data protection

Privacy Policy

Dear visitor,

First of all, we are of course pleased that you are visiting us and that you are interested in our online service. Legislation requires us to inform you about what happens to your personal data when you visit our website. We try to make this as easy and understandable as possible. Unfortunately, the notification requirements are very extensive. In any case, rest assured: We respect your data, just as we respect you as a person. We only collect the data that is necessary for the smooth operation of this website or to answer your inquiries! We do not share or trade any data.

Responsible for data protection

If you have any further questions, please contact the person responsible for data processing in confidence:

Nora Curcio

nora.curcio@theatergalerie.net

Im Gässle 11
72666 Neckartailfingen
Tel: 07127 / 222 19
Fax: 07127 / 330 87

Further information about us and this website can be found in our imprint .

Legality through legal bases of data processing

In order to be able to offer you our website and the associated services, we process personal data on the basis of the following legal bases:

1. If you give us your express consent , Article 6(1)(a) GDPR
2 applies. If we need your data to fulfill contracts , Article 6(1)(b) GDPR
4 applies. If we have to fulfill a legal obligation , article 6 paragraph 1 letter c) DS-GVO
5 applies. If the processing is necessary to protect a legitimate interest  of our company or a third party and the interests, fundamental rights and fundamental freedoms of the person concerned are the first-mentioned interest do not predominate, then (Art. 6 Para. 1 lit. f) GDPR) serves as the legal basis

We will refer to these legal bases for the respective service/processing. This makes it easier for you to understand the legal basis on which we collect the data.

Basically, the service of this website should bring you a benefit. Not hurt!

Your rights as a data subject

At first that sounds really bad: Affected . We would have liked to have chosen a different word, but since this term is also used in the texts of the GDPR, we will stick to it and hope that you will enjoy visiting our pages and feel less like a person concerned . After all, as a human being you have rights and we would like to inform you about them:

If personal data is processed on the basis of your consent

If we process protect a legitimate interest 

You have the right to correct or delete your data or to restrict processing . This requires a legal basis, as we are also obliged to comply with legal regulations and storage obligations.

Finally, you have the right to the processing within the framework of the legal requirements. The same applies to a right to data portability.

Right to lodge a complaint with a supervisory authority

You have the right to complain to a data protection supervisory authority about the processing of personal data by us. A list of the authorities and their contact details can be found at the following link https://www.bfdi.bund.de/DE/Infothek/Anschriften_Links/anschriften_links-node.html

You have the right to information about your personal data. You can contact us at any time for information. In the case of a request for information that is not made in writing, we ask for your understanding that we may request evidence from you that proves that you are the person you say you are. Information on the collection, processing and use of your data or on safeguarding your rights described above can be obtained from the e-mail address of the person responsible. You can find out more about your rights here:  https://dsgvo-gesetz.de/kapitel-3/

deletion of data

We generally delete personal data when there is no need for further storage. A requirement may exist if the data is still required in order to fulfill contractual services, to be able to check and grant or ward off warranty and, if applicable, guarantee claims. In the case of statutory storage obligations, deletion can only be considered after the respective storage obligation has expired. The Hamburg Chamber of Commerce has published a page on which you can find out about the statutory retention requirements: https://www.hk24.de/produktmarken/beratung-service/recht_und_steuern/steuerrecht/zahlenrecht/aufbehrungsfristen-geschaeftsdokumenten/1157174

What data is processed on this website and how is it protected?

Technical protection through SSL

For security reasons and to protect the transmission of data that you send to us as the site operator, our website uses an SSL or. TLS encryption. You can recognize an encrypted connection by the fact that the address line of the browser changes from “http://” to “https://” and by the closed lock symbol in your browser line, which is often shown in green. If the encryption is successful, the data that you transmit to us cannot be read by third parties. However, we politely point out that data transmission on the Internet can never be completely protected against access by third parties.

Access data / server log files

When you visit our website, personal data is processed in order to be able to display the content of the pages on your device. In order for the pages to be displayed in the browser, your IP address of the end device you are using must also be processed. Otherwise we would not know to which device the data should be delivered.

We are also obliged to guarantee the confidentiality and integrity of the personal data processed with our IT systems.  For this purpose and for this interest, the following data is logged of a legitimate interest

- IP address of the accessing computer
- operating system of the accessing computer
- browser version of the accessing computer
- name of the retrieved file
- date and time of retrieval
- volume of data transferred
- referring URL

The access data / server log files are deleted from all systems used in connection with the operation of this website after 7 days at the latest. The data is ultimately used to identify and correct errors on the website.

