logo

Privacy policy

Privacy policy

This data protection information provides information on the processing of your personal data within the framework of the use of the Ticket Shop under the joint responsibility of CTS EVENTIM AG & Co. KGaA and Blackfired E.V. (referred to below as “Joint Controllers”).

1. Scope, controller and definitions

1.1. Scope of this data protection information

1. This data protection information relates to the processing of personal data upon a visit or use of the Ticket Shop, including the setting up of a customer account as well as to our marketing activities in this context on our websites, third-party websites and social networks. You can retrieve, store and print this data protection information at any time from this website at no charge.

2. This data protection information only relates to the processing of personal data as defined by Section 1.1. No. 1. Other websites (e.g. the Ticket Shop hosted at www.eventim.de) are not within the scope of this data protection information and present their own specific data protection information.

1.2. Controllers

Unless stated otherwise in this data protection declaration, the following are joint controllers for the processing of your personal data:

CTS EVENTIM AG & Co. KGaA
Head Office: Hohe Bleichen 11, 20354 Hamburg
Postal Address: Contrescarpe 75 A, 28195 Bremen
Email: service@eventim-light.de
Phone: +49 (0)40 - 555 558 826 (Local rate)

And

Blackfired E.V.
Salzing 100 1/4
84543 Winnhöring
Email: service@eventim-light.de
Phone: +49 (0)40 - 555 558 826 (Local rate)

CTS EVENTIM AG & Co. KGaA is the joint contact for any queries.

For processing in connection with marketing activities on our websites, third-party websites and social networks carried out with the support of Edge Entertainment Digital GmbH we are jointly responsible - as specified in detail in sections 2.1.3 and 2.1.4.

1.3. Definitions

This data protection information is based on the following legal terms found in data protection legislation that we have defined below to aid understanding:

1. GDPR is the General Data Protection Regulation (Regulation (EU) 2016/679) of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (Data Protection Directive).

2. Recipient means a natural or legal person, public authority, agency or another body, to which the personal data are disclosed, whether a third party or not. However, public authorities which may receive personal data in the framework of a particular inquiry in accordance with Union or Member State law shall not be regarded as recipients; the processing of those data by those public authorities shall be in compliance with the applicable data protection rules according to the purposes of the processing. Dependent on the payment method chosen, the recipient of your personal data could be a bank, for instance.

3. In accordance with Sec. 15 AktG [“Aktiengesetz”: German Stock Corporation Act], the EVENTIM Group comprises CTS EVENTIM AG & Co. KGaA and all its affiliated companies. More information can be found at

4. Joint controllers are two or more controllers that jointly determine the purposes and means of the processing of personal data.

5. Personal data means any information relating to an identified or identifiable natural person (‘data subject’). An identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person. Personal data could be the name, contact details, pattern of use, or bank details.

6. Controller means the natural or legal person, public authority, agency or other body which, alone or jointly with others, determines the purposes and means of the processing of personal data. Where the purposes and means of such processing are determined by Union or Member State law, the controller or the specific criteria for its nomination may be provided for by Union or Member State law. The Controllers defined under Section 1.2 are responsible for the data processing described in this data protection information.

7. Processing means any operation or set of operations which is performed on personal data or on sets of personal data, whether or not by automated means, such as collection, recording, organization, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure or destruction. Processing may involve, for example, the collection and use of your order data when tickets are sold.

2. Purposes, legal framework and data categories when processing your personal data

2.1. Processing of your data during a visit to the Ticket Shop for purely informational purposes

If you visit the Ticket Shop to obtain information about products and services without buying a ticket or without actively transferring any other information to us in some other way (purely informational use) we, CTS EVENTIM AG & Co. KGaA and, if applicable, the organiser Blackfired E.V., process your personal data at our sole responsibility. Your personal data are processed for the following purposes and on the basis of the following legal framework:

2.1.1. Processing for the purpose of IT security

1. When you visit the Ticket Shop, we process your personal data (IP address) that are technically required for us to be able to offer you the services of our Ticket Shop and to ensure stability and security when visiting the Ticket Shop.

2. For the identification and defense against threats (bot defense, DDoS attacks) and the delivery and acceleration of online applications, we use services of Akamai Technologies GmbH, Parkring 20-22, 85748 Garchin, Germany on our websites. Akamai processes the IP address of your terminal device. Akamai uses this information on behalf of EVENTIM to prevent technical threats and to ensure high availability of our website. The IP address is usually transferred to Akamai servers in the USA and processed there. This data transfer is based on EU standard contractual clauses. This ensures adequate protection of your personal data.

