We, ARGO Konzerte GmbH (hereinafter “ARGO”), as operator of this website within the meaning of EU Regulation No. 2016/679, the General Data Protection Regulation (GDPR) and service provider within the meaning of the German Telemedia Act (Telemediengesetz, TMG) are the controller. In the following, we would like to inform you on the collection of personal data when using this website. Personal data are individual details about your personal or factual circumstances. This includes, in particular, your name, your e-mail address and your address.
Depending on whether you visit our websites only to access information or to make use of any services we offer (e.g. if you subscribe to our newsletter), the extent and type of collection and use of your personal data may differ. In the following provisions, we would like to inform you about the type, scope and purposes of the collection and use of your personal data when using the various functions on this website.
In accordance with the following provisions, we only process your personal data if you have given your consent or if the processing is necessary for the provision of the requested services and is justified by other provisions of the GDPR.
1. Data processing for informational use of our website
Every time you access the contents of our website, your browser automatically transfers connection data to our web server. These connection data include
- the IP address of the respective users,
- the visited page/name of the accessed file,
- date and time of retrieval,
- the amount of data transferred,
- a message if the access/retrieval was successful,
- browser type, browser version, operating system and its interface,
- if the retrieval took place via external link, the referring page,
- host name of the accessing computer.
These connection data are not used to draw any conclusions about the user's identity nor are they merged with data from other data sources. In accordance with Art. 6 Para. 1 lit. f GDPR, they serve to provide and to improve the website.
We store this connection data in our server log files for seven (7) days from the time you visit our website. Your data are then erased.
2. Data processing upon subscribing to our newsletters
You have the option to subscribe to our newsletter on our website by submitting your e-mail address. When you subscribe to our newsletter, you will first be asked to confirm your consent via a confirmation e-mail. We use this so-called “double opt-in procedure” to safeguard that you are the owner of the given e-mail address and that you have given your consent to receive the newsletter.
2.1. Purpose and legal basis of data processing
The purpose of collecting the e-mail address is to send the newsletter. Art. 6 Para. 1 lit. a GDPR constitutes the legal basis for processing the data after subscribing.
2.2. Storage period
As soon as the purpose of storage ceases to apply, i.e. as soon as you have revoked your consent to receiving the newsletter, we will erase (Art. 17 GDPR) the personal data collected for the purpose of sending the newsletter.
Furthermore, data may be stored if this has been provided for by the European or national legislator in EU regulations, laws or other regulations to which we are subject. Unless there is a need for further storage of the data for the conclusion or fulfilment of a contract, the data will also be erased or the processing restricted if a storage period prescribed by the aforementioned standards expires.
2.3. Option of revocation
You can revoke your consent at any time to receiving the newsletter and the associated processing of your personal data and with effect for the future, e.g. via the link contained in the newsletter, by e-mail or by using a postal service.
3.1. Google Analytics
This website uses Google Analytics, a web analysis service of Google LLC., 1600 Amphitheatre Pkwy, Mountain View, CA 94043, USA (“Google”). Google Analytics uses “cookies”, which are text files placed on the user's computer, to help the website analyse how users use the site. In general, the information generated by the cookie about the use of our website is transferred to a Google server in the US and stored there.
The IP address transferred by your browser within the scope of Google Analytics is not merged with other Google data. Furthermore, we added the “anonymizeIP” code to Google Analytics on this website. This ensures that the user's IP address is masked so that all data are collected anonymously. Only in exceptional cases will the full IP address be transferred to a Google server in the US and shortened there.
An opt-out cookie is set to prevent future recording of the user’s data when using this website. The opt-out cookie is only valid in this browser and only for this website; it is stored on the user's device. If you erase the cookies in this browser, the opt-out cookie must be set again. We use Google Analytics to evaluate data from double-click cookies and AdWords for statistical purposes. If this does not suit you, this function can be deactivated via the Ads Preferences Manager (https://www.google.de/settings/ads/).
We use Google Analytics, including the functions of Universal Analytics. Universal Analytics makes it possible to analyse the activities on our pages across devices (e.g. for access via laptop and later via a tablet). This is made possible by the pseudonymous assignment of a user ID to a user. Such assignment occurs, for example, when you register for a customer account or log into your customer account. However, no personal data are forwarded to Google. Even if Universal Analytics adds additional features to Google Analytics, this does not mean that it restricts data protection measures, such as IP masking or the browser add-on.
