Back

Data protection declaration in accordance with Art. 13 GDPR - fulfilment of information obligations

Thank you for visiting eventim.cz!

Our privacy policy provides detailed information about data processing when using the eventim.cz website. The legal basis for this processing is the General Data Protection Regulation (hereinafter referred to as ‘GDPR’) and the Czech law on the processing of personal data (Zákon č. 110/2019 Sb).

Further information on data processing at the controller's company can be found here: https://www.oeticket.com/en/help/data-protection.

  1. Data Controller

    In accordance with Article 4 (7) of the EU General Data Protection Regulation (GDPR), the designated data controller is

    CTS Eventim Austria GmbH
    Mariahilfer Straße 41-43
    A-1060 Vienna
    Tel: +43 1 589540
    Fax: +43 1 5852323
    Email: datenschutz@eventim.at

  2. Data subjects & data categories

    The following data is processed from private customers (ticket purchasers and users with their own Oeticket account): login data (user name, password), title, names, address data and email address, date of birth (voluntary disclosure), telephone number, payment data.

    The following data is processed from business customers (companies, groups, schools): company name, name of contact persons, professional address and contact details, bank details and contract data.

    We process and publish the names of authors upon request. As soon as the use of the works is discontinued, the personal data is automatically deleted.

  3. Transfer of data

    Personal data will only be passed on to third parties if this is necessary for the purpose of contract processing and fulfilment or if required by law.

  4. Storage/deletion of data

    • Contractual retention obligations: We will delete or anonymise your data after the expiry of contractually agreed periods.
    • Withdrawal of consent: If you withdraw your consent to the processing of your personal data, we will delete or anonymise your data unless there is another legal basis for the processing.
    • Statutory retention obligations: In order to comply with statutory retention periods (e.g. on the basis of tax laws or accounting regulations), we are obliged to continue to store personal data for a period specified by law even after the end of the contract or revocation of consent. After these periods have expired, we will delete or anonymise your data.

  5. Contact

    If you contact us by email, telephone, contact form or via social media, we will store the data you provide in order to respond to your enquiry. Once processing has been completed, we will delete the data or restrict its processing in accordance with the applicable statutory retention obligations.

    Legal basis: Art. 6 para. 1 lit. f GDPR (legitimate interest)

  6. Legal basis

    The legal basis for data processing is

    • Consent in accordance with Art. 6 para. 1 lit. a GDPR (e.g. when processing your e-mail address for advertising purposes).
    • the initiation and fulfilment of the contract pursuant to Art. 6 para. 1 lit. b GDPR.
    • legal obligations pursuant to Art. 6 para. 1 lit. c GDPR (e.g. statutory retention and documentation obligations, publication obligations under copyright law).
    • legitimate interests of our company pursuant to Art. 6 para. 1 lit. f GDPR (e.g. use of software).

  7. Data processing when using our website

    7.1 Informational use of the website

    When using the website for information purposes only, we only collect the personal data that your browser transmits to our server (server log files). If you wish to view our website, we collect at most the data that is technically necessary for us to display our website to you and to ensure stability and security:

    • IP address
    • Date and time of the enquiry
    • Time zone difference to Coordinated Universal Time (UTC)
    • Content of the request (specific page)
    • Access status/HTTP status code
    • Website from which the request comes
    • Browser
    • Operating system and its interface
    • Language and version of the browser software.

    This data is not merged with personal data sources. We reserve the right to check this data retrospectively if we become aware of specific indications of unlawful use and to pass the data on to the law enforcement authorities.

    Legal basis: Art. 6 para. 1 lit. f GDPR (legitimate interest)

    7.2 Cookies

    Cookies are stored on your computer when you use our website. Cookies are small text files that are stored on your hard drive assigned to the browser you are using and through which certain information flows to the organisation that sets the cookie (in this case, us or a third-party provider). Cookies cannot execute programmes or transmit viruses to your computer.

    The cookie allows you to be recognised when you visit the website without having to re-enter data that you have already entered.

    The information contained in the cookies is used, for example, to determine whether you are logged in or what data you have already entered, or to recognise you as a user when a connection is established between our web server and your browser.

    We distinguish between technical cookies that are used exclusively to ensure the operation of a website and other cookies that are set by us or third-party providers for the purpose of statistical analyses, tracking or advertising/marketing.