3. We process your personal data on the basis of Art. 6 (1) Sentence 1 lit. f) GDPR to pursue our legitimate interest to offer you the services of our Ticket Shop from a technical perspective, ensure the stability and operating security of the IT systems used and to avoid and track abuse.

2.1.2. Processing for analytical purposes

1. When you visit our Ticket Shop, in some circumstances we and, as the case may be, the organizer Blackfired E.V. analyze and document how you use our Ticket Shop, e.g. your surfing patterns, which events and parts of our Ticket Shop interest you, and if you buy a ticket, your order and shopping basket data. Furthermore, we aggregate this data in order to be able to evaluate, for example, the number of website visitors and their origin. To this end we process the following personal data:

  • IP address
  • UU-ID
  • WEB-ID
  • Device fingerprints
  • Browser fingerprints
  • Cookies (see cookie information)
  • Geo IP-location

2. If we obtain your consent, the processing of your data is based on Art. 6 Para. 1 S. 1 lit. a GDPR. You can revoke your consent at any time with future effect. We process your personal data on the basis of Art. 6 (1) Sentence 1 lit. f) GDPR furthermore to pursue our legitimate interest to conduct analyses and, on the basis of these analyses, improve our Ticket Shop and our products and services as well as to prevent fraud. If you wish to object to data processing, please click on the following link: Cookie settings

3. We and, as the case may be, the organizer Blackfired E.V. use Google Analytics 360 , a web-analytics service from Google Ireland Ltd. (“Google”) on our websites to perform the analyses. Google Analytics 360 uses cookies which allow an analysis of the use of our websites. The information generated by the cookie about the use of our website is in general transferred via a server operated by us in Europe to Google Analytics 360 in the US and stored there.This data transfer takes place on the basis of EU standard contractual clauses. This ensures adequate protection of your personal data. You can find out more here:

https://business.safety.google/adsprocessorterms/sccs/p2p-intra-group/

We shorten your IP address on the server we operate before it is transferred to a Google Analytics 360 server. As the case may be, the organizer Blackfired E.V. use Google Analytics only including IP anonymization („_anonymizeIp()“).As a result, IP addresses are processed in abbreviated form and a direct correlation to individuals can be ruled out. If you are in the European Union, this function shortens your IP address within Member States of the European Union or in other contracting states to the Agreement on the European Economic Area. Google, working under contract for CTS EVENTIM AG & Co. KGaA, uses this information to analyze the use of the Ticket Shop, generate reports about Ticket Shop activities and render other services to EVENTIM related to the use of the Ticket Shop and internet use.

The IP address transmitted to Google Analytics by the browser of the user is not combined with other data held by Google according to Google.

You can prevent the collection of information by preventing the storage of cookies by selecting the appropriate settings on your browser software or by deactivating tracking under Cookie Settings. However, we would like to point out that in this case you may not be able to use all functions of this website to their full extent.

More information on the terms and conditions of use and data protection can be found at:

In connection with the use of Google Analytics, your personal data is transferred to the US. This data transfer is based on EU standard contract clauses. This ensures an adequate protection of your personal data.

4. Google Optimize is used on our website to increase the attractiveness, content and functionality of our website. By playing out new features and content to a percentage of our users and statistically evaluating the change in usage, we can regularly improve our offering.

Cookies are used for these activities, which are linked to a pseudonymized ID. Google will use this information to evaluate your use of our website and to create reports about the optimization test and related website activities. The data protection provisions of Google Analytics 360 defined above apply (see point 2.1.2).

You can prevent the collection of information by Google Optimize by preventing the storage of cookies by selecting the appropriate settings on your browser software or by deactivating tracking under Cookie Settings. However, we would like to point out that in this case you may not be able to use all functions of this website to their full extent.

5. This site uses the map service MapBox of the MapBox Inc. („MapBox“). Mapbox uses user data (especially IP addresses and location data) solely for purposes of displaying map features and caching the selected settings.

In connection with the use of MapBox, your personal data is transferred to the US. This data transfer is based on EU standard contract clauses. This ensures an adequate protection of your personal data.

If necessary, we will obtain your consent to collect the data via MapBox, so that Art. 6 para. 1 sentence 1 lit. a GDPR is the legal basis for the processing of your data. You can revoke your consent at any time with future effect. The use of MapBox is in the interest of an appealing presentation of our online offers and makes it easier to find the locations we have specified on the website. We also process your data on the basis of our legitimate interest within the meaning of Art. 6 para. 1 sentence 1 lit. f GDPR.

