Data privacy

We take data privacy seriously and we are providing you information on how we process your data and what claims and rights you are entitled to, pursuant to the regulations under data privacy laws. Effective from 25th May 2018.

Part 1 of the Privacy policy: Privacy information pursuant to General Data Protection Regulation (GDPR)

Responsible authority and contact details of the responsible authority within the meaning of the data privacy law:Gürzenich-Orchester Köln
Bischofsgartenstr. 1
50667 Cologne

Contact details of our Data privacy Officer:
Gürzenich-Orchester Köln
Datenschutzbeauftragter
Bischofsgartenstr. 1
50667 Cologne
DSB-GuerzenichOrchester@he-c.de

2. Purpose and legal basis on which we process your data

We process personal data in accordance with the provisions of the General Data Protection Regulation (GDPR), the Federal Data Protection Act (BDSG) and other applicable data privacy regulations (details below). Which data will be processed in detail and how it will be used, depends largely on the respective requested or agreed services. Reference may be made to the respective contract documents, forms, declaration of consent and/or other information provided to you (e.g., while using our website or our terms and conditions) for further details or additions to the purposes of data processing. Apart from this, information on data privacy may be updated from time to time which you can obtain from our website www.guerzenich-orchester.de.

2.1 Purposes for the fulfilment of a contract or pre-contractual measures (Art. 6 Para 1 b GDPR)

Personal data is processed to implement our contracts with you and for the execution of your orders as well as implementation of measures and activities in the context of pre-contractual relationships, e.g. with interested parties.

The processing particularly serves to execute your subscription(s) or your order(s) according to your orders and desires and includes services, measures and activities necessary for this purpose.

The contractual communication with you essentially includes the corresponding billing and associated payment transactions, the traceability of transactions, orders and other agreements, as well as quality control by appropriate documentation, goodwill methods, measures for controlling and optimisation of business processes and for the fulfilment of the general duty of care, control and supervision by affiliated companies (e.g., parent company); statistical evaluations on corporate management, cost accounting and controlling, reporting system, internal and external communication, emergency management, billing and tax assessment of operating benefits, risk management, assertion of legal claims and defensiveness in legal disputes; ensuring IT security (system or plausibility tests, among others) and general security including building and plant security, securing and exercising domiciliary rights (e.g., by access controls); ensuring integrity, authenticity and availability of data, prevention and clarification of criminal offences; monitoring by supervisory bodies or supervisory authorities (e.g., auditing).

2.2 Purposes within the framework of legitimate interest on our part or of third parties (Art. 6 Para 1 f of GDPR)

Apart from the actual fulfilment of the contract or the pre-contractual obligations, we process your data whenever this is necessary to safeguard legitimate interests of our own or of third parties, for the following purposes, in particular:

- for advertising or market research and opinion survey insofar as you have not objected to the use of your data;

- for obtaining information and exchanging data with credit agencies insofar as this outweighs our economic risk;

- for survey and optimisation of processes for demand analysis;

- for further development of services and products as well as existing systems and processes;

- for the disclosure of personal data in the course of due diligence with respect to sales negotiations of the company;

- for comparison with European and international anti-terror lists if this goes beyond the legal obligations;

- for the enrichment of our data including by using or by researching publicly available data;

- for statistical evaluations or market analysis;

- for benchmarking;

- for the assertion of legal claims and defensiveness in legal disputes which are not directly attributable to the contractual relationship;

- for the limited storage of data if a deletion is not possible or is possible only with disproportionately high expenditure due to the specific type of storage;

- for the development of scoring systems or automated decision-making processes;

- for the prevention and clarification of criminal offences if not exclusively for the fulfilment of legal provisions;

- for building and plant security (e.g., by access control and video surveillance), if this goes beyond the general duties of care;

- for internal and external investigations, safety checks;

- for listening to or recording potential telephone conversations for quality control and training purposes;

- for the preservation and maintenance of certificates of private law or official and regulatory nature;

- securing and exercising the domiciliary rights by appropriate measures as well as video surveillance for the protection of our customers and employees as well as for safeguarding evidence in case of criminal offences and their prevention.

2.3 Purposes in accordance with your consent (Art. 6 Para 1 a of GDPR)

Your personal data can also be processed for certain purposes (e.g., using your email address for marketing purposes) based on your consent. Normally, you may withdraw this consent anytime. This also applies to the revocation of declarations of consent given to us before the GDPR came into force, thus before 25th May 2018. You will be separately informed in the relevant text of the consent about the consequences of revocation or if consent is not given.

Generally, revocation of consent applies only for the future. Processing done before the revocation shall not be affected by this and remains lawful.

