Status of the Declaration: May 2018
We are delighted that you are interested in our company. MCH Group takes data protection very seriously. MCH Group’s Data Protection Declaration applies to quotations, webpages and data processing operations conducted by all companies belonging
to MCH Group Ltd. (you will find more information on this in the following chapter).
MCH Group’s Data Protection Declaration is addressed equally to men and women. To facilitate reading, however, only male pronouns are used.
We reserve the right to modify this Data Protection Declaration at any time, taking effect for the future. An up-to-date version is always available on the MCH Group webpages. Please call up the webpages on a regular basis and find out about the
valid data protection provisions.
With this Data Protection Declaration, our company wishes to provide the public at large with information on the nature, scope and purpose of the personal data that we collect, use and process. In addition, we also wish to draw your attention to
the rights that you have by means of this Data Protection Declaration.
It is fundamentally possible to use MCH Group’s internet pages without specifying any personal data. If an affected person wishes to use specific services offered by our company (especially on-line registration, apps, competitions, ticket
purchases, etc.), however, it may be necessary for personal data to be processed. If it is necessary to process personal data and if no legal or contractual basis exists for processing data in this way, we always obtain the consent of the
affected person.
The processing of personal data – for example the name, address, e-mail address or telephone number of an affected person – is always conducted in compliance with the national data protection provisions that apply to MCH Group and, in particular,
with the General Data Protection Regulation of the EU and the valid Swiss legislation.
As the data controller in charge of processing the data, MCH Group has implemented a large number of technical and organisational measures in order to ensure gap-free protection of the processed personal data as far as possible. Our employees are
also obliged to maintain data confidentiality as specified by law. Despite this, security gaps can fundamentally exist in internet-based data transmission, which means that it is impossible to guarantee absolute protection. You thus have the
option of sending personal data to us by other means, such as by post or by telephone.
MCH Group’s Data Protection Declaration is based on the concepts that have been used by the European issuers of Directives and Regulations in issuing the General Data Protection Regulation (GDPR) and by the Swiss legislator in the Swiss Data
Protection Law (DSG). Our Data Protection Declaration is intended to be easy to read and easy to understand for both the public at large and for our customers and business partners. To ensure that this is the case, we would like to
start by defining the terms that are used.
In this Data Protection Declaration, we use the following terms, among others:
a. Personal data
Personal data is all the information relating to an identified or identifiable natural person (called the “affected person” in what follows). A natural person is regarded as being identifiable if they can be identified either directly or
indirectly through reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity
of that natural person.
b- Affected person
An affected person is any identified or identifiable natural person whose personal data is processed by the data controller in charge of processing the data. We also address you directly in this Data Protection Declaration, however.
c. Processing
Processing means any operation or set of operations which is performed on personal data, whether or not by automated means, such as collection, recording, organisation, structuring, storage, adaptation or alteration, retrieval, consultation, use,
disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure or destruction.
d. Restriction of processing
Restriction of processing means the marking of stored personal data with the aim of restricting its processing in future.
e. Profiling
Profiling is any type of automated processing of personal data which involves the personal data being used to evaluate specific personal aspects of a natural person.
f. Pseudonymisation
Pseudonymisation means the processing of personal data in such a manner that the personal data can no longer be attributed to a specific data subject without the use of additional information, provided that such additional information is kept
separately and is subject to technical and organisational measures to ensure that the personal data is not attributed to an identified or identifiable natural person.
g. Data controller or person in charge of processing
The data controller or person in charge of processing is the company within MCH Group which, alone or jointly, determines the purposes and means of personal data processing. More detailed information on our companies is given in this chapter.
h. Processor
The processor is a natural or legal person, public authority, agency or another body that processes personal data on behalf of MCH Group.
i. Recipient
The recipient is a natural or legal person, public authority, agency or another body to which the personal data is disclosed, irrespective of whether this is a third party or not. Public authorities which may receive personal data in the context
of a specific inquiry in accordance with the law do not, however, count as recipients.
j. Third party
A third party is any natural or legal person, public authority, agency or body other than the affected person, the data controller, the processor and those persons who, under the direct authority of the data controller or processor, are
authorised to process the personal data.
k. Consent
Consent is the freely given, informed and unambiguous indication of the affected person’s wishes by which they, through a statement or by a clear affirmative action, signify agreement to the processing of personal data relating to them in the
specific case.
