Data protection

Data protection information

Dear visitor,

First of all, of course, we look forward to your visit and your interest in our online service. The legislator shines that we will inform you about what happens to your personal data when you visit our website. We try to make this as simple and as understandable as possible. Unfortunately, the notification obligations are very extensive. But be assured in any case: we respect your data as we respect you as a person. Only the data that is necessary for the smooth operation of this website or to answer your inquiries are collected! We do not pass on any data and do not trade with it.

Responsible for data protection

If you have any further questions, please contact those responsible for data processing:

Nora Curcio

nora.curcio@theatergalerie.net

Im Gässle 11
72666 Neckartailfingen
Tel: 07127/222 19
Fax: 07127/330 87

information on us and this website .

Legality through the legal basis of data processing

In order to be able to offer you our website and the associated services, we process personal data on the basis of the following legal basis:

1. If you give us express consent , Art. 6 Para. 1 lit. a) GDPR
2. If we need your data to fulfill contracts , Art. 6 Para. 1 lit. b) GDPR
4. If we have to fulfill a legal obligation ,  Art. 6 Para. 1 lit. c) GDPR
5. The fundamental rights and fundamental freedoms of the person concerned do not outweigh the first interest, according to (Art. 6 Para. 1 lit. f) GDPR)

We will refer to this legal basis for the respective service/processing. This makes it easier to understand on which legal basis we collect the data.

In principle, the service of this website should benefit you. Don't hurt!

Your rights as the person concerned

At first that sounds really bad: affected . We would also have liked to have chosen another word, but since this term is also used in the texts of the GDPR, we stay with us and hope that you will enjoy visiting our pages and feel less than a data subject . After all, as a person you have rights and we would like to inform you about them:

is processed by you based on consent

If we process data to maintain a legitimate interest  , you as a person affected have the right to object to the processing of personal data taking into account the requirements of Art. 21 GDPR.

You have the right to correcting or deleting your data or to the restriction of processing . This requires a legal basis, since we are also obliged to meet legal provisions and retention obligations.

After all, you have a right to object to the processing within the framework of the legal requirements. The same applies to a right to data portability.

Right to complain to a supervisory authority

You have the right to complain about the processing of personal data by us at a supervisory authority for data protection. A list of the authorities and their contact details can be found in the following link https://www.bfdi.bund.de/de/infothek/anschriften_link

You have the right to information about your personal data. You can contact us at any time for information. In the event of an information request that is not in writing, we ask for your understanding that we may request evidence from you that prove that you are the person you spend on. You will be happy to provide information on the collection, processing and use of your data or to protect your rights described above via the person responsible. You can find out more about your rights here:  https://dsgvo-gesetz.de/kapitel-3/

Deletion of data

We generally delete personal data if there is no requirement for further storage. A requirement can exist if the data is still required to fulfill contractual services, to be able to check and wague warranty and, if necessary, guarantee claims. In the case of legal retention obligations, deletion only comes into consideration after the respective retention obligation has expired. The Hamburg Chamber of Commerce has published a page on which you can find out more about the statutory retention obligations: https://www.hk24.de/produktmarken/beratung-service/recht_und_Stünde/

Which data are processed on this website and how are they protected?

Technical protection through SSL

For safety reasons and the protection of the transmission of data you send to us as page operators, our website uses an SSL or. TLS encryption. You can see an encrypted connection from the fact that the address line of the browser from “HTTP: //” changes to “https: //” and on the closed-free castle symbol in your browser line. In the event of successful encryption, the data you transmit to us cannot be read by third parties. However, we politely point out that data transmission on the Internet can never be completely protected against access by third parties.

Access data / server log files

When you visit our website, personal data will be processed in order to display the content of the pages on your device. In order for the pages to be displayed in the browser, your IP address of the end device you use must also be processed. Otherwise we do not know which device the data should be delivered to.

We are also obliged to ensure the confidentiality and integrity of the personal data processed with our IT systems.  is logged for this purpose and from this interest on the basis of maintaining a legitimate interest :

-IP address of the calling computer
-operating system of the calling computer
-Browser version of the calling computer
-name of the file
-date and time of calling up
-transmitted data transfer
-referring URL

The access data / server log files are deleted after 7 days at the latest by all systems used in connection with the operation of this website. Ultimately, the data is used to determine and fix errors on the website.

