Privacy Policy

§ 1 General information on data protection at PEIQ

§ 2 Contacting publfish.com

If you contact us by email (contact@peiq.de), the data you provide will be stored by us for the purpose of processing your inquiry and in case of follow-up questions. Insofar as our contact form requests entries that are not required for contacting us, these are always marked as optional. This information helps us specify your request and handle your concern more effectively. Providing this information is expressly voluntary and based on your consent, Art. 6(1)(a) GDPR. Insofar as this includes details of communication channels (e.g., email address, telephone number), you also consent to our contacting you via that channel to respond to your inquiry. The information you transmit (first and last name, postal code, email address and, if provided by the inquirer, address, telephone number, fax number) will be stored in our Gmail account for six months before being permanently deleted.

Legal basis for processing: contract performance, user consent, legitimate interest pursuant to Article 16 GDPR

Recipients: marketing and sales team as well as staff and service providers in the areas of internal data management and automated data processing

§ 3 Collection of personal data when visiting publfish.com

Non-personal data are those that arise in connection with the retrieval of publfish.com by your client (browser) and are stored in so-called log files on PEIQ’s server. These are:

• Date and time
• Visited webpage
• Amount of data transferred in bytes
• Source/referrer from which the user reached the site
• Browser used and browser settings
• Operating system used

Log files are deleted after 30 days. Without further research, these data cannot be linked to your person and are used in anonymized form, e.g., for statistical purposes. There is no personal analysis.

Legal basis for processing: legitimate interest pursuant to Article 6 GDPR (network security, IT security, access logging, checks in case of indications of unlawful use of the services at publfish.com).

Recipients: staff and service providers in the areas of internal data management and automated data processing

§ 4 Integration of third-party services and content on publfish.com

Our offering sometimes includes content, services and performances of other providers. These include, for example, maps provided by Google Maps or videos from YouTube. For these data to be retrieved and displayed in the user’s browser, transmission of the IP address is absolutely necessary. The providers (hereinafter “third-party providers”) thus become aware of the IP address of the respective user.

Even if we strive to use third-party providers that only require the IP address to deliver the content, we have no influence on whether the IP address may be stored. In that case, this process, among other things, serves statistical purposes. Where we know that the IP address is stored, we point this out to our users.

Notice of right of withdrawal: If you selected “always load” for external platforms, you can withdraw this choice at any time and delete the cookie through which our server recognizes your selection. This will prevent the automatic loading of selected external content and the associated transmission of information to the operators of external platforms from the time of withdrawal onwards.

§ 5 Use of cookies on publfish.com

Our website uses so-called cookies. Cookies are text files stored on your computer by the server. They are stored in the end device’s web browser. Cookies or the cookie’s ID numbers allow the server that placed the cookie to recognize the browser on a repeat visit to a website by sending the cookie and the information stored in it back to the website that created it (first-party cookie) or to another third-party website to which the cookie belongs (third-party cookie) upon the next call to the website with the same device and browser. A cookie is always bound to a unique domain (the server that stored the cookie), so the server that created the cookie can access it.

Cookies essentially consist of the following components:

• Name/identifier of the cookie
• Value of the cookie
• Name of the server from which the cookie originates
• An expiry date after which the cookie is automatically deleted

Types and purposes of cookies:

• Functionality cookies: required to use the web offering of publfish.com and cannot be disabled
• Analytics cookies: used for measuring reach and access as well as analysis
• Targeting/advertising cookies: used to analyze user behavior to display personalized advertising

By storage duration:

• Session cookies: created only for the respective session; deleted after ending the session, i.e., after leaving publfish.com or closing the browser window
• Persistent cookies: stored until a defined expiry date or until deleted by the user

§ 6 Newsletter

With your consent you can subscribe to our email newsletter, with which we inform you about products, studies, events and current industry trends.

§ 7 Customer Relationship Management (CRM)

To maintain customer and prospect relationships, we use a CRM system on the basis of our legitimate interests that contains personal data on leads, sales opportunities, existing customers, press representatives, consultants and partners.

We use the personal data stored in the CRM system on the basis of our legitimate interests to (a) send postal letters with product or company information to potential and existing customers, (b) send emails with product or company information to potential customers, existing customers, press contacts, consultants and partners, or (c) telephone selected existing customers and potential customers to invite them to events or arrange appointments.

