Privacy Policy

In the following we would like to inform visitors about the collection of personal data pursuant to the GDPR when registering for an event.

We refer to Visitor as are (professional) visitors, speakers, congress presidents, scientific staff, students, chairpersons, authors, co-authors, contributors to programme commissions or other persons wishing to attend an event. Personal data pursuant to the definition of the GDPR includes all data which relates to you in person such as your name, address, e-mail addresses, user patterns for example.

The general information of part A generally apply. Part B applies additionally, when Visitors register Online for an event. Part C applies additionally, when visitors register on-site at the counter. Section D also applies if the event is a virtual event.

Part A: General Information

§ 1 Contact details of the Controller & of the Data Protection Officer

We, the Städtisches Klinikum Karlsruhe gGmbH, Molktestr. 90, D-76133 Karlsruhe, 0721 974-0, are the Controller for this website [] in accordance with Article 4 Para 7 of the EU General Data Protection Regulations (GDPR).   If you have a privacy or data security issue, please contact our Privacy Officer at the following contact details:

Datenschutzbeauftragter des Städtischen Klinikums Karlsruhe
Moltkestr. 90
76133 Karlsruhe


§ 2 General Information, Definitions

(1) We are organizers of various scientific congresses (hereinafter referred to as "events") and we offer customers the opportunity to participate in events as visitors.

For the organisation of these events we use m:con – mannheim:congress GmbH, Rosengartenplatz 2, 68161 Mannheim (in the following: m:con) as a service provider.

m:con is  an organisation specialising inter alia in planning, organising and staging events of all types, in particular, however, congresses (of a medical and scientific nature), (scientific) meetings, general shareholder meetings, trade fairs, exhibitions, seminars, specialist training events as well as other commercial events. The events will be staged in the Congress Center Rosengarten Mannheim or other event venues by us as event organiser or as a service provider for other event organisers.

(2) Please find below information about how we collect your personal data when you use our website or our services. Personal data includes all data which relates to you in person such as your name, address, e-mail addresses, user patterns for example.

(3) In addition to you being able to use our website simply for information purposes, we offer various services which you may use if you are interested in them. To do so, you will, as a rule, have to divulge additional personal information, which we use to render the respective service and for which the data processing principles named above will apply.

(4) The terms of this data protection declaration correspond to those of the GDPR. In addition, the following terms are used:

Visitors, are (professional) visitors, speakers, congress presidents, scientific staff, students, chairpersons, authors, co-authors, contributors to programme commissions or other persons wishing to attend an event.

(5) Sometimes we avail ourselves of the services of external service providers to process your data. These were carefully selected and contracted by us; they are obliged to follow our instructions and area subjected to regular checks.

(6) Furthermore, we may forward your personal details to third parties if sales campaigns, lotteries, sales contracts or similar services are offered by us together with associates. You will receive more detailed information about this when submitting your personal data or further below in the description of what we offer.

(7) Insofar as our service providers or associates are based in a country outside the European Economic Area (EEA), we shall inform you of the consequences of this circumstances in the description of the offer.

§ 3 Collection of personal data when you contact us

(1)  When you contact us by e-mail or via a contact form the data you give (your e-mail address and possibly your name and telephone number) will be saved by us so that we can reply to your query. The data collected in such cases is deleted when it no longer becomes necessary to save it, or processing is restricted if there are statutory retention periods. The legal basis is Article 6 Para 1 S. 1 a GDPR. If the aim of you making contact with us is to enter into a contract with us, the additional legal basis for processing shall consequently be Article 6 Para 1 S. 1 b GDPR.

(2) If we resort to contracting service providers to provide individual functions or wish to use your data for advertising purposes, we shall inform you in detail below about the respective procedures. In doing so we shall also name the stipulated criteria governing the length of the retention period.

§ 4 Inclusion in the customer management system

(1) Our service provider, m:con, uses customer management software and processes data, including personal data, with it for the purposes of

  • better maintenance of customer or business relations (e.g. documentation, quality management, drawing up offers),
  • organising, planning and realising events,
  • maintenance of the customer database
  • and for direct marketing reasons, in order to send visitors information and offers for events that are realised by the responsible position.

