This Privacy Policy informs you about the collection and processing of your personal data and the rights you have with regard to your personal data.
Name and details of the data controller
The data controller is:
Messe Frankfurt France S.A.S. 1 Avenue de Flandres
75019 Paris France
Telephone: +33 1 55 26 89 89
Email : remove@france.messefrankfurt.com
You can reach our data protection officer at:
Messe Frankfurt France S.A.S
Délégué à la protection des données
1 Avenue de Flandres
75019 Paris
France
Téléphone : +33 1 55 26 89 89
Email : dpomesse@derriennic.com
Messe Frankfurt France S.A.S. may, in this Privacy Policy, be referred to as ‘Messe Frankfurt’ or as ‘we’.
I Purposes, legal bases and retention periods
Your personal data may be processed by authorised Messe Frankfurt personnel for a number of purposes.
Each of these purposes is associated with a ‘legal basis’, which justifies our proceeding with the processing.
Your data is also stored for a predetermined period, which depends on the purpose of the processing. This period is expressed as an ‘active basis’, which corresponds to the stage at which your data is actually processed in order to achieve the purpose described in the table.
Your data may then be stored in an ‘intermediate archive’, which corresponds to a state of conservation of the data with restricted access. Data stored in this way is no longer used for the purpose for which it was collected, but is nevertheless retained in order to comply with a legal obligation and/or to enable us to defend our legal rights, if necessary.
The purposes, legal bases and retention periods are detailed in the table below:
Purpose of processing |
Legal basis |
Data retention period |
Management of requests received via the contact form |
Our legitimate interest in responding to your requests and queries |
Until the request has been fully processed |
Creating and managing your Messe Login / My Account user account |
Execution of the conditions of use |
Until you delete your user account, or after a period of inactivity of 2 years. |
Accounting management |
Our legal accounting obligations |
During the current tax year |
Recrutement |
Pre-contractual measures taken at the candidate's request |
During the recruitment process |
Managing a CV library |
Our legitimate interest in keeping CVs after the recruitment process, in order to offer job vacancies |
6 months from the decision on the application, unless the applicant objects |
Commercial prospecting |
The pursuit of our legitimate interest in expanding our business |
3 years following the last contact from the prospect |
Customer management (exhibitors or visitors) |
The contract we have concluded with our customer |
Throughout the contractual relationship |
Organising trade fairs and exhibitions |
The contract we have concluded with our exhibitor or visitor |
|
Supplier management |
The contract we have signed with our supplier |
II Recipients of data
Only authorised third parties and persons whose duties require them to process your personal data will have access to said data.
This may include:
- Messe Frankfurt Group companies;
- Our service provider responsible for hosting personal data;
- Our facilities management provider;
- Our accounting firm;
- Our statutory auditor;
- Our service provider in charge of archiving operations;
- Our provider in charge of supplying software in the cloud;
- Our phoning service provider;
- Companies managing mail delivery;
- Our emailing and text messaging service provider;
- Our service provider for accommodation bookings;
- Our recruitment agencies;
- Our commercial partners, whose role may include issuing visitor badges;
- Associations in the exhibition sector;
- Exhibitors, to whom we may send information relating to visitors;
- Public authorities, for example in the event of a legal obligation.
III Transfers to third countries
We process your personal data exclusively within the European Economic Area (EEA) and do not transfer your personal data outside the EEA.
If, by way of exception, we were to transfer your personal data outside the EEA, to countries which do not benefit from an adequacy decision by the European Commission (for example by sending it to one of our group companies), we would ensure that the country of destination has been the subject of an adequacy decision by the European Commission, or we would enter into European Commission standard contractual clauses with the recipient of the data.
IV Your rights
Under the conditions set out in the GDPR, you have the right to access, rectify, object to and delete your data, as well as the right to limit and port it. You also have the right to define directives concerning the fate of your data after your death and, where applicable, the right to revoke your consent.
To exercise these rights, please contact us at the following address: dpomesse@derriennic.com
You also have the right to lodge a complaint with the competent supervisory authority (in France: the CNIL)
V Indirect data collection
We may collect the personal data required to register participants for trade fairs (surname, first name, company, email address, telephone number, preferences, etc.) indirectly, through our partner LENI, which manages the trade fair registration platform.
Our recruitment agencies may also send us the personal data of job applicants. This is the personal data required to process these applications, in particular the data appearing on their CV and covering letter. We may also collect data relating to your career via Linkedin, which is a publicly accessible source.
Finally, if you have a Messe Login account, the following entities may send us information relating to your user account (country, title, surname, first name, email, etc.): Messe Frankfurt GmbH, Messe Frankfurt Exhibition GmbH, Messe Frankfurt Venue GmbH, Messe Frankfurt Medien und Service GmbH and Accente Gastronomie Service GmbH.