Privacy policy

In the following we would like to inform visitors about the collection of personal data pursuant to the GDPR when registering for an event.

We refer to Visitor as are (professional) visitors, speakers, congress presidents, scientific staff, students, chairpersons, authors, co-authors, contributors to programme commissions or other persons wishing to attend an event. Personal data pursuant to the definition of the GDPR includes all data which relates to you in person such as your name, address, e-mail addresses, user patterns for example.

The general information of part A generally apply. Part B applies additionally, when Visitors register Online for an event. Section C also applies if the event is a virtual event.

Part A: General Information

§ 1 Contact details of the Controller & of the Data Protection Officer

We, the “Deutsche Gesellschaft für Kardiologie – Herz- und Kreislaufforschung e.V.”, Grafenberger Allee 100, 40237 Düsseldorf, Phone: + 49 211 600692-0, e-mail:, are the Controller for this website [] in accordance with Article 4 Para 7 of the EU General Data Protection Regulations (GDPR).

If you have a privacy or data security issue, please contact our Privacy Officer at the following contact details:

Mr. Hans-Peter Fries
@-yet GmbH
Datenschutzbeauftragter der Deutschen Gesellschaft für Kardiologie – Herz- und Kreislaufforschung e.V.
Schloß Eicherhof
42799 Leichlingen

§ 2 General Information, Definitions

(1) We are organizers of various scientific congresses (hereinafter referred to as "events") and we offer customers the opportunity to participate in events as visitors.

For the organisation of these events we use m:con – mannheim:congress GmbH, Rosengartenplatz 2, 68161 Mannheim (in the following: m:con) as a service provider.

m:con is an organisation specialising inter alia in planning, organising and staging events of all types, in particular, however, congresses (of a medical and scientific nature), (scientific) meetings, general shareholder meetings, trade fairs, exhibitions, seminars, specialist training events as well as other commercial events. The events will be staged in the Congress Center Rosengarten Mannheim or other event venues by us as event organiser or as a service provider for other event organisers.

(2) Please find below information about how we collect your personal data when you use our website or our services. Personal data includes all data which relates to you in person such as your name, address, e-mail addresses, user patterns for example.

(3) In addition to you being able to use our website simply for information purposes, we offer various services which you may use if you are interested in them. To do so, you will, as a rule, have to divulge additional personal information, which we use to render the respective service and for which the data processing principles named above will apply.

(4) The terms of this data protection declaration correspond to those of the GDPR. In addition, the following terms are used:

Visitors, are (professional) visitors, speakers, congress presidents, scientific staff, students, chairpersons, authors, co-authors, contributors to programme commissions or other persons wishing to attend an event.

(5) Sometimes we avail ourselves of the services of external service providers to process your data. These were carefully selected and contracted by us; they are obliged to follow our instructions and area subjected to regular checks.

(6) Furthermore, we may forward your personal details to third parties if sales campaigns, lotteries, sales contracts or similar services are offered by us together with associates. You will receive more detailed information about this when submitting your personal data or further below in the description of what we offer.

(7) Insofar as our service providers or associates are based in a country outside the European Economic Area (EEA), we shall inform you of the consequences of this circumstances in the description of the offer.

§ 3 Collection of personal data when you contact us

(1) When you contact us by e-mail or via a contact form the data you give (your e-mail address and possibly your name and telephone number) will be saved by us so that we can reply to your query. The data collected in such cases is deleted when it no longer becomes necessary to save it, or processing is restricted if there are statutory retention periods. The legal basis is Article 6 Para 1 S. 1 a GDPR. If the aim of you making contact with us is to enter into a contract with us, the additional legal basis for processing shall consequently be Article 6 Para 1 S. 1 b GDPR.

(2) If we resort to contracting service providers to provide individual functions or wish to use your data for advertising purposes, we shall inform you in detail below about the respective procedures. In doing so we shall also name the stipulated criteria governing the length of the retention period.

§ 4 Inclusion in the customer management system

(1) Our service provider, m:con, uses customer management software and processes data, including personal data, with it for the purposes of

  • better maintenance of customer or business relations (e.g. documentation, quality management, drawing up offers),
  • organising, planning and realising events,
  • maintenance of the customer database
  • and for direct marketing reasons, in order to send visitors information and offers for events that are realised by the responsible position.

This data includes data that was collected from you in the framework of the explanations in §3 to §9, that you provided, or that were collected from other sources legitimately in accordance with Article 5 and Article 6 of the GDPR EU.