3.2. Use of other cookies
We use additional cookies to make your visit to our website attractive and to enable the use of certain functions. Cookies are small text files that are stored on your computer and enable us to recognise your Internet browser.
3.2.1. Purpose and legal basis of data processing
Our website uses various software solutions to optimise its online offering. This enables analysis of the website’s use and collection of valuable information on the users’ needs to constantly increase the website and its quality on this basis. Aggregated and anonymous statistical data are collected to be able to conduct these analyses. These data are connection and transaction data with no personal reference; they are connected with the browser used, the number of pages called up and visited, navigation behaviour and the duration of the relevant visitor on a website of the ticket shop. As part of the collection and processing process, if necessary, the abbreviated IP address of the visitor may be displayed.
The data is used in particular for the following purposes:
- to count visitors,
- to measure the website’s particularly attractive areas for the respective visitor,
- to evaluate the origin of the visitors to optimise the offer.
As this processing is necessary to protect our legitimate interests, Art. 6 Para. 1 lit. f) GDPR constitutes the legal basis for the processing of personal data using cookies. To keep statistics on visitor access, we have a legitimate interest in improving the website’s user-friendliness and functionality.
3.2.2. Storage period
Cookies are stored on your computer and transferred to our website. Some of the cookies we use are erased after the end of the browser session (so-called session cookies). Other cookies, however, remain on your terminal device and enable us or our partner companies to recognise your browser on your next visit (so-called persistent cookies), until they are erased as part of your personal erasure routines. You can deactivate or restrict the transfer of cookies by changing the settings in your Internet browser. At any time, cookies that have already been saved can be erased.
3.2.3. Possibility for objection and elimination
You can also object at any time to the setting of persistent cookies by making the relevant settings in the browser or only permitting them to be saved after explicit confirmation. In addition, by selecting the so-called “opt-out option”, you have the option at any time to generally prevent data use for all of the solutions used.
In the aforementioned sense, we use the following software solutions. Clicking on the respective provider leads to its opt-out option:
Note: The objection (opt-out) takes place using a cookie. If this cookie is erased, another objection is required.
4. Use of social media plug-ins
4.1. We currently use social media plug-ins from Facebook, Twitter and Instagram.
4.2. As a rule, data is only transferred to the providers of the plug-ins if you click on the corresponding social media button. We use the so-called two-click solution. This means that when you visit our site, no personal data is initially transferred to the providers of the plug-ins. You can recognise the provider of the plug-in by the marking on the box above its initial letter or the logo. We offer you the possibility of communicating directly with the provider of the plug-in via the social media button. The provider of the plug-in only receives the information that you have accessed the corresponding website of our online offer if you click on the highlighted field, thereby activating it. In addition, the data mentioned under Paragraph 1 of this data protection declaration will be transferred. According to Facebook, when data are collected in Germany, the IP address is made anonymous immediately after its collection. By activating the plug-in, personal data is transferred from you to the respective plug-in provider and stored there (for US providers in the US). As the plug-in provider collects data particularly via cookies, we recommend that you erase all cookies via the security settings of your browser prior to clicking on the social media button.
4.3. An exception to the two-click principle described in Paragraph 4.2 is the integration of the Facebook Comment Plug-In and the Facebook Page Plug-In integrated on our homepage during the Rock am Ring and Rock im Park festivals. The connection to Facebook with the data transfer described under Paragraph 4.2 already takes place here when you visit the corresponding subpage.
4.4. We have no influence on the data collected and data processing processes, nor are we aware of the full extent of data collection, the purposes of processing, or the storage periods. We also have no information on the collected data’s erasure by the provider of the plug-in.
4.5. The provider of the plug-in stores the data collected on you as user profiles and uses these for the purposes of advertising, market research and/or the demand-oriented design of its website. In particular, such an evaluation takes place (also for users who are not logged in) for the purpose of displaying needs-orientated advertisements and informing other users of the social network about your activities on our website. You have a right to object to the creation of these user profiles. To exercise this right, however, you must contact the respective provider of the plug-in. To enable us to improve our offer and make it more interesting for you as a user, the plug-ins allow us to offer you the opportunity of interacting with social networks and other users.