2.4 Purposes for the fulfilment of statutory requirements (Art. 6 Para 1 c of GDPR) or in the public interest (Art. 6 Para 1 e of GDPR)

Just as anyone who takes part in the economic process, we are also subject to a large number of legal obligations. These are primarily statutory requirements (e.g., commercial and tax laws), but also supervisory law or other regulatory requirements, where applicable. The purposes of processing may also include compliance with monitoring and reporting obligations under the tax law as well as the archiving of data for the purposes of data privacy and data security as well as for purposes of audits by tax auditors and other authorities.

Furthermore, it may be necessary to disclose personal data in the context of supervisory/judicial measures for the purposes of taking evidence, prosecution or for the enforcement of civil law claims.

3. The categories of data not directly obtained from you and processed by us, and their origin

Insofar as it is necessary for the provision of services, we may process permissible personal data obtained from other companies or third-parties (e.g., ticketing services). In addition, we may process permissible personal data drawn, received or acquired from publicly accessible sources, press, internet or other media).

Relevant personal data categories may be, in particular:

Personal details (name, date of birth, place of birth, nationality, marital status, occupation/industry and similar data); contact details (address, email address, phone number and similar data); payment/insurance cover note for bank card and credit cards; customer history; data about your use of the tele media offered by us (e.g., time of viewing our websites, apps or newsletter, our pages/links or entries and similar data).

4. Recipients or categories of recipients of your data

The internal departments or organisational units of our company obtain your data that is required for the compliance of our contractual and legal obligations or for processing and implementation of our interests to which we are entitled. Your data may be passed on to external departments solely

- in connection with the execution of the contract

- for the purpose of compliance with statutory provisions in respect of which we are obligated to inform, report or forward data or where the forwarding of data is in the public interest (cf. Clause 2.4).

- Insofar as the external service provider process data on our behalf as order processor or as a company that assumes functions on our behalf (e.g., ticketing service providers or ticketing software-provider, data centres, support/maintenance of EDP/ IT applications, archiving, document processing, call centre services, compliance services, controlling, data validation or plausibility check, obliteration of data, purchasing/procurement, customer management, lettershop services, marketing, media technology, research, risk controlling, billing, telephony, website management, auditing services, credit institutions, printing industries or companies for data transfer, courier services, logistics)

- for the purposes mentioned in Clause 2.2 by virtue of our interests or of third-party‘s legitimate interests (e.g., to authorities, credit agencies, collection agents, attorneys, courts, appraisers, affiliated companies and committees and supervisory authorities).

- if you have given us a consent for conveyance of data to third-parties.

- As a visitor to an event, you may also consent to taking your personal image which is occasionally carried out on behalf of the organizers for the publication of the stage event, especially for broadcasting on television or for making available on the internet (streaming). In these cases, we will inform our visitors about the forthcoming video recordings by means of notices in the foyer.

We shall not forward your data to third-parties beyond that. If we engage a service provider for processing an order, your data will be subject to the same security standards there as with us. In all other cases, the recipients may only use the data for the purposes for which it has been forwarded to them.

5. Duration of retention of your data

We process and store your data for the duration of our business relationship. This also includes the initiation of a contract (pre-contractual legal relationship) and the execution of a contract.

Furthermore, we are subject to various retention and documentation obligations that arise from the German Commercial Code (HGB) and German Fiscal Code (AO). The periods for retention and/or documentation stipulated therein are up to ten years beyond the end of the business relationship and/or the pre-contractual legal relationship.

Further, special statutory provisions may require a longer period for retention, e.g., for the preservation of evidence in the context of statutory provisions on limitation. Pursuant to §§ 195 ff. of the German Civil Code (BGB), the regular limitation period is 3 years, but even limitation periods of up to 30 years may also be applicable.

If the data is no longer required for the fulfilment of contractual or legal obligations and rights, it is regularly deleted unless its further processing is necessary – for a short period of time – for the fulfilment of purposes listed in Clause 2.2 owing to a predominantly legitimate interest. One such predominantly legitimate interest exists, e.g., if a deletion is not possible due to the special type of storage or is possible only with a disproportionately high expenditure and a processing for other purposes is impossible by appropriate technical and organisational measures.

6. Processing of your data in a third country or by an international organisation

Data is transferred to offices in countries outside of European Union (EU) or the European Economic Area (EEA) (the so-called third-countries) only if it is necessary for the execution of your order/for the execution of a contract with you, it is mandatory by law (e.g., reporting requirements under the fiscal law), it is in our interests or third-party’s legitimate interest or if you have given your consent.

Your data can also be processed in a third country with the involvement of service providers as part of order processing. If the EU Commission has not made an adequacy decision on the level of data privacy for the country concerned, we guarantee that your rights and liberties will be adequately protected and guaranteed in accordance with EU data privacy requirements through appropriate contracts. We will provide you with the relevant detailed information on request.

