1. Responsible body

The responsible party for the collection, processing and use of your personal data within the meaning of the DSGVO is:

hubs101 by Liveware GmbH

Reichenberger Straße 124
10999 Berlin, Deutschland

Telefon: +49 (0)30 52 10 70 3 – 0
E-Mail: info@hubs101.com

Datenschutzbeauftragter

PadPort Datenschutz Nordhessen
Bernhard-Engelhardt-Str. 6
37269 Eschwege, Deutschland

Telefon: +49 (0) 5651 320 381-0
E-Mail: kontakt@datenschutz-nordhessen.de

If you wish to object to the collection, processing or use of your data by us in accordance with these data protection provisions, either as a whole or for individual measures, you can address your objection to the above-mentioned responsible office.

You can save and print out this data protection declaration at any time.

2. General information 

We attach great importance to data protection. The collection and processing of your personal data (such as your name, e-mail address or mobile number) is carried out in compliance with the applicable data protection regulations, in particular the EU General Data Protection Regulation (DSGVO).

We collect and process your personal data in order to be able to offer you the above-mentioned portal. Registered members are stored on the server side and can be displayed in a list of participants. When using the application, your location at the event may be recorded and stored. This data is usually stored anonymously. In individual cases, however, an allocation to your user account (if available) may be made. The data is stored in the backend either in the app’s content management system (visible to organisers) or in the database (not visible).

The resulting data will only be used for the services used within the app. Data will only be passed on to third parties if this has been agreed with the organiser in the context of the visit to the event.

This statement describes how and for what purpose your data is collected and used and what choices you have in relation to personal data.

By using this app, you consent to the collection, use and transfer of your data in accordance with this privacy policy.

2.1 Anonymous data collection

You can use individual services of this app without telling us who you are. In this case, we will not collect, process or use any personal data

2.2 hubs101 Web / Native App – Services with Login

When using services that require a login, data is transferred between the app on your end device and the hubs101 data server (see C).

2.3 Receiving messages (push notifications – native app / mobile)

For individual areas, the app offers the option of being informed via push notification (push technology or server push describes a type of communication in which data is transmitted even though the receiving app is running in the background). You can configure this function via the settings of your smartphone and activate/deactivate the notifications there. For the delivery of the messages, the storage of a push token of your mobile end device at the hubs101 is required.

2.4 User account

To log in to the app, you need a user account. If you already have a user account, you can log in with your access data. If you do not have a user account yet, you can open a user account in the app by registering. The following data is required for registration in the app: e-mail address and a password of your choice. In addition, registration is accompanied by the provision of the first name and surname. The first name and surname must be entered when creating the user account.

Via your settings in the app, you can manage your personal data and make your email address & telephone number visible to other users of the app (see section “Profile settings”).

The services and the data processing in connection with the individual services are explained in more detail below.

3. The individual services with login

3.1 Profile settings

You have the option of saving your profile data in the app. To do this, you can enter and change your profile data in the start menu under the tab “Profile settings” or in the menu below your user name via “edit”. You can change your password here. You can also enter your title, first name, surname, e-mail, telephone number, company, position and city, and use the free text field “About me” for further details.

The e-mail address, password, first name and surname are mandatory fields, all other information is voluntary and can be used to describe you more precisely. E-mail address and password are required for your login.

Your first and last name are also required for identification purposes. This information will be transferred to hubs101 and stored in the content management system. In addition, you have the option of making your e-mail address publicly visible to other users via a selection field.

Furthermore, in your profile settings it is possible, on a voluntary basis, to upload a profile picture to describe yourself in more detail and to upload a picture of your company.

To do this, click on the picture with your initials and you will then be asked via a dialogue whether you want to take a photo or use an existing one from the photo library or use an avatar. Taking a photo takes you to your device’s camera outside the app, provided you have allowed access to the camera, through which you can take a photo. You can then use this by dragging a frame and clicking on “Use photo”. You can access your local gallery on the device via the photo library, provided you have explicitly allowed the app to access the photo library, via which you can select a corresponding image. Your used picture is also saved in the CMS.

3.2 Chat function

You can use the chat function to contact other event participants and exchange information with them. To do this, you can select your desired chat partner in the menu under “Participant list” by calling up their profile and clicking on the “Start chat” icon. A chat window opens in which you can enter a message and send it by pressing the “Send” button. Your message will be transmitted to your chat partner and saved in the backend as well as on both end devices (sender and recipient). In the chat, the full name, job title, company as well as profile picture and link to the participant profile are always displayed to the chat partner.

