Data protection information
for webinars via GoTo Webinar

Data protection information for webinars via GoTo Webinar

Our company attaches great importance to the protection of personal data and respects your wish for privacy. In the following, we inform you about the collection of personal data when using our webinar events, conducted via GoTo Webinar. If you have any further questions regarding the handling of your personal data, please do not hesitate to contact our data protection officer.

I. Responsible body

Responsible for the processing of your personal data is the

COMPIRICUS GmbH
Graf-Adolf-Platz 6
40213 Düsseldorf
Germany

T +49 211 64949-300
F +49 211 64949-599

info@compiricus.de
www.compiricus.de

II. Data protection officer

You can reach our data protection officer at datenschutz@x1f.one

External:

X1F GmbH | Sebastian Raguse

Nymphenburger Str. 1 | 80335 München

Mobile: +49 162 2913464 | E-Mail: datenschutz@x1f.one

III. Your personal data

Personal data within the meaning of the General Data Protection Regulation is any information relating to an identified or identifiable natural person (hereinafter “data subject”).

As part of your webinar registration, we process the following personal data provided by you:

  • First name
  • Last name
  • Valid email address
  • Company/Organisation (Optional)
  • Job title (optional)

We have marked optional details both in the registration form and here.

While conducting the webinars, we also process the following personal data:

  • When using the chat and question window: Your messages- Presence (time of entry and exit)
  • User details (displayed username, e-mail address, if applicable).

IV. Purposes of the data processing

We process your personal data for the following purposes and based on the following legal grounds:

  • To carry out the webinars you have booked and enable your participation, Art. 6 (1) p. 1 lit. b GDPR (necessity for fulfilment of contract).
  • To facilitate communication with our webinar participants, Art. 6 (1) p. 1 lit. a GDPR (your consent).
  • To send invitations to webinars to enable you to participate and to enable us to keep track of participants, Art. 6 (1) p. 1 lit. a GDPR (your consent) or, in some cases, Art. 6 (1) p .1 lit. f GDPR (our legitimate interest in achieving well-attended webinars).
  • For the proper guarantee and IT security of our IT systems, Art. 6 (1) p. 1 lit. f GDPR (our legitimate interest in the protection, availability, and functionality of our systems).
  • To facilitate communication and improve the webinar results through active participation, you can activate your camera and microphone. The processing of the video and/or audio recordings is voluntary by enabling the camera and/or microphone, so that Art. 6 (1) p. 1 lit. a GDPR (your consent) is the legal basis. You can revoke your consent at any time with effect for the future by revoking the release of the camera and/or microphone (i.e. by setting it to OFF/deactivating it). The same applies to the use of the chat function regarding the processing of text data: Here you can revoke by not composing any more chat messages.
  • In the context of a possible recording of the webinars: In order to make these recordings available to you for your records, Art. 6 (1) p. 1 lit. a GDPR (your consent) and for uploading to YouTube, Art. 6 (1) p. 1 lit. a GDPR (your consent). For more details, see section VIII.

There is no automated decision-making in the sense of Art. 22 GDPR.

V. Recipients of your data

1. GoTo Technologies Ireland Unlimited Company

We use the software GoTo Webinar, from the provider GoTo Technologies Ireland Unlimited Company, The Reflector, 10 Hanover Quay, Dublin 2, D02R573, Ireland (hereinafter also “GoTo”), to organise and conduct webinars.

GoTo Webinar can be used as follows:

  • As a client application
  • Via the mobile app with your tablet, smartphone, etc.
  • As a web application via your web browser.

When you use GoTo Webinar, GoTo receives and processes the following of your personal data:

  • When using the chat: your messages
  • Your details in a survey asked in GoTo Webinar
  • Presence (time of entry and exit)
  • User details (displayed username, e-mail address if applicable)
  • Meeting metadata (e.g. date, time, meeting ID, phone numbers, location, duration of the conversation)
  • Service-generated data (IP address of the user, anonymised UserID of the user, ID of the GoTo webinar and of the tenant)

In order to enable the display of video and the playback of audio, the data from the microphone of your terminal device as well as from any video camera of the terminal device will be processed during the duration of the webinar. You can switch off or mute the camera or microphone yourself at any time via the GoTo Webinar applications.

Insofar as GoTo Technologies Ireland Unlimited Company processes your personal data on our behalf, we ensure that the provisions of the data protection laws are complied with in the same way within the framework of commissioned processing pursuant to Art. 28 GDPR.

We have integrated GoTo Technologies Ireland Unlimited Company as a data protection compliant processor. In addition, the GoTo company itself uses further sub-processors. In these respective legal relationships, the respective agreements on commissioned processing within the meaning of Art. 28 (3) GDPR apply.

We make a point of processing your data within the EU / EEA. However, when using the GoTo Webinar software from the service provider GoTo Technologies Ireland Unlimited Company, data is also processed outside the EU / EEA. Third countries, i.e. states outside the EU and the EEA, do not in most cases have a level of data protection comparable to the GDPR. We have therefore ensured that an appropriate level of data protection comparable to the standards within the EU is established at the recipient before transferring your personal data. In this case, this is done via EU standard contractual clauses.

The privacy policy of GoTo Technologies Ireland Unlimited Company can be found here: https://www.goto.com/de/company/legal/privacy/international

2. Participant

The recipients of the content expressed by you, posted or shown in the chat are still the participants in the respective webinar.

VI. LinkedIn

If you visit our LinkedIn company page and use it to register for a webinar from us, we are jointly responsible with LinkedIn Ireland Unlimited Company, Wilton Place, Dublin 2, Ireland (https://www.linkedin.com/help/linkedin/solve) for processing your personal data.

