Data Privacy Statement

This English translation of the German original is a courtesy translation. Only the German version is binding and shall prevail.

1. General

Protecting your personal data during its collection, processing, and use while you visit our website is an important matter to us. We handle your personal data confidentially and according to the legal data protection regulations as well as according to this data privacy statement.

Responsible party
TrendSet GmbH
Ismaninger Straße 63
81675 Munich, Germany
Represented by managing director Tatjana Pannier
+49 (0)89 4622465-0
Trade registry no.: HRB Munich 142512
Registered with the local court of Munich (AG Munich) with main office in Munich
VAT ID number: DE 221511099

Visiting the Homepage (Website)

You can visit our homepage (website) without registering yourself or providing personal details.

2.1 Log files

With every access of a user on the website and with each access of a file, data concerning these events are automatically collected and stored in a log file. In detail, the following data are stored about each access:

  • Name of the accessed file.
  • Date and time of the access.
  • Amount of data transferred.
  • Notification of whether the access was successful.
  • Description of the type of web browser used.
  • Requested domain.
  • IP address of the requesting system. (Because of legal regulations, IP addresses are stored in an anonymised format. The last part of the IP address is exchanged.)

The recorded data will not be pooled together with other data sources, in particular data which permits an association with a particular person.

The legal basis for collecting this data is Article 6 Section 1 Letter f of the General Data Protection Regulation (GDPR) (our overriding legitimate interest). We cannot offer you an opportunity to object to this collection, as the server protocol is essential to ensure the availability of this website and in the event of attacks on the website. The data from the server log is automatically deleted after seven days.

2.2 WP Statistics

We use the WordPress Analysis plugin “WP Statistics“ ( on our website. The analysis tool creates statistics on the general use of our website using anonymous data. The log files and actions that website visitors have taken on the site (e.g. clicks and views) are also recorded. We use WP Statistics with an anonymised IP address. Your IP address will be shortened so that it can no longer be assigned to you personally. We store data collected with WP Statistics on our web server.

The legal basis for our use of this plugin is Article 6 Section 1 Letter f of the GDPR. Our legitimate interest lies in the optimisation through the anonymous evaluation of user behaviour and the economic operation of our website. No user profiles are created and no cookies are set or required. Further information can be found in the data privacy declarations of WP Statistics:

2.3 Cookies

2.3.1 YouTube

We use the PlugIn WP YouTube Lyte to display the preview images of YouTube videos embedded on our website. This means that no personal data is transmitted to YouTube by calling up the corresponding trendset websites, as we keep the preview images of the embedded videos locally on our web server.

Only when you reload or play the video by clicking on the preview image will your IP address be transmitted to YouTube (Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland). In doing so, it cannot be ruled out that your IP address is (also) transmitted to the parent company, namely YouTube LLC, 901 Cherry Ave. San Bruno, CA 94066 with headquarters in the USA.

In order to enable you to view the videos we embed in the most data-saving way possible, we use the WordPress plugin YouTube Lyte. This has the effect that YouTube does not collect any information about visitors to the website before they watch the videos (actively click on them). Only then may further information, such as the page on which the video was clicked and their IP address, be transmitted to YouTube.

Please note: if you are logged into YouTube during this time, it is possible that YouTube will assign this information to your user profile there. If you do not want this to happen, we recommend that you (temporarily) log out of YouTube.

We would also like to point out that by playing a video, further processing of personal data by YouTube may be initiated, over which we have no control.

The legal basis for the use of YouTube is our overriding legitimate interest in an appealing presentation and the rapid retrieval of videos on our websites. Due to the tools used, we ensure a largely data-saving transmission of personal data to YouTube in order to protect your data protection rights.

Further information on how YouTube processes your personal data can be found at

2.3.2 Google Maps

This website uses Google Maps API, a mapping service of Google Ireland Limited (Google), Gordon House, Barrow Street, Dublin 4, Ireland, to display an interactive map and to create directions. When you use Google Maps, information about your use of this website and data about the use of the Maps functions are collected, processed, and used by Google.

To use the functions of Google Maps, it is necessary that your IP address be saved. This information is usually transferred to a Google server in the USA and stored there. We ourselves have no influence on this data transmission. If Google Maps is activated, Google may use Google Web Fonts for the purpose of the uniform display of fonts. When accessing Google Maps, your browser loads the required web fonts into its browser cache in order to display texts and fonts correctly.