4.6. The data are transferred regardless of whether you have an account with the plug-in provider and are logged in there. If you are logged in with the provider of the plug-in, your data collected with us will be directly assigned to your existing account with the provider of the plug-in. If you press the activation button and link to the page, for example, the plug-in provider also stores this information in your user account and shares it publicly with your contacts. To avoid being assigned to your profile with the plug-in provider, we recommend that you regularly log out after using a social network, especially before activating the button.
4.7. For more information on the purpose and scope of data collection and their processing by the plug-in provider, please refer to the data protection declarations of these providers as notified below. They will also provide you with further information about your rights in this regard and setting options to protect your privacy.
4.8. Addresses of the respective providers of plug-ins and URLs with their data protection information:
4.8.1. Facebook Ireland Limited, 4 Grand Canal Square, Dublin 2, Ireland; https://www.facebook.com/privacy/explanation
Facebook has submitted to the EU-US Privacy Shield, https://www.privacyshield.gov/EU-US-Framework.
4.8.2. Twitter Inc., 1355 Market St, Suite 900, San Francisco, California 94103, USA; https://twitter.com/privacy.
Twitter has submitted to the EU-US Privacy Shield, https://www.privacyshield.gov/EU-USFramework
4.8.3. Instagram: Facebook Ireland Limited, 4 Grand Canal Square, Dublin 2, Ireland; https://help.instagram.com/519522125107875?helpref=page_content
Facebook has submitted to the EU-US Privacy Shield, https://www.privacyshield.gov/EU-US-Framework.
5. Integration of YouTube
5.1. We integrate videos into the website which are stored on the platform http://www.YouTube.com. These can be played directly from our website. The YouTube platform is offered by YouTube LLC, 901, Cherry Ave, San Bruno, CA 94066, USA, which in turn is represented by Google (for further information on Google, see also Paragraph 3.1).
5.2. By visiting the page on which the video is embedded, YouTube receives the information that you have accessed the corresponding page of our website. The data mentioned under Paragraph 1 of this declaration will also be transferred. This occurs independently of whether YouTube provides a user account through which you are logged in or whether no user account exists. If you are logged in to Google, your information will be directly associated with your account. If you do not wish to be associated with your profile on YouTube, you must log out before activating the button and erase the corresponding YouTube cookies. YouTube stores your data as user profiles and uses them for purposes of advertising, market research and/or design of the website according to your needs. Such evaluation takes place in particular (even for users who are not logged in) to provide demand-oriented advertising and to inform other users of the social network about your activities on our website. You have the right to object to the creation of these user profiles. To exercise this right, please contact YouTube.
Google also processes your personal data in the USA and has submitted to the EU-US Privacy Shield, https://www.privacyshield.gov/EU-USFramework.
6.1. We integrate videos into the website which are stored on the platform https://vimeo.com/ and can be played directly from our website. The Vimeo platform is offered by Vimeo, LLC, headquartered at 555 West 18th Street, New York, New York 10011, USA.
6.2. By visiting the page on which the video is embedded, Vimeo will be informed that you have visited the corresponding subpage on our website. The data mentioned under Paragraph 1 of this declaration will be transferred. This occurs independently of whether Vimeo provides a user account through which you are logged in or whether no user account exists. Once you are logged in to Vimeo, your information will be directly associated with your account. If you do not wish to be associated with your profile on Vimeo, you must log out before activating the button and erase the corresponding Vimeo cookies.
7. No obligation to provide certain personal data
The processing of personal data by us is partly necessary for visiting our website and using the services offered (e.g. informational use of our website and newsletter) free of error.
You are not obliged to send us any further personal data - e.g. by agreeing to set a cookie or subscribing to our newsletter. However, not transferring any personal data may result in the website being displayed incorrectly or incompletely.
8. Data security
We are committed to the security of your data. We have therefore taken appropriate physical, electronic and organisational measures to protect and secure your personal data from any unauthorised or unlawful access, use, amendment, destruction, disclosure or processing by third parties. Nevertheless, we cannot guarantee that your information and/or data are safeguarded against any illegal actions of third parties.
