Homepage  >  Privacy Policy

Privacy Policy

Data protection declaration

Data protection is a matter of confidence and we regard your confidence in us as a matter of great importance. For this reason, the protection of your private sphere is something we take very seriously. To ensure that you feel secure when visiting our websites, we strictly observe all legal provisions and would like to inform you about how we handle your data in detail below. We would therefore like to share information with you about when we collect which data, when we save it how we use it. Our aim is to protect your personal data as best as possible and use it only in accordance with our data protection declaration. We have technical and organisational measures in place that guarantee that regulations about data protection are adhered to both by us and our external service providers. In the following we provide you with information about the type and scope of the data we collect and use and the purpose for which we do this.

Click here to save or print this data protection declaration as a PDF.

This data protection declaration for the event forum of the publishing group Georg von Holtzbrinck GmbH, Taubenstraße 23, 10117 Berlin (hereafter referred to as “The event forum”, “we” or “us”) applies only for content on the online platform www.vf-holtzbrinck.de. The data protection declaration does not include any websites to which we provide links.

1. Controlling body

The controlling body for the collection, processing and use of your personal data in accordance with the EU’s General Data Protection Regulation and the Bundesdatenschutzgesetz (German Law on Data Protection) is:

der Verlagsgruppe
Georg von Holtzbrinck GmbH
Taubenstraße 23, 10117 Berlin

The event forum is a company of the Holtzbrinck Publishing Group and includes the German publishers Rowohlt, S. Fischer, Argon, Kiepenheuer & Witsch as well as the Droemer Knaur publishing group.

2. Legal basis of the processing

Our company uses article 6 I (a) of the General Data Protection Regulation (GDPR) as the legal basis for processing operations for which we obtain a consent for a specific processing purpose. If the processing of personal data is required for compliance with a contract whose contractual party is the person concerned, as is the case, for example, with processing operations that are necessary for a delivery of goods or the rendering of another service or service in return, the processing is based on article 6 I (b) of the GDPR. The same applies for processing operations that are required for precontractual actions, for example in cases of queries about our products or services.  If our company is subject to a legal obligation that makes processing of personal data necessary, such as compliance with tax obligations, the processing is based on article 6 I (c) of the GDPR. In rare cases the processing of personal data could be necessary in order to protect vital interests of the person concerned or of another natural person. This would be the case, for example, if a visitor to our plant were injured and then his or her name, age, health insurance data or other vital information would have to be passed on to a doctor or other third parties. In this case the processing would be based on article 6 I (d) of the GDPR. Finally, processing operations could be based on article 6 I (f) of the GDPR. This legal basis is used for processing operations that are not covered by any of the above-mentioned legal bases, if the processing is necessary to protect a justified interest of our company or of a third party and if the interests, fundamental rights and basic freedoms of the person concerned do not take precedence. We are permitted to carry out such processing operations because they are mentioned specifically by the European legislative authority. In this respect the legislative authority takes the view that a justified interest can be assumed if the affected person is a customer of the responsible party (recital 47 sentence 2 of the GDPR).

3. Justified interests in the processing that are pursued by the responsible party or a third party

If the processing of personal data is based on article 6 I (f) of the GDPR, our justified interest is the performance of our business activity in favour of the welfare of all our employees and our shareholders.

4. Personal data

Personal data comprises details about factual or personal relations of an identified or identifiable natural person. This might include, for example, your name, your telephone number, your address, your e-mail address, the IP address you used as well as all existing data and, where applicable, content data that you report to us in the context of your registration for our services when creating your user account and when using our services.

This does not include statistical data which we collect when you visit our website for instance, which cannot be associated directly with your person. Examples of this are statistics on which of our pages are particularly popular or how many users visit/access certain pages.

Personal data shall only be used by us in the context of these terms and in compliance with the regulations of the EU’s General Data Protection Regulation, the Bundesdatenschutzgesetz and the Telemediengesetz (German Broadcast Media Act). In doing so, all data protection regulations are strictly complied with.

