We take the protection and security of your personal data seriously and would like to give you an overview of the processing of your personal data with the following information and inform you about your rights under the European General Data Protection Regulation (GDPR).
MUC:SEC e.V. c/o Kemetmüller
Hans-Sachs-Str 5.801, 80469 München
Chair: Christoph Kemetmüller
Vice-Chair: Sneha Rajguru
Email: manager [at] bsidesmunich [dot] org
Website: manager [at] bsidesmunich [dot] org
“Personal Data” means any information relating to an identified or identifiable natural person. We use your personal data for the following purposes:
When visiting our website, the browser used on your device sends certain information to the server that makes our website available for technical reasons. This information include the type and version of your browser, operating system used, referrer (website from which our site is accessed), sub-pages, time and date of access, the IP address you use, the Internet service provider used and other information, which are relevant in the event of an attack on our IT infrastructure.
This information is stored temporarily in log files. We use this information to make the content of our website available to you, to keep it up to date and to ensure the security of our website and the IT infrastructure used.
The legal basis is Art. 6(1)(f) GDPR.
If you contact us, we process your personal data that you make available to us in this context (e.g. name, e-mail address, address) in order to answer your request.
The legal basis is Art. 6(1)(f) GDPR or, if you exercise your rights under the GDPR, Art. 6(1)(c) GDPR in conjunction with Chapter 3 GDPR.
Without providing your personal data, we cannot contact you and may not be able to answer your request.
We process your personal data (name, company affiliation, function, professional contact details, address) in order to conclude or process a sponsorship contract with you or your company.
The legal basis is Art. 6(1)(c) GDPR or Art. 6(1)(f) GDPR.
The provision of your personal data is necessary for the conclusion of a contract (sponsorship contract).
We process your personal data if you would like to offer a workshop or talk as part of the Security Bsides Munich conference. This includes your name, e-mail address, subject, technical information and other information about your workshop or talk. As part of the selection of contributions for the Security Bsides Munich conference, we work together with the service provider pretalx / rixx.de software development Tobias Kunze (Dammstraße 18, 70806 Kornwestheim), who processes your personal data on behalf based on a data processing contract (Art. 28 GDPR).
Without providing your personal data, we cannot consider your workshop or talk for the Security Bsides Munich conference.
We process your personal data when you register to participate in the Security Bsides Munich conference to issue a ticket. This includes your name and email address. As part of issuing tickets, we work together with the service provider pretix / rami.io Softwareentwicklung Raphael Michel (Markgräfler Str. 16, 69126 Heidelberg), who processes your personal data on behalf based on a data processing agreement (Art. 28 GDPR).
The legal basis is Art. 6(1)(a) GDPR.
Without providing your personal data, we cannot enable you to participate in the Security Bsides Munich conference.
We process your personal data as part of the implementation of the Security Bsides Munich Conference, e.g. to comply with the Code of Conduct. This includes your name and email address.
The legal basis is Article 6(1)(a) GDPR or Article 6(1)(c) GDPR or Article 6(1)(f) GDPR. Without providing your personal data, we cannot enable you to participate in the Security Bsides Munich conference.
We shall only transfer your personal data to other recipients or grant other recipients access to your personal data, if this is necessary for the specified purposes of processing your personal data, if we are obligated to do so by a legal duty of disclosure or a court decision to provide information.
A transfer of personal to third countries or to international organisations is not planned. Third countries are countries outside the European Union and the European Economic Area.
Your personal data will only be stored for as long as is necessary to fulfill the respective processing purposes. Storage that goes beyond this can take place on the basis of statutory or contractually defined retention periods. Deletion takes place at the latest after the expiry of the statutory limitation periods for any objections (according to § 195 BGB) or for violations of the GDPR (§ 41(1) BDSG in conjunction with Art. 83 GDPR in conjunction with § 31 OWiG), these are three years.
You can exercise the rights set out below in general and in relation to our processing of your personal data. Please use the contact options given above.
You have the right to request information at any time from us about the data held that relates to you, receive a copy of this data and receive other information concerning this personal data.
You have the right to request us to rectify any incorrect personal data relating to you without undue delay.
You have the right to request us to erase any personal data relating to you without undue delay.
You have the right to request us to restrict the processing of any personal data relating to you.
You have the right to receive your personal data from us in a structured, commonly used and machine-readable format.
You have the right to withdraw the consent to process your personal data, which you granted pursuant to Art. 6(1)(a) GDPR, at any time. This does not affect the lawfulness of any processing of your personal data performed on the basis of your consent prior to its withdrawal.
You have the right to object to the processing of your personal data at any time, provided the processing is performed on the basis of Art. 6(1)(e) GDPR (performance of a task in the public interest or in the exercise of official authority) or Art. 6(1)(f) GDPR (protecting the legitimate interests of the controller or a third party).
If you, as the data subject, believe that processing of your personal data breaches the European General Data Protection Regulation, you have the right to lodge a complaint with a supervisory authority, in particular in the Member State of your habitual residence, your place of work or the place of the alleged breach.
We do not obtain personal data from publicly accessible sources.
You are neither legally nor contractually obliged to provide your personal data. The provision of your personal data is also not required for the conclusion of a contract.
Automated decision-making, including profiling is not conducted.