Data privacy policy

I. General information and mandatory information

1. In addition to our range of trade fair services we also provide the "myStandLeads" application (also referred to below as the "app"), to optimise your contact management, which you can download to your mobile device and add to your profile at The following information provides a simple overview of the processing of your personal data when you use the app or visit our website, as well as the rights and obligations to which you are entitled.

Personal data is all data that can be related to you personally, e.g. name, address, e-mail addresses, user behaviour.

2. The data controller in accordance with Art. 4 Section 7 of the EU General Data Protection Regulation (GDPR) is myStand technology GmbH, Bergweg 7, 04356 Leipzig. You can contact our data protection officer at or at our postal address for the attention of the "Data protection officer".

3. When you contact us by e-mail or via a contact form, your e-mail address and, if you provide these, your name and telephone number will be saved by us to answer your questions. The data collected in this context will be deleted after the storage is no longer necessary or - in the case of legal retention obligations - the processing will be restricted.

4. To use the "myStandLeads" application, you will need to create a user account on our website and download the app to your mobile device. During registration, you have to enter your first and last name as well as your e-mail address and choose a password.

II. Visiting our website

1. What do we use your data for?

A portion of the information is generated to guarantee the error free provision of the website. Other data may be used to analyse your user patterns.

2. Server log files

If you only use the website for information purposes, i.e. if you do not register or otherwise provide us with information, we only collect the personal data that your browser transmits to our server. If you wish to view our website, we collect the following data which is technically necessary for us to display our website to you and to guarantee its stability and security (the legal basis is Art. 6 Section 1 P. 1 f GDPR):

  • browser type and version
  • The used operating system
  • Referrer URL
  • The hostname of the accessing computer
  • The time of the server inquiry
  • The IP address

This data is not merged with other data sources.

3. Cookies

In addition to the above-mentioned data, cookies are stored on your computer when you use our website. Cookies are small text files that are stored on your hard drive by the browser you are using and through which certain information is transmitted to the service that sets the cookie (in this case by us). Cookies cannot execute programmes or transmit viruses to your computer. They serve to make the website more user-friendly and effective.

Most of the cookies we use are so-called “session cookies.” They are automatically deleted after your leave our site. Other cookies will remain archived on your device until you delete them. These cookies enable us to recognize your browser the next time you visit our website.

You can adjust the settings of your browser to make sure that you are notified every time cookies are placed and to enable you to accept cookies only in specific cases or to exclude the acceptance of cookies for specific situations or in general and to activate the automatic deletion of cookies when you close your browser. If you deactivate cookies, the functions of this website may be limited.

4. Contact form / enquiry

If you submit inquiries to us via our contact form, the information provided in the contact form as well as any contact information provided therein will be stored by us in order to handle your inquiry and in the event that we have further questions. We will not share this information without your consent.

The processing of the data entered in the contact form is carried out on the basis of Art. 6 Section 1 b) GDPR, insofar as it can be assumed from the course of the enquiry that a contractual relationship has been initiated; otherwise the processing is carried out on the basis of Art. 6 Section 1 f) GDPR.

The data will be deleted as soon as it is no longer required to achieve the purpose for which it was recorded. For the personal data from the input mask of the contact form and the data sent by e-mail, this is usually the case when the respective dialogue with you has ended. The dialogue ends when the circumstances indicate that the matter in question has been conclusively clarified.

5. Social media

On our website you will find links or plugins to the social networks Facebook and Instagram. You can recognise the links by the respective logos of the providers.

We only use these plugins together with the so-called "Shariff" solution. This application prevents the plugins integrated on our website from transferring data to the respective provider the first time you enter the site.

A direct connection to the provider's server is only established when you activate the relevant plugin by clicking the corresponding button. As soon as you activate the plugin, the corresponding provider receives the information that you have visited our site with your IP address. If you are logged into your relevant social media account (e.g. Facebook) at the same time, the respective provider can assign the visit to our pages to your user account. When you click on the link the respective social media page is opened, to which this data protection declaration does not apply. Please refer to the corresponding privacy statements of the individual providers for details of the provisions applicable there. You will find these at:


No personal information is transmitted to the respective providers before you access the corresponding links or plugins. Your accessing of the linked website is at the same time the basis for data processing by the respective providers.

