Munich Datageeks e.V.

Privacy Policy

Last updated: 20.10.2025

1. Data Controller / Responsible Party

Munich Datageeks e.V.
Email: munichdatageeks@gmail.com

Represented by: Prof. Torsten Schön (Chairman)

2. General Information

We take the protection of your personal data very seriously. We process your personal data in accordance with the EU General Data Protection Regulation (GDPR), the German Federal Data Protection Act (BDSG), and other applicable data protection regulations.

This privacy policy explains what data we collect, why we collect it, and your rights regarding your personal data.

3. Data Collection When Visiting Our Website

3.1 Access Data and Server Log Files

When you visit our website, our web server automatically collects and stores the following information:

  • IP address of your device
  • Date and time of access
  • Browser type and version
  • Operating system
  • Referrer URL (previously visited page)
  • Amount of data transferred

Legal basis: Art. 6 (1) lit. f GDPR (legitimate interest in ensuring system security and improving our website)

Storage duration: This data is automatically deleted after 12 months.

3.2 Cookies

Our website uses cookies. Cookies are small text files stored on your device that help us improve your user experience.

Types of cookies we use:

  • Necessary cookies: Required for basic website functionality

You can configure your browser to refuse cookies or notify you when cookies are being sent. However, some features of our website may not function properly without cookies.

Legal basis: Art. 6 (1) lit. f GDPR for necessary cookies; Art. 6 (1) lit. a GDPR for optional cookies (with your consent)

4. Contact and Communication

4.1 Contact Forms / Email

When you contact us via email or contact form, we collect:

  • Your name
  • Email address
  • Selected options for reaching out to us
  • Any information you provide in your message

Purpose: To process and respond to your inquiry

Legal basis: Art. 6 (1) lit. f GDPR (legitimate interest in responding to inquiries)

Storage duration: We delete this data when it is no longer needed to process your inquiry, or when legal retention requirements expire.

5. Third-Party Services

5.1 Website Hosting

Our website is hosted by:

Magicpages.co

Our hosting provider processes data on our behalf (data processor) according to Art. 28 GDPR. A data processing agreement is in place.

5.2 Ghost CMS Analytics

We use Ghost CMS Analytics features to analyze website usage and improve our offering.

Data collected: see https://ghost.org/help/native-analytics/

Legal basis: Art. 6 (1) lit. a GDPR (with your consent) or lit. f GDPR (legitimate interest)

Opt-out: If subscribed to newsletter, you can any time unsubscribe yourself.

5.4 YouTube Embeds

We use YouTube to share recordings of past events for revisiting the talk or if participants were not able to attend.

6. Newsletter

If you subscribe to our newsletter, we collect:

  • Your email address
  • Name (optional)

Purpose: Sending information about club activities and events

Legal basis: Art. 6 (1) lit. a GDPR (consent)

You can unsubscribe at any time by clicking the unsubscribe link in any newsletter or by contacting us.

7. Your Rights

Under the GDPR, you have the following rights:

7.1 Right of Access (Art. 15 GDPR)

You can request information about what personal data we process about you.

7.2 Right to Rectification (Art. 16 GDPR)

You can request correction of inaccurate personal data.

7.3 Right to Erasure (Art. 17 GDPR)

You can request deletion of your personal data, unless we are required to retain it by law.

7.4 Right to Restriction of Processing (Art. 18 GDPR)

You can request restriction of processing under certain circumstances.

7.5 Right to Data Portability (Art. 20 GDPR)

You can request to receive your data in a structured, machine-readable format.

7.6 Right to Object (Art. 21 GDPR)

You can object to processing based on legitimate interests.

If processing is based on your consent, you can withdraw it at any time.

7.8 Right to Lodge a Complaint

You have the right to lodge a complaint with a data protection supervisory authority:

Bavarian State Office for Data Protection Supervision (BayLDA)
Promenade 18
91522 Ansbach
Germany
Website: www.lda.bayern.de

8. Data Security

We use appropriate technical and organizational measures to protect your data against unauthorized access, loss, or manipulation. These include:

  • SSL/TLS encryption for data transmission
  • Secure server infrastructure
  • Regular security updates
  • Access restrictions for our staff

9. Transfer of Data to Third Parties

We do not sell your personal data to third parties. We only share data with third parties when:

  • You have given explicit consent (Art. 6 (1) lit. a GDPR)
  • It is necessary to fulfill our contractual obligations (Art. 6 (1) lit. b GDPR)
  • We are legally required to do so (Art. 6 (1) lit. c GDPR)
  • It is necessary to protect our legitimate interests and your interests do not override ours (Art. 6 (1) lit. f GDPR)

10. Children's Privacy

Our services are not directed at children under 16. We do not knowingly collect personal data from children without parental consent.

