Imprint/Data protection declarations on the
International Headache Congress 2021
The following data protection declaration applies to the use of our website and informs you as a data subject within the meaning of data protection law and user of this website about the processing of personal data. Personal data is individual information about personal or factual circumstances of a specific or identifiable natural person.
Responsible person in the sense of the GDPR is
Conventus Congressmanagement & Marketing GmbH
Phone: 03641 3116-0
(hereinafter referred to as the responsible person)
You can reach the data protection officer as follows:
Landgraf Datenschutz GmbH
Solicitor André Stämmler
Phone: 03641 316 1180
If you have any questions or suggestions regarding data protection, you can contact our data protection officer directly.
1. General information
When you visit our website, the provider of this platform (or its web space provider) collects data about each access to the offer. This access data includes:
The aforementioned data is processed by operators for the following purposes:
The legal basis for data processing is Art. 6 para. 1 p. 1 lit. f GDPR. The legitimate interest of the provider follows from the data collection purposes listed above. The data is anonymous and is stored separately from any personal data you may have provided. It is not possible to draw conclusions about a specific person.
Disclosure of data to third parties
Your personal data will only be transferred to third parties for the purposes listed below. A transfer for other reasons does not take place.
The user's personal data will only be passed on to third parties if:
If you have given your consent, we will pass on your data to the companies listed below. The transfer is based on your consent. The companies use the data within the scope of the consent to send you advertising by e-mail:
Some of the cookies are deleted as soon as you close your browser (transient cookies). Other cookies (persistent cookies) remain on your terminal device and enable us to recognise your browser. These cookies are automatically deleted after a predefined duration.
Google Web Fonts
We use web fonts provided by Google Ireland Limited Gordon House, Barrow Street Dublin 4, Ireland - hereinafter referred to as Google. The service is used for the uniform and correct display of fonts on our site. For this purpose, your browser connects to Google's servers and loads the required web fonts into your browser cache as soon as you call up a page on our website. In doing so, Google learns that our website was accessed via your IP address. The legal basis for the use of Google Web Fonts is Art. 6 para. 1 lit. f GDPR >legitimate interest<. Our legitimate interest is the uniform and correct display of the fonts on our website. Further information on Google Web Fonts and data protection at Google in general can be found at: developers.google.com/fonts/faq and www.google.com/policies/privacy/
The provider of this website uses the newsletter to provide information about individual offers.
If users of this website wish to receive the newsletter, an email address is required. The e-mail address is only used if the user has expressly consented to this in accordance with Art. 6 Para. 1 S. 1 lit. a GDPR. This e-mail address is checked to ensure that the user is also the owner/authorised user of the e-mail address. The data is used exclusively for sending the newsletter; it is not passed on to third parties. No other data is collected.
When registering to receive the newsletter, the IP address and the date of registration are stored. The storage serves exclusively as a safeguard in case a third party has misused the address and has registered for the newsletter without the knowledge of the owner or authorised person.
Consent to the storage of data and its use can be revoked at any time via a link in the newsletter itself, in the profile area or by sending a message to the above contact options or by e-mail to firstname.lastname@example.org.
You have the option of contacting us via various communication channels such as e-mail, telephone, post or via a contact form. In the event that you contact us, we will store your data for the purpose of processing your enquiry. The data will not be passed on to third parties. The processing of personal data is carried out in accordance with Art. 6 para. 1 p. 1 lit. f GDPR. The legitimate interest here is the processing of your enquiry. If your contact aims at the conclusion of a contract, the legal basis is also Art. 6 para. 1 p. 1 lit. b GDPR. We delete this data as soon as your enquiry has been conclusively clarified and insofar as there are no legal storage obligations to the contrary.
Registration function for congress and event
You can register for the congress via this page. For the electronic registration we use the software Regasus of the service provider LambdaLogic Informationssysteme GmbH, Komturstr. 18, 12099 Berlin. The electronic registration will be processed via a Regasus web portal. The data entered on the Regasus web portal, such as participant type, title, first name, last name or address data, are transmitted directly to Regasus. The processing by us as well as by Regasus is carried out for the registration and handling of the congress. Processing for other purposes will only take place with your express consent. The legal basis for processing in the case of registration and implementation of the congress is Art. 6 para. 1 lit. b GDPR.
The data will be deleted by us after the end of the event, unless you have consented to processing for other purposes and/or there are no legal retention obligations and/or processing for other purposes is permissible. Unless you object to the processing, we will in particular use your contact details (including name and e-mail address) to advertise similar goods or services.
to advertise similar goods or services. In this case, the processing is carried out in accordance with Art. 6 para. 1 sentence 1 lit. f) GDPR. We have a legitimate interest in advertising our goods and services. You can object to this processing at any time for the future. A simple declaration to us is sufficient for this purpose. If the processing is based on your consent, the legal basis is Art. 6 para. 1 lit. a GDPR. You can revoke your consent at any time. If you have voluntarily consented to other processing, we will delete this data after revoking your consent.