    Legal basis: Art. 6 para. 1 lit. f GDPR (for technical cookies), Art. 6 para. 1 lit. a GDPR (for all other cookies)

    7.3 Data processing in a third country

    It cannot be ruled out that personal data may be transferred to an unsafe third country (countries outside the EEA without an adequate level of data protection) when you visit our website. If this is the case, we will point this out directly in the description of the external service in this privacy policy.

    The GDPR requires so-called appropriate safeguards in accordance with Art. 46 GDPR for data transfers to an unsafe third country or to an international organisation.

    When personal data is processed in a third country or by US data recipients who are not subject to the provisions of the EU-US Data Privacy Framework, the following risks in particular cannot currently be ruled out for you as the data subject:

    Your personal data may be passed on by the respective service provider to other third parties beyond the actual purpose of fulfilling the order.

    You may not be able to assert or enforce your rights to information against the respective service provider in the long term.

    There may be a higher probability of incorrect data processing, as the technical and organisational measures for the protection of personal data do not fully meet the requirements of the GDPR in terms of quantity and quality.

    By giving your consent via the consent banner to the use of external services and to the setting of the corresponding cookies, you expressly consent to the possible transfer of your personal data to unsafe third countries.

    Legal basis: Art. 6 para. 1 lit. a GDPR (consent)

    7.4 Registration and login (Keycloak)

    You can register and create a customer account in our web shop or via our mobile app. This allows you to purchase tickets, save events and artists as favourites, find out about upcoming events, participate in exclusive pre-sales and manage your newsletter settings.

    Registration is carried out via a central authentication system (Keycloak). Authentication is carried out by default using your email address and a password of your choice. The following information is required when registering: title, name, address, email address and telephone number. You can voluntarily provide additional information such as your date of birth, company or mobile number. A customer number is also generated and assigned to your account.

    Instead of a traditional registration, you also have the option of logging in via an existing social media account (e.g. Facebook) (single sign-on). This gives us access to your profile data stored with this provider (public information, first name, last name, email address). The data is transferred on the basis of your consent during the respective login process.

    You can activate a permanent login using the ‘stay logged in’ function. This involves storing a cookie on your device that keeps you logged in on the same device for up to six months. This option is voluntary and requires your express consent. For security-related actions – such as purchasing/downloading tickets or changing contact details – additional authentication by re-entering your password is required.

    You can view and edit your login details and personal information at any time in the ‘My OETICKET’ area.

    Legal basis:

    • Art. 6 para. 1 lit. b GDPR (contract initiation and fulfilment) – creation and use of the customer account.
    • Art. 6 para. 1 lit. a GDPR (consent) – for permanent login (‘stay logged in’ function) and the transfer of personal data when logging in via social media providers.
    • Art. 6 para. 1 lit. f GDPR (legitimate interest) – to safeguard our legitimate interest in secure, user-friendly authentication and efficient management and support of customer accounts.

    7.5 Ticket purchase in the web shop

    When purchasing tickets in our web shop, the following data must be provided: title, name, address, email address, telephone number and the selected payment method (credit card, PayPal, EPS online transfer, Apple Pay, Google Pay, Tink). We do not pass on your data to external payment service providers; it must be entered by the purchaser. The payment service providers process this data as independent controllers. You can voluntarily provide your date of birth. We use this information to send you a surprise on your birthday, provided you have also subscribed to the newsletter.

    If you purchase a ticket for a third party, we will process the personal data of the third party that you provide for personalisation and, if necessary, for sending the ticket to them. Please ensure that the third party has been informed about the data processing and that you are authorised to provide their data.

    We store your purchases and all associated transactions until the expiry of the statutory retention periods.

    Legal basis: Art. 6 para. 1 lit. b GDPR (contract initiation and fulfilment)

  8. Data processing for Google services

    We use services provided by Google Ireland Limited (‘Google’), a company registered and operating under Irish law with its registered office at Gordon House, Barrow Street, Dublin 4, Ireland, on our website.

    For more information, please refer to Google's privacy policy at https://policies.google.com/privacy?hl=en.

    8.1 Google AdSense

    Our website uses Google AdSense, a service for integrating advertising. Google AdSense enables us to generate revenue by placing advertisements on our website. The advertisements are automatically selected by Google based on the content of our website and the interests of visitors.