Protection and security of the website

To protect and secure data on our website, our technical support uses the services of the provider ManageWP

  • GoDaddy.com LLC , 14455 N Hayden Rd, Ste. 219, Scottsdale, AZ 85260, United States of America
  • GoDaddy.com WP Europe, Trg republike 5, 11000 Belgrade, Serbia

We use this service to secure our data on servers in the European Economic Area and thus ensure smooth operation of our online services. Within the ManageWP service we have the possibility to monitor our sites for failures, attempts at attacks from outside and for performance. The service counts the page views. We have no access to IP addresses or personal data.

GoDaddy has submitted to the Privacy Shield Agreement and recognizes the requirements of the DS-GVO:
https://www.privacyshield.gov/participant?id=a2zt0000000TN9xAAG&status=Active

More about data protection at ManageWP at: https://managewp.com/privacy  | ManageWP statement on GDPR: https://managewp.com/blog/managewp-and-gdpr-compliance

Our technical support has entered into an order processing agreement with GoDaddy.com LLC  .

cookies

In exceptional cases, cookies are used on our website. Cookies are small text files that are stored on your end device via the browser. The cookies are required to enable certain functions of our website. Most of the cookies we use are so-called “session cookies”. They are automatically deleted after your visit. You have the option of switching off the setting of cookies by making the appropriate settings in your browser. However, it may be that the use of our website is then only possible to a limited extent. Cookies do not install or start any programs or other applications on your end device. Cookies also do not contain viruses. The use of cookies is based on safeguarding a legitimate interest . Our interest is the user-friendly visit to our website.

consent with compliance

Our website uses the Complianz consent technology to obtain your consent to the storage of certain cookies on your end device or to the use of certain technologies and to document this in compliance with data protection regulations. The provider of this technology is Complianz BV, Kalmarweg 14-5, 9723 JG Groningen, The Netherlands (hereinafter “Complianz”).

Compliance is installed locally on our servers, so there is no connection to the compliance provider's servers. Complianz saves a cookie in your browser in order to be able to allocate the given consent or its revocation to you. The data collected in this way is stored until you request us to delete it, delete the compliance cookie yourself, or the purpose for storing the data no longer applies. Mandatory statutory retention requirements remain unaffected.

Complianz is used to obtain the legally required consent for the use of cookies. The legal basis for this is Article 6 (1) (c) GDPR.

Using the analysis tool WP Statistics

 WP Statistics   Verona Labs development team for the statistical evaluation of visitor access . The purpose of data collection and evaluation is the continuous improvement of our website and its offers.

With WP Statistics you can create simple statistics about the visitors of a website. For example, WP Statistics can be used to measure how many visitors have accessed a specific page and what proportion of them have used a smartphone.

The statistics from WP Statistics are based on the data that is necessary to establish a connection between the web browser and the web server (see log data). A cookie is not required by WP Statistics.

The protection of your privacy and personal data is paramount when using WP Statistics. WP Statistics itself does not collect any further data from the visitors. Rather, WP Statistics anonymizes the IP addresses of visitors before storing them. Personal identification of a visitor is therefore not possible, even retrospectively.

Other Website Services

Integration of Google Maps

On this website we use the offer of Google Maps. This enables us to show you interactive maps directly on the website and enables you to conveniently use the map function. The processing takes place on the basis of a legitimate interest .

By visiting the website, Google receives the information that you have accessed the corresponding subpage of our website. In addition, the data collected when you visit our website will be transmitted. This takes place regardless of whether Google provides a user account through which you are logged in or whether there is no user account. If you are logged in to Google, your data will be assigned directly to your account. If you do not wish to be associated with your profile on Google, you must log out before activating the button. Google stores your data as usage profiles and uses them for advertising, market research and/or needs-based design of its website. Such an evaluation is carried out in particular (even for users who are not logged in) to provide needs-based advertising and to inform other users of the social network about your activities on our website. You have the right to object to the creation of these user profiles, whereby you must contact Google to exercise this right.

Further information on the purpose and scope of the data collection and its processing by the plug-in provider can be found in the provider's data protection declaration.  There you will also find further information on your rights in this regard and setting options to protect your privacy: http://www.google.de/intl/de/policies/privacy. Google also processes your personal data in the USA and has submitted to the EU-US Privacy Shield, https://www.privacyshield.gov/EU-US-Framework .

