1. Information about the processing of your personal data when participating in a webinar (via GoToWebinar)
The following privacy notice provides an overview of the collection and processing of your data and how you can exercise your rights under the General Data Protection Regulation (GDPR).
The EU General Data Protection Regulation (GDPR), which came into force on May 25, 2018, obliges us to inform you comprehensively about the processing of your personal data. Among other things, we provide detailed information about your rights as “data subjects” whose personal data we process.
1.1. Who is responsible for data processing?
The controller within the meaning of the GDPR is:
Controller in terms of the GDPR is:
DR Deutsche Recycling Service GmbH
Bonner Straße 484 – 486
50968 Cologne
Email: info@deutsche-recycling.de
Phone: +49 221 80033210
Our Data Protection Officer is:
Ms. RAin Nicole Motiee Tehrani
ap-datenschutz GmbH
Hohenstaufenring 8
50674 Cologne
Email: dsb@ap-datenschutz.de
Phone: +49 221 99989030
Note: When accessing the “GoTo” website, the provider “GoTo Technologies Ireland Unlimited Company” is responsible for data processing.
You can also use “GoTo” if you enter the respective meeting ID and, if applicable, other access data directly in the “GoTo” app.
If you do not wish to use or cannot use the “GoTo” app, the functions are also available through a browser version, which you can find on the “GoTo” website.
1.2. What personal data is used?
When using the video conference software, various types of data are processed. The extent of the data depends on the information you provide before or during participation in an “online meeting.”
The following personal data are processed:
User information: Title, first name, last name, phone number, email address, password (if “Single-Sign-On” is not used), profile picture (optional), department (optional)
Meeting metadata: Subject, description (optional), participant IP addresses, device/hardware information
When recordings are made (optional): MP4 file of all video, audio, and presentation recordings, M4A file of all audio recordings, text file of the online meeting chat.
When dialing in by phone: Incoming and outgoing phone numbers, country name, start and end time. Further connection data, such as the IP address of the device, may be stored.
Text, audio, and video data: You may have the option to use the chat, questions, or survey functions in a webinar. In this case, the text you enter will be processed to display it in the webinar and, if necessary, to record it. To enable video display and audio playback, data from your device’s microphone and any video camera will be processed during the meeting. You can turn off or mute the camera or microphone at any time via the applications.
To participate in a webinar or enter the “meeting,” you must at least provide your name.
1.3. Where do the data come from?
We only process personal data that we receive voluntarily from our customers within the framework of our business relationships. In addition, we process personal data that we receive from other companies, if necessary, to fulfill the service/contract with you.
1.4. Why and on what legal basis do we process your data?
We process your personal data, especially in compliance with the General Data Protection Regulation (GDPR), the Federal Data Protection Act (BDSG), and all other relevant laws.
The video conference software GoToWebinar is used to ensure efficient communication within our company and to fulfill our contractual obligations. If we wish to record webinars, we will inform you transparently in advance and, if necessary, ask for your consent. The fact of the recording will also be displayed in the software.
If necessary for the purpose of recording results from a webinar, we may log chat contents. However, this will generally not be the case.
We may also process questions from webinar participants for the purpose of recording and reviewing webinars.
Automated decision-making as referred to in Art. 22 of the GDPR does not take place.
1.4.1. Data processing in the employment relationship (§ 26 BDSG)
If personal data of employees of DR Deutsche Recycling Service GmbH is processed, § 26 BDSG is the legal basis for data processing. If personal data in connection with the use of video conference software is not required for the establishment, execution, or termination of the employment relationship but is essential for the use of video conference software, Art. 6 (1) lit. f GDPR is the legal basis for data processing. Our interest in these cases lies in the effective conduct of webinars.
1.4.2. Data processing based on your consent (Art. 6 (1) lit. a GDPR)
If you have voluntarily consented to the collection, processing, or transmission of personal data for specific purposes, this consent forms the legal basis for the processing of these data.
Consent can be revoked at any time. Please note that the revocation only applies to the future. Processing that has already taken place before the revocation is not affected.
1.4.3. Data processing based on contractual relationships (Art. 6 (1) lit. b GDPR)
In any case, the legal basis for data processing in connection with webinars is Art. 6 (1) lit. b GDPR, as far as these are conducted to fulfill contractual relationships.
1.4.4. Based on the legitimate interest of the responsible entity (Art. 6 (1) lit. f GDPR)
In certain cases, we process your data to safeguard a legitimate interest of ours or third parties.
For example: Data comparison with EU anti-terrorism lists according to Regulations (EC) No. 2580/2001 and 881/2002: As a company, we are obliged under EU law to participate in the fight against terrorism. Persons and organizations on the terrorist lists are not allowed to receive funds (provision ban). For this reason, we are obliged to compare names with the terrorism lists.