In addition, an event participant can chat with several participants at the same time using the so-called group chat function.

3.3 Agenda

The agenda can be accessed via the menu under the item Agenda or via the start page under the icon

“Agenda” icon. In the agenda you have the possibility to view your agenda or your appointments during the event.

You can search for specific programme items within your agenda using the search function. The filter symbol allows you to filter the programme items according to the categories specified in the backend. Furthermore, you have the option of creating your own appointment with title, note, date and time in order to save possible appointments or meetings during or between programme items at the event in Event App / Native App. The data entered there will be saved both in the backend and on your terminal device. You can view and edit these self-created appointments in the agenda at any time. Clicking on a programme item takes you to the detailed view of the programme item. You can also create a note for the programme item and give it a star rating.

3.4 Notes

The notes function allows you to make notes on agenda items in the app, provided the function is activated for the agenda item. To do this, you can open an entry in the menu via the item “Agenda” and create a new note for this item in a free text field under “Create note” or change or delete an existing note under “Edit note”. Your notes are saved in the database and collected under the item “Notes” in the menu. You also have the option of sending your notes to yourself by e-mail via the “Send” button. This opens a selection of external programmes that are on your end device (e.g. Outlool, Gmail etc.). You can open your preferred e-mail application here and send your note via it.

3.5 Feedback through star rating

The feedback area is designed in the app through the star rating. You can make this star rating on the detailed view of a programme item in the agenda, provided that a star rating has been activated for this programme item in the backend.

In the feedback area, opinion polls are carried out, in this case a star rating in which a maximum of 5 stars can be awarded to a programme item of the event. Use of the feedback function (star rating) is voluntary. The ratings given will be transferred to hubs101 and stored in the database. You can change your rating for any agenda item at any time. In order for your rating to be changed and for you to be able to view your set ratings, a randomly generated ID is created when the star rating is submitted, via which your ratings are linked to your device. Changes are also sent to hubs101 and stored in the backend. Star ratings can also be submitted anonymously, which means that no personal data is stored.

3.6 Participants

The Attendees function can be accessed from the event menu. This function allows you to see the participants who have created a user account in the app and are also participating in the same event as you. You can contact the participants you find there by mail or by chat or by Groupchat or by Meeting or by Video One2One, depending on their profile settings. If you contact a participant by mail, your local e-mail client of the smartphone opens with a draft. The draft consists of an empty mail with the participant to be contacted in the recipient line and the subject “Contact request”. If you contact a participant via chat or group chat, you can write to the participant within the app. Furthermore, you have the option of marking this participant as a favourite in order to be able to contact them more quickly. The participant list can be searched via the search function, just like the agenda. Using the tabs of the participant list, you can filter the listed participants by name, company (if stored in the business card) and your favourites. Your favourites are only saved locally on your device.

3.7 Video One2Ones

You can access the Video One2Ones function via the Exhibitor area and the respective exhibitor. There you can go directly into a Video One2One (meeting) with a participant of the app deposited at the virtual exhibition stand.

On the other hand, you can access the Video One2One function by requesting a meeting from a participant in the participant list. As soon as the participant has positively accepted the meeting request, the Video One2One (meeting) is started at the agreed time.

This function enables participants to communicate directly with other participants via video technology.

3.8 QR code scanner / lead retrieval

In the native app, you have the option of using the QR scanner via the menu item Lead Retrieval.

With the help of the scanner, you can scan the personal QR code of another user of the app. To do this, the scanner accesses the camera of your end device. Access only takes place if you have expressly consented to this. By scanning the code, the person’s profile is displayed and released in the app. (telephone, e-mail address)

With the QR code scanner, you can also scan QR codes that have been placed at locations and thereby obtain additional information. Similar to the scanning of business cards, this stored information can be shared by means of the opening selection of third-party applications that are located on the end device.

3.9 Language settings

When the app is started for the first time, an attempt is made to load the data in the language set on your end device. If the language is not available in the app’s system, the data will be delivered in the fallback language.

In addition, the language selection can also be reached within the app in the menu under the item “Settings”. If only one language is available, the pop-up is not displayed (neither automatically nor when the language button is pressed).

3.10 Beacons

Beacons are electronic “beacons” that transmit a Bluetooth signal several times per second, which can be received by a smartphone and interpreted by the Event App. With the help of the small transmitters, hubs101 / Event App can carry out location and time-related actions and provide the user with relevant pop-up information. The frequency of the pop-up messages can be individually controlled via the CMS. The creation of the individual beacon scenario and the setup of the transmitters are easily done via the CMS and a configuration app. In addition, beacon tracking can be configured in the CMS, which makes it possible to record the position data of the end device when scanning beacons.