Google Web Fonts

The web fonts provided by Google are generally not loaded via the Google servers, but were installed locally on this server. 

However, Google Fonts are loaded when a  Google Maps map  is loaded. When you call up a Google Maps map, your browser loads the required web fonts into your browser cache in order to display text and fonts correctly. For this purpose, the browser you are using must connect to the Google servers. This gives Google knowledge that our website was accessed via your IP address. Google Web Fonts are used in the interest of a uniform and appealing presentation of our online offering. This represents a legitimate interest within the meaning of Article 6 (1) (f) GDPR.

If your browser does not support web fonts, a standard font will be used by your computer. You can find more information about Google Web Fonts at https://developers.google.com/fonts/faq and in Google's privacy policy: https://www.google.com/policies/privacy/ .

Newsletter

Newsletter data If
 . Further data is not collected or only collected on a voluntary basis. We use newsletter service providers, which are described below, to process the newsletter.

ActiveCampaign
This website uses ActiveCampaign to send newsletters. The provider is ActiveCampaign, Inc., 1 N Dearborn, 5th Floor Chicago, Illinois 60602, USA.

ActiveCampaign is a service that can be used, among other things, to organize and analyze the sending of newsletters. The data you enter for the purpose of subscribing to the newsletter will be stored on the ActiveCampaign servers in the USA.

Data analysis by ActiveCampaign
With the help of ActiveCampaign, we are able to analyze our newsletter campaigns. So we can e.g. For example, see whether a newsletter message has been opened and which links, if any, have been clicked. In this way, we can determine, among other things, which links were clicked particularly often.

We can also see whether certain previously defined actions were carried out after opening/clicking (conversion rate). We can e.g. B. recognize whether you have made a purchase after clicking on the newsletter.

ActiveCampaign also enables us to subdivide ("cluster") the newsletter recipients according to different categories. The newsletter recipients can e.g. B. by age, gender or place of residence. In this way, the newsletters can be better adapted to the respective target groups. If you do not want an analysis by ActiveCampaign, you must unsubscribe from the newsletter. For this purpose, we provide a corresponding link in every newsletter message.

Detailed information about the functions of ActiveCampaign can be found at the following link: https://www.activecampaign.com/email-marketing.

ActiveCampaign's privacy policy can be found at: https://www.activecampaign.com/privacy-policy.

Legal basis
The data is processed on the basis of your consent (Article 6 (1) (a) GDPR). You can revoke this consent at any time. The legality of the data processing operations that have already taken place remains unaffected by the revocation.

Data transfer to the USA is based on the standard contractual clauses of the EU Commission. Details can be found here: https://www.activecampaign.com/legal/scc and https://www.activecampaign.com/de/legal/gdpr-updates/privacy-shield.

Storage period
The data you have stored with us for the purpose of subscribing to the newsletter will be stored by us or the newsletter service provider until you unsubscribe from the newsletter and deleted from the newsletter distribution list after you have canceled the newsletter. Data stored by us for other purposes remain unaffected.

After you have been removed from the newsletter distribution list, your e-mail address may be stored by us or the newsletter service provider in a blacklist if this is necessary to prevent future mailings. The data from the blacklist is only used for this purpose and is not merged with other data. This serves both your interest and our interest in complying with the legal requirements when sending newsletters (legitimate interest within the meaning of Art. 6 Para. 1 lit. f GDPR). Storage in the blacklist is not limited in time. You can object to the storage if your interests outweigh our legitimate interests.

Purposes of processing personal data

We process the aforementioned data for the smooth operation of our website and to fulfill contractual obligations towards our customers or to protect our legitimate interests. If you make inquiries outside of an active customer relationship, we process the data to answer your questions and for sales purposes.

Voluntary information

If you provide us with data voluntarily and this data is not required for the fulfillment of contractual obligations, we process this data on the legitimate assumption that the processing and use of this data is in your interest.

Recipients / disclosure of data to third parties

Data that you give us will not be passed on to third parties, and especially not to third parties for their advertising purposes!
However, we may use service providers to operate this website or for other products or services from us. Here it can happen that a service provider gains knowledge of personal data. We carefully select our service providers based on their ability, commitment to data protection and data security and take all necessary measures for legally permissible data processing. A list of service providers is attached below.

Data processing outside the European Union

Insofar as personal data is processed outside the European Union, we explicitly point this out in the corresponding processing and in the list of integrated service providers.

Changes to this privacy notice

We will update this privacy notice if there are changes to this website or if other events make this necessary. The current version can be found here on this website.