Bregenzer Festspiele GmbH

This website is operated by the Bregenzer Festspiele GmbH. It is really important for us to protext your privacy when you use our website https://bregenzerfestspiele.com. Therefore, we want to inform you in detail about how we process personal data in the following.

​1. Data security

1.1 To protect your data, Bregenz Festival has taken appropriate security and organisational measures to prevent the loss or manipulation of and unauthorised access to your data. These measures are continuously updated.

1.2 This privacy policy only applies to http://www.bregenzerfestspiele.com, country-specific domains that redirect to the basic website and associated subdomains. Websites that are accessible via a link and are controlled and operated by third parties are not covered by this privacy policy.

2. Collecting, Processing and using personal data

2.1 Personal Data
Personal data is defined as all information relating to an identified or identifiable natural person. This information includes your name, telephone number, e-mail address and mailing address as well as all other user-related data that you share with us when you set up a customer account. We distinguish between mandatory information that is necessary for registration and optional information. Mandatory fields are always marked as such.

2.2 Customer accounts
For every customer who makes an order (by telephone, e-mail or in the web shop) a customer account is set up. This account is password-protected and provides direct access to the data we save. Here you can view your ticket orders and manage your address information. You are obliged to treat your personal access data as confidential and not to pass it on to third parties without authorisation. We cannot accept liability for misused passwords, unless we are responsible for the misuse.

2.3 Online forms
We use online forms to assist you in making an enquiry and to ensure structured processing on our side. Some are available all year (e.g. membership applications, requests for advertising material); others are temporary (e.g. refunds due to rain, priority booking). Data processing is based on Article 6 paragraph 1 point f) of the General Data Protection Regulation (GDPR). It is our legitimate interest to respond to your enquiries. Data is not passed on to third parties. The data is deleted when it is no longer necessary for processing purposes.

2.4 Collecting, processing and using your personal data
As protecting your data is very important to us, we rigorously apply the provisions of the General Data Protection Regulation (GDPR) when gathering, processing and using your personal data. We collect, store and process your data for the whole purchase process, for our services, technical administration as well as our own marketing purposes. Your personal data is passed on to third parties (delivery firms) for mailing. We only pass on the information that is necessary for dispatch, and delivery. The information that is passed on may only be used by our service providers to perform their task. Any other use is not permitted.

To process your ticket order, we need your correct name and address. We also need your e-mail address so that we can confirm the order and communicate with you. The e-mail address is also used for your identification (customer login). Your e-mail address is the where the confirmation of your order is sent to and also – if you wish – the invoice, confirmation of payment by credit card, and your print-at-home tickets (print@home).

2.5 Use of your data for marketing and advertising purposes
In addition to using your data for processing your ticket or article purchases, we use your data for advertising and marketing purposes, so long as you have given us express permission for this and so long as it complies with the regulations. You can refuse permission for your personal data to be used for such advertising purposes at any time. Informing us in writing (letter, e-mail) is sufficient.

2.6 Newsletters
In our newsletter we regularly provide information about offers and our programme. To register for the newsletter a valid e-mail address with first name and surname is required. We use the double opt-in procedure when you register for the newsletter. This means that we send the newsletter only if you have expressly confirmed that you wish to use the service. Once you have registered you will receive an e-mail containing a confirmation link. It is ónly once this confirmation link has been clicked that we will send out the newsletter to keep you informed. Any other information you share with us when you register for the newsletter is voluntary. This information is used for dispatching the newsletter and is not passed on to third parties.

Since our newsletter is distributed via Sendinblue GmbH, Köpenicker Straße 126, 10179 Berlin, Germany your data is stored on the servers of Sendinblue within the European Union. Your data is used solely for dispatching the newsletter and is not passed on to third parties.

Should you no longer wish to receive the newsletter, you can refuse it at any time. Informing us in writing (letter, e-mail) is sufficient. Alternatively you can use the unsubscribe link in the newsletter.

2.7 Event mailings
With our event mailings before and after performances, we inform our ticket buyers about relevant topics relating to their visit to the Festival (e.g. event information, rain cancellations ...), as the GDPR states that the contracting parties involved have a legitimate interest in this.

2.7 Podcast audio plays
We use the podcast hosting service Podigee from the provider Podigee GmbH, Schlesische Straße 20, 10997 Berlin, Germany. The podcasts are loaded by Podigee or transmitted via Podigee.

The use is based on our legitimate interests, i.e. interest in the secure and efficient provision, analysis and optimisation of our podcast offer in accordance with Art. 6 para. 1 lit. f. GDPR. GDPR.

Podigee processes IP addresses and device information in order to enable podcast downloads/playbacks and to determine statistical data, such as call-up figures. This data is anonymised or pseudonymised before being stored in Podigee's database, unless it is required for the provision of the podcasts.

Further information and objection options can be found in Podigee's privacy policy: https://www.podigee.com/de/about/privacy/.

2.8 Bibliothek

We use https://www.yumpu.com/, a software provided by i-magazine AG (“i-mag” – Gewerbestraße 3, 9444 Diepoldsau, CH), on our website. Yumpu is a digital platform for publishing magazines, brochures or catalogues. Yumpu turns pdf files into web-based flappable ePapers, which can be viewed without having to download the pdf.

