “About Ads” at the link
this setting being deleted when you delete your cookies;
d) by means of permanent deactivation in the browsers Firefox, Internet explorer or Google Chrome at the link
Please note that if you do this, you may not be able to fully use all the functions of this offering.
The legal basis for processing your data is Art. 6 para. 1 S. 1 letter f DS-GVO. You can find additional information about Google’s data protection policies here:
Alternatively, you can visit the website of the Network Advertising Initiative (NAI) at
Google has subjected itself to the EU-US Privacy Shield,
Besides Adwords Conversion, we also use the Google Remarketing application. This is a process by which we would like to address you again. By means of this application, we can place our advertisements in other websites after you visit our website. This is done by means of cookies stored in your browser that enables Google to collect and analyse information about your usage behaviour when visiting different websites. For example, Google can determine your previous visit to our website. According to its own statements, Google does not combine the data collected within the scope of remarketing with any personal data that Google may have stored. In particular, pseudonymisation is employed for remarketing, according to Google.
Alternatively, the user can disable the Doubleclick cookies on the Digital Advertising website under the following
This website uses Google DoubleClick (Floodlights) cookies. Doubleclick is a service of Google Inc., 1600 Amphitheater Parkway, Mountain View, CA 94043, USA. Cookies are small text files that are stored in the browser of a user. The cookies are used to advertise products of this website provider (retargeting). At a later time, advertisements (e.g., banner ads, text-picture advertisements, videos, etc.) may be displayed to the users on other websites. Your browser will be assigned a pseudonymous identification number (ID). All data is recorded anonymously so that no conclusion can be drawn about specific persons. Users can opt-out from retargeting by modifying their
for Google Remarketing Tags. Alternatively, users may disable the use of 3rd-party cookies by using the
Facebook & Instagram (Facebook Pixel)
Our websites https://www.biofach.de/, https://www.vivaness.de/, https:/www.iwa.info as well as https://www.hubana.events/ use the Facebook pixel to display personalized advertisements from us and third parties for you on the Facebook and Instagram platforms (Facebook Inc., 1601 Willow Road, Menlo Park, California, 94025, USA and Instagram LLC., 1601 Willow Road, Menlo Park, California 94025, USA).
With he help of the Facebook ad manager, we define target groups of users based on certain characteristics, who are subsequently shown ads within the Facebook and Instagram network. Users are selected by Facebook based on the profile information they provide and other data provided through their use of Facebook. If a user clicks on an advertisement and subsequently arrives on our website, Facebook receives the information that users have clicked on our advertising banner via the Facebook pixel embedded on our website.
The Facebook pixel logs when you take an action on our website.
Such actions are the addition of an item to the shopping cart, a registration, a search (also location-based), a lead, a contact, a purchase transaction and a purchase completion.
For this purpose, we transmit information about your user activities on our website and certain personal data (such as your pixel ID, Facebook cookie, IP address, browser properties and click data) to Facebook via the pixel. Furthermore, the Facebook Pixel can be used to reach visitors of the social networks Facebook and Instagram whose interests are similar to our previous customers. In addition, visitors who have already interacted with our company in the past can be addressed again with interest-based advertisements ("Facebook Ads" / "Instagram Ads")
Due to the marketing tools used, your browser automatically establishes a direct connection with the Facebook server. We have no influence on the scope and further use of the data collected by Facebook through the use of the pixel.
Insofar as you have given your consent for the storage of the Facebook pixel, this is done on the basis of Art. 6 para.1 lit. a DSGVO for marketing and optimization purposes, in particular to place relevant and interesting ads for you on Facebook and thus improve our offer.
Furher information from the third-party provider on data protection can be found on the following Facebook website: www.facebook.com/about/privacy. Information on the Facebook pixel can be found on the following Facebook website: www.facebook.com/business/help/651294705016616.
You can revoke your consent to the use of the Facebook pixel at any time with future effect by accessing this in our cookie settings here and changing your selection there.
