Privacy Policy (HACK’N’TALK by XPLORE)

We are delighted that you have shown interest in HACK’N’TALK by XPLORE (the “Event”). When you register for the Event, we process certain personal data. We handle your personal data in accordance with the General Data Protection Regulation (GDPR) and applicable data protection laws.

This privacy policy explains what data we process, for which purposes, on which legal basis, and which rights you have as a data subject.

1. Controller

The controller within the meaning of the GDPR is:

UnternehmerTUM GmbH

Lichtenbergstr. 6

85748 Garching near Munich, Germany

info@unternehmertum.de

2. Data Protection Officer

The data protection officer of the controller is:

Alexander Stolberg-Stolberg (SVF Lawyers)

Oberanger 30

80331 Munich, Germany

+49 89 210 25 120

stolberg@unternehmertum.de

You may contact the data protection officer at any time with questions regarding data protection.

3. Contact for event-related questions (XPLORE)

For organisational questions about the Event (agenda, venue, registration), you can contact:

XPLORE (UnternehmerTUM)

xplore@unternehmertum.de

(For data protection requests, please use the contacts in Sections 1–2.)

4. Categories of personal data we process

Depending on what you enter during registration and participation, we process in particular:

• Registration data: first name, last name, email address
• Optional registration fields (if applicable): organisation, role/title, other information you provide in free-text fields
• Ticket/order information: registration status, ticket identifier / order reference
• Event participation data: check-in status, attendance lists (if used)
• Technical data: log files and technical information required to provide the website and ticket shop functionality (see Section 6)

(Important: remove any fields here that you do not collect, e.g. gender/country, unless they are actually asked in ERADIANT.)

5. Purposes and legal bases of processing

We process your data for the following purposes:

1. Registration and event administration (sending confirmation, updates, managing participant lists, check-in)

   Legal basis: Art. 6(1)(b) GDPR (performance of a contract / pre-contractual measures)

2. Ensuring technical security and stability of the platform (e.g. protection against attacks, error analysis)

   Legal basis: Art. 6(1)(f) GDPR (legitimate interest)

3. If you actively consent to specific processing (e.g. newsletter opt-in, where applicable)

   Legal basis: Art. 6(1)(a) GDPR (consent)

   You can withdraw consent at any time with effect for the future.

6. Ticketing / event platform (processor)

We use the event management and ticketing platform ERADIANT, provided by:

ECENT GmbH

Zentnerstr. 1

80798 Munich, Germany

ECENT processes personal data on our behalf as a data processor (Art. 28 GDPR).

• ECENT terms and conditions: https://ecent.eu/agb
• ECENT privacy policy: https://ecent.eu/datenschutz

7. Cookies and technical logs

The event website and ticket shop may use technically necessary cookies and similar technologies to enable the ordering/registration process and to provide a secure and stable service. You can prevent cookies via your browser settings; however, disabling cookies may limit functionality.

In addition, server log files may be processed for security and operational purposes (e.g. IP address, date/time of access, browser type, referrer URL).

8. Recipients of personal data

Your personal data is accessed by:

• authorised staff at UnternehmerTUM / XPLORE who need it to organise the Event
• ECENT GmbH as processor (see Section 6)

We do not sell personal data. Further recipients (e.g. service providers) are used only where required and in compliance with legal requirements.

9. Data processing in third countries

If personal data is processed outside the EU/EEA, this will only take place in accordance with the requirements of Art. 44–49 GDPR (e.g. adequacy decision, standard contractual clauses).

10. Storage duration

We store personal data only as long as necessary for the purposes described above and in accordance with statutory retention periods. After expiry, data is deleted or anonymised where applicable.

11. Your rights

You have the following rights under the GDPR (subject to legal limitations):

• access (Art. 15)
• rectification (Art. 16)
• erasure (Art. 17)
• restriction of processing (Art. 18)
• data portability (Art. 20)
• objection to processing based on legitimate interests (Art. 21)
• lodge a complaint with a supervisory authority (Art. 77)

12. Photo and video recordings (event documentation)

During the Event, photographs and/or video recordings may be made for documentation and communication purposes (e.g. website, social media, newsletters, internal communication).

Legal basis: Art. 6(1)(f) GDPR (legitimate interest in documenting and promoting the Event), unless a different legal basis is required in a specific case.

Right to object: You may object to processing of your personal data under Art. 21 GDPR. If you wish to object, please contact: datenschutz@unternehmertum.de

We will then assess and implement the objection as required by law.

Status: 10/03/2026