The following types of data are stored in the CRM system: basic personal data (first name, last name, title, company name, (business) address, (business) email address, (business) telephone number, (business) fax number), customer type, contact history, appointment data, data on purchased goods or services, contract data, communication data, information on profession/position in the company, internet address). We obtained the data stored in our database either through personal contact or it was publicly accessible (internet research).

For the CRM system we use the software “Insightly”, provided by Insightly Inc., California, USA, on the basis of our legitimate interests pursuant to Art. 6(1)(f) GDPR. We have concluded a contract with Insightly with standard contractual clauses, under which Insightly undertakes to process user data only in accordance with our instructions and to comply with the EU data protection level. Insightly is also certified under the Privacy Shield and thus offers an additional guarantee of compliance with European data protection law. Further information on Insightly’s privacy policy: https://www.insightly.com/privacy-policy/.

You may request information from PEIQ at any time pursuant to Article 15 GDPR about your stored personal data and object to processing (see § 8 Right of access).

§ 8 Fastbill

To create offers and invoices for our customers, monitor payment transactions and make the quoting/invoicing process as efficient as possible, we use the service provider FastBill based on our legitimate interests: FastBill GmbH, Wildunger Str. 6, 60487 Frankfurt am Main (Privacy Policy: https://www.fastbill.com/datenschutz)

The data necessary for this (billing address, contact person, company address, telephone number and, if desired, email address for dispatch by email) are transmitted to FastBill automatically and stored there. We have concluded a data processing agreement with FastBill with standard contractual clauses pursuant to Art. 28 GDPR.

§ 9 Online presence on social media

We maintain online presences within social networks and platforms in order to communicate with customers, prospects and users active there and to inform them about our services.

We point out that users’ data may be processed outside the European Union. This may pose risks for users because, for example, users’ rights may be more difficult to enforce. Regarding US providers certified under the Privacy Shield, we point out that they undertake to comply with EU data protection standards.

Furthermore, users’ data are usually processed for market research and advertising purposes. For example, usage profiles can be created from usage behavior and users’ resulting interests. The usage profiles can in turn be used, for example, to display advertisements within and outside the platforms that presumably correspond to users’ interests. For these purposes, cookies are usually stored on users’ computers, in which usage behavior and users’ interests are stored. Data can also be stored in the usage profiles independently of the devices used by users (especially if users are members of the respective platforms and logged in).

Processing of users’ personal data is based on our legitimate interests in effective user information and communication with users pursuant to Art. 6(1)(f) GDPR. If users are asked by the respective platform providers for consent to the described data processing, the legal basis is Art. 6(1)(a), Art. 7 GDPR.

For detailed information on the respective processing and opt-out options, please refer to the providers’ information linked below.

Even for access requests and assertion of user rights, we point out that these can most effectively be asserted with the providers. Only the providers have access to the users’ data and can directly take appropriate measures and provide information. If you still need help, you can contact us.

• Facebook Pages & Instagram Pages (Meta Platforms Ireland Limited, 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland) on the basis of a joint processing agreement
• Google / YouTube (Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA)
• Xing (XING AG, Dammtorstraße 29-32, 20354 Hamburg, Germany)
• LinkedIn (LinkedIn Ireland Unlimited Company, Wilton Place, Dublin 2, Ireland)

§ 10 Applicant management

We collect and process personal data from applicants to offer advertised positions and conduct the selection process. The data provided by applicants are processed for handling applications and, in the event of an employment relationship, also for the performance thereof. Processing for any other purpose does not take place. Legal basis: § 26(1) in conjunction with (8) sentence 2 BDSG (new) as well as § 22(1)(b) BDSG (new) or, for public profiles, Art. 6(1)(f) GDPR in conjunction with Art. 9(2)(e) GDPR. The legitimate interest in this case is to obtain a concise profile of applicants that you have, within the meaning of Art. 9(2)(e) GDPR, manifestly made public.

We collect and store all data that applicants provide to us through their applications. This includes, among other things, contact details, application documents (CV, cover letter, previous professional experience, education and references as well as our notes from interviews), salary expectations, type of desired employment and available date and, in exceptional cases, ID documents. It also includes any other data you provide to us, including all correspondence you have with us during the application process.

