Avigan Events
We bring the outrageous to the stage
Privacy Policy
I do not, of course, pass on your data to third parties under any circumstances.
However, your visit to this website is logged by my hosting provider – as is the case with all other hosting providers – along with your temporary IP address. Unfortunately, this is required by law and I am unable to prevent it. Furthermore, you must be aware that data you transmit may be unlawfully recorded and analysed. The encrypted transmission of the website (https) makes this more difficult.
Emails that you send unencrypted can be read by anyone, just like postcards. I therefore recommend using encrypted emails. You can find clear instructions on how to set this up here: https://netzpolitik.org/2013/anleitung-so-verschlusselt-ihr-eure-e-mails-mit-pgp
I also recommend using a VPN. Among other things, this prevents your ISP (Internet Service Provider) from monitoring your communications. A good provider is Mullvad in Sweden https://mullvad.net/de.
And now the text required by law:
This privacy policy explains the nature, scope and purpose of the processing of personal data (hereinafter referred to as “data”) within our online offering and the associated websites, functions and content, as well as external online presences, such as our social media profiles. (hereinafter collectively referred to as the “online offering”). With regard to the terms used, such as “processing” or “controller”, we refer to the definitions in Article 4 of the General Data Protection Regulation (GDPR).
Controller
Christoph Boldt
Rohr 10a
79271 St. Peter
mail@avigan.events
Types of data processed:
– Master data (e.g. names, addresses).
– Contact details (e.g. email, telephone numbers).
– Content data (e.g. text entries, photographs, videos).
– Usage data (e.g. websites visited, interest in content, access times).
– Meta/communication data (e.g. device information, IP addresses).
Categories of data subjects
Visitors and users of the online service (hereinafter, we also refer to the data subjects collectively as “users”).
Purpose of processing
– Provision of the online service, its functions and content.
– Responding to contact enquiries and communicating with users.
– Security measures.
– Audience measurement/marketing
Terminology used
“Personal data” means any information relating to an identified or identifiable natural person (hereinafter referred to as the “data subject”); a natural person is considered identifiable if they can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier (e.g. a cookie) or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person.
“Processing” means any operation or set of operations which is performed on personal data, whether or not by automated means. The term is broad and covers virtually any handling of data.
“Controller” means the natural or legal person, public authority, agency or other body which, alone or jointly with others, determines the purposes and means of the processing of personal data.
Relevant legal bases
In accordance with Article 13 of the GDPR, we hereby inform you of the legal bases for our data processing activities. Where the legal basis is not specified in the privacy policy, the following applies: The legal basis for obtaining consent is Article 6(1)(a) and Article 7 of the GDPR; the legal basis for processing to fulfil our services, carry out contractual measures and respond to enquiries is Article 6(1)(b) of the GDPR; the legal basis for processing to fulfil our legal obligations is Article 6(1)(c) of the GDPR, and the legal basis for processing to safeguard our legitimate interests is Article 6(1)(f) of the GDPR. In the event that the vital interests of the data subject or another natural person necessitate the processing of personal data, Article 6(1)(d) of the GDPR serves as the legal basis.
Cooperation with data processors and third parties
Where, in the course of our data processing activities, we disclose data to other individuals or organisations (data processors or third parties), transfer it to them or otherwise grant them access to the data, this is done only on the basis of a legal authorisation (e.g. where the transfer of data to third parties, such as payment service providers, is necessary for the performance of a contract pursuant to Article 6(1)(b) of the GDPR), you have given your consent, a legal obligation requires it, or on the basis of our legitimate interests (e.g. when using agents, web hosts, etc.).
Where we engage third parties to process data on the basis of a so-called ‘data processing agreement’, this is done in accordance with Article 28 of the GDPR.
Transfers to third countries
Where we process data in a third country (i.e. outside the European Union (EU) or the European Economic Area (EEA)), or where this occurs in connection with the use of third-party services or the disclosure or transfer of data to third parties, this will only take place if it is necessary to fulfil our (pre-)contractual obligations, on the basis of your consent, due to a legal obligation or on the basis of our legitimate interests. Subject to statutory or contractual permissions, we process or have the data processed in a third country only if the specific conditions of Articles 44 et seq. of the GDPR are met. This means that processing takes place, for example, on the basis of specific safeguards, such as the officially recognised determination of a level of data protection equivalent to that of the EU (e.g. for the USA through the ‘Privacy Shield’) or compliance with officially recognised specific contractual obligations (so-called ‘standard contractual clauses’).
Rights of data subjects
You have the right to request confirmation as to whether data concerning you is being processed, and to obtain access to such data, as well as further information and a copy of the data, in accordance with Article 15 of the GDPR.
In accordance with Article 16 of the GDPR, you have the right to request that data concerning you be completed or that inaccurate data concerning you be rectified.
In accordance with Article 17 of the GDPR, you have the right to request that data concerning you be erased without delay, or alternatively, in accordance with Article 18 of the GDPR, to request a restriction on the processing of the data.
You have the right to request that the data concerning you which you have provided to us be returned to you in accordance with Article 20 of the GDPR and to request that it be transferred to another controller.
You also have the right, pursuant to Article 77 of the GDPR, to lodge a complaint with the competent supervisory authority.
Right to withdraw consent
You have the right to withdraw any consent given in accordance with Article 7(3) of the GDPR with effect for the future.