You may make a request with the company's data privacy officer for information on suitable or appropriate guarantees and the possibility to obtain a copy.

7. Your data privacy rights
You can exercise your data privacy rights against us on certain conditions

- You have the right to obtain information on your data stored by us in accordance with the regulations of Art. 15 GDPR (subject to restrictions under § 34 of BDSG, if applicable).

- Upon your request, we will rectify the stored data about you in accordance with Art. 16 GDPR, if it is inappropriate or erroneous.

- If you so desire, we will delete your data according to the principles of Art. 17 of GDPR, provided that other legal regulations (e.g., statutory obligations to preserve and retain records or the restrictions according to § 35 BDSG) or an overriding interest on our part (e.g., to defend our rights and claims) are not in conflict with this.

- Having regard to the prerequisites of Art. 18 GDPR, you may also require us to restrict the processing of your data.

- Moreover, you may also object to the processing of your data in accordance with Art. 21 of GDPR, on the basis of which we must stop processing your data. However, this right of objection only applies in exceptional circumstances of your personal situation, whereby our company's rights may come in conflict with your right of objection.

- Moreover, you also have the right, under the conditions set out in Art. 20 of GDPR, to obtain data in a structured, well-established and machine-readable format or to transmit such data to a third-party.

- In addition, you have the right to revoke your consent to the processing of personal data any time with future effect (cf. Clause 2.3).

- You also have the right of appeal with a data privacy authority (Art. 77 of GDPR). However, we recommend that you always raise a complaint with our data privacy officer first.

If possible, your requests to exercise your rights should be addressed in writing to the above address or directly to our data privacy officer.

8. Scope of your duties to provide us your data

You are required to provide only as much data as is required for the initiation and execution of a business relationship or for a pre-contractual relationship with us or for the collection of which we are bound by the law. Without this data, we generally will not be in a position to conclude or execute a contract. This may relate to data that is required later as part of a business relationship. Provided that if we request additional data, you will be separately informed about the voluntary nature of the information.

9. Existence of an automated decision-making in individual case (including profiling)

Pursuant to Article 22 of the GDPR, we do not employ any purely automated decision-making procedure. If we use any such procedure in the future in individual cases, we will inform you separately about this, provided that this is prescribed by law.

Under certain circumstances, we shall partially process your data with the aim of appraising certain personal aspects (profiling).

In order to be able to provide and advice you targeted information on products, we may use evaluation tools, where necessary. This facilitates a need-based product design, communication and promotion including market research and opinion survey.

Information on nationality and special categories of personal data will not be processed pursuant to Art. 9 GDPR.

10. Information on your right of objection under Art. 21 of GDPR

1. You have the right to file an objection anytime against the processing of your data that is done on the basis of Art. 6 Para 1 f of GDPR (data processing on the basis of weighing of interests) or Art. 6 Para 1 e of GDPR (data processing in public interest), if there is a ground that arises from your special situation. This also applies to a profiling based on this provision within the meaning of Art. 4 No. 4 of GDPR.

If you file an objection, we will no longer process your personal data unless we can demonstrate compelling reasons worthy of protection for the processing that outweigh your interests, rights and liberties, or the processing serves to assert, exercise or defend legal claims.

2. We may also process your personal data in order to carry on direct advertising. If you do not wish to receive promotions, you have the right to object to this at any time; this also applies to profiling to the extent it is associated with such direct advertising. We will consider this objection with future effect.

We will no longer process your data for the purposes of direct advertising if you object to processing for this purpose. The objection may be raised in any form and be preferably addressed to

Gürzenich-Orchester Köln
Bischofsgartenstr. 1
50667 Cologne
0221 221 22431

Part 2 of Data Privacy Statement: Supplementary data protection information for our website

General information

The following information provides a simple overview of what happens to your personal data when you visit this website. Personal data is any data that can be used to identify you personally. Detailed information on the subject of data protection can be found in our data protection declaration listed below this text.

Data collection on this website

Who is responsible for data collection on this website?

Data processing on this website is carried out by the website operator. You can find their contact details in the “Information on the controller” section of this privacy policy.

How do we collect your data?

On the one hand, your data is collected when you provide it to us. This may, for example, be data that you enter in a contact form.

Other data is collected automatically or with your consent by our IT systems when you visit the website. This is primarily technical data (e.g. internet browser, operating system or time of page view). This data is collected automatically as soon as you enter this website.

What do we use your data for?

Some of the data is collected to ensure that the website is provided without errors. Other data may be used to analyze your user behavior.

What rights do you have regarding your data?