This data includes data that was collected from you in the framework of the explanations in §3 to §9, that you provided, or that were collected from other sources legitimately in accordance with Article 5 and Article 6 of the GDPR EU.  

(2) The legal basis for processing data is Article 6 (1) points a and f GDPR EU, from the mandatory fields Article 6 (1) point b, GDPR EU.

§ 5 Your rights

(1)  You have the following rights against us with regard to the personal data relating to you:

  • The right to information,
  • The right to have data corrected or deleted,
  • The right to have data processing restricted,
  • The right to object to data being processed,
  • The right to data being transferrable.

(2)    Moreover, you have the right to lodge a complaint with a data protection supervisory body about your personal data being processed.

§ 6 Objection to, or revocation of, consent to your data being processed

(1)    If you have consented to your data being processed, you may revoke this at any time. Once you have notified us that you have revoked your consent it will no longer be legal for us to process your data.

(2)    Insofar as we process your personal data on the basis of a balance of interests, you may object to your data being processed. This will be the case if processing in particular is not required to fulfil a contract with you, which will be shown by us in each case with the following description of functions. When exercising your right to raise such an objection, we would ask you to tell us the reasons why your personal data should not be processed by us. In the event that objection being justified, we shall review the circumstances and either stop processing your data or change the way in which we process your data or submit our compelling reasons for processing your data which merit protection, on the basis of which we would continue to process your data.

(3)    You may of course object at any time to your personal data being processed for the purposes of advertising and data analysis. You may inform us of your objection to your data being processed by contacting us. The contact details are listed in § 1.

§ 6 Storage

We erase collected data once storage is no longer necessary, or if you have made use of your right to object or your right to erasure, and if statutory storage obligations (such as documentation for accounting reasons under the German Commercial Code or the German VAT Act) or our legitimate interest in accordance with Art. 6 (1) point f GDPR do not preclude this.

Based on statutory storage periods it may be that data must be stored for up to 10 years.

Our legitimate interests here consists in (i) making contact to initiate a contract, (ii) improved management of customer or business relations, (iii) their documentation, (iv) complaints and quality management, (v) reasons of direct marketing, in order to send you information about and offers of events that we carry out or look after, or (vi) in the event of a renewed business contact to respond to your query faster and more target-oriented and to prepare a more customised offer for you, and (vii) defending against claims or (viii) asserting and, where applicable, enforcing our claims for payment in the event of payment defaults, for which purpose we will also draw up a legal file, where required.

Part B: Online-Registration

§ 1 Collection of personal data when you visit our website

(1)  We shall only collect the personal data which your browser passes over to our server if you are just using our website for information purposes. If you wish to look at our website, we will collect the following data, which we need to have for technical reasons in order to show you our website and to ensure stability and security (the legal basis for this is Article 6 Para 1 P 1 f GDPR):

–   IP address

–   Date and time of the enquiry

–   Time zone difference to Greenwich Mean Time (GMT)

–   Content of the request (specific webpage)

–   Access status/HTTP status code

–   Data volumes sent in each case

–   Website, from which the request emanates

–   Browser

–   Operating system and its user interface

–   Language and version of browser software.

(2) In addition to the data named above, cookies will be saved on your computer when you use our website. Cookies are small dedicated text files saved on your hard disk of the browser used by you and through which the body setting the cookies (us in this case) will receive specific information. Cookies cannot carry out programmes or pass on viruses to your computer. They serve to make the website more user-friendly and more effective overall.

(3) The use of cookies:

a.)  This website uses the following type of cookies, the scope and mode of operation is described below:

–         Transient cookies (see b below)
–         Persistent cookies (see c below).

b.)  Transient cookies are deleted automatically when you close down the browser. These include in particular session cookies. These save a so-called session ID with which various enquiries made by your browser allow themselves to be dedicated to a joint session. As a result of this your computer can be recognised again if you return to our website. The session cookies are deleted when you log out or close down your browser.

c.)  Persistent cookies are automatically deleted following a pre-determined amount of time has elapsed which may differ from cookie to cookie. You may delete the cookies in your browser’s security settings at any time.

d) You may configure your browser setting as you wish and reject third party cookies or all cookies. We would point out that you may possible be unable to use all the functions on this website if you reject all cookies.