The use of Google Maps is based on your corresponding consent, Article 6 Section 1 Letter a of the GDPR and Article 25 Section 1 of the TTDSG (Telecommunications and Telemedia Data Protection Act), insofar as the consent includes the storage of cookies or access to information in the user’s terminal device (e.g. device fingerprinting) within the meaning of the TTDSG. The consent can be revoked at any time.

Data transfer to the USA is based on the standard contractual clauses of the EU Commission. Details can be found here: und

Further information about data processing by Google can be found in Google’s privacy policy  (

2.4 Auxiliary programs, active contents

Java Applets, Active-X-Controls and Java-Script are used to provide this Internet offer. If, for security reasons, you do not wish to use these auxiliary programs or active contents, you should deactivate the corresponding setting in your browser. Please note that after deactivation, not all functions offered by us on this website may work.

3. Use of personal data you make available to us

Personal data such as your name, your address, telephone number, or electronic mail address are not collected unless you provide this data voluntarily.

We call your attention to the fact that transferring data in the Internet (for example, during communication by electronic mail) is subject to security breaches. It is not possible to completely protect such data against access by third parties.

However, TrendSet GmbH takes all necessary precautions — to the extent technically possible — to protect your data to protect it from misuse from outside. In the process, measures such as encryption, firewalls, hacker defence programs, and manual security precautions are used. For exhibitor administration and the shop, the user also needs a personal password

3.1 Inquiries and contracts

If you have provided us with personal data, we will use it exclusively for the purpose of technical administration of our websites and to fulfil your wishes and requirements, in particular to process an order in the ticket shop or to process your request.

If you send us enquiries via the contact form, your details from the contact form, including the contact details you provide there, will be stored by us for the purpose of processing your request. We will store your personal data until your enquiry has been dealt with or you request the deletion of your personal data, provided that this does not conflict with statutory retention periods.

Your personal data will not be passed on, sold or otherwise transferred to third parties unless

  • this is necessary for the purpose of contract fulfilment
  • this is necessary for billing purposes;
  • you have previously expressly consented to the transfer of your data.

The legal basis is Art. 6 para. 1 letter b GDPR (fulfilment of contract) or Art. 6 para. 1 letter a GDPR (consent). You can revoke your consent given to us at any time by sending a message to Any processing of your personal data that has taken place prior to your revocation remains unaffected by this.

We process your personal data until the purpose for which it was collected ceases to apply or until you withdraw your consent given to us, provided that this does not conflict with statutory retention periods. See section 5 of this privacy policy.

3.2 Registration as a visitor to the trade fair

Users may register as visitors to a trade fair in order to gain access to the ticket shop and register additional persons for whom they wish to order tickets.

We send registered visitors necessary information about visiting the trade fair by electronic mail and, for example, notify visitors of the start of ticket sales if these sales had not yet started at the time of registration. A registered visitor can deactivate the receipt of such information at any time.

The basis of law for this is Article 6 Section 1 Letter b of the General Data Protection Regulation (fulfilment of contract).

3.3 Registration as an exhibitor

Users may register themselves as exhibitors for a trade fair in order to exhibit at the fair and, as a result, to receive an entry in the trade fair catalogue. When the stand is approved, an empty entry is created in the trade fair catalogue on the online platform and initially filled with the exhibitor’s master data. The access data for the login area, with which the publicly available catalogue entry of the exhibitor can be maintained, will be sent to the exhibitor by post. After the exhibitor’s first access to his or her login area, the exhibitor is responsible for maintaining his or her entry.

Out of the login area, an exhibitor can also order technical services and marketing services for the trade fair along with vouchers for visiting the trade fair. The exhibitor can trace in his or her login area which voucher was redeemed by which visitor (company).

The basis of law for this is Article 6 Section 1 Letter b of the General Data Protection Regulation (fulfilment of contract).

3.4 Payment services provider

We integrate payment services from third-party companies on our website to process ticket purchases. Through the payment process as part of the purchase, your payment data (e.g. name, amount, account details, credit card number) will be processed by the respective payment service provider for the purpose of payment processing. The respective contract and data protection provisions of the respective provider apply to these transactions. The legal basis for using the payment service provider is Article 6 Section 1 Letter b of the GDPR (contract processing) and our interest in a payment process that is as smooth and secure as possible (Article 6 Section 1 Letter f of the GDPR). If your consent is requested for certain actions, Article 6 Section 1 Letter a of the GDPR is the legal basis for data processing; consent can be revoked at any time with effect from that day forward.

The privacy policy of the respective payment service provider applies to the payment process. We offer the following payment methods for processing your ticket purchase:

Payment services provider Payment method Remarks on data privacy
Lyoner Straße 9
D-60528 Frankfurt/Main
All offered methods of payment PayOne data protection policy for end customers

Portal for data privacy inquiries to PayOne

Depending on the selection of the payment method/payment service provider, the privacy policy of the respective payment service provider applies to the payment process.

In the course of the payment process, we ourselves receive the personal data that you provided for the creation of the invoice. This data is stored by us for ten years owing to tax law retention obligations.

3.5 Customer Relations Management

We use your personal data to inform you of future trade fairs; for example, by electronic mail or by post. For this purpose, we use your personal data on the basis of your consent given to us (Article 6 Section 1 Letter a of the GDPR) or on the basis of Article 7 Section 3 of the UWG (Unfair Competition Act), insofar as we have received your electronic mail address as part of the conclusion of the contract. We send information on future trade fairs by post on the basis of our legitimate interest in carrying out direct marketing measures pursuant to Article 6 Section 1 Letter f of the GDPR.

Of course, you may object at any time to receiving this information or revoke the consent given to us at any time with effect from that day forward. In these cases, you will then no longer receive corresponding information from us.

So that we can implement your objection or implement the revocation of the consent granted to us, please contact us at the contact details mentioned in Section 1 or make your objection or revocation in our customer portal under “Manage people”.

4. Use of data by third parties

Aside from Google Ireland Limited, we use the following service providers that have access to personal data:

  • Naming and Branding Agency, Brand Consultancy: INCREON GmbH, Robert-Bürkle-Straße 3, 85737 Ismaning
  • Web hosting (subcontractor of INCREON): Hetzner Online GmbH, Industriestr. 25, 1710 Gunzenhausen
  • Engineering office: Oliver Greifenhain, Hartfeldstraße 7, 82291 Mammendorf, Phone number: 08145 9959080
  • PayOne: BS PAYONE GmbH, Lyoner Straße 9, 60528 Frankfurt/Main
  • Data processing at the trade fair: Messe München and service providers of Messe München GmbH, Messegelände München, 81823 München

5. Duration of storage

We delete your data if they are no longer required after processing an inquiry or ending the contract. Excluded from this are data that we have to store for a certain period of time due to legal obligations (e.g. documents that have to be kept under tax law and commercial law) and data that we need to protect legitimate interests, in particular to assert and defend against claims or also for marketing purposes, unless this data was previously deleted or blocked due to a corresponding revocation of your consent or due to your objection.

6. Your rights

You have the following rights if the respective legal requirements are met:

  • You have the right to receive information about the personal data saved about you. (Article 15 GDPR).
  • You have the right to request the correction of incorrect information (Article 16 GDPR).
  • You have the right to request the deletion (Article 17) or restriction of processing (Article 18 GDPR) of data which is no longer required. Insofar as statutory retention obligations exist; e.g., for business correspondence under commercial law and tax law or another statutory exception, data will not be deleted, but only their processing will be restricted.
  • You have the right to data transferability (Article 20 GDPR); that is, the right to request the data you have provided us in a structured, current, and machine-readable format and to transmit this data to another person responsible without our interference; if necessary, you also have the right to request that we transmit the data directly to another person responsible if this is technically feasible.

Right of objection:

To the extent that your personal data is processed on the basis of legitimate interests in accordance with Article 6 Section 1 Letter f of the GDPR, you have the right to object to the processing of your personal data in accordance with Article 21 GDPR, provided that there are grounds for doing so that arise from your particular situation or the objection is directed against direct marketing. In the latter case, you have a general right of objection, which we will implement without specifying a particular situation.

To assert your rights, please contact the address stated under point 1.

If you believe that the processing of your data violates data protection law, you can contact the supervisory authority (Article 77 GDPR). The local and responsible supervisory authority for us is the Bayerische Landesamt für Datenschutzaufsicht, Promenade 27 (Schloss), 91522 Ansbach, Phone: +49 (0) 981 53 1300, Fax: +49 (0) 981 53 98 1300, Electronic mail: