FMX - Film & Media Exchange is an event that is held every year by Filmakademie Baden-Württemberg GmbH. The following details are to inform attendees and speakers attending the conference as well as the partners, suppliers and service providers of FMX about the collection, processing and erasure of their personal data.
We take the protection of your personal data very seriously and we comply strictly with the provisions of data protection legislation. Personal data shall only be collected to the necessary extent. Under no circumstances shall the collected data be sold.
We shall process your personal data in accordance with the provisions of the EU General Data Protection Regulation (GDPR), the German Federal Data Protection Act (FDPA) and all other applicable laws.
You have no statutory or contractual obligation to provide us with any personal data. However, we may not be able to provide you with our services if you decide not to do so.
The controller within the meaning of the General Data Protection Regulation is:
Company: Filmakademie Baden-Württemberg GmbH
Address: Akademiehof 10
Postcode/Town: 71638 Ludwigsburg
Tel: +49 7141 969-82102
The following person has been appointed as data protection officer:
Mr. Stephan Hartinger
Telephone: +49 8232 80988-70
We process personal data that we have received from you for staging FMX, for implementing contracts (with visitors, speakers, partners and contractors), in connection with ticket orders placed via XING (see also below), or on the basis of consent you have given.
On the other hand, we process personal data that we have legitimately obtained and may process from publicly accessible sources (e.g. authorities, trade and association, registers, press, media, internet).
Personal data means all data from which you may be identifiable. Personal data relevant to us may be: Title, surname, first name, address (street, postcode, city, country), date of birth, place of birth, nationality, contact data (in particular telephone numbers, e-mail addresses), profession or training, tax ID, bank details, employer’s business name and address, sound and image data, film data.
We process your personal data in compliance with the provisions of the EU General Data Protection Regulation (Articles 9 to 13 GDPR), the German Federal Data Protection Act (BDSG) applicable provisions of data protection laws and all other applicable laws.
We will notify you in advance if we wish to process your personal data for a purpose not mentioned above.
The lawfulness of the processing of personal data is governed by Article 6 of the General Data Protection Regulation (GDPR). This regulation makes provision for the following possibilities: processing on the basis of consent (GDPR Art. 6(1)(a)); processing for performance of a contract (GDPR Art. 6(1)(b)); processing for compliance with a legal obligation (GDPR Art. 6(1)(c)); and processing for the purposes of legitimate interests (GDPR Art. 6(1)(f)).
Within Filmakademie Baden-Württemberg GmbH, your personal data is only transmitted to the persons and positions (e.g. departments, works council, representatives of severely disabled employees) that require it to fulfil our contractual and statutory obligations.
In addition, we may transfer your personal data to other recipients outside the company if this is necessary to fulfil contractual and legal obligations. These could be, for instance:
We transfer data to third parties if we need to do so in order to fulfil a contractual obligation or safeguard legitimate interests.
We transfer data to third parties insofar as you have given the necessary consent either to us or to the third party concerned.
Speakers’ names and contact details are disclosed to FMX’s members of staff and curators for the purposes of selecting program items, providing support and assistance on location, and arranging press and video interviews where the necessary consent has been given.
We will notify you in advance (e.g. in this Transparency Information) if we transfer your personal data to so-called third countries outside the EU/EEA area.
We will process and store your personal data as long as this is necessary for the fulfilment of our contractual obligations as well as for all other purposes mentioned under point 3 or as provided in the retention periods stipulated by law.
Normally, when data is no longer required for the fulfilment of contractual or legal obligations, it shall be blocked against further processing or erased in accordance with legal regulations.
You can use the above-mentioned address to request information (Article 15 GDPR) about the data stored about you. Furthermore, you have the right to obtain the data you have provided in a structured, commonly-used and machine-readable format. You may also, under certain conditions, request the rectification (Article 16 GDPR) or erasure (Article 17 GDPR) of your data. You also have the right to restrict the processing (Article 18 GDPR) of your data, as well as the right to data portability (Article 20 GDPR).
You have the right, on grounds relating to your particular situation, to object at any time to the processing of data concerning your person that is done on the basis of Article 6(1)(f) GDPR (data processing for the purposes of legitimate interests).