We use plug-ins from various social networks. A social network is a platform or an app that allows users to communicate with each other, exchange opinions or share content such as pictures with other users or in the social network itself. Users usually have the possibility to create private or business profiles, to network with each other or to provide private or company-related information. We use plug-ins to provide visitors to our website with a better user experience and to facilitate the sharing, commenting and liking of content. The respective plug-in provider stores the data collected about you as usage profiles. The purpose of the processing is the presentation of (needs-based) advertising, market research and/or needs-based design of the website and to inform other users of the social network about your activities on our website. The evaluation also takes place when you are not logged into the social network. You have the right to object to the creation of these user profiles. To exercise the right to object, you must contact the respective plug-in provider. The legal basis for the use of the plug-ins is Art. 6 para. 1 p. 1 lit. a DS-GVO. Processing only takes place if you have consented to it.
We use plug-ins from Twitter, a service of Twitter Inc., 795 Folsom St., Suite 600, San Francisco, CA 94107, USA. When you call up an individual web page of this website that contains a Twitter plug-in, a connection is established with the servers of Twitter. The content of the button is transmitted by Twitter directly to your browser, which then integrates it into the website. Twitter receives various information including your IP address. This information is processed on Twitter's servers in the USA. Regardless of whether you are logged in to Twitter or have no account at all, Twitter receives the information that your browser has called up the page. If you are logged in to Twitter, Twitter can directly assign your visit to our website and/or interaction with the plug-in, for example by clicking, to your Twitter account. You can prevent the information from being assigned to your Twitter account by logging out of Twitter before visiting our website, or by using an add-on for your browser to object to data processing for the future. The legal basis for the processing is Art. 6 para. 1 lit. a GDPR. Processing only takes place if you have given your consent. Further information on data collection and processing by Twitter can be found at: twitter.com/privacy
Use of YouTube videos
Use of Vimeo videos
We use plug-ins from the video portal Vimeo. The content of the plug-in is transmitted by Vimeo directly to your browser and integrated into the page. By integrating the plug-in, Vimeo receives different information. If you are logged into your Vimeo account during your visit, Vimeo can directly assign your visit to our website to your Vimeo account. Vimeo can also assign interactions, such as pressing the start button of a video, to your account. If you are not logged in to Vimeo and even if you do not have a Vimeo account, Vimeo can still recognise that your browser has accessed the corresponding page of our website. Your browser establishes a direct connection to the Vimeo servers in the USA and transmits and stores this information (including your IP address) on the Vimeo servers when you call up a page of our website that contains a Vimeo plug-in. The legal basis for the data processing operations is Art. 6 para. 1 lit. f GDPR. Vimeo has a legitimate interest in market research and the individual design of the service. You can prevent a direct allocation of the data collected via our website to your Vimeo account by logging out of Vimeo before visiting our website. The Vimeo platform is operated by Vimeo, LLC, 555 West 18th Street, New York, New York 10011, USA. Further information on the purpose and scope of data collection and the further processing and use of data by Vimeo can be found at: vimeo.com/privacy
3. Web analysis
We use web tracking and web analysis services. These are services that enable an analysis of the use of our website. We use this data to improve the website and to make our offer more interesting for you. The legal basis for the use of web analysis tools is Art. 6 para. 1 p. 1 lit. a GDPR.
Matomo (formerly Piwik)
This website uses Matomo, an open source software for statistical analysis of user access to our website. Matomo uses so-called cookies to evaluate user access. We use Matomo with the extension >AnonymizeIP<. This means that IP addresses are only processed in abbreviated form. A direct link to a person is thus excluded. The IP address transmitted by your browser via Matomo is not merged with other data collected by us. The storage of this information takes place exclusively on our servers. We only use Matomo if you have expressly consented to it. This consent is voluntary. You can revoke your consent at any time. With the revocation of your consent, we will stop processing your data. The revocation of consent does not affect the lawfulness of the data processing that took place until the revocation.
4. Payment service provider
We offer payment via different methods through the payment service provider Ingenico. We pass on your data to the payment provider in order to process the payment. The legal basis for the transfer of your data to the payment service provider is 6 para. 1 lit. b GDPR. You can find more information on data processing by the payment service provider in the respective data protection information of the provider. We use the following providers
Communication & Digital Department
28-32 boulevard de Grenelle
75015 Paris - France
5. Use of the internet platform of the digital congress (https://ihc21-virtual.org/)
We welcome your participation in our digital/hybrid congress. In the course of this participation, we will process a number of personal data. With the following data protection information, we inform you as a data subject within the meaning of data protection law about this processing of personal data. Personal data are individual details about personal or factual circumstances of a specific or identifiable natural person.