(2) The legal basis for processing data is Article 6 (1) points a and f GDPR EU, from the mandatory fields Article 6 (1) point b, GDPR EU.

§ 5 Your rights

(1) You have the following rights against us with regard to the personal data relating to you:
– The right to information,
– The right to have data corrected or deleted,
– The right to have data processing restricted,
– The right to object to data being processed,
– The right to data being transferrable.

(2) Moreover, you have the right to lodge a complaint with a data protection supervisory body about your personal data being processed.

§ 6 Objection to, or revocation of, consent to your data being processed

(1) If you have consented to your data being processed, you may revoke this at any time. Once you have notified us that you have revoked your consent it will no longer be legal for us to process your data.

(2) Insofar as we process your personal data on the basis of a balance of interests, you may object to your data being processed. This will be the case if processing in particular is not required to fulfil a contract with you, which will be shown by us in each case with the following description of functions. When exercising your right to raise such an objection, we would ask you to tell us the reasons why your personal data should not be processed by us. In the event that objection being justified, we shall review the circumstances and either stop processing your data or change the way in which we process your data or submit our compelling reasons for processing your data which merit protection, on the basis of which we would continue to process your data.

(3) You may of course object at any time to your personal data being processed for the purposes of advertising and data analysis. You may inform us of your objection to your data being processed by contacting us. The contact details are listed in § 1.

§ 7 Storage

We erase collected data once storage is no longer necessary, or if you have made use of your right to object or your right to erasure, and if statutory storage obligations (such as documentation for accounting reasons under the German Commercial Code or the German VAT Act) or our legitimate interest in accordance with Art. 6 (1) point f GDPR do not preclude this.

Based on statutory storage periods it may be that data must be stored for up to 10 years.

Our legitimate interests here consists in (i) making contact to initiate a contract, (ii) improved management of customer or business relations, (iii) their documentation, (iv) complaints and quality management, (v) reasons of direct marketing, in order to send you information about and offers of events that we carry out or look after, or (vi) in the event of a renewed business contact to respond to your query faster and more target-oriented and to prepare a more customised offer for you, and (vii) defending against claims or (viii) asserting and, where applicable, enforcing our claims for payment in the event of payment defaults, for which purpose we will also draw up a legal file, where required.


Part B: Online-Registration

§ 1 Collection of personal data when you visit our website

(1) We shall only collect the personal data which your browser passes over to our server if you are just using our website for information purposes. If you wish to look at our website, we will collect the following data, which we need to have for technical reasons in order to show you our website and to ensure stability and security (the legal basis for this is Article 6 Para 1 P 1 f GDPR):
– IP address
– Date and time of the enquiry
– Time zone difference to Greenwich Mean Time (GMT)
– Content of the request (specific webpage)
– Access status/HTTP status code
– Data volumes sent in each case
– Website, from which the request emanates
– Browser
– Operating system and its user interface
– Language and version of browser software.

(2) In addition to the data named above, cookies will be saved on your computer when you use our website. Cookies are small dedicated text files saved on your hard disk of the browser used by you and through which the body setting the cookies (us in this case) will receive specific information. Cookies cannot carry out programmes or pass on viruses to your computer. They serve to make the website more user-friendly and more effective overall.

(3) The use of cookies:

a.) This website uses the following type of cookies, the scope and mode of operation is described below:
– Transient cookies (see b below)
– Persistent cookies (see c below).

b.) Transient cookies are deleted automatically when you close down the browser. These include in particular session cookies. These save a so-called session ID with which various enquiries made by your browser allow themselves to be dedicated to a joint session. As a result of this your computer can be recognised again if you return to our website. The session cookies are deleted when you log out or close down your browser.

c.) Persistent cookies are automatically deleted following a pre-determined amount of time has elapsed which may differ from cookie to cookie. You may delete the cookies in your browser’s security settings at any time.

d) You may configure your browser setting as you wish and reject third party cookies or all cookies. We would point out that you may possible be unable to use all the functions on this website if you reject all cookies.

(4) This website uses various types of cookies the scope and mode of operation of which you can see in the tabular list in Section 12 below.

§ 2 User account and registering for events

(1) If you want to visit an event, you must set up a user account and register for the relevant event. There is no provision for a guest user account and registering for an event without setting up a user account.

(2) Personal data that are processed in the framework of the registration process are differentiated as to whether you

  1. attend the event only as a visitor,
  2. submit, assess or review programme contributions,
  3. or make use of other services that we supply or facilitate in this context, such as
    1. applying for continuing medical education points and for the issue of continuing medical education certificates from the state medical board
    2. booking/reserving hotel accommodation
    3. meals and hospitality (catering services)
    4. coordinating lecture processing (accepting or declining invitations to lectures).