According to article 45 DSVO (EU GDPR), the European Commission recognizes Switzerland as a state with an adequate data protection level. More information can be found here. Yumpu uses necessary cookies to ensure the service’s functionality. You can turn off these cookies at any time by changing the cookie settings. Depending on your browser, the procedure may differ. You can choose to turn off a specific type of cookie or individual cookies. The browser may also notify you when cookies are being sent. For this, you need to change your browser settings according to your cookie preferences. This, however, may mean that you have to manually adjust your cookie settings every time you visit a website and some services may not function properly.

Yumpu uses Google Analytics, which is a web based analytical tool provided by Google Inc. (1600 Amphitheatre Parkway Mountain View, CA 94043, USA). We use it according to article 6 paragraph 1 sentence 1 letter f of the DSVO. Google Analytics uses cookies to analyze how the Yumpu services are used. The data generated by this cookie includes information such as the type and version of your browser, the operating system in use, the referrer URL (previously visited site), the hostname of the accessing device (IP-address) and the time of the server request. This data is then transmitted to and stored on a Google sever in the US. Your IP-address will not be associated with other data by Google. Additionally, Yumpu added an “anonymizeIP” code to Google Analytics. This hides your IP address and guarantees that all data is collected anonymously. There are only a few exceptions in which the full IP address is transmitted to a Google Server in the US and shortened there.

Log-Files
Yumpu automatically collects and stores information in server log files, which are automatically transmitted by your browser. They are stored about a month and deleted afterwards.

- browser type and version
- operating system in use
- referred URL
- requested URL
- time of the server request
- IP address

This data is not associated with other data sources. Data processing is done according to article 6 paragraph 1 sentence 1 letter f of the DSVO based on the justifiable interest in optimizing the stability and functionality of the website. The data is not passed on or used in any other way.

2.9 QR-codes
You will find QR-codes on our flyers, posters and our quarterly print magazine “Festspielzeit”, which is also available online at https://bibliothek.bregenzerfestspiele.com. We use qr1.at to generate these QR-codes. The QR-codes provide additional information such as videos or sound files. qr1.at does not process or store any of your personal data. Find out more at https://qr1.at/dsgvo

2.10 Invitario
We use a platform from Invitario GmbH, Lerchenfelder Straße 74, 1080 Vienna, Austria, to manage invitations and guests for special events. The platform stores and processes data exclusively in accordance with the General Data Protection Regulation (GDPR). As a user, you consent to data processing in accordance with this declaration. No directly personal data is automatically collected on the platform. The platform does not create any personal user profiles.

2.10.1 Consent to data processing 
The user agrees that his/her personal data, namely name, title, address, company, position, telephone number, e-mail address, preferred language and other data required for participation in the event, may be stored by the organiser for the purpose of planning and implementing the event, as well as for sending information about the event and to inform about possible changes, for sending information about further events of Bregenzer Festspiele GmbH.

This consent can be revoked at any time by sending a letter to Bregenzer Festspiele GmbH, Platz der Wiener Symphoniker 1, 6900 Bregenz, Austria or an e-mail to ticket@bregenzerfestspiele.com.If consent is withdrawn before the end of the event, the user will not be able to attend the event for organisational reasons.

If the user transmits data on behalf of third parties and/or makes statements on behalf of third parties and/or conducts business on behalf of third parties, the user expressly declares that he/she also agrees to this data protection agreement on behalf of third parties and is authorised and/or commissioned by third parties to do so.The user shall indemnify and hold the Organiser harmless in the event of a breach of these obligations. 

2.10.2 Rights of users 
Every user of the platform has the right to refuse the storage of their personal data; in this case, the user and their data will be deleted unless there is a legal obligation to store the data.

In addition, every user has the right of access, rectification, erasure, restriction, data portability, cancellation and objection vis-à-vis Bregenzer Festspiele GmbH.

The relevant supervisory authority in Austria is the data protection authority, in Germany the state data protection commissioners and the supervisory authorities for the non-public sector and in Switzerland the Federal Data Protection and Information Commissioner or the data protection authority of the respective cantons.

2.10.3 Use of data 
The platform undertakes to protect data against unauthorised access in accordance with the GDPR. The platform stores and uses the data entered and transmitted by the user exclusively to the extent specified here.

All personal data of the user will be deleted when the user is deleted. If the user is deleted before the end of the event, the user will not be able to participate in the event for organisational reasons. 

2.10.4 What is saved? 
Server logs: The IP address of the requesting computer, together with the date, time, the request, which file is requested (name and URL), the amount of data transferred to you, a message as to whether the request was successful, identification data of the browser and operating system used, and the website from which the access was made (should the access be made via a link).

The server logs are stored in order to be able to check the system security, to administer the websites technically and to optimise the offer. If there has been a hacking attack, this data will be passed on to the law enforcement authorities. No other data will be passed on to third parties. 

Cookies: Cookies are small text files that the platform stores on your computer in order to recognise it. The information contained in the cookies is used to determine whether you are logged in or what data you have already entered, information about the use of the websites. Most web browsers automatically accept cookies.