3.11 Event Chat

Users also have the option of posting their questions and comments on individual lectures or images on the respective stream associated event chat. In addition to the speaker/moderator, any other user can also view these contributions, rate them positively and respond to them with their own comments. The photo and/or text contributions can be viewed in the CMS and are stored there together with the user’s surname, first name and profile picture.

3.12 Matchmaking

When logging into the system, the event organiser can formulate specific questions via our matchmaking system – Onboarding. These can then be filled in by the participant. Based on the number of matches between 2 participants, the number of matches will be displayed in the participant’s profile and in the participant list.

3.13 Ask a question

During a lecture, users can ask the speaker live questions in the live chat of the respective video stream.

4. Security & your rights

To ensure appropriate protection of user data, we take technical and organisational measures such as access, entry and access controls in accordance with the requirements of the Federal Data Protection Act (BDSG) and the General Data Protection Regulation (EU-DSGVO). In the following, you will learn which measures are taken in detail to protect the personal data of hubs101 users

4.1 Login: security updates

In order to successfully log in to the app, it is necessary to confirm by means of a checkbox that you have read and accepted the data protection declaration and the terms of use after entering your user name and password.

Bruteforce protection In the event of repeated incorrect entry of the login data (username and/or password), the user account will be temporarily blocked. In addition, the user concerned will receive an e-mail at the e-mail address provided informing him/her of the blocking. The user will also be informed if third parties attempt to gain access to the user profile. This measure counteracts so-called brute force attacks. The blocking of an account can be cancelled in the CMS. This security setting is always activated by default. Furthermore, authentication is required when changing the user name and password. If a user wants to change his or her login data, he or she must confirm a new username with his or her current password. When creating a new password, the previous password must first be entered.

4.2 Configuration of Visibility

In accordance with the basic right to informational self-determination, it is possible for the app user to determine the visibility of his or her profile for other users in the app. By default, participants who have not yet made a selection (for lack of setting up the personal profile) will not be displayed in the app. The organiser can change this option.

If a user does not want to be visible, he or she will not appear in the list of participants of the event. Furthermore, they can only comment and post anonymously, cannot use the chat function, cannot be recorded as a lead and cannot make appointments with other users.

4.3 Deletion of user accounts

(a) Deletion in case of inactivity

In accordance with the requirements of the DSGVO, accounts that have not been used for a period defined by the customer will be deleted. Users receive a corresponding email after this period and then have two weeks to bypass the deletion by logging into the app again. By logging in, the set period begins anew. If no login is made, the user

account will be deleted.

(b) Deletion by the user

In accordance with the requirements of the EU-DSGVO, every app user is given the right to delete their user account. The deletion of the profile can be carried out in the app in the account under “Access data”.

4.4 Viewing one’s own data

Against the background of the right to information and the right to data portability, users have the possibility to view all personal data stored about them and to export this data. This data includes the name and information from the meta fields (e.g. job title) as well as postings in event chats or answers from surveys. Authentication via username and password (and possibly two-factor authentication) is required to export the data, which ensures that user data cannot be viewed by third parties.

4.5 Login: account blocking in the CMS

In the event of repeated failed login attempts, the user account will be temporarily blocked. This blocking can be lifted by an administrator in the CMS. In addition, the user will receive an e-mail with the option to reset his password if he no longer has it. The duration of the block increases with the number of failed login attempts, up to a permanent block. A permanently locked account can only be unlocked by an administrator in the CMS. To do this, the administrator can select the option “Filter for blocked accounts” in the CMS.

4.6 Information classification of reports

In the CMS administration of hubs101, the export classification of documents can be set under “Security & Privacy”. By activating this security setting and the desired categorisation in e.g. “Confidential” or “Internal”, a corresponding note is added to the exported document. This enables efficient management and structuring of information and provides additional protection.

4.7 Two-factor authentication

Two-factor authentication makes the login process even more secure. This requires a mobile phone number of the user, which can already be entered when importing the list of persons into the CMS. After entering the login data, the user receives an SMS with a one-time password (consisting of six digits) on the specified mobile phone number. If the entry is correct, the user is granted access to the app. If the SMS was not received, it can be sent a second time. The 2FA can be activated separately in the security settings for CMS and frontend. A change of the mobile phone number can be made subsequently – if approved by the organiser. The use of two-factor authentication incurs additional costs for sending SMS messages.

