Privacy
TEDxLinz is committed to protecting and respecting the privacy of members. We take our responsibilities seriously and will only use the personal data we hold in accordance with the law, especially General Data Protection Regulation (‘GDPR’). This Privacy Notice sets out the basis on which your personal data is handled, stored and shared by us. Please read the following to understand what we do with your information.
Personal data we may collect from you
We will collect and hold a range of different information about you as a Member of TEDxLinz. This allows us to provide the services of the Club and keep in contact with you. This information may include: firstname, lastname, E-mail address, IP-address
Personal data from you is collected if you communicate it to us or technical data is collected automatically when you visit our website. Some of this data is collected to ensure that our website functions correctly. Other data can be used for analysis. In principle, however, you can use our website without having to give us any personal information.
How we use your personal data
We use your personal data to provide the services offered by TEDxLinz. This includes (but is not limited to):
a) Communication and request-handling
b) Speaker nominations for TEDxLinz events
c) Newsletter sending
d) TEDxLinz Event RSVPs
Cookies
What are cookies?
Cookies are text files placed on your computer to collect standard Internet log information and
visitor behavior information. When you visit our websites, we may collect information from you
automatically through cookies or similar technology. For further information, visit allaboutcookies.org.
How do we use cookies?
Our Company uses cookies in a range of ways to improve your experience on our website,
including:
-
Hosting
-
Saving user preferences
What types of cookies do we use?
There are a number of different types of cookies, however, our website uses:
Essential Cookies
These cookies enable core functionality such as security, verification of identity and network management. These cookies can’t be disabled. These could include what language you prefer and location you are in. A mix of first-party and third-party cookies are used.
Enable Marketing Cookies
These cookies are used to track advertising effectiveness to provide a more relevant service and deliver better ads to suit your interests.
Enable Functional Cookies
These cookies collect data to remember choices users make to improve and give a more personalized experience.
Enable Analytics Cookies
These cookies help us to understand how visitors interact with our website, discover errors and provide a better overall analytics. https://support.wix.com/en/article/cookies-and-your-wix-site
How to manage cookies
You can set your browser not to accept cookies, and the above website tells you how to remove
cookies from your browser. However, in a few cases, some of our website features may not
function as a result.
Third Party Sharing
We will not share your information with third parties who intend to use it to send marketing content to you. We will only share your information with third parties that have provided sufficient guarantees in respect of their data security measures. We require all third party contractors to undertake the same security measures that the Club would have to take if we were doing the processing.
Current data processors
Google G Suite
-
Purpose: Forms, Mailing, Document Management
-
Address: The service provider is the American company Google Inc. For Europe, the company Google Ireland Limited (Gordon House, Barrow Street Dublin 4, Ireland) is responsible for all Google services
Google also processes your data in the USA, among other places. Google is an active participant in the EU-US Data Privacy Framework, which regulates the correct and secure transfer of personal data from EU citizens to the USA. More information can be found at https://commission.europa.eu/document/fa09cbad-dd7d-4684-ae60-be03fcb0fddf_en.
Google uses so-called standard contractual clauses (= Art. 46 Paragraphs 2 and 3 GDPR). Standard Contractual Clauses (SCC) are templates provided by the EU Commission and are intended to ensure that your data complies with European data protection standards even if it is transferred to third countries (such as the USA) and stored there. Through the EU-US Data Privacy Framework and the Standard Contractual Clauses, Google undertakes to comply with the European level of data protection when processing your relevant data, even if the data is stored, processed and managed in the USA. These clauses are based on an implementing decision of the EU Commission. You can find the resolution and the corresponding standard contractual clauses here: https://eur-lex.europa.eu/eli/dec_impl/2021/914/oj?locale=de
Google has a contract for order processing in accordance with Art. 28 GDPR, which acts as the data protection basis for our customer relationship with Google. The content of this refers to the EU standard contractual clauses.
You can find the order processing conditions here: https://business.safety.google/intl/de/adsprocessorterms/
You can find out more about the data processed through the use of Google Cloud in the Privacy Policy at https://policies.google.com/privacy?hl=de.
WIX
-
Purpose: Website Erstellung und Hosting
-
Address: Wix.com Ltd., Nemal St. 40, 6350671 Tel Aviv, Israel
Our website Wix.com as a website provider and hosting service. The legal basis for the integration is the legitimate interest (Article 6, Paragraph 1, point f of the GDPR) in being able to offer our visitors a functional and modern website. An adequate level of data protection for the transfer of personal data in Israel has been recognized by the EU Commission.
Every time our website is accessed, various scripts are reloaded by the provider wix.com. This includes scripts from the domains wix.com/ parastorage.com / wixstatic.com. At least the visitor's IP address is transmitted to the domain servers. These scripts use cookies to operate the components and to protect against access from third parties. We have no influence on the scope of the data or the data itself that the service provider collects. Further information can be found in the Wix.com privacy policy at https://de.wix.com/about/privacy.
Mailchimp
-
Purpose: Mailing and Newsletter
-
Address: Intuit Inc., 2700 Coast Avenue, Mountain View, CA 94043 USA
To do this, we pass on the following personal data to Mailchimp: email address, first name, last name. Mailchimp is the recipient of your personal data and acts as a processor for us when it comes to sending our newsletter. The processing of the data provided under this section is not required by law or contract. Without your consent and the transmission of your personal data, we cannot send a newsletter to you.
In addition, Mailchimp collects the following personal data using cookies and other tracking methods: information about your device (IP address, device information, operating system, browser ID, information about the application you use to read your emails and other information via hardware and internet connection. In addition, usage data is collected such as the date and time when you opened the email / campaign and browser activity (e.g. which emails / websites were opened). Mailchimp needs this data to ensure the security and reliability of the Systems to ensure compliance with the terms of use and the avoidance of misuse. This corresponds to the legitimate interest of Mailchimp (according to Article 6 Paragraph 1 point. f GDPR) and serves to implement the contract (according to Article 6 Paragraph 1 point b GDPR). Mailchimp also evaluates performance data, such as email delivery statistics and other communication data. This information is used to compile usage and performance statistics of the Services. Mailchimp additionally collects information about you from other sources. Within an unspecified period and scope, personal data is collected via social media and other third-party data providers. We have no influence on this process.
Further information on objection and removal options for Mailchimp can be found at: https://mailchimp.com/legal/privacy/#3._Privacy_for_Contacts
The legal basis for this processing is your consent in accordance with Article 6 (1) (a) GDPR. You can revoke your consent to the processing of your personal data at any time. There is a corresponding link in all mailings. You can also revoke your consent using the contact options provided. Declaring your revocation will not affect the lawfulness of the processing that has taken place so far.
Your data will be processed as long as you have given your consent. Apart from that, these will be deleted after the contract between us and Mailchimp has ended, unless legal requirements require further storage. Mailchimp has implemented compliance measures for international data transfers. These apply to all global activities where Mailchimp processes personal data of individuals in the EU. These measures are based on the EU Standard Contractual Clauses (SCCs). For more information, see: https://mailchimp.com/legal/data-processing-addendum/
Pretix
For purchasing our ticket we use Pretix as ticket software. If you buy a ticket, Pretix uses cookies to enhance the ordering process and to remember that your carts belong to you. If you buy tickets from multiple different organizers, Pretix never tracks your visit across events and never correlate this data. Pretix does not track IP addresses, browsers, referers or any other unnecessary metadata.
All Pretix servers are located in Germany and we are subject to German data protection laws.
The prefix team has access to your data for technical reasons. Pretix will only use this access to find and solve errors in case of a support request.
If you specify an email address from Outlook or similar providers, Pretix might route all email to you via rapidmail, an german email provider, since Outlook tends to reject direct emails from us as spam.
If you click a link in an email Pretix sends you about a ticket order for the first time, we store the information that your email address appears to work. We do not store anything else about that click and we do not use that information for automated behaviour, it's just useful when debugging issues.
If you register for a TEDxLinz event, you can optionally sign up for the newsletter of TEDxLinz through MailChimp. If you pay using Stripe, payment-relevant meta information is shared with Stripe. Please note: if you pay by credit card, the last four digits of your credit card number are stored on our server. The Pretix Support is available via: support@pretix.eu.
Stripe
Where you wish to execute the payment for our services online, TEDxLinz uses services of Stripe, Inc., 510 Townsend Street, San Francisco, CA 94103, USA („Stripe“) for our payment processing based on Art. 6 para. 1 sent. 1 lit. f GDPR (legitimate interest). Thereby and unless otherwise indicated below, Stripe acts as data processor and its affiliates (“Stripe Payments Europe Limited”, “Stripe Technology Europe Limited” and “Stripe Payments UK Limited”) act as its sub processors.
During the payment, if you choose to pay with your credit card, you will be asked to enter your card information, which will be securely transferred to and processed by Stripe. TEDxLinz will not have access to such data. To process and authenticate the online payment transactions, Stripe may use your Personal Data (e.g. credit card number, the amount and the date of payment).
During the transaction, Stripe might obtain and process personal information about you received through the services or from third parties in order to determine your identity and prevent fraudulent activities. The legal basis for such a processing through Stripe (as a controller) will be Art. 6 para. 1 sent. 1 lit. c or f GDPR (legitimate interest).
