Data protection statement

Information obligation according to Article 13 GDPR

Dear Sir or Madam,

 

With this privacy policy, we would like to inform you about the processing of your personal data by Bayern International - Bayerische Gesellschaft für Internationale Wirtschaftsbeziehungen mbH, and the rights to which you are entitled under data protection law.

 

To the overview:

 

1. General information

2. Internet offering of Bayern International

3. Information about our mailings

4. Subscription to our newsletter

5. Communication with Bayern International

6. Key to Bavaria Company Database

7. Sending publications

8. Events and digital events

9. Applicant data

10. Social media appearances

 

1 General information

 

1.1 Who is the data controller responsible for data processing, and who is the data protection officer

 

The data controller responsible for data processing is

Bavaria International

Bayerische Gesellschaft für

Internationale Wirtschaftsbeziehungen mbH

Rosenheimer Str. 143C

81671 Munich

Phone: 089 660566-0

Fax: 089 660566-150

Internet: www.bayern-international.de

E-mail: info@bayern-international.de

 

Contact details of the data protection officer:

ComFor-IT ® oHG

Datenschutz

Bahnhofstraße 6

84405 Dorfen

E-mail: datenschutz@comfor-it.de

datenschutz@bayern-international.de and datenschutz@invest-in-bavaria.de

 

Instances of joint responsibility

 

For various projects within the framework of economic development, joint responsibility may exist with the Bavarian State Ministry of Economic Affairs, Regional Development and Energy, Prinzregentenstraße 28, 80538 Munich. We will draw your attention to this as part of these processing operations. This includes, for example, invitations to events jointly organised by Bayern International and the State Ministry for Economic Affairs, Regional Development and Energy.

 

In such an instance, you can contact both Bayern International and the Bavarian State Ministry for Economic Affairs, Regional Development and Energy, in order to exercise your data protection rights. The data protection officer of the

Bavarian State Ministry for Economic Affairs, Regional Development and Energy can be reached at datenschutz(at)stmwi.bayern.de.

 

1.2 What personal data do we have about you, and where does it come from?

 

The categories of personal data processed include, in particular, the following data:

  • Your master data (first name, last name, name affixes, functions, date of birth, if applicable)
  • Contact details (address; landline and mobile phone number, e-mail address and links to Xing, Linkedin and Facebook)
  • Data you provide us with for participation in, for example, a business trip or delegation trip or a joint company stand or a “KonferenzPlus” measure abroad (e.g. passport data)

 

Your personal data is generally collected directly from you when you contact us. In some cases, we also collect personal data from publicly accessible sources (e.g. the Internet, trade fair catalogues, lists of participants at events, targeted contact searches with the help of e.g. the consulates based in Bavaria, as well as technology networks in Germany and abroad).

 

1.3 For what purposes and on what legal basis is data processed?

 

As a rule, the purpose of the processing is to fulfil the public tasks of location promotion assigned to us by the Bavarian State Ministry of Economic Affairs, Regional Development and Energy. Bayern International supports small and medium-sized enterprises from Bavaria in their export activities, and works closely with business organisations at home and abroad.

These include, in particular,

  • the organisation of Bavarian participation in trade fairs and exhibitions, as well as own Bavarian events – including technical symposia within the framework of the Bavarian trade fair participation programme,
  • organising forms of cooperation exchange at home and abroad in cooperation with chambers and associations, and promoting business cooperation locally,
  • organising visits to Bavaria by foreign business delegations and by Bavarian business delegations abroad,
  • the promotion of Bavaria as a business location,
  • supporting domestic and foreign companies in setting up and developing a business location in Bavaria, and
  • organising and managing training and development programmes for the benefit of the Bavarian export industry.

 

If you have contacted us, given us your business card, registered in our database, or participated in one of our events, we assume that you are, in principle, interested in our events and projects. Therefore, your data will be processed by us, in order to send you appropriate offers and invitations by e-mail, among other things.

 

The legal basis for the processing of your data, unless otherwise stated, is Art. 4 (1) Bavarian Data Protection Act (BayDSG) in conjunction with Art. 6 (1) lit. e General Data Protection Regulation (GDPR). Accordingly, we are permitted to process the data necessary to fulfil a task incumbent upon us.

 

You have the right to object to the processing of your data at any time for reasons arising from your particular situation, if the processing is carried out exclusively on the basis of Art. 6 (1) lit. e GDPR (Art. 21 (1) Sentence 1 GDPR) or if the processing of your data is carried out for advertising purposes (Art. 21 [2] GDPR).

 

The processing of your personal data will continue

  • insofar as the processing is based on your consent in accordance with Art. 6 (1) lit. a GDPR.
  • insofar as the processing is necessary for the performance of a contract that you have concluded with us, or for the implementation of pre-contractual measures that take place at your request, on the basis of Art. 6 (1) lit. b GDPR; 
  • insofar as we are obliged to process on the basis of statutory provisions on the basis of Art. 6 (1) lit. c GDPR;
  • insofar as the data processing is carried out on the basis of a so-called balancing of interests on the basis of Art. 6 (1) lit. f GDPR. In these cases, said interest is communicated in the context of the respective processing.

  •  

1.4 How long will your data be stored?

 

We regularly check and update our databases. We will delete your personal data as soon as it is no longer required for the above-mentioned purposes. We will also delete your data without fail if you exercise your right of revocation or objection, unless we are obliged to retain the data due to legal requirements.

 

1.5 Who receives your data?

 

Within Bayern International - Bayerische Gesellschaft für Internationale Wirtschaftsbeziehungen mbH, the persons and offices that receive your personal data are those that require it to fulfil the above-mentioned tasks of Bayern International.