4.8 Hosting in at AWS

All events will be hosted in a scalable cloud infrastructure. This allows the system to be expanded to almost any number of users. Due to the redundant design of the resources, high availability can be achieved, whereby the failure of individual components is immediately absorbed by other systems. Hosting takes place in German data centres of the Google Cloud in Frankfurt. These are ISO 27001, ISO 27017 and ISO 27018 certified, among others. In addition to scalability, the cloud infrastructure offers advanced security mechanisms with regard to encryption of data at rest and authentication of the technical components among each other.

4.9 Login: SAML Authentication

SAML, short for Security Assertion Markup Language, describes a secure, XML-based data format for the exchange of authentication and authorisation information. This makes web-based work across different portals more secure and convenient. To ensure that hubs101 is seamlessly integrated, single sign-on SAML authentication is implemented as standard. Users may already be familiar with the logic of a single sign-on from central logins, such as those offered by Google for various platforms.

Analogously, we offer the possibility of app login via already existing login data, such as those for the company’s own intranet. In addition to the associated security gain, the SAML login offers users maximum convenience: the login process and user authentication take place via the familiar authentication portals. Users log in to their company system and are immediately redirected to the event app. This means they do not have to remember any additional access data and can also log into the app more quickly. SAML authentication can also be used in the participant registration tool registr.

4.10 Your rights

You have the right to information, correction and deletion regarding the processing and use of your personal data at any time. If you have consented to the use of your personal data for advertising purposes, you may revoke your consent at any time with effect for the future. You can assert these rights free of charge against hubs101 GmbH via the e-mail address privacy@hubs101.com.

Furthermore, you can delete the user profile in the app yourself at any time. To do so, select “Delete profile” under access rights in the profile.

5. Privacy policy for our Facebook page

We use the technical platform and services of Facebook Ireland Ltd, 4 Grand Canal Square Grand Canal Harbour, Dublin 2, Ireland for the information service offered here.

We would like to point out that you use this Facebook page and its functions on your own responsibility. This applies in particular to the use of the interactive functions (e.g. commenting, sharing, rating). Alternatively, you can also access the information offered via this page on our website.

When you visit our Facebook page, Facebook records, among other things, your IP address and other information that is available on your PC in the form of cookies. This information is used to provide us, as the operator of the Facebook pages, with statistical information about the use of the Facebook page.

Facebook provides more information about this at the following link: http://de-de.facebook.com/help/pages/insights.

The data collected about you in this context will be processed by Facebook Ltd. and may be transferred to countries outside the European Union. Facebook describes in general terms what information Facebook receives and how it is used in its data use guidelines. There you will also find information about how to contact Facebook and about the settings for advertisements.

The data use guidelines are available at the following link:
http://de-de.facebook.com/about/privacy

The complete Facebook data guidelines can be found here:
https://de-de.facebook.com/full_data_use_policy

In what way Facebook uses the data from visits to Facebook pages for its own purposes, to what extent activities on the Facebook page are assigned to individual users, how long Facebook stores this data and whether data from a visit to the Facebook page is passed on to third parties is not conclusively and clearly stated by Facebook and is not known to us.

When accessing a Facebook Page, the IP address assigned to your end device is transmitted to Facebook. According to information from Facebook, this IP address is anonymized (for “German” IP addresses) and deleted after 90 days. Facebook also stores information about the end devices of its users (e.g. as part of the “login notification” function); if necessary, Facebook is thus able to assign IP addresses to individual users.

If you are currently logged in to Facebook as a user, a cookie containing your Facebook ID is stored on your end device. This enables Facebook to trace that you have visited this page and how you have used it. This also applies to all other Facebook pages. Facebook buttons integrated into websites allow Facebook to record your visits to these websites and assign them to your Facebook profile. This data can be used to offer content or advertising tailored to you.

If you want to avoid this, you should log out of Facebook or disable the “stay logged in” feature, delete the cookies on your device, and exit and restart your browser. This will delete Facebook information that can be used to identify you immediately. This allows you to use our Facebook page without revealing your Facebook identification. When you access interactive features of the site (Like, Comment, Share, Messages, etc.), a Facebook login screen appears. Once you log in, you will be recognizable to Facebook as a specific user.

For information on how to manage or delete existing information about you, please visit the following Facebook support pages: https://de-de.facebook.com/about/privacy#

As the provider of the information service, we do not collect or process any additional data from your use of our service.

You will find the current version of this privacy policy under the “Data Policy” section on our Facebook page.