We attach great importance to data protection. The collection and processing of your personal data is carried out in compliance with the applicable data protection regulations, in particular the EU-General Data Protection Regulation (GDPR). We collect and process your personal data in order to be able to offer you the above-mentioned portal. This statement describes how and for what purpose your data is collected and used and what choices you have in connection with personal data.

By using this website, you consent to the collection, use and transfer of your data in accordance with this privacy policy.

1 Responsible body

The controller for the collection, processing and use of your personal data within the meaning of theGDPR is

n-tree solutions Ticketsysteme GmbH
Brosswaldengasse 12
A-6900 Bregenz

Phone: +43 5574 75090-0
Fax: +43 5574 750 90-4

If you wish to object to the collection, processing or use of your data by us in accordance with these data protection provisions as a whole or for individual measures, you can address your objection to the controller named above.

You can save and print out this privacy policy at any time.

1.1 Contact person for data protection

If you have any questions or concerns about data protection, please contact our data protection officer:

Hans-Peter Frommelt
Phone: +43 5574 75090-0
Fax: +43 5574 75090-4
E-mail: datenschutz@n-tree.com

2 General use of the website

2.1 Access data

We collect information about you when you use this website. We automatically collect information about your usage behavior and your interaction with us and register data about your computer or mobile device. We collect, store and use data about every access to our online offer (so-called server log files). The access data includes the name and URL of the retrieved file, date and time of retrieval, amount of data transferred, notification of successful retrieval (HTTP response code), browser type and version, operating system, referrer URL (i.e. the previously visited page), IP address and the requesting provider.

We use this log data without allocation to your person or other profiling for statistical evaluations for the purpose of operation, security and optimization of our online offer, but also for anonymous recording of the number of visitors to our website (traffic) and the extent and type of use of our website and services, as well as for billing purposes to measure the number of clicks received from cooperation partners. This information allows us to provide personalized and location-based content and analyze traffic, troubleshoot and fix errors, and improve our services. We reserve the right to check the log data retrospectively if there is a justified suspicion of unlawful use based on concrete evidence. We store IP addresses in the log files for a limited period of time if this is necessary for security purposes or for the provision or billing of a service, e.g. if you use ait of our offers use. After canceling the order process or after receipt of payment, we delete the IP address if it is no longer required for security purposes. We also store IP addresses if we have a concrete suspicion of a criminal offense in connection with the use of our website. We also store the date of your last visit as part of your account (e.g. when registering, logging in, clicking on links, etc.).

2.2 E-mail contact

If you contact us (e.g. via contact form or e-mail), we store your details for processing the request and in the event that follow-up questions arise. We only store and use other personal data if you consent to this or if this is permitted by law without special consent.

2.3 Use of social media plugins from Facebook

Due to our legitimate interest in the analysis, optimization and operation of our online offer (within the meaning of Art. 6 para. 1 lit. f. GDPR), this website uses the Facebook social plugin, which is provided by Facebook Inc. (1 Hacker Way, Menlo Park, California 94025, USA). The integrations are recognizable by the Facebook logo or the terms “Like”, “Like”, “Share” in the Facebook colors (blue and white). Information on all Facebook plugins can be found via the following link: developers.facebook.com/docs/plugins/

Facebook Inc. complies with European data protection law and is certified under the Privacy Shield Agreement: https://www.privacyshield.gov/participant?id=a2zt0000000GnywAAC&status=Active

The plugin establishes a direct connection between your browser and the Facebook servers. The website operator has no influence whatsoever on the nature and scope of the data that the plugin sends to the servers of Facebook Inc. transmitted. You can find more information here: https://www.facebook.com/help/186325668085084

The plugin informs Facebook Inc. that you as a user have visited this website. There is a possibility that your IP address will be stored. If you are logged into your Facebook account during your visit to this website, this information will be linked to it.

If you use the functions of the plugin – for example by sharing or “liking” a post – the corresponding information is also transmitted to Facebook Inc. transmitted. Do you want to prevent the Facebook. Inc. This data is linked to your Facebook account, please log out of Facebook before visiting this website and delete the stored cookies. You can make further settings for data processing for advertising purposes or object to the use of your data for advertising purposes via your Facebook profile.