Protection and securing of the website

To protect and secure data from our website, our technical support uses the services of the provider ManageWP

  • Godaddy.com LLC , 14455 N. Hayden RD, Ste. 219, Scottsdale, AZ 85260, United States of America
  • Godaddy.com WP Europe, TRG Republic 5, 11000 Belgrade, Serbia

Via this service, we secure our data on servers in the European Economic Area and thus ensure that our online services run smoothly. Within the MANAGEWP service, we have the option of monitoring our pages on failures, attempts to attack from outside and on performance. The service counts the calls to the pages. We have no access to IP addresses or personal data.

Godaddy has submitted to the Privacy Shield Agreement and recognizes the specifications of the GDPR:
https://www.privacyshield.gov/Porticipant?id=a2zt0000000tn9xaag&status=active

More on data protection at ManageWP at: https://managewp.com/privacy  | Statement from ManageWP on the GDPR: https://managewp.com/blog/managewp-and-gdpr-mompliance

Our technical support has concluded a contract for order processing with Godaddy.com LLC  .

Cookies

Cookies are used in exceptional cases on our website. Cookies are small text files that are saved on your end device via the browser. The cookies are required to enable certain functions of our website. Most of the cookies we use are so-called “session cookies”. They are automatically deleted after the end of their visit. You have the option of switching off cookies in your browser with appropriate settings. However, it may be that the use of our website is only possible to a limited extent. Cookies do not install or start any programs or other applications on your end device. Cookies also contain no viruses. The use of cookies is based on the maintenance of a legitimate interest . Our interest is the user -friendly visit to our website.

Consent with compliance

Our website uses the Compliance Consent technology to obtain your consent to store certain cookies on your device or to use certain technologies and to document it in accordance with data protection. The provider of this technology is Compliance BV, Kalmarweg 14-5, 9723 JG Groningen, Netherlands (hereinafter referred to as "compliance").

Compliance is installed locally on our servers, so that no connection to the Compliance provider is established. Compliance stores a cookie in your browser in order to be able to assign you the consent or its revocation. The data recorded in this way are saved until you ask us to delete, delete the compliance cookie yourself or the purpose for data storage is no longer necessary. Mandatory statutory retention obligations remain unaffected.

Compliance is used in order to obtain the statutory consent to the use of cookies. The legal basis for this is Art. 6 Para. 1 lit. c GDPR.

Use of the analysis tool WP Statistics

 WP Statistics  from the development team  Verona Labs to statistically evaluate visitor access . The purpose of data acquisition and evaluation is the continuous improvement of our website and its offers.

With WP Statistics, simple statistics can be created via the visitors of a website. With WP Statistics, for example, it can be measured how many visitors have called up a certain page and what proportion of it has used a smartphone.

The statistics of WP Statistics are based on the data, which are necessarily transmitted for the connection between web browser and web server (see log data). A cookie is not required by WP Statistics.

The protection of your privacy and personal data is in the foreground when using WP Statistics. WP Statistics does not collect any further data from the visitors. Rather, WP Statistics IP addresses of the visitors before storing. Personal identification of a visitor is therefore not possible, even afterwards.

Other websites services

Integration of Google Maps

On this website we use the Google Maps offer. This enables us to display interactive cards directly on the website and enable you to use the card function comfortably. The processing is based on the maintenance of a legitimate interest .

By visiting the website, Google receives the information that you have accessed the corresponding underside of our website. In addition, the data collected when visiting our website are transmitted. This is done regardless of whether Google provides a user account through which you are logged in or whether there is no user account. If you are logged in on Google, your data will be assigned to your account directly. If you do not want the assignment with your profile to Google, you must log out before activating the button. Google stores your data as a usage profiles and uses you for the purposes of advertising, market research and/or needs -based design of its website. Such an evaluation is in particular (even for non -logged -in users) to provide needs -based advertising and to inform other users of the social network about their activities on our website. You have a right to object to the formation of these user profiles, whereby you have to be aimed at Google to exercise it.

Further information on the purpose and scope of the data collection and your processing by the plug-in provider can be found in the data protection declarations of the provider. There you will also receive further information on your rights in this regard and setting options for protecting your privacy: http://www.google.de/intl/de/policies/privacy. Google also processes its personal data in the USA and has submitted to the EU-US Privacy Shield,  https://www.privacyshield.gov/eu-us-framework .

Google Web Fonts

The web fonts provided by Google are generally not loaded via the Google servers, but were installed locally around this server. 