(4) This website uses various types of cookies the scope and mode of operation of which you can see in the tabular list in Section 12 below.

§ 2 User account and registering for events

(1) If you want to visit an event, you must set up a user account and register for the relevant event. There is no provision for a guest user account and registering for an event without setting up a user account.

(2) Personal data that are processed in the framework of the registration process are differentiated as to whether you

    • attend the event only as a visitor,
    • submit, assess or review programme contributions,
    • or make use of other services that we supply or facilitate in this context, such as
      1. applying for continuing medical education points and for the issue of continuing medical education certificates from the state medical board
      2. booking/reserving hotel accommodation
      3. meals and hospitality (catering services)
      4. coordinating lecture processing (accepting or declining invitations to lectures

(3) When you set up a user account for the first time to register for events, or a customer account to submit a programme contribution, we collect your contact data (title, surname, given name, address, email address) and request you to choose a user name and a password. This information is then used to set up a user account. You can use this login data (user name and password) to log in in future and make use of additional services.

If you set up a user account on behalf of a third party, we process the data that you provide. In this case you must ensure that you have the right to provide the data.

You are obliged to treat your login data as confidential, not pass it to third parties and to keep it in such a way that third parties are unable to acquire knowledge – even by accident. You are also obliged not to enable  third parties to use your user account by means of your login data.

If you have cause to fear that third parties have gained access to your login data or it has been misused, you are obliged to inform us of this without delay in writing or by email.

You are liable in principle for all activities that are carried out using your user account, unless you are not responsible for the misuse because there is no breach of existing duties of care.

§ 3 Participation in events as a visitor

(1) It is possible to register for events with the issue of a user account.

(2) The registration process is preceded by a preliminary query regarding the type of participation. Through this preliminary query we find out whether a participant is entitled to discounts. To check the entitlement for discounts it is necessary to collect additional data.

If the preliminary query “Education/studying” is selected, unless otherwise specified, following your registration you must send study records for checking. Records must be transmitted via the “Upload” function. Alternatively, you will be requested to send your records to the appropriate registration contact via email or fax. If you have any queries, you can contact the competent partner for the event; the contact information is indicated in the registration process.

If you select the preliminary query “Membership”, your data is reconciled with the information that the relevant issuer of the “membership” supplied (specialised medical association, society, federation etc.).

(3) The booking process starts after termination of the preliminary query and the selection of “start booking”. Here you can select the individual (fee-based) parts of the event (visit to the event, participation in the workshop, a course or other parts of the event).

Mandatory data for implementing the registration process is marked with an asterisk. Processing of data from these fields takes place for the performance of the contract.

  • Data required for the performance of services is marked in mandatory fields.

The legal basis for processing data from mandatory fields is Article 6 (1) b of the European General Data Protection Regulation (GDPR EU).

  • The provision of data in voluntary fields, e.g. subscribing to newsletters, or information for marketing purposes, is done voluntarily. This voluntarily provided information enables us
    • to let you as a visitor have targeted specialist information before the event,
    • to improve arrangements for future events following the event,
    • and to respond to your interests in a targeted manner.

With this input you yourself decide which data we receive from you. Declarations of consent are issued on a voluntary basis. You may refuse your consent without adverse consequences and may also withdraw your consent at any time after you have given it.

The legal basis for processing data from optional fields is Article 6 (1) a and f GDPR EU.

  • Conclusion of the booking process

Before concluding a registration process, submitting programme contributions and coordinating them, or making use of other services, click the button to confirm that you have noted our standard terms and conditions and data protection provisions, or, in the case of a telephone order, provide an oral declaration of consent that you have noted the data protection provisions that apply at this time and consent to them.

Following this, you will receive a summarised booking overview of the selected event parts before you select the payment method in the next booking step and conclude your registration for participation by confirming the standard terms and conditions.