Applicants can apply to our company electronically, in particular via email. We will of course use your information exclusively for processing your application and will not pass it on to third parties. Please note that emails sent unencrypted are not protected against access during transmission.

We may also obtain the above data about you from other sources, including staffing agencies, references you provide, websites and other publicly available data on the internet. This includes, for example, data that you have manifestly made public as part of an online profile. We may also receive data you submit to us via third-party websites, in particular via indeed.de.

Your personal data will be deleted immediately after completion of the application process, or after a maximum of 6 months, unless you have expressly consented to longer storage of your data or a contract has been concluded. Legal basis: Art. 6(1)(a), (b) and (f) GDPR and § 26 BDSG.

§ 11 Slido

As part of a video stream at digital events, we offer participants the opportunity to take part in surveys or submit questions and comments via a chat function using an interaction tool. We use Slido by sli.do s. r. o., Vajnorská 100/A, 831 04 Bratislava, Slovakia. Slido provides its service via AWS servers in Germany and Ireland.

Use is optional and the event can also be followed without Slido. If the interaction tool is used, this requires participants’ consent to data use by sli.do s. r. o.

When using Slido, cookies are used for analytics and advertising purposes. You can give or withdraw your consent at any time in the “Privacy Manager” settings there. Detailed information about the cookies set by Slido: https://www.sli.do/cookie-policy.

Legal basis is our legitimate interest in a user-friendly and effective design of our virtual events.

Any possible data transfer outside the scope of the GDPR is based on EU standard contractual clauses. Further details, in particular on measures supplementing the standard contractual clauses, can be found here: https://www.sli.do/terms#service-providers For further information, please read the provider’s Privacy Policy: https://www.sli.do/terms

§ 12 Loom

To create and provide product videos, internal and external documentation, and to support customer communication, we use Loom, a service of Atlassian Pty Ltd, c/o Atlassian, Inc., 1098 Harrison Street, San Francisco, CA 94103, USA. This may involve the processing of personal data (e.g., name, email address, communication content) if these are featured in a video or transmitted through use. Atlassian’s (including Loom) privacy policy: https://www.atlassian.com/legal/privacy-policy

§ 13 WebinarGeek

To conduct the PEIQ Publishing Day event, we use the WebinarGeek service (WebinarGeek B.V., Chroomstraat 12, 2718 RR, Zoetermeer, The Netherlands). This enables us to organize registration, delivery, management and recording of webinars online. WebinarGeek acts as our processor in accordance with Art. 28 GDPR.

For data collection and processing in the context of webinars, PEIQ Publishing GmbH & Co. KG and PEIQ GmbH are responsible.

To participate in the webinar, personal data necessary for the conduct of the webinar are processed. The following data are collected/processed:

• Participant information: first name, last name, email address, time of registration for the webinar, company/organization
• Webinar metadata: topic, description (if applicable), IP address, device/hardware information, country, and active time the window was open
• Text data: when using the chat, questions or survey features, text entries are processed and logged
• All personal data provided to WebinarGeek via customer-defined input fields

Purpose and legal basis of processing: These data are used exclusively for organizing, conducting and following up the webinars, including success monitoring and proof of participation. Data are only passed on to third parties insofar as this is necessary for the technical handling of the webinar or if we are legally obliged to do so. Legal basis: Art. 6(1)(b) GDPR (contract performance) and in individual cases Art. 6(1)(f) GDPR (legitimate interest).

Consent and participation requirements: To participate in Publishing Day, your consent to processing and storage of your data is required. Without providing personal data, webinar participation is not possible or only possible to a limited extent.

Data transfer and storage: WebinarGeek may transfer data for processing to countries outside the EU, ensuring an adequate level of data protection in accordance with Chapter V GDPR. Data are stored only as long as necessary to conduct the webinar and to fulfill statutory retention obligations.

Our webinars, including the PEIQ Publishing Day, are recorded. Technical measures ensure that no personal data are visible. However, it may occur that references are made to questions asked by participants—including from the audience at the in-person event. The recordings are then stored long-term on servers of PEIQ Publishing GmbH & Co. KG.