1.5. Who will receive your data?
Your data will be processed by the video conference software GoToWebinar. The software runs on servers of GoTo Technologies Ireland Unlimited Company, which is committed to complying with applicable EU laws.
Software provider (GoToWebinar):
GoTo Technologies Ireland Unlimited Company
77 Sir John Rogerson’s Quay, Block C, Suite 207
Grand Canal Docklands
Dublin 2
D02 VK60
Ireland
Email: privacy@goto.com
1.6. Where will your data be transmitted?
Countries outside the European Union (and the European Economic Area “EEA”) handle the protection of personal data differently than countries within the European Union. For the processing of your data, we use service providers with Microsoft and Zoom Video Communications who process data in third countries outside the European Union.
The service (GoToWebinar) may process your data within the European Union and the European Economic Area. There is no transmission of personal data to a so-called third country.
1.7. How long will your data be stored?
We will keep your data only as long as we need it or are legally obliged to keep it. This depends on the reason the data was collected and whether we have a continuing legal basis for retaining it (e.g., to fulfill a contract between us, to provide a service you requested, to fulfill legal requirements, or to protect our legitimate interests). If we no longer have a legitimate reason to keep your data, we will delete or anonymize it so that it can no longer identify you. We handle data differently depending on the use case, but you can delete your personal data at any time or ask us to do so for you.
We may further store data as long as it is necessary to defend against possible legal claims. Regularly, your data will be manually deleted after it is no longer needed.
If you are registered with “GoTo” as a user, reports about webinars (meeting metadata, telephone entry data, questions and answers in webinars, survey functions in webinars) may be stored with “GoTo” for up to 24 months unless earlier requested or defined in applicable technical and organizational measures (“TOM”).
1.8. Processing procedure
You can register for the webinar through our registration forms on our website by leaving your name, phone number, and email. You will then receive a personal invitation link to participate via email.
For users with a GoTo account:
At the time of the event, you can join the event in the GoToWebinar application by entering the relevant webinar data. You will only be admitted to the waiting room by us as the organizer if your registration is confirmed.
For external users without a GoTo account:
At the time of the event, you can join the webinar in the GoToWebinar web application by clicking on the link. You will only be admitted to the waiting room by us as the organizer if your registration is confirmed.
The event takes place via the GoToWebinar service of GoTo Technologies Ireland Unlimited Company. In this regard, we refer to the privacy policy of our IT service provider.
1.9. What rights do you have in connection with the processing of your data?
Every data subject has the right to information under Art. 15 GDPR, the right to rectification under Art. 16 GDPR, the right to erasure under Art. 17 GDPR, the right to restriction of processing under Art. 18 GDPR, the right to object under Art. 21 GDPR, and the right to data portability under Art. 20 GDPR. The restrictions under §§ 34 and 35 BDSG apply to the right of access and the right to erasure.
1.9.1. Right to Object
Under Art. 21 (1) GDPR, you have the right to object to the processing of personal data concerning you at any time for reasons arising from your particular situation, which is based on Art. 6 (1) lit. e GDPR (processing in the public interest) or Art. 6 (1) lit. f GDPR (processing for the protection of a legitimate interest), including profiling based on this provision.
In the case of your objection, we will not process your personal data unless we can demonstrate compelling legitimate grounds for the processing that override your interests, rights, and freedoms, or the processing is necessary for the establishment, exercise, or defense of legal claims.
1.9.2. Withdrawal of Consent
You can withdraw your consent to the processing of personal data at any time. Please note that the withdrawal only applies to the future.
1.9.3. Right of Access
You have the right to request information about whether we have stored personal data about you. If you wish, we will inform you which data it concerns, for what purposes the data are processed, to whom the data are disclosed, how long the data will be stored, and what other rights you have regarding this data.
1.9.4. Other Rights
You also have the right to rectify incorrect data or delete your data. If there is no reason for further storage, we will delete your data; otherwise, we will restrict processing. You may also request that we provide all personal data you have provided to us in a structured, commonly used, and machine-readable format to either you or a person or company of your choice.
In addition, there is a right to lodge a complaint with the competent data protection supervisory authority (Art. 77 GDPR in conjunction with § 19 BDSG).
1.9.5. Exercising Your Rights
To exercise your rights, you can contact the controller or the data protection officer using the contact details provided. We will promptly process your requests in accordance with legal requirements and inform you of the actions we have taken.
1.10. Changes to this Information
If the purpose or manner of processing your personal data changes significantly, we will update this information in a timely manner and notify you of the changes.