In the following, we inform you how the Hamburg Sustainability Conference gGmbH (hereinafter “HSC” or “we”) processes your personal data, what rights you are entitled to and who you can contact if you have any questions about data protection.
In most cases, you can decide which personal data you wish to provide to us. In case you do not wish to provide certain information, we may not be able to offer you certain services. We have marked mandatory information that we require for the provision of our services accordingly.
This information was last updated in March 2025. From time to time, we must make adjustments to reflect actual circumstances or legal or regulatory requirements; please take a look at the data protection information the next time you visit our website to ensure that you are up to date.
Hamburg Sustainability Conference gGmbH
Werner-Otto-Straße 1–7
22179 Hamburg
Tel: + 49 (0) 40 2383 45370
E-Mail office@sustainability-conference.org
You can reach our data protection officer under:
Patrick Liptak
VP Data Protection GmbH
E-mail: info@vpdata.de
If you wish to contact our data protection officer directly, please refer to us.
We process your personal data when you visit our website and when you contact us.
Your visit to our website
Each time you visit our website, your browser automatically transmits data to our server where it is stored. We process your IP address, type and version of the browser used, time and date of the visit. The IP address is stored anonymously. A personal reference cannot be established.
Legal basis: We process the aforementioned data based on our legitimate interests in accordance with Art. 6 (1) (f) GDPR. Our legitimate interest is to ensure the convenient use and the assessment of the system security and stability of our website.
Storage period: The aforementioned data will be stored in a log file until it is automatically deleted after seven days. Backups are stored for 60 days in encrypted form. The storage period may be longer in individual cases, e.g. if this is necessary for legal prosecution.
Your contact
If you contact us electronically, for example by sending us an e-mail, using the contact form on our website or by calling us, we process your e-mail address, your name and your other contact details as well as the information you provide in the inquiry. In order to be able to answer your written request, we need at least your e-mail address.
Legal basis: We process the aforementioned data based on our legitimate interests in accordance with Art. 6 (1) (f) GDPR. Our legitimate interest is to respond to general inquiries.
Storage period: Your data will only be processed to answer your enquiry and will be deleted immediately after answering, unless there is a contractual relationship, a legal obligation to retain data or a legitimate interest on our part in further storage.
Cookies
We use cookies on our website. Cookies are small text files that contain a randomly generated user ID with which you can be recognized on future website visits. We only use a csrf_https-contao_csrf_token and PHPSESSID cookie for the purpose of the protection from Cross-Site-Request-Forgery-Attacks. This cookie is necessary for the technical functionality of our website and is stored for the duration of your website visit.
Legal basis: We process the aforementioned data based on our legitimate interests in accordance with Art. 6 (1) (f) GDPR. Our legitimate interest is to ensure the system security and stability of our website.
We maintain a publicly accessible profile on various social media platforms. If you use our profile to interact with us (e.g. like or share a post, follow us, write a comment or send us a direct message), we process the data you provide to us for the purpose of contacting you. If we like, share or comment on your posts, the data you have freely published will be made available to our followers on our profile. All information you provide in your profile is publicly visible, i.e. members who log into the network can view it. This also applies to your activities within the service, such as: comments on posts; “Like” marks and the “Follow” function.
Group memberships are also publicly visible. If you share posts, this is set to public by default. You can restrict the visibility of these posts to your contacts in the options.
Legal basis: We process the aforementioned data based on our legitimate interests in accordance with Art. 6 (1) (f) GDPR. Our legitimate interest is to stay in contact with our business partners and interested parties and keeping them informed, as well as up-to-date public relations work and market observation. If you contact us via social media because you are interested in our offer, the request also serves to carry out pre-contractual measures in response to your request; the legal basis is then Art. 6 (1) (b) GDPR.
Newsletter
You can, for example, subscribe to our newsletter on our website. To do this, you have to enter your e-mail address in the field provided on our website. You will then receive a notification e-mail. By clicking on the link contained in this e-mail, you confirm that you wish to receive our newsletter (double opt-in). If you do not click on this confirmation link, you will not receive a newsletter going forward. In order to continuously improve content, data on user behavior (e.g. opening rates of the e-mail and links contained therein) is also processed using web beacons and similar technologies.
Legal basis: The legal basis for this data processing is Art. 6 (1) (a) GDPR. You can revoke your consent to the processing as part of the newsletter subscription at any time with effect for the future. For this purpose, you will find an unsubscribe link in every newsletter.
Storage period: Your data for sending the newsletter will be stored for as long as you have subscribed to it. This data will then be deleted.