In legal terms, the companies of MCH Group are independent and legally separate entities.
The data controller as specified in the General Data Protection Regulation, other data protection laws applicable within the member states of the European Union and other provisions governing data protection is thus the MCH company which,
alone or jointly with others, determines the purpose and means of the processing of personal data. Or, expressed simply, the MCH Group company to which you transmit data.
You will find an overview of our companies under the following link. On this page, you will find further links to our companies and the exhibitions and events that they hold: https://www.mch-group.com/en-US/mch-group/organisation/companies.aspx
In case of doubt, please contact the Data Protection Officer of MCH Group Ltd.
Data Protection Officer
MCH Group Ltd.
4005 Basel
dataprotection@mch-group.com
The MCH Group webpages can contain links to websites of other suppliers. Since we have no control over these websites and have no influence on their contents, we recommend that you take a look at the information on data protection provided on
these websites. We are not, under any circumstances, able to guarantee compliance with the statutory data protection requirements by third-party websites.
MCH Group only processes and saves personal data of the affected person for the period necessary to achieve the purpose of storage, or if provision has been made for this by the European issuer of Directives and Regulations, the Swiss legislator
or another legislator through laws or regulations to which the data controller in charge of processing the data is subject. Attention is drawn here, in particular, to the retention obligations contained in the Swiss Code of Obligations.
If the purpose of storage no longer applies or if a storage period prescribed by the European issuer of Directives and Regulations, the Swiss legislator or another competent legislator expires, the personal data is routinely blocked or deleted in
accordance with the statutory regulations.
We would like to inform you that the provision of personal data is prescribed by law in some cases (e.g. taxation regulations) or can also result from contractual arrangements (e.g. details of the contractual partner). It can happen that, in
order to conclude a contract, an affected person must provide us with personal data that we subsequently have to process. The affected person is then obliged to provide us with personal data (contractual duty). If this personal data were not made
available, it would not be possible to conclude the contract with the affected person.
The affected person can contact our Data Protection Officer beforehand, who will provide information on whether the contract does indeed require the provision of personal data or whether there are statutory requirements making it necessary to
provide personal data.
MCH Group dispenses with automated decision-making as per Art. 22 of the GDPR.
MCH Group can essentially transfer personal data to the following third parties:
Personal data is transferred to third countries in the framework of the use we make of our server locations. In so doing, we comply with the requirement of the EU General Data Protection Regulation and the Swiss laws, as well as with other
national laws. Further information can be provided if a request is submitted to dataprotection@mch-group.com.
MCH Group internet pages can use cookies and analysis tools (such as Google Analytics, Webbtrekk, adWords, etc.). Cookies are text files that are deposited and saved on a computer system via an internet browser.
Many cookies contain a so-called Cookie ID. A Cookie ID is a unique identifier of the cookie. It comprises a sequence of characters by means of which internet pages and servers can be allocated to the specific internet browser in which the cookie
has been stored. This makes it possible for the visited internet pages and servers to distinguish the individual browser of the affected person from other internet browsers containing different cookies. A specific internet browser can be
recognised and identified through the unique cookie ID.
By using cookies, MCH Group is able to provide the users of this internet page with more user-friendly services than would have been possible had the cookie not been set. By employing a cookie, the information and offers on our internet pages can
be optimised for the user. As already mentioned, the use of cookies enables us to recognise those using our internet page again.