You can access the settings here:

1. Profile settings on Facebook: https://www.facebook.com/ads/preferences/?entry_product=ad_settings_screen
2. Cookie deactivation page of the US website: http://optout.aboutads.info/?c=2#!/
3. Cookie deactivation page of the European website: http://optout.networkadvertising.org/?c=1#!/

You can find out what data, for what purpose and to what extent Facebook collects, uses and processes data and what rights and settings options you have to protect your privacy in Facebook’s privacy policy. You can find them here: https://www.facebook.com/about/privacy/

2.4 Use of Google Maps

Our website uses Google Maps to display maps and to create directions. Google Maps is operated by Google Inc, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA. When you visit the website, Google receives information that you have accessed the corresponding page on our website. This also occurs regardless of whether you have a Google account and are logged into it. In the event that you are logged in via a Google account while using the website, the data will be assigned directly to your account. If you do not wish this to happen, you must log out before using our website. By using Google Maps, you consent to the collection, processing and use of the data collected automatically and the data you enter by Google. The terms of use for Google Maps can be found at Terms of use for Google Maps. Further information on data protection at Google can be found under Transparency and choices and Privacy policy.

2.5 Legal basis and storage period

The legal basis for data processing in accordance with the above paragraphs is Art. 6 para. 1 letter f GDPR. Our interests in data processing are, in particular, to ensure the operation and security of the website, to investigate how visitors use the website, and to simplify the use of the website.

Unless specifically stated, we only store personal data for as long as is necessary to fulfill the purposes pursued.

3 Your rights as a data subject affected by data processing

Under the applicable laws, you have various rights regarding your personal data. If you would like to assert these rights, please send your request by e-mail or by post, clearly identifying yourself, to the address stated in section 1.

Below you will find an overview of your rights.

3.1 Right to confirmation and information

You have the right to obtain confirmation from us at any time as to whether or not personal data concerning you is being processed. If this is the case, you have the right to obtain information from us free of charge about the personal data stored about you, together with a copy of this data. You also have the right to the following information:

1. the purposes of processing;
2. the categories of personal data that are processed;
3. the recipients or categories of recipients to whom the personal data have been or will be disclosed, in particular recipients in third countries or international organizations;
4. where possible, the envisaged period for which the personal data will be stored, or, if not possible, the criteria used to determine that period;
5. the existence of a right to rectification or erasure of personal data concerning you or to restriction of processing by the controller or a right to object to such processing;
6. the existence of a right of appeal to a supervisory authority;
7. if the personal data is not collectedfrom you, all available information about the origin of the data;
8. the existence of automated decision-making, including profiling, referred to in Article 22(1) and (4) GDPR and, at least in those cases, meaningful information about the logic involved, as well as the significance and the envisaged consequences of such processing for you.

If personal data is transferred to a third country or to an international organization , you have the right to be informed of the appropriate safeguards pursuant to Article 46 GDPR in connection with the transfer.

3.2 Right to rectification

You have the right to obtain from us without undue delay the rectification Sto request the erasure of incorrect personal data concerning you. Taking into account the purposes of the you have the right to request the completion of incomplete personal data – also by means of a supplementary declaration.

3.3 Right to erasure (“right to be forgotten”)

You have the right to obtain from us the erasure of personal data concerning you without undue delay and we are obliged to erase personal data without undue delay where one of the following grounds applies:

1. The personal data are no longer necessary for the purposes for which they were collected or otherwise processed.
2. You withdraw your consent on which the processing is based according to point (a) of Article 6(1) GDPR, or point (a) of Article 9(2) GDPR, and where there is no other legal ground for the processing.
3. You object to the processing pursuant to Article 21(1) GDPR and there are no overriding legitimate grounds for the processing, or youobject to the processing pursuant to Article 21(2) GDPR
4. The personal data was processed unlawfully.
5. The deletion of personal data is necessary to fulfill a legal obligation under Union law or the law of the Member States to which weare subject.
6. The personal data was collected in relation to information society services offered in accordance with Article 8 (1) GDPR.