You have the right to receive information about the origin, recipient and purpose of your stored personal data free of charge at any time. You also have the right to request the correction or deletion of this data. If you have given your consent to data processing, you can revoke this consent at any time for the future. You also have the right to request the restriction of the processing of your personal data under certain circumstances. You also have the right to lodge a complaint with the competent supervisory authority.

You can contact us at any time if you have further questions on the subject of data protection.

Analysis tools and tools from third-party providers

When you visit this website, your surfing behavior may be statistically evaluated. This is mainly done using so-called analysis programs.

Detailed information on these analysis programs can be found in the following privacy policy.

Data collection on this website

Cookies

Our Internet pages use so-called “cookies”. Cookies are small data packages and do not cause any damage to your end device. They are stored on your device either temporarily for the duration of a session (session cookies) or permanently (permanent cookies). Session cookies are automatically deleted at the end of your visit. Permanent cookies remain stored on your device until you delete them yourself or they are automatically deleted by your web browser.

Cookies may originate from us (first-party cookies) or from third-party companies (so-called third-party cookies). Third-party cookies enable the integration of certain services from third-party companies within websites (e.g. cookies for processing payment services).

Cookies have various functions. Many cookies are technically necessary, as certain website functions would not work without them (e.g. the shopping cart function or the display of videos). Other cookies can be used to evaluate user behavior or for advertising purposes.

Cookies that are required to carry out the electronic communication process, to provide certain functions that you have requested (e.g. for the shopping cart function) or to optimize the website (e.g. cookies to measure the web audience) (necessary cookies) are stored on the basis of Art. 6 para. 1 lit. f GDPR, unless another legal basis is specified. The website operator has a legitimate interest in the storage of necessary cookies for the technically error-free and optimized provision of its services. If consent to the storage of cookies and comparable recognition technologies has been requested, the processing is carried out exclusively on the basis of this consent (Art. 6 para. 1 lit. a GDPR and § 25 para. 1 TDDDG); the consent can be revoked at any time.

You can set your browser so that you are informed about the setting of cookies and only allow cookies in individual cases, exclude the acceptance of cookies for certain cases or in general and activate the automatic deletion of cookies when closing the browser. If cookies are deactivated, the functionality of this website may be restricted.

You can find out which cookies and services are used on this website in this privacy policy.

Request by e-mail, telephone or fax

If you contact us by e-mail, telephone or fax, we will store and process your inquiry, including all personal data (name, inquiry), for the purpose of processing your request. We will not pass on this data without your consent.

This data is processed on the basis of Art. 6 para. 1 lit. b GDPR if your request is related to the fulfillment of a contract or is necessary for the implementation of pre-contractual measures. In all other cases, the processing is based on our legitimate interest in the effective processing of the inquiries addressed to us (Art. 6 para. 1 lit. f GDPR) or on your consent (Art. 6 para. 1 lit. a GDPR) if this has been requested; consent can be revoked at any time.

The data you send to us via contact requests will remain with us until you ask us to delete it, revoke your consent to storage or the purpose for data storage no longer applies (e.g. after your request has been processed). Mandatory statutory provisions - in particular statutory retention periods - remain unaffected.

Registration on this website

You can register on this website in order to use additional functions on the site. We use the data entered for this purpose only for the purpose of using the respective offer or service for which you have registered. The mandatory information requested during registration must be provided in full. Otherwise we will reject the registration.

In the event of important changes, for example to the scope of the offer or technically necessary changes, we will use the e-mail address provided during registration to inform you in this way.

The data entered during registration is processed for the purpose of implementing the user relationship established by the registration and, if necessary, for the initiation of further contracts (Art. 6 para. 1 lit. b GDPR).

The data collected during registration will be stored by us for as long as you are registered on this website and will then be deleted. Statutory retention periods remain unaffected.

Analysis tools and advertising

Google Tag Manager

We use the Google Tag Manager. The provider is Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland.

Google Tag Manager is a tool that enables us to integrate tracking or statistical tools and other technologies on our website. The Google Tag Manager itself does not create any user profiles, does not store any cookies and does not carry out any independent analyses. It is only used to manage and display the tools integrated via it. However, Google Tag Manager records your IP address, which may also be transmitted to Google's parent company in the United States.

The Google Tag Manager is used on the basis of Art. 6 para. 1 lit. f GDPR. The website operator has a legitimate interest in the fast and uncomplicated integration and management of various tools on its website. If a corresponding consent has been requested, the processing is carried out exclusively on the basis of Art. 6 para. 1 lit. a GDPR and § 25 para. 1 TDDDG, insofar as the consent includes the storage of cookies or access to information in the user's terminal device (e.g. device fingerprinting) within the meaning of the TDDDG. Consent can be revoked at any time.

