1. Name of the Processing Activity
The data protection information is provided in connection with the registration for the online conference of the Main Model United Nations (MainMUN) in Frankfurt. MainMUN processes data in order to be able to hold the online conference.
2. Name and Contact Details of the Person Responsible
Goethe-University Frankfurt
Dr. habil. Christian Tuschhoff
in his function as the dean of the Main Model United Nations
business address:
Theodor-W.-Adorno-Platz 6
60323 Frankfurt am Main
3. Contact Details of the Official Data Protection Officer
Nathalie Ferko, E-mail: facultyadvisor@mainmun.de
4. Purposes and Legal Basis of Processing
Any data will be processed to organize and hold the respective online conference, to be able to carry out a statistical evaluation and preparation of the events. This is necessary to increase the efficiency of the conference organisation, measure the participants’ satisfaction and for statistical processing of products. Any data will be processed based on Art. 6 Para. 1 Letter b GDPR (contract / preliminary contract) or Art. 6 Para. 1 Letter e in conjunction with Art. 6 para. 3 sentences 1 letter b GDPR (sovereign task).
5. Recipients or categories of recipients of the personal data
Mymun (www.mymun.de) is used for registering at the online conference. Mymun is a service from mymun GmbH based in Herrenberg, Germany. The following categories of data are processed: User information (surname, first name, email address, etc.) and location information. For more information on data processing by mymun please refer to mymun’s privacy policy (https://mymun.com/privacy).
Ryver (ryver.com) is used to communicate with other participants during the conference. It is a service of Ryver LLC, based in 9035 East Pima Center Parkway, Suite 5, Scottsdale, Arizona, United States of America. The following categories of data are processed when using Ryver: User information and anonymized user metrics. For more information on data processing by Ryver please refer to Ryver’s privacy policy (https://ryver.com/privacy-policy/)
Zoom (zoom.us) is used to hold any meetings related to the conference. Zoom is a service from Zoom Video Communications Inc., based in 55 Almaden Boulevard, 6th Floor, San Jose, California, United States of America. The following categories of data are processed when using Zoom: User information, Operation data, anonymized support and feedback data, approximate location, Persistent Identifiers on Marketing and Product Pages. For more information on data processing by Zoom please refer to Zoom’s privacy policy (https://zoom.us/privacy)
6. Transfer of personal data to a third country
The provider of the registration service (mymun) as well as the organizer of MainMUN are based in Germany. Therefore, any adequate level of data protection is guaranteed by the EU standard contractual clauses.
The provider of the chat communication (Ryver) is based in the United States of America. Being a part of the EU-U.S. Privacy Shield Framework (https://www.privacyshield.gov/welcome) complies them to adhere to EU data protection standards when data is transferred to the United States of America. An adequate level of data protection is guaranteed by the EU standard contractual clauses.
The provider of the web conference (Zoom) is based in the United States of America. All data that is collected within the European Economic Area will only be transferred to a territory, which provides an adequate level of data protecting in accordance with the European Commission or appropriate measures will be taken to protect the data, including the European Commission Standard Contractual Clauses (https://eur-lex.europa.eu/legal-content/EN/TXT/?uri=celex%3A32010D0087)
7. Duration of Storage of Personal Data
The data is deleted in compliance with the statutory retention periods, in relation to business letters after six years, in relation to invoicing after ten years, provided that participant data is not required beyond this in order to be able to issue duplicates or confirmations of participation.
8. Rights of data subjects
According to the EU General Data Protection Regulation, participants have the following rights: If personal data is processed, participants have the right to receive information about the data stored about them (Art. 15 GDPR). If incorrect personal data is processed, participants have the right to rectification (Art. 16 GDPR). If the legal requirements are met, participants can request the deletion or restriction of processing and object to processing (Articles 17, 18 and 21 GDPR). If participants have consented to the data processing or if there is a data processing contract and the data processing is carried out using automated procedures, they may have the right to data portability (Art. 20 GDPR). If participants make use of their above-mentioned rights it will be checked, whether the legal requirements are met. To exercise rights, please contact our official data protection officer at E-Mail: facultyadvisor@mainmun.de. If there are any complaints about data protection law, participants can contact the responsible supervisory authority: State Commissioner for Data Protection and Freedom of Information Hessen P.O. Box 3163, 65021 Wiesbaden, Tel.: +49 611 1408 – 0 Fax: +49 611 1408 – 900/901, Email: poststelle@datenschutz.hessen.de.
9. Right of withdrawal with consent
The participants may revoke their consent at any time for the future.