For more details about Mapbox's data processing, please refer to the relevant privacy information:

6. In addition, we use Hotjar to better understand the needs of our users and to optimize the offering on this website. With the help of Hotjar's technology, we get a better understanding of our users' experiences and have the additional opportunity to gather feedback on our product and features. This allows us to continuously improve and adapt the product and features to the needs of our users. Hotjar uses cookies and other technologies to collect information about our users' behavior and their devices (including, but not limited to, device IP address (collected and stored in anonymized form only), screen size, device type (unique device identifiers), browser information, location (country only), preferred language for viewing our website). Hotjar stores this information in a pseudonymized user profile. The information is neither used by Hotjar nor by us to identify individual users nor is it merged with other data about individual users. For more information, please see Hotjar's privacy policy: https://www.hotjar.com/legal/policies/privacy.

You can object to the storage of a user profile and information about your visit to our website by Hotjar as well as to the setting of Hotjar tracking cookies on other websites via this link: https://www.hotjar.com/legal/compliance/opt-out .

2.1.3. Processing for the purpose of advertising and retargeting on third party websites and social networks

1. When you visit our websites, we process your personal data for advertising measures in the form of remarketing, display advertising and social media ads.

2. We run marketing campaigns using tags (pixels) and cookies from our retargeting providers. When you visit our websites, tags and cookies are set and associated with content you have accessed. This enables us to document whether you have accessed our website via our advertising campaign and have registered. In addition, we play out advertising banners to users of Meta platforms (e.g. Facebook and Instagram) who have a similar profile to our previous customers and website visitors. For this we process:

- the type of website accessed,
- the product number accessed,
- the product number ordered, the sales value, the order number, preferences and
- cookie IDs.

We process your personal data on the basis of your consent within the meaning of Art. 6 (1) sentence 1 lit. a) DSGVO. If you do not wish to use the retargeting function, please click on the following link: Cookie settings

In connection with the use of Google Ads and Meta Platforms, Inc. (e.g. Facebook and Instagram), your personal data is transferred to the USA. This data transfer takes place on the basis of EU standard contractual clauses. This ensures adequate protection of your personal data.

For further details on data processing by retargeting providers, please refer to the corresponding data protection information:

Google: https://policies.google.com/privacy?hl=de
Explanation on the use of data from third parties by Google: https://policies.google.com/technologies/partner-sites
Meta: https://www.facebook.com/privacy/policy

3. When you have completed a ticket purchase with us, a cookie is set by Google Ads and Google Analytics 360. With the help of these cookies, individual recommendations for EVENTIM products and services can be displayed to you based on your purchase if you enter corresponding search terms in Internet search engines following your purchase (search engine marketing). Your personal data will be processed in the process. The processing is based on your consent within the meaning of Art. 6 (1) sentence 1 lit. a) DSGVO. If you wish to object to data processing by Google Ads and/or Google Analytics 360, please click on the following link: Cookie settings

In connection with the use of Google Ads and Google Analytics 360, your personal data will be transferred to the USA. This data transfer takes place on the basis of EU standard contractual clauses. This ensures adequate protection of your personal data.

For further details on data processing by Google Ads, please refer to the corresponding data protection information:

Google: https://policies.google.com/privacy?hl=de
Google Ads: https://policies.google.com/technologies/ads
Explanation on the use of data from third parties by Google: https://policies.google.com/technologies/partner-sites

4. We display advertisements, so-called social media ads, on Meta's social networks and apps, such as Facebook, Instagram or Messenger. If you have an account in these social networks and agree to the display of advertisements via your account settings in the social network, you will be shown corresponding recommendations on our products and services when using the social network. The recommendations are generated on the basis of your interests (e.g. "likes" of artists) stored in your public profile on Facebook or Instagram. In doing so, we process your public profile data. We show you individual advertisements on the basis of the interests you have entered in your public profile (e.g. "Likes" of artists). In particular, we process

- Your IP address,
- your device/cookie ID,
- page/feed activity,
- Internet speed,
- purchase activity and
- social connections,

in order to measure the success of the advertisement. We process your personal data on the basis of your consent within the meaning of Art. 6 (1) sentence 1 lit. a) DSGVO.

This involves the transfer of your personal data to the USA. This data transfer takes place on the basis of EU standard contractual clauses. This ensures adequate protection of your personal data.

For further details on data processing, we refer you to the data protection information of Facebook and Instagram:

Facebook: https://www.facebook.com/privacy/policy
Information about Facebook ads: https://www.facebook.com/about/ads/
Instagram: https://help.instagram.com/155833707900388

2.1.4. Use of cookies

1. Cookies might be stored on your computer when using the Ticket Shop. Cookies are small text files that are stored on your hard drive and are allocated to and saved by your browser. With the use of cookies, certain data flows to the party that set up the cookie. This information could also includes personal data, like your IP-adress. By using cookies it is e.g. possible for us to make our Ticket Shop easier to use and structure it more effectively. Cookies cannot run any programs or transmit any viruses to your computer. The Ticket Shop can be used without cookies. However, this may restrict the functionality of the Ticket Shop.

