Who is responsible for collecting data on this website?
Data collected on this website is processed by the website operator. The operator’s contact details can be found in the website’s Imprint.
How do we collect your data?
First, your data is collected when you communicate it to us. This could, for example, be data you enter on a contact form.
Other data is automatically collected by our IT systems when you visit our website. This data is primarily technical data (for example, the browser and operating system you are using, or when you visited our website). This data is collected automatically as soon as you access our website.
What do we use your data for?
Some data is collected to ensure the proper functioning of the website. Other data can be used to analyse your user behaviour.
What are your rights regarding your data?
You have the right to request information about your stored data, where it came from, who received it, and the purpose for which it was collected, at any time and at no expense. You also have the right to request the rectification, blocking or erasure of this data. You can contact us at any time at the address stated in the Imprint if you have any further questions regarding the subject of data protection. You also have the right to lodge a complaint with the competent supervisory authority.
Analytics and third-party tools
II. Data protection in detail
It is generally possible to use the PREUSS MESSE website without providing personal data. However, if a data subject wishes to make use of special services provided by our company, it may be necessary to process personal data. If processing personal data is necessary and there is no legal basis for such processing, we generally obtain the consent of the data subject.
PREUSS MESSE, as data controller, has implemented numerous technical and organisational measures to ensure the most comprehensive protection of personal data processed via this website. Nevertheless, web-based data transmission may have security gaps so that absolute protection cannot be guaranteed. Therefore, every person is free to transmit personal data to PREUSS MESSE by alternative means, for example by telephone.
Personal data means any information relating to an identified or identifiable natural person (referred to hereinafter as the “data subject”). An identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person.
A data subject is any identified or identifiable natural person, whose personal data is processed by the controller responsible for the processing.
Processing means any operation or set of operations which is performed on personal data or on sets of personal data, whether or not by automated means, such as collection, recording, organisation, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure or destruction.
Restriction of processing
Restriction of processing means the marking of personal data stored in order to limit their future processing.
Profiling means any form of automated processing of personal data consisting of the use of personal data to evaluate certain personal aspects relating to a natural person, in particular to analyse or predict aspects concerning that natural person’s performance at work, economic situation, health, personal preferences, interests, reliability, behaviour, location or movements.
Pseudonymisation means the processing of personal data in such a manner that the personal data can no longer be attributed to a specific data subject without the use of additional information, provided that such additional information is kept separately and is subject to technical and organisational measures to ensure that the personal data are not attributed to an identified or identifiable natural person.
Controller or controller responsible for processing
Controller or controller responsible for processing means the natural or legal person, public authority, agency or other body which, alone or jointly with others, determines the purposes and means of the processing of personal data. Where the purposes and means of such processing are determined by Union or Member State law, the controller or the specific criteria for its nomination may be provided for by Union or Member State law.
Processor means a natural or legal person, public authority, agency or other body which processes personal data on behalf of the controller.
Recipient means a natural or legal person, public authority, agency or another body, to which the personal data are disclosed, whether a third party or not. However, authorities which may receive personal data under Union law or the law of the Member States within the framework of a particular investigation mandate shall not be regarded as recipients.
Third party means a natural or legal person, public authority, agency or body other than the data subject, controller, processor and persons who, under the direct authority of the controller or processor, are authorised to process personal data.
Consent means any freely given, specific, informed and unambiguous indication of the data subject’s wishes by which he or she, by a statement or by a clear affirmative action, signifies agreement to the processing of personal data relating to him or her.
Name and address of the controller
Controller for the purposes of the General Data Protection Regulation (GDPR), other data protection laws applicable in Member states of the European Union and other provisions related to data protection is:
PREUSS MESSE Baugesellschaft mbH
Am Kamp 1
Phone: + 49-4103-93 33-0
Fax: + 49-4103-15 13 1
Name and address of the data protection officer:
The data protection officer for the controller responsible for processing is:
Arnswalder Str. 34c
+ 49-40-414 89 116
Any data subject may contact our data protection officer directly at any time with any questions or suggestions regarding data protection.
