CSSconf.EU
May 31st 2019

Data Protection Declaration

General Information

As being responsible for this website, we take the protection of your personal data very seriously. We treat your personal data confidentiality in particular in accordance with the statutory data protection regulations. By using this website, various personal data is collected. Personal data is data that you can be personally identified with. This data protection declaration describes which data we collect and for what we use it. It also explains how and for what purpose this is done. We would like to point out that data transmission over the Internet (e.g. communication by e-mail) can have security gaps. A complete protection of data against access by third parties is not possible.

Responsible for the Website

Neighbourhoodie Software GmbH Lausitzer Str. 10, 10999 Berlin, Germany Managing Board: Simone Haas (CEO), Jan Lehnardt (CEO)

Responsible for Data Protection

Neighbourhoodie Software GmbH Lausitzer Str. 10, 10999 Berlin, Germany hi@neighbourhood.ie

Visiting our Website

By visiting our website we process certain data of our visitors. What kind of data, on which legal basis, for what purpose and for how long we process, please read our subsequent data privacy policy.

Providing our Website

By loading our webpage, some data is being stored in a web server protocol file:

  • Date and time of the request for the load of the web page
  • size of the data package being transmitted within the connection
  • Type and version of the used browser as well as your IP address

Furthermore, we store the following information:

  • HTTP Method
  • Host name
  • URI of the request
  • HTTP Response Code
  • Referrer
  • User-Agent
  • Edge Result, Edge Request-ID
  • Host Header, HTTP-Protocol, Time to first byte, x-forward header, SSL-Protocol and SSL cypher, Protocol version, FLE-Status, FLE encrypted fields.

The legal base for the processing of your IP address is Art. 6, para. 1, lit. f) GDPR. Our legitimate interest to store this data is based on the following purposes:

  • ensure a seamless connection establishment
  • ensure the smooth usage of our website / application
  • technical analysis of the system security and stability

Your IP address is generally not stored, we especially do not use itf for analysing personal data. A full storage of the IP address would only happen so that we can track technical errors or hacker attacks. Our web servers are configured in a way that your IP address is deleted in a timely manner after your visit of our site.

Cloudflare

Cloudflare is a cloud service provider and content delivery network. Here we host and operate our website. Legal basis for using Cloudflare on our website is the privacy shield framework (https://www.privacyshield.gov/participant?id=a2zt0000000GnZKAA0&status=Active). We may process your personal data until our legitimate interest ceases to exist.

For more details of Cloudflare’s privacy and security processes, please visit https://www.cloudflare.com/security-policy/.

You have the right to request information, correction, deletion or blocking of your personal data. As far as you should request deletion of your personal data stored by us, we will execute your request without undue delay, unless legal duties for documentation or storage apply. You can object to the usage of your personal data for advertising or market research purposes or revoke given opt-ins at any time.

In case we process personal data of you, you are so called “affected” within the meaning of the General Data Protection Regulation (GDPR) and you have the following rights vis-à-vis the controller:

  • Right to information according to Art. 15 GDPR
    You have the right to get information for free about your personal data stored by us at any time. Furthermore, you have the right to have your data provided to us transferred to yourself or a third party at any time.
  • Right to correct any information that is inaccurate or incomplete according to Art. 16 GDPR
  • Right to Deletion according to Art. 17 GDPR
  • Right to limitation of processing according to Art. 18 GDPR
    At your request, we will correct, block or delete the personal data stored about you, provided that other statutory regulations (e.g. obligations to store data from the German Commercial Code) do not prevent this.
  • Right to data transferability according to Art. 20 GDPR
    You have the right to get information about your personal data for free in a structured, current and readable format
  • Right of contradiction/revocation of permission according to Art. 21 GDPR
    If you have given us your consent to process your personal data, you can revoke this at any time
  • Right of complaint to the national supervisory authority according to Art. 13 para. 2 lit. d) GDPR
    Without prejudice to any other administrative or judicial remedy, you have the right of appeal to a supervisory authority, in particular in the Member State where you reside, work or suspect of infringement, if you believe that the processing of personal data concerning you is contrary to the GDPR.

    The supervisory authority to which the complaint has been lodged shall inform the complainant of the status and results of the complaint, including the possibility of a judicial remedy according to Art. 78 GDPR.