6. Web analytics

6.1 This website uses Google Analytics, a web analytics service provided by Google Inc. ("Google"). Google Analytics uses "cookies", which are text files placed on your computer, to help the website analyse how users use the site. The information generated by the cookie about your use of the website is generally transmitted to and stored by Google on servers in the United States. However, if IP anonymisation is activated on this website, your IP address will be shortened beforehand by Google within member states of the European Union or in other signatory states to the Agreement on the European Economic Area. Only in exceptional cases will the full IP address be transmitted to a Google server in the USA and shortened there. On behalf of the operator of this website, Google will use this information to evaluate your use of the website, to compile reports on website activity and to provide other services relating to website activity and internet usage to the website operator.

6.2 The IP address transmitted by your browser as part of Google Analytics will not be merged with other Google data.

6.3 You may refuse the use of cookies by selecting the appropriate settings on your browser, but please note that if you do this you may not be able to use the full functionality of this website. You can also prevent the data generated by the cookie and related to your use of the website (including your IP address) being transmitted to Google and prevent Google from processing this data by downloading and installing the browser plug-in available under the following link:

6.4 This website applies Google Analytics with the "_anonymizeIp()“ suffix. This means that IP addresses are shortened for further processing, which excludes the possibility of personal references. If the data collected about you is related to a person, this is excluded immediately and the personal data is deleted immediately.

6.5 We use Google Analytics to analyse and regularly improve the use of our website. The statistics obtained allow us to improve our services and make them more interesting for you as a user. For the exceptional cases in which personal data is transferred to the USA, Google has submitted to the EU-US Privacy Shield, The legal basis for the use of Google Analytics is Art. 6 Section 1 P. 1 f GDPR.

6.6. Information relating to the third-party provider: Google Dublin, Google Ireland Ltd., Gordon House, Barrow Street, Dublin 4, Ireland, Fax: +353 (1) 436 1001. Terms of use:, data protection details:, and the policy statement:

7. PayPal

We use PayPal as an optional payment possibility. The legal basis for the processing of your data in this respect is Art. 6 Section 1 a).

PayPal is an online payment service provider. Payments are processed via so-called PayPal accounts, which are virtual private or business accounts. PayPal also offers the option of processing virtual payments via credit cards if a user does not have a PayPal account. A PayPal account is managed via an e-mail address, which is why there is no classic account number. PayPal makes it possible to initiate online payments to third parties or to receive payments. PayPal also acts as a trustee and offers buyer protection services.

The European operating company of PayPal is PayPal (Europe) S.à.r.l. & Cie. S.C.A., 22-24 Boulevard Royal, 2449 Luxembourg, Luxembourg.

If you select the "PayPal" payment option, the data of the data subject will be automatically transmitted to PayPal. By selecting this payment option, you consent to the transfer of the personal data required for payment processing.

The purpose of this data transfer is to process payments and prevent fraud.

The applicable data protection provisions of PayPal can be found at

8. FastBill

We use the online billing service FastBill for invoicing. The provider of this service is FastBill GmbH, Wildunger Str. 6, 60487 Frankfurt am Main. If you register with us and book a chargeable service, your billing data (name, company, address, VAT ID number, etc.) will be transmitted to FastBill for billing purposes.

The legal basis for the sharing of your data with PayPal is Art. 6 Sect. 1 lit. a GDPR (consent) as well as Art. 6 Sect. 1 lit. b GDPR (processing for the fulfilment of a contract). You have the option to at any time revoke your consent to the processing of your data. Such a revocation shall not have any impact on the effectiveness of data processing transactions that occurred in the past.

You can find further details in the data protection provisions of FastBill:

9. Facebook Custom Audiences; Facebook Pixel

9.1. This website also uses the "Custom Audiences" remarketing function of Facebook Inc. ("Facebook"). This enables users of the website to be displayed interest-related advertisements ("Facebook Ads") when visiting the Facebook social network or other websites that also use the process. This enables us to display advertisements that are of interest to you.

9.2. On the basis of the Facebook pixel used, your browser will automatically build a direct connection to the Facebook server. We have no influence on the extent and further use of the data collected through the use of this tool by Facebook and therefore inform you according to the state of our knowledge: by integrating Facebook Custom Audiences, Facebook receives the information that you have accessed the corresponding page of our website or clicked on an advertisement from us. If you are registered with a Facebook service, Facebook can assign the visit to your account. Even if you are not registered with Facebook or have not logged in, it is possible for the provider to find out and store your IP address and other identifying features.