In addition, if you wish to receive a receipt of your payment transaction from Stripe, you can opt to enter your name, email and billing address. This information will be securely transferred to and processed from Stripe based on Art. 6 para. 1 sent. 1 lit. a GDPR (consent).
Stripe might transfer your personal data to third countries, including the United States. For information on which measures Stripe takes to ensure that any such transfers comply with applicable data protection laws, please see https://stripe.com/privacy-center/legal#data-transfers.
Stripe may also place Cookies in order to enable the transaction (see Sec. 2.1 lit. b). For more information on how Stripe processes your personal data, please see https://stripe.com/en-de/privacy.
Data transfer to third countries
We only transfer or process data to countries outside the scope of the GDPR (third countries) if you consent to this processing or there is other legal permission. This applies in particular if the processing is required by law or necessary to fulfill a contractual relationship and in any case only to the extent that this is generally permitted. In most cases, your consent is the most important reason why we have data processed in third countries. Processing personal data in third countries such as the USA, where many software manufacturers provide services and have their server locations, may mean that personal data is processed and stored in unexpected ways.
We expressly point out that, in the opinion of the European Court of Justice, there is currently only an adequate level of protection for data transfer to the USA if a US company that processes personal data of EU citizens in the USA is an active participant in the EU-US Data Privacy Framework. You can find more information about this at: https://commission.europa.eu/document/fa09cbad-dd7d-4684-ae60-be03fcb0fddf_en
Data processing by US services that are not active participants in the EU-US Data Privacy Framework may result in data not being processed and stored anonymously. Furthermore, US government authorities may have access to individual data. It can also happen that collected data is linked to data from other services from the same provider, provided you have a corresponding user account. If possible, we try to use server locations within the EU, if this is offered.
We will inform you in more detail about data transfer to third countries in the appropriate places in this data protection declaration, if this applies.
Legal bases for processing your personal data
The GDPR sets out a number of different reasons for which an organization may collect and process your personal data. We rely on the following legal bases:
Consent (Article 6 paragraph 1 point a GDPR)
-
In specific situations, we will collect and process your information with your consent. We will always make it clear to you what you are consenting to and what information is necessary for which services.
Contractual obligations (Article 6 paragraph 1 point b GDPR)
-
In certain circumstances, we need your information to carry out our contractual obligations.
Legal obligations (Article 6 paragraph 1 point c GDPR)
-
If we are required to by law, we may need to collect and process your information.
Legitimate interests (Article 6 paragraph 1 point f GDPR)
-
In specific situations, we require your information to pursue our legitimate interests in a way which you might reasonably expect as part of running our business and providing the services of the Club, and which will not materially impact your rights, freedoms or interests.
In the case of special category data, we will seek your explicit consent in line with our obligations under the GDPR.
Data storage period
If no explicit storage period is stated during the collection (e.g. as part of a declaration of consent), we are obliged in accordance with Art. 5 Paragraph 1 point e GDPR to delete personal data as soon as the purpose for processing has been fulfilled. We generally store data in personal form until the end of a business relationship or until the expiry of applicable guarantee, warranty or limitation periods, beyond that until the end of any legal disputes in which the data is required as evidence, or in any case until the expiry of the stored and stored for three years after the last contact with a business partner.
Your rights
You are generally entitled to the rights to information, correction, deletion, restriction, data portability, revocation and objection. If you believe that the processing of your data violates data protection law or your data protection rights have been violated in any other way, you can complain to the supervisory authority. In Austria this is the data protection authority, whose websites you can find at https://www.dsb.gv.at/.
Media
TEDxLinz reserves the right to publish photos and videos of social events on the TEDxLinz website, social media (e.g. LinkedIn, Facebook, Instagram..) or other publications and to pass them on to the press for the purpose of marketing without the specific consent of the visible people in advance.
Contact us
If you have any questions, comments or concerns regarding this Privacy Notice or the way we handle your personal information, or wish to make any requests, please address these to:
Club: Verein TEDxLinz - Verein zur Verbreitung innovativer Ideen
ZVR: 1399848399
Adresse: Tummelplatz 3, 4020 Linz
E-Mail: office@tedxlinz.at
Chairman: Mario Mauracher
E-Mail: mario.m@tedxlinz.at
Changes to this Privacy Policy
We may update Our Privacy Policy from time to time. We will notify You of any changes by posting the new Privacy Policy on this page. You are advised to review this Privacy Policy periodically for any changes. Changes to this Privacy Policy are effective when they are posted on this page.
Parts of this privacy policy are generated with Datenschutz Generator (AdSimple)
Last update 04.07.2024