1. Responsible

Responsible for data processing on this website in accordance with national data regulations (DSG), the European General Data Protection Regulation (GDPR), and other data protection regulations is 

 Spark Service GmbH
Rainerstraße 34
5310 Mondsee, Austria
E-Mail: info@agency-spark.com
Website: https://www.event24.com 

 

2. Categories of personal data 

 Personal data includes all information that relates to an identified or identifiable natural person (i.e., a human being) (Art. 4 (1) GDPR). Examples of personal data include your name, age, address, phone number, birth date, email address, or IP address. Information that cannot be linked to your person (or only with disproportionate effort), such as through anonymization, is not considered personal data. We only process personal data that you enter on our website or transmit to us in other ways and that are necessary for the performance and handling of our services. 

Special categories of personal data (also known as “sensitive” data) is information revealing racial or ethnic origin, political opinions, religious or philosophical beliefs, or trade union membership, as well as the processing of genetic data, biometric data for uniquely identifying a natural person, health data, or data concerning a person’s sex life or sexual orientation (Art. 9 GDPR). We do not collect, process, or use special categories of personal data without your explicit consent. 

 

3. For which purposes and on what legal basis is your personal data used?

We collect, process, and use your personal data only: 

• to fulfil a contract or pre-contractual measures 

• with your consent 

• to safeguard our legitimate interests, or 

• when a legal obligation or permission exists 

The processing of personal data (e.g., collection, querying, use, storage, or transmission) always requires a legal basis. If you provide us with data about other people (e.g., family members, representatives, or other associated persons), we assume that you are authorized to do so, that the data is correct, and that you have ensured that these individuals are informed about this disclosure, where a legal duty to inform exists (e.g., by providing them with this privacy policy in advance). 

If your consent is required for data processing, we will only process and/or use your personal data after obtaining your consent. By giving your consent, you confirm that you are at least 16 years old or have the consent of your legal representative. You can withdraw your consent at any time with future effect. 

Your data will be stored in a personally identifiable form only as long as necessary for the purposes for which it is processed or until any statutory retention periods expire. 

 

3.1. Contract Fulfilment (Art. 6 (1) b GDPR) 

 You enter into a contract with us when you, for example, register for an event. During this registration, we ask for your personal data, such as your name, address, phone number, and email address. This data is necessary solely for the purpose of executing the resulting contractual relationship and is collected and processed by us based on statutory permissions to fulfil this contract. If you do not provide the data required for event registration, this contract cannot be concluded, and your registration cannot be carried out. 

 

a. Registration/creating a user account

 On our website or those of our processors, we offer you the opportunity to register by providing personal data. We use the processed data to create a personalized user account for you, which you can use to access specific content and services such as event information and the ability to register and deregister for events on our website. We process your email address to send you new access data if you forget them. 

 

b. Contact Form

On our website or those of our processors, we offer you the opportunity to communicate with us via a provided contact form and to handle your request. If you use the contact form, the following personal data will be processed:  

• salutation 

• first and last name 

• email address 

• content of your message 

The personal data you provide on the registration page is required for fulfilling a contract or responding to pre-contractual inquiries, handling an event, particularly invitations to the event and/or the registration process for the event. Your personal data will also be processed for communication related to registration (e.g., sending registration confirmations, seat reservations, etc.). By registering third parties for the event, you expressly declare that you are authorized to carry out the registration and provide a corresponding declaration of consent for data processing and receiving emails. 

 

3.2. Use of personal data based on your consent (Art. 6 (1) a GDPR) 

 a. Use of personal data for Marketing purposes

 Your data will be used for marketing purposes, particularly by sending information for advertising purposes via fax, mail, email, or any other form of transmission, only with your explicit prior consent. You can revoke this consent at any time, whereby the personal data processed until the revocation is considered to have been processed lawfully. 