9.3 Logged-in users can deactivate the "Facebook Custom Audiences“ function at

9.4 The legal basis for the processing of your data is Art. 6 Section 1 P. 1 f GDPR. For more information about Facebook data processing, please see

III. register

You can register on our website to take advantage of our "myStandLeads" offer. On registering you enter into a contract for the use of our offers, some of which are free of charge. For further information, please refer to our terms of use.

We only use the data entered during the registration process for the purpose of using the respective offer or service for which you have registered. The mandatory information requested during registration must be provided in full.

Your access data cannot be viewed by third parties. Under no circumstances will we pass this data on to third parties.

The processing of the data entered during registration is carried out for the purpose of implementing the contractual relationship on the basis of Art. 6 Section 1 b) GDPR. The processing of access data is particularly necessary to ensure that only authorised persons have access to the user profile of a user, which contains the contact information (business card information) of third parties recorded by this user. The contact information can be managed via the user profile.

The data recorded during registration will be stored by us as long as the contractual relationship with you continues or as long as we are obliged to store it.

IV. Collection of personal data when you use our mobile app

1. In order to use the myStandLeads app you first have to register on our website. Personal data (e.g. your name and e-mail address) will be requested in order to give you access to our services. The legal basis for this is Art. 6 Section 1 b) GDPR.

2. The purpose of the myStandLeads app is the possibility of efficient contact management through IT-based processing of business card information, in particular by scanning a business card. The recorded contact data is stored on our server and is protected against access by third parties. The user of the app has the option of structuring the collected contact data, providing it with additional information or exporting it. This contact data is not used by us or third parties. We have no possibility of viewing the contact information of third parties (business card owners).

When scanning business cards we use the Google Cloud Vision API for text recognition to extract the text content from your business card photo. More information about Google Cloud Vision API can be found at

The (automatic) structuring of the recognized text content (e.g. the assignment of a sequence of digits as telephone or fax number) takes place on our server.

The photo of the business card as well as the corresponding contact data are also stored on our server. The data remains here until it is deleted by the user of the app or until we are requested by the user to delete it or until this data has to be deleted after the end of the contractual relationship.

When storing, processing and using the personal data of third parties which you process by means of our app, you must ensure that you are authorised for this processing. When you use the app you warrant that you have all the necessary authorisations to process this data.

3. When you download the mobile app the required information is transferred to the App Store, in particular the username, e-mail address and customer number of your account, time of download, payment information and the individual device code number. We have no influence on this data collection and are not responsible for it. We only process the data to the extent necessary for downloading the mobile app to your mobile device. You can also download this mobile app directly to your mobile device free of charge via our website. When you implement the download, further user data is processed via the website, which we inform you about in the privacy statement of our website .

4. When you use the mobile app we collect the personal data described below in order to enable convenient use of the functions. If you would like to use our mobile app we will collect the following data, which is technically necessary for us to offer you the functions of our mobile app and to guarantee its stability and security:

  • IP address (anonymised)
  • date and time of the request
  • time zone difference to Greenwich Mean Time (GMT)
  • content of the request (actual page)
  • access status/HTTP status code
  • ata volume transmitted
  • website from which the request comes
  • browser
  • operating system
  • language and version of the browser software.

5. We may also process the following data: your device identification, a unique number of the device (IMEI = International Mobile Equipment Identity), the unique number of the network subscriber (IMSI = International Mobile Subscriber Identity), the mobile phone number (MSISDN), the MAC address for Wi-Fi use, the name of your mobile device, your e-mail address. There is no analysis or evaluation of the use of the app (e.g. which functions are used how often or for how long).

6. App permissions

In order to be able to use all app functions, the app needs the following permissions:

  • Camera (for scanning / taking pictures of business cards)
  • Storage (to allow you to manually access the photos you have taken)

7. The legal basis for the data processing in accordance with Clauses 2 and 3 6 Section 1 b) GDPR.

8. The mobile app does not use cookies.

V. Order processing contract

The use of the mobile app requires the conclusion of an order processing contract in accordance with Art. 28 GDPR. You are the customer, we are the service provider. The subject of the contract is the IT-based data processing of business card information. The business card information is the personal data of third parties which you process and use for your own purposes. We support your company by means of our digital application, which enables you to capture the data digitally and to use it for your work. Concerning the contents of the order processing contract and its agreement, please refer to Section 7.4 of the terms of use. The contract can be accessed via a link during the registration process and will be stored in your user area after a successful registration.