2. The cookie information (see cookie information) applies to the use of cookies at our Ticket Shop.

2.2. Collection of personal data

1. If you want to buy a ticket in the Ticket shop, you have to provide personal data to carry out the order. The mandatory fields in the input screen are marked accordingly.

2. Your personal data is processed in order to carry out the specific order with you. We use the data for contract execution and processing, on the basis of Art. 6 Para. 1 S. 1 lit. b) GDPR.

2.3. Ticket purchases

1. When you buy a ticket from the Ticket Shop, your personal data is processed to execute and settle your order. The processing is based on Art. 6 (1) Sentence 1 lit. b) GDPR in order to perform and settle the contract with you.

2. If you buy a ticket for another person (third party), the personal data of the third party provided by you is processed (name and contact data if applicable) in order to personalize the ticket. This data is processed on the basis of Art. 6 (1) Sentence 1 lit. b) GDPR in order to perform and settle the contract with you. If you provide the data of a third party, please ensure that the third party is sufficiently informed that its data will be processed by the Joint Controllers defined in Section 1.2 and that you are entitled to divulge this data.

3. When personalized tickets are issued, it is possible that special categories of personal data are processed, such as your health details, if you make the corresponding disclosures when purchasing a ticket and agree to this data being processed. This can include, for example, information that you use a wheelchair, have an allergy, food intolerance or are severely disabled. This data is processed to provide you access e.g. to select special price categories and accessibility to an event or special seats during the event. Your data is processed on the basis of your consent in accordance with Art. 6 (1) Sentence 1 lit. a) GDPR. You can revoke your consent at any time with future effect.

2.4. Notification emails upon the relocation / cancellation of events

You will be informed via email when events are relocated or cancelled. This involves the processing of your personal data. Your personal data is processed on the basis of Art. 6 (1) Sentence 1 lit. b) GDPR in order to perform and settle the contract with you.

2.5. Informational emails and newsletters

1. If you have purchased a ticket from us (Section 2.3.), we – CTS EVENTIM AG & Co. KGaA – may, at our sole responsibility, send you emails to inform you, for example, about directions, parking and specifications of the event organizer (e.g., bag size). For this purpose, we process your personal data on the basis of Art. 6 Para. 1 Sentence 1 lit. b) GDPR in order to perform the contract with you. It is possible that you will receive similar information from the organizer. Please inform yourself in the organizer's data protection about the precise processing of data by him (Allgäuer Schmetterling Erlebniswelt - Inh. Wolfgang Hartmann).

2. After purchasing a ticket, we, CTS Eventim AG & Co. KGaA, on our sole responsibility, may send you personalised mailings about similar events, services and promotions as well as birthday e-mails. Your e-mail address and past purchases via the EVENTIM.Light shop and possibly eventim.de are processed for this purpose. We process your personal data on the basis of our legitimate interests in informing you about changes to our products and services, advertising our products and services and carrying out marketing measures on the basis of Art. 6 Para. 1 Sentence 1 lit. f) GDPR.

Please inform yourself regarding this in the organizer's data protection declaration (Blackfired E.V.).

2.6. Customer service

1. You can contact us if you have queries relating to an event and your ticket purchase, wish to exercise your rights under this data protection information or would like to make a complaint. CTS EVENTIM AG & Co. KGaA is the joint responsible contact for any queries (see the contact details in 1.2).

2. Depending on the nature of your request, we respond to your query using your personal data that we have stored in our systems within the framework of processing other data (e.g. data that you have disclosed when purchasing the ticket).

3. Your personal data is processed on the basis of Art. 6 (1) Sentence 1 lit. b) GDPR in order to perform the contract with you. If you exercise your rights as the person affected by data processing, we process your personal data to meet a legal obligation on the basis of Art. 6 (1) Sentence 1 lit. c) GDPR. If you would like to obtain information or lodge a complaint, we process your personal data on the basis of Art. 6 (1) Sentence 1 lit. f) GDPR to pursue the legitimate interest of the Joint Controllers defined in Section 1.2 to respond to your complaint.

4. If you transmit health details to us in the course of your inquiry (e.g. information that you have a severe disability), we process this personal data only to the extent necessary to respond to your query and only when you have provided us with your express consent as defined by Art. 6 (1) Sentence 1 lit. a) GDPR. You can revoke your consent at any time with future effect.

2.7. Ticket returns

1. It is possible that your order needs to be canceled. In this case, your personal data is processed on the basis of Art. 6 (1) Sentence 1 lit. b) GPDR.

