Privacy Policy

We handle your personal data confidentially and in accordance with the provisions of the applicable data protection laws as well as with this Data Protection Notice. With the following information we inform you about the nature, scope and purposes of the collection and processing of personal data.

This information is intended for the visitors and users of our web pages and mobile applications (hereinafter referred to collectively as “Website”), for persons with an interest in standardization activities, bidders in requests for proposal, members, business partners, customers and visitors to our events. 

1. Identity of the data controller

VDE Verband der Elektrotechnik Elektronik Informationstechnik e. V.
Represented by the Executive Board
Stresemannallee 15
60596 Frankfurt am Main
Germany

Phone +49 69 6308-0
service@vde.com

(hereinafter referred to as “VDE“, “we” or “us”) is the data controller.

2. Data Protection Officer

You can contact our Data Protection Officer at: 
Data Protection Officer VDE
Verband der Elektrotechnik Elektronik Informationstechnik e.V.
Stresemannallee 15
60596 Frankfurt am Main, Germany

Phone +49 69 6308-0
datenschutz@vde.com

3. Personal data

Personal data is information that can be used to identify a person, i.e. information that can be traced back to a person. This typically includes their name, e-mail address or phone number. However, purely technical data that can be ascribed to a person is also to be considered personal data.

Among other things, we process the following types of personal data in the normal course of proceedings:

  • Information for personal identification, e.g. first name and last name, private address, date of birth, place of birth, gender, work-related photographs, private landline and/or mobile number, private e-mail addresses, academic title, job title;
  • Memberships in individual VDE committees;
  • Access data for the individual VDE committee pages;
  • Key points of interest of members and experts;
  • Training or studies, including dates;
  • Participation in events;
  • Industry/employer/company/organizations;
  • Photos/videos;
  • Bank account details;
  • Collection data (debtors, address details, etc.)

4. Overview of individual procedures/legal bases

We process your personal data using the procedures described below for these defined purposes:

4.1. Membership administration

We process your data in order to fulfil the purposes under our articles of association and to administer our membership database. This processing may be performed using applications.
Legal basis:
We process this data in accordance with Art. 6 (1) b) GDPR. Under this legal basis, data processing is lawful if it is necessary for the performance of a contract to which the data subject is party. The purpose of membership administration is the performance of the membership contract between us and the member.

4.2. New member acquisition

We process your data to acquire new members.
Legal basis:
We process this data in accordance with Art. 6 (1) a) GDPR. Data processing is lawful if the data subject has consented to the processing of personal data about them for one or more specific purposes.
We also process this data in accordance with Art. 6 (1) f) GDPR. Data processing is lawful if there is a legitimate interest of the controller (in this case: direct marketing to acquire new members), without violating the interests or basic rights of the data subject.

4.3. Compensation and reimbursement of travel expenses

We process data for compensation and the reimbursement of travel expenses.
Legal basis:
We process this data in accordance with Art. 6 (1) b) GDPR. Under this legal basis, data processing is lawful if it is necessary for the performance of a contract to which the data subject is party. The purpose of compensation and the reimbursement of travel expenses is the performance of the contract between us and the member or expert.

4.4. Processing for standardisation purposes and committee work

We process personal data of our members and experts in order to invite you to events, committee meetings and standardisation groups and for the purposes of reporting to other standardisation organisations like DIN, CEN and CENELEC and international standardisation organisations like ISO and IEC.
Legal basis:
We process this data in accordance with Art. 6 (1) b) GDPR. Under this legal basis, data processing is lawful if it is necessary for the performance of a contract to which the data subject is party. Invitations to these events on standardisation work form part of the performance of the membership contract or the contract between us and the expert.

4.5. Processing for information, presentation and marketing purposes

We process data for information, presentation and marketing purposes in printed and digital advertising materials and on our website.
Legal basis:
We process this data for information, presentation and marketing purposes only on the basis of consent given in accordance with Art. 6 (1) a) GDPR. This authority allows for the processing of personal data when you have given consent to the processing of your personal data for one or more specific purposes.

4.6. Processing for invitations to VDE events

We process data for invitations to events arranged by VDE and the departments (ITG, GMM etc.), training courses, exchange meetings and delegate conferences in order to inform you about these events in accordance with the purpose of VDE as set out in its articles of association.
Legal basis:
The legal basis for the above data processing is Art. 6 (1) f) GDPR. This statutory permission allows for the processing of personal data as part of the controller’s “legitimate interest”, provided that your fundamental rights, fundamental freedoms or interests are not overriding. We have a legitimate interest in providing information about our events.