In order to process your request (please mail: hi@neighbourhood.ie), we are obliged to check your identity carefully. Please understand that we reserve the right - depending on the criticality of the data - to request further information or proof of identity. This serves in particular to protect your personal data from unauthorized access by third parties. We would like to point out that we reserve the right not to process requests that are received inappropriately frequently or without corresponding proof of identity. We will inform you of this in writing (via E-Mail).

Children

Persons under 16 should not send us personal data without the consent of their parents or persons with parental power. We ask for no personal data from children and adolescents, nor do we collect such information nor pass it on to third parties.

Use Of Cookies

Cookies are small text files that are stored on your computer and saved by your browser. Cookies do not cause any damage to your computer and do not contain any viruses. Our cookies remain stored on your terminal for a certain period of time.

In your browser settings, you can determine whether you want to be informed merely about the setting of a cookie, whether you want to grant or exclude permission either for individual cases or for cookies in general, or whether you want cookies to be automatically deleted when your browser is closed. Disabling cookies may limit the functionality of this website.

Cookies, which are necessary for the execution of the electronic communication process or for the provision of certain functions desired by you, are stored on the basis of Art. 6 para. 1 lit. f) GDPR. The website operator has a legitimate interest in the storage of cookies for technically error-free and optimized provision of his services. If other cookies (e.g. cookies for analyzing your surfing behavior) are stored, they are handled separately under the analysis service used.

Our cookies remain on your computer for a certain period of time enabling our cloud provider to recognize your computer behind a shared IP-address space on the basis of the logged data (visit to our website including date and time, browser type, operating system) in order to provide end user security.

Cloudflare

https://support.cloudflare.com/hc/en-us/articles/200170156-What-does-the-Cloudflare-cfduid-cookie-do-

Newsletter

With the following information we inform you about the contents of our newsletter as well as the registration, dispatch and statistical evaluation procedures as well as your right of objection. By subscribing to our newsletter, you agree to the receipt and the procedures described.

The legal basis for sending our newsletter is your consent via double opt-in according to Art. 6 para. 1 lit. a GDPR.

Newsletter Content

We send newsletters and e-mails containing promotional information (hereinafter referred to as “Newsletter”) only with the consent of the recipient. Provided that in the context of a registration to the newsletter whose contents are specifically described, they are decisive for the consent of the users. In our newsletters we inform you periodically about the JSConf EU | CSSconf EU programme announcements, discounted ticket/hotel/travel offers and further events by email.

Use of “MailChimp” shipping service provider

We use MailChimp to send our newsletter to our subscribers. MailChimp is a service provided by The Rocket Science Group, LLC, 512 Means Street, Suite 404, Atlanta, GA 30318, USA.

The email addresses of our newsletter recipients, as well as any other information described in this notice, are stored on the servers of MailChimp in the USA. MailChimp uses this information for sending and to evaluate the newsletters on our behalf. Furthermore, MailChimp can use its own information to check these Use data to optimize or improve your own services, e.g. to technically optimize shipping and the presentation of the newsletter or for economic purposes, in order to determine from which countries the recipients come.

The data stored when you registered for the newsletter (E-mail address, name, IP address, and time and date of registration) will be sent to a server operated by The Rocket Science Group in the United States and stored there in accordance with the EU-US Privacy Shield. MailChimp uses this information for sending and to evaluate the newsletters on our behalf. Furthermore, MailChimp can use its own information to check these Use data to optimize or improve your own services, e.g. to technically optimize shipping and the presentation of the newsletter or for economic purposes, in order to determine from which countries the recipients come. However, MailChimp does not use the data of our newsletter recipients to write them down itself or to send them back to us.

We trust in the reliability and IT and data security of MailChimp. MailChimp is protected under the US-EU Data Protection Agreement “Privacy Shield” and is thus committed to comply with EU data protection regulations. Furthermore, we have created with MailChimp a “Data Processing Agreement”. This is a contract, in which MailChimp is responsible for to protect the data of our users in accordance with their data protection regulations on our behalf and in particular not to pass them on to third parties. The data protection regulations of MailChimp can be viewed here. Further information about the data protection offered by MailChimp can be found at: https://mailchimp.com/legal/privacy/.

Further information about the EU-US Privacy Shield can be found at: Die Bundesbeauftragte für den Datenschutz und die Informationsfreiheit.