2. If you have disclosed special personal data as defined by Section 2.3.3 relating to you or third parties, we will process this data on the basis of your consent as defined by Art. 6 (1) Sentence 1 lit. a) GDPR for the purpose of canceling your ticket purchase. Section 2.3.3 applies accordingly.

2.8. Reminders, collections as well as the exercise and defense of legal claims

1. You will be informed by email, text message (SMS), by post, or by telephone of any open claims arising from the purchase of tickets. If necessary, you will be sent a reminder. To the extent that your payment remains outstanding, collection procedures will be initiated as a consequence.

2. Collection procedures are carried out by a collection agency commissioned for the purpose. Where required to execute the collection procedures, the collection agency will determine your address, access public registers for this purpose, and obtain other information about your person as necessary.

3. Your personal data will be processed on the basis of Art. 6 (1) Sentence 1 lit. b) GDPR for the purpose of performing and settling the contract with you and on the basis of Art. 6 (1) Sentence 1 lit. f) GDPR to pursue the legitimate interest of the Joint Controllers defined in Section 1.2 to prevent abuse of the Ticket Shop and exercise any legal claims, including the right of collection.

4. Within the course of a legal dispute with you, your personal data will be processed to exercise and/or defend the rights of the Joint Controllers defined in Section 1.2. To the extent necessary in the course of a legal dispute, data from other sources (e.g. public registers) will also be drawn on. Your personal data will be processed on the basis of Art. 6 (1) Sentence 1 lit. c) GDPR to fulfil a legal obligation and on the basis of Art. 6 (1) Sentence 1 lit. f) GDPR to pursue the legitimate interests of the Joint Controllers defined in Section 1.2 to assert, exercise and/or defend their legal interests.

2.9. Other processing

2.9.1. Executing internal audits and observing compliance regulations

1. Your personal data may be processed in the course of internal audits within the EVENTIM Group (see Section 1.3 No. 3) in Germany and abroad. In this regard, CTS EVENTIM AG & Co. KGaA may, at its sole responsibility, also draw on data that can be obtained from other publicly accessible sources (such as credit reporting agencies).

2. In some circumstances, your data may be processed in the course of compliance programs and measures when we implement the requirements of the German Corporate Governance Code (GCGC), for example, or identify misconduct in the organization and attempt to remedy this.

3. In the course of such processing it is possible that your personal data may also be processed. We process your personal data on the basis of Art. 6 (1) Sentence 1 lit. c) GDPR to fulfill our statutory duties. In addition, we process your personal data on the basis of Art. 6 (1) Sentence 1 lit. f) GDPR in order to pursue our legitimate interests of reviewing the processes and efficiency of the EVENTIM Group (see Section 1.3 No. 3), remedy any misconduct and fraud and, where applicable, assert and/or defend our legal rights.

2.9.2. Analyses

In some circumstances, CTS EVENTIM AG & Co. KGaA may, at its sole responsibility, conduct analyses of your data, which are processed as defined in Section 2 of this data protection information. These analyses serve CTS EVENTIM AG & Co. KGaA as a basis for business decisions, to improve our products and services, tailor the business to customer needs and carry out marketing campaigns. Your personal data is processed on the basis of Art. 6 (1) Sentence 1 lit. f) GDPR to pursue the legitimate interest of CTS EVENTIM AG & Co. KGaA to improve its offering. The analyses conducted on this basis do not contain any reference to individuals. Thus it is not possible for conclusions to be drawn about your person.

2.9.3. Whistleblowing system

You can report possible violations via our confidential reporting channels and thus contribute to their clarification. EVENTIM operates an independent, impartial and confidential whistleblower system for this purpose. If we receive reports, we process your personal data insofar as they are provided on the basis of our legal obligation within the meaning of Art. 6 Para. 1 Sentence 1 lit. c) GDPR. Investigations are always carried out with the utmost confidentiality and with due regard for the anonymity of the whistleblower. Information is processed in a fair, expeditious and protected procedure. Further information: https://corporate.eventim.de/en/company/compliance/

3. Retention and erasure of your personal data

1. Your personal data is stored for as long as, and to the extent necessary, it is required to realize the purposes for which it is processed (Section 2).

2. As soon as your data is no longer needed for the purposes stated in Section 2, CTS EVENTIM AG & Co. KGaA retains your personal data for the period in which you could exercise claims against the Joint Controllers defined in Section 1.2 and/or for the period in which Joint Controllers defined in Section 1.2 could establish claims against you (this is generally three years according to the statute of limitations, beginning at the end of the year in which the claim arises, e.g. the end of the year in which the ticket transaction took place).