 

b. Registration for Newsletters (Art. 6 (1) a GDPR)

 If you have registered for a newsletter, the personal data you provide will be used solely for the personalized delivery of the newsletter by email. You must explicitly consent to the delivery using the “double opt-in” procedure. 

 

3.3. Processing to safeguard our legitimate interests (Art. 6 (1) f GDPR) 

The processing of your personal data based on a legitimate interest of the controller occurs only in selected situations. You will be informed accordingly in each situation. For example, we have a legitimate interest in public relations and press work, representing our company’s activities, and promoting our brand awareness. Therefore, film and image material may be created at selected events and published on our social media channels and print media. You have the right to object to this processing at any time. 

 

4. Data sharing with Third Parties

We share your personal data with third parties only, if: 

• you have given your explicit consent 

• it is necessary to fulfil a contractual relationship 

• there is a legal obligation to share the data 

• our legitimate interests as the controller or the legitimate interests of a third party are safeguarded, or the data transfer is necessary for the assertion, exercise, or defence of legal claims, and there is no reason to assume that you have an overriding legitimate interest in the non-disclosure of your data 

For example, your data may be shared with service providers contracted by us (so-called processors), who may only use your personal data to fulfil their tasks. These processors are carefully selected by us and contracted in writing based on a processing agreement. They are bound by our instructions and regularly monitored by us. Any other use of the information is not permitted and does not occur with any of our contracted service providers. 

 

5. Acting as a Data Processor

In cases where we act only as a processor for our clients, they are considered the controllers for data processing, and their privacy policies or information should be observed. 

 

6. Transfer to Third Countries

 If we process data in a third country, this occurs within the scope of using processors or disclosing data to other individuals or companies. This data transfer is based only on the legal bases mentioned above. Subject to explicit consent or contractual necessity, we process or allow the data to be processed in compliance with Art. 44-49 GDPR only in third countries with an adequate level of data protection or based on specific guarantees. Such guarantees include, for example, contractual obligations through so-called standard contractual clauses of the EU Commission, existing certifications, or binding internal data protection regulations. 

 

7. Data processing on our website

 

7.1. Log files 

 For security reasons and to maintain the stability and data security of the operating system, the following data is stored on the servers of our IT service provider when accessing our website: 

• your IP address 

• the page accessed 

• browser and referrer, and 

• date and time of the request

This information is automatically transmitted by your browser (e.g., Chrome, Firefox, Safari, etc.) during your visit to the IT service provider. The IT service provider reserves the right to review the data retrospectively if there are concrete indications of illegal use. The log files are deleted after a maximum of 2 years. A personal evaluation of this data does not take place. 

 

7.2. Cookies 

We use cookies on our website. Cookies are small files that are sent to your device’s browser during your visit to our website and stored there. Some functions of our website cannot be offered without the use of technically necessary cookies. Other cookies enable us to perform various analyses. For example, cookies can recognize the browser you use on your next visit to our website. Using cookies, we can make our website more user-friendly and effective, track your usage of our website, and determine your preferred settings (e.g., country and language settings). If third parties process information via cookies, they collect the information directly through your browser. Cookies do not harm your device. They cannot run programs and contain no viruses. 

Various types of cookies are used on our website. Most of the cookies used are so-called “session cookies,” which are only stored on your device for a short time and are automatically deleted after your visit. Their type and function are explained below: 

 

a. Transient Cookies 

 Transient cookies are automatically deleted when you close your browser. This type of cookie allows the capture of your session ID. This enables different requests from your browser to be assigned to a common session, allowing us to recognize your device during subsequent visits within a session. 

 

b. Persistent Cookies

Persistent cookies are cookies stored in your browser for a longer period and transmit information to us. The storage duration varies depending on the cookie. You can delete persistent cookies yourself through your browser settings. 

 

c. Necessary Cookies 

 These cookies are needed for technical reasons to visit our website and use the functions we offer. Details can be found in our cookie policy. 