Double opt-in and logging

The registration for our newsletter takes place in a so-called double opt-in procedure. This means that you will receive an e-mail after registration, in which you will be asked to confirm your registration. This confirmation is necessary so that no one can log on with foreign e-mail addresses. The registrations for the newsletter are recorded in order to be able to prove the registration process according to legal requirements. Therefore we store the login and the confirmation time, as well as the IP address. Also, the changes to your data stored with the shipping service provider (MailChimp) are logged.

Logon data

To subscribe to the newsletter, it is sufficient to provide your e-mail address. Optionally, we ask you to give a name in the newsletter for personal address.

You will be asked to consent to the use of your personal data to receive our newsletter as follows:

CSSconf EU

“By entering your e-mail address and clicking the button below, you confirm that you are 16 years or older. You agree that the CSSconf EU (represented by Neighbourhoodie Software GmbH, Lausitzer Str. 10, 10999 Berlin, Germany) will use the data and information provided by you in connection with the use of the newsletter to regularly send you information about the CSSconf EU by e-mail. By clicking below, you agree that CSSconf EU may process your information in accordance with these terms. You can change your mind at any time by clicking the unsubscribe link in the footer of any e-mail you receive from us, or by contacting us at contact@cssconf.eu. CSSconf EU will treat your information with respect. For further information, please see our privacy policy on our website.”

Statistical survey and analysis

The newsletters contain a so-called “web-beacon”. A pixel-sized file retrieved from the server of the shipping service provider when the newsletter is opened. Within the framework of this call, technical information, such as information about the browser and your system, as well as your IP address and time of the call-up are collected.

This information is used to technically improve the services based on the technical data or the target groups and their reading behavior by means of their polling points (which can be determined using the IP address) or the access times. Statistical surveys also include determining whether the newsletters are opened, when they are opened, and which links are clicked. This information can be assigned to individual newsletter recipients for technical reasons. It is, however, neither our endeavor, nor that of the shipping service provider, to observe individual users. The evaluations are much more useful for us to recognize the reading habits of our users and adapt our content to them or to send different content according to the interests of our users.

Cancellation / Revocation

We may process your personal data until you revoke your consent. You can cancel the receipt of our newsletter at any time, i.e. revoke your consent. So that goes out at the same time your consents to its dispatch via MailChimp and the statistical analyses. A separate revocation of sending via MailChimp or the statistical evaluation is unfortunately not possible. A link to cancel the newsletter can be found at the end of each newsletter. For instructions to take this step, please refer to the confirmation e-mail and each newsletter.

Embedding of external platforms

You will find links to other websites on this website, directly or indirectly by means of links. The legal basis for such processing is our legitimate interest pursuant to Art. 6 para. 1 lit. f) GDPR. We may process your personal data until our legitimate interest ceases to exist. We hereby expressly distance ourselves from all contents of these sites to which links are established and do not adopt these contents as our own. We do not have any influence on changes of the linked content. Our website may contain links to other providers’ websites, which are not covered by this data protection policy. To the extent that the use of websites of other providers involves the capture, processing and use of personal data, please refer to the data protection policy of the relevant provider.

Use of YouTube

Our website uses the YouTube video platform operated by YouTube LLC, 901 Cherry Ave. San Bruno, CA 94066 USA. YouTube is a platform that enables playback of audio and video files. When you load a page on our website, the integrated YouTube player establishes a connection to YouTube in order to ensure the technical transmission of the video or audio file. When the connection to YouTube is established, data is transferred to YouTube.

For information about the scope and purpose of data collection, the further processing and use of the data by YouTube and your rights and the settings you can configure to protect your privacy, please refer to the YouTube Privacy Guidelines: https://www.youtube.com/t/privacy_guidelines.

Google Maps

Our website uses the map service Google Maps via an API. The provider is Google Inc, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA. To use the functions of Google Maps it is necessary to save your IP address. This information is usually transferred to a Google server in the USA and stored there. The provider of this site has no influence on this data transmission. The use of Google Maps is in the interest of an appealing representation of our online offers and at an easy findability of the places indicated by us on the web page.

You can find more information on the handling of user data in Google’s data protection declaration: https://www.google.de/intl/de/policies/privacy/.