3. In addition, your personal data is stored for as long as, and to the extent necessary, the Joint Controllers defined in Section 1.2 are legally obliged to store it. The corresponding obligations to provide evidence and retain it arise from the German Commercial Code (HGB), the German Fiscal Code (AO) and the Money Laundering Act (GWG), among others (e.g., Sec. 257 HGB, Sec. 147 AO). The associated retention obligations can range up to ten years.

4. Categories of recipients of personal data

1. If you purchase tickets in the Ticket Shop (Section 2.3) we process your personal data under the joint responsibility of our partners (Section 1.2). We transmit your personal data on the basis of the agreement entered into with our partners (Art. 26 in conjunction with Art. 6 (1) Sentence 1 lit. b) GDPR) and based on Art. 6 (1) Sentence 1 lit. b) GDPR, to perform our contract with you. Reference is made to the data protection information of our partners with regard to the processing of data by our partners that they perform at their own responsibility.

2. Your personal data is transmitted to other companies in the EVENTIM Group (see Section 1.3 No. 3) within the framework of a collaborative process relating to the provision, execution and management of the Ticket Shop, including the guest account. Such data transmission is performed on the basis of Art. 6 (1) Sentence 1 lit. f) GDPR to pursue the legitimate interest of CTS EVENTIM & Co. KGaA to execute your order and perform internal administrative activities efficiently and in a collaborative process as well as improve our products and services.

3. In addition, your personal data will be transmitted to IT service providers who provide the platforms, databases and tools for the products and services (e.g. the Ticket Shop) and generate analyses of user patterns in the Ticket Shop. Your personal data is transmitted on the basis of Art. 6 (1) Sentence 1 lit. b) GDPR for the purpose of performing the contract with you as well as on the basis of Art. 6 (1) Sentence 1 lit. f) GDPR to pursue the legitimate interests of the Joint Controllers defined in Section 1.2 to improve the products, as well as on the basis of Art. 6 (1) Sentence 1 lit. a) GDPR in those cases where you have provided us with your consent to process your personal data. You can revoke your consent at any time with future effect.

4. Various payment methods are offered to you when you purchase a ticket. Depending on the payment method you choose, your personal data will be transmitted to banks, payment service providers, financial service providers and credit card companies in order to settle the payment and, if necessary, reimburse the purchase price. Your personal data is transmitted on the basis of Art. 6 (1) Sentence 1 lit. b) GPDR in order to settle the ticket purchase and reimburse it in the case of cancellation.

5. We transmit your personal data to KPS-Payment Verwaltungs-GmbH to perform the contract with you and, in particular, settle the payments. Your personal data is transmitted on the basis of Art. 6 (1) Sentence 1 lit. b) GDPR to perform the contract with you and on the basis of Art. 6 (1) Sentence 1 lit. f) GDPR to pursue the legitimate interests of the Joint Controllers defined in Section 1.2 to perform the contract efficiently, particularly the settlement of payments, and structure it in a collaborative manner.

6. If you have selected “PayPal” as a payment method, your personal data will be processed in accordance with the payment method you have selected to settle the payment. This involves transmission of your personal data to the USA. With regard to the USA, the EU Commission has not come to the conclusion that it has reached an appropriate level of data protection as defined by the GDPR. Such an adequacy decision (Art. 45 GDPR) does not exist. However, the transmission of your data is conducted on the basis of Art. 6 (1) Sentence 1 lit. b) GDPR in conjunction with Art. 49 (1) Sentence 1 lit. b) and c) GDPR for the purpose of performing the contract with you.

7. If you fail to satisfy your payment obligations, collection procedures may be initiated (Section 2.7). In this case, your personal data will be transmitted to the collection agency commissioned to carry out the collection procedure. Your personal data will be processed on the basis of Art. 6 (1) Sentence 1 lit. b) GDPR for the purpose of performing and settling the contract with you and on the basis of Art. 6 (1) Sentence 1 lit. f) GDPR to pursue the legitimate interest of the Joint Controllers defined in Section 1.2 to exercise legal claims, including the right of collection.

8. In the case of legal disputes, we transmit your data to the applicable court and, if you engage a lawyer, to the lawyer as well in order to conduct the litigation. We process your personal data on the basis of Art. 6 (1) Sentence 1 lit. c) GDPR to fulfil a legal obligation and on the basis of Art. 6 (1) Sentence 1 lit. f) GDPR to pursue the legitimate interests of the Joint Controllers defined in Section 1.2 to establish, exercise and/or defend their legal interests.

9. Other than the cases listed above, your personal data will be transmitted only when there is a legal obligation to do so. Transmission is based on Art. 6 (1) Sentence 1 lit. c) GDPR (e.g. to the police authorities during a criminal investigation or to the data protection supervisory authorities).