4.7. Processing for performance of events

We process data from members, experts and other third parties in order to perform VDE events to which you have signed up.
Legal basis:
We process this data in accordance with Art. 6 (1) b) GDPR. Under this legal basis, data processing is lawful if it is necessary for the performance of a contract to which the data subject is party. Data is processed in order to perform a contract in relation to the event.

4.8. Surveys

We process your data to conduct questionnaires, surveys or interviews in order to tailor our services to the needs of our members.
Legal basis:
We process this member data in accordance with Art. 6 (1) b) and f) GDPR. Data processing is lawful if it is necessary for the performance of a contract to which the data subject is party; or the controller has a legitimate interest (in this case, the member satisfaction surveys to fulfil the purposes of the articles of association), without violating the interests or basic rights of the data subject.

5. Overview of individual procedures on our Website

Personal data are processed on our Website during the following procedures:

5.1. Contact

We process the information provided by you when contacting us (such as via contact form or e-mail) exclusively for handling your query.

Legal basis:
We process this data in accordance with Art. 6 (1) f) GDPR. Accordingly, the processing of personal data is allowed as part of the controller’s “legitimate interest”, provided that your fundamental rights, fundamental freedoms or interests are not overriding. We have a legitimate interest in processing your inquiry. If contact is aimed at the conclusion of a contract, an additional legal basis for processing is Article 6 (1) b) GDPR. Under this legal basis, data processing is lawful if it is necessary for the performance of a contract to which the data subject is party or in order to take steps at the request of the data subject prior to entering into a contract.

The personal data saved as part of this contact are deleted once the matter associated with the contact has been resolved in full and it can also be presumed that this particular contact will not be relevant again in future.

 

5.2. Cookies

Our Website uses different types of cookies. Technically required cookies are processed on the basis of Art. 6 (1) f) GDPR. We have a legitimate interest in the error-free presentation of our content. Cookies that are not needed for technical operations (performance cookies, functional cookies and marketing cookies), are used with your consent on the basis of Art. 6 (1) a) GDPR. Complete information on the use of cookies, your consent, and your right of withdrawal can be found in our Cookie Notice.

5.3. Social plugins

We use social plugins from social networks (e.g. Facebook, Twitter, Xing, LinkedIn and YouTube) on our Website. You can use these functions to share specific content of the Website with your friend on the respective social networks or to recommend this content.

Please note that we do not use any social plugins that automatically collect data during your time on the Website and forward this data to the operators of the social media platforms.
We would also like to point out that the data collected in conjunction with the social plugins can be shared exclusively between your browser and the operator of the social networks. We have no knowledge of the content, the processing or the scope of the data that is collected and transferred. With this in mind, we recommend that you read the current privacy notices of the respective social network providers. The address of each social plugin provider and the URL with their privacy notices can be found at:

5.4. Embedded YouTube videos

Playback of the YouTube videos embedded in our Website uses the YouTube video platform, operated by YouTube, LLC, 901 Cherry Ave. San Bruno, CA 94066, USA (“YouTube”). Data (including personal data) is also transmitted in the process to YouTube as the controller. We have no influence over the processing of this data by YouTube. For more information about the scope and purpose of the data collected and its further processing and use by YouTube, about your rights and the data protection options you can select, please see YouTube’s privacy policy.

5.5. Newsletter and updates

We use the information you enter on our Website, e.g. title, academic title, first name, surname and e-mail address to send you the newsletter and event updates.
Once you have registered on our Website, we e-mail you at the address to request your confirmation in order for you to subscribe to our newsletter and to event updates. If you do not confirm your registration within [24 hours], your information is blocked and deleted. We also save the IP addresses you used and the times of registration and confirmation. The purpose of this procedure is to verify your registration and to be able to investigate any misuse of your personal data.
This data processing is based on your consent, which you gave upon subscribing to the newsletter and the event updates.
Legal basis:
Pursuant to Arti. 6 (1a) GDPR, data processing is permitted if you have given consent for data processing for one or more specific purposes.
Your consent to sending the newsletter and to the event updates can be withdrawn at any time. An e-mail sent to the Data Protection Officer is sufficient for this.
The personal data saved during subscription to the newsletter and to the event updates are deleted if you have successfully unsubscribed from the newsletter and the event updates.

6. Image, sound and media recordings

VDE is entitled, but not obliged, to take photographs, record films or make other media recordings at its events or to arrange for this to be done.

These recordings are made for publication, presentation and information purposes, including on our Website, in VDE publications, on social media and in the press. 

Participants who do not wish to be photographed or otherwise recorded are requested to inform the seminar leader or event staff accordingly.