Your rights: You have the right to request information about the data stored by us, as well as to demand their rectification or deletion. You may also object to processing.

§ 14 Cisco Webex

To conduct the PEIQ Publishing Day virtually, the video conferencing tool Cisco Webex Meetings is used. Personal data necessary for conducting the event are processed.

We will also record this event in order to make it available to participants afterward. The recording is stored on drives of PEIQ Publishing GmbH & Co. KG for an indefinite period.

To participate in Publishing Day, your consent to processing and storage of your data is required. After your consent, you will receive the link for virtual participation.

Type, scope and purpose of data processing

When you use the Webex service provided by PEIQ Publishing GmbH & Co. KG to participate in Publishing Day, the following data are processed by PEIQ Publishing GmbH & Co. KG and Cisco Webex:

User information: Name, Email address, Password, Browser, Phone number (optional), Postal address (optional), Profile picture or avatar (optional, only if provided by you), User information contained in your directory (if synchronized), Unique User ID (UUID) (a pseudonymous 128-bit number assigned to compute nodes in a network)

Purpose: Provide the service to you, Register you for the service, Respond to customer support requests, Authenticate and authorize access to your account, Display directory information to other Webex users, Display your user avatar and profile to other users (the avatar may be cached locally for 2 weeks on devices of other Webex users who participate in meetings with you), Manage customer relationships (e.g., transactional communications), Bill for the service

Host and usage information: IP address, User agent identifier, Hardware type, Operating system type and version, Client version, IP addresses along the network path, MAC address of your client (if applicable), Service version, Actions taken, Geographic region (country code), Session information (e.g., date and time, frequency, average and actual duration, quantity, quality, network activity and network connectivity), Number of meetings, Number of sessions with and without screen sharing, Number of participants, Screen resolution, Join method, Performance, troubleshooting and diagnostic information

Host information: Name and email address of the host, Meeting site URL, Start/end of the meeting, Meeting title, Participant information, including email addresses, IP addresses, usernames, phone numbers, room device information, Information submitted via the participant registration form (optional, only if provided)

Purpose: Provide the service to you, Diagnose technical problems, Perform analytics and statistical evaluations for the customer to provide administrators with insight into usage, Respond to customer support requests, Help organize, sort and/or prioritize your Webex App messages or spaces in a way relevant to you and your work, Provide Collaboration Insights (including Personal Insights) (optional), Bill for the service, Diagnostics and troubleshooting

Cisco may use Webex Meetings metadata (e.g., meeting participants, frequency) to: Organize, sort and/or prioritize your Webex App messages or spaces in a way relevant to you and your work, Provide Collaboration Insights (including Personal Insights) (optional)

User-generated information: Meeting recordings (if enabled by the customer), Transcripts of meeting recordings (optional, only if enabled), Uploaded files (Webex Webinars and Trainings only), Whiteboard content (optional, only if enabled)

Purpose: Provide the service to you

Calendar: If you use a Webex plug-in with your calendar service, we use only the above data about date, time, title and participants of the meeting. More information on the Webex Hybrid Calendar Service can be found in the references for Office 365 and Google Calendar integration.

Technical support: If a customer contacts the Cisco Technical Assistance Center (TAC) for problem diagnosis and resolution, the Cisco TAC may receive and process personal data from the service. The Cisco TAC Service Delivery Privacy Data Sheet describes the processing of such data by Cisco.

Control Hub: Webex Control Hub analytics provides usage trends and insights that can be used for strategies to promote and optimize adoption in teams. Control Hub uses host and usage information to provide advanced analytics and reports.

Surveys: As a host you can use a survey to create and distribute questionnaires. All survey data collected from participants are deleted after the meeting ends. Some Webex meetings may include Slido, a cloud-based polling and Q&A solution; details on the processing of personal data by Slido can be found in Annex 6 to this privacy data sheet.

Sharing of data

Cisco may share data with service providers, contractors or authorized third parties to support the delivery and improvement of the service. Cisco does not rent or sell your data. Data sharing takes place in accordance with Cisco’s Privacy Statement, and Cisco enters into contracts with third-party providers that provide the same level of data protection and information security you can expect from Cisco. Below is a list of subprocessors for Webex Meetings. Data shared with these subprocessors are subject to Webex data residency, except for those subprocessors for whom one of the exceptions in this section applies. All Cisco subprocessors undergo a strict security and privacy review. They are also bound by a data processing agreement that includes EU standard contractual clauses and imposes strict limits on their use and processing of data provided by us or our Webex customers and users.