    When you use Google AdSense, various data is collected, including cookies, web beacons and usage data. Web beacons are invisible graphics that also collect information about your use of our website. Usage data includes information about the web pages you visit, the ads you click on, your IP address, your browser type and your language settings.

    The collected data is used to measure the effectiveness of advertisements, optimise ad content and compile reports on website activity. This information may also be combined with other data that Google has collected about you.

    You can prevent the cookies mentioned above from being stored on your PC by adjusting your Internet browser settings accordingly. However, this may mean that you will no longer be able to use the content of this website to the same extent. By using this website, you consent to the processing of data about you by Google in the manner and for the purposes set out above.

    Legal basis: Art. 6 para. 1 lit. a GDPR (consent)

    8.2 Google Ads Conversion Tracking

    This website uses Google Conversion Tracking. Google Ads places a cookie on your computer if you have reached our website via a Google ad. These cookies expire after 30 days and are not used for personal identification. The information collected using the conversion cookie is used to compile conversion statistics for us. We learn the total number of users who clicked on our ad and were redirected to our page with a conversion tracking tag. However, we do not receive any information that can be used to personally identify users. If you do not wish to participate in the tracking process, you can also refuse the necessary cookie by, for example, using your browser settings to disable the automatic setting of cookies. You can also disable cookies for conversion tracking by setting your browser to block cookies from the domain ‘www.googleadservices.com’.

    If you use SSL search, Google's encrypted search function, the search terms are usually not sent as part of the URL in the referral URL. However, there are some exceptions to this, for example if you use certain less common browsers. For more information about SSL search, please visit: https://support.google.com/websearch/answer/173733?hl=en.

    Search queries or information in the referrer URL may also be viewed via Google Analytics or an Application Programming Interface (API). In addition, advertisers may receive information about the exact search terms that triggered a click on an ad.

    For more details, please refer to Google's FAQ: https://policies.google.com/faq?hl=en

    Legal basis: Art. 6 para. 1 lit. a GDPR (consent)

    8.3 Google Analytics

    We use Google Analytics on our website, a tool that helps us to understand how our website is used. With Google Analytics, we can see how many people visit our site and how long they stay.

    This website uses the function "Activation of IP anonymisation" (i.e. Google Analytics has been extended by the code "gat._anonymizeIp();" to ensure anonymised collection of IP addresses (so-called IP masking)). As a result, your IP address will be truncated by Google within member states of the European Union or in other signatory states to the Agreement on the European Economic Area. Only in exceptional cases will the full IP address be transmitted to a Google server in the USA and truncated there.

    Google uses the information collected to analyse your use of the website, to compile reports on website activity and to offer other services relating to website use.

    Your IP address, which is transmitted from your browser to Google Analytics, is not merged with other Google data. However, Google may pass this information on to third parties if this is required by law or if third parties process this data on behalf of Google.

    You can prevent cookies from being stored on your computer by making the appropriate settings in your browser. Please note, however, that in this case you may not be able to use all the functions of our website to their full extent.

    Further information on terms of use and data protection can be found at https://support.google.com/analytics/answer/6004245?hl=en.

    Legal basis: Art. 6 para. 1 lit. a GDPR (consent)

    8.4 Google Signals

    Google Signals may be used on our website as an extension to Google Analytics to create cross-device reports. If you have enabled the ‘personalised ads’ feature and your devices are linked to your Google account, Google may analyse your usage behaviour across devices and create database models, including cross-device conversions, subject to your consent to the use of Google Analytics in accordance with Art. 6 para. 1 lit. a GDPR. We do not receive any personal data from Google, only statistics.

    If you wish to stop cross-device analysis, you can disable the ‘Personalised advertising’ feature in your Google account settings. To do this, please follow the instructions on this page: https://support.google.com/ads/answer/2662922?hl=en.

    Further information about Google Signals can be found at the following link: https://support.google.com/analytics/answer/7532985?hl=en.

