Portal München Betriebs-GmbH & Co. KG, Fraunhoferstraße 6, 80469 Munich, Germany, info(at)portalmuenchen.de
The Munich Philharmonic’s portal attaches great importance to the protection of privacy and observes the legal data protection regulations. Below, we would like to explain how we handle your personal data.
1. Personal data
Personal data is information about your identity. This includes, for example, your name, address or telephone number.
2. When and for what purpose does the Munich Philharmonic collect personal data?
Our portal is available to all users without personal data being collected. However, our portal asks for your personal data if you wish to register for one of our personalised services (e.g. newsletter). We use your personal data only to give you access to those of our services that require registration. Your personal data will therefore only be requested, processed and used to the extent required by the purpose of the contract. When you access our websites, information of a general nature is automatically collected. This information includes the type of web browser, the operating system used, the domain name of your Internet service provider and similar information. None of this information allows you to be personally identified. This data is furthermore generated when accessing any other website on the Internet. This is therefore not a specific function of our website. The information we collect in this way and statistically evaluate is entirely anonymised.
a. Provision of the website and communication with us:
You can also contact us by phone or e-mail. In addition, contact forms are available for ordering subscriptions and tickets for the concerts for children and young people, and for the ticket exchange.
We use your personal data for the provision of this website and your communication with us on the basis of our legitimate interest. For the provision of this website, we must process certain personal data for technical reasons (e.g. the IP address). For your communication with us, it is necessary that we handle the personal data mentioned above.
Within the scope of the necessary balancing of interests, we have weighed your interest in the respective secrecy of your personal data and our interests in the provision of this website and the establishment of contact with each other. Your interest in confidentiality withdraws in both cases. Otherwise we would not be able to provide this website to you.
The legal basis for this data processing to safeguard legitimate interests is point (f), Art. 6(1) GDPR.
Mandatory information: When registering to use the personalised services of the Munich Philharmonic’s portal, personal data, such as name, customer/subscription number, and contact and communication data, such as telephone number and e-mail address are recorded. Depending on the respective service, additional data is requested, such as information about the company, business address, business communication data, industry, and contract and billing data. We use your personal data to give you access to those of our services that require registration. In this case, your personal data will be requested, processed and used to the extent required by the purpose of the contract. The legal basis for data processing for the purpose of contract implementation is point (b), Art. 6(1) GDPR. We also use your name, customer/subscriber number and postal address to send you information about events by post. This serves to protect legitimate interests, namely direct advertising. The legal basis for data processing for the purpose of contract implementation is point (b), Art. 6(1) GDPR. You can object to the processing of your data for direct marketing at any time (see Section 10). We will contact you by e-mail only if you have given us your prior consent to do so (see Section 5.).
c. Data processing with your consent:
General information about consent: If you have given us your consent to process personal data for certain other purposes (e.g. receiving the newsletter), this data will be processed on the basis of this consent. We make the details of the content of a consent available when we request your consent.
Your consent is always given voluntarily. If the processing of personal data is based on your consent, you have the right to revoke this consent at any time. This also applies to any consent you have given to us prior to the validity of the GDPR, i.e. before 25 May 2018. You can also withdraw your consent by sending an e-mail to firstname.lastname@example.org. The legality of data processing on the basis of your consent prior to its revocation remains unaffected by your revocation of the consent.
The legal basis for data processing based on a consent is point (a), Art. 6(1) GDPR.
3. Handling of your personal data
Your personal data is stored by the Munich Philharmonic on a specially protected server in Germany. The Munich Philharmonic will at no time pass on your personal data to third parties without your express consent unless the Munich Philharmonic’s portal is required to do so by law.
We take all necessary technical and organisational security measures to store your personal data in such a way that they are protected against unauthorised access and misuse. These security measures require that we occasionally ask you to provide proof of your identity before we disclose information to you.
When handling data, our employees are obliged to observe the provisions of the GDPR, the German Telemedia Act (TMG) and the Bavarian data protection act (BayDSG).
