Privacy
Last updated: February, 2024
Welcome to our website and thank you for your interest in our privacy notice. The protection of your personal data is important to us and the processing of your data performed is strictly in compliance with applicable data protection laws and regulations. This Privacy Notice explains how Forum Event Management GmbH, Kemperplatz 1, 10785 Berlin (“we,” “us,” or “our”) as the responsible data controller collects, uses, discloses or otherwise processes your personal data.
1). Subject of data protection
The subject of data protection is personal data, thus all information relating to an identified or identifiable natural person (hereinafter referred to as the “user” or “you”); an identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, location data, an online identifier (e.g. cookie) or to one or more specific factors.
The following describes the types of personal information we may collect and how we use it: Information you provide when contacting us:
1.1). Automated data collection
When accessing our website, your end device automatically transmits data for technical reasons. The following data is stored separately from other data that you may transmit to us:
- URL of the page accessed
- Latency of the network connection
- Date and time
We store this data for the following purposes:
- to ensure the security of our IT systems, e.g. to defend against specific attacks on our systems and to recognize attack patterns;
- to ensure the proper operation of our IT systems, e.g. if errors occur that we can only rectify by storing the IP address;
- to enable criminal prosecution, averting of danger or legal prosecution in the event of specific indications of criminal offences.
Like many businesses, we also collect information through cookies and similar technologies.
1.2). Information that you provide to us as the moment you get in contact with us
If you contact us by email or through the contact form provided on this website, the personal data you submit will be stored for the purpose of processing your request and to address possible follow-up questions. The personal data will only be used for the purpose for which you made it available to us when contacting us. The provision of this information is entirely voluntary and performed with your consent. You agree in particular that we may contact you through the communication channels mentioned in your request (such as your e-mail address, telephone number or postal address) in order to respond to your request. You can revoke your consent at any time with effect to the future by sending an email to Privacy.Germany@oxfordproperties.com. The further storage of the data transmitted in the context of your inquiry is based on our legitimate interest in the proper documentation of our business operations and the safeguarding of our legal positions as well as, if necessary, for the fulfillment of legal obligations.
1.3). Newsletter
By subscribing to our newsletter, you consent to us processing your email address for sending the newsletter. You can revoke your consent at any time by unsubscribing from our newsletter. To do so, you can use the unsubscribe link included in every email or send us a message to Privacy.Germany@oxfordproperties.com. To verify your e-mail address, you will first receive a registration e-mail which you must confirm via a link (double opt-in). When you register for the newsletter, we store the IP address and the date and time of registration. The processing of this data is necessary to prove that consent has been given.
1.4). Information collected by means of technology
We may collect some information from your computer through the use of cookies such as your IP address, your browser type and version, your oper-
ating system or the URLs you come from and go to next. To find out more about the use of cookies on this website and how to manage and delete cookies, please review our Cookie Notice. In the event that you have signed up for a newsletter provided by us, we may use technical means to collect information to evaluate the effectiveness of our communications.
2). How we use your personal data
Unless otherwise described in this Privacy Notice, your personal data will only be collected, stored or otherwise processed for our own business purposes and only to the extent necessary to provide the services or content that you have requested, such as sending you our newsletter. Our website is made available to all users without requiring them to disclose any personal data to us.
3). Sharing your personal data with technical service providers
We cooperate with technical service providers in order to offer our services. For example, we use technical service providers for hosting and some of the services required for the website. Accordingly, the processing of data takes place on the servers of these service providers. These service providers process the data only according to our explicit instructions and are obliged to guarantee sufficient technical and organizational measures for data protection. Consequently, our service providers act for us as so-called order processors within the meaning of Article 28 of the General Data Protection Regulation (GDPR). We may pass on your personal data to these technical service providers in order to fulfill the purposes described in this data protection directive. This may include, but is not limited to, sharing your personal data with email delivery providers, IT software providers, marketing and research agencies, analytics companies, and website service providers that assist us with our processes and Sony Center-based companies. We ensure that the relevant service providers guarantee, contractually or otherwise, an equivalent level of data protection.