5. Collection and processing of personal data

We use the data we collect for the following basic purposes only, although not all data shall actually be used for all the purposes stated:

We use the personal data saved in a registration form you might have filled out (e.g. distribution lists for invitations, guest professorships, ZEIT Science Forum, Societal Cohesion, JARA) or that might have been saved in a user account you created (e.g. application for the scientific journalism prize) to establish and administer the user relationship or to implement the application procedures.

We use the data regarding your use of the web site and its sub-domains (usage data) for technical processing.

When you visit our website, our web servers collect and save technical information on a temporary basis (log files), which your browser then transfers to us: the domain name or IP address of your computer, the client’s file request (file name and URL), the http response code and the web page from which you came to us. The data collected shall be used for the purposes of data security, in particular for protection against attempted attacks and in order to stabilise the operational reliability, as well as for statistical evaluations. This shall then be deleted or anonymised after 7 days at the latest. During this process of anonymisation, the IP address shall be modified such that the individual details of personal or factual relations can no longer be associated to an identified or identifiable person, or else only with a disproportionately high amount of time, cost and labour. The log files are used neither to create individual user profiles nor are they forwarded to third parties.

Information on data saved in cookies can be found under item 6.

Additionally, in the context of the utilisation of our services or in the context of the application process for the prize for scientific journalism, you may upload contents into the registration forms (content data) that we process to handle the registrations or to carry out the application process and that we use to provide the service to you.

6. Distribution lists for invitations

If you no longer wish to receive any invitations from us at a later date, you can withdraw this consent at any time with future effect by deregistering or opting out. A written message sent to the following contact (e.g. via e-mail, fax or letter) will suffice for this purpose: office@vf-holtzbrinck.de, Fax 030-27 87 18-18 or Veranstaltungsforum Holtzbrinck Publishing Group, Taubenstraße 23, 10117 Berlin. A link to deregister is of course also provided in each invitation e-mail.

7. Forwarding of data

We will only forward your personal data if:

  • forwarding to an order processor is necessary for the purpose of processing the services we offer or to implement the application procedure. Thus it is possible that we will forward personal data to our hosting provider and website operation in this context. As part of our invitations management, we will send the necessary data for order processing to the service provider contracted by us (e.g. our mail house). Data forwarded in this way may only be used by our service providers in order to carry out their tasks. Any other usage of this information is not permitted and none of the service providers we engage with shall undertake such actions;
  • in exceptional cases we are legally obliged to transfer data to any public authorities that request it.

Furthermore, we shall refrain from forwarding any data to third parties except in cases where you have expressly requested us to do so.

8. Cooperation with order processors and third parties

If, in the context of our processing, we disclose data to other persons and companies (order processors or third parties), transfer data to them or otherwise grant access to data, this only occurs on the basis of a statutory authorisation (e.g. if a transfer of data to third parties, such as payment service providers, is necessary for fulfilment of a contract in accordance with article 6 (1) (b) of the GDPR), if you have consented, if a legal obligation stipulates this, or if this is based on our justified interests (e.g. when using authorised representatives, web hosting services, etc.).

If we commission third parties with the processing of data on the basis of a so-called “order processing contract”, this is done on the basis of article 28 of the GDPR.

9. Transfers to third countries

If we process data in a third country (i.e. outside the European Union (EU) or the European Economic Area (EEA)) or if this occurs in the context of the utilisation of third-party services or if data are disclosed or transferred to third parties, this only occurs if it is for the fulfilment of our (pre-)contractual obligations, on the basis of your consent, due to a legal obligation or on the basis of our justified interests. Subject to statutory or contractual authorisations, we will process or have your data processed in a third country only if the special conditions of article 44 ff. of the GDRP are present. I.e. the processing occurs, for example, on the basis of special guarantees such as the officially recognised determination of a data protection level corresponding to that of the EU (e.g. for the USA as a result of the “Privacy Shield”) or observance of officially recognised special contractual obligations (so-called “standard contractual clauses”).