11. Video Recording and Photography at Events

Our club organizes knowledge-sharing events (talks, presentations, workshops) to build community and share information. We record these events to make the content available to the wider community.

11.1 What We Record

Speaker presentations:

  • Video and audio of talks and presentations
  • Screen shares and presentation slides
  • Q&A sessions and panel discussions
  • Legal basis: Art. 6 (1) lit. a GDPR (speaker consent via Speaker Release Form)

Audience participation:

  • Questions asked via microphone may be recorded
  • General crowd shots and event atmosphere photos
  • Legal basis: Art. 6 (1) lit. f GDPR (legitimate interest in educational documentation)

Event photography:

  • Photos for social media, newsletters, and website
  • General crowd shots where individuals aren't the main focus
  • Legal basis: Art. 6 (1) lit. f GDPR (legitimate interest)

11.2 Notice and Transparency

We provide clear notice that recording will occur:

  • Event invitations/registration: Always mention that recording will occur
  • On-site signage: Clear signs at entrance stating recording is in progress
  • Verbal announcement: Moderator announces recording at event start

11.3 Where Recordings Are Published

Videos and photos may be published on:

  • YouTube: https://youtube.com/@munichdatageeks - Primary video platform (public, searchable)
  • Club Website: munich–datageeks.de - Embedded videos and photo galleries
  • Social Media: LinkedIn - Highlights and promotional clips
  • Newsletters: Screenshots and short clips
  • Educational Archives: Long-term preservation for community access

11.4 How to Avoid Being Recorded

If you don't want to appear in recordings:

  • Sit in the designated "No Recording Zone" (marked areas, usually back rows)
  • Submit questions via written cards or online chat instead of using microphone
  • For hybrid events: Keep camera off when joining online
  • Contact our coordinator (identified by yellow vest) at the event entrance
  • Inform us in advance if you need special accommodations

11.5 Your Rights Regarding Recordings

Right to Object (Art. 21 GDPR):

  • During event: Move to No Recording Zone or inform coordinator
  • After event: Request removal from published videos

Right to Erasure (Art. 17 GDPR):

  • Request removal from recordings by contacting meetups@munich-datageeks.de
  • We will blur your face or edit you out if technically feasible
  • Response time: 7 days for acknowledgment, 30 days for completion
  • Limitations: Complete removal may not be possible if you're integral to the educational content

How to request removal: Email: meetups@munich-datageeks.de
Subject: "Video Removal Request - [Event Name/Date]"
Include: Event date, approximate timestamp, description of your appearance

Limitations on removal:

  • Speakers who signed release forms have limited withdrawal rights
  • Essential questions/content may require blurring rather than complete removal
  • Already-viewed content cannot be retroactively unviewed

11.6 Special Protection for Minors

Participants under 16 years of age:

  • Parental consent required if they will appear in recordings
  • Encouraged to sit in No Recording Zones
  • Full names NOT published with videos/photos
  • Extra care taken to focus on speakers, not youth audience members

11.7 Storage and Retention

  • Published videos: Indefinite (educational archive)
  • Raw footage: Deleted 90 days after final publication
  • Photos (published): Indefinite on website/social media
  • Photos (unpublished): Deleted after 1 year
  • Speaker contact information: Duration of relationship + 2 years

11.8 Speaker Agreements

All speakers and presenters sign comprehensive Speaker Release Forms that grant:

  • Permission to record their presentations
  • Rights to publish on specified platforms
  • Attribution and crediting preferences
  • Preview rights before publication

11.9 Data Security

  • Recordings stored on encrypted devices
  • Access restricted to authorized editing team
  • Cloud storage (if used): GDPR-compliant EU providers with data processing agreements
  • Published on reputable platforms (YouTube, Vimeo) with appropriate privacy settings

12. Changes to This Privacy Policy

We may update this privacy policy from time to time. The current version is always available on our website. Significant changes will be communicated to our members.

13. Contact for Data Protection Matters

If you have questions about data protection or wish to exercise your rights, please contact:

Munich Datageeks e.V.
Attn: Data Protection
Email: munichdatageeks@gmail.com

For photography-specific requests:
Email subject: "Photo Request" or "Photography Objection"