Twitter Conversion Tracking
Our websites https://www.biofach.de/, https://www.vivaness.de/, https:/www.iwa.info as well as https://www.hubana.events/ use Twitter "Conversion Tracking" (Twitter Inc., 1355 Market Street, Suite 900, San Francisco, California, 94103, USA). With the Twitter remarketing function, we can address you with advertising based on your interests on the Twitter platform. For this purpose, Twitter uses so-called "tags". The tag for conversion tracking ("Twitter pixel") is used, with the help of which the actions of users can be tracked after they have clicked on a Twitter advertisement. It records visits to our website as well as data about usage (e.g. all interactions regarding the displayed advertisement such as clicking on links, retweets or likes) in pseudonymous, non-personal form.
The Twitter pixel also logs when you take an action on our website.
Suh actions are page views, adding an item to the shopping cart, a registration, a search, a lead, a purchase and a purchase completion
Due to the marketing tools used, your browser automatically establishes a direct connection with Twitter's server. We have no influence on the scope and further use of the data collected through the use of conversion tag by Twitter.
Insofar as you have given your consent for the collection of data, this is done on the basis of Art. 6 para.1 lit. a DSGVO for marketing and optimization purposes.
You can change your privacy settings on Twitter in the account settings at: https://help.twitter.com/de/managing-your-account.
You can revoke your consent to the use of conversion tracking at any time with effect for the future by accessing this in our cookie settings here and changing your selection there.
This website uses the online advertising programme Zemanta Conversion Tracking. The conversion tracking tag is set when a user clicks on an advertisement in the Zemanta network. These tags are not used for personal identification. If the user visits certain pages of this website and that tag has not yet expired, we and Zemanta can recognise that the user has clicked on the advertisement and has been taken to this web page.
To opt out:
By enabling your browser's do-not-track feature, you can ensure that no personally identifiable information is collected.
Further information is available at https://www.dynatrace.com/support/help/how-to-use-dynatrace/data-privacy-and-security/.
This website uses the online advertising program Outbrain Conversion Tracking. The cookie for conversion tracking is placed when a user clicks on an ad in the Outbrain network. These cookies do not serve the purpose of personal identification. If the user visits certain pages of this website and the cookie has not yet expired, we and Outbrain can see that the user clicked on the ad and was taken to this page. Further information about the data protection and cookies of Outbrain Inc., 39 West 13th Street, 3rd floor, New York, NY 10011, can be found here:
You can find opt-out information at “Outbrain user types (including deactivation / opt-out).”
This website uses the online advertising program Taboola Conversion Tracking. The cookie for conversion tracking is placed when a user clicks on an ad in the Taboola network. These cookies do not serve the purpose of personal identification. If the user visits certain pages of this website and the cookie has not yet expired, we and Taboola can see that the user clicked on the ad and was taken to this page. Further information about the data protection and cookies of Taboola Inc., 28 West 23rd St., 5th fl., New York, NY 10010, can be found here:
You can find opt-out information at “Site Visitor Choices.”
LinkedIn Analytics und LinkedIn Ads
Our websites www.biofach.de, www.vivaness.de, www.iwa.info and www.hubana.events use the conversion tracking technology and the retargeting function of LinkedIn Corporation (LinkedIn Ireland, Wilton Place, Dublin 2, Ireland). With the help of this technology, visitors to this website can be shown personalized advertisements on LinkedIn. Furthermore, the possibility arises to create anonymous reports on the performance of the advertisements as well as information on website interaction. For this purpose, the LinkedIn Insight tag is embedded on this website, which establishes a connection to the LinkedIn server if you visit this website and are logged into your LinkedIn account at the same time.
This informs LinkedIn that you have visited our website, whereby your IP address is also collected. In addition, timestamps and events such as page views are stored. In this way, we learn about which LinkedIn ad or interaction o LinkedIn you came to our website. This allows us to better control the playout of our advertising.
LinkedIn Conversion Tracking logs when you take an action on our website.