 

In addition, we use external service providers to fulfil our tasks, e.g. trade fair implementation companies, marketing and event agencies, travel agencies and publishers. For the purpose of sending you information, invitations and newsletters, we commission service providers to process your data in accordance with your instructions. We obligate them to protect your data in accordance with the law.

 

If necessary, your data will be transmitted to the competent supervisory and auditing authorities for the exercise of the respective control rights.

We would like to point out that we are a public body according to Art. 1 (2) Bavarian Data Protection Act (BayDSG), so that the regulations on the transfer of personal data according to Art. 5 Bavarian Data Protection Act (BayDSG) apply. Accordingly, your data may be transferred to the Bavarian State Ministry of Economic Affairs, Regional Development and Energy, for example, insofar as this is necessary, in order to fulfil its tasks in the context of promoting foreign trade and investor relations.

For the transmission of data abroad, see no. 1.8.

 

1.6 What rights can you assert as a data subject?

 

You have the rights under Articles 15 to 22 of the GDPR:

  • Right to the disclosure of information (Art. 15 GDPR): if your personal data is being processed, you have the right to receive information about the data stored about you.
  • Right to rectification (Art. 16 GDPR): if inaccurate personal data is being processed, you have the right to rectification.
  • Right to erasure and restriction of processing (Art. 17, 18 GDPR): if the legal requirements are met, you may request the erasure or restriction of processing.
  • Right to data portability (Art. 20 GDPR): if you have consented to the data processing or a contract for data processing exists, and the data processing is carried out with the help of automated procedures, you may have a right to data portability.
  • If we process your data for the performance of the public task assigned to us pursuant to Art. 6 (1) Sentence 1 lit. e GDPR or for the protection of legitimate interests pursuant to Art. 6 (1) Sentence 1 lit. f GDPR, you may object to this processing at any time for reasons arising from your particular situation pursuant to Art. 21 (1) GDPR.
  • You also have the right to object at any time to the processing of your data for advertising purposes in accordance with Art. 21 (2) GDPR.
  • If the data processing is based on your consent pursuant to Art. 6 (1) lit. a GDPR, this consent can be revoked at any time in the future. This does not affect the lawfulness of the data processing until the consent is revoked.

 

If you wish to revoke or exercise any of the above rights, please contact:

 

Bayern International –

Bayerische Gesellschaft für

Internationale Wirtschaftsbeziehungen mbH

Rosenheimer Str. 143c

81671 Munich

E-mail: datenschutz@bayern-international.de 

 

For more information on the processing of your personal data, you can contact us using the above contact details.

 

1.7 Where can you lodge a complaint?

 

You also have the option to lodge a complaint with the data protection supervisory authority. The data protection supervisory authority responsible for us is:

 

The Bavarian State Commissioner for Data Protection (BayLfD)

Wagmüllerstr. 18

80538 Munich

E-mail: poststelle@datenschutz-bayern.de

 

1.8 Will your data be transferred abroad, including to a third country?

 

We work with partners abroad who support us in carrying out our tasks (e.g. chambers of commerce abroad, consulates based in Bavaria, travel agencies; cf. also No. 1.5.). Insofar as it is necessary for the implementation, we transfer your personal data abroad, including to so-called “third countries”.

 

1.9 Are you obliged to provide your data?

 

The provision of your personal data is neither legally nor contractually required. You are not obliged to provide us with your personal data. However, if you do not provide the data, you will no longer receive any information, invitations etc. from us.

  

2. Internet offering of Bayern International

 

2.1. Cookies

 

The website of the Bayerische Gesellschaft für Internationale Wirtschaftsbeziehungen mbH uses cookies. Cookies are text files that are stored on a computer system via an Internet browser.

 

Many websites and servers use cookies. Many cookies contain a so-called cookie ID. A cookie ID is a unique identifier of the cookie. It consists of a string of characters by which Internet pages and servers can be assigned to the specific Internet browser in which the cookie was stored. This enables the websites and servers visited to distinguish the individual browser of the person concerned from other Internet browsers that contain other cookies. A specific Internet browser can be recognised and identified via the unique cookie ID.

 

Through the use of cookies, Bayerische Gesellschaft für Internationale Wirtschaftsbeziehungen mbH can provide the users of this website with more user-friendly services that would not be possible without the cookie setting.

 

By means of a cookie, the information and offers on our website can be optimised in the interests of the user. Cookies enable us, as already mentioned, to recognise the users of our website. The purpose of this recognition is to make it easier for users to use our website. For example, the user of a website that uses cookies does not have to re-enter his or her access data each time he or she visits the website because this is done by the website and the cookie stored on the user’s computer system.

 

The data subject can prevent the setting of cookies by our website at any time by means of the appropriate Internet browser settings, and thus permanently object to the setting of cookies. Furthermore, cookies that have already been set can be deleted at any time via an Internet browser or other software programmes. This is possible in all common Internet browsers. If the data subject deactivates the setting of cookies in the Internet browser in use, not all functions of our website may be fully usable.

 

2.2 Consent tool from Usercentrics

 

We use the cookie consent technology from Usercentrics on our website to obtain your consent to the storage of certain cookies on your end device, or to the use of certain technologies and to document this in accordance with data protection law. The provider of this technology is Usercentrics GmbH, Rosental 4, 80331 Munich, website: usercentrics.com/de/ (hereinafter “Usercentrics”).

 

The use of Usercentrics serves the purpose of proving consent given and not given, as well as the management thereof. The legal basis for the processing of data by Usercentrics is Art. 6 (1) S. 1 lit. f GDPR. Our legitimate interest lies in the legally secure documentation and verifiability of consents, as well as controlling the services we use on the basis of the consents granted.