5. Legitimate interests to data processing and right to object

1. CTS EVENTIM AG & Co. KGaA and Blackfired E.V. process your personal data as defined by Section 2 on Contrescarpe 75A of legitimate interests, in particular to ensure IT 28195 Bremenop, to prevent fraud and abuse, to assert, exercise and defend legal interests (if necessary, also by taking court action) and to carry out internal administrative activities efficiently and in a collaborative process as well as to possibly carry out marketing measures. Information about the weighing up of interests can be obtained via:

To this extent, CTS EVENTIM AG & Co. KGaA is the joint contact for any queries.

Where your personal data are processed on the basis of these legitimate interests (Art. 6 (1) Sentence 1 lit. f) GDPR) you have the right to object to data processing at any time. We will respect your objection unless there are overriding reasons as defined by Art. 21 GDPR not to do so. If the personal data relating to you are processed for direct marketing purposes, you have the right to object to the processing of your personal data for the purpose of such advertising at any time (Art. 21 Para. 2 GDPR). To this extent, CTS EVENTIM AG & Co. KGaA is a joint contact for any queries. Please address your request:

  • by email: service@eventim-light.de

  • by phone: +49 (0)40 - 555 558 826 (Local rate)

  • in writing to CTS EVENTIM AG & Co. KGaA, Data privacy, Head Office: Hohe Bleichen 11, 20354 Hamburg, Postal Address: Contrescarpe 75 A, 28195 Bremen.

2. If you object to processing of your data pursuant to Section 5 No.2, we will process your personal data collected in this context to the extent needed to address your request. In this case your personal data are processed on the basis of Art. 6 (1) Sentence 1 lit. c) GDPR to meet a legal obligation.

6. Consent and withdrawal of consent

1. If you have provided us with your consent to the processing of your personal data, you may withdraw this consent at any time. The withdrawal applies to the future. The lawfulness of the processing of personal data prior to the date of withdrawal remains unaffected. To this extent, CTS EVENTIM AG & Co. KGaA is a joint contact for any queries. Please address your withdrawal of consent:

  • by email: service@eventim-light.de
  • by phone: +49 (0)40 - 555 558 826 (Local rate)
  • in writing to CTS EVENTIM AG & Co. KGaA, Data privacy, Head Office: Hohe Bleichen 11, 20354 Hamburg, Postal Address: Contrescarpe 75 A, 28195 Bremen.

2. If you withdraw your consent to processing of your data, we will process your personal data collected in this context to the extent needed to address your request. In this case your personal data are processed on the basis of Art. 6 (1) Sentence 1 lit. c) GDPR to meet a legal obligation.

7. Your rights

1. Under the terms of the GDPR, you have the right to demand, at any time, that we

  • inform you of the personal data relating to you that we are processing (Art. 15 GDPR)
  • rectify personal data relating to you that is inaccurate (Art. 16 GDPR) and/or
  • erase your personal data (Art. 17 GDPR), restrict it (Art. 18 GDPR) and/or release it (Art. 20 GDPR).

2. CTS EVENTIM AG & Co. KGaA is the joint contact for any queries. Please address your request:

  • by email: service@eventim-light.de
  • by phone: +49 (0)40 - 555 558 826 (Local rate)
  • in writing to CTS EVENTIM AG & Co. KGaA, Data privacy, Contrescarpe 75 A, 28195 Bremen.

3. If you assert your rights towards us, we will process your personal data collected in this context to the extent needed to address your request. In this case your personal data are processed on the basis of Art. 6 (1) Sentence 1 lit. c) GDPR to meet a legal obligation.

4. Notwithstanding your rights under Section 7, you have the right to lodge a complaint with a supervisory authority for data protection if you are of the opinion that the processing of your personal data in accordance with this data protection information breaches the terms of the GDPR (Art. 77 GDPR).

8. Miscellaneous

1. The provisions of this data protection information (which can be accessed free of charge on this website) including the cookie information (which can be accessed free of charge on this website) apply in the version valid at the time of using the Ticket Shop.

2. We reserve the right to supplement and amend the contents of this data protection information. The updated data protection information applies from the date on which it is published on this website.

3. You will be informed in good time of such supplements and amendments on this website and, if your contact data are already on our files, you will be informed via email or by standard mail. You will be given the opportunity to view, print and store the amended data protection information at no charge.

9. Contact details of the data protection officer

For CTS EVENTIM AG & Co. KGaA:

Data protection officer
CTS EVENTIM AG & Co. KGaA
Head Office: Hohe Bleichen 11, 20354 Hamburg
Postal Address: Contrescarpe 75 A, 28195 Bremen
Email: datenschutz@eventim.de

With regard to Blackfired E.V., we refer to the data protection information of our partner.