Information for previous event participants
In addition, we send promotional emails to previous event participants with information about our events and services.
Legal basis: The legal basis for processing this data is Art. 6 (1) (f) GDPR. Our legitimate interest is to advertise to previous event participants.
We would like to inform you that you can object to receiving this information and to the processing for the purpose of providing this information at any time without incurring any costs other than the transmission costs according to the basic rates. You have a general right to object without providing reasons in accordance with Art. 21 (2) GDPR. You can declare your objection by sending us a message (see the contact details in the section “Name and contact details of the controller”). We will delete your data at the latest after your objection.
We process personal data when we you register for our events and when you participate in one.
Event registration
If you register for one of our events on our website, by e-mail or via an invitation link that we send you, we process your personal data to the extent necessary for the organization, implementation and follow-up of the event.
The kind of data you are asked to provide depend on the role at the event you are registering for, as participant, speaker, press, crew or partner. These data are: contact data, address data, date and place of birth, data about your organization
You are also asked for optional non-mandatory data, that will allow us to make the interaction with you more specific and improve the conference experience. These data include: gender, title, interests, participation in the conference, job title, industry.
Legal basis: The legal basis for this data processing is Art. 6 (1) (b) GDPR.
Storage period: We store your data for the duration of the organization (including corresponding preparation and follow-up) of the respective event. Any existing statutory retention obligations remain unaffected by this.
Accreditation and reliability checks
As part of the accreditation of individuals working in the designated (security) areas of an event, information that would prevent accreditation for the respective event location for such individuals will be checked in form of a reliability check.
Legal basis: The legal basis for this data processing is Art. 6 (1) (c) GDPR.
Mobile application
When you use our mobile application, we process your registration data to enable you to communicate with other participants and to send you information relevant to your conference program.
Legal basis: The legal basis for this data processing is Art. 6 (1) (b) GDPR.
Event attendance
When you attend our events we will process your contact and attendance data in order control the admission to the event.
Legal basis: The legal basis for this data processing is Art. 6 (1) (b) GDPR.
Photo and video recordings during events
We take photos and video recordings at events and publish them afterwards. The recordings are used for advertising on our website, in press releases, campaigns and to document the event online and offline.
Legal basis: We process the aforementioned data based on our legitimate interests in accordance with Art. 6 (1) (f) GDPR. Our legitimate interest is to document the event and to increase the visibility of HSC in public and to publicize our activities.
If legally necessary you will be informed about any publication in advance, as well as about the specific publication channels, and asked for your consent. In this case the legal basis for data processing is Art. 6 (1) (a) GDPR. You can revoke your consent at any time with effect for the future. All you need to do is send a brief note to the contact details provided.
Reimbursement of travel expenses
In the case of reimbursement of travel expenses, we process the costs incurred and travel data by submitting a reimbursement form.
Legal basis: The legal basis for this data processing is Art. 6 (1) (b) GDPR.
We will only transfer your data if we are legally permitted to do so. If we transfer your data to a country that is neither part of the EU nor the EEA and for which there is no adequacy decision by the EU Commission, we will take all necessary measures to secure the respective data processing. This includes, for example, standard contractual clauses of the EU Commission. On request we will provide you with a copy of the suitable safeguards.
We may pass on your data as follows, unless already mentioned separately above:
Unless already mentioned separately above, we store your personal data for as long as is necessary to achieve the respective purpose, in particular for the fulfillment of our legal and contractual obligations. Once the purpose has ceased, this data will be deleted unless the law allows us to continue storing it for specific purposes, including the defense of legal claims. In addition, we may need to store your data for billing purposes. We are subject to statutory retention and documentation obligations to retain documents for between two and ten years.
As a data subject, you are entitled to the following rights if the applicable requirements are met:
You also have the right under Art. 77 GDPR to lodge a complaint with a supervisory authority of your choice about our data processing. Our registered office is in Berlin. The supervisory authority responsible for us is:
Der Hamburgische Beauftragte für Datenschutz und Informationsfreiheit
Ludwig-Erhard-Str.22, 20459 Hamburg, Germany.
Furthermore, you have the right to object (Art. 21 GDPR) if we process data on the basis of Art. 6 (1) (f) GDPR. Please note that in the case of data processing for purposes other than direct marketing, reasons must be given that arise from your particular situation. You can declare your objection by sending us a message (see the contact details in the section “Name and contact details of the controller”).
If we process your personal data on the basis of your consent, you can withdraw your consent with effect for the future. You can declare your revocation by sending us a message (see the contact details in the section “Name and contact details of the controller”).
Last updated March 8, 2025