Data Protection

Privacy Policy

Last updated: 26.05.2026
We are delighted that you are interested in our conference, the European Geothermal Workshop 2026 (EGW 2026) (hereinafter "the Event"). Data protection and information security are of utmost importance to us. This Privacy Policy explains how we collect, process, and use your personal data in connection with the organization of the Event, particularly when you use our website and the integrated conference management system.

1. Controller

The controller responsible for the processing of your personal data in accordance with the EU General Data Protection Regulation (GDPR) is:

Technische Universität Darmstadt Fachgebiet Angewandte Geowissenschaften Schnittspahnstraße 9 64287 Darmstadt Email: seib@geo.tu-darmstadt.de Website: https://www.geo.tu-darmstadt.de

Data Protection Officer: You can reach our official Data Protection Officer at: datenschutz@tu-darmstadt.de, Tel. 06151 16 27063.

2. Hosting and Conference Management Software (Converia)

To manage registration, abstract submission, invoicing, and participant communication, we use the conference management software Converia, operated by:

Converia GmbH Friedrich-Ebert-Straße 61 99096 Erfurt, Germany Website: https://www.converia.de

We have concluded a Data Processing Agreement (Auftragsverarbeitungsvertrag – AVV) with Converia GmbH in accordance with Art. 28 GDPR. This ensures that Converia processes your data strictly according to our instructions, securely, and exclusively on servers located within the European Union (Germany).

3. Data Processing Activities

A. Website Visit & Server Log Files

When you visit our website, the browser on your device automatically sends information to the server of our website. This information is temporarily stored in a so-called server log file. This includes:

IP address of the requesting device
Date and time of access
Name and URL of the retrieved file
Website from which access is made (referrer URL)
Browser used and, if applicable, the operating system of your device

Purpose: To ensure a smooth connection establishment, comfortable use of our website, and system security.
Legal Basis: Art. 6 (1) (a) GDPR (Consent).
Storage Period: These data are deleted automatically after 14 days.

B. Participant Registration & Account Creation

To register for the Event, you must create a user account in the Converia system. We collect the following mandatory data:

Name (First name, Last name, Title)
Institution / Organization / Company
Billing and postal address
Email address
Participant status (e.g., Regular, Student, Member)

Purpose: Processing your registration, managing participation, issuing tickets, and preparing name badges.
Legal Basis: Art. 6 (1) (b) GDPR (Performance of a Contract / Pre-contractual measures).
Storage Period: We store this data until the organization of the event is fully completed and statutory retention periods (under German tax and commercial law, usually 10 years for invoicing data) have expired.

C. Abstract Submission & Reviewing

If you submit an abstract or a paper for the conference via Converia, we process:

Author and co-author names and affiliations
Title and content of the submission
Reviewer scores and comments

Purpose: Evaluation, selection, and publication of scientific/professional contributions in the conference program.
Legal Basis: Art. 6 (1) (b) GDPR (Performance of a Contract).

D. Payment Processing

To process the participation fee, we offer the following payment methods via the Converia system: credit card, PayPal, and bank transfer. When you select a payment method, the payment data required for the transaction (e.g., name, billing address, transaction amount and, where applicable, card or account data) is transmitted directly to the respective payment service provider. We do not store full credit card details on our own servers.

The payment service provider acts as an independent controller for the payment transaction within the meaning of Art. 4 (7) GDPR and processes your data under its own privacy policy. The provider(s) used for this Event:

PayPal: PayPal (Europe) S.à r.l. et Cie, S.C.A., 22-24 Boulevard Royal, L-2449 Luxembourg. Privacy policy: https://www.paypal.com/de/webapps/mpp/ua/privacy-full
Credit card processing: secupay AG, Goethestraße 6, 01896 Pulsnitz, Germany. Privacy policy: https://www.secupay.com/datenschutz

Insofar as a payment service provider transfers data to a third country outside the EU/EEA, this is done on the basis of the European Commission’s Standard Contractual Clauses or an adequacy decision pursuant to Art. 44 et seq. GDPR.

Legal Basis: Art. 6 (1) (b) GDPR.
Storage Period: Payment and transaction records relevant for accounting are retained for the statutory retention periods under German tax and commercial law (generally 10 years).

E. Photos and Video Recording

During the conference, photographs and/or video recordings may be taken. These recordings may be used for documentation and public relations purposes (e.g., publication on our website, social media, or in print reports).

Legal Basis: Art. 6 (1) (a) GDPR (Consent).
Right to Object: If you do not wish to be photographed, please inform the photographers on-site or contact the registration desk.

4. Disclosure of Data to Third Parties

Your personal data will not be transferred to third parties for purposes other than those listed below. We only share your data if:

You have given explicit consent (Art. 6 (1) (a) GDPR).
It is necessary for the fulfillment of the contract with you (Art. 6 (1) (b) GDPR) – for example, sharing your name with the conference hotel or catering service for dietary requirements, if explicitly booked.
There is a legal obligation to do so (Art. 6 (1) (c) GDPR).

5. Cookies

Our website and the Converia platform use cookies. These are small text files stored on your device.

Technical Cookies: These are strictly necessary to provide the functionalities of the conference management system (e.g., keeping you logged into your Converia account, managing your shopping cart). Legal basis: Art. 6 (1) (a) GDPR.

Analytical Cookies: We only use tracking or analytical cookies if you have given your explicit consent via our cookie banner. Legal basis: Art. 6 (1) (a) GDPR.

6. Your Rights as a Data Subject

Under the GDPR, you have the following rights regarding your personal data:

Right of access to the personal data we hold about you (Art. 15 GDPR);
Right to rectification of inaccurate or incomplete data (Art. 16 GDPR);
Right to erasure (Art. 17 GDPR), unless statutory retention obligations apply;
Right to restriction of processing (Art. 18 GDPR);
Right to data portability (Art. 20 GDPR);
Right to object to processing based on Art. 6 (1) (f) GDPR for reasons arising from your particular situation (Art. 21 GDPR).

To exercise these rights, please contact us at seib@geo.tu-darmstadt.de. Providing the mandatory data marked above is necessary to register for and participate in the Event; without it, registration cannot be processed.

7. Right to Lodge a Complaint with a Supervisory Authority

Without prejudice to any other remedy, you have the right to lodge a complaint with a data protection supervisory authority (Art. 77 GDPR). The authority responsible for Technische Universität Darmstadt is:

Der Hessische Beauftragte für Datenschutz und Informationsfreiheit Postfach 3163 65021 Wiesbaden, Germany Website: https://datenschutz.hessen.de Tel. 0611 1408-0

8. Withdrawal of Consent

Where processing is based on your consent (Art. 6 (1) (a) GDPR) – for example for close-up photographs or analytical cookies – you may withdraw your consent at any time with effect for the future. The withdrawal does not affect the lawfulness of processing carried out before the withdrawal. For analytical cookies, you can adjust your choice at any time via the cookie banner.