 

d. Performance Cookies 

 These cookies allow us to analyse website usage and improve our website’s performance and functionality. They collect information about how visitors use our website, which pages are visited most frequently, or if error messages appear on certain pages. They also help ensure the secure and compliant use of the website. 

 Due to the purposes described, we have a legitimate interest under Art. 6(1)(f) GDPR in processing your personal data via cookies on our website. 

 If you have agreed to the use of cookies via a “cookie banner” on our website, your consent pursuant to Art. 6 (1) a GDPR also serves as the basis for the lawful processing of your personal data. 

 Once the personal data transmitted to us via cookies is no longer necessary for achieving the purposes described above, this information will be deleted. Further storage will only occur in individual cases if required by law. 

 

7.3. Tracking/Analysis Tools 

We use tracking and analysis tools to ensure the continuous optimization and user-friendly design of our website. These tracking measures also enable us to statistically record the use of our website by visitors and further develop our online offerings based on the insights gained. The use of tracking and analysis tools and their respective purposes are described in our cookie policy and are justified to safeguard our legitimate interests pursuant to Art. 6 (1) f GDPR. 

If you have agreed to the use of cookies via a “cookie banner” on our website, your personal data is lawfully processed based on your consent pursuant to Art. 6 (1) a GDPR. 

 

8. Data Subject Rights

Since we process your personal data, you have several rights as a data subject:

a. The Right to Access (Art. 15 GDPR)

 You can request information about your personal data that we process. Specifically, you can request information about the processing purposes, the categories of personal data, the categories of recipients to whom your data has been or will be disclosed, the planned storage duration, the existence of a right to rectification, erasure, restriction of processing or objection, the existence of a right to lodge a complaint, the origin of your data if it was not collected by us, and the existence of automated decision-making including profiling and, if applicable, meaningful information about the details. 

 

 b. The Right to Rectification (Art. 16 GDPR)

You can request the immediate correction of incorrect data concerning you or the completion of your personal data stored with us. 

 

 c. The Right to Erasure (Art. 17 GDPR)

 You can request the deletion of your personal data stored with us under certain circumstances. This applies if the processing is not necessary for exercising the right to freedom of expression and information, for compliance with a legal obligation, for reasons of public interest, or for the establishment, exercise, or defence of legal claims. 

 

 d. The Right to Restriction of Processing (Art. 18 GDPR)

You can request the (temporary) restriction of the processing of your personal data. This applies if you contest the accuracy of the data, if the processing is unlawful, but you oppose its erasure, if we no longer need the data, but you need it for the establishment, exercise, or defence of legal claims, or if you have objected to the processing pursuant to Art. 21 GDPR. 

 

e. The Right to Data Portability (Art. 20 GDPR)

 You can request to receive your personal data that you have provided to us in a structured, commonly used, and machine-readable format or to have it transmitted directly to another controller. However, this only applies to personal data processed based on your consent or a contract using automated means. 

 

f. The Right to Object (Art. 21 GDPR)

You can object to the processing of your personal data if it is processed based on our legitimate interests and if there are reasons arising from your particular situation, or if the objection is against direct marketing. In the latter case, you have a general right to object without providing a specific situation, which we will implement. 

 

g. The Right to Withdraw Consent (Art. 7 (3) GDPR)

You can withdraw your consent to data processing at any time. This means that we will no longer continue the data processing based on this consent in the future. Among other things, you have the option to withdraw your consent to the use of cookies on our website with future effect by accessing our cookie settings. 

 

h. The Right to Lodge a Complaint with a Supervisory Authority (Art. 77 GDPR)

If you suspect that we are processing your personal data unlawfully, you can lodge a complaint with the data protection authority. 

 

Österreichische Datenschutzbehörde
Barichgasse 40-42
A-1030 Wien
Telefon: +43 1 52 152-0
E-Mail: dsb@dsb.gv.at
Website: https://www.dsb.gv.at/ 

  

For further data protection questions, we are happy to assist you. Just send an email to: info@agency-spark.com