Right to object
You may object at any time to the future processing of your personal data in accordance with Article 21 of the GDPR. In particular, you may object to processing for the purposes of direct marketing.
Cookies and the right to object to direct marketing
‘Cookies’ are small files that are stored on users’ computers. Various types of information can be stored within these cookies. A cookie primarily serves to store information about a user (or the device on which the cookie is stored) during or after their visit to a website. Temporary cookies, also known as “session cookies” or “transient cookies”, are cookies that are deleted once a user leaves an online service and closes their browser. Such a cookie may, for example, store the contents of a shopping basket in an online shop or a login status. Cookies that remain stored even after the browser is closed are referred to as “permanent” or “persistent”. For example, the login status may be stored so that users can access it again after several days. Similarly, such a cookie may store the user’s interests, which are used for audience measurement or marketing purposes. ‘Third-party cookies’ are cookies provided by providers other than the controller operating the online service (otherwise, if only the controller’s own cookies are used, these are referred to as ‘first-party cookies’).
We may use temporary and permanent cookies and provide information about this in our privacy policy.
If users do not wish to have cookies stored on their computer, they are asked to disable the relevant option in their browser’s settings. Stored cookies can be deleted via the browser’s settings. Disabling cookies may result in certain features of this website not working properly.
A general objection to the use of cookies for online marketing purposes can be lodged for a wide range of services, particularly in the case of tracking, via the EU website http://www.youronlinechoices.com/. Furthermore, the storage of cookies can be prevented by disabling them in the browser settings. Please note that, in such cases, it may not be possible to use all the features of this online service.
Deletion of data
The data we process will be deleted or its processing restricted in accordance with Articles 17 and 18 of the GDPR. Unless expressly stated in this privacy policy, the data stored by us will be deleted as soon as it is no longer required for its intended purpose and there are no legal retention obligations preventing its deletion. If the data is not deleted because it is required for other, legally permissible purposes, its processing will be restricted. This means that the data will be blocked and not processed for other purposes. This applies, for example, to data that must be retained for commercial or tax law reasons.
In accordance with legal requirements in Germany, data is retained in particular for 6 years pursuant to Section 257(1) of the German Commercial Code (HGB) (commercial ledgers, inventories, opening balance sheets, annual financial statements, commercial correspondence, accounting documents, etc.) and for 10 years in accordance with Section 147(1) of the German Fiscal Code (AO) (books, records, management reports, accounting documents, commercial and business correspondence, documents relevant for taxation, etc.).
In accordance with Austrian legal requirements, records must be retained for 7 years in particular, pursuant to Section 132(1) of the Austrian Federal Tax Code (BAO) (accounting records, receipts/invoices, accounts, supporting documents, business papers, statements of income and expenditure, etc.), for 22 years in connection with real estate, and for 10 years for documents relating to electronically supplied services, telecommunications, radio and television services provided to non-business customers in EU Member States for which the Mini One-Stop Shop (MOSS) is used.
Business-related processing
In addition, we process
– Contract data (e.g., subject matter of the contract, term, customer category).
– Payment data (e.g., bank details, payment history)
from our customers, prospective customers and business partners for the purposes of providing contractual services, customer care, marketing, advertising and market research.
Collection of access data and log files
We, or our hosting provider, collect data on every access to the server on which this service is hosted (so-called server log files) on the basis of our legitimate interests within the meaning of Article 6(1)(f) of the GDPR. Access data includes the name of the webpage accessed, the file, the date and time of access, the amount of data transferred, a notification of successful access, the browser type and version, the user’s operating system, the referrer URL (the previously visited page), the IP address and the requesting provider.
Log file information is stored for a maximum of 7 days for security reasons (e.g. to investigate misuse or fraud) and is then deleted. Data that must be retained for further evidence purposes is exempt from deletion until the respective incident has been fully clarified.
Provision of contractual services
We process master data (e.g. names, addresses and contact details of users) and contractual data (e.g. services used, names of contact persons, payment information) for the purpose of fulfilling our contractual obligations and providing services in accordance with Article 6(1)(b) of the GDPR. The fields marked as mandatory in online forms are required for the conclusion of the contract.
When our online services are used, we store the IP address and the time of the respective user action. This storage is based on our legitimate interests, as well as the user’s interest in protection against misuse and other unauthorised use. This data is not disclosed to third parties as a matter of principle, unless it is necessary to pursue our claims or there is a legal obligation to do so in accordance with Article 6(1)(c) of the GDPR.
We process usage data (e.g. the pages visited on our website, interest in our products) and content data (e.g. entries in the contact form or user profile) for advertising purposes within a user profile, in order to display product recommendations to the user based on the services they have used to date.
Data is deleted once statutory warranty obligations and similar obligations have expired; the necessity of retaining the data is reviewed every three years; in the case of statutory archiving obligations, deletion takes place once these have expired. Information held in any customer account remains there until the account is deleted.
Contacting us
When you contact us (e.g. via the contact form, email, telephone or social media), your details are processed in accordance with Article 6(1)(b) of the GDPR for the purpose of handling your enquiry and its resolution. Your details may be stored in a Customer Relationship Management system (‘CRM system’) or a similar enquiry management system.
We delete the enquiries once they are no longer required. We review the necessity of retention every two years; furthermore, the statutory archiving obligations apply.
Created with Datenschutz-Generator.de by Dr Thomas Schwenke, Solicitor