Such actions include adding an item to the cart, a registration, a search, a lead, a contact, a purchase transaction, and a purchase completion.
Due to the marketing tools used, your browser automatically establishes a direct connection with LinkedIn's server. We have no influence on the scope and further use of the data collected by LinkedIn through the use of Insight Tag.
Insofar as you have given your consent for the collection of data, this is done on the basis of Art. 6 para.1 lit. a DSGVO for marketing and optimization purposes.
You can find additional information about data collection and data use, as well as privacy protection possibilities and rights, at the LinkedIn data protection policy at
If you are logged in to LinkedIn, you can always deactivate data collection at the following link:
You can revoke your consent to the use of LinkedIn tracking technology at any time with future effect by accessing this in our cookie settings here and changing your selection there.
- For BIOFACH and VIVANESS, FACHPACK and MedtecLIVE, we use the conversion tracking of Adform A/S, Wildersgade 10B, 1. sal. 1408 Copenhagen, Denmark (hereinafter "Adform"). The cookie is set as soon as you have contact with an advertising medium (e.g. advertising banner) placed by us via Adform and has a validity of 60 days. The cookie is used to serve ads that are relevant to users, to improve campaign performance reports, or to prevent a user from seeing the same ads more than once. Using a cookie ID, Adform records which ads are served in which browser and can thus prevent them from being displayed more than once. In addition, Adform can use cookie IDs to record so-called conversions that are related to ad requests. This is the case, for example, when a user sees an Adform ad and later uses the same browser to visit the advertiser's website and make a purchase. Adform cookies do not contain any personal information such as email addresses, names or addresses.
- We do not merge the advertising ID with personal data. We use conversion tracking to track the success of the advertising measures we use. The legal basis is Art. 6 para. 1 s. 1 letter f) EU-GDPR.
- You can prevent participation in this tracking procedure in various ways:
- by an appropriate setting of your browser software, in particular the suppression of third-party cookies will result in you not receiving ads from third-party providers;
- by deactivating Adform's cookies via your browser at https://site.adform.com/privacy-center/platform-privacy/opt-out/
- by means of the appropriate cookie setting
- For more information about Adform, please visit https://site.adform.com/ and about data protection at Adform A/S Denmark in general: https://site.adform.com/privacy-center/overview.
21. Social media plug-ins of social networks / YouTube
We have no influence on the data collected and the data processing procedures and we also do not know the full extent of data collection, the purposes of processing or the storage periods. We also have no information about the deletion of collected data by the plug-in provider.
The plug-in provider stores the data collected on you in the form of usage profiles and uses them for purposes of advertising, market research and/or designing its websites to meet the needs of users. Such analysis is particularly performed (also for users who are not logged in) to present relevant advertisements and to inform other users of the social network about your activities on our website. You have the right to object to the formation of these user profiles, for which purpose you must contact each plug-in provider. With these plug-ins, we give you the opportunity to interact with the social networks and other users so that we can improve our offering and make it more interesting for you as the user.
The basis for the processing of your personal data is your consent, the legal basis is Art. 6 para. 1 s. 1 lit. a EU-GDPR.
The plug-in provider processes and stores your data in the USA. They are obliged by corresponding contractual regulations to comply with the data protection standards and the data protection level of the EU. Data processing or storage in third countries can also take place on the basis of your consent (Art. 49 para. 1 s. 1 lit. a EU-GDPR), in which case you will be informed of this separately when obtaining your consent.
You can revoke your consent at any time for the future. To do so, simply call up our Consent banner and deselect the corresponding setting. Please note that the change in the Consent Banner settings must be made individually for each end device.
Data is transferred regardless of whether you have an account with the plug-in provider and are logged in to it. When you are logged in to the plug-in provider, your data that is collected by us is directly attributed to your account with the plug-in provider. If you activate the button and link to the page (for example), the plug-in provider will also store this information in your user account and publicly share it with your contacts. We recommend that you always log out after using a social network, but especially before activating the button because this way you can prevent the attribution of information to your profile with the plug-in provider.