The data subject can prevent cookies from being set by our website at any time by configuring the web browser in use accordingly and therefore permanently object to cookies being set. Furthermore, cookies that have already been set can be deleted at any time via the web browser or other software programs. This is possible in all common web browsers. It may be the case that not all functions on our website are usable if the data subject deactivates cookies in their browser.
Cookie Consent with Borlabs Cookie
Our website uses the Borlabs cookie consent technology to obtain your consent to the storage of certain cookies in your browser and for their data privacy protection compliant documentation. The provider of this technology is Borlabs – Benjamin A. Bornschein, Georg-Wilhelm-Str. 17, 21107 Hamburg, Germany (hereinafter referred to as Borlabs).
Whenever you visit our website, a Borlabs cookie will be stored in your browser, which archives any declarations or revocations of consent you have entered. These data are not shared with the provider of the Borlabs technology.
The recorded data shall remain archived until you ask us to eradicate them, delete the Borlabs cookie on your own or the purpose of storing the data no longer exists. This shall be without prejudice to any retention obligations mandated by law. To review the details of Borlabs’ data processing policies, please visit https://de.borlabs.io/kb/welche-daten-speichert-borlabs-cookie/
Collection of general data and information
Our website collects a variety of general data and information each time a person or an automated system visits our website. This general data and information is stored in our server’s log files. We may record the types and versions of browsers used, the operating system used by the system used for access, the website from which a system used for access accesses our website (so-called referrer), the sub-websites which are accessed via an accessing system on our website, the date and time of access to the website, an Internet protocol address (IP address), the Internet service provider for the accessing system and other similar data and information used for security purposes in the event of attacks on our information technology systems.
It is not possible to associate this general data and information with an identifiable data subject. Instead, this information is required to correctly provide the contents of our website, to optimise the contents of our website as well as related advertising, to ensure the permanent functionality of our information technology systems and the technology of our website, and to provide law enforcement authorities with the information necessary for criminal prosecution in the event of a cyber-attack. This anonymously collected data and information is therefore evaluated by us statistically and with the aim of increasing data protection and data security in our company in order to ultimately be able to ensure the optimum level of protection for the personal data processed by us. Anonymous data in the server log files are stored separately from all personal data provided by any data subject.
If you send an enquiry using the contact form, your details from the contact form, including the contact details you provide, will be stored for the purpose of processing the enquiry and in the event of any follow-up questions. We will not share this data without your consent.
The data entered in the contact form is therefore processed exclusively on the basis of your consent (Art. 6 (1) (a) GDPR). You can revoke this consent at any time. An informal e-mail making this request is sufficient. This does not affect the lawfulness of any data processing carried out before we receive your revocation.
We will retain the data you provide on the contact form until such time as you request its erasure, revoke your consent for its storage, or the purpose for its storage is no longer applicable (e.g. after completely processing your enquiry). Any mandatory statutory provisions, especially those regarding mandatory data retention periods, remain unaffected.
SSL / TLS encryption
This website uses SSL or TLS encryption for security reasons and to protect the transmission of confidential information, such as orders or requests that you send to us as the site operator. You can recognise an encrypted connection in your browser’s address line when it changes from “http://” to “https://” and the lock icon is displayed in your browser’s address bar.
If SSL or TLS encryption is activated, the data you transmit to us cannot be read by third parties.
A data subject may register on the website of the controller responsible for processing by providing personal data. The personal data transmitted to the controller responsible for processing such data is determined by the input form used for registration. The personal data entered by the data subject are collected and stored exclusively for internal use by the controller responsible for processing and for the data subject’s own purposes. The controller may arrange for the data to be transferred to one or more processors, such as a parcel service, who also uses the personal data exclusively for internal use attributable to the controller.
Furthermore, the IP address assigned to the data subject by the data subject’s Internet Service Provider (ISP), along with the date and time of registration, are stored when the data subject registers on the controller’s website. This data is stored in light of the fact that this is the only way to prevent misuse of our services and, if necessary, to enable us to investigate criminal offences and copyright infringements. Accordingly, storage of this data is necessary to protect the respective controller. As a matter of principle, this data is not shared with third parties to the extent there is no legal obligation to do so or there is no need to share such data for criminal prosecution or legal action.