Legal basis:
We process this data in accordance with Art. 6 (1) f) GDPR. Under this legal basis, processing for the purposes of the “legitimate interest” by the controller is lawful if the processing is required to protect the legitimate interests of the controller or of a third party, except where such interests are overridden by the interests or fundamental rights and freedoms of the data subject which require protection of personal data, in particular where the data subject is a child. 

We have a legitimate interest in our public relations activities and in presenting the events and activities of VDE in order to provide interesting insights into the activities of VDE .

Extensive information in accordance with Art. 13 GDPR can be found in the notes that are available at the participant reception desk.

7. Recipients of personal data

As a matter of principle, your personal data is processed by us. VDE transmits data to third parties (in particular, to international standards organisations) only when there is a corresponding legal basis; in particular, this is the case if consent has been given to such transmission, if this is required in order to perform a contract, if this is justified by the balance of interests – particularly within the VDE Group – or if this is necessary in order to comply with statutory requirements obliging us to provide, report or pass on data.

Some of the software applications we use for data processing are hosted by VDE Services GmbH, Frankfurt am Main, Germany. VDE Services GmbH acts solely and exclusively on our behalf and in accordance with our instructions. VDE Services GmbH is regularly checked by us. VDE Services GmbH is a subsidiary of VDE e.V.

Various VDE events are performed by EW Medien und Kongresse GmbH, Kaiserleistr. 8A, 63067 Offenbach am Main, Germany. EW Medien und Kongresse GmbH acts solely and exclusively on our behalf and in accordance with our instructions. EW Medien und Kongresse GmbH is regularly checked by us.

We also commission external service providers that act on VDE’s behalf and in accordance with VDE’s instructions.

Within VDE, the internal offices and departments only receive the personal data that is necessary and required to perform the respective tasks.

8. Processing of your data in a third country

Data is transmitted to parties in countries outside the European Union (EU) or the European Economic Area (EEA) (“third countries”) when there is a corresponding legal basis, e.g. if consent has been given, if this is required in order to perform a contract or if this is required by law.

Personal data can be transmitted to (standards) organisations in third countries outside the EU/EEA that do not have an adequate level of data protection approved by the EU Commission if you have provided your express consent.

Your data may also be processed in a third country as a result of the involvement of service providers in processing.

If there is no adequacy decision by the European Commission concerning an adequate level of data protection for the respective country, we conclude corresponding contracts in order to ensure that your rights and freedoms are adequately protected and guaranteed in line with EU data protection regulations. Corresponding information are available on request from VDE.

9. Data security

The personal data processed by us is treated confidentially and suitable technical and organisational precautions are used to protect it from loss and changes as well as unauthorised access by third parties. E-mail communication is not suitable for the unencrypted transfer of confidential information. In order to exchange messages that require protection, we strongly recommend the use of the latest encryption processes.

10. Your rights

If the statutory requirements are met, you have the right to request access to your personal data and data processing (Article 15 GDPR), correctiondeletion and restriction of your personal data and data processing (Articles 16 through 18 GDPR) and transmission of your personal data (Article 20 GDPR).

If the statutory requirements are met pursuant to Article 21 GDPR, you also have a right to object to data processing. If the statutory requirements are met, you can withdraw the consent you have given in full or in part at any time with future effect.

In order to exercise any of these rights, it is sufficient to send an e-mail to: datenschutz@vde.com or a letter to:

Data Protection Officer
VDE Verband der Elektrotechnik Elektronik Informationstechnik e.V.
Stresemannallee 15
60596 Frankfurt am Main, Germany

In accordance with Art. 77 (1) GDPR, you also have the right to complain to the supervisory authority if you are of the opinion that the processing of your personal data is not done in a lawful manner, and in particular that it violates the GDPR.

Address of a supervisory authority:

The Data Protection Officer of Hesse
Gustav-Stresemann-Ring 1
65189 Wiesbaden, Germany

Phone +49 611 1408-0,
poststelle@datenschutz.hessen.de

11. Duration of data storage

We store the personal data using the procedures listed above only as long as needed for the intended purpose or as required by law. (For instance, under commercial and tax laws, for a period of at least six to ten years).

Various data, such as names in standardisation meeting reports or at delegate conferences, is permanently archived for documentation purposes.

12. Voluntary nature of provision of data

You are generally neither legally nor contractually bound to provide your personal data. You are not obliged to provide us with this data. Nevertheless, the provision of the functions of our Website and the execution of an order requires the processing of your personal data. In addition, the collection of certain personal data is necessary because, for example,

  • participation in events, applications,
  • the fulfilment of the membership contract
  • and the performance of standardisation and committee work with VDE

are not possible without this data.