You can find additional information about the purpose and scope of data collection and processing by the plug-in provider in the data protection policies of these providers, which are shared in the following. There you will also find additional information about your rights and setting options to protect your privacy.
Addresses of plug-in providers and URLs with their data protection policies:
Facebook Inc., 1601 S California Ave, Palo Alto, California 94304, USA;
additional information on the subject of data collection:
Facebook has subjected itself to the EU-US Privacy Shield,
Google Inc., 1600 Amphitheater Parkway, Mountainview, California 94043, USA;
Google has subjected itself to the EU-US Privacy Shield,
Twitter, Inc., 1355 Market St, Suite 900, San Francisco, California 94103, USA;
Twitter has subjected itself to the EU-US Privacy Shield,
Xing AG, Gänsemarkt 43, 20354 Hamburg, DE;
LinkedIn Corporation, 2029 Stierlin Court, Mountain View, California 94043, USA;
LinkedIn has subjected itself to the EU-US Privacy Shield,
Instagram, LLC Instagram Inc., 1601 Willow Road, Menlo Park, CA 94025, USA;
Our website includes links to videos from the external video platform YouTube. The associated plugins are operated by YouTube, LLC, 901 Cherry Ave., San Bruno, CA 94066, USA. By default, only inactivated images from the YouTube channel are embedded and do not provide an automatic connection to YouTube’s servers. Consequently that operator receives no user data when you view these Web pages.
You can decide for yourself whether YouTube videos should be activated. Your consent for the necessary data to be transferred to the operator (including the Internet address of the current page and the user’s IP address) will only be given when you approve for the video to play by clicking “start video”.
To store the setting that a user wishes, we set a cookie that contains these parameters. When we set these cookies, we do not store any personal data – the cookies contain only anonymized data to adjust the browser. Then the videos will be active and you can play them. If you want to inactivate automatic loading for YouTube videos, you can change your Web browser’s settings to reject cookies or limit their acceptance.
22. About data protection on Facebook
NürnbergMesse GmbH maintains Facebook pages. To the extent that we have control over how your data are processed, we make sure the applicable data protection regulations are obeyed.
Below, you can find the most important information about data protection law as it applies to our company websites.
Name and address of data controller for business
In addition to NürnbergMesse GmbH, the following is a data controller for the company’s Web pages under the terms of the EU General Data Protection Regulation (GDPR) and other provisions of data privacy law:
(Facebook Ireland Ltd., 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Irland)
However, if you use the Facebook platform and its functions, you do so at your own risk. This especially applies to using interactive functions (e.g., Comment, Share, Like).
We would also like to point out that in these cases your data may be processed outside the territory of the European Union. We should point out that US providers certified under the “Privacy Shield” have agreed to comply with EU data protection standards.
Purpose and legal basis
We ourselves maintain the fan pages to communicate with those pages’ visitors and to keep them informed about our latest developments.
We also gather data for statistical purposes, so that we can refine and optimise content and make our services more attractive. The social networks process the necessary data for this purpose (e.g., total number of page visits, page activities and data provided by visitors, interactions) and make them available. We have no influence over how these data are generated or presented.
Your personal data will also be processed for market research and advertising purposes by the Facebook providers, and by NürnbergMesse GmbH as well. It may thus happen that user profiles may be developed from your usage and the interests that usage indicates. These profiles may be used for such purposes as displaying ads that presumably match your interests, both on and off the platforms. As a rule, cookies are stored on your computer for such purposes. Irrespective of those cookies, your user profiles may also store data that are not gathered directly on your devices.Such data may also be stored and analysed across multiple devices, especially – though not only – if you are a registered member and have logged into the platform.
Other than the above, we do not gather or process any personal data.
NürnbergMesse GmbH will process your personal data on the basis of our legitimate interest in effectively providing information and communication under Art. 6 (1) (f) of the EU GDPR.
If your consent is requested for data processing – in other words, if you indicate your consent by confirming on a button or the like (“opt in”) – your data will be processed on the basis of Art. 6 (1) (a) and Art. 7 of the EU GDPR.