4). Passing on of data
Beyond the cases described, your personal data will only be passed on without your express prior consent
in the following cases:
- If it is necessary for the clarification of an illegal use of our services or for legal prosecution, personal data will be forwarded to the law enforcement authorities and, if necessary, to injured third parties. However, this only happens if there are specific indications of unlawful or abusive behavior. A transfer may also take place if this serves to enforce terms of use or other agreements. We are also legally obliged to provide information to certain public authorities upon request. These are law enforcement agencies, authorities that prosecute administrative offences subject to fines, and the tax authorities. This data is disclosed on the basis of our legitimate interest in combating abuse, prosecuting criminal offences, and securing, asserting, and enforcing claims and provided that your rights and interests in the protection of your personal data are not overridden.
- We disclose personal data to auditors, accounting service providers, lawyers, banks, tax consultants, and similar bodies insofar as this is necessary for the provision of our services or the proper operation of our business or we are obliged to do so.
- We rely on contractually affiliated third-party companies and external service providers (“processors”) to provide the services. In such cases, personal data is passed on to these processors to enable them to continue processing. These processors are carefully selected and regularly reviewed by us to ensure that your rights and freedoms are protected. The processors may only use the data for the purposes specified by us and are also contractually obliged by us to treat your data exclusively in accordance with this privacy policy and the German data protection laws.
- As part of the further development of our business, it may happen that our structure changes by changing the legal form, founding, buying, or selling subsidiaries, parts of the company, or components. In such transactions, customer information is passed on together with the part of the company to be transferred. Whenever personal information is disclosed to third parties to the extent described above, we will ensure that this is done in accordance with this privacy policy and the relevant data protection laws. Any disclosure of personal data is justified by the fact that we have a legitimate interest in adapting our corporate form to the economic and legal circumstances as necessary.
5). Social Media
We operate pages and profiles on various social media platforms. In this context, personal data is processed as described below. If you interact with us via our social media sites or our posts, we will collect and process the information you provide in connection with this, including your username and any profile photo, for example if you mark a post with “Like”, share or “retweet”, comment or provide other content. The data processing in this regard is regularly carried out on the basis of our legitimate interest in making the corresponding functions available on our social media sites and, if applicable, on the basis of your consent vis-à-vis the operator of the respective network or your contractual relationship with the operator. Please also note that this content is published on our relevant social media sites in accordance with your account settings and can be accessed by anyone worldwide.
Further data processing by us may take place in order to be able to accept and process inquiries or messages via our social media sites.
In addition, the respective operators collect and process personal data from you in their own data protection responsibility when you visit our social media sites and/or interact with them or our contributions. This applies in particular if you are registered or logged in to the corresponding network. Even if you are not logged into a network, the operators collect certain personal data when you call up the page, such as unique identifiers that are linked to your browser or your device. Please note that this data may be aggregated across different platforms and services if they are operated by the same operator. For example, both Facebook and Instagram are operated by Facebook Ireland Limited. Further information can be found in the data protection notices of the respective operators, to which we refer below.
Specifically, we operate the following social media presences:
5.1). Facebook
You can find our Facebook fan page at: https://www.facebook.com/dascenterampotsdamerplatz/
Facebook is operated by Facebook Ireland Limited, 4 Grand Canal Square, Dublin 2, Ireland (“Facebook”). If you visit or like our Facebook page as a registered Facebook user, Facebook collects personal data from you. Even if you are not registered with Facebook and visit our Facebook page, Facebook may collect pseudonymous usage data from you. For more information, please see Facebook’s data policy at https://www.facebook.com/about/privacy/ and at https://www.facebook.com/legal/terms/information_about_page_insights_data. In the data policy, you will also find information on the settings options for your Facebook account.
Your personal data may also be provided to other Facebook companies. This may involve the transfer of personal data to the USA and other third countries for which there is no EU Commission adequacy decision. In this case, Facebook will use the standard contractual clauses approved by the EU Commission. Further information can also be found in Facebook’s data policy.
