Privacy Statement

Deutsche Bank Data Privacy Statement 2024

Please read this privacy statement as it sets out how and why personal information is processed, the privacy statement aims to make you aware of how Deutsche Bank (DB) uses your personal data as well as explaining certain legal rights that you may have in respect of your personal information under certain data protection laws.

Why is your data collected?

DB uses the information about you, to the extend lawful and appropriate, for the following purposes:

1. to register attendance at an event organized and hosted by DB or its partners on behalf of DB.
2. business operations including for regulatory compliance and risk management purposes.
3. For marketing and analysis purposes

What types of data do we collect?

DB collects on the necessary and relevant information as allowed by data protection laws. The amount of information collected about you will vary depending on the type of DB event you attend but, for example, this may include the following:

• Full Name
• Company Name
• Job title
• Country of residence
• Dietary requirements

Who do we share your personal information with and where is it stored?

The personal information that you provide when registering for an event will be shared with our third-party provider Eventogy, who are responsible for hosting this registration page and website. By registering your attendance, you will be required to provide your personal data and agree to Eventogy’s use of the data. The data you provide will be processed and stored by Eventogy in the United Kingdom. For more information, please review Eventogy’s privacy statement on their website.

How long do we keep your personal information for?

Your personal information will be retained in line with DB’s retention policy, this means data will be held for 1 year. Eventogy retain your personal data for a period of 6 months after which it is deleted. If you have provided us with information relating to your dietary requirement this information will be automatically deleted 24 hours after the event has occurred and will no longer be kept on Eventogy or DB’s records.

What legal ground is my data processed?

We need your personal information, because it is necessary in DB legitimate interests as the administrator/organizer of the event, but only in circumstances where these interests are not outweighed by the need to protect your privacy.

If DB cannot lawfully handle your personal information on this or other permitted grounds under data protection laws, it may need to rely on having your consent to be able to do so.

Will DB transfer my personal data overseas?

Due to the global nature of DB’s business operations, where lawful and to the extent appropriate, your personal data may be transferred across international borders to other DB entities or our third-party software providers such as Eventogy.

What rights do I have regarding my personal information?

Subject to certain exceptions and limitations you have various legal rights in relation to your personal data, you have the right to ask DB to:

1. provide a copy of your personal data (subject to the privacy rights of other people), as well as the type of information provided in this Privacy Notice;
   
2. correct any inaccuracies in your personal data or add any missing information where the data is incomplete, including by supplying a supplementary statement;
   
3. modify or withdraw your consent for the collection, use and disclosure of your personal data (see section 5 above);
   
4. delete your personal data where there is no lawful justification for DB to retain it; and
   
5. put the processing of your data on hold until DB responds to a claim by you that the data is inaccurate or that DB’s legitimate interests in processing it is outweighed by your interests in the data not being processed; and (6) transfer your personal data to you or another company in a commonly used electronic format (known as the right to data portability).

Who is responsible for handling your personal data and who can I contact for more information?

DB Group is responsible for handling your personal data (DB Group under data protection laws is known as the “data controller” of your personal data).

If you wish to make a complaint or exercise your data privacy rights, you may contact Group Data Privacy via the email address: gdp@list.db.com

As a data subject, you can send an informal message to the Global Data Privacy Office if you have any data privacy related questions. To find out more about how Deutsche Bank process your personal information please review our privacy policy.