The purpose of this recognition is to make it easier for users to use our internet page. Those using an internet page which makes use of cookies do not, for example, have to re-enter their access data each time they visit the page, because this
is done by the internet page and the cookie stored on the user’s computer system. A further example is the cookie for a shopping cart in the online shop. The online shop makes a note of the articles that a customer has placed in the virtual
shopping cart by using a cookie.
The affected person can prevent our internet pages from setting cookies at any time through the corresponding setting in the internet browser that they use, and hence permanently object to cookies being set. In addition, cookies that have already
been set can be deleted at any time via an internet browser or other software programs. This can be done in all the standard internet browsers. If the affected person deactivates the setting of cookies in the internet browser they are using, they
may, under certain circumstances, not be able to use all the functions of our internet page.
When these analysis tools are used, data can be transmitted to servers located in the USA and processed there. Please note the following in this respect: from the standpoint of the European Union, the USA does not offer an “adequate level of
protection” corresponding to the EU standards for the protection of personal data. For individual companies, however, this level of protection can be replaced by certification to the so-called “EU-U.S. Privacy Shield”.
Each time an affected person or an automated system calls up an MCH Group internet page or app, the internet page or app captures a series of general data and information. This general data and information is stored in the server’s logfiles.
When it uses this general data and information, MCH Group does not draw any conclusions regarding the affected person. This information can be necessary in order (1) to deliver the contents of our internet pages correctly, (2) to optimise the
content of our internet pages and the advertising for these, (3) to guarantee the permanent functioning of our information technology systems and the technology of our internet pages and (4) to provide law enforcement authorities with the
information required for law enforcement in the event of a cyber attack. This anonymously collected data and information is thus evaluated statistically by MCH Group on the one hand and also evaluated with the aim of increasing data protection
and data security within our company so as to ultimately ensure an optimum level of protection for the personal data that we process. The anonymous data in the server logfiles is stored separately from all the personal data supplied by an
affected person.
It is necessary to register in order to use certain services. The affected person is able to register online, submitting personal data. The personal data that is transmitted in the process can be seen from the particular input screen used for the
registration. The personal data entered by the affected person is collected and stored solely for internal use and for our own purposes. MCH Group may transmit the data to one or more processors who similarly use the personal data solely for an
internal purpose attributable to MCH Group.
In registering on an MCH Group internet page, the IP address issued by the Internet Service Provider (ISP) of the affected person, and the date and the time of the registration may be saved. This data is saved since this is the only way in which
we can prevent misuse of our services, and, if appropriate, this data will permit any offences that have been committed to be investigated. It is thus necessary to save this data in order to protect MCH Group. This data is not passed on to third
parties as a matter of principle, unless there is a statutory duty to pass on the data or it is used for law enforcement.
Registration of the affected person with the voluntary specification of personal data ensures that MCH Group can offer the affected person contents or services which, due to the nature of the matter, can only be offered to registered users.
Registered persons have the option at all times to modify the personal data specified at the time of registration or to have it completely deleted from MCH Group’s database and can make use of their right of objection regarding the processing of
personal data.
It can occasionally happen that MCH Group obtains personal data from third parties. This includes the transmission of your data through associations, exhibitors, such as galleries, foreign representations, chambers of industry and crafts, or the
communication of personal data by commercial address brokers. If you do not want MCH Group to process your personal data that you have not transferred to us directly, please inform us of this at dataprotection@mch-group.com.
Through the use of an app, current location data can be transmitted to MCH Group or to third parties if the latter are processing data on behalf of MCH Group. Other data that is stored includes device-specific information, such as the MAC
address, cookie information and the pages called up.
MCH Group can use your personal data and information for the following purposes:
Through the use of MCH Group’s free WiFi, the following data can be collected as a function of the location where the event is being held: first name and surname, telephone number, e-mail. This data can be used for customer care purposes and
especially for sending the affected person event-specific information by e-mail on the event you are visiting.