If you file an objection, your personal data will no longer be processed unless proof is furnished of compelling legitimate grounds for processing it that override your own interests, rights and freedoms, or unless the data is processed for establishing, exercising or defending legal claims.
You have the right to object to the processing of your personal data for direct marketing purposes without giving reasons (Article 21 GDPR). This also applies for profiling to the extent that it is connected with such direct marketing. If you object to your data being processed for direct marketing purposes, then we will no longer process your personal data for these purposes. An objection can be filed without observing any particular form. Our contact details are provided in Item 1 above.
If we process your data to protect legitimate interests, you may object to such processing for reasons arising from your particular situation. In the event of an objection, we shall no longer process personal data unless we can prove compelling reasons worthy of protection for the processing that prevail over your interests, rights and freedoms, or the processing serves to establish, exercise or defend legal claims.
Right to revoke consent under data protection law (Article (7)(3) GDPR). You can revoke your consent to the processing of your personal data at any time and without giving reasons. This also applies to the revocation of declarations of consent given to us prior to the EU General Data Protection Regulation’s entry into force.
Please note that in specific cases (e.g. tax regulations) the provision of personal data is prescribed by law or may result from contractual regulations (e.g. information concerning the contractual partner(s)).
You have the right to lodge a complaint with the data protection officer mentioned above or to a data protection supervisory authority (Article 77 GDPR in conjunction with Section 19 of the FDPA). The data protection supervisory authority with jurisdiction for us is:
The State Commissioner for Data Protection and Freedom of Information Baden-Württemberg
You can contact us at any time by email (firstname.lastname@example.org) if you have any questions about your personal data.
We do not use any automated decision making processes that may have legal effects on you or affect you.
The FMX ticket shop is operated by XING Events GmbH, Sandstr. 33, 80335 München („XING“).
To order a ticket for FMX, you must submit the following data to XING Events:
As an event organizer, we receive the data listed above about you. We use the data to be able to offer you the event.
The processing for this purpose is based on Art. 6 para. 1 lit. b) GDPR.
The online section of FMX is conducted on an online platform as part of the FMX website.
To participate in the online platform of FMX, the following information at a minimum is required from you and processed:
If you are a Speaker, the following data may also be processed:
Other Participants of FMX may also see the personal data listed above within the framework of the event platform, e.g. under the “Speaker”, or "Companies", or "Partners" tabs on the event platform and the FMX website. Further personal data can be processed if you voluntarily provide it, e.g. by editing your profile.
The processing for this purpose is based on Art. 6 para. 1 lit. b) GDPR. If no contractual relationship exists, the legal basis is Art. 6 Sect. 1 lit. f) GDPR.
Within the framework of FMX we also use Zoom to conduct telephone conferences, online meetings, video conferences and/or webinars. Zoom is a service provided by Zoom Video Communications, Inc., which is based in the USA (“Zoom”). As far as you access the website of Zoom, Zoom is responsible for the data processing.
Various types of data are processed when using Zoom. In this context, the scope of the data also depends on the information on data you provide before or when participating in a ZOOM meeting. The following information at a minimum is required from you and processed:
In addition, the following data may be processed:
Other Participants of the Zoom meeting may also see your personal data you have provided to Zoom.
If we want to record online meetings, we will inform you in advance in a transparent manner and - if necessary - ask for your consent.
We have concluded a Data Processing Agreement with Zoom that meets the requirements of Art. 28 GDPR. An adequate level of data protection is guaranteed on the one hand by the conclusion of the so-called EU Standard Contractual Clauses (SCC). As a supplementary protective measure, we have also configured our Zoom in a way that only data centers in the EU are used to conduct ZOOM meetings. Therefore, a transfer of personal data to a third country does not take place. Furthermore, all connections are subject to end-to-end encryption.
The legal basis for data processing when conducting online meetings is Art. 6 Sect. 1 lit. b) GDPR. If no contractual relationship exists, the legal basis is Art. 6 Sect. 1 lit. f) GDPR. Here too, we are interested in the effective implementation of online meetings.