Privacy Policy

Privacy Policy

The Zukunft – Umwelt – Gesellschaft (ZUG) gGmbH takes the protection of personal data very seriously. For users to be able to use our website fully, it is necessary to collect certain information when they visit our website. With this privacy policy statement, we are informing users about which data we collect, how we use that data and about their rights as users of our website.

I. Controller pursuant to General Data Protection Regulation (GDPR)

Zukunft – Umwelt – Gesellschaft gGmbH
Stresemannstr. 69-71
10963 Berlin
Phone: +49 30 72618 0000
Fax: +49 30 72618 0099
Email: kontakt(at)

II. Name and contact details of data protection officer

For any questions or information on data protection, please contact the data protection officer at Zukunft – Umwelt – Gesellschaft (ZUG) gGmbH:

Zukunft – Umwelt – Gesellschaft (ZUG) gGmbH
Data Protection Officer
Stresemannstr. 69-71
10963 Berlin
Email: datenschutz(at)

III. Which information is collected and for what purpose?

1. Collection of general data and information (log files)

For each visit made to our website by a data subject or an automated system, a number of general pieces of information and data are collected. This general data and information are stored in the log files on the server. Data and information collected can include the following:

  • Types of browsers used and versions
  • Operating system used by the accessing system
  • Web page from which an accessing system ends up on our website (known as the ‘referer’)
  • Child web pages targeted on our website by an accessing system
  • Date and time that the website was accessed
  • Internet protocol (IP) address in an anonymised format (truncated by last octet)
  • Internet service provider of the accessing system
  • Other similar kinds of data and information that are used to avert hazards in the event of attacks on our information technology systems

When utilising these general kinds of information and data, ZUG draws no inferences about the data subject. Instead, this information is required for the following purposes:

  • Ensuring the correct delivery of content from our website
  • Optimising our website content and marketing for this content
  • Ensuring the long-term functional capability of our information technology systems and the systems used to operate our website
  • In the event of a cyber-attack, providing law enforcement agencies with the information necessary to investigate the crime

This anonymously collected data and information is therefore used by ZUG to prepare statistical analyses, and also analysed with the aim of increasing the level of data protection and data security in our company, so as, ultimately, to guarantee an optimum level of protection for the personal data that we process.

For these stated purposes, we have a legitimate interest in data processing, with the legal basis being point (f) of art. 6(1) of the GDPR.

The anonymous data obtained from the server log files is stored separately from all of the personal data as provided by a data subject. At the end of the respective browser session, log files are erased after no later than seven days, except in cases where their further storage is required for the purposes as given above.

2. Filling out forms with personal data

Some information offers on our website provide the option of filling out forms with personal data.

Users are free to decide whether they wish to submit this data. Only the data needed to deliver the requested service is asked of users. Data is treated as confidential and is only used for the purpose for which it was requested.

If the storage of personal data is required to provide a certain service, the data is only stored for the time period necessary to handle the request or to fulfil the offer or task of the Zukunft – Umwelt – Gesellschaft (ZUG) gGmbH for which the data was requested.

Once users unsubscribe to such a service or it is terminated, personal data is irretrievably deleted after a maximum of 6 weeks. 

3. Links to websites of other providers

Our website contains links to websites of other providers. We would like to expressly point out that these websites process personal data in accordance with their own privacy policies. The Zukunft – Umwelt – Gesellschaft (ZUG) gGmbH has no influence on the compliance of other providers with data protection regulations.

4. Photos for press and public relations work

In connection with our press and public relations work, during events and meetings photos will be taken in which you may be identifiable. You may object to such photos being taken and/or published. Please use the contact details above for such objections.

5. Online meetings, conference calls and webinars

For handling conference calls, online meetings, video conferences and/or webinars (hereinafter: ‘online meetings’), we use the conferencing and collaboration solutions Zoom and Webex. Zoom is a service provided by Zoom Video Communications, Inc. and Webex is a service provided by Cisco Systems, Inc. Both companies are based in the USA. We also use Slido (part of Webex) for conducting surveys in online meetings using both solutions. Slido is a service provided by s. r. o., which is based in Slovakia and is part of the Cisco Systems, Inc. Group.

Types of data

Various types of data are processed when conducting online meetings. The scope of this data also depends on the kinds of data and information that you share before or during an online meeting.

The following items of personal data form part of processing:

  • user information: first name, last name, phone (optional), email address, password (if you are not using single sign-on), profile picture (optional), department (optional), login credentials
  • Meeting metadata: topic, description (optional), participant IP addresses, device/hardware information
  • For recordings (optional): MP4 file with all video, audio and presentation recordings, M4A file with all audio recordings, text file with the online meeting chat.
  • If using a phone line for access: details of the incoming/outgoing phone number, country name, start/finish time. Other connection data such as the device IP address may also be stored.
  • Text, audio and video data: in an online meeting, you may be given the opportunity to chat, ask questions or utilise survey/poll functions. In this case, the text input you enter will be processed to display this in the online meeting and it may also be logged. To be able to display video and play audio in the meeting, data from your device’s microphone and from a camera provided by your device will also be correspondingly processed for the duration of the meeting. You can of course use the Zoom or Webex apps to turn off your camera or mute your microphone at any time during the meeting.
  • Survey results: results that are obtained from surveys conducted using Slido.
  • Q&A results: responses to questions obtained using Slido.

To participate in an online meeting – i.e. to enter the virtual meeting room – you must at least state your name.

Scope of processing

We use Zoom and Webex to conduct online meetings. If we want to record online meetings, then we will make sure you are fully informed of this beforehand and ask for your consent if required to do so. The respective app being used also lets you know when meetings are being recorded.

We will also log the chat history if this is necessary in order to keep a record of the events that occurred during an online meeting. Typically, however, this will not be necessary. We will also ensure you are fully informed of this beforehand.

In the case of webinars, we may also process the questions asked by webinar participants for the purposes of record-keeping and webinar follow-up work.

We also use Slido in conjunction with Webex and Zoom. This allows us to make our meetings more interactive by including surveys and Q&As in the meetings. This means that the surveys and Q&As can be conducted in real time.

Automated decision-making in the sense defined by article 22 of the GDPR is not utilised.

For further details of the handling of personal data here, please consult the privacy policies as provided by the data processors:

Cisco (Webex)



Legal basis

Where personal data from employees of Zukunft – Umwelt – Gesellschaft (ZUG) gGmbH is processed, the legal basis of data processing is point (b) of art. 6(1) of the GDPR. If personal data, when considered in conjunction with the use of Zoom, Webex or Slido, is not necessary for justifying, conducting or terminating an employment relationship but nonetheless forms an elementary part of using Zoom, Webex or Slido, then point (f) of art. 6(1) of the GDPR forms the legal basis of data processing. Our interest in these cases consists of the effective hosting of online meetings and improving opportunities for direct interaction with participants.

In cases where online meetings are conducted in the context of contractual relationships, the legal basis for data processing when hosting these meetings is formed by point (b) of art. 6(1) of the GDPR.

If no contractual relationship exists, then the legal basis is formed by point (f) of art. 6(1) of the GDPR. Our interest in this case also consists of the effective hosting of online meetings.

If you have given your consent to the recording of video and audio from meetings, then the legal basis for this processing is your consent pursuant to point (a) of art. 6(1) of the GDPR.

Sharing data with third parties

Personal data processed in conjunction with participation in online meetings is not shared with third parties as a general rule unless this data is explicitly intended to be shared in this way. Please note that, as with face-to-face conference-style meetings, online meeting content is often deliberately designed to communicate information to (potential) customers or third parties and is therefore explicitly intended to be shared.

Data is necessarily shared with the providers Zoom Video Communications, Inc., Cisco Systems, Inc. and s. r. o. in cases where this sharing is envisaged by our commissioned data processing contracts.

Data processing outside the European Union

Zoom and Webex are services that are provided by US-based companies. Accordingly, this involves the processing of personal data in a third country.

Zoom Video Communications, Inc. and Cisco Systems, Inc. have been verified under the Data Privacy Framework. Accordingly, an adequacy assessment pursuant to art. 45 of the GDPR is available for third-country transfers. In addition, a commissioned data processing contract, including standard data protection clauses, has been concluded with both companies. As a result, an appropriate safeguard pursuant to art. 46(1) and point (c) of art. 46(2) of the GDPR is provided for. To provide an additional level of protection, we have configured our systems so as to ensure that our online meetings are hosted only using data centres based in the EU/the EEA. s. r. o. is part of the Cisco Systems, Inc group of companies. Accordingly, use of Slido may necessarily include the transfer of personal data to the USA. Data transfers to the USA are covered by the arrangements for Cisco Systems, Inc. as mentioned above.

Erasure of data

As a rule, we erase personal data when there is no longer any requirement to keep storing this data. Such a requirement may exist if the data is still required in order to render contractual performance, to verify claims made under a warranty or a guarantee, or to honour or to defend ourselves against such claims. In the case of legal data retention obligations, erasure is possible only after the expiry of the applicable retention period.

IV. How do we protect children and young people (protection of minors)?

Persons under the age of 18 should not submit personal information to us without the consent of their parent or legal guardian. We do not request personal data from children or young people without the consent of their parents or legal guardian. We do not knowingly collect such data, and we do not pass it on to third parties.

V. Why do we store personal data?

Generally, submitting personal data is not required when using our website. If we store personal data on our website, it is only done with the users’ consent, which can be withdrawn at any time.

In any other case, we only process personal data when legally required to do so (pursuant to Article 6 (1) (c) GDPR), when processing is necessary for performing the tasks of the Zukunft – Umwelt – Gesellschaft (ZUG) gGmbH, when it is in the public interest or in the exercise of official authority (pursuant to Article 6 (1) (e) GDPR in conjunction with Article 3 of the Federal Data Protection Act (BDSG).

VI. Who do we pass data on to?

We operate our website in cooperation with external service providers. Where personal data is processed (for example, for sending newsletters or processing publication orders), we have put in place organisational and technical measures to ensure that our external service providers comply with data protection regulations.

Unless otherwise specified, data stored by our website is processed by our main service provider VDI/VDE Innovation + Technik GmbH, which is located in the Federal Republic of Germany. If personal data is passed on to third parties, the respective page is labelled accordingly.

VII. What are the rights of users of our website?

With regard to the processing of personal data, visitors of the website of the Zukunft – Umwelt – Gesellschaft (ZUG) gGmbH enjoy the rights stipulated in Articles 12 to 22 GDPR:

  • Right of access pursuant to Article 15 GDPR
    This right grants full access to relevant personal data and other important criteria such as purposes of processing or storage period. The exemptions specified in Article 34 BDSG apply.
  • Right to rectification pursuant to Article 16 GDPR
    This right gives users the possibility to rectify inaccurate personal data concerning them.
  • Right to erasure pursuant to Article 17 GDPR
    This right gives users the possibility to have data deleted. For data to be deleted, it is necessary that the personal data is no longer required, was unlawfully processed or that the consent has been withdrawn. The exemptions specified in Article 35 BDSG apply.
  • Right to restriction of processing pursuant to Article 18 GDPR
    This right gives users the possibility to provisionally prevent further processing of the relevant personal data. This applies, in particular, in a review phase of the user establishing, exercising or defending other legal claims.
  • Right to data portability pursuant to Article 20 GDPR
    This provision gives users the right to obtain relevant personal data in a commonly used, machine-readable format, for example pdf, from the controller in order to pass it on to other controllers where necessary.
  • Right to object pursuant to Article 21 GDPR
    This right provides users with the possibility to object, on grounds relating to their particular situation, to processing relevant personal data where this is justified with a view to performing public tasks or lies in the public or private interest. Pursuant to Article 36 BDSG, this provision does not apply where an official authority is legally obligated to process the data.
  • Right to withdraw consent pursuant to Article 7 (3) GDPR
    Users have the right to withdraw their consent for the future at any time. An option to withdraw consent is available to users on the website where the consent was given before.

Exercising these rights is free of charge and is provided in line with the user’s information rights. For more information, please contact the data protection officer at Zukunft – Umwelt – Gesellschaft (ZUG) gGmbH.

VIII. Right to submit complaints to supervisory authority

In cases where the Zukunft – Umwelt – Gesellschaft (ZUG) gGmbH processes personal data, users have the right to lodge a complaint with the supervisory authority for data protection. The competent supervisory authority is:

Der Bundesbeauftragte für den Datenschutz und die Informationsfreiheit
Husarenstraße 30
53117 Bonn
Phone: +49 0228 99 7799-0
Email: poststelle(at)

More information