 

2.3 Note on data transfer to the USA

 

Among other things, services from providers based in the USA are integrated on our website. When these services are active, your personal data may be transferred to the US servers of the respective companies.

 

As a secure third country, the USA generally maintains a level of data protection comparable to that of the EU. A data transfer to the USA is then permitted if the recipient possesses a certification under the “EU-US Data Privacy Framework” (DPF), or has suitable additional guarantees in place. You can view the list of certified companies at www.dataprivacyframework.gov.

 

We would like to draw your attention to the fact that, for data transfer to providers who are not certified according to the EU-US Data Privacy Framework (DPF), the USA is to be regarded as a third country that is not classified as secure under data protection law, in which no level of data protection comparable to that in the EU can be guaranteed.

We have concluded a contract with these providers – including the so-called EU standard contractual clauses. Taking into account the data protection needs, we consider the level of protection with reference to the EU standard contractual clauses to be adequate.

 

2.4 Collection of general data and information

 

The website of the Bayerische Gesellschaft für Internationale Wirtschaftsbeziehungen mbH collects a series of general data and information whenever a data subject or automated system calls up the website. This general data and information are stored in the server’s log files. The following data may be collected: (1) the browser types and versions used, (2) the operating system used by the accessing system, (3) the website from which an accessing system accesses our website (so-called referrer), (4) the sub-websites which are accessed via an accessing system on our website, (5) the date and time of access to the website, (6) an Internet protocol address (IP address), (7) the Internet service provider of the accessing system and (8) other similar data and information that serve to avert danger in the event of attacks on our information technology systems.

 

When using this general data and information, the Bayerische Gesellschaft für Internationale Wirtschaftsbeziehungen mbH does not draw any conclusions about the data subject. This information is rather required in order to (1) correctly deliver the contents of our website, (2) optimise the contents of our website, as well as the pertinent advertising, (3) ensure the permanent functionality of our information technology systems and the technology of our website, as well as (4) to provide law enforcement authorities with the information necessary for prosecution in the event of a cyber attack. Therefore, Bayerische Gesellschaft für Internationale Wirtschaftsbeziehungen mbH analyses this data and information, on the one hand, for statistical purposes and, on the other, for the purpose of increasing the data protection and data security of our enterprise, with the aim of ensuring an optimal level of protection for the personal data we process.  The legal basis for this is Art. 6 (1) lit. f GDPR.

 

 

2.5 Use of the databases and applications

 

On the website of Bayerische Gesellschaft für Internationale Wirtschaftsbeziehungen mbH, users are given the opportunity to use various databases and services of our company. As to which personal data is transmitted in detail to the data controller when using the respective service or the respective database results from the input masks used for this purpose.

 

Events and event database


In our event database, you will find offers pertaining to business trips, delegation trips, trade fair participation, digital events, Bavaria - Fit For Partnership, delegation visits and information events. If you register via one of the forms provided or express your interest in an event, we will subsequently send you information by e-mail in connection with the organisation of (and your participation in) the event. For further information on data processing in the context of events, please see 3. Events and digital events.

 

Reise.Net

The data collected in the course of application and registration on Reise.Net is used for the administration of participants in trips and for booking trips.

In doing so, we process information about you and your company, as well as all data that you provide to us and that is required for booking, including address data, communication data and passport data.

The information provided in the forms for travel registration, booking and entry in the delegation brochure will be passed on to the service provider entrusted with the implementation, if applicable.

With your access data you can register for all future trips. Your data will remain stored until you delete it.

 

Extra.Net


As a key stakeholder in promoting Bavarian foreign trade, you can log in with your login name and password to register partner events on our website. Your data will remain stored for as long as you are responsible for registering events on our website.

 

Events.BY


The personal and company data you provide will be used for participant administration in the database, and will not be passed on by us. Your data will remain stored until you delete it. 

 

2. 6 Data protection provisions on the use and application of Matomo

 

The data controller has integrated the Matomo component on this website. Matomo is an open source software tool for web analysis. Web analysis involves the collection, collation and evaluation of data on the behaviour of visitors to websites. A web analysis tool collects, among other things, data on which website a data subject came to a website from (so-called referrer), which sub-pages of the website were accessed or how often and for how long a sub-page was viewed. A web analysis is mainly used to optimise a website and to analyse the cost-benefit of internet advertising.

 

The software is operated on the server of the data controller and the log files, which are sensitive in terms of data protection law, are stored exclusively on this server.

 

The purpose of the Matomo component is to analyse the flow of visitors to our website. The data controller uses the data and information obtained to, among other things, evaluate the use of this website, in order to compile online reports showing the activities on our websites.

 

Matomo places a cookie on the information technology system of the data subject. As to the definition of a cookie, this has already been explained above. The placing of the cookie enables us to analyse the use of our website. Each time one of the individual pages of this website is accessed, the internet browser on the information technology system of the data subject is automatically caused by the Matomo component to transmit data to our server for the purpose of online analysis. As part of this technical procedure, we obtain knowledge of personal data, such as the IP address of the person concerned, which we use, among other things, to trace the origin of visitors and clicks.

 

By means of the cookie, personal information – for example, the access time, the place from which an access originated and the frequency of visits to our website – are stored. Each time you visit our website, this personal data – including the IP address of the internet connection used by the person concerned – is transmitted to our server. This personal data is stored by us.

 

The use of Matomo on our website is based on your consent according to Art. 6 (1) lit. a. GDPR. Further information and the applicable data protection provisions of Matomo can be found at https://matomo.org/privacy/ .

 

2.7 Privacy policy on the use and application of Google Analytics (with anonymisation function)

 

The data controller has integrated the Google Analytics component (with anonymisation function) on this website. Google Analytics is a web analysis service. Web analysis involves the collection, collation and evaluation of data on the behaviour of visitors to websites. A web analysis service collects, among other things, data on which website a data subject came to a website from (so-called referrer), which sub-pages of the website were accessed or how often and for how long a sub-page was viewed. A web analysis is mainly used to optimise a website and to analyse the cost-benefit of internet advertising.

 

The operating company of the Google Analytics component is Google Ireland Limited, Gordon House, 4 Barrow St, Dublin, D04 E5W5, Ireland (“Google”).

 

The data controller uses the addition “_gat._anonymizeIp” for web analysis via Google Analytics. By means of this addition, the IP address of the internet connection of the person concerned is shortened and anonymised by Google if access to our internet pages takes place from a member state of the European Union or from another state party to the Agreement on the European Economic Area.

 

The purpose of the Google Analytics component is to analyse the flow of visitors to our website. Google will use the data and information collected for the purpose of evaluating your use of our website, compiling reports on website activity for website operators and rendering other services relating to website activity.

Google Analytics places a cookie on the information technology system of the data subject. As to the definition of a cookie, this has already been explained above. By placing the cookie, Google is enabled to analyse the use of our website. Each time a data subject accesses one of the individual pages of this website operated by the data controller on which a Google Analytics component has been integrated, the internet browser on the data subject’s information technology system is automatically triggered by the respective Google Analytics component to transmit data to Google for the purpose of online analysis. As part of this technical procedure, Google obtains knowledge of personal data – such as the IP address of the data subject – which Google uses, among other things, to trace the origin of visitors and clicks and subsequently to enable commission calculations.

 

By means of the cookie, personal information – for example, the access time, the place from which an access originated and the frequency of visits to our website by the data subject – is stored. Each time you visit our website, this personal data, including the IP address of the internet connection used by the data subject, is transmitted to Google in the United States of America. This personal data is stored by Google in the United States of America. Google may share this personal data collected through the technical process with third parties.

The data subject can prevent the placement of cookies by our website, as already described above, at any time by means of an appropriate setting of the Internet browser used, and thus permanently object to the placement of cookies. Such a setting of the internet browser used would also prevent Google from placing a cookie on the information technology system of the data subject. In addition, a cookie already set by Google Analytics can be deleted at any time via the internet browser or other software programmes.

 

Furthermore, the data subject has the option to object to the collection of data generated by Google Analytics and related to the use of this website, as well as to the processing of this data by Google, and to prevent such processing. For this purpose, the data subject must download and install a browser add-on at the link tools.google.com/dlpage/gaoptout. This browser add-on tells Google Analytics via JavaScript that no data and information about visits to Internet pages may be transmitted to Google Analytics. The installation of the browser add-on is considered by Google as an objection. If the information technology system of the data subject is deleted, formatted or reinstalled at a later point in time, the data subject must reinstall the browser add-on in order to deactivate Google Analytics. If the browser add-on is uninstalled or deactivated by the data subject or another person within his or her control, it is possible to reinstall or reactivate the browser add-on.

 

The data processing is based on your consent in accordance with Art. 6 (1) lit. a GDPR.

 

Further information and Google’s applicable privacy policy can be found at https://www.google.de/intl/de/policies/privacy/ and at www.google.com/analytics/terms/de.html . Google Analytics is explained in more detail under this link https://www.google.com/intl/de_de/analytics/ .

According to the provider, your data will be transferred to Google LLC in the USA. The basis for third country transfers is the EU-US Data Privacy Framework (DPF).

2.8 Use of Google Maps and YouTube

 

The data controller uses maps from the Google Maps service and videos from the YouTube service on this website. The operating company of the Google Maps service and the YouTube video platform is Google Ireland Limited, Gordon House, 4 Barrow St, Dublin, D04 E5W5, Ireland (“Google”)

 

In addition to the type and version of browser used, the operating system used, the date and time of access and the IP address, the data processed may also include the user’s location data, which, however, is not collected without the user’s consent (usually given in the context of the settings of their mobile devices). The data may be processed in the USA.

 

The use on our website is based on your consent according to Art. 6 (1) lit. a. GDPR. For more information, please refer to Google’s privacy policy, which can be found at https://www.google.com/policies/privacy/. Google’s settings for advertising can be found here: https://adssettings.google.com/authenticated

According to the provider, your data will be transferred to Google LLC in the USA. The basis for third country transfers is the EU-US Data Privacy Framework (DPF).

2.9 Google Ads

 

Our website also uses Google Ads. Google Ads is an online advertising programme of Google Ireland Limited (“Google”), Gordon House, Barrow Street, Dublin 4, Ireland.

 

Google Ads enables us to display advertisements in the Google search engine or on third-party websites when the user enters certain search terms on Google (keyword targeting). Furthermore, targeted advertisements can be played on the basis of the user data available at Google (e.g. location data and interests) (target group targeting). As a website operator, we can evaluate this data quantitatively by analysing, for example, which search terms have led to the display of our advertisements, and how many advertisements have led to corresponding clicks.

 

The use on our website is based on your consent according to Art. 6 (1) lit. a. GDPR. Details can be found here:  https://policies.google.com/privacy/frameworks and

https://privacy.google.com/businesses/controllerterms/mccs/.

According to the provider, your data will be transferred to Google LLC in the USA. The basis for third country transfers is the EU-US Data Privacy Framework (DPF).