The company is certified in accordance with the “EU-US Data Privacy Framework” (DPF). The DPF is an agreement between the European Union and the USA, which is intended to ensure compliance with European data protection standards for data processing in the USA. Every company certified under the DPF undertakes to comply with these data protection standards. Further information on this can be obtained from the provider at the following link: https://www.dataprivacyframework.gov/participant/5780.

Google Analytics

Diese Website nutzt Funktionen des Webanalysedienstes Google Analytics. Anbieter ist die Google Ireland Limited („Google“), Gordon House, Barrow Street, Dublin 4, Irland.

Google Analytics ermöglicht es dem Websitebetreiber, das Verhalten der Websitebesucher zu analysieren. Hierbei erhält der Websitebetreiber verschiedene Nutzungsdaten, wie z. B. Seitenaufrufe, Verweildauer, verwendete Betriebssysteme und Herkunft des Nutzers. Diese Daten werden dem jeweiligen Endgerät des Users zugeordnet. Eine Zuordnung zu einer User-ID erfolgt nicht.

Des Weiteren können wir mit Google Analytics u. a. Ihre Maus- und Scrollbewegungen und Klicks aufzeichnen. Ferner verwendet Google Analytics verschiedene Modellierungsansätze, um die erfassten Datensätze zu ergänzen und setzt Machine-Learning-Technologien bei der Datenanalyse ein.

Google Analytics verwendet Technologien, die die Wiedererkennung des Nutzers zum Zwecke der Analyse des Nutzerverhaltens ermöglichen (z. B. Cookies oder Device-Fingerprinting). Die von Google erfassten Informationen über die Benutzung dieser Website werden in der Regel an einen Server von Google in den USA übertragen und dort gespeichert.

Die Nutzung dieses Dienstes erfolgt auf Grundlage Ihrer Einwilligung nach Art. 6 Abs. 1 lit. a DSGVO und § 25 Abs. 1 TDDDG. Die Einwilligung ist jederzeit widerrufbar.

Die Datenübertragung in die USA wird auf die Standardvertragsklauseln der EU-Kommission gestützt. Details finden Sie hier: https://privacy.google.com/businesses/controllerterms/mccs/.

Das Unternehmen verfügt über eine Zertifizierung nach dem „EU-US Data Privacy Framework“ (DPF). Der DPF ist ein Übereinkommen zwischen der Europäischen Union und den USA, der die Einhaltung europäischer Datenschutzstandards bei Datenverarbeitungen in den USA gewährleisten soll. Jedes nach dem DPF zertifizierte Unternehmen verpflichtet sich, diese Datenschutzstandards einzuhalten. Weitere Informationen hierzu erhalten Sie vom Anbieter unter folgendem Link: https://www.dataprivacyframework.gov/participant/5780.

IP Anonymization

Die Google Analytics IP-Anonymisierung ist aktiviert. Dadurch wird Ihre IP-Adresse von Google innerhalb von Mitgliedstaaten der Europäischen Union oder in anderen Vertragsstaaten des Abkommens über den Europäischen Wirtschaftsraum vor der Übermittlung in die USA gekürzt. Nur in Ausnahmefällen wird die volle IP-Adresse an einen Server von Google in den USA übertragen und dort gekürzt. Im Auftrag des Betreibers dieser Website wird Google diese Informationen benutzen, um Ihre Nutzung der Website auszuwerten, um Reports über die Websiteaktivitäten zusammenzustellen und um weitere mit der Websitenutzung und der Internetnutzung verbundene Dienstleistungen gegenüber dem Websitebetreiber zu erbringen. Die im Rahmen von Google Analytics von Ihrem Browser übermittelte IP-Adresse wird nicht mit anderen Daten von Google zusammengeführt.

Browser Plugin

Sie können die Erfassung und Verarbeitung Ihrer Daten durch Google verhindern, indem Sie das unter dem folgenden Link verfügbare Browser-Plugin herunterladen und installieren: https://tools.google.com/dlpage/gaoptout?hl=de.

Mehr Informationen zum Umgang mit Nutzerdaten bei Google Analytics finden Sie in der Datenschutzerklärung von Google: https://support.google.com/analytics/answer/6004245?hl=de.

Google Ads

Der Websitebetreiber verwendet Google Ads. Google Ads ist ein Online-Werbeprogramm der Google Ireland Limited („Google“), Gordon House, Barrow Street, Dublin 4, Irland.

Google Ads ermöglicht es uns Werbeanzeigen in der Google-Suchmaschine oder auf Drittwebseiten auszuspielen, wenn der Nutzer bestimmte Suchbegriffe bei Google eingibt (Keyword-Targeting). Ferner können zielgerichtete Werbeanzeigen anhand der bei Google vorhandenen Nutzerdaten (z. B. Standortdaten und Interessen) ausgespielt werden (Zielgruppen-Targeting). Wir als Websitebetreiber können diese Daten quantitativ auswerten, indem wir beispielsweise analysieren, welche Suchbegriffe zur Ausspielung unserer Werbeanzeigen geführt haben und wie viele Anzeigen zu entsprechenden Klicks geführt haben.