Akamai: Personal data: IP address, browser and geographic region. Service type: CDN for static content. Akamai does not store content, but may store IP addresses in logs for up to 3 years. Data center location: generally aligned with the assignment of the customer’s Webex data center. IP addresses may be transferred to the United States with strict access controls and appropriate safeguards under the EU SCCs.

Amazon Web Services (AWS): Personal data: limited host and usage information and meeting recording files (if applicable). Service type: AWS cloud infrastructure is used to host the Webex signaling service, which processes participants’ UUIDs, meeting start and end times. Data are deleted within 15 days after the session. AWS infrastructure is also used to host Webex media nodes that may process real-time meeting data such as VoIP, video and high frame rate content sharing (not stored after the meeting). AWS is also used to store meeting recordings if enabled. Data center locations: United States, Germany, Netherlands, United Kingdom, Brazil, Australia, Japan, Singapore

WalkMe: Personal data: unique user ID (UUID) and user region. Service type: provides step-by-step tours and guidance to use Webex Meetings on the online site. Data center location: worldwide

If a customer purchases the service through a Cisco partner, Cisco may share some or all of the information described in this Privacy Data Sheet with the partner. Customers can disable this sharing. If you use a third-party account to sign in to your Webex account, Cisco may share only the information necessary for authentication with that third party.

Data deletion

Cisco retains your personal data as long as necessary to fulfill the purposes for which it was collected. Cisco retains and uses your personal data as required to meet business needs and legal obligations, resolve disputes, protect Cisco’s resources and enforce rights and contracts.

Cisco does not store personal data in identifiable form when the purpose(s) for which the data were collected have been achieved and there is no legal or business need to retain them. Thereafter, data are destroyed, deleted, anonymized and/or removed from Cisco’s systems.

Below are the personal data used by Webex Meetings, the retention period and reasons for retention. Users who wish to delete user information and user-generated information stored on their employer’s Webex Meetings site must request deletion from their employer’s site administrator.

Publicly available business and professional data: Retention: From public websites: three (3) years. From third-party APIs: per contractual requirements. Reason: Data from public sources. On request, publication and links to source data can be suppressed and excluded. Permanent changes/deletions must be requested at the primary source. On request, data can be archived so they do not appear.

Account and usage information: Retention: Active subscriptions: at the discretion of the customer or user. Deactivated accounts: deleted within thirty (30) days. Reason: Users can request removal via a TAC service request; Cisco responds within thirty (30) days.

Directory data: Retention: Active subscriptions: at the discretion of the customer or user. Deactivated accounts: deleted within thirty (30) days. Reason: Admins can disable Active Directory and still enable People Insights; directory data are hard deleted upon deactivation.

User-generated information: Retention: Active subscriptions: at the discretion of the customer or user. Deactivated accounts: deleted within thirty (30) days. Reason: Users can delete user-generated information at any time.

Data storage locations & processing outside the European Union

Webex data residency allows customer administrators to choose where their organization’s data are stored. Data residency is currently available for customers in the EU (“EU customers”), Canada (“Canadian customers”) and the United States (“US customers”) for personal data processed by Webex Meetings, including user information, host and usage information, and user-generated information (except as noted below). EU customers who became Webex Meetings customers after July 2021 can opt to have their data provisioned in the EU. For EU customers provisioned before July 2021, administrators were offered migration of user data to the EU, which was completed in December 2021. Canadian customers who became Webex Meetings customers after July 2022 can provision their data in Canada; those provisioned earlier were offered migration to Canada. For US customers provisioned by their administrators in the US, personal data are processed and stored in the US.

For free user accounts, data defined in this Privacy Data Sheet may be stored in a Webex data center outside the account holder’s region, including for customers from the EU and Canada.