9. Transfer of personal data to third parties
9.1. Data transfer to recipients within the EU
In some cases, we use external service providers to process personal data. These are carefully selected by us and are bound by our instructions.
Categories of data recipients may be as follows:
- service providers for e.g. IT services, customer service, banking services, communication services,
- services in the field of festival organisation, print shops, advertising agencies and photographers.
If we disclose your personal data to a third party from the above list, we ensure by means of contractual regulations that the third party
- does not use your personal data for purposes other than those specified by us, and in accordance with the purposes set out in this data protection declaration, and
- has implemented appropriate security measures to protect your personal data against unauthorised or unlawful processing and against accidental loss, destruction or damage.
9.2. Data transfer to a third country
It is possible that employees of a service provider in a country outside the European Union may become aware of your personal data as a result of cooperation based on the division of labour, e.g. in the area of IT service providers, in particular with regard to services in the area of maintenance, repair and security of IT systems.
If there is no level of data protection in this country which is comparable to that of the European Union and, accordingly, there is no so-called adequacy decision of the European Commission with regard to this country, we will protect your interests in data protection by concluding so-called EU Standard Data Protection Clauses issued by the European Commission and agreed with the recipient or in other appropriate ways. You can request a copy of the EU Standard Data Protection Clauses and any other guarantees from us at the contact details provided in Paragraph 11.4 .
It is not intended to transfer any your personal data to other countries outside the European Union, but also - if this is legal - it cannot be excluded.
10. Booking tickets for severely handicapped persons
10.1. If you wish to book offers for visitors with disabilities, it is necessary to provide information that you are a severely disabled person. We process this information for the purpose of providing services adapted to the needs of severely disabled persons and billing for these services. As you consent to the processing of your data by transmitting this information, the legal basis is Art. 9 Para. 1 lit. a DS-GVO.
10.2. We will store your data for as long as it is necessary to fulfil the purposes stated in Paragraph 10.1 or you have revoked your consent for processing. Furthermore, data may be stored if this has been provided for by the European or national legislator in EU regulations, laws or other regulations to which we are subject. Unless there is a need for further storage of the data for the conclusion or fulfilment of a contract, the data will also be erased or the processing restricted if a storage period prescribed by the aforementioned standards expires.
10.3. You can revoke your consent at any time by sending us an e-mail to the address stated under Paragraph 11.4.
11. Your rights and contact persons
11.1. Your rights
If the legal requirements according to Arts. 15 - 22 GDPR are met, you have the right of access, rectification, erasure, restriction of processing as well as the right to data portability. Upon request, we will be pleased to inform you if and which personal data we have stored about you. Furthermore, if the storage is not permissible or no longer necessary within the meaning of the GDPR, we will rectify or erase incorrect data.
You may object to the processing if we use Art. 6 Para. 1 lit. f GDPR as the basis for processing your personal data. If you wish make such an objection, we ask you to provide us with a reason why we should not process your personal data. We will weigh your reasons against our interest in continuing data processing and subsequently either stop, or adapt the data processing, or point out to you our compelling reasons worthy of protection on the basis of which we shall continue the processing. Please note that we also process your data if this is necessary for asserting, exercising or defending any legal claims.
11.2. Competent supervisory authority
If you are of the opinion that the processing of the personal data relating to you is in breach of the GDPR, you have the right to lodge a complaint to the supervisory authority. The address of the supervisory authority responsible for us is: Bayerische Datenschutzbeauftragte, Prof. Dr. Thomas Petri, Wagmüllerstraße 18, 80538 München, Germany.
In the meaning of the GDPR, controller and service provider in the sense of the German Telemedia Act is
ARGO Konzerte GmbH
Friedrich-Bergius-Ring 26, D-97076 Würzburg, Germany
11.4. Data Protection Officer
You can contact our Data Protection Officer at: RA Lars Ebel, Sidit GmbH, Unterdürrbacher Straße 8, D-97080 Würzburg, Germany.
11.5. Right of amendment
We reserve the right to amend, modify and adapt the contents of this data protection declaration at any time. The updated Data Protection Declaration is valid from the time at which it is published on our website.
As of: 30/07/2018