Die Nutzung dieses Dienstes erfolgt auf Grundlage Ihrer Einwilligung nach Art. 6 Abs. 1 lit. a DSGVO und § 25 Abs. 1 TDDDG. Die Einwilligung ist jederzeit widerrufbar.

Die Datenübertragung in die USA wird auf die Standardvertragsklauseln der EU-Kommission gestützt. Details finden Sie hier: https://policies.google.com/privacy/frameworks und https://business.safety.google/controllerterms/.

Google Ads Remarketing

This website uses the functions of Google Ads Remarketing. The provider is Google Ireland Limited (“Google”), Gordon House, Barrow Street, Dublin 4, Ireland.

With Google Ads Remarketing, we can assign people who interact with our online offer to specific target groups in order to subsequently display interest-based advertising in the Google advertising network (remarketing or retargeting).

Furthermore, the advertising target groups created with Google Ads Remarketing can be linked to Google's cross-device functions. In this way, interest-based, personalized advertising messages that have been adapted to you depending on your previous usage and surfing behavior on one device (e.g. cell phone) can also be displayed on another of your devices (e.g. tablet or PC).

If you have a Google account, you can object to personalized advertising at the following link: https://adssettings.google.com/anonymous?hl=de.

The use of this service is based on your consent in accordance with Art. 6 para. 1 lit. a GDPR and Section 25 para. 1 TDDDG. Consent can be revoked at any time.

Further information and the data protection provisions can be found in Google's privacy policy at: https://policies.google.com/technologies/ads?hl=de.

Target group formation with customer matching

Among other things, we use Google Ads Remarketing customer matching to create target groups. Here we transfer certain customer data (e.g. email addresses) from our customer lists to Google. If the customers in question are Google users and are logged into their Google account, they are shown suitable advertising messages within the Google network (e.g. on YouTube, Gmail or in the search engine).

Hotjar

This website uses Hotjar. The provider is Hotjar Ltd, Level 2, St Julians Business Centre, 3, Elia Zammit Street, St Julians STJ 1000, Malta, Europe (website: https://www.hotjar.com).

Hotjar is a tool for analyzing your user behavior on this website. Hotjar allows us to record your mouse and scroll movements and clicks, among other things. Hotjar can also determine how long you remain with the mouse pointer in a certain place. Hotjar uses this information to create so-called heat maps, which can be used to determine which areas of the website visitors prefer to look at.

We can also determine how long you stayed on a page and when you left it. We can also determine at which point you abandoned your entries in a contact form (so-called conversion funnels).

In addition, Hotjar can be used to obtain direct feedback from website visitors. This function serves to improve the website operator's web offerings.

Hotjar uses technologies that enable the recognition of the user for the purpose of analyzing user behavior (e.g. cookies or the use of device fingerprinting).

Insofar as consent has been obtained, the use of the aforementioned service is based exclusively on Art. 6 para. 1 lit. a GDPR and § 25 TDDDG. Consent can be revoked at any time. If no consent has been obtained, the use of this service is based on Art. 6 para. 1 lit. f GDPR; the website operator has a legitimate interest in analyzing user behavior in order to optimize both its website and its advertising.

Deactivating Hotjar

If you wish to deactivate data collection by Hotjar, click on the following link and follow the instructions there: https://www.hotjar.com/policies/do-not-track/

Please note that Hotjar must be deactivated separately for each browser or end device.

For more information about Hotjar and the data collected, please refer to Hotjar's privacy policy at the following link: https://www.hotjar.com/privacy

Order processing

We have concluded a data processing agreement (DPA) for the use of the above-mentioned service. This is a contract required by data protection law, which ensures that it processes the personal data of our website visitors only in accordance with our instructions and in compliance with the GDPR.

Meta pixel (formerly Facebook pixel)

This website uses the Facebook/Meta visitor action pixel to measure conversions. The provider of this service is Meta Platforms Ireland Limited, 4 Grand Canal Square, Dublin 2, Ireland. However, according to Facebook, the data collected is also transferred to the USA and other third countries.

This allows the behavior of site visitors to be tracked after they have been redirected to the provider's website by clicking on a Facebook ad. This allows the effectiveness of Facebook ads to be evaluated for statistical and market research purposes and future advertising measures to be optimized.

The data collected is anonymous to us as the operator of this website; we cannot draw any conclusions about the identity of the users. However, the data is stored and processed by Facebook so that a connection to the respective user profile is possible and Facebook can use the data for its own advertising purposes in accordance with the Facebook Data Usage Policy (https://de-de.facebook.com/about/privacy/). This allows Facebook to place advertisements on Facebook pages and outside of Facebook. This use of the data cannot be influenced by us as the site operator.