Google is certified under the Privacy Shield Agreement and thus offers a guarantee of compliance with the European data protection law (https://www.privacyshield.gov/participant?id=a2zt000000001L5AAI&status=Active).

Data policy statement for Facebook fan pages

The use of this Facebook fan page is accompanied by the processing of personal data. In addition to Facebook, we as the fan page operator also collect and process users’ personal data on our fan page. Our intention in providing the following information is to give you an overview of the processingmentioned above and also to advise you of your rights pursuant to the European General Data Protection Regulation (GDPR) and the Bundesdatenschutzgesetz (BDSG – German Federal Data Protection Act).

Data processing on our Facebook fan page

When you visit our fan page (www.facebook.com/cssconfeu), Facebook Ltd., 4 Grand CanalSquare, Grand Canal Harbour, D2 Dublin, Ireland, collects, stores and processes your personal data in accordance with Facebook’s data policy. es cookies to store and further process this information, and these cookies are stored onthe various devices of the visitors to the Facebook fan page, especially when the visitors are registered members of Facebook. As a result, Facebook can display targeted advertising on its own platform and also on third-party pages. Facebook does not publish in full and we do not know to whatextent Facebook uses the above-mentioned data for its own purposes, to what extent activities on the Facebook fan page are associated with individual users, how long Facebook stores this data andwhether data is disclosed to third parties. Facebook, Inc., the US parent company of Facebook Ireland Ltd., is certified under the EU-US Privacy Shield and has thus declared that it complies with the European level of data protection and the accompanying data policies. As the operator of the Facebook fan page, we cannot rule out the possibility that data belonging to users of the Facebook fan page will be transferred to and processed in third countries, nor can we exclude any related risks. For further information, please also see Facebook’s data policy: https://facebook.com/about/privacy/ Facebook furthermore offers the option of objecting to specific forms of data processing; you will find related information and opt-out choices at https://www.facebook.com/settings?tab=ads. We use the statistics services Facebook Insights for the purpose of designing and continually updating our pages as needed. This service records your activity on our page and sends it to us in the form of anonymised statistics. This allows us to gain an insight among other things into the activity of the visitors to our fan page, page views, the reach of contributions, views and average duration of video playbacks, information about which countries and cities our visitors come from as well as statistics on the gender balance of our visitors. In addition, Facebook records data if you interact with our page as a registered Facebook user (e.g. if you click a Like button, send us a message, or post a comment). These interactions are also recordedComment [1]: There is no section on social media in the privacy policy of your website, please include this headline. and provided in the statistics by Facebook; we as the operator are unable to exert an influence on this. It is therefore not possible for us as the fan page operator to deactivate this function or to prevent data from being generated and processed. It is not possible for us as the fan page operator to identify individual users or to access individual user profiles on the basis of the insights automatically provided by Facebook. You can find more detailed information on Facebook Insightsfrom Facebook here. Facebook and we share responsibility for processing the Insights data. The details of this are governed by the agreement on shared responsibility (Joint Controller Addendum), which you canfind here. As the fan page operator, we also process data to a very limited extent only. Our fan page is operated on the legal basis of a balance of interests in accordance with Art 6(1) f) GDPR. In addition, we store user names and comments that are deleted on account of a breach of netiquette.These are tracked only in order to furnish any evidence that may be required in legal disputes withinthe period of limitation. The legal basis for us as the operator of the Facebook fan page to process data as mentioned above is Art. 6(1) b) GDPR (e.g. if you send us a request relating to a contract) on the one hand. On the other, the data can also be processed on the basis of your consent pursuant to Art. 6(1) a) GDPR (e.g. if you “like” or comment on one of our posts or upload content onto our page). You can withdraw the consent you have given at any time with effect for the future by deleting the comment or the content in question. The withdrawal of consent shall not affect the lawfulness of processing based on consent given before it is withdrawn. Facebook has assumed the primary responsibility for the processing of personal data using the “Insights” service offered by Facebook. This concerns the processing of Insights data and the implementation of the rights of the data subject. Please therefore contact Facebook directlyconcerning all obligations arising from the GDPR in relation to the processing of Insights data. We willforward to Facebook any queries that we receive from you on this subject.

Version: January 2019

Part of the international CSSconf family

Page 1 Created with Sketch. icon-twitter Created with Sketch. Combined Shape Created with Sketch. arrow banner Created with Sketch. logo-icon A k A k