10. Obligation to provide data

Statutory or contractual requirements for providing personal data; necessity for conclusion of the contract; obligation of the person concerned to provide personal data; possible consequences of not providing personal data

We clarify that the provision of personal data is partially required by law (e.g. tax regulations) or can result from contractual regulations (e.g. information on the contractual partner). Sometimes it may be necessary for the conclusion of a contract that a person concerned provides us with personal data that we are subsequently required to process. For example, the person concerned is required to provide us with personal data when our company concludes a contract with him or her. A failure to provide the personal data would have the result that the contract could not be concluded with the person concerned. Before the person concerned provides us with personal data, the person concerned can contact our contact person. On a case-by-case basis, our contact person for data protection will clarify to the person concerned whether the provision of the personal data is legally or contractually required or is necessary for the conclusion of the contract, whether there is an obligation to provide the personal data, and what the consequences of a failure to provide the personal data would be.

11. Existence of automatic decision making

As a responsible company, we do not use exclusively automatic decision-making or profiling models.

12. Recipients or categories of recipients

Recipients or categories of recipients to whom the data can be communicated are public authorities in case of overriding statutory regulations, external contractors as well as external bodies and internal departments of the Event Forum of Verlagsgruppe Georg von Holtzbrinck GmbH for the fulfilment of the purposes referred to.

13. Cookies

We make use of cookies in order to facilitate your visit to our website so it is more straightforward and to make certain functions easier for you to use. Cookies are small text files that are stored on your hard drive or in the temporary main memory and which save certain settings and data for exchange with our system via your browser.

Most of the cookies we save are then deleted again after the browser session has finished (these are known as session cookies). They enable us to optimise our website, its content or personalise this better and simplify its usage. Session cookies are cookies which are only saved for the duration of an internet session on your computer and for tasks such as handling registration for our events.

Other cookies remain on your hard drive and enable us to recognise your computer the next time you visit us (known as permanent cookies), thereby simplifying personalisation and registration services for your next visits. These cookies in particular enable certain data inputs, for example your password or a language setting, to be entered once only upon registration so that you do not have to continually repeat them. These cookies are valid for 6 to 24 months.

Cookies do not cause any damage to your computer, nor do they contain any viruses.

Most browsers will accept cookies as a standard setting. In the security settings of your browser however, you can allow or prohibit temporary or permanent cookies separately. When you deactivate cookies however, certain functions on our website may not work and some web pages may be displayed incorrectly.

Pseudonymous data only is saved in the cookies we use. On activation, the cookie is allocated an ID number but your personal data will not be allocated to this ID number. Your name, IP address or similar data, which would enable allocation of the cookie to yourself, is not inserted in the cookie. Based on the cookie technology we obtain pseudonymous information only, for example about which of our shop’s pages have been accessed, which products viewed, which content opened up etc.

14. Analysis of usage


Our websites use social plugins of the service Twitter, which are deactivated by default. These functions are offered by Twitter Inc., Twitter, Inc. 1355 Market St, Suite 900, San Francisco, CA 94103, USA. The Twitter plugins are labelled with the “bird” logo. As a result of using Twitter and the “retweet” function, if you have expressly activated this in the individual case or permanently, the websites you visit are linked with your Twitter account and disclosed to other users. In the process data is also transferred to Twitter. Please note we, as the provider of the pages, have no knowledge of the data transmitted or its utilisation by Twitter. You can find more information about this in Twitter’s data protection declaration at http://twitter.com/privacy. You can change your data protection settings at Twitter in the accounts settings at http://twitter.com/account/settings.

If you do not want Twitter to collect data about you via our web page, you must not activate social plugins or you must log out of Twitter before visiting our web page.


On this website, the controller has integrated components of Pinterest Inc. Pinterest is a so-called social network. A social network is an Internet social meeting place, an online community that allows users to communicate and interact with each other in a virtual space. A social network may serve as a platform for the exchange of opinions and experiences, or allow the Internet community to provide personal or company-related information. Pinterest enables the users of the social network to publish, inter alia, picture collections and individual pictures as well as descriptions on virtual pinboards (so-called pins), which can then be shared by other user's (so-called re-pins) or commented on.