Registration by the data subject, including the voluntary provision of personal data, aids the controller in offering the data subject content or services which, by their nature, can only be offered to registered users. Furthermore, registration by the data subject aids in monitoring the use of the texts published by us and protected by copyright as well as in checking the integration of links and copyright notices, and for our own documentation purposes. In addition, we use the data collected during registration for customer acquisition, most notably for contacting prospective customers by telephone and sending advertising by post and e-mail. Registered users are free to have personal data provided during registration completely erased from the respective controller’s database.
Routine erasure and blocking of personal data
The relevant controller processes and stores personal data of the data subject only for the period required to achieve the purpose for which the data was stored or as provided for by the European Parliament and Council, or any other laws enacted by another regulatory authority to which the controller is subject.
If the purpose for which the data was stored ceases to apply, or if a storage period prescribed by the European Parliament and Council or by another regulatory authority elapses, the personal data will be routinely blocked or erased in accordance with the applicable statutory provisions.
Rights of data subjects
Right to rectification
Any data subject shall have the right granted by the European Parliament and Council to require the controller to confirm whether personal data relating to that data subject are being processed. If a data subject wishes to exercise this right of confirmation, they may contact our data protection officer or another employee of the data controller at any time.
Right of access
Any data subject affected by the processing of personal data shall have the right granted by the European Parliament and Council to obtain, at any time and free of charge, information from the controller concerning the personal data relating to them that is stored and a copy of that information. Furthermore, the European Parliament and Council has granted the data subject access to the following information:
The processing purposes;
The categories of personal data being processed;
The recipients or categories of recipients to whom the personal data have been or will still be disclosed, in particular recipients in third countries or international organisations;
If possible, the envisaged period for which the personal data will be stored or, if not possible, the criteria used for determining that period;
The existence of a right to rectification or erasure of the personal data concerning the data subject or of a restriction of the processing by the controller or a right to object to such processing;
The existence of the right to lodge a complaint with a supervisory authority;
Where personal data are not collected from the data subject, all available information as to the origin of the data;
The existence of automated decision-making, including profiling, referred to in Article 22 (1) and (4) of the GDPR and, at least in those cases, meaningful information about the logic involved, as well as the significance and envisaged consequences of such processing for the data subject.
Furthermore, the data subject has a right of access to information as to whether personal data have been transferred to a third country or to an international organisation. If this is the case, the data subject shall also have the right to obtain information on the appropriate guarantees in connection with the transfer.
If a data subject wishes to exercise this right of information, they may contact our data protection officer or another employee of the respective controller at any time.
Right to rectification
Each data subject shall have the right granted by the European Parliament and Council to request the immediate rectification of inaccurate personal data concerning them. Taking into account the purposes of the processing, the data subject has the right to request the immediate rectification of inaccurate personal data concerning the data subject as granted by the European Parliament and Council.
If a data subject wishes to exercise this right to rectification, they may, at any time, contact our data protection officer or any employee of the respective controller.
Right to erasure
Any data subject affected by the processing of personal data has the right granted by the European Parliament and Council to obtain from the controller the erasure of personal data concerning them without undue delay where one of the following grounds applies and to the extent that such data is not required for processing:
The personal data are no longer necessary in relation to the purposes for which they were collected or otherwise processed.
The data subject withdraws consent on which the processing is based according to Art. 6 (1) (a) of the GDPR, or Art. 9 (2) (a) of the GDPR, and where there is no other legal ground for the processing.
The data subject objects to the processing pursuant to Article 21 (1) of the GDPR and there are no overriding legitimate grounds for the processing, or the data subject objects to the processing pursuant to Article 21 (2) of the GDPR.
The personal data have been unlawfully processed.
The personal data have to be erased for compliance with a legal obligation in Union or Member State law to which the controller is subject.
The personal data have been collected in relation to the offer of information society services referred to in Art. 8 (1) of the GDPR.
If one of the above-mentioned reasons applies and a data subject wishes to have personal data erased, they may contact our data protection officer or another employee of the respective controller at any time. The data protection officer or other employee will then arrange for the erasure request to be complied with without undue delay.
