DE EN

Data privacy statement

Thank you for your interest in our company and for visiting us at www.beethovenhalle.de .

The privacy and protection of your personal data, e.g., date of birth, name, phone number, address etc., is a matter of great concern to us.

The purpose of this data privacy statement is to inform you about the processing of your personal data that we collect when you visit our website. Our data privacy policy is in line with the legal stipulations of the EU General Data Protection Regulation (GDPR) and the Federal Data Protection Act (Bundesdatenschutzgesetz – BDSG). The following data privacy notice meets the GDPR information requirements. These requirements can be looked up, inter alia, in Art. 13 and 14 ff. of the GDPR.

1. Data controller

The data controller (person or entity) responsible for the processing of data on this website under Art. 4 (7) GDPR is the one who decides alone or in consultation with others on the purpose and means of processing personal data.

Our data controller is:

Bonn Conference Center Management GmbH
Platz der Vereinten Nationen 2
53113 Bonn
E-Mail: info@beethovenhalle.de
Phone: +49 (0) 228 / 7222-0
Fax: +49 (0) 228 / 7222-111

Contact data of the data protection officer

We have designated a data protection officer (DPO) pursuant to Art. 37 GDPR. If you have any questions, you may use the following contact details:

Gerd Büttner
my-dsb.com UG, Theodor-Heuss-Anlage 12, 68165 Mannheim
E-Mail: datenschutz@worldccbonn.com

Providing the website and creating log files

Each time our website is accessed, our system automatically collects data and information which your browser sends us automatically from your electronic device (e.g., computer, cell phone, tablet, etc.).

Type and scope of data collection and processing

(1) information on the type of browser and the version used
(2) operating system used by your device
(3) hostname of the accessing computer
(4) IP-address of your device
(5) date and time of the data fetch
(6) websites and resources (pictures, files, other content) accessed from our website
(7) websites from which the user’s system gained access to our website (referrer tracking, referrer URL);
(8) notice of successful retrieval
(9) quantity of data transferred

These data are stored in the log files of our system. These data are not stored together with personal data of specific users, which precludes individual visitors from being identified.

Legal basis for processing personal data

The basis for data processing is Art. 6 (1) lit. f GDPR (“legitimate interests”). It is within our legitimate interests to ensure that the purpose described below is achieved.

Purpose of data processing

The temporary (automated) storage of data is necessary for a successful website visit and, thus, to deliver the website to the data subject. Moreover, the storage and processing of personal data is necessary to maintain the compatibility of our website for all visitors to the best possible degree, and also to prevent fraudulent misuse of our website and enable troubleshooting. To this end, it is necessary to save log files with all technical data of the retrieving computer in order to be able to react as early as possible to display errors, attacks on our IT system and/or bugs in the functionality of our website. Furthermore, saving the data in log files helps us to optimize our website and to ensure the security of our IT system.

Duration of storage

The afore mentioned technical data are deleted as soon as they are no longer needed in order to ensure the compatibility of our website for all visitors, but no later than three months after visiting our website.

Right to object and deletion option

At any point in time you may object to the processing of your personal data in accordance with Art. 21 GDPR and demand that your data are deleted in line with Art. 17 GDPR. You will find a listing of your rights and how to claim them at the bottom of this data privacy notice.

Special website features

Our website provides several features that automatically collect, process and save personal data when you access these features. In the following you can read what happens with that data:

Contact forms

  • Type and scope of processing personal dat

    The data you enter in the input mask of our contact form

  • Legal basis for data processing

    Art. 6 (1) lit. a GDPR (consent given by unambiguous confirmatory act or conduct)

  • Purpose of data processing

    We will use the data collected via our contact form only to process the specific request made through the contact form. Please be aware that in order to answer your request we may send you an e-mail to the address that you have indicated. The purpose of this is to give you a confirmation of proper receipt for your request. However, it is not mandatory for us to send you such confirmation e-mail as it serves merely information purposes.

  • Duration of storage

    The data are deleted as soon as your request has been processed, provided there are no statutory storage obligations precluding it.

  • Right to object and deletion option

    The right to object and deletion of data correspond to the general rules governing data privacy as detailed below in this data privacy statement.

  • Requirement to enter personal data

    When you use our contact form, be aware that this is by choice and that this is not a contractually or legally prescribed way of contacting us. You are not obliged to use the contact form for contacting us, but you may use other ways to contact us, as described on our website. Should you wish to use the contact form, you must fill in the mandatory information. If you fail to fill in mandatory information you will either not be able to send off the contact form, or we will not be able to process your request.

Embedding external web services and processing of data outside of the EU

On our website we use active content from external providers, known as “web services”. When you access our website, these external providers may receive personal information on your visit to our website. In this case, it may be possible that the data are processed outside of the EU. You can prevent this by installing a suitable browser plug-in or by deactivating the execution of scripts in your browser. This may lead to functionality limitations on the websites you visit.

We use the following external web services:

  • Website-Check Siegel

    Our website uploads a web service known by the name „Website-Check Siegel“, which is provided by the company Website-Check GmbH, Beethovenstraße 24, 66111 Saarbrücken, Germany, e-Mail: support@website-check.de , Website: http://www.website-check.de/ . The transmission and processing of data takes place exclusively on servers within the European Union.

    The legal basis for transmitting personal data is Art. 6 (1) lit. f GDPR (“legitimate interests”). It is within our legitimate interests to ensure that the purpose described below is achieved.

