Welcome to our website! We place greatest value on protecting your data and safeguarding your privacy. In the following, we would like to outline which data we process when and to what purpose and on what legal basis. In this presentation we will explain how our offered services operate and how we guarantee the protection of your personal data.

According to Article 4, No. 1 of the General Data Protection Regulation (GDPR), personal data entails all information referring to an identified or identifiable natural person. A natural person is considered as identifiable if he/she can be directly or indirectly identified. Additional information on this subject is available, for example, in Article 4, No. 1 of the GDPR.

This Data Protection Declaration can be accessed at any time at https://www.ticket-regional.de/datenschutzerklaerung.php, saved, and printed.

Controller according to Article 4, No. 7 of the GDPR for processing personal data is

Ticket Regional
click around GmbH
Konstantinstraße 10
54290 Trier (Germany)

Telephone: +49 651 97 90 777
Telefax: +49 651 97 90 720
email: info@ticket-regional.de

Authorized chief executives: Ruth Holzemer, Andreas Holzemer

For questions on the processing of your personal data as well as your rights concerning data protection, please contact

Ticket Regional
click around GmbH
Konstantinstraße 10
54290 Trier (Germany)

Telephone: + 49 651 97 90 777
Telefax: + 49 651 97 90 720
email: datenschutz@ticket-regional.de

Data protection officer: Ralf Winkens

Every time you open our website, we gather automatized data and information from your device system and store it in so-called server log files. These data represent information which refers to an identified or identifiable natural person (here the website user). The data are automatically transmitted by your respective browser when you visit our website. The following is a list of information items retrieved:

• The time you select our website (request to the server of the host provider),
• The address of the web page from which you visited our web page,
• Your operating system,
• Type and version of your browser,
• IP address of your computer.

This processing is done to make our website available to your device and enables us to correctly display our website on your device or in your browser. Furthermore, the data serve to optimize our website and to guarantee the security of our systems. An evaluation of these data for marketing purposes does not occur.

The legal basis for this processing is point (f) of Article 6(1) of the GDPR. We have a legitimate interest in presenting you with an optimally rendered website in your browser and enabling communication between our server and your end device. Processing your IP address is especially necessary for this communication.

We store the data for 7 days.

The recipient of the data is our server host, which operates within the framework of the Commissioned Data Processing Contract.

Our website uses cookies. Cookies are small text files that are stored on users’ computers to, for example, make it more comfortable to use a website or to recognize the users’ devices and store settings or the like. Entries and settings on a website can be stored in cookies, so that you do not need to renew or reenter these every time you open the website. Cookies contain a so-called cookie ID through which your device on which the cookie is stored can be identified.

Only technically necessary session cookies are used on our website.

Cookies are placed on websites to simplify their use and to enable certain functions for users. The legal basis for this is point (f) of Article 6(1) of the GDPR.

Session cookies are deleted following the end of the browser session, that is, after your browser has been closed.

You can limit how cookies are set in your browser’s settings or completely prevent them. You can also activate that cookies are automatically deleted when you close your browser window.

How you can delete cookies in the most common browsers and alter the cookie settings, among other things, is given in the following:

Google Chrome: website
Mozilla Firefox: website
Microsoft Edge: website
Apple Safari: website

You can place an order on our website. You must provide the following information so that your order can be processed (mandatory data):

• First name
• Last name
• Street address
• Postal code and city
• Country
• email address
• Method of payment

You can furthermore voluntarily add data (voluntary data):

• Form of address
• Title
• Company
• House number
• Telephone

These personal data are processed to facilitate processing the order and to fulfill the contract. The legal basis for the processing described here is point (b) of Article 6(1) of the GDPR.

Furthermore, we process your IP address as well as date and time of the order to verify the data in case of suspicion of misuse.

The legal basis for this processing is point (f) of Article 6(1) of the GDPR. We have a legitimate interest in recognizing fraudulent orders in our online shop and being able to take necessary measures.

We process the personal data only so long as is necessary to process the contract, whereby we must observe the legal storage obligations. According to such obligations, we must store certain data up to 10 years. The legal basis for this is point (c) of Article 6(1) of the GDPR.

The data we process in the course of contract processing can be passed on to the delegated transport company, insofar as this is necessary to fulfill the contract. Your payment data can be transmitted to the delegated bank if this is necessary for the payment transaction. Moreover, the data are processed for us subject to directives by our server host within the framework of an order processing, and the data are transmitted to the respective organizer.

If you have selected ticket insurance, the data are also transmitted to the respective insurer.

We offer you different payment providers to process your payment. Depending on the kind of payment, we transfer data to the respective payment provider. The payment provider processes the transferred data and, if applicable, collects data under its own responsibility. The data protection regulations of the respective payment provider apply in this regard.

The use of payment provider and the data transfer to the selected payment provider are based on point (b) of Article 6(1) of the GDPR (contract processing).