(3) When you set up a user account for the first time to register for events, or a customer account to submit a programme contribution, we collect your contact data (title, surname, given name, address, email address) and request you to choose a user name and a password. This information is then used to set up a user account. You can use this login data (user name and password) to log in in future and make use of additional services.

If you set up a user account on behalf of a third party, we process the data that you provide. In this case you must ensure that you have the right to provide the data.

You are obliged to treat your login data as confidential, not pass it to third parties and to keep it in such a way that third parties are unable to acquire knowledge – even by accident. You are also obliged not to enable third parties to use your user account by means of your login data.

If you have cause to fear that third parties have gained access to your login data or it has been misused, you are obliged to inform us of this without delay in writing or by email.

You are liable in principle for all activities that are carried out using your user account, unless you are not responsible for the misuse because there is no breach of existing duties of care.

§ 3 Participation in events as a visitor

(1) It is possible to register for events with the issue of a user account.

(2) The registration process is preceded by a preliminary query regarding the type of participation. Through this preliminary query we find out whether a participant is entitled to discounts. To check the entitlement for discounts it is necessary to collect additional data.
If the preliminary query “Education/studying” is selected, unless otherwise specified, following your registration you must send study records for checking. Records must be transmitted via the “Upload” function. Alternatively, you will be requested to send your records to the appropriate registration contact via email or fax. If you have any queries, you can contact the competent partner for the event; the contact information is indicated in the registration process.
If you select the preliminary query “Membership”, your data is reconciled with the information that the relevant issuer of the “membership” supplied (specialised medical association, society, federation etc.).

(3) The booking process starts after termination of the preliminary query and the selection of “start booking”. Here you can select the individual (fee-based) parts of the event (visit to the event, participation in the workshop, a course or other parts of the event).
Mandatory data for implementing the registration process is marked with an asterisk. Processing of data from these fields takes place for the performance of the contract.

a.) Data required for the performance of services is marked in mandatory fields.
The legal basis for processing data from mandatory fields is Article 6 (1) b of the European General Data Protection Regulation (GDPR EU).

b.) The provision of data in voluntary fields, e.g. subscribing to newsletters, or information for marketing purposes, is done voluntarily. This voluntarily provided information enables us

  • to let you as a visitor have targeted specialist information before the event,
  • to improve arrangements for future events following the event,
  • and to respond to your interests in a targeted manner.

With this input you yourself decide which data we receive from you. Declarations of consent are issued on a voluntary basis. You may refuse your consent without adverse consequences and may also withdraw your consent at any time after you have given it.
The legal basis for processing data from optional fields is Article 6 (1) a and f GDPR EU.

c.) Conclusion of the booking process
Before concluding a registration process, submitting programme contributions and coordinating them, or making use of other services, click the button to confirm that you have noted our standard terms and conditions and data protection provisions, or, in the case of a telephone order, provide an oral declaration of consent that you have noted the data protection provisions that apply at this time and consent to them.
Following this, you will receive a summarised booking overview of the selected event parts before you select the payment method in the next booking step and conclude your registration for participation by confirming the standard terms and conditions.
The legal basis for processing data from mandatory fields is Article 6 (1) b, f European General Data Protection Regulation (GDPR EU).

§ 4 Additional services

During the registration process you can also make use of additional services that we provide or facilitate:

(1) CME points
As a separate service for selected events in the medical-scientific field we offer to apply to the competent state medical board for the issue of continuing medical education points, known as CME points, and to issue them, insofar as the preconditions in the relevant continuing medical education regulations of the state medical boards are satisfied.
You must enter the uniform continuing medical education number in the appropriate query field (ENF) to make use of this service. With this input you consent to us forwarding the information required for the issue of a continuing medical education certificate to the competent state medical board.
The input of the uniform continuing medical education number and making use of this service are voluntary. You may refuse your consent without adverse consequences and may also withdraw your consent once given at any time.

(2) Hotel accommodation services

For selected events we offer hotel accommodation services as an additional service (booking or reserving accommodation).
By making use of this service you consent to us transmitting the data required to process this service, e.g. your contact data (title, surname, given name, address, email address) and settlement data (payment type, address for bills, payment data for billing) to the appropriate external service provider (here: accommodation service provider; hotel).