VI. Processing of business card information / responsibility of the user

1. The data contained on the business cards is the personal data of the business card owner. We process the data contained on the business cards scanned by you exclusively for the purpose of the execution of the contractual relationship with you for the use of the app. We refer to our corresponding terms of use. We do not process this data for our own purposes, nor do we pass it on to subcontractors other than those specified in Annexe 2 of the contract processing agreement. The data can only be viewed by you or the authorised persons in your user profile and can only be exported by yourself. We have programmed our application in such a way that we cannot view this data. You must therefore ensure that you are authorised to process the data of third parties, e.g. because a pre-contractual obligation exists with the business card owners in accordance with Art. 6 Section 1 b), or because they have consented to the processing of the data.

2. Our mobile app includes the possibility to request the business card holders to give their consent, which can be retrieved within the mobile app for documentation purposes.

3. If you wish to delete individual or all personal data of third parties processed by you (business card information), you can do this yourself within the mobile app. If you have any questions, please do not hesitate to contact us.

4. Third-party data (scanned business cards) processed via the mobile app can be exported via the backend, e.g. to your CRM. Once the business card data records have been exported, we no longer have any influence on these data, as this data is then outside the mobile app. It is solely up to you to check and assess whether you are entitled to this internal or external processing in the form of transferring the data, e.g. to your CRM system. In particular, attention is drawn to the consequences of an infringement arising from Section 7.3 of the terms of use.

5. It is possible to provide third parties with access to the contact information stored by you for an event by sending a so-called "event code". You are obliged to make use of this option only if this third party is an employee of your company who is directly subject to the order processing contract (see Section V. of these instructions).

We are not obliged to check whether this disclosure of data is permissible in relation to the data subject; this is your sole responsibility.

VII. Duration of data storage

We process your data as well as the personal data of third parties processed by you (contact information) for as long as this is necessary to carry out the contractual relationship with you (use of the app), or until we receive instructions from you to delete it. In the event that there is no contractual relationship with you, we will delete the data immediately after the respective processing purpose has ceased to apply and provided we are not obliged to store the data. The information relating to the duration of storage of individual processing operations in these instructions takes priority over general information on the duration of storage.

VIII. Legal basis

If no separate basis for authorisation has been stated in these instructions for processing operations, the following will apply:

If we obtain your consent for the processing of personal data, this will serve as a legal basis in accordance with Article 6 Section 1 a) GDPR.

When processing personal data which is necessary for the fulfilment of a contract with you (e.g. use of our app), in accordance with Art. 6 Section 1 b) GDPR, the contract is the legal basis for any data processing which is necessary for the execution of the contract. Art. 6 Section 1 b) GDPR also applies to processing operations that are necessary for the implementation of pre-contractual measures, for example in cases of enquiries about our products or services.

If we are subject to a legal obligation requiring the processing of personal data, such as for the fulfilment of tax obligations, the processing is based on Art. 6 Section 1 c) GDPR.

Data processing may also be based on Art. 6 Section 1 f) GDPR, i.e. if we have come to the conclusion on the basis of a weighing of interests that the processing is necessary to safeguard our legitimate interests and does not outweigh your interests or fundamental rights and freedoms that require the protection of personal data.

IX. Your rights

1. You can request information about what data is stored about you.

2. You can request the correction, deletion and restriction of the processing (blocking) of your personal data as long as this is legally permissible and possible within the framework of an existing contractual relationship.

3. You have the right to lodge a complaint with a supervisory authority. The supervisory authority responsible for us is: Der Sächsische Datenschutzbeauftragte, Devrientstraße 5, 01067 Dresden; postal address: Postfach 11 01 32, 01330 Dresden.

4. You have the right to the transferability of the data which you have provided to us on the basis of a consent or a contract (data transferability).

5. If you have given us your consent to data processing, you can revoke it at any time in the same way as you provided it. The revocation of your consent does not affect the legality of the processing carried out on the basis of your consent until you revoke your consent.

6. If the data processing is carried out on the basis of our legitimate interests or is necessary for the performance of a public task, you can object to the data processing for reasons arising from your particular situation.

7. If we process your data in order to carry out direct advertising, you can object to this advertising at any time with effect for the future.

In order to exercise your rights, it is sufficient to send a letter by post to the contact information given under Section I of these instructions.