To protect the security of your data during transmission, we often use encryption methods (e.g. SSL). Our servers are protected by firewalls and virus protection. We also employ backup and recovery as well as role and authorisation concepts.
Cookies are small text files used to identify visitors that return regularly to specific websites. No personal user data is stored; only the Internet Protocol (IP) address is recorded. With the help of these cookies, the Munich Philharmonic’s portal can analyse how our website is used. They help us optimise the contents of individual pages and adapt them to our users’ needs. This automatically provides us with certain data about your computer and your connection to the Internet, such as the IP address, browser used and operating system. We also record your visit history, i.e. the pages on our websites that you visit, including order, date and time.
When you access this or other web pages, your web browser transmits data to our web server. During an ongoing connection for communication between your web browser and our web server, the following data is recorded:
Date and time of access
Name of the requested file
Page from which the file was requested
Access status (file transferred, file not found, etc.)
Web browser and operating system used
Full IP address of the requesting computer
Amount of data transferred
After the connection is terminated, the data is anonymised by truncating the IP address at domain level, so that it can no longer be associated with any individual user.
If you would like to subscribe to the newsletter offered on our website, we require an e-mail address from you as well as information that allows us to verify that the email address belongs to you and that you agree to receive the newsletter.
We use the double opt-in procedure to ensure that newsletters are only sent out where consent has been provided. As part of this process, the potential recipients can be included in a distribution list. Subsequently, the user is given the opportunity to confirm their registration in a legally secure manner by means of a confirmation e-mail. The address is only actively included in the distribution list if user confirmation is provided.
We use this data exclusively for sending the requested information and offers.
The newsletter software used is called Sendinblue. This means your data will be transmitted to Sendinblue. Sendinblue is prohibited from selling your data and using it for purposes other than sending the newsletter. Sendinblue is a certified German provider selected in accordance with the requirements of the General Data Protection Regulation (GDPR) and the German Federal Data Protection Act. You can find more information here.
You can withdraw your consent to your data and e-mail address being stored and used to send you the newsletter at any time, for example via the "Unsubscribe" link in the newsletter or by sending an unsubscribe request to presse.philharmoniker(at)muenchen.de.
6. How long does the data remain stored?
We store and process your personal data only as long as necessary for the intended purpose (see section »When and for what purpose does the Munich Philharmonic collect personal data?«). In all other cases, we delete your personal data. The only exception is data that we must store in order to fulfil legal obligations (e.g. tax or commercial law storage obligations). The e-mail addresses for sending the newsletter are stored and used only for sending the newsletter. You can unsubscribe from the newsletter at any time. Your e-mail address will then be deleted automatically.
7. Your rights as a data subject
According to the General Data Protection Regulation (GDPR), you have the following rights: You can revoke any consent you have given at any time (Art. 7(3) GDPR). If your personal data is processed, you have the right to obtain information about the data stored on your person (Art. 15 GDPR). Should incorrect personal data be processed, you have a right to correction (Art. 16 GDPR). If the legal requirements are met, you have the right to request the deletion or restriction of processing of the data (Art. 17 and 18 GDPR). If you have consented to data processing or a contract for data processing exists and data processing is carried out using automated procedures, you may have a right to data transferability (Art. 20 GDPR).
To exercise your rights, contact the address below (Section 12.) or write to presse.philharmoniker(at)muenchen.de. If you make use of the above rights, the public authority will check whether the legal requirements for this have been met. You also have the right to appeal to the Bavarian Data Protection Commissioner.
8. Right to object
You have the right to object at any time, on grounds relating to your particular situation, to the processing of personal data concerning you that is carried out for the purpose of protecting legitimate interests; you may object at any time to processing for the purpose of direct marketing (Art. 21 GDPR).
9. Changes to our Data Privacy Statement
We reserve the right to occasionally adapt this Data Privacy Statement so that it always complies with current legal requirements or to implement changes to our services in the Data Privacy Statement, e.g. when introducing new services. On your next visit, the new Data Privacy Statement will then apply.
10. Questions to the data protection officer
Contact and further information
If you have any questions regarding data protection in connection with this website, please contact the data protection officer:
Data Protection Officer