The following payment providers are available:

• Giropay: Provider for this service is paydirekt GmbH, Stephanstr. 14-16, 60313 Frankfurt am Main (Germany). Detailed information on data protection at Giropay is available at the following link: https://www.giropay.de/rechtliches/datenschutzerklaerung
  
  
• Klarna: Provider is Klarna Bank AB (publ), Sveavägen 46, 111 34 Stockholm (Sweden). In Germany you can contact Sofort GmbH, Theresienhöhe 12, 80339 München (Germany). Detailed information on data protection at Klarna is available at the following link: https://www.klarna.com/uk/privacy
  
  
• Credit Card: We offer you the possibility of paying for your order by credit card. Payment is processed via the providor “Computop”. Computop is PCI-DSS certified and is operated by Computop Paygate GmbH, Schwarzenbergstr. 4, 96050 Bamberg (Germany). Detailed information on data protection at Computop is available at the following link: https://computop.com/uk/data-protection
  
  
• Mollie: We also offer you the possibility of paying for your order by selecting the payment method iDEAL, Bancontact, and Belfius. To process your payment via these services, we use the payment service „Mollie“. Mollie is a PCI-DSS, level 1 certified payment service and is operated by Mollie B.V., Keizersgracht 313, 1016 EE Amsterdam (Netherlands). Detailed information on data protection at Mollie is available at the following link: https://www.mollie.com/privacy
  
  
• paydirekt: Provider for this service is paydirekt GmbH, Stephanstr. 14-16, 60313 Frankfurt am Main (Germany). Detailed information on data protection at paydirekt is available at the following link: https://www.paydirekt.de/agb
  
  
• PayPal: Provider for this service is PayPal (Europe) S.à r.l. et Cie, S.C.A., 22-24 Boulevard Royal, 2449 Luxembourg (Luxembourg). Detailed information on data protection at PayPal is available at the following link: https://www.paypal.com/webapps/mpp/ua/privacy-full

You can register to become a member of our Ticket Regional Club when you order a ticket or gift certificate or just register separately without order and create a user account.

Along with the required data for processing your order, the following data are required to register when ordering a ticket or gift certificate:

• Date of birth

To register separately without order, the following data are required (mandatory data):

• First name
• Last name
• Street address
• Postal code and city
• Country
• email address
• Date of birth
• Password

You can furthermore voluntarily add data (voluntary data):

• Form of address
• Title
• Company
• House number
• Telephone

The legal basis for this processing is the implementation of the participation contract for the Ticket Regional Club (point (b) of Article 6(1) of the GDPR).

Furthermore, we process your IP address as well as date and time of the registration to verify the data in case of suspicion of misuse.

The legal basis for this processing is point (f) of Article 6(1) of the GDPR. We have a legitimate interest in recognizing fraudulent registrations and being able to take necessary measures.

In a club newsletter click around will regularly inform you as a member of the Ticket Regional Club about the special advantages offered only to members of the Ticket Regional Club. You can later unsubscribe to this free service at any time.

We collect and process the email address to allow us to be able to deliver the club newsletter. The legal basis for this data processing is our legitimate interest according to point (f) of Article 6(1) of the GDPR. We have a legitimate interest in processing the data you have entered, so that we can send you information on the special advantages offered only to members of the Ticket Regional Club.

With selected events, you have the opportunity of subscribing on our website to the newsletter of the respective event organizer when you order your ticket(s) by giving corresponding consent.

For this purpose, your personal data will be transferred to the respective organizer, who will process the data under his/her own data protection regulations. The data protection declaration of the respective organizer applies in this regard. The legal basis for forwarding your personal data to the respective organizer is your consent within the meaning of point (a) of Article 6(1) of the GDPR.

On the basis of the law governing undue annoyance in business competition (§7 Sec. 3 UWG), we occasionally inform you as ticket customer by email about news and offers from Ticket Regional which could be of interest to you. For this purpose, we will use the email address you entered when buying tickets or signing up for the Ticket Regional Club.

Data processing ensues in this regard solely on the basis of our legitimate interest in personal direct advertising according to point (f) of Article 6(1) of the GDPR.

You can object to this use of your email address with effect for the future at any time by sending a message to the above-named contact address. Upon receipt of your objection, we will immediately discontinue the use of your email address for advertising purposes.

You have the opportunity on our website to subscribe to our newsletter.

When you register for our newsletter, you must provide the following information (mandatory data):

• email address
• Last name
• Postal code
• Country

You can furthermore voluntarily add data (voluntary data):

• Form of address
• Title
• First name
• City

The closed-loop authentication (double opt-in) provides for the following: When you have registered to receive the newsletter, you then automatically receive an email with a confirmation or an activation link which you also confirm or activate. In that way, we ensure that the email address entered on our website really belongs to you. If you do not use the confirmation or activation link, the corresponding email address will receive no further emails from us.