    Legal basis: Art. 6 para. 1 lit. a GDPR (consent)

    8.5 Google Doubleclick

    The website uses the online marketing tool DoubleClick. The Google advertising network and certain Google services may be used to assist AdWords customers and publishers in placing and managing ads on the web. DoubleClick uses cookies to serve ads relevant to users, improve campaign performance reports, or prevent a user from seeing the same ads multiple times. Google uses a cookie ID to record which ads are displayed in which browser and can thus prevent them from being displayed multiple times. In addition, DoubleClick can use cookie IDs to record so-called conversions related to ad requests. This is the case, for example, when a user sees a DoubleClick ad and later visits the advertiser's website using the same browser and makes a purchase there. According to Google, DoubleClick cookies do not contain any personal information. Due to the marketing tools used, your browser automatically establishes a direct connection to Google's server. We have no influence on the scope and further use of the data collected by Google through the use of this tool and therefore inform you according to our level of knowledge: Through the integration of DoubleClick, Google receives the information that you have accessed the corresponding part of our website or clicked on an advertisement from us. If you are registered with a Google service, Google can associate the visit with your account. Even if you are not registered with Google or have not logged in, it is possible that the provider may obtain and store your IP address.

    Legal basis: Art. 6 para. 1 lit. a GDPR (consent)

    8.6 Google Maps

    We use Google Maps on this website. This allows us to display interactive maps directly on the website and enables you to conveniently use the map function. When you visit the website, Google receives information that you have accessed the corresponding subpage of our website. In addition, the data mentioned under ‘Informational use of the website’ is transmitted. This occurs regardless of whether Google provides a user account that you are logged in to or whether no user account exists. If you are logged in to Google, your data will be assigned directly to your account. If you do not want this association to be made with your Google profile, you must log out before activating the button. Google stores your data as usage profiles and uses it for advertising, market research and/or the needs-based design of its website. Such evaluation is carried out in particular (even for users who are not logged in) to provide needs-based advertising and to inform other users of the social network about your activities on our website. You have the right to object to the creation of these user profiles, whereby you must contact Google to exercise this right. Further information on the purpose and scope of data collection and its processing by the plug-in provider can be found in the provider's privacy policy.

    The integration of Google Maps leads to the reloading of other Google services on our website, such as Google Static, Google APIs and Google Fonts.

    Legal basis: Art. 6 para. 1 lit. a GDPR (consent)

    8.7 Google Tag Manager

    We use Google Tag Manager to recognise your user behaviour. Google Tag Manager is a solution that allows marketers to manage website tags via an interface. The tool itself processes the following personal data: IP address of the user. The tool triggers other tags, which in turn may collect data. Google Tag Manager does not access this data. Google Tag Manager can set cookies, at least in the administrator's preview and debug mode, but also outside of this mode. If deactivation has been carried out at domain or cookie level, this remains in place for all tracking tags implemented with Google Tag Manager.

    You can find more detailed information here: https://support.google.com/tagmanager/?hl=en#topic=15191151.

    Legal basis: Art. 6 para. 1 lit. f GDPR (legitimate interest)

  9. consentmanager

    We use the tool facebook consentmanager AB, Håltegelvägen 1b, 72348 Västerås, Sweden, to obtain data protection-compliant consent for the use of cookies and services requiring consent on our website.

    The consent management tool records and stores the selection of cookies and services requiring consent of the respective user of our website. The explicit consent of the website visitor ensures that statistical and marketing cookies and services requiring consent are only then set.

    The tool records, logs and saves the website visitor's settings. The consent tool collects, transmits and stores certain user information (including the IP address) so that the selected settings can be clearly assigned to the respective website visitor.

    Further information can be found in the privacy policy of consentmanager AB at https://www.consentmanager.net/privacy.

    Legal basis: Art. 6 para. 1 lit. f GDPR (legitimate interest)

  10. Your rights

    You have the following rights in relation to your personal data:

    • Right to access, rectification and erasure
    • Right to restriction of processing
    • Right to object to the processing
    • Right to data portability
    • Right to lodge a complaint with the Czech Office for Personal Data Protection, Úřad pro ochranu osobních údajů, Oberst. Sochora 27, 170 00 Prague 7, Czech Republic, telephone +420 234 665 800, e-mail: posta@uoou.cz

    If you believe that we have violated Czech or European data protection law in the processing of your data and thereby violated your rights, please contact us so that we can clarify any questions you may have.

    Please send your enquiries and concerns by email to datenschutz@eventim.at or contact us using the contact details provided.

  11. Changes to this privacy policy

    We reserve the right to make changes to our privacy policy from time to time. We will publish all changes to the privacy policy on this page. Please always refer to the latest version of our privacy policy.

  12. Further data protection information

    Further information about data processing at the controller's company can be found