Kontrast

Nexia Website Nexia Website
Nexia GmbH
Wirtschaftsprüfungsgesellschaft
Steuerberatungsgesellschaft
Georg-Glock-Straße 4
40474 Düsseldorf
+49 211 171700
kontakt@nexia.de
Print

Privacy notice for Online Seminars

Information pursuant to Articles 13 and 14 of the General Data Protection Regulation (GDPR) on the use of your personal data

 

Controller and contact details

The controller within the meaning of data protection law is:

Nexia GmbH
Wirtschaftsprüfungsgesellschaft | Steuerberatungsgesellschaft
Georg-Glock-Straße 4, 40474 Düsseldorf, Deutschland

You can find further information about our company, the persons authorized to represent us and additional contact options in the legal notice (Imprint) on our website:
https://www.nexia.de/impressum

Contact details of the Data Protection Officer: datenschutz@nexia.de


Scope

This privacy notice informs you pursuant to Article 13 GDPR about the processing of personal data in connection with the registration for, delivery of and follow-up to Nexia GmbH online seminars. It applies both to moderator-led live online seminars and to seminar formats without live moderation in which participants access seminar materials via the seminar platform. For in-person events held on site, the separate privacy notice “Events” on the Nexia website applies.


What data we process

When you register via our website, we process the contact and organization-related information you provide. Depending on the form, this may include in particular the date/time, salutation, first name, last name, email address and, optionally, telephone number, position/title, and additional company/address details. Mandatory fields are marked accordingly in the form. If a company books multiple participations, we also process the data of the purchaser/contact person as well as invoicing and payment information (billing address, invoice details, payment status).

For access to the online seminar, we provide invitation or access codes in the form of web links. Which person within a company uses which code is decided by the booking company under its own responsibility. For technical reasons, we may process whether a code has been used in order to provide access, troubleshoot issues and prevent misuse.

Moderator-led live online seminars are held via Microsoft Teams. Depending on your use, the following data may be processed in particular: your display name, possibly your email address, meeting metadata (e.g., date and time) and, where you actively provide content, audio/video data or chat contributions if you use these functions.

In parallel or alternatively, we provide seminar materials via a seminar platform which you access through the provided web link in your browser. When using the seminar platform, technical usage data is regularly generated, such as IP address, date and time of access, and information about browser and end device, insofar as this is necessary for content delivery, IT security and error analysis.

During a live online seminar, you may have the option to voluntarily participate in polls via the seminar platform. The poll results are generally displayed only in aggregated form (e.g., percentages) and are not attributed by name to individual participants.

At the end of an online seminar, a certificate of participation may optionally be generated as a PDF. For this purpose, if you wish, you enter a name yourself which will be included on the certificate.


Microsoft Forms

For the registration to our events, we use Microsoft Forms as an online form service. The data you enter into the registration form (in particular salutation, first name, last name, email address, if applicable telephone number, company affiliation and other event-related information) is transmitted to us via Microsoft Forms and stored on Microsoft servers.

Microsoft Forms is a service provided by Microsoft Ireland Operations Limited, One Microsoft Place, South County Business Park, Leopardstown, Dublin 18, D18 P521, Ireland. Processing is carried out on the basis of data processing agreements pursuant to Article 28 GDPR. Microsoft processes the data only on our instructions and for the purpose of handling the registration. The legal basis for processing the data provided in the form is Article 6(1)(b) GDPR where the registration is submitted directly by the participating person or is necessary to take steps prior to entering into a contract. If registration is carried out by a company for its employees, we additionally rely on Article 6(1)(f) GDPR. Our legitimate interest lies in the proper organization and delivery of the event as well as communication with participants.
 

Purposes and legal bases of processing

We process personal data to handle your registration, enable participation from an organizational perspective, send you information about the event and deliver the online seminar. The legal basis is Article 6(1)(b) GDPR insofar as processing is necessary for the performance of the contract with you or to take steps at your request prior to entering into a contract. Where a company books participation for employees and participants are not themselves party to the contract, we process participant data for organization, communication and delivery of the online seminar on the basis of Article 6(1)(f) GDPR; our legitimate interest lies in the proper delivery of the event and communication with participants.