The use of this service is based on your consent in accordance with Art. 6 para. 1 lit. a GDPR and § 25 para. 1 TDDDG. Consent can be revoked at any time.

We use the advanced matching function within the meta pixel.

Advanced matching allows us to transmit various types of data (e.g. place of residence, state, zip code, hashed email addresses, names, gender, date of birth or telephone number) of our customers and interested parties that we collect via our website to Meta (Facebook). This activation allows us to tailor our advertising campaigns on Facebook even more precisely to people who are interested in our offers. In addition, the extended comparison improves the allocation of website conversions and expands Custom Audiences.

Insofar as personal data is collected on our website with the help of the tool described here and forwarded to Facebook, we and Meta Platforms Ireland Limited, 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland are jointly responsible for this data processing (Art. 26 GDPR). The joint responsibility is limited exclusively to the collection of the data and its transfer to Facebook. The processing carried out by Facebook after forwarding is not part of the joint responsibility. The obligations incumbent on us jointly have been set out in an agreement on joint processing. The text of the agreement can be found at: https://www.facebook.com/legal/controller_addendum. According to this agreement, we are responsible for providing the data protection information when using the Facebook tool and for the secure implementation of the tool on our website in accordance with data protection law. Facebook is responsible for the data security of Facebook products. You can assert data subject rights (e.g. requests for information) regarding the data processed by Facebook directly with Facebook. If you assert your data subject rights with us, we are obliged to forward them to Facebook.

Data transfer to the USA is based on the standard contractual clauses of the EU Commission. Details can be found here: https://www.facebook.com/legal/EU_data_transfer_addendum and https://de-de.facebook.com/help/566994660333381.

You can find further information on protecting your privacy in Facebook's privacy policy: https://de-de.facebook.com/about/privacy/.

You can also deactivate the remarketing function “Custom Audiences” in the settings for advertisements at https://www.facebook.com/ads/preferences/?entry_product=ad_settings_screen. To do this, you must be logged in to Facebook.

If you do not have a Facebook account, you can deactivate usage-based advertising from Facebook on the website of the European Interactive Digital Advertising Alliance: http://www.youronlinechoices.com/de/praferenzmanagement/.

The company is certified in accordance with the “EU-US Data Privacy Framework” (DPF). The DPF is an agreement between the European Union and the USA that is intended to ensure compliance with European data protection standards for data processing in the USA. Every company certified under the DPF undertakes to comply with these data protection standards. Further information on this can be obtained from the provider at the following link: https://www.dataprivacyframework.gov/s/participant-search/participant-detail?contact=true&id=a2zt0000000GnywAAC&status=Active.

This website uses these cookies

cookie_consent_settings, trackingpermissions
Provider and purpose: Stores the settings of Cookie Managers.
Category: Essential
Storage: 60 years

csrftoken
Provider and purpose: Content Management System (CMS). Helps to prevent the attacks of the so-called Cross-Site Request Forgery- (CSRF-).
Category: Essential
Storage: 1 year

Google Analytics (_ga, _gat, _gid, _gat_gtag_UA)
Provider and purpose: For the generation of usage statistics and for the control of several requests. In this way, we learn from which websites, how often, from which countries, with what devices and for how long our website is accessed in order to improve it. Cookies can distinguish individual users from one another by means of a randomly generated ID in order to prevent multiple counts.
Category: Analysis & optimisation
Storage: 1 minute (_gat, _gat_gtag_UA), 1 day (_gid), 1 year (_ga)

Google Adsense (_gcl_au)
Provider and purpose: Google Adsense, for the generation of usage statistics and randomly generated User-ID
Category: Analysis & optimisation
Storage: 80 days

Google Adwords (_gcl_aw)
Provider and purpose: Google Adwords, for the determination and assignment of successes achieved to respective ads.
Category: Analysis & optimisation
Storage: 3 months

Hotjar (_hjid, _hjptid, _hjTLDTest, _hjIncludedInPageviewSample)
Provider and purpose: For the analysis of user behaviour. So that we can learn how much time is spent on which pages, what buttons are clicked, to what extent scrolling is done, screen size of the device, device type and browser information, countries from where our websites are accessed and the preferred language to improve our website.
Category: Analysis & optimisation
Speicherung: Ende der Sitzung (_hjptid, _hjTLDTest), 1 Jahr (_hjid, _hjIncludedInPageviewSample)

_fbp
Provider and purpose: Facebook, for displaying promotional products (e.g.,Real-Time-Bidding) of third-party advertising agencies.
Category: Marketing
Storage: 3 months