Where the controller has made the personal data public and is obliged pursuant to Art. 17 (1) of the GDPR to erase the personal data, the controller, taking account of available technology and the cost of implementation, shall take reasonable steps, including technical measures, to inform controllers which are processing the personal data that the data subject has requested the erasure by such controllers of any links to, or copy or replication of, those personal data to the extent such data is not required for processing. Our data protection officer or another employee will initiate the necessary steps on a case-by-case basis.
Right to restriction of processing
Any data subject affected by the processing of personal data has the right granted by the European Parliament and Council to obtain from the controller restriction of processing where one of the following applies:
The accuracy of the personal data is contested by the data subject, for a period enabling the controller to verify the accuracy of the personal data.
The processing is unlawful, and the data subject opposes the erasure of the personal data and requests the restriction of their use instead.
The controller no longer needs the personal data for the purposes of the processing, but they are required by the data subject for the establishment, exercise or defence of legal claims.
The data subject has objected to processing pursuant to Article 21 (1) of the GDPR pending the verification whether the legitimate grounds of the controller override those of the data subject.
If one of the above conditions is met and a data subject wishes to have the processing of their personal data restricted, they may contact our data protection officer or another employee of the respective controller at any time. The data protection officer or another employee will then arrange for processing to be restricted.
Right to data portability
Any data subject affected by the processing of personal data has the right granted by the European Parliament and Council to receive the personal data concerning them, which they have provided to a controller, in a structured, commonly used and machine-readable format. In addition, the data subject also has the right to transmit those data to another controller without hindrance from the controller to which the personal data have been provided, as long as the processing is based on consent pursuant to Art. 6 (1) (a) of the GDPR or Art. 9 (2) (a) of the GDPR, or on a contract pursuant to Art. 6 (1) (b) of the GDPR, and the processing is carried out by automated means, as long as the processing is not necessary for the performance of a task carried out in the public interest or in the exercise of official authority vested in the controller. Furthermore, in exercising their right to data portability pursuant to Art. 20 (1) of the GDPR, the data subject shall have the right to have personal data transmitted directly from one controller to another, where technically feasible and when doing so does not adversely affect the rights and freedoms of others.
To exercise the right to data portability, the data subject may contact the data protection officer appointed by us or another employee at any time.
Right to object
Any data subject affected by the processing of personal data has the right granted by the European Parliament and Council to object at any time, for reasons arising from their specific situation, to the processing of personal data concerning them under Article 6 (1) (e) or (f) of the GDPR. This also applies to profiling based on these provisions.
PREUSS MESSE will no longer process personal data in the event of an objection, unless we demonstrate compelling legitimate grounds for the processing of data which override the interests, rights and freedoms of the data subject or for the establishment, exercise or defence of legal claims.
If PREUSS MESSE processes personal data in order to carry out direct advertising, the data subject has the right to object at any time to the processing of personal data for the purpose of such advertising. This also applies to profiling insofar as it relates to such direct advertising. If the data subject objects to our processing for direct marketing purposes, we will no longer process the personal data for these purposes.
To exercise the right of objection, the data subject may contact our data protection officer or another employee directly. In the context of the use of information society services, and notwithstanding Directive 2002/58/EC, the data subject may exercise their right to object by automated means using technical specifications.
Your right to lodge a complaint with a supervisory authority
You have a right to lodge a complaint with the competent supervisory authority: The competent supervisory authority for data protection issues is the State Commissioner for Data Protection [Landesdatenschutzbeauftragter] of the federal state in which in which our company is based:
Independent Centre for Data Protection, Schleswig-Holstein
Marit Hansen, State Commissioner for Data Protection, Schleswig-Holstein
Holstenstraße 98, D-24103 Kiel
Phone: + 49 4 31/988-1200
Fax: + 49 4 31/988-1223
Automated individual decision-making, including profiling
Any data subject affected by the processing of personal data has the right granted by the European Parliament and Council not to be subject to a decision based solely on automated processing, including profiling, which produces legal effects concerning them or similarly significantly affects them, provided the decision is not necessary for entering into, or performance of, a contract between the data subject and a data controller, is authorised by Union or Member State law to which the controller is subject and which also lays down suitable measures to safeguard the data subject’s rights and freedoms and legitimate interests, or is based on the data subject’s explicit consent.