Where booking, invoicing and payment transactions are concerned, we process data for invoicing, payment processing and compliance with statutory retention obligations. The legal bases are Article 6(1)(b) GDPR (performance of contract) and Article 6(1)(c) GDPR (legal obligations, in particular commercial and tax-law retention obligations). Where we process contact details of contact persons of the booking company, we additionally rely on Article 6(1)(f) GDPR; our legitimate interest lies in handling and communicating in connection with the booking.

For the provision and secure operation of the seminar platform and for the technical provision of access codes, we process technical usage data insofar as this is necessary to deliver content, resolve disruptions, ensure system security and prevent misuse. The legal basis is Article 6(1)(f) GDPR; our legitimate interest lies in the secure, stable and misuse-free provision of our online services.

Voluntary participation in polls serves to make the online seminar interactive. Processing is based on Article 6(1)(f) GDPR; our legitimate interest lies in tailoring content and processes to the audience without evaluating individuals. No analyses are created at an individual level.

A certificate of participation is generated only if you actively use this function and enter a name. The legal basis is Article 6(1)(a) GDPR (consent), which you provide by entering the name and initiating the generation. You may withdraw your consent at any time with effect for the future; where we do not store the entered name permanently, withdrawal in practice means not using this function going forward.

Recording or transcription of live online seminars is not intended as a standard practice. If, exceptionally, a recording is planned, we will inform you separately in advance and will carry out the processing only on an appropriate legal basis, typically on the basis of consent pursuant to Article 6(1)(a) GDPR.


No independent recordings/transcriptions by participants

We do not permit participants to independently record, transcribe or otherwise automatically capture live online seminars or their content (including audio/video, chat and shared content) using their own recording or transcription tools (e.g., separate recorder software, browser add-ins or external meeting bots).

The reason is that such captures can regularly constitute an independent processing of personal data under the participant’s own responsibility and, depending on the specific set-up, may require separate information obligations and legal bases (in particular, consent from all data subjects). Independently of this, covert audio recordings may be criminally relevant under German law (Section 201 of the German Criminal Code - confidentiality of the spoken word).

Please use only the functions provided and approved by Nexia. In the event of violations, we reserve the right to exclude the person concerned from the seminar or to terminate the seminar.
 

Recipients and service providers

Within Nexia GmbH, only those persons have access to your data who require it for organizing, conducting and invoicing the online seminar. Where we use service providers, this is done on the basis of data processing agreements pursuant to Article 28 GDPR.

For moderator-led live online seminars, we use Microsoft Teams. In this context, Microsoft processes personal data as a service provider for the provision of the communication and collaboration tool; in addition, Microsoft may be independently responsible for certain processing activities, as described in the information provided for Microsoft Teams.

For the seminar platform, hosting and IT service providers may be used. The specific naming and hosting location depend on the infrastructure used in each case; where an external hosting provider is used, it acts as a processor.
 

Transfers to third countries

As part of the organization and delivery of our online seminars, personal data is processed exclusively within the European Union and/or the European Economic Area. For delivery via Microsoft Teams, we use a Microsoft environment configured by us within the EU Data Boundary; accordingly, processing outside the EU/EEA does not take place. Further information on data processing in connection with Microsoft Teams and the settings applied there can be found in our separate Microsoft Teams privacy notice.
 

Storage period

We store personal data only for as long as necessary for the respective purposes. Organizational and communication data relating to seminar participation is generally stored until completion and follow-up of the online seminar and then deleted, unless statutory retention obligations apply or we need the data for the establishment, exercise or defense of legal claims.

Invoicing and accounting records are retained in accordance with statutory requirements, generally for six or ten years depending on the type of document.

Technical log data of the seminar platform is stored for a limited period for security and error analysis purposes and then deleted.
 

Requirement to provide data

The data marked as mandatory is required to process your registration and enable your participation in the online seminar. Without this information, participation is generally not possible. Optional information, such as a telephone number, can be omitted without generally preventing participation.
 

Your rights

Subject to the statutory requirements, you have the right of access, rectification, erasure, restriction of processing, data portability, as well as the right to object to certain processing (Articles 15 to 21 GDPR). Where processing is based on your consent, you may withdraw your consent at any time with effect for the future. You also have the right to lodge a complaint with a data protection supervisory authority.


Automated decision-making

Automated decision-making, including profiling, within the meaning of Article 22 GDPR does not take place in connection with our online seminars.

 

Last update of the privacy policy for Online seminars: 02/2026