2.10 Google Ads Conversion Tracking

 

Furthermore, we use Google Conversion Tracking. The provider is Google Ireland Limited (“Google”), Gordon House, Barrow Street, Dublin 4, Ireland.

 

Google Conversion Tracking allows Google and us to see whether the user has taken certain actions. For example, we can evaluate which buttons on our website have been clicked frequently. This information is used to create conversion statistics. We learn the total number of users who have clicked on our ads and what actions they have taken. We do not receive any information with which we can personally identify the user. Google itself uses cookies or comparable recognition technologies for identification purposes.

The use of Google Conversion Tracking is based on Art. 6 (1) lit. a GDPR.

 

You can find more information on Google conversion tracking in Google’s privacy policy: https://policies.google.com/privacy?hl=de.

According to the provider, your data will be transferred to Google LLC in the USA. The basis for third country transfers is the EU-US Data Privacy Framework (DPF).

2.11 Google Tag Manager

 

We use the Google Tag Manager. The provider is Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland. Google Tag Manager is a tool that allows us to embed tracking or statistical tools, as well as other technologies on our website. The Google Tag Manager itself does not create user profiles, does not store cookies and does not perform any independent analyses. It is only used for the administration and execution of the tools integrated via it. However, Google Tag Manager collects your IP address, which may also be transferred to Google’s parent company in the United States.

 

Use of the Google Tag Manager is based on Art. 6 (1) lit. a and f GDPR.

According to the provider, your data will be transferred to Google LLC in the USA. The basis for third country transfers is the EU-US Data Privacy Framework (DPF).

2.12 Facebook Pixel

 

This website uses Facebook’s visitor action pixel to measure conversions. The provider of this service is Meta Platforms Inc (Ireland), 4 Grand Canal Square, Dublin 2, Ireland. However, according to Facebook, the data collected is also transferred to the USA and other third countries. In this way, the behaviour of page visitors can be tracked after they have been redirected to the provider’s website by clicking on a Facebook ad. This allows the efficacy of Facebook ads to be evaluated for statistical and market research purposes, and to optimise any future advertising efforts.

 

The data collected is anonymous for us as the operator of this website; we cannot draw any conclusions about the identity of the users. However, the data is stored and processed by Facebook so that a connection to the respective user profile is possible, and Facebook can use the data for its own advertising purposes in accordance with the Facebook data usage policy. This allows Facebook to serve ads on Facebook pages, as well as outside of Facebook. This use of data cannot be influenced by us as the site operator.

 

The use of Facebook Pixel is based on Art. 6 (1) lit. a GDPR.

Data transfer to the USA is based on the standard contractual clauses of the EU Commission.

 

Details can be found here: www.facebook.com/legal/EU_data_transfer_addendum and https://de-de.facebook.com/help/566994660333381. You can find further information on protecting your privacy in Facebook’s privacy policy: https://de-de.facebook.com/about/privacy/.

 

You can also deactivate the “Custom Audiences” remarketing function in the “Advertising Settings” section at https://www.facebook.com/ads/preferences/?entry_product=ad_settings_screen . To do this, you must be logged in to Facebook.

If you do not have a Facebook account, you can disable usage-based advertising from Facebook on the European Interactive Digital Advertising Alliance website: http://www.youronlinechoices.com/de/praferenzmanagement/.

According to Facebook, your data will be transferred to Meta Platforms Inc. in the USA. The basis for third country transfers is the EU-US Data Privacy Framework (DPF).

2.13 LinkedIn Analytics

 

This website uses the Insight tag from LinkedIn. The provider of this service is LinkedIn Ireland Unlimited Company, Wilton Plaza, Wilton Place, Dublin 2, Ireland.

 

With the help of the LinkedIn Insight Tag, we receive information about the visitors to our website. If a website visitor is registered with LinkedIn, we can, among other things, analyse key professional data (e.g. career level, company size, country, location, industry and job title) of our website visitors and thus better tailor our site to the respective target groups. Furthermore, we can use LinkedIn Insight Tags to measure whether visitors to our website take actions (conversion measurement). Conversion measurement can also be carried out across devices (e.g. from PC to tablet). LinkedIn Insight Tag also offers a retargeting feature that allows us to display targeted, off-site advertising to visitors to our website, which LinkedIn states does not identify the ad recipient.

LinkedIn itself also collects so-called log files (URL, referrer URL, IP address, device and browser properties and time of access). The IP addresses are shortened or (if they are used to reach LinkedIn members across devices) hashed (pseudonymised). The direct identifiers of LinkedIn members are deleted by LinkedIn after seven days. The remaining pseudonymised data is then deleted within 180 days.

 

The data collected by LinkedIn cannot be assigned to specific individuals by us as the website operator. LinkedIn will store the collected personal data of the website visitors on its servers in the USA, and use this in the context of its own advertising measures. For details, see LinkedIn’s privacy policy at https://www.linkedin.com/legal/privacy-policy#choices-oblig.

 

The use of LinkedIn Insight is based on Art. 6 (1) lit. a GDPR; the consent can be revoked at any time.

 

You can object to the analysis of usage behaviour and targeted advertising by LinkedIn at the following link: https://www.linkedin.com/psettings/guest-controls/retargeting-opt-out.

 

Furthermore, LinkedIn members can control the use of their personal data for advertising purposes in the account settings. To avoid LinkedIn linking data collected on our website to your LinkedIn account, you must log out of your LinkedIn account before visiting our website.

 

2.14 X Analytics

 

Functions of the X service are integrated on this website. These functions are offered by Twitter International Company, One Cumberland Place, Fenian Street, Dublin 2, D02 AX07, Ireland. By using Twitter and the “Re-Tweet” function, the websites you visit are linked to your Twitter account and made known to other users. Data is also transferred to Twitter in the process.

For more information, please see Twitter’s privacy policy at: https://twitter.com/de/privacy.

 

The use of the Twitter plugin is based on Art. 6 (1) lit. a GDPR; the consent can be revoked at any time. You can change your privacy settings on Twitter in the account settings at https://twitter.com/account/settings.

 

2.15 ReadSpeaker

 

We use the tool ReadSpeaker, of ReadSpeaker Holding B.V, Princenhof park 13, 3972 NG Driebergen-Rijsenburg, The Netherlands.

 

When you click on the “Read aloud” link, the text or text passage from the website is transferred to a server of the ReadSpeaker company using your IP address, where an audio file is generated and sent back to your IP address in a streaming process. Immediately after delivery of the audio file, the process and the user’s IP address are deleted from the ReadSpeaker server.

 

When using the ReadSpeaker function, cookies are stored on the end device in order to retain the settings selected by the user (highlight setting, text size, etc.) and deleted again after the session or, depending on the function, an appropriate period of time (maximum 30 days).

 

The use on our website is based on your consent according to Art. 6 (1) lit. a. GDPR. You can find more information here: https://www.readspeaker.com/blog/readspeaker-webreader-conforms-gdpr-standards/

 

3. Information about our mailings

 

If you sign up to receive information about our events and projects, we will send you this information by e-mail. The personal data used for registration is specified in the input mask used for this purpose. The salutation, first name and last name are used to address the recipients personally. The service provider we use for sending the mailings is retarus GmbH, Aschauer Straße 30, 81549 Munich.

 

Our mailing efforts allow us to analyse the recipients’ behaviour. Among other things, it can be analysed as to how many recipients have opened the mailing, and how often a given link was clicked. With the help of this evaluation, we are able to improve our mailing work and make them even more informative for you.

 

As a rule, your personal data will be used for the purpose of fulfilling the public task assigned to us on the basis of Art. 4 (1) Bavarian Data Protection Act (BayDSG) in conjunction with Art. 6 (1) e GDPR. You have the right to object to the processing of your data at any time for reasons arising from your particular situation, if the processing is carried out exclusively on the basis of Art. 6 (1) lit e GDPR (Art. 21 [1] Sentence 1 GDPR).

 

In addition, the sending of e-mails containing promotional content is based on your consent in accordance with Art. 6 (1) lit. a GDPR. Registration is voluntary, and you can unsubscribe from our mailings at any time.

 

4. Subscription to our newsletter

 

On the website of the Bayerische Gesellschaft für Internationale Wirtschaftsbeziehungen mbH, users are given the opportunity to subscribe to our company newsletter. As to which personal data is transmitted to the data controller when ordering the newsletter is determined by the input mask used for this purpose. The service provider we use to send the newsletter is CleverReach GmbH & Co. KG, Schafjückenweg 2, 26180 Rastede.

 

Bayerische Gesellschaft für Internationale Wirtschaftsbeziehungen mbH informs its customers and business partners at regular intervals by means of a newsletter about offers of the company. In principle, the newsletter of our company can only be received by the data subject if (1) the data subject has a valid e-mail address and (2) the data subject registers for the newsletter e-mail. For legal reasons, a confirmation e-mail is sent to the e-mail address entered by a data subject for the first time for the newsletter dispatch using the double opt-in procedure. This confirmation e-mail is used to check whether the owner of the e-mail address, as the data subject, has authorised receipt of the newsletter.

 

When registering for the newsletter, we also store the IP address of the computer system used by the data subject at the time of registration, as assigned by the Internet service provider (ISP), as well as the date and time of registration. The collection of this data is necessary, in order to be able to trace the (possible) misuse of a data subject’s e-mail address at a later date, and, therefore, serves as a legal safeguard for the data controller.

 

The personal data collected as part of a registration for the newsletter is used to send our newsletter. The salutation, first name and last name are used to address the recipients personally. Furthermore, subscribers to the newsletter could be informed by e-mail if this is necessary for the operation of the newsletter service or a related registration, as could be the case in the event of changes to the newsletter offer or a change in the technical circumstances.

 

The subscription to our newsletter can be cancelled by the data subject at any time. The use of your personal data is based on your consent in accordance with Art. 6 (1) lit. a GDPR. The consent to the storage of personal data that the data subject has given us for the newsletter mailing can be revoked at any time. For the purpose of revoking consent, a corresponding link can be found in each newsletter. Furthermore, it is also possible to unsubscribe from the newsletter at any time directly on the website of the data controller, or to inform the data controller of this in another way.

 

The newsletters of the Bayerische Gesellschaft für Internationale Wirtschaftsbeziehungen mbH contain so-called tracking pixels. A tracking pixel is a thumbnail graphic that is embedded in such e-mails that are sent in HTML format to enable log file recording and log file analysis. This allows a statistical evaluation of the success or failure of online marketing campaigns. Based on the embedded tracking pixel, the Bayerische Gesellschaft für Internationale Wirtschaftsbeziehungen mbH may see if and when an e-mail was opened by a data subject, and which links contained in the e-mail were called up by the data subject.

 

Such personal data collected via the tracking pixels contained in the newsletters are stored and analysed by the data controller, in order to optimise the newsletter dispatch and to better adapt the content of future newsletters to the interests of the data subject. Data subjects are entitled, at any time, to revoke the separate declaration of consent given in this regard via the double opt-in procedure. After a revocation, these personal data will be deleted by the data controller.

 

5. Communication with Bayern International

 

5.1 Contact

 

You have the possibility to contact us via our e-mail address or by phone. We process the data you provide for this purpose in order to process your contact enquiry and handle it.

