Privacy Policy

The data controller responsible for data processing on this website is Sicherheitsnetzwerk München e.V., c/o Fraunhofer AISEC, Lichtenbergstraße 11, 85748 Garching, Germany (Email: info@security-network-munich.org).

In some cases, we may necessarily need to involve other service providers, for example, when you register for an event. This is because some events are organized in collaboration with other partners, and we use dedicated event platforms to handle registrations and payments.

At no time do we sell your data. All our contractors are vetted according to strict standards and must comply with European data protection law.

Data Sharing Notice

This event is jointly organized by Bayern Innovativ and Sicherheitsnetzwerk München e.V.

In order to manage the event (e.g. registration, name badge printing and participant lists), the personal data provided during registration may be shared between the organizing partners.

The data will be used solely for the purpose of organizing and conducting the event.

Legal Basis for Processing

We may only process personal data with a valid legal basis. Under applicable law, there are 4 bases we rely on:

Consent – When you consent to the processing. This will be apparent when we ask for your consent. You can withdraw your consent at any time.
Contractual Obligations – If we have a contractual relationship with you, we may and must store and process the personal data necessary for fulfillment. This also applies to pre-contractual measures required to conclude the contract.
Legal Obligations § – We may be required by European or German law to retain or disclose certain data.
Balancing of Interests (Legitimate Interest) ⚖ – Processing under legitimate interest is permissible insofar as it is necessary to safeguard our legitimate interests or those of a third party, and your interests and fundamental rights/freedoms do not override them. We will inform you in these notices when we rely on legitimate interests and what they are.

If you find the symbols above in the text, you will know which processing we carry out on which basis.

Our Website

When you simply visit our website, your browser automatically transmits the following data to our servers:

Purely Informational Use

The following information is always sent to our servers when you visit the website:

Usage Data * Visited websites * Date and time of the visit
Metadata * IP address * Date and time of the request * Time zone difference to Greenwich Mean Time (GMT) * Content of the request (specific page) * Website from which the request comes * Information about your browser (e.g., version, language, installed fonts) * Information about your operating system (e.g., version, language) * Any other information your browser automatically sends based on the HTTP protocol

This information is technically necessary for us to present the requested website to you. We have a legitimate interest in providing you with a modern website.

Our website is hosted by Plus Hosting Grupa d.o.o., Valturska 82, 52100 Pula, Hrvatska. The privacy policy of Plus Hosting Grupa d.o.o. can be found here: https://plus.hr/pravne-informacije/uvjeti-koristenja/

We automatically delete all server logs after 7 days. We keep the logs for this time to detect suspicious activities and protect our infrastructure from attacks. If we suspect misuse of our website, we may store the relevant logs longer to support legal action if necessary.

Contact

When you contact us, we receive and store the additional information you send us. We will use this information to answer your inquiry. For this, we usually need the following information from you: * Email * Name * Associated company * Your message and the subject

The basis for this processing is either our contractual obligation if you contact us regarding events we organize, or our legitimate interest in answering your inquiry if you make a general request. We delete your data as soon as we have fully answered your inquiry and there are no further retention obligations.

Third Parties

Microsoft Forms

For event pre-registration and to collect inquiries (e.g., “Sign up here” or “Call for Startups”), we use the “Microsoft Forms” service provided by Microsoft Ireland Operations Limited, One Microsoft Place, South County Business Park, Leopardstown, Dublin 18, Ireland. When you submit a form, the data you enter (such as your name and email address) is transmitted to and stored on Microsoft servers. We use this data solely to process your request and keep you informed about the event. The legal basis for this processing is your consent (Art. 6 Para. 1 lit. a GDPR) or our legitimate interest in efficiently managing event inquiries (Art. 6 Para. 1 lit. f GDPR). For more information on how Microsoft handles your data, please refer to their privacy policy: https://privacy.microsoft.com/en-us/privacystatement.

Google

We use services and platforms operated by Google Ireland Ltd., Gordon House, Barrow Street, Dublin 4, Ireland (“Google”). Google’s privacy policy can be found here: https://policies.google.com/privacy Google provides further information regarding ad settings: https://adssettings.google.com/authenticated

YouTube

On some of our web pages, we have embedded videos from the YouTube platform, which is operated by Google. When you visit a web page with an embedded video, Google learns which web page you visited, which IP address you use, when you accessed the page, and which video is embedded. To store further information about your interaction with the video (e.g., your position in the video), Google stores cookies in your browser. Our legitimate interest for embedding YouTube is the modern communication of our events. You can change your settings for displayed advertising on Google, in particular to turn off personalized advertising, by following this link: https://adssettings.google.com/authenticated

Google Fonts

We use Google Fonts, a service provided by Google. Our legitimate interest here is the secure, maintenance-free, and efficient provision of fonts. When you visit our website, your browser automatically connects to Google’s servers to download the embedded and required fonts. In doing so, Google learns which website you have accessed and which IP address you are using. This information is only used to load the embedded fonts and to keep statistics on how popular certain fonts are. Google has published an FAQ on this: https://developers.google.com/fonts/faq#what_does_using_the_google_fonts_api_mean_for_the_privacy_of_my_users

Streavent

For event registration and related inquiries, we use the event platform of Streavent UG (haftungsbeschränkt), Germany, acting as our data processor. The data you provide is processed solely for the organisation and delivery of the event. The legal basis is Art. 6(1)(b) GDPR and, where applicable, Art. 6(1)(f) GDPR. Further information is available in our privacy notice.