You can prevent this by changing your browser settings. You can remove cookies stored on your PC at any time by deleting the temporary Internet files. Specifically, the following cookie is stored:

PHPSESSID: This cookie stores a reference value to the user's current session on the server in order to be able to assign registration or payment processes to the respective user. This cookie is deleted when the browser is closed.

3. Cookies

What are cookies?

How do we use cookies?

Types of Cookies we use

Manage cookie preferences

You can change your cookie preferences any time by clicking the above button. This will let you revisit the cookie consent banner and change your preferences or withdraw your consent right away.

In addition to this, different browsers provide different methods to block and delete cookies used by websites. You can change the settings of your browser to block/delete the cookies. Listed below are the links to the support documents on how to manage and delete cookies from the major web browsers.

Chrome: https://support.google.com/accounts/answer/32050

Safari: https://support.apple.com/en-in/guide/safari/sfri11471/mac

Firefox: https://support.mozilla.org/en-US/kb/clear-cookies-and-site-data-firefox?redirectslug=delete-cookies-remove-info-websites-stored&redirectlocale=en-US

Internet Explorer: https://support.microsoft.com/en-us/topic/how-to-delete-cookie-files-in-internet-explorer-bca9446f-d873-78de-77ba-d42645fa52fc

If you are using any other web browser, please visit your browser’s official support documents.

3.2 Functionality
We use IP Stack's geo-targeting application (run by apilayer Data Products GmbH, Vienna, an Austrian technology company) to provide personalized content. This application stores a certain value in the session cookie (necessary). If you disable this area, no inquiry will be dircted to the host and consequently no information will be stored. 

3.3 Web analysis/statistics
We use Google Analytics ((https://www.google.com/intl/de_at/analytics/), a software offered by Google Inc. (1600 Amphitheatre Parkway Mountain View, CA, 94043, US), for our web analysis. For the analysis of user behavior on our online platform, we use cookies (small text files) that are stored on your computer. With this information we can continuously optimize our web services. Your IP adress will anonymized during this process, so that you, as a user, remain anonymous to us. The information collected by cookies are normally sent to a google server in ths US and stored there. For more information on terms of use and data protection please go to marketingplattform.google.com/about/analytics/terms/us/ or www.policies.google.com/?hl=en&gl=de. 

Our website uses the web based analysis tool Microsoft Clarity (https://clarity.microsoft.com), which is a software provided by Microsoft Corporation (One Microsoft Way, Redmond, WA, 98052-6399, USA). The tool is used to analyze how users navigate on our website (cursor movements, clicks, scroll maps and more). With the help of Microsoft Clarity we want to understand how users interact with our website and infer how we can optimize and further develop the user experience. Microsoft stores and anonymizes the collected data (1 year). Additional information can be found in Microsoft Clarity’s data protection policy: https://privacy.microsoft.com/en-us/privacystatement

3.4 Marketing
On our website we use "Pixel" by Facebook Inc., 1610 S. California Ave, Palo Alto, CA 94304, US. With this tool we can track the behavior of users, who have been redirected to the host's website after clicking on a Facebook ad. We can analyze the effectiveness of our facebook ads with this tool, which helps us improve future advertising activities.
The data collected is anonymized. Therefore, we cannot uncover your identity. However, Facebook saves and processes the data for their own advertising purposes according to Facebook's data policy: https://www.facebook.com/about/privacy/ 

Using Google Tag Manager
By using Google's (1600 Amphitheatre Parkway Mountain View, CA,94043, US) Google Tag Manager we manage website tags via a user interface. This is how we manage marketing cookies (see 3.4. Marketing) on our website. The tool "Tag Manager" is a cookie-less domain and does not gather any personal data. It is only responsible for triggering other tags, which in turn may gather data. However, Google Tag Manager does not access this information. If you deactivate at the domain or cookie level, this will remain in effect for all tracking tags implemented with Google Tag Manager. For more information please go to https://www.google.com/analytics/terms/tag-manager/. 

4. Log-Files

We gather protocols (so-called logfiles) on our web severs for certain services. Your browser passes them on to us automatically:

• Webserver-Logfile (domain, IP, requests, user-agent, timestamp, status code) / stored for 7 days
• E-Mail-Logfile (sender, addressee, time, IP, size) / stored for 7 days

5. Social networks
5.1 YouTube
Our website makes embedded videos available on YouTube (a software provided by Google Inc., 1600 Amphitheatre Parkway Mountain View, CA 94043, USA). When you click on the videos, data is sent to YouTube; if you are signed in while using the service, information will be added to your profile. Detailed information can be found in the privacy policy here: https://policies.google.com/privacy?hl=de&gl=de.

5.2 Social Plugins
In the footer of our website and newsletter there are links to the Bregenz Festival page on Facebook, Instagram, Google+ and Twitter. By clicking on the icon you access the platform. We do not use social plugins.

6. Secure data transfer
Your personal data (online forms and web shop) is encrypted to ensure safe transmission.

7. Modification and updating
Whenever our privacy policy is updated, the currently valid version is always posted on this page with the effective date shown.

Stand: 24.9.2024