Privacy Policy
Protecting your personal data matters to us. Below we inform you, pursuant to the GDPR and the Austrian Data Protection Act (DSG), about the processing carried out for the Vienna Business series (Brunch · Night · Summit).
1 · Controller
The controller under the GDPR is Degeler Consulting e.U., Bruno-Marek-Allee 5/10/6, 1020 Vienna, Austria. It operates the website, ticketing, newsletter and accounting.
Privacy contact: privacy@degeler.consulting.
Daylight Agency e.U. (Julia Prochazka) acts as co-organiser and receives access to attendee data to the extent required, acting as a processor under Art. 28 GDPR on the basis of a data processing agreement with Degeler Consulting e.U.
2 · Registration & ticket purchase
When you register we process name, email, LinkedIn profile and, where applicable, payment data (legal basis: Art. 6(1)(b) GDPR). Payments are handled by Stripe; data is stored on servers of Hetzner Online GmbH (Germany). Retention follows statutory periods (e.g. 7 years for accounting records).
3 · Attendee directory (LinkedIn)
On request we add your name and LinkedIn profile to an attendee directory so participants of an event can connect in advance (legal basis: your consent, Art. 6(1)(a) GDPR). The directory is not public — it is visible only to confirmed attendees of the same event via a personal access link. You may withdraw consent at any time.
4 · Newsletter
We use MailerLite (Ireland) as processor and a double opt-in procedure. Legal basis: your explicit consent (Art. 6(1)(a) GDPR). You can unsubscribe at any time.
5 · Cookieless analytics
We measure usage anonymously and without cookies via our own 1×1 pixel on a Hetzner server (Germany). The IP address is discarded immediately after processing; a daily-rotating cryptographic hash prevents cross-day tracking. No third-party trackers are used. Legal basis: Art. 6(1)(f) GDPR.
6 · Server logs
Technically necessary access data (IP, timestamp, requested resource, browser/OS) is processed in server logs to ensure operation and security (Art. 6(1)(f) GDPR), typically retained for 90 days.
7 · Event photography
At our events we take photos and videos for documentation and marketing (overview shots based on Art. 6(1)(f) GDPR; close-ups of individuals only with their consent, Art. 6(1)(a) GDPR). You may object at any time (Art. 21 GDPR).
8 · Cookies
This website sets no cookies of its own for tracking or marketing. Embedded third-party content (e.g. a MailerLite form) may set cookies within its iframe, under the respective provider's responsibility.
9 · Recipients & processors
- Daylight Agency e.U. — co-organiser, processor (Art. 28 GDPR)
- Stripe — payment processing
- MailerLite — newsletter delivery
- Hetzner Online GmbH — hosting/database (Germany)
- Authorities and courts where legally required; tax/audit advisors
10 · Data security
We apply appropriate technical and organisational measures pursuant to Art. 32 GDPR to protect your data.
11 · Your rights
You have the rights of access (Art. 15), rectification (Art. 16), erasure (Art. 17), restriction (Art. 18), portability (Art. 20), withdrawal of consent (Art. 7(3)) and objection (Art. 21 GDPR). Contact privacy@degeler.consulting. You may also lodge a complaint with the Austrian Data Protection Authority (Datenschutzbehörde), Barichgasse 40–42, 1030 Vienna, dsb@dsb.gv.at.
Note: draft based on Degeler Consulting's privacy policies — to be reviewed by a lawyer before launch. Last updated: July 2026.