    This script by Website-Check GmbH technically integrates the Website-Check Siegel (Siegel = seal) with our website. By using this seal of approval, we want to show that we take data protection very seriously. Based on the integration of the seal, non-personal data are transmitted to Website-Check GmbH as the issuing company of the seal of approval, so that they can handle the technical delivery.

    Regarding the processing of data you may claim your right to object in accordance with Art. 21. You can find more information on this topic at the end of this data privacy statement.

    Further information on the handling of transmitted personal data is available in the data privacy statement of the service provider at https://www.website-check.de/datenschutzerklaerung/ .

Data security and data protection, communication by e-mail

Your personal data are protected by technical and organizational measures during collection, storage and processing in a way that they are not accessible for third parties. If you engage in unencrypted communication by e-mail, it is not possible for us to ensure complete data security whilst the data are transmitted to our IT systems; we therefore recommend using encrypted communication or the postal service for information with a high level of confidentiality.

Right to information and rectification – deleting and restricting data processing – withdrawing consent – right to object

Right to information

You have the right to request confirmation on whether we are processing your personal data. If so, you have the right to information on the items listed in Art. 15 (1) GDPR, unless the rights and freedoms of others are adversely affected (cf. Art 15 (4) GDPR). We would be glad to provide you with a copy of the data.

Right to rectification

According to Art. 16 GDPR, you have the right to ask for a rectification of inaccurate personal data (such as name, address, etc.) at any time. You can also request that we complete any incomplete data we have stored. We will make these adjustments without undue delay.

Right to deletion of data

According to Art. 17 (1) GDPR, you have the right to demand the deletion of personal data we have collected on you, if

  • the personal data are no longer necessary;
  • based on withdrawal of consent there is no longer a legal basis for further processing;
  • you object to processing and there are no overriding legitimate grounds for processing;
  • your personal data are being unlawfully processed;
  • there is a legal requirement to do so or if there has been a poll pursuant to Art. 8 (1) GDPR.

According to Art. 17 (3) GDPR this right does not apply if

  • processing is necessary for exercising the right of freedom of expression and information;
  • your data have been collected on the basis of compliance with a legal obligation;
  • processing is necessary for reasons of public interest;
  • the data are necessary for the establishment, exercise or defense of legal claims.

Right to restricting data processing

According to Art. (1) GDPR, in individual cases you have the right to demand from the controller the restriction of data processing.

This applies in cases when

  • you contest the accuracy of the personal data;
  • the processing is unlawful and you oppose the erasure of the personal data;
  • the controller no longer needs the personal data for the purposes of the processing, but the data are required for the establishment, exercise or defense of legal claims;
  • you have objected to processing pursuant to Art 21 (1) GDPR and it is still unclear which interests are overriding.

Right to revoke your consent

If you have given us explicit consent to process your personal data (Art 6 (1) lit. a GDPR and Art. 9 (2) lit. a GDPR) you can revoke this consent at any time. If you have given your explicit consent for us to process your personal data, you can still withdraw your consent at any time. Please be aware that this does not affect the legality of processing that is done on the basis of prior consent until it has been withdrawn.

Right to object

According to Art. 21 GDPR, at any time you have the right to object to the processing of personal data concerning you and which have been collected on the basis of Art 6 (1) lit f (legitimate interest). You are entitled to this right only if special circumstances relating to your particular situation speak against storage and processing.

How to claim your rights:

You may claim your rights at any point in time by contacting us, using the details below:

Bonn Conference Center Management GmbH
Wachsbleiche 16
53111 Bonn
Deutschland
E-Mail: info@beethovenhalle.de
Phone: +49 (0) 228 / 7222-0
Fax: +49 (0) 228 / 7222-111

Right to data portability

According to Art 20 GDPR you have the right to receive the personal data concerning you. You will receive these data in a structured, commonly used and machine-readable format. Apart from instructing us to send you the data, you can also demand from us that we transfer these data to a data controller.

Upon your request pursuant to Art. 10 (1) GDPR we will provide you with the following data:

  • data that have been collected on the basis of explicit consent pursuant to Art. 6 (1) lit. a or Art. 9 (2) lit. a GDPR;
  • data that we have received from you pursuant to Art. 6 (1) lit. a GDPR in the context of existing contracts;
  • data that have been processed in the context of an automated process.

We will transmit the personal data directly to the data controller of your choice, if technically feasible. Please be aware that pursuant to Art 20 (4) GDPR the right to data portability does not apply to data that adversely affect the rights and freedoms of others.

Right to lodge a complaint with a supervisory authority according to Art. 77 (1) GDPR

If you suspect that your data are being processed unlawfully on our site, you can of course refer the matter to a court to clarify the issue at any time. Additionally, you can seek any other judicial remedy. Irrespective of this, according to Art. 77 (1) GDPR you also have the possibility of referring the matter to a supervisory authority. Pursuant to Art. 77 (1), the right to lodge a complaint is available to you in the EU Member State of your habitual residence, your place of work and/or the place of the alleged infringement, i.e. you can select the supervisory authority you wish to refer the matter to at any of the aforementioned places. The supervisory authority with which the complaint has been lodged will then inform you about the status and outcome of your submission, including the possibility of a judicial remedy pursuant to Art. 78 GDPR.

Compiled by:

© DURY LEGAL Rechtsanwälte – www.dury.de
© Website-Check GmbH – www.website-check.de