If the decision is necessary for entering into, or performance of, a contract between the data subject and a data controller or is based on the data subject’s explicit consent, we shall implement suitable measures to safeguard the data subject’s rights and freedoms and legitimate interests, at least the right to obtain human intervention on the part of the controller, to express his or her point of view and to contest the decision. If the data subject wishes to assert rights relating to automated decisions, they may contact our data protection officer or another employee of the respective controller at any time.
Right to revoke consent
Any data subject affected by the processing of personal data has the right granted by the European Parliament and Council to revoke consent to the processing of personal data at any time.
If the data subject wishes to exercise their right to revoke their consent, they may contact our data protection officer or another employee of the respective controller at any time.
Sharing content via plugins (Facebook, Google+1, Twitter, etc.)
The content on our web pages can be shared on social networks such as Facebook, Twitter or Google+ in accordance with data protection regulations. This site uses the eRecht24 Safe Sharing Tool for this purpose. This tool establishes direct contact between these networks and users only if the user actively clicks on one of the buttons.
This tool does not automatically transfer user data to the operators of these platforms. If the user is logged in to one of the social networks, an information window appears when clicking on a social button from Facebook, Google+1, Twitter, etc. in which the user can confirm the text before sending it.
Our users can share the contents of this site in social networks in compliance with data protection regulations without complete surfing profiles being created by the network operators.
Analysis tools and advertising
This website uses Google Analytics, a web analysis service. The operator is Google Inc, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA.
Google Analytics uses so-called “cookies”. Cookies are text files stored on your computer that enable analysis of how you use our website. As a rule, the information generated by the cookie about your use of the website will be transmitted to and stored by Google on servers in the United States.
Google Analytics cookies are stored on the basis of Art. 6 (1) (f) GDPR. The website operator has a legitimate interest in analysing user behaviour in order to optimise both its website and its advertising.
We have activated the IP anonymisation function on this website. Your IP address will be shortened by Google within the European Union or other parties to the Agreement on the European Economic Area prior to transmission to the United States. Only in exceptional cases will the full IP address be transmitted to a Google server in the United States and shortened there. Google will use this information on behalf of the operator of this website to evaluate your use of the website, to compile reports on website activities for website operators, and to provide additional services related to the use of the website and the Internet. The IP address transferred by your browser in connection with Google Analytics will not be associated with other data held by Google.
You can also prevent Google from collecting the data generated by the cookie that relates to your use of the website (including your IP address) as well as prevent Google from processing such data by downloading and installing the browser plugin available at the following link: https://tools.google.com/dlpage/gaoptout?hl=de.
Objection to data collection
You can prevent Google Analytics from collecting your data by clicking on the following switch.
An opt-out cookie is then set which prevents the future collection of your data when visiting this website:
Contract data processing
We have entered into a contract with Google for the outsourcing of our data processing and fully implement the strict requirements of the German data protection authorities when using Google Analytics.
Demographic data collection by Google Analytics
This website uses the “demographic features” function of Google Analytics. This allows reports to be created that contain information on the age, gender and interests of site visitors. This data comes from interest-related advertising by Google and from visitor data from third-party providers. This data cannot be associated with any specific person. You can disable this feature at any time from your Google Account ad preferences or opt-out of Google Analytics collecting your information as described in the “Opt-out of data collection” section.
Google Analytics remarketing
Our website uses the functions of Google Analytics Remarketing in connection with the cross-device functions of Google AdWords and Google DoubleClick. The operator is Google Inc, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA.
This feature makes it possible to link target audiences for promotional marketing created with Google Analytics Remarketing to the cross-device capabilities of Google AdWords and Google DoubleClick. This allows advertising to be displayed based on your personal interests – identified based on your previous usage and surfing behaviour on one device (e.g. your mobile phone) – on other devices (such as a tablet or computer).
Once you have given your consent, Google will associate your web and app browsing history with your Google Account for this purpose. As a result, the same personalised advertising messages can be delivered to every device you sign in to with your Google Account.
To support this feature, Google Analytics collects Google authenticated user IDs that are temporarily linked to our Google Analytics data to define and create cross-device ad targeting.
You can permanently opt out of cross-device remarketing/targeting by turning off personalised advertising in your Google Account. To do so, follow this link: https://www.google.com/settings/ads/onweb/.