However, Google Fonts are loaded when a  Google Maps card  is loaded. When calling a Google Maps card, your browser invites the web fonts you need to correctly display texts and fonts. For this purpose, the browser you use connection to the Google servers must. This gives Google knowledge that our website has been accessed via your IP address. The use of Google Web Fonts is in the interest of a uniform and appealing presentation of our online offers. This represents a legitimate interest within the meaning of Art. 6 Para. 1 lit. f GDPR.

If your browser Web Fonts does not support, a standard font is used by your computer. Further information on Google Web Fonts can be found at https://developers.google.com/fonts/faq and in the data protection declaration of Google: https://www.google.com/policies/privacy/ .

Newsletter

Newsletter data If
 Further data is not collected or only collected on a voluntary basis. We use newsletter service providers to process the newsletter, which are described below.

ActiveCampAign
This website uses ActiveCampAign for sending newsletters. The provider is the ActiveCampaign, Inc., 1 N Dearborn, 5th Floor Chicago, Illinois 60602, USA.

ActiveCampAign is a service with which the sending of newsletters can be organized and analyzed. The data you enter for the purpose of the newsletter cover will be saved on the ActiveCampAign servers in the USA.

Data analysis through ActiveCampAign
With the help of ActiveCampAign, we are able to analyze our newsletter campaigns. So we can z. B. see whether a newsletter message was opened and which links may have been clicked. In this way we can determine which links have been clicked particularly often.

We can also see whether certain previously defined actions have been carried out after opening / clicking (conversion rate). We can z. B. recognize whether you made a purchase after clicking the newsletter.

ActiveCampAign also enables us to divide the newsletter recipients based on various categories (“clusters”). The newsletter receivers can be used. B. subdivide according to age, gender or place of residence. In this way, the newsletters can be better adapted to the respective target groups. If you do not want an analysis by ActiveCampaign, you have to unsubscribe from the newsletter. For this we provide a corresponding link in every newsletter report.

Detailed information on the functions of ActiveCampAign can be found in the following link: https://www.activeCampAign.com/email-marketing.

You can find the data protection declaration from ActiveCampAign at: https://www.activecampaign.com/privacy-policy.

The legal basis
The data processing takes place on the basis of your consent (Art. 6 Para. 1 lit. a GDPR). You can revoke this consent at any time. The legality of the data processing processes that have already taken place remains unaffected by the revocation.

Data transfer to the USA is based on the standard contract clauses of the EU Commission. Details can be found here: https://www.activecampaign.com/legal/scc and https://www.activecampaign.com/de/legal/gdpr-updates/privacy-shield.

Storage duration
The data you have stored for the purpose of the newsletter cover will be saved by us or the newsletter from us or the newsletter service provider and deleted from the newsletter list after the newsletter has been canceled. Data that we have stored for other purposes remain unaffected.

After your edition from the newsletter list list, your email address will be saved in a blacklist with us or the newsletter service provider, if necessary to prevent future mailings. The data from the blacklist are only used for this purpose and not merged with other data. This serves both your interest and our interest in compliance with the legal requirements when sending newsletters (legitimate interest within the meaning of Art. 6 Para. 1 lit. f GDPR). The storage in the blacklist is not limited in time. You can object to the storage if your interests outweigh our legitimate interest.

Purpose of processing of personal data

We process the above data for the smooth operation of our website and to fulfill contractual obligations towards our customers or to safeguard our legitimate interests. If you have any questions outside of an active customer relationship, we process the data for answering your questions and for the purposes of sales.

Voluntary information

If you voluntarily provide us with data and this data is not necessary for the fulfillment of contractual obligations, we process this data in the legitimate assumption that the processing and use of this data is in your interest.

Recipient / transfer of data to third parties

Data that you provide towards us are generally not passed on to third parties, and especially not to third parties for their advertising purposes!
However, we may use service providers for the operation of this website or for other products or services. Here it can happen that a service provider receives knowledge of personal data. We choose our service providers carefully, commitment to data protection and data security and take all necessary measures for legally permissible data processing. A list of service providers is added below.

Data processing outside the European Union

As far as personal data is processed outside the European Union, we explicitly point out this in the relevant processing and in the list of integrated service providers.

Change of this data protection information

We update this data protection instructions should make changes to this website or if this requires other events. The current version can be found here on this website.