The legal basis for processing data from mandatory fields is Article 6 (1) b, f European General Data Protection Regulation (GDPR EU).

  • Payment processing

Within the online booking process we offer payment using a credit card (American Express, Mastercard and Visa).

Depending on the payment method you select, the data required for processing the order is transmitted to the corresponding payment services provider or where applicable collected directly from you.

The payment services provider is responsible for your payment data.

  • Payment processing for the SEPA direct debit scheme and credit cards is carried out through the payment services provider Computop Wirtschaftsinformatik GmbH, Schwarzenbergstr. 4, D-96050 Bamberg and Condardis GmbH, Helfmann-Park 7, 65760 Eschborn. For further information on data protection provisions see Computop’s data protection declaration at or the declaration from Concardis at

The legal basis for procedures in the context of payment processing and of any payment claims and enforcement is Art. 6 (1) point b GDPR. The legal basis for procedures in the context of tax audits and the preparation of annual financial statements is Art. 6 (1) point c GDPR.

§ 4 Coronavirus attendance documentation

Due to the Coronaviraus Ordinance of the State of Berlin, certain designated persons are obliged to maintain attendance documentation. These designated persons include event organisers, operators of various types of venues, and hotels.

In the legitimate interest of the participants (avoidance of repeat documentation), the other parties obliged to keep attendance records (organisational effort), the facilitation of the work of the health authorities (facilitation of tracking including the avoidance of duplications) as well as in the interest of avoiding of the spread of the coronavirus (general health interest as well as avoidance of queues on site when filling out forms), attendance documentation is to be filled out in advance as part of the registration process. After completing the documentation, the following data is passed on to the responsible health authority as part of the tracing procedures in the case of confirmed infections:

  • first and last name,
  • phone number,
  • full address
  • attendance time and
  • seat or table number, if applicable.

§ 5 Tabular list of cookies

Statistic-cookies help website visitors to understand how visitors interact with websites by information being collected anonymously.







Persistent Cookie, http

Identification Cleverreach Acounts

14 days



Persistent Cookie, http

Identification Mailing-ID

14 days



Persistent Cookie, http

Identification Mailing-ID

14 days



Transiente Cookies

Identification user session




Transiente Cookies

Providing information in the participant Check-in module (administrative)




Transiente Cookies




Transiente Cookies




Transiente Cookies

Identification backend user




Transiente Cookies

Identification backend user



Tabular list of cookies

§ 6 Security certificates

This website, including its web pages uses encrypted transmission to guarantee security when personal data is sent. The level of security offered by encrypted transmission satisfies the requirements of certificates.

Part C: On-Site-Registration at the counter

§ 1 Participation at an event as visitors at the counter

Setting up an account and registering for the event is also necessary when a visitor registers on site at the counter. The account and the registration process will be handled by the counter personnel, by entering the information of the On-Site-Form you provided. With the On-Site-Form only compulsory data will be collected. The payment has to be made on-site in cash, per credit-card (American express, mastercard or visa) or by debit card.

Part D: Virtual events

For virtual events, i.e. events not dependent on location and without physical presence, or hybrid events with a location-based physical presence component as well as a virtual component, the following supplementary regulations from section A apply:

§ 1 Notes on data protection

Virtual and hybrid events are events which take place in whole or in part independent of location with or without physical presence. For participation in these types of events, the participant is connected using a technological device (laptop, PC, tablet, etc.) and a personal access authorisation.

External service providers support connection with the event. The personal data processed when the participants are granted access is subject to Article 6(1)b of the European Data Protection Regulation (EU GDPR). Data is solely processed in relation to the specific purposes described. More detailed information can be found on the respective websites of the service providers.

  • Streaming platform/live stream/live stream support
  • Conference preparation/recording of presentations/compilation of sessions/live session support
  • Recording of live sessions/communication tool

§ 2 Third party provisions

For online participation in the event, the following technical provisions (minimum technical requirements) must be observed:

  • device: desktop PC/laptop/tablet or smartphone
  • the latest browser version - ideally Google Chrome
    • Internet Explorer is now obsolete and therefore not a suitable browser for participation in the digital conference
  • a stable internet connection