We operate our LinkedIn page to inform and communicate with you as a user and interested party of our offer. In accordance with LinkedIn’s terms of use, which each user has agreed to as part of creating a LinkedIn profile, we may

  • Identify the subscribers to the site
  • and their profiles
  • as well as other shared information from them.

For example, your LinkedIn name and profile picture are visible to us (and other LinkedIn users) when you visit our site or comment on posts by us.

When you register for our webinar offers, which we advertise on our LinkedIn page, we collect the data required for this purpose, as already described in section III. As a matter of principle, we only collect the personal data that we need to fulfil our purposes as described in section IV. We only collect additional data on a voluntary basis, i.e. with your consent.

LinkedIn uses cookies, i.e. small text files that are stored on the various end devices of the users, to store and further process the data. According to LinkedIn, the cookies used by LinkedIn are for authentication, security, preferences, features and services, personalised advertising, and analysis and research. Details of the cookies used by LinkedIn can be viewed here: https://de.linkedin.com/legal/cookie-policy.

The privacy policy of LinkedIn contains further information on data processing. Further data protection information on our data processing within LinkedIn can be found here.

The operation of the LinkedIn page including the processing of the users’ personal data is carried out on the basis of Art. 6 (1) p. 1 lit. f GDPR to protect our legitimate interest in timely communication and interaction with our users and visitors.

The legal basis for the processing of your data via our LinkedIn page when registering for one of our webinars is your consent pursuant to Art. 6 (1) sentence 1 lit. a GDPR and, insofar as the processing is necessary to fulfil the webinar contract, Art. 6 (1) sentence 1 lit. b GDPR.

VII. storage period and deletion

When you register for a webinar, we store your personal data during the contractual relationship and beyond for as long as we need the data or we are legally obliged to do so (e.g. possible obligation to retain data for tax reasons). A requirement for storage may exist in particular if the data is still needed to fulfil contractual services and to be able to check or grant/refuse warranty and possibly guarantee claims.

In the case of a recording in which personal data of our webinar participants becomes apparent, this will be stored and used until you withdraw your consent to the recording. If you withdraw your consent to the recording, we will endeavour to remove/cut content in which you are identifiable (video content, audio, chat messages from you or to you) from the recordings. In this case, the uncut version will be immediately removed from YouTube, our website or other publishing platforms and replaced with the cut version.

Unless it is not possible or practical to edit out your content, the entire recording will be destroyed and removed from the platforms.

After the respective retention period has expired or the legal basis for retaining your data no longer applies, we delete it immediately.

VIII. Record

The technical option to record or transcribe webinars is generally deactivated by default. However, in some cases we would like to make a recording.

However, in no case do we do this without your knowledge and also not without transparent information about the planned recording. In addition, we obtain your voluntary consent to recording before recording – where necessary.

During a webinar, you decide yourself whether you want to write something in the chat or question window. Please also bear this in mind when you write something in the chat as part of a recording of your chat messages.

If you do not want your text to be recorded in the chat and question window, you have the option to refrain from writing in the chat and question window.

If you voluntarily write messages in the chat and question windows and consent to the recording, then you have the possibility to revoke your consent at any time with effect for the future. You can revoke by stopping the use of the chat function with regard to the processing of text data: Here you can revoke by not writing any more chat messages.

If it is necessary for the purposes of logging the results of a webinar, we will log the chat content independently of any recording. However, this will not usually be the case.

IX. Your rights

We will be happy to provide you with information on whether personal data relating to you is being processed; if this is the case, you have a right to information on this personal data and to the information listed in detail in Art. 15 GDPR. In addition, you have the right to rectification (Art. 16 GDPR), the right to restriction of processing (Art. 18 GDPR), the right to erasure (Art. 17 GDPR) and the right to data portability (Art. 20 GDPR) under the respective legal conditions.

You have the right to object to the processing under the legal conditions (Art. 21 GDPR):

You have the right to object at any time, on grounds relating to your particular situation, to the processing of personal data concerning you which is carried out on the basis of Article 6 (1) sentence 1 lit. e or f GDPR; this also applies to profiling based on these provisions. We will then no longer process the personal data unless we can demonstrate compelling legitimate grounds for the processing which override your interests, rights and freedoms, or the processing serves to assert, exercise or defend legal claims.

If personal data are processed for the purpose of direct marketing, you have the right to object at any time to the processing of personal data concerning you for the purpose of such marketing; this also applies to profiling insofar as it is related to such direct marketing. In the event of your objection to processing for the purpose of direct marketing, we will no longer process your personal data for these purposes.

To exercise your above rights, please contact us by e-mail at datenschutz@compiricus.de or by post at COMPIRICUS GmbH, Graf-Adolf-Platz 6, 40213 Düsseldorf. The exercise of your above rights is free of charge for you.

Without prejudice to these rights and the possibility of seeking any other administrative or judicial remedy, you may at any time exercise your right to lodge a complaint with a supervisory authority, in particular in the Member State of your residence, place of work or place of the alleged infringement, if you consider that the processing of personal data relating to you infringes data protection rules (Article 77 of the GDPR).

The supervisory authority responsible for us is:

Landesbeauftragte für Datenschutz und Informationsfreiheit Nordrhein-Westfalen,
Kavalleriestraße 2-4,
40213 Düsseldorf

X. Is there an obligation to provide your personal data?

There is no obligation to provide your personal data. However, if you do not agree to the data processing that takes place within the framework of the webinar and GoTo Webinar, you cannot use the services provided.

Processing that requires consent is exempt from this; it is always subject to consent, so you can participate in the webinar without consenting to the relevant processing that requires consent (e.g. you can participate in the webinar without being recorded if you turn your camera/sound OFF and do not send chat messages).