Data type, storage location and covered data: Meetings: USA — recordings, transcripts, files, meeting titles, participant names and email addresses, and user profiles in the Webex Site Administration portal. Messaging: EU — messages, files, avatars, spaces and organization metadata. General application data: EU — all Webex identity platform data, such as full user profiles, user groups and other organization settings

Cross-border data transfer mechanisms

Binding Corporate Rules (Controller), APEC Cross-Border Privacy Rules, APEC Privacy Recognition for Processors, EU Standard Contractual Clauses, EU-U.S. Data Privacy Framework and the U.K. Extension to the EU-U.S. Data Privacy Framework, Swiss-U.S. Data Privacy Framework

Rights and obligations of the controllers

PEIQ Publishing GmbH & Co. KG is obliged to: a. use the products and/or services in accordance with data protection laws; b. ensure that all instructions given by PEIQ Publishing GmbH & Co. KG to Cisco regarding processing of personal data always comply with data protection laws; c. ensure that all personal data provided to Cisco were collected in accordance with data protection laws and that PEIQ Publishing GmbH & Co. KG has all authorizations and/or consents required to provide such personal data to Cisco; and d. limit the amount of personal data provided to Cisco to the minimum necessary to provide the products and/or services.

Cisco is obliged to: a. process personal data only in accordance with the documented instructions of PEIQ Publishing GmbH & Co. KG, the applicable Privacy Data Sheets (Annex 1 to the Standard Contractual Clauses, where applicable) and this MDPA, and notify PEIQ Publishing GmbH & Co. KG without undue delay if Cisco reasonably believes the instructions are not compliant; b. ensure its authorized representatives who may process personal data have committed in writing to confidentiality; c. appoint Data Protection Officer(s) and provide contact details upon request; d. assist PEIQ Publishing GmbH & Co. KG as needed to respond to requests from supervisory authorities, data subjects, customers or others to provide information related to Cisco’s processing of personal data; e. if required by data protection laws, court order, subpoena or other legal process, process personal data other than in accordance with PEIQ’s instructions and notify PEIQ without undue delay of such requirement before processing (unless prohibited by compelling applicable law, in particular for important reasons of public interest); f. process personal data only on Cisco systems or facilities to the extent necessary to perform obligations under the agreement; g. act, where appropriate, as a subprocessor of such personal data; h. keep records of processing of all personal data received from PEIQ under the agreement; i. not rent, sell, distribute or otherwise encumber personal data unless separately agreed; j. provide such information and assistance as PEIQ reasonably requires to meet applicable requirements or approvals related to data protection laws; k. provide information and assistance as PEIQ reasonably requires (considering the nature of processing and the information available to Cisco) to enable PEIQ to comply with its obligations regarding: i. security of processing; ii. data protection impact assessments; iii. prior consultation with a supervisory authority for high-risk processing; and iv. notifications to the competent supervisory authority and/or communications to data subjects by PEIQ in response to a data breach; l. upon termination of the MDPA for any reason, cease processing personal data and thereafter, upon PEIQ’s written request and without undue delay, (i) return personal data in its possession or under its control, or (ii) securely delete or permanently render unreadable or inaccessible existing copies, unless continued retention and processing are required or permitted by data protection laws and/or mandatory applicable law. Upon request, Cisco will confirm in writing that it has fully complied or explain why compliance is not possible.

Security measures

The service takes technical and organizational security measures to protect your personal data from unauthorized access, use or disclosure. Additional information about our encryption architecture is summarized below.

User information: encrypted in transit and at rest

Passwords (if SSO is not configured): encrypted and hashed in transit and at rest

Host and usage information: encrypted in transit and at rest

User-generated information: recordings before May 2018 were encrypted in transit with an option for encryption at rest; recordings created after May 2018 are encrypted by default in transit and at rest; recordings created after October 2019 with the FedRAMP-authorized Webex Meetings service are encrypted in transit and at rest.

Protection of data at rest: The service encrypts user information, passwords and user-generated information at rest as described above.

Encryption of data in transit: All communication between the cloud-registered Webex App, Webex Room Devices and the Webex services is over encrypted channels. Webex uses TLS (>= 1.2) with high-security cipher suites for signaling. After a TLS session is established, all media streams (audio VoIP, video, screen sharing and document sharing) are encrypted. Media can be transported over UDP, TCP or TLS. Cisco strongly prefers UDP for media due to latency/jitter characteristics of TCP/TLS. Media packets are encrypted with AES-256 or AES-128 ciphers. Webex App and Room Devices use AES-256-GCM; keys are exchanged over TLS-secured signaling channels. SIP/H323 devices that support SRTP may use AES-256-GCM, AES-128-GCM or AES-CM-128-HMAC-SHA1.