The responsible party within the meaning of the GDPR is the
Conventus Congressmanagement & Marketing GmbH
07745 Jena (Germany)
(hereinafter referred to as the responsible person)
You can reach our data protection officer at the following contact details:
Landgraf Datenschutz GmbH, Markt 22, 07743 Jena (Germany)
If you have any questions or suggestions regarding data protection, you can contact our data protection officer directly
Processing of data by third parties
Within the framework of the cooperation, it may be necessary to pass on your data to third parties. In particular, your data will be passed on to:
Place of data processing
Data processing takes place predominantly in data centres in the Federal Republic of Germany and the European Union. In some cases, data is transferred to the USA (e.g. when using Zoom or Vimeo). The USA is a third country within the meaning of the GDPR. In the event of a transfer, suitable guarantees in the form of standard data protection clauses (Art. 44, 46 GDPR) ensure that the processing takes place at a level that complies with the GDPR.
What data do we process and for what purpose?
Participation in the Digital Congress
Participation in the digital congress is only possible after prior registration via the Regasus registration system.
The data processing is carried out in accordance with Art. 6 Para. 1 Sentence 1 lit. b) GDPR.
To log in to the digital congress, you need to create a Conventus account. This checks your registration data and bookings with Regasus. The data for the log-in account
will be stored on a server of Hetzner Online GmbH (https://www.hetzner.de/) (Industriestr. 25, 91710 Gunzenhausen, Germany).
Within the digital congress you have the possibility to fill in your participant profile. This data can be made public as a "business card" to the exhibiting companies and sponsors, as well as to other participants of the congress. The following data can be entered optionally:
The legal basis for the transfer of data is Article 6 (1) sentence 1 lit. f) GDPR. We have a legitimate interest in providing our partners with an overview of the participants.
The data in your participant profile will be deleted after the end of the purpose and expiry of all legally prescribed retention obligations.
Functionalities during the Congress
During the congress you as a participant have the possibility to use the following functionalities:
Help-Desk (Support via Conventus)
In the helpdesk participants can ask organizational and technical questions about the congress. The question can be asked anonymously or you can leave the following data
We process all data that you provide to us as part of the enquiry. The legal basis for the data processing is Art. 6 para. 1 sentence 1 lit. b) GDPR. We process the data to answer your enquiry and delete it after the enquiry has been dealt with, unless further processing is necessary for other reasons.
The request in the Helpdesk can be made via the following functions
Contact with other participants (chat)
You will have the opportunity to interact with other participants during the congress. Via the chat tool you can
In the same way, you can be searched for, found and contacted by other participants.
This function is available in the main navigation and via a widget.
Within the framework of the event, various topic-based chat channels can also be made available by the organiser. You can actively join these channels and then display who else is in the channel and enter into a group chat with the people in the channel or an individual chat with specific people.
Within the chat function, your username (= your email address) is visible to other participants. This consists of your first and last name. In the context of video chats, a video image is also transmitted through your activation.
The data will be stored on a server of qutic development GmbH, Frankfurt (Main), Germany until 1 March 2021.
The legal basis for the data processing is: Art. 6 para. 1 sentence 1 lit. b) GDPR.
Visit the virtual company stands of the industry exhibition
You can visit the virtual stands of the industry exhibition during the congress.
Here you can get in direct contact with the respective exhibitor via chat. You also have the opportunity to view and download information material from the stands or visit external websites of the companies. Your activities will be recorded at this point and made available to the exhibiting company.
If you visit the stand of an industry exhibitor during the digital trade fair, we will pass on the following data to the exhibitor at the end of the event:
The legal basis for passing on the data is Art. 6 para. 1 sentence 1 lit. f) GDPR. We have a legitimate interest in passing on your data to the respective exhibitor in order to enable them to contact you.
We will also pass on your e-mail address if you have expressly consented to this. The disclosure will only take place within the scope of your consent.
Scientific Sessions Procedure
All scientific sessions will be made available to participants in Vimeostreams. During the sessions, they can ask questions in real time about the presentations. These questions will be answered live by the speakers.
All data included in this session will be shared with Vimeo. This is primarily the video images of the speakers and moderators, if they can be seen in this session, and their recorded presentations submitted to the Upload Centre.
Vimeo is a service of Vimeo Inc. (555 West 18th Street New York, New York 10011, USA). Further information on data processing by Vimeo can be found here: vimeo.com/privacy.