In the event of participation in MCH Group’s “Scan to Lead” service, the affected person agrees to MCH Group transmitting their personal data (form of address, title, surname, first name, company, street, postcode, city, e-mail) to the exhibitor
concerned. The affected person takes part in lead tracking if they allow their admission ticket to be scanned by an exhibitor during the event. The exhibitor subsequently obtains the personal data of the affected person from MCH Group, which the
exhibitor may then use for the purpose agreed on individually with the affected person. Participation in this service is voluntary for the affected person. The affected person can revoke the consent they gave directly to the exhibitor at any
time. The visitor can similarly revoke the consent they gave to MCH Group. No further data will then be transmitted to the exhibitors. The data given to the exhibitor is subject to the responsibility and data protection provisions of the
exhibitor. MCH Group does not assume any liability for the exhibitor’s processing and storage of the data. Further data collected by the exhibitor on the affected person will also be transmitted to MCH Group.
MCH Group enables the accreditation of journalists, including the issue of a press ID card and simple online registration for the press, together with the possibility of being included in the press distribution list. For accreditation and to have
the press online service activated, journalists must supply reliable identification through the submission of corresponding evidence. Against this background, the following mandatory details must be entered: e-mail address, form of address, first
name, surname, postal address, medium/publishing house, and “I work for/as”.
The same applies for inclusion in the press distribution list. The following mandatory details must be entered in order to ensure reliable identification: publishing house, name of publication, form of address, first name, surname, postal
address, e-mail and telephone.
With their accreditation for an event, journalists, editors, photographers and video producers are entitled to take photographs, make video recordings and shoot films in MCH Group’s halls and rooms during normal opening hours. Close-up
photographs and films of people, stands and exhibits require the express consent of the affected exhibitors and visitors. The photographs and films may only be used for editorial contributions in newspapers and magazines or for reproduction on
television. In the event of the above provisions being breached, accreditation for all MCH Group events can be withdrawn. If so requested by an exhibitor or a visitor, the bodies of the MCH Group are entitled to check photographs/films that have
been taken/shot without consent for their admissibility and, if appropriate, to confiscate these. Further legal action by the affected exhibitor, visitor or the exhibition management is reserved.
Plug-ins of the social network Facebook, 1601 South California Avenue, Palo Alto, CA 94304, USA are integrated in our websites. You can recognise the Facebook plug-ins by the Facebook logo or the “Like button” on our page. You will find an
overview of the Facebook plug-ins here: http://developers.facebook.com/docs/plugins/ When you visit our webpages, the plug-in establishes a direct link between your browser and the
Facebook server. In this way, Facebook receives information that you have visited our page with your IP address. If you click the Facebook “Like button” while you are logged into your Facebook account, you can link the contents of our pages to
your Facebook profile. Facebook is then able to allocate your visit of our pages to your user account. We would like to draw attention to the fact that, as the provider of the pages, we do not have any knowledge of the content of the transmitted
data or its use by Facebook. You will find further information on this in the Facebook Privacy Policy at https://de-de.facebook.com/policy.php
If you do not wish Facebook to be able to allocate your visit to our pages to your Facebook user account, please log out of your Facebook user account.
Functions of the Instagram service are incorporated in our webpages. These functions are offered by Instagram Inc., 1601 Willow Road, Menlo Park, CA, 94025, USA. If you are logged into your Instagram account, you can link the contents of our
pages to your Instagram profile. Instagram is then able to allocate your visit of our pages to your user account. We would like to draw attention to the fact that, as the provider of the pages, we do not have any knowledge of the content of the
transmitted data or its use by Instagram.
You will find further information on this in the Instagram Privacy Policy.
If you do not wish Instagram to be able to allocate your visit to our pages to your Instagram user account, please log out of your Instagram user account.
On MCH Group’s internet pages, you have the option of subscribing to Newsletters. The personal data that is transmitted to the data controller in charge of processing the data when you order a newsletter can be seen from the input screen used for
this purpose.