Cookie Information

Scope of application

This cookie information provides more specific data protection information as required by Section 2.1.3. about the use of cookies of CTS EVENTIM AG & Co. KGaA on this website, referred to here as “Eventim”“we” or “us“.

General information on cookies

“Cookies” are small text files which are saved in the browsers of your end devices when you visit this website. Cookies can save and track your actions and settings in our website for the duration of the browser session and, in some cases, beyond this. Cookies also enable the recognition of your browser. For instance, after leaving the website, the content of your shopping basket is reconstructed or events recently viewed are displayed again.

Types of cookies used

First-party cookies:

On the one hand, we use first-party cookies, i.e. cookies placed by our server on our websites and which can only be accessed via our server.

Third-party cookies:

On the other, this website also incorporates third-party cookies which are placed by servers of others and/or this website or domains and that can be read by third parties. With these cookies, your browser can be tracked beyond this website, for instance so as to be able to display Eventim advertisements on the websites of our partner companies.

Storage period of cookies

Session cookies:

Some of the cookies we use are session cookies, i.e. cookies which are only stored for the duration of your visit to this website.

Persistent cookies

We also use persistent cookies which stay saved on your browser after the session and are automatically deleted after a predefined expiry date.

Purposes of using cookies

Necessary cookies:
We use cookies that are necessary for the operation of the website and that enable you to use certain functions in order to use the website. In addition, we use cookies to enable you to perform certain functions by automatically detecting your browser. These include, for example, the automatic recognition and setting of the language and the restoration of the content of completed forms.

Analytical Cookies
These cookies enable us to count visitors and traffic sources so that we can measure the use of our website and thus improve performance. They help us to analyze which pages are viewed most frequently and least frequently, and how visitors move around our website. If you are logged into your personal Google profile while surfing on our website, we also analyze demographic data such as age, gender and interests based on Google search behavior. This helps us to optimize the website for you and to provide relevant content for you. All information these cookies collect is aggregated and is therefore anonymous.

Marketing Cookies
These cookies are used to display personalized advertising based on your surfing behavior on our website. By deactivating these cookies, you may see advertisements that are less interesting for you.

Cookie settings by users

Via your browser settings you can limit or completely prevent the storage of (certain) cookies for all websites and delete any cookies that have already been saved. For more information about this please consult the instruction manual or help functions of your browser.

This website can in principle still be visited and used after restricting/deactivating cookies in the browser settings. However, please note that in particular the complete deactivation of cookies can limit the functionalities of this website.

Cookie Table

Overview of the cookies used

When operating this website, we use different cookies, as described here. The following table clearly lists the cookies used.

Provider Cookie name Description Period of storage
Google Inc. _gat_UA-xxxxxxxx-xx Google TagManager max 12 months
Google Inc. _gid Google Analytics Tracking - Differentiation of visitors max 12 months
Google Inc. _ga Google Analytics Tracking - Differentiation of visitors max 12 months
Google Doubleclick IDE Contains a randomly generated user ID. Using this ID, Google can recognize the user across different domains across different websites and displays personalized advertising. 14 months
Google Doubleclick test_cookie Is set to check whether the browser allows cookies to be set. Does not contain any identification characteristics. session
Hotjar _hjIncludedInSample This session cookie is set to inform Hotjar if this visitor is included in the sample used to generate funnels. max 12 months
Hotjar _hjClosedSurveyInvites This cookie is set when a visitor interacts with a modal survey invitation pop-up. It is used to ensure that the same invitation does not reappear if it has already been displayed. max 12 months
Hotjar _hjDonePolls This cookie is set when a visitor completes a survey using the Feedback Poll widget. It is used to ensure that the same survey does not appear again if it has already been completed. max 12 months
Hotjar _hjMinimizedPolls This cookie is set when a visitor minimizes a Feedback Poll widget. It is used to ensure that the widget remains minimized when the visitor navigates through your website. max 12 months
Hotjar _hjDoneTestersWidgets This cookie is set when a visitor submits their information in the Recruit User Testers widget. It is used to ensure that the same form does not reappear if it has already been filled out. max 12 months
Hotjar _hjMinimizedTestersWidgets This cookie is set when a visitor minimizes a Recruit User Testers widget. It is used to ensure that the widget remains minimized when the visitor navigates through your website. max 12 months
Hotjar _hjShownFeedbackMessage This cookie is set when a visitor minimizes or adds to the incoming feedback. This is done so that the incoming feedback is immediately loaded as minimized when they navigate to another page where it should be displayed. max 12 months
Hotjar _hjid This cookie is set when the client lands on a page for the first time using the Hotjar script. It is used to retain the random user ID that is unique to that website in the browser. This ensures that behavior on subsequent visits to the same website is associated with the same user ID. max 12 months

Date: 01.10.2024