The sessions will be stored on the Vimeo platform until 1 March 2021 and made available for Congress participants to retrieve.
The legal basis for data processing is: Art. 6 para. 1 sentence 1 lit. b) GDPR.
Sessions in Zoom Webinars
When using or joining Zoom webinars, your access data will be saved. If you interact with other participants in the auditorium, your video image will also be transmitted, provided that you have activated it.
All data contained in this session will be passed on to Zoom. This is primarily the video images of all participants, if they can be seen in this session, and their recorded presentations submitted to the Upload Centre.
Zoom (Webinar) is a service of Zoom Video Communications, Inc (San Jose Headquarters, 55 Almaden Boulevard, 6th Floor, San Jose, CA 95113 +1.888.799.9666 | email@example.com). Further information on data processing by Vimeo can be found here: zoom.us/docs/en-us/privacy-and-security.html.
The sessions will be stored on the Vimeo platform until 1 March 2021 and kept available for retrieval by congress participants.
The legal basis for data processing is: Art. 6 para. 1 sentence 1 lit. b) GDPR.
Procedure Industry Sessions
During the Congress you will have the opportunity to participate in industry sessions. For some of these sessions, participation is only possible if you release certain personal data for promotional purposes. Participation will be via a separate confirmation. Your data will be collected via this confirmation in order to document which participants have actually attended the industry session. We will note your participation on a list and pass this on directly to the company conducting the session.
We process the following data:
The legal basis for data processing is Art. 6 para. 1 sentence 1 lit a GDPR.
We will pass on your data if you have explicitly consented to this.
Chairpersons, speakers, authors
When you participate in a session as a chairperson, we process the following data:
We need the data so that you can log in to your session at Zoom and/or Jitsi and so that we can moderate the session.
You will be shown live during the session. Image data will be passed on to the participants. The session will be recorded and stored until 1 March 2021. The legal basis for data processing is Art. 6 para. 1 sentence 1 lit. f) GDPR.
Talks are presented by the speakers as follows:
Pre-Recorded Talks (= spoken PowerPoint presentation).
Speakers who give their talks in advance of the conference can include their own picture of the speaker or a "live video" to be recorded here.
Live presentation via screen sharing
With the consent of the speaker, the live presentation will be recorded and made available to the participants afterwards. Live spoken to presentation provided in advance to which the speaker has access via remote control
With the consent of the speaker, the live presentation is recorded and made available to the participants afterwards.
The presentations are uploaded to a Conventus server by the speaker or his/her representative and played back in a Vimeostream during the session. During the session, the speaker is logged into Zoom or Jitsi and is available to answer questions from the auditorium live during the session. When answering, the speakers will be faded in via video, provided the speaker enables the video function.
During the lecture, participants have the opportunity to address questions to the speakers. Direct interaction with the speaker is not possible.
Speakers' presentations and the data contained therein will be made available in an on-demand area until 1 March 2021. The legal basis for data processing is Art. 6 para. 1 sentence 1 lit. f) GDPR. We have a legitimate interest in making the sessions available to our participants for review.
ePosters are uploaded to a Conventus server by the author or his/her representative. During the congress, the posters will be available on the digital congress website (including the poster presentation itself). After the congress, the posters will also be available on demand on the digital congress website until 1 March 2021.
During the poster session, the author will present the contents of his poster live and take questions from the auditorium.
Note for ePoster presenters
If you participate in the programme as an ePoster presenter, other participants have the opportunity to write to you via your deposited poster to ask questions. You had to give your consent to this when you made your ePoster available (Upload Center). The following data will be passed on to the participants and processed for contacting them:
The data will be stored until 1 March 2021. The legal basis for the data processing is: Art. 6 para. 1 sentence 1 lit. b) GDPR.
6. Your rights as a data subject
(1) As a data subject, you have various rights with regard to the personal data concerning you.
You have the following rights vis-à-vis us as the controller within the meaning of data protection law.
To assert your rights, it is sufficient to notify us.
(2) You also have the right to lodge a complaint with a supervisory authority (Art. 77 GDPR). To assert this right, simply notify the relevant supervisory authority.
7. Data security
When visiting this website, the SSL (Secure Socket Layer) procedure is used in conjunction with the highest level of encryption supported by the user's browser. This is usually 256-bit encryption. If the browser used by the user does not support 256-bit encryption, 128-bit v3 technology is used. The encrypted transmission of a page of this website can be recognised by the key or lock symbol in the status bar of the browser.
In addition to SSL encryption, technical and organisational security measures are used to protect data against accidental or intentional manipulation, loss, destruction or against unauthorised access by third parties. These security measures are continuously improved in line with technological developments.