Do we have the personal data have been made public and we are in accordance with Art. 17 GDPR obliged to delete them, we will take Taking into account available technology and the cost of implementation, we will take reasonable steps, including technical measures, to inform controllers which are processing the personal data that you have requested the erasure by such controllers of any links to, or copy or replication of, those personal data. have requested the deletion of all links to this personal data or of copies or replications of this personal data .

3.4 Right to restriction of processing

You have the right to obtain from us restriction of processing where one of the following applies:

1. the accuracy of the personal data is contested by you, for a period enabling us to verify the accuracy of the personal data,
2. the processing is unlawful and you oppose the erasure of the personal data and request the restriction of their use instead;
3. we no longer need the personal data for the purposes of the processing, but they are requiredby you for the establishment, exercise or defense of legal claims, or
4. you have objected to processing pursuant to Article 21(1) GDPR pending the verification whether the legitimate grounds of our company override yours.

3.5 Right to data portability

You have the right to receive the personal data concerning you, which you have provided to us, in a structured, commonly used and machine-readable format and you have the right to transmit those data to another controller without hindrance from us, where

1. the processing is based on consent pursuant to Article 6(1)(a) GDPR or Article 9(2)(a) GDPR or on a contract pursuant to Article 6(1)(b) GDPR, and
2. the processing is carried out using automated procedures.

In exercising your right to data portability pursuant to paragraph 1 , you have the right to have the personal data transmitted directly from us to another controller, where technically feasible.

3.6 Right of objection

You have the right, for reasons arising from IYou have the right to object, on grounds relating to your particular situation, at any time to processing of personal data concerning you which is based on point (e) or (f) of Article 6(1) GDPR, including profiling based on those provisions. We process no longer process the personal data unless we are able to demonstrate compelling legitimate grounds for the processing which over ride your interests, rights and freedoms, or the processing serves the assertion, exercise or defense of legal claims.

Where personal data are processed by us for direct marketing purposes, you have the right to object at any time to processing of personal data concerning you for such marketing, which includes profiling to the extent that it is related to such direct marketing.

You have the right, for reasons arising from Iof your particular situation, against the Sto object to the processing of personal data concerning you for scientific or historical research purposes or for statistical purposes pursuant to Article 89(1) GDPR, unless the processing is necessary for the performance of a task carried out for reasons of public interest.

3.7 Automated decisions including profiling

You have the right not to be subject to a decision based solely on automated processing, including profiling, which produces legal effects concerning you or similarly significantly affects you.

3.8 Right to withdraw consent under data protection law

You have the right to withdraw your consent to the processing of personal data at any time.

3.9 Right to lodge a complaint with a supervisory authority

You have the right to lodge a complaint with a supervisory authority, in particular in the Member State of your habitual residence, place of work or place of the alleged infringement if you consider that the processing of personal data relating to you is unlawful.

4 Data security

We make every effort to ensure the security of your data within the framework of the applicable data protection laws and technical possibilities.

Your personal data is transmitted in encrypted form. This applies to your orders and also to the customer login. We use the SSL (Secure Socket Layer) coding system, but would like to point out that data transmission on the Internet (e.g. when communicating by e-mail) can have security gaps. Complete protection of data against access by third parties is not possible.

To secure your data, we maintain technical and organizational security measures that we continually adapt to the state of the art.

We also do not guarantee that our service will be available at certain times; disruptions, interruptions or failures cannot be ruled out. The servers used by us are carefully backed up on a regular basis.

5 Automated decision making

Automated decision-making based on the personal data collected does not take place.

6 Transfer of data to third parties, no data transfer to non-EU countries

In principle, we only use your personal data within our company.

If and insofar as we involve third parties in the fulfillment of contracts (such as logistics service providers), they will only receive personal data to the extent that the transfer is necessary for the corresponding service.

In the event that we outsource certain parts of data processing (“order processing”), we contractually oblige processors to use personal data only in accordance with the requirements of data protection laws and to ensure the protection of the rights of the data subject.

Data transfer to bodies or persons outside the EU or outside the cases mentioned in this declaration in points 2.3, 2.4, 2.6 and 2.7 does not take place and is currently not planned.

Bregenz, on 24.05.2018
n-tree solutions Ticketsysteme GmbH