In addition, as part of the operation of our Facebook page, we are jointly responsible with Facebook for the processing of so-called page insights. With the help of these page insights, Facebook analyses the behavior on our Facebook page and provides us with this information in non-personal form. For this purpose, we have concluded a joint data protection responsibility agreement with Facebook Ireland, which you can view at the following link: https://www.facebook.com/legal/terms/page_controller_addendum. In this agreement, Facebook undertakes, among other things, to assume primary responsibility under the GDPR for the processing of Page Insights and to comply with all obligations under the GDPR with regard to the processing of Page Insights.
5.2). Instagram
You can find our Instagram profile at: https://www.instagram.com/dascenterampotsdamerplatz/
Instagram is operated by Facebook Ireland Limited, 4 Grand Canal Square, Dublin 2, Ireland (“Facebook Ireland”). The Instagram privacy policy can be found at: https://help.instagram.com/519522125107875. In it, you will also find information on the settings options for your account.
Your personal data may also be made available to other Facebook or Instagram companies. This may involve the transfer of personal data to the USA and other third countries for which there is no EU Commission adequacy decision. In this case, Facebook will use the standard contractual clauses approved by the EU Commission. Further information can also be found in the Instagram Privacy Policy.
In addition, as part of the operation of our Instagram page, we are jointly responsible with Facebook for the processing of so-called Instagram Insights. With the help of these Instagram Insights, Facebook analyses the behavior on our Instagram page and provides us with this information in non-personal form. For this purpose, we have concluded a joint data protection responsibility agreement with Facebook, which you can view at the following link: https://facebook.com/legal/terms/page_controller_addendum. In it, Facebook undertakes, among other things, to assume primary responsibility under the GDPR for the processing of Instagram Insights and to fulfill all obligations under the GDPR with regard to the processing of Page Insights.
5.3). LinkedIn
You can find our LinkedIn account at:
- https://www.linkedin.com/company/oxford-properties-group/mycompany/
- https://www.linkedin.com/company/the-center-potsdamer-platz
For users located in the European Economic Area and Switzerland, LinkedIn is operated by LinkedIn Ireland Unlimited Company, Wilton Plaza, Wilton Place, Dublin 2, Ireland (“LinkedIn Ireland”). You can find LinkedIn’s data protection guidelines here: https://www.linkedin.com/legal/privacy-policy?trk=organization-guest_footer-privacy-policy. In it, you will also find information on the settings options for your LinkedIn profile.
Please note that LinkedIn also transfers personal data to third countries outside the European Economic Area for which there is no EU Commission adequacy decision. Insofar as such a transfer occurs, LinkedIn will use the standard contractual clauses approved by the EU Commission. Corresponding information can be found at https://www.linkedin.com/help/linkedin/answer/62533.
Finally, we receive non-personal information and analytics from LinkedIn about the use of our account or interactions with our posts. This information allows us to analyze and optimize the effectiveness of our LinkedIn activities. The processing that takes place within this context is based on our legitimate interest in optimizing our LinkedIn activities.
5.4). Vimeo without Tracking (Do-Not-Track)
This website uses embedded videos of the video portal Vimeo. The provider is Vimeo Inc, 555 West 18th Street, New York, New York 10011, USA. Furthermore, Vimeo has committed to continue to comply with the self-imposed obligations from the former Privacy Shield Agreement.
When you visit our website equipped with a Vimeo video, a connection to the Vimeo servers is established. In the process, the Vimeo server is informed which website you have visited. In addition, Vimeo obtains your IP address. However, we have set Vimeo so that Vimeo will not track your user activity and will not set any cookies.
The use of Vimeo is in the interest of an appealing presentation of our website. This represents a legitimate interest within the meaning of Art. 6 (1) lit. f DSGVO; consent can be revoked at any time. The data transfer to the USA is based on the standard contractual clauses of the EU Commission and, according to Vimeo, on “legitimate business interests.”
For more information on the handling of user data, please refer to the Vimeo data protection statement at: https://vimeo.com/privacy.