We collect and process the email address to allow us to be able to deliver the newsletter. The legal basis for this data processing is your consent according to point (a) of Article 6(1) of the GDPR.

Collecting and processing additional personal data as a part of the registration procedure is to prevent misuse of our newsletter or the email address used. Moreover, the processing described above serves us to prove your permission granted to us.

The legal basis for this processing is our legitimate interest according to point (f) of Article 6(1) of the GDPR. We have a legitimate interest in preventing misuse of our order form or to prove misuse. Furthermore, we have a legitimate interest in protocolling the permission and/or acknowledgement of the data protection notice.

You can withdraw your consent to this use of your email address with effect for the future at any time by sending a message to the above-named contact address. Upon receipt of your withdrawal, we will immediately discontinue the use of your email address for newsletter delivery.

We offer you the possibility of contacting us by post, by telephone, by fax, or by email.

If you contact us by post, we can expressly process your address data (for example, last name, first name, street, city, postal code), date and time of the incoming mail as well as those data contained in your letter.

If you contact us by telephone, we can expressly process your telephone number as well as, if necessary during the conversation, ask for your name, your email address, time of the call, and details concerning the reason for your call.

If you contact us by fax, we can expressly process the fax number and the source identifier as well as the data contained in the fax.

If you contact us by email, we can expressly process the email address, time of the email as well as the data contained in the message (possibly also in attachments).

Alternatively, there is a contact form on our website which you can use to contact us electronically. When you contact us via this contact form, we process the following data entered into the input fields:

• Name (mandatory)
• email address (mandatory)
• Message (mandatory)

You can also add further data voluntarily.

Additionally, the following data are stored when you submit your message:

• Date and time of the submission

Processing personal data as a part of contact requests is to process the contact request and to be able to answer the inquirer’s concern.

The other personal data processed during the submission (date and time of submission) serve to prevent misuse of our contact form.

The legal basis for the processing described here is point (f) of Article 6(1) of the GDPR.

The data will be erased when the processing of the respective request has ended. Processing is ended when it can be determined that the matter in question has been resolved conclusively, provided no legal obligations to preserve records prevent the process ending.

Our website contains a form for you to reset a forgotten password. When you contact us via this form, we process the email address entered into the input field.

The following data are stored when your request is submitted:

• Date and time of submission

These data are processed to process your request about the forgotten password and to be able to contact the inquirer to answer the request. The other personal data (date and time of the submission) processed during the submission serve to prevent misuse of this function.

The legal basis for processing the personal data described here is point (f) of Article 6(1) of the GDPR. Our necessary legitimate interest for this processing lies in offering you the possibility to contact us at any time, so that we can send you a new password.

We store the personal data only so long as is required to process the request.

This website uses JavaScript jQuery Library, provided by the third-party provider OpenJS Foundation, 1 Letterman Drive, Building D, Suite D4700, San Francisco, CA 94129 (USA).

However, there is no data transfer to OpenJS Foundation because jQuery is saved on our own servers.

The website contains so-called “external links” to other websites.

If you use these external links, we request you be aware that this data protection declaration does not apply to these links. We have no influence on the observance of data protection by the providers of the linked sites. Therefore, please inform yourself about the data protection declarations on the internet pages of the other providers.

We use links to Instagram, Facebook, and YouTube on our website. A click on the relevant icon will forward you to the associated page.

If you use these external links, we request you be aware that this data protection declaration does not apply to these links. We have no influence on the observance of data protection by the providers of the linked sites. Therefore, please inform yourself about the data protection declarations on the internet pages of the other providers.

a) You have the following rights with respect to us regarding your personal data:

• Right of access,
• Right to rectification or erasure,
• Right to restriction of processing,
• Right to object to processing,
• Right to data portability.

Moreover, you have the right to lodge a complaint with a data protection supervisory authority concerning our processing of your personal data.

b) The right to withdraw the declaration of consent under data protection law
You have the right to withdraw your declaration of consent under the data protection law - if such a declaration was given - at any time with effect for the future. Withdrawing the consent does not affect the legality of the processing carried out based on the consent up to the time of the withdrawal.

If you wish to claim your right to withdrawal, an email to datenschutz@ticket-regional.de is sufficient.

c) Right to object according to Art. 21 of the GDPR
Provided your personal date was processed based on legitimate interests according to point (f) of Article 6(1) of the GDPR, you have the right, according to Art. 21 of the GDPR, to lodge an objection to the processing of your personal data with effect for the future, if reasons exist resulting from your special situation or if the objection is directed against direct advertising. In the latter case, you have a general right to object, which we will implement without specifying a particular situation.

If you wish to claim your right to object, an email to datenschutz@ticket-regional.de is sufficient.

According to Art. 22(1 & 4) of the GDPR, automated decision-making, including profiling, does not take place.

So that this Data Protection Declaration is easier to read, we have refrained from using pronoun forms designating preferred gender. All personal pronoun forms apply to all genders.

As of: April 27, 2023