 

5.2 Video conferencing tools

 

We use various programmes to communicate with you.

 

If you communicate with us by video or audio conference via the Internet, personal data will be collected and processed by us and the provider of the respective conference tool. The conference tool collects all data that you provide during the use of the tools, as well as the duration of the conference, start and end (time) of participation in the conference, number of participants and other contextual information related to the communication process (metadata).

 

In addition, the provider of the tool processes all technical data required to handle online communication. This includes, in particular, IP addresses, MAC addresses, device IDs, device type, operating system type and version, client version, camera type, microphone or speaker, and the type of connection.

 

If content is exchanged, uploaded or otherwise made available within the tool, this is also stored on the servers of the tool provider. Such content includes (but is not limited to) chat/instant messages, voice mails, uploaded photos and videos, and files shared while using the service.

 

6. Key-to-Bavaria company database

 

You can register yourself and your company or institution in our Key-to-Bavaria company database. To do this, we need various details about you, your company and your field of activity, in order to present your company or institution in our company database so that other companies and potential business partners can search specifically for Bavarian products, services or technology partners. This includes, among other things, data on contact persons in your company. The names of the managing directors of the companies and institutions recorded in the Key-to-Bavaria database appear publicly on the entry’s detail page. Excluded entries are excluded from publication. You can find out which data will be published in detail in the note on the form when you enter your data.

 

We use your data to send you messages by e-mail as part of the administration and organisation of the database.

 

Your company entry in our database is free of charge, and can be updated by you at any time via your registration by means of password and user name . Registration in the database and publication of the data are based on your consent and are voluntary. You can delete the entry at any time and thus revoke your consent. Your data will remain recorded in the company database until you delete it.

 

7. Sending publications

 

If you would like to receive our publications such as flyers or brochures by post, you can order them using the form. The data you provide will only be used for sending the publications and will be deleted when the data is no longer needed for this purpose, and there are no further reasons to retain the data. In order to send the publications, we may pass on your data to a shipping service provider.

 

8. Events and digital events

 

Bayern International acts as organiser or co-organiser of various events. In the event of an invitation to (or participation in) an event, we process personal data (name, address, etc.). This can be done via different communication channels (e.g. by filling in a form, a web form, by e-mail, by phone).

 

The personal data that is transmitted to us in the process results from the respective form, the respective input mask or the data requested in a possible conversation.

 

As a recipient of letters/invitations, you can object to the sending of further letters/invitations at any time.

 

The data processing is carried out upon your request/registration for the following purposes:

 

  • The processing of your personal data is initially carried out, insofar as we perform public tasks within the scope of foreign trade promotion and investor advertising, on the basis of Art. 6 (1) lit. e GDPR.
  • Insofar as the processed data is necessary to hold the event or to organise it in advance, the legal basis is Art. 6 (1) lit. b GDPR.
  • If the data processing does not primarily serve the implementation of the event, the legal basis is Art. 6 (1) lit. f GDPR. The legitimate interest is to provide extensive support to participants during the event, to provide you with additional information about the event, and to provide, operate and improve the services used.
  • If you have given us your consent for the processing of your data, the legal basis for this is Art. 6 (1) lit. a GDPR. You have the right to revoke your consent for the future at any time.

 

Personal data will not be transferred to third parties without authorisation, but will be stored and processed for the purpose of organising and handling events (such as drawing up guest lists, enabling access controls, etc.). Bayern International - Gesellschaft für Internationale Wirtschaftsbeziehungen mbH may arrange for the data to be passed on to one or more processors who will use the personal data on behalf of the Company to carry out the event.

 

In the context of participation in digital or online events, other categories of participants’ data may be processed. The type and scope of the data processed depends on the type of event, as well as on the information you provide and the functions you use as part of your participation.

 

Depending on the type of event, Bayern International - Gesellschaft für Internationale Wirtschaftsbeziehungen mbH acts as organiser alongside another cooperation partner. In these cases, the data collected for event purposes will be transferred to our cooperation partners, who may use this data for the proper execution of the event. As to which cooperation partners these are in each individual case will be communicated separately within the framework of the organisation of the event.

 

The data will only be stored for as long as is necessary for the organisation and processing of the events.

 

Photo & Video Shooting

 

As part of our press and public relations work, photos and videos are taken at events and appointments, in which you may be visible. We base the production and publication of photos in connection with the event on our legitimate interest in promoting our image and reporting on the event. The photos will be published on our website and our social media presences to cover the event. You can object to the recording and/or publication. Please use the above contact details for your objection or inform us directly on site when registering for the event that you do not agree with the recording and/or publication.

 

Data collection from accompanying persons

 

For the proper handling of the event, the data of persons accompanying the participants who have been invited will also be collected and processed. Like all other persons affected by data collection, these persons are entitled to the above-mentioned rights, in particular, to the disclosure of information about the type and scope of the stored data, to object to the processing and to delete the data. In this respect, reference is made to the explanations on the rights of the data subject under “General information”.

 

9. Applicant data

 

We process the data you have sent us in connection with your application, in order to assess your suitability for the position (or other open positions in our companies, if applicable), and to perform the application process.

 

The legal basis for the processing of your data is primarily Art. 88 GDPR in conjunction with. Section 26 Federal Data Protection Act (BDSG) and, if applicable, Art. 6 (1) lit. b GDPR for the initiation of contractual relationships. According to this, the processing of data is permissible if this is necessary for the establishment of an employment relationship.

 

Should the data be required for legal prosecution after completion of the application procedure, data processing may be carried out on the basis of the requirements of Art. 6 GDPR, in particular, to safeguard legitimate interests pursuant to Art. 6 (1) lit. f GDPR. Our interest then consists in asserting or defending claims.

 

If you provide us with your express consent to process personal data for specific purposes, the lawfulness of this processing is based on your consent pursuant to Art. 6 (1) lit. a GDPR.

 

We process your personal data as long as this is necessary for the establishment of the employment relationship, or for the exercise (or fulfilment) of the obligations arising from a law. Finally, the storage period also depends on the statutory limitation periods. Applicant data will be deleted after 6 months in case of rejection. In the event that you have agreed to further storage of your personal data, we will transfer your data to our applicant pool. There, the data is deleted when it is no longer relevant for filling further positions.

 

10. Social media appearances

 

In the following, we would like to inform you about the processing of your personal data when using our profile. Processing takes place when you visit our profile and when you send us a message.

 

Please note that social media networks generally analyse your user behaviour extensively and use it to create user profiles, which are utilisied, among other things, to show you personalised advertising. We, therefore, ask you to carefully check which data you share with us via the profile. As long as you are logged into your account, the operator of the social network can assign your visit and your use of our profile to your user account. Your personal data may also be collected under certain circumstances if you are not logged in or do not have a user account with this social media network.

 

We would like to point out that we cannot track all data processing on the social media network. For more information on data processing by the operator of the social media network, please refer to the respective privacy policy of the social media network.

 

Data controller and the rights of the data subject

 

We, Bayern International - Bayerische Gesellschaft für Internationale Wirtschaftsbeziehungen mbH, together with the operator of the social network, are jointly responsible for the data processing that is triggered when you visit our profile. You may assert your rights as a data subject both against the operator of the social media network and against us.

 

Data collection and legal basis

 

The processing of your data when visiting our profile is based on Art. 6 (1) lit. e GDPR insofar as we perform public tasks in the context of promoting foreign trade and investor advertising. Our aim is to ensure the broadest possible presence on the Internet through our involvement on social media networks.

 

Please refer to the data protection guidelines of the social media network to find out on which legal basis the operator of the social media network bases the processing of your data.

 

Deletion and storage period

 

The data that we collect directly from you via our profiles will be deleted from our system as soon as the purpose for storing it no longer applies, you request us to delete your data or you revoke any consent you have given.

 

We have no influence on the storage period of your data, which is used by the operator of the social media network for its own purposes. You can find details of this in the privacy policy of the social media network.

Should the provider of a social network also be based in the USA, your personal data may be transferred to the US servers of the respective company and processed there.

Social networks in detail:

 

Facebook

We have a profile on Facebook. The provider of Facebook is Meta Platforms Ireland Ltd., 4 Grand Canal Square, Dublin 2, Ireland. According to Facebook, your data will be transferred to Meta Platforms Inc. in the USA. The basis for third country transfers is the EU-US Data Privacy Framework (DPF).

 

We have entered into the Controller Addendum, a joint processing agreement, provided by Facebook. You can view this agreement at the following link: https://www.facebook.com/legal/terms/page_controller_addendum.

 

We use the “Facebook Insights” functions to obtain statistical data about the use of and visitors to our profile. The legal basis is Art. 6 (1) lit. f GDPR for the optimisation of our profile on Facebook in the context of promoting foreign trade and investor advertising. You can find more information on data processing by Meta Platforms Inc. (Ireland) within the framework of “Facebook Insights” here:

https://www.facebook.com/legal/terms/information_about_page_insights_data

 

You can adjust your advertising settings independently in your user account. To do so, click on the following link and log in:

https://www.facebook.com/settings?tab=ads 

 

You can find Facebook’s privacy policy at:

https://www.facebook.com/about/privacy/

 

X

 

We use the messaging service X. The provider is Twitter International Company, One Cumberland Place, Fenian Street, Dublin 2, D02 AX07, Ireland.

 

You can adjust your Twitter privacy settings independently in your user account. To do so, click on the following link and log in:

https://twitter.com/personalization 

 

For details, please refer to Twitter’s privacy policy: twitter.com/de/privacy

 

LinkedIn

 

We have a profile on LinkedIn. The provider is LinkedIn Ireland Unlimited Company, Wilton Plaza, Wilton Place, Dublin 2, Ireland. LinkedIn uses advertising cookies.

 

If you would like to disable LinkedIn advertising cookies, please use the following link: https://www.linkedin.com/psettings/guest-controls/retargeting-opt-out 

 

For details on how your personal data is handled, please refer to LinkedIn’s privacy policy: https://www.linkedin.com/legal/privacy-policy 

 

YouTube

 

We have a profile on YouTube. The provider is Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland. For details on how your personal data is handled, please refer to YouTube’s privacy policy: https://policies.google.com/privacy?hl=de 

According to the provider, your data will be transferred to Google LLC in the USA. The basis for third country transfers is the EU-US Data Privacy Framework (DPF).

Xing

 

We have a profile on XING. The provider is New Work SE, Dammtorstraße 30, 20354 Hamburg, Germany. For details on how they handle your personal data, please refer to XING’s privacy policy:

https://privacy.xing.com/de/datenschutzerklaerung.

 

Instagram

 

We have a profile on Instagram. Instagram is provided by Meta Platforms Ireland Ltd., 4 Grand Canal Square, Dublin 2, Ireland. According to the provider, your data will be transferred to Meta Platforms Inc. in the USA. The basis for third country transfers is the EU-US Data Privacy Framework (DPF).

 

You can adjust your settings in your user account. To do so, click on the following link and log in:

www.instagram.com/accounts/login/

 

You can view Instagram’s privacy policy here:

https://help.instagram.com/519522125107875