Zero Trust Security-based end-to-end encryption: For higher security needs, Webex also offers end-to-end encryption for meetings (“Webex Zero Trust Security E2EE”). With this option, the Webex cloud has no access to the encryption keys used by participants and cannot decrypt media streams. E2EE uses MLS to derive a shared meeting key and S-Frame to encrypt content. Keys are derived on each participant’s device and do not pass through the cloud; keys rotate as participants join/leave. When E2EE is enabled, services/endpoints requiring access to meeting keys (e.g., SRTP hop-by-hop devices) are not supported. This limits participants to the Webex App or cloud-registered Webex devices and excludes services like network-based recording, speech recognition, etc. The following features are also not supported: Join before host, Sessions with video devices, Linux clients, Network-based recording (NBR), Webex Assistant, Storage of transcripts, meeting notes, PSTN calls/callbacks

Further Cisco security measures are described in that document. More information on Webex Meetings privacy can be found in the Privacy Data Sheet and DPA.

Withdrawal of consent

You have the right to withdraw your consent at any time, in whole or in part.

§ 15 Use of the “pretix” ticketing system

For registration and ticket booking for our “PEIQ Publishing Day” event, we use the ticketing service pretix, operated by rami.io GmbH, Berthold-Mogel-Straße 1, 69126 Heidelberg, Germany.

The data entered during registration (e.g., name, email address, company, billing data) are processed exclusively for event organization, ticket handling and, where applicable, invoicing. Processing is carried out pursuant to Art. 6(1)(b) GDPR (contract performance) and Art. 6(1)(f) GDPR (legitimate interest in efficient event organization). Processing is carried out under a processing agreement pursuant to Art. 28 GDPR with rami.io GmbH.

pretix uses technical cookies to ensure the functionality of the ticket shop. IP addresses or unnecessary metadata are not stored. Data transfer is encrypted and servers are located exclusively in German data centers. Further information on pretix privacy: https://pretix.eu/about/de/privacy

Note on your rights: You have the right to access, rectification, deletion, restriction of processing, data portability and to object to processing. Further information on your rights can be found in the general section of this Privacy Policy.

§ 16 Additional information for the subdomain pd.publfish.com

For Publishing Day 2025 we operate a dedicated subdomain at https://pd.publfish.com. This site provides event information and is technically separate from our main site.

Hosting via Netlify: The subdomain is hosted by Netlify (Netlify Inc., 2325 3rd Street, Suite 296, San Francisco, CA 94107, USA). When accessing this page, access data such as IP address, browser type, operating system and time are processed. Netlify is certified under the EU-U.S. Data Privacy Framework. Further information: https://www.netlify.com/privacy/

Cookies and external content: No cookies or tracking technologies are used on pd.publfish.com. External content is not embedded automatically. Links may refer to external platforms (e.g., YouTube). The respective providers are responsible for data processing on those platforms.

§ 17 Right of access

You may request information from PEIQ at any time pursuant to Article 15 GDPR about your stored personal data.

If your data have been processed for journalistic-editorial purposes within PEIQ’s offering, you may also request information about data stored about you if you have been affected in a legitimate interest by such processing. Under certain statutory conditions, PEIQ may refuse to provide information.

You may at any time request that PEIQ delete your personal data without undue delay if the conditions of Article 17 GDPR are met, or that inaccurate personal data be corrected or completed pursuant to Article 16 GDPR.

You may object to the processing of your personal data if the reasons set out in Article 21 GDPR are met.

For such requests, please use our contact form or contact our Data Protection Officer at datenschutz@peiq.de.

§ 18 Right to amend

PEIQ regularly reviews its own privacy statements and reserves the right to amend this Privacy Policy at any time in compliance with applicable data protection regulations and to publish it on this page. By continuing to use this website after such updates, you accept these changes.

If you have any questions about data protection at PEIQ Publishing GmbH & Co. KG, our Data Protection Officer is available at datenschutz@peiq.de.