Your rights / Right to object
If you are a Facebook member and do not want the network to gather data about you by way of our page and to link those data with the member data the network has stored for you, you must:
- log out of the network before visiting our fan page,
- delete the cookies on your device, and
- close and restart your browser.
However, once you log in again, the network will again be able to recognise you as a particular user.
For a detailed discussion of the various ways in which your data are processed and how you can object to that processing (“opt out”), please see the information in the following links:
Overall, you have the following rights concerning how your personal data are processed: a right of access; a right to rectification; a right to erasure; a right to restrict processing; a right to object to processing; a right to data portability; a right to lodge a complaint with a supervisory authority about unlawful processing of your personal data.
However, as NürnbergMesse GmbH does not have full access to your personal data, you should assert your rights directly to the provider of the social media. These providers have access to their users’ personal data, and they are the ones who can take the appropriate measures and provide information.
Nevertheless, we will of course be happy to assist you if you need help. Please contact
Notes on copyright
If you wish to publish pictures, text, maps, videos, music, etc. on our site, you should be aware that you may thereby assign all rights of use to the network. This may ultimately have legal consequences for you if you yourself are not the author of the materials or do not hold the rights to them.
23. Links to other providers
Our website contains clearly recognisable links to the websites of other companies. When we link to the websites of other providers, we have no influence on their content. Therefore, we also assume no responsibility and liability for this content. Each provider or website operator is responsible for the content of these web pages.
The linked pages were checked for potential legal violations and discernible infringements at the time when the links were placed. No unlawful content was discernible at the time of placing the links. However, we cannot be reasonably expected to permanently review the content of linked websites without concrete indications of a legal infringement. Such links are removed immediately when we become aware of legal infringements.
24. Video Conferencing
Microsoft Teams (Art. 6 para. 1 letter b EU-GDPR)
We use the video conferencing tool Microsoft Teams to communicate with our customers, business partners or exhibitors. We use this tool to conduct video conferences, telephone conferences or online meetings. Microsoft Teams is a service provided by Microsoft Corporation (One Microsoft Way, Redmond, WA 98052-6399, USA).
Microsoft Teams can be used either via your web browser or, alternatively, via the MicrosoftTeams app installed on your end device.
When using Microsoft Teams, different types of data are processed. Which data is processed also depends on the information you provide.
When using Microsoft Teams, your user data stored with Microsoft Teams (e.g. name, mail address, profile picture, language, etc.) will be processed. Furthermore, connection data (e.g. IP address) and metadata (e.g. meeting ID, phone numbers, dates, etc.) are collected. Finally, image and sound data from you will be processed. For this purpose, Microsoft Teams obtains access to the camera and microphone of your end device for the duration of the transmission, if you allow this. You can interrupt the image and sound transmission at any time. In addition, it is possible to make text entries (chat) and to transfer files together with their content (in the case of file exchange).
A logging of the chat process does not take place. Likewise, no video or audio recording is made and is prohibited. If, in exceptional cases, a recording is to be made, the express consent of all persons concerned will be obtained in advance.
The processing of data is carried out for the purpose of conducting video conferences and serves to carry out pre-contractual measures or contract performance, Art. 6 para. 1 letter b EU-GDPR.
The data will only be stored for as long as is necessary to achieve the purpose and no legal retention obligations prevent deletion. Please note that the data may have to be stored for verification purposes based on legal retention obligations. In this case, the data will be deleted at the latest after expiry of the respective retention obligation.
The processing of personal data takes place exclusively within the EU/EEA. Only in certain exceptional cases (e.g. creation of a support ticket), it cannot be excluded that personal data is also processed outside the EU/EEA. Microsoft is obligated by corresponding contractual regulations to comply with EU data protection standards and to guarantee the European level of data protection. The necessary contractual framework for data processing by Microsoft Teams has been concluded.
Further information on data processing by Microsoft Teams can be found at: