Information on the collection of personal data in accordance with the EU General Data Protection Regulation (GDPR)

Below you will find an overview of where we collect and process your personal data and your rights under the GDPR.

Names and contact details of the controller

Different companies of the Messe Frankfurt Group are responsible for the various pages, contents, applications or your enquiries. These can be:

  • Messe Frankfurt GmbH
  • Messe Frankfurt Exhibition GmbH
  • Messe Frankfurt Venue GmbH
  • Messe Frankfurt Medien und Service GmbH

- all hereinafter referred to as Messe Frankfurt and can be reached at -

Ludwig-Erhard-Anlage 1
60327 Frankfurt am Main
Telephone: +49 69 75 75 0
Email address:

You can reach our data protection officer at:

Messe Frankfurt GmbH
Data Protection Officer
Ludwig-Erhard-Anlage 1
60327 Frankfurt am Main
Phone: +49 69 75 75 53 35
Email address:

Purposes for which personal data are processed and their legal basis

Cookies & Co.

Messe Frankfurt uses the Usercentrics Consent Management Platform to inform you about cookies and similar technologies on our websites and applications. If necessary, we request and document your consent to the setting of cookies. The legal basis is point (a) of Article 6 (1) GDPR. For this purpose, we process log file data, user agent (device, browser type, browser language, browser version, resolution) and consent data (consent yes/no, timestamp, data scope, data attributes, controllerID, processorID, consentID) via the Consent Management Platform using Javascript.

The data is stored in the European Union. The data is deleted as soon as it is no longer required for the proof of the information provided and consent to the cookies and there are no legal storage obligations to the contrary.
You can permanently prevent the execution of the JavaScript at any time by making the appropriate settings in your browser. However, this would also prevent us from informing you about cookies.
You can access the Consent Management Platform via the following link. Here you can find out about the purpose, duration and recipient of the cookie data and, if you wish, also revoke your consent at any time.

Log files

When you visit our websites, Messe Frankfurt stores the IP address, the time of access, the URL requested and the browser used. Messe Frankfurt uses this data to detect errors in the execution of the pages and to ensure the IT security of websites and applications as well as their availability. The data is deleted after 90 days. The legal basis for this is point (f) of Article 6 (1) GDPR.

Social media

Some of the social media icons merely contain links to Messe Frankfurt's appearances on these platforms, without any data being transmitted by their activation. If we would like to show you content from social media (e.g. Twitter, Facebook) and data could be collected from the social media platforms as a result, we will ask you for your consent in advance (point (a) of Article 6 (1) GDPR). For this purpose, we use the above-mentioned Usercentrics Consent Management Platform, via which you can find out about the cookies and, if you wish, also revoke your consent at any time.

Contact form

The information you provide in the contact form, including your contact details, will only be used by Messe Frankfurt to respond to your enquiry. The legal basis for this is point (a) of Article 6 (1) GDPR. Your data will only be passed on to third parties if this is necessary to answer your question.

Newsletter subscription

If you would like to subscribe to a newsletter on our website, we ask you to provide us with your email address as well as your title and name so that we can politely address you personally. The legal basis for this is point (b) of Article 6 (1) GDPR. By registering, you agree that Messe Frankfurt may analyse the email opening and clicking behaviour and create a usage profile. To ensure that the owner of the email address actually wishes to receive the newsletter, a double opt-in procedure is implemented. You have the right to unsubscribe from the newsletter at any time with effect for the future. To do so, simply use the unsubscribe link in the newsletter.

Messe Login

The Messe Frankfurt Group offers a wide range of digital services. Access to these is via a personal account using the authentication portal Messe Login, as a single sign-on system. To open an account, you need to enter your title, name, e-mail address and country. Depending on the services used, further details may be required. If the use of the Messe Login involves the transfer of data to foreign companies of the Messe Frankfurt Group, we will inform you of this in advance. The legal basis is point (b) of Article 6 (1) GDPR. You can delete your Messe Login at any time, but you will then no longer be able to use the digital services.

Video surveillance

In order to control the flow of traffic/visitors and for security purposes, the exhibition grounds are under video surveillance, which is indicated accordingly at the entrances. There will be no evaluation for other purposes. The state police also have access to the video surveillance for the performance of their sovereign duties. The legal basis is point (f) of Article 6 (1) GDPR.

Recipients of personal data

Only those recipients that have a compelling need to access your data in accordance with the above-mentioned purposes will be granted access to it. In this context, order processors and other service providers used by us may also receive data. These are companies in the category of IT services, call centre services and telecommunications. We have concluded the legally required contractual regulations with them in accordance with Article 28 GDPR, on purpose limitation, confidentiality and, where necessary, secrecy. Beyond this, we only pass on data if regulations permit or require this or you have consented to this.

Transfer to third country

Depending on your use of Messe Login and the social media platforms, data may be transmitted to recipients in third countries. However, as mentioned above, we will inform you of this in advance. In the context of remote maintenance of standard IT components, it cannot be ruled out in individual cases that an IT service provider from a third country may, in rare cases and to a limited extent, gain access to personal data for troubleshooting purposes. However, data will only be transferred if the third country has been confirmed by the EU Commission as having an adequate level of data protection or has concluded EU standard contractual clauses.

Automated decision-making & Profiling

We do not use automated decision-making or profiling for the listed processing purposes.

Your rights under GDPR

With regard to the personal data concerning you, you have the following rights under the GDPR.

You have the right to obtain confirmation as to whether or not your data are being processed and about how we collect, process and store this data, Article 15 GDPR.

You can demand the rectification of inaccurate data or completion of incorrect or incomplete data, Article 16 GDPR.

According to Article 17 of the GDPR, you have the right to demand the erasure of data, e.g. if the data is no longer required or is being processed unlawfully, if you have withdrawn your consent or declared an objection to the processing. Under certain circumstances, erasure can only take place when there are no longer any legal obligations to archive data.

You can also request the restriction of data processing under the conditions of Article 18 GDPR.

In certain cases, you have the right to receive the personal data concerning you that you have provided to us in a structured, commonly used and machine-readable format. At the same time, you have the right to transfer this data to another controller or, if technically feasible, to have it transferred by us, Article 20 GDPR.

Pursuant to Article 7 (3) GDPR, you may revoke your consent to the processing of your personal data at any time with effect for the future.

Pursuant to Article 21 GDPR, you have the right to object to the processing of your personal data to protect the legitimate interests of us or a third party (point (f) of Article 6 (1) GDPR), unless we can prove compelling reasons for the processing that merit protection.

In addition, you have the right to lodge a complaint pursuant to Article 77 GDPR in conjunction with. § 19 BDSG, you have the right to lodge a complaint with a data protection supervisory authority, such as the Hesse State Data Protection Authority.

(Version 2/2021)