The operating company of Pinterest is Pinterest Inc., 808 Brannan Street, San Francisco, CA 94103, UNITED STATES.

With each call-up to one of the individual pages of this Internet site, which is operated by the controller and on which a Pinterest component (Pinterest plug-in) was integrated, the Internet browser on the information technology system of the data subject automatically prompted to download through the respective Pinterest component a display of the corresponding Pinterest component. Further information on Pinterest is available under pinterest.com. During the course of this technical procedure, Pinterest gains knowledge of what specific sub-page of our website is visited by the data subject.

If the data subject is logged in at the same time on Pinterest, Pinterest detects with every call-up to our website by the data subject—and for the entire duration of their stay on our Internet site—which specific sub-page of our Internet page was visited by the data subject. This information is collected through the Pinterest component and associated with the respective Pinterest account of the data subject. If the data subject clicks on one of the Pinterest buttons, integrated on our website, then Pinterest assigns this information to the personal Pinterest user account of the data subject and stores the personal data.

Pinterest receives information via the Pinterest component that the data subject has visited our website, provided that the data subject is logged in at Pinterest at the time of the call-up to our website. This occurs regardless of whether the person clicks on the Pinterest component or not. If such a transmission of information to Pinterest is not desirable for the data subject, then he or she may prevent this by logging off from their Pinterest account before a call-up to our website is made.

The data protection guideline published by Pinterest, which is available under about.pinterest.com/privacy-policy, provides information on the collection, processing and use of personal data by Pinterest.

15. Regular erasure and blocking

We shall process and save your personal data only where this is required in order for us to arrive at our relevant purpose. Data will only be saved for longer where longer retention periods are required by law.

As soon as the purpose for it being saved is no longer applicable or the specified legal retention period has expired, the personal data will be blocked for access or deleted on a regular basis.

16. Rights of the data subject 

Your rights in accordance with the EU General Data Protection Regulation are as follows:

1. Access to information

2. Erasure

3. Correction

4. Objection

Right of complaint at a supervisory authority

Without prejudice to other regulatory or judicial remedy, you have the right of complaint at the responsible supervisory authority if you are of the opinion that the processing of personal data that concerns you violates the EU General Data Protection Regulation and/or the Federal Data Protection Act.

If you avail yourself of this right, please contact the Berlin Commissioner for Data Protection and Freedom of Information – www.datenschutz-berlin.de

17. Data security

We undertake the greatest possible efforts to protect your data against unauthorised access, loss, misuse or destruction.

Your personal data shall only be made available to employees for whom the viewing of this data is essential in order to exercise their activities correctly so they can provide you with our services in the best possible manner. In addition, procedural and electronic measures of protection are in place in order to protect your personal data.

You hereby commit yourself to treating your personal access data for the use of our services confidentially and not making it accessible to third parties. We cannot assume any liability for the misuse of passwords except in cases where we are responsible for this misuse.

Your personal data shall be transferred to us encrypted so it is secure. This applies likewise to the registration process. For this, we make use of the SSL (Secure Socket Layer) coding system. Furthermore, we protect our website and any other systems against loss, destruction, access, changes to or distribution of your data by unauthorised persons by means of technical and organisational measures.

18. Changes to this data protection declaration

We reserve the right to make changes to our data protection declarations where this is necessary on account of new technologies or for legal reasons. Please ensure that you have the latest version. In cases where fundamental changes are made to this data protection declaration, we shall announce such changes on our website.

19. Contact

If you have any questions regarding data protection, please contact our external data protection officer Werner Fiedler by e-mailing to datenschutz@gfad.de or contact:

GFAD Systemhaus AG
Huttenstraße 34/35
10553 Berlin
Telefon: +49 30 269 111 1
Fax:       +49 30 269 111 99


    Taubenstraße 23
    10117 Berlin
    Andreas F. Wilkes

    +49 (30) 27 87 18-0


    +49 (30) 27 87 18-18