§ 5 Newsletter m:con

(1) Our Newsletter will keep you up to date with our latest offers which may be of interest to you, by selecting this option during the registration process. The goods and services advertised are described in § 2 (1) and include the planning, organising and staging events of all types, in particular, congresses (of a medical and scientific nature), (scientific) meetings, general shareholder meetings, trade fairs, exhibitions, seminars, specialist training events as well as other commercial events. The events will be staged in the Congress Center Rosengarten Mannheim or other event venues by us as event organiser or as a service provider for other event organisers.

(2) The only information you will have to submit should you wish to receive our Newsletter is your e-mail address. Any other separate information you submit will be voluntary and will be used to tailor the Newsletter to your personal interests. Following the receipt of your confirmation we shall store your e-mail address for the purpose of sending you our Newsletter. The legal basis for this is Article 6 Para 1 S 1 letter a GDPR.

(3) You may revoke your consent to being sent the Newsletter at any time and cancel your subscription. All you have to do to cancel your subscription by e-mail is click on the link provided in every Newsletter.

(4) We would draw your attention to the fact that when sending out the Newsletter we shall analyse your usage patterns. To do so the e-mails sent out will include so-called web-beacons or tracking pixels consisting of a single pixel image file which are saved on our website.
Data will only be collected on an anonymised basis. This means that the IDs will not be associated with your other personal details so that it will not be possible to work out who you are.

(5) We use the so-called double opt-in procedure for your subscription to our Newsletter. That means that after you have sent in your consent to us we shall send you an e-mail to your e-mail address requesting your consent. The e-mail will request confirmation that you would like us to send you our Newsletter. Only after we have received your confirmation will we send you our Newsletter. In addition to this, we shall store the IP addresses you have used and the point in time of your subscription and confirmation. The purpose of the procedure is to be able to prove that you wish to receive the Newsletter and if necessary be able to clear up any possible misuse of your personal data.

(6) We use the Newsletter tool of the DIN ISO/IEC 27001 certified company - CleverReach. We use it to produce and manage the Newsletters. The data required from the subscribers to the Newsletter is kept ready web-based on a CleverReach server. Only we, as the Controller, have access to it. The collaboration between us and CleverReach is underpinned by a contractual agreement. The general terms and conditions of business of CleverReach may be downloaded from Secure data handling in compliance with data protection regulations is included in it under the Data Protection section as well as at
The Newsletter tool analyses the reach of the Newsletter. By sending off your data in our Newsletter form you are stating your consent to the data being processed by CleverReach to the extent shown. The used cookies therein are shown separately below within the tabular list.

§ 6 Third-party newsletters

With your consent you can also subscribe to newsletters from third parties, for example from the scientific supporter of the event or of the specialist company, or from organisers for whom m:con looks after the event. There is a separate query for this within the registration process. Because this is a registration for a newsletter from a third party, we are unable to provide any detailed information on the procedure that is used.

§ 7 Tabular list of cookies

Statistic-cookies help website visitors to understand how visitors interact with websites by information being collected anonymously.







Persistent Cookie, http

Identification Cleverreach Acounts

14 days



Persistent Cookie, http

Identification Mailing-ID

14 days



Persistent Cookie, http

Identification Mailing-ID

14 days



Transiente Cookies

Identification user session




Transiente Cookies

Providing information in the participant Check-in module (administrative)




Transiente Cookies




Transiente Cookies




Transiente Cookies

Identification backend user




Transiente Cookies

Identification backend user




§ 8 Security certificates

This website, including its web pages uses encrypted transmission to guarantee security when personal data is sent. The level of security offered by encrypted transmission satisfies the requirements of certificates.


Part C: virtual events

For virtual events, i.e. events not dependent on location and without physical presence, or hybrid events with a location-based physical presence component as well as a virtual component, the following supplementary regulations from section A apply:

§ 1 Notes on data protection

Virtual and hybrid events are events which take place in whole or in part independent of location with or without physical presence. For participation in these types of events, the participant is connected using a technological device (laptop, PC, tablet, etc.) and a personal access authorisation.
External service providers support connection with the event. The personal data processed when the participants are granted access is subject to Article 6(1)b of the European Data Protection Regulation (EU GDPR). Data is solely processed in relation to the specific purposes described. More detailed information can be found on the respective websites of the service providers.

§ 2 Third party provisions

For online participation in the event, the following technical provisions (minimum technical requirements) must be observed:

  • device: desktop PC/laptop/tablet or smartphone
  • the latest browser version - ideally Google Chrome
    • Internet Explorer is now obsolete and therefore not a suitable browser for participation in the digital conference
  • a stable internet connection