MCH Group can inform its customers and business partners about company offers at regular intervals by means of newsletters. Our company’s newsletters can fundamentally only be received by the affected person if (1) the affected person has a valid
e-mail address and (2) the affected person registers or has already registered for receipt of the newsletter.
The personal data collected when registering for a newsletter is used exclusively for dispatching the newsletter. The subscription to a newsletter can be cancelled at any time by the affected person. The consent to the storage of personal data
that the affected person has given us for the dispatch of the newsletter can be revoked at any time. A corresponding link is included in every newsletter for purposes of revoking the consent. In addition, it is also possible to cancel receipt of
the newsletter directly on the internet page of the data controller in charge of processing the data, or to inform the data controller by another means.
MCH Group’s internet pages contain data that permits contact to be made electronically with our company and allows direct communication with us, which similarly includes a general e-mail address. If you contact MCH Group by e-mail or via a
contact form, the personal data that is transmitted will be saved automatically. Personal data of this type transmitted on a voluntary basis will be saved for purposes of processing or making contact.
Each affected person is entitled to request confirmation from MCH Group as to whether the group processes personal data relating to them. If you wish to make use of this right to confirmation, you may contact the Data Protection Officer on this
matter at any time.
Any person affected by the processing of personal data is entitled to obtain free-of-charge information from MCH Group on the personal data saved on them and to receive a copy of this information. In addition, information can be provided on the
following aspects, where appropriate:
If you wish to make use of this right to information, you may contact our Data Protection Officer on this matter at any time.
Any person affected by the processing of personal data is entitled to request the immediate rectification of incorrect personal data that relates to them. In addition, the affected person has the right, with due consideration to the purpose of
the data processing, to request the completion of incomplete personal data – including by means of a supplementary declaration.
If you wish to make use of this right to rectification, you may contact the Data Protection Officer on this matter at any time.
Any person affected by the processing of personal data is entitled to request the data controller in charge of processing to delete the personal data relating to them without delay insofar as one of the following reasons applies, and insofar as
the data processing is not necessary:
Insofar as one of the above reasons applies and you would like to have personal data erased that are stored on you at MCH Group, you can contact our Data Protection Officer on this matter at any time. MCH Group’s Data Protection Officer will
arrange for the erasure request to be met without delay.
Any person affected by the processing of personal data has the right to request the data controller in charge of processing the data to restrict the processing of their data if one of the following conditions is fulfilled:
If one of the above conditions is fulfilled and you would like to request the restriction of processing of personal data stored at MCH Group, you can contact our Data Protection Officer on this matter at any time. The Data Protection Officer will
arrange for the restriction of processing.
Any person affected by the processing of personal data has the right to receive the personal data relating to them in a structured, commonly used and machine-readable format. The affected person also has the right to have this data transmitted to
another data controller providing the statutory requirements are fulfilled.
In addition, the affected person has the right to arrange for the personal data to be transmitted directly from one data controller to another, insofar as this is technically feasible, and insofar as this does not impair the rights and freedoms
of other persons.
To exercise your right to data portability, you can contact the Data Protection Officer appointed by MCH Group at any time.
Any person affected by the processing of personal data has the right, at any time, to object to the processing of the personal data relating to them for reasons arising from their particular situation.
In the event of an objection, MCH Group will no longer process the personal data, unless we can provide evidence of compelling reasons, worthy of protection, for this data to be processed which override the interests, rights and freedoms of the
affected person, or unless the processing serves the assertion, exercise or defence of legal claims.
To exercise your right to object, you can contact MCH Group’s Data Protection Officer at any time.
Any person affected by the processing of personal data is entitled to revoke, at any time, the consent they have given to the processing of personal data.
If you wish to make use of your right to revoke your consent, you can contact our Data Protection Officer on this matter at any time.
If you have any further questions or comments regarding our data protection concerns, our webpages and our security concept, we would ask you to contact us by e-mail at the following address: dataprotection@mch-group.com