5.5). Use of embedded Google Maps
Some of the LMU internet pages use the Google Maps service. This service is provided by Google Inc., 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA. The referral occurs exclusively by means of an API (two-click method). The data will only be sent to Google by this program interface after you click on the “Switch to Google Maps” button.
When using the Google functions, Google will process your IP address and possibly other personal data (e.g., information about your use of this internet page or subsequent pages or the data offered in Google Maps). Google thus obtains information that you have called up our internet page or the corresponding subsequent pages. This information is usually sent to and saved on a Google server in the USA. This will occur independently of whether Google has set up a user account that you have requested or whether no user account exists at all. If you are logged in to Google, your data will probably be assigned directly to your user account. If you do not want this data to be assigned to your profile at Google, then you must first log off your user account at Google before you switch to Google Maps. However, Google will save your data (even for users not logged on or registered) as a user profile and will evaluate this data for their own internal purposes for advertising, market research, and needs-based structuring of their internet pages, and may also inform other users of the social network about your activities on our internet page.
You have a right to object to the formation of this usage profile; to exercise this right, you must apply directly and exclusively to Google. The LMU, as the provider of our internet pages, has no influence on this data processing. If you do not agree to the transfer of your personal data to Google, then do not click on “Switch to Google Maps.” In this case, no data will be transferred to Google; however, a map will also not be opened.
Your personal data will only be collected and transferred to Google by our internet page if you click on the button “Continue to Google Maps.” The use of Google Maps is not absolutely necessary to obtain information about our internet pages and is thus voluntary for you. The incorporation of Google Maps into our internet pages occurs in the interest of a responsive presentation of our internet offers and to ensure a fast and convenient finding of sites available on our internet pages. This represents a justifiable interest within the meaning of Art. 6 para. 1 f) GDPR. In addition, Google Inc. is certified under the EU-US “Privacy Shield” Data Protection Agreement, whereby Google ensures a level of data protection equivalent to that of the EU regarding data processing.
More information on the handling of usage data is found in the Google terms of usage at:
- http://www.google.de/intl/de/policies/terms/regional.html
- or for Google Maps at https://www.google.com/intl/de_US/help/terms_maps.html
- The Google data privacy policy is found at https://www.google.de/intl/de/policies/privacy/
- and the data privacy policy for Google Maps is found at: https://www.google.com/intl/de_de/help/terms_maps/
6). Google Analytics 4
If you have given your consent, this website uses Google Analytics (GA4), a web analytics service provided by Google LLC. The responsible party for users in the EU/EEA and Switzerland is Google Ireland Limited, Google Building Gordon House, 4 Barrow St, Dublin, D04 E5W5, Ireland (“Google”).
Google Analytics uses cookies that enable an analysis of your use of our websites. The information collected by means of the cookies about your use of this website is generally transferred to a Google server in the USA and stored there.
We use the User ID function. User ID allows us to assign a unique, persistent ID to one or more sessions (and the activities within those sessions) and to analyze user behavior across devices.
We use Google Signals. This allows Google Analytics to collect additional information about users who have personalized ads enabled (interests and demographics), and ads can be delivered to these users in cross-device remarketing campaigns.
Google Analytics 4 has IP address anonymization enabled by default. Due to IP anonymization, your IP address will be shortened by Google within member states of the European Union or in other states party to the Agreement on the European Economic Area. Only in exceptional cases will the full IP address be transferred to a Google server in the USA and shortened there. According to Google, the IP address transmitted by your browser as part of Google Analytics will not be merged with other Google data.
During your website visit, your user behavior is recorded in the form of “events”. Events can be:
- Page views
- First visit to the website
- Start of session
- Your “click path,” interaction with the website
- Scrolls (whenever a user scrolls to the bottom of the page (90%))
- Clicks on external links
- Internal search queries
- Interaction with videos
- File downloads
- Seen/clicked ads
- Language settings
Also recorded:
- Your approximate location (region)
- Your IP address (in shortened form)
- Technical information about your browser and the end devices you use (e.g., language setting, screen resolution)
- Your internet service provider
- The referrer URL (via which website/advertising medium you came to this website)
On our behalf, Google will use this information to evaluate your use of the website and to compile reports on website activity. The reports provided by Google Analytics serve to analyze the performance of our website and the success of our marketing campaigns.