Eventim Webshop (BIGipServer~ ASP ~shopdomain.de, DWRSESSIONID, JSESSIONID, phoeniX)
Provider and purpose: Eventim, for ensuring Onlineshops function (saving items and total amount, saving of User Sessions, Single Sign-on (SSO) Authentication)
Category: Essential
Storage: End of the meeting

Part 3 of the Privacy policy: Data processing by social networks

This privacy policy applies to the following social media sites
- https://www.facebook.com/GuerzenichOrchester
- https://www.instagram.com/guerzenichorch/
- https://www.youtube.com/user/guerzenichorchester/

Data processing through social networks
We maintain publicly accessible profiles in social networks. The individual social networks we use are listed below.
Social networks such as Facebook, X etc. can generally analyze your user behavior comprehensively when you visit their website or a website with integrated social media content (e.g. like buttons or advertising banners). Visiting our social media presences triggers numerous data protection-relevant processing operations. In detail:
If you are logged into your social media account and visit our social media presence, the operator of the social media portal can assign this visit to your user account. However, your personal data may also be collected if you are not logged in or do not have an account with the respective social media portal. In this case, this data is collected, for example, via cookies that are stored on your device or by recording your IP address.

With the help of the data collected in this way, the operators of the social media portals can create user profiles in which your preferences and interests are stored. In this way, interest-based advertising can be displayed to you inside and outside the respective social media presence. If you have an account with the respective social network, the interest-based advertising can be displayed on all devices on which you are logged in or have been logged in.
Please also note that we cannot track all processing operations on the social media portals. Depending on the provider, further processing operations may therefore be carried out by the operators of the social media portals. For details, please refer to the terms of use and data protection provisions of the respective social media portals.

Legal basis
Our social media presence is intended to ensure the widest possible presence on the Internet. This is a legitimate interest within the meaning of Art. 6 para. 1 lit. f GDPR. The analysis processes initiated by the social networks may be based on different legal bases, which must be specified by the operators of the social networks (e.g. consent within the meaning of Art. 6 para. 1 lit. a GDPR).

Controller and assertion of rights

If you visit one of our social media sites (e.g. Facebook), we are jointly responsible with the operator of the social media platform for the data processing operations triggered during this visit. You can assert your rights (information, rectification, erasure, restriction of processing, data portability and complaint) both against us and against the operator of the respective social media portal (e.g. Facebook).

Please note that, despite the joint responsibility with the social media portal operators, we do not have full influence on the data processing operations of the social media portals. Our options are largely determined by the company policy of the respective provider.

Storage period

The data collected directly by us via the social media presence will be deleted from our systems as soon as you ask us to delete it, revoke your consent to storage or the purpose for data storage no longer applies. Stored cookies remain on your end device until you delete them. Mandatory statutory provisions - in particular retention periods - remain unaffected.

We have no influence on the storage period of your data that is stored by the operators of social networks for their own purposes. For details, please contact the operators of the social networks directly (e.g. in their privacy policy, see below).

Your rights

You have the right to receive information about the origin, recipient and purpose of your stored personal data free of charge at any time. You also have the right to object, the right to data portability and the right to lodge a complaint with the competent supervisory authority. Furthermore, you can request the correction, blocking, deletion and, under certain circumstances, the restriction of the processing of your personal data.

Social networks in detail

Facebook

We have a profile on Facebook. The provider of this service is Meta Platforms Ireland Limited, Merrion Road, Dublin 4, D04 X2K5, Ireland (hereinafter referred to as Meta). According to Meta, the data collected is also transferred to the USA and other third countries.

We have concluded an agreement with Meta on joint processing (Controller Addendum). This agreement specifies which data processing operations we or Meta are responsible for when you visit our Facebook page. You can view this agreement at the following link: https://www.facebook.com/legal/terms/page_controller_addendum.

You can adjust your advertising settings yourself in your user account. To do this, click on the following link and log in: https://www.facebook.com/settings?tab=ads.
Data transfer to the USA is based on the standard contractual clauses of the EU Commission.

You can find details here: https://www.facebook.com/legal/EU_data_transfer_addendum and https://de-de.facebook.com/help/566994660333381.

Details can be found in Facebook's privacy policy: https://www.facebook.com/about/privacy/.

Instagram

We have a profile on Instagram. The provider of this service is Meta Platforms Ireland Limited, Merrion Road, Dublin 4, D04 X2K5, Ireland.

Details on how they handle your personal data can be found in Instagram's privacy policy: https://privacycenter.instagram.com/policy/.

YouTube

We have a profile on YouTube. The provider is Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland. Details on how they handle your personal data can be found in YouTube's privacy policy: https://policies.google.com/privacy?hl=de.

Status: July 22, 2024