The aggregation of data collected in your Google Account is based solely on your consent, which you may grant or withdraw from Google (Art. 6 (1) (a) GDPR). For data collection operations that are not merged into your Google Account (for example, because you do not have a Google Account or have opposed the merge), the collection of data is based on Art. 6 (1) (f) GDPR. The website operator has a legitimate interest in analysing anonymous user behaviour for promotional purposes.
Google AdWords and Google Conversion Tracking
This website uses Google AdWords. AdWords is an online advertising program from Google Inc, 1600 Amphitheatre Parkway, Mountain View, CA 94043, United States (“Google”).
We use so-called conversion tracking within the scope of Google AdWords. When you click an ad delivered by Google, a cookie for Conversion Tracking is stored on your computer. Cookies are small text files that your web browser stores on your computer. These cookies expire after 30 days and are not used to personally identify users. If the user visits certain pages of this website and the cookie has not yet expired, Google and we are able to recognise that the user has clicked on the ad and has been redirected to the respective page.
Each Google AdWords customer receives a different cookie. These cookies cannot be tracked via the websites of AdWords customers. The information obtained using the conversion cookie is used to create conversion statistics for AdWords customers who have opted in to conversion tracking. Customers see the total number of users who clicked on their ad and were redirected to a page equipped with a conversion tracking tag. However, advertisers do not obtain any information that can be used to personally identify users. If you do not want to participate in tracking, you can opt out of this by easily disabling the Google Conversion Tracking cookie by changing your browser settings. If you do so, you will not be included in the conversion tracking statistics.
“Conversion cookies” are stored on the basis of Art. 6 (1) (f) GDPR. The website operator has a legitimate interest in analysing user behaviour in order to optimise both its website and its advertising.
We use “Google reCAPTCHA” (hereinafter “reCAPTCHA”) on our websites. This service is provided by Google Inc., 1600 Amphitheater Parkway, Mountain View, CA 94043, USA (“Google”).
reCAPTCHA is used to check whether the data entered on our website (such as on a contact form) has been entered by a human or by an automated program. To do this, reCAPTCHA analyses the behaviour of the website visitor based on various characteristics. This analysis starts automatically as soon as the visitor accesses the website. To perform this analysis, reCAPTCHA evaluates various information (e.g. IP address, how long the visitor has been on the website, or mouse movements made by the user). The data collected during the analysis is forwarded to Google.
The reCAPTCHA analyses run entirely in the background. Visitors to the website are not informed that an analysis is taking place.
Data processing is performed on the basis of Art. 6 (1) (f) GDPR. The website operator has a legitimate interest in protecting their website offers against abusive automated spying and SPAM.
Consumer Flow Analytics
We have concluded a contract processing contract with make better GmbH and fully implement the strict requirements of the German data protection authorities when using ConsumerFlow.
Plugins and tools
This website uses plug-ins of the video portal Vimeo. The provider is Vimeo Inc., 555 West 18th Street, New York, New York 10011, USA.
If you visit one of the pages on our website into which a Vimeo plug-in has been integrated, a connection to Vimeo’s servers will be established. As a consequence, the Vimeo server will receive information as to which of our pages you have visited. Moreover, Vimeo will receive your IP address. This will also happen if you are not logged into Vimeo or do not have an account with Vimeo. The information recorded by Vimeo will be transmitted to Vimeo’s server in the United States.
If you are logged into your Vimeo account, you enable Vimeo to directly allocate your browsing patterns to your personal profile. You can prevent this by logging out of your Vimeo account.
The use of Vimeo is based on our interest in presenting our online content in an appealing manner. Pursuant to Art. 6 Sect. 1 lit. f GDPR, this is a legitimate interest. If a corresponding agreement has been requested (e.g. an agreement to the storage of cookies), the processing takes place exclusively on the basis of Art. 6 para. 1 lit. a GDPR; the agreement can be revoked at any time.
Google Web Fonts (local embedding)
This website uses so-called Web Fonts provided by Google to ensure the uniform use of fonts on this site. These Google fonts are locally installed so that a connection to Google’s servers will not be established in conjunction with this application.