Recipients of the data are/may be:
- Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland (as processor under Art. 28 DSGVO).
- Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA
- Alphabet Inc, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA
It cannot be ruled out that US authorities may access the data stored by Google. Insofar as data is processed outside the EU/EEA and there is no level of data protection corresponding to the European standard, we have concluded EU standard contractual clauses with the service provider to establish an appropriate level of data protection. The parent company of Google Ireland, Google LLC, is based in California, USA. A transfer of data to the USA and access by US authorities to the data stored by Google cannot be ruled out. The USA is currently considered a third country from a data protection perspective. You do not have the same rights there as within the EU/EEA. You may not be entitled to any legal remedies against access by authorities.
The data sent by us and linked to cookies are automatically deleted after 14 months. The deletion of data whose retention period has been reached occurs automatically once a month.
The legal basis for this data processing is your consent pursuant to Art. 6 para. 1 p. 1 lit. a GDPR. You can revoke your consent at any time with effect for the future by accessing the cookie settings and changing your selection there. The lawfulness of the processing carried out on the basis of the consent until the revocation remains unaffected.
You can also prevent the storage of cookies from the outset by setting your browser software accordingly. However, if you configure your browser to reject all cookies, this may result in a restriction of functionalities on this and other websites. In addition, you can prevent the collection of data generated by the cookie and related to your use of the website (including your IP address) to Google and the processing of this data by Google, by:
- a. Not giving your consent to the setting of the cookie or
- b. Downloading and installing the browser add-on to disable Google Analytics HERE.
For more information on Google Analytics’ terms of use and Google’s privacy policy, please visit https://marketingplatform.google.com/about/analytics/terms/us/ and at https://policies.google.com/?hl=en.
7). Social media management
To measure the success of our social media activities, we also record when we are tagged on social media networks. In this context, we also process information about the people who tag us. The processing that takes place in this context is based on our legitimate interest in optimizing our social media activities.
8). Security
We have taken appropriate technical and operational security measures to protect your personal data from intentional or unintentional manipulation, loss, destruction, or access by unauthorized persons. Our security procedures are monitored regularly and updated in line with technological progress.
9). Legal basis for data processing
If and to the extent that you have given us your consent for the processing of your personal data, your personal data will be processed on the basis of such consent in accordance with Article 6 para. 1 lit. a) of the General Data Protection Regulation (“GDPR”). Otherwise, the processing will be based (i) on Article 6 para. 1 lit. b) GDPR where the processing is necessary for the performance of a contract or for the implementation of pre-contractual measures, (ii) on Article 6 para. 1 lit. c) GDPR where the processing is necessary to fulfill legal obligations, or (iii) on Article 6 para. 1 lit. f) GDPR where the processing is necessary for the protection of our legitimate interests or the legitimate interests of a third party.
10). Your Rights
We take reasonable steps to ensure that your personal data is accurate, complete, and up to date. You have the right to access, correct, or delete the personal data that we collect. You are also entitled to restrict or object, at any time, to the further processing of your personal data. You have the right to receive your personal data in a structured and standard format and, where technically and legally feasible, the right to have your personal data transmitted directly to a third party. You may lodge a complaint with the competent data protection authority regarding the processing of your personal data.
11). Retention
We will retain your personal data for as long as it is necessary to fulfill the purposes outlined in this Privacy Notice, unless a longer retention period is required or permitted by law.
12). Contact
Questions or comments regarding this Privacy Notice can be addressed by sending an email to Privacy.Germany@oxfordproperties.com.
You can also contact our data protection officer. The contact details of our data protection officer are as follows:
Dr. Antje Johst
c/o Rechtsanwälte Feil Kaltmeyer
Kurfürstendamm 37
10719 Berlin, kanzlei@antjejohst.com.