Storage Duration

Unless otherwise stated in this privacy policy, we store your data as long as necessary for the duration of our business relationship with you. This also includes the initiation and execution of a contract. Storage beyond this is possible if there is a legal retention obligation, for example, from the tax code or the commercial code. In this case, the data will be securely stored for the duration of the retention period and then deleted as long as they are no longer required. When storing and processing based on consent, we store your data until you withdraw your consent.

Social Media

We operate the following social media presences:

Twitter page:
https://x.com/MCSC_org

Two pages on LinkedIn:
https://www.linkedin.com/company/security-network-munich
https://de.linkedin.com/showcase/munich-cyber-security-conference

YouTube channel :
https://www.youtube.com/channel/UCpqbZ3EHzAsF9Zbd3J1dCdw

We use these presences to announce our collaborations and events. The social media platforms described in more detail below collect data about your behavior and interests when you visit our presences and partially provide us with an anonymized analysis of visitor groups and interactions. This processing of your data is based on our legitimate interest in better understanding our target groups according to Art. 6 Para. 1 S. 1 lit. f) GDPR. In addition, the data may be processed by the social media platforms for their own market research and advertising purposes. Cookies may be stored on your computer to evaluate usage behavior. Other data about your devices, internet connection, or location may also be collected and, if applicable, linked to your account. A user profile may be created about you even if you are not logged into the social media platforms or do not have an account. These profiles can be used to show you tailored advertisements on various platforms. How the social media platforms use the data from visiting the presences for their own purposes, and how long the social media platforms store this data, is not clearly stated by the social media platforms and is not known to us beyond the processing mentioned above. It may happen that your data is processed outside the European Union when you visit our social media presences. Please refer to the privacy policies of the individual platforms to learn how your data is protected in a third country in this case.

Twitter is a social media platform offered by Twitter International Company, One Cumberland Place, Fenian Street, Dublin 2, D02 AX07, Ireland, with the parent company Twitter, Inc., 1355 Market Street #900, San Francisco, California 94103. Twitter’s privacy notices can be found here: https://www.twitter.com/en/privacy Information about Twitter’s privacy settings can be found here: https://help.twitter.com/en/safety-and-security/twitter-privacy-settings To change privacy settings regarding personalized advertising, follow these instructions: https://help.twitter.com/en/safety-and-security/privacy-controls-for-tailored-ads
LinkedIn is a business platform offered by LinkedIn Ireland Unlimited Company, Wilton Place, Dublin 2, Ireland, with the parent company LinkedIn Corporation, 1000 W. Maude Ave., Sunnyvale, California 94085. We have concluded an agreement on joint controllership with LinkedIn, which you can access here: https://legal.linkedin.com/pages-joint-controller-addendum. In summary, LinkedIn declares itself responsible for all processing operations regarding your personal data on the platform. They also declare themselves responsible for implementing data subject rights. You have the right at any time to assert your data subject rights regarding our LinkedIn page and the Page Insights running on it against LinkedIn or us. If you contact us, we will forward your request directly to LinkedIn for an answer. LinkedIn’s privacy policy can be accessed here: https://www.linkedin.com/legal/privacy-policy If you have an account with LinkedIn, you can adjust your privacy settings at https://www.linkedin.com/psettings/.
YouTube is a video portal and network offered by Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland. Google’s privacy policy can be accessed here: https://policies.google.com/privacy If you have an account with YouTube or Google, you can adjust your advertising settings at https://adssettings.google.com/authenticated. You can set whether your Web & App Activity is recorded by Google, a Location History is saved, and whether your YouTube searches are saved at https://myaccount.google.com/activitycontrols.

Your Rights

You can assert the following rights against us at any time. We may ask you to confirm your identity in some cases to prevent misuse. * Right to information * Right to rectification or erasure * Right to restriction of processing * Right to data portability * Right to lodge a complaint with a supervisory authority

Your Right to Object You can also object to processing based on our legitimate interest (⚖) if our balancing of interests should turn out differently due to your particular situation.

How We Protect Your Data

We have taken technical and organizational measures to protect your data. When you visit our website, all data is transmitted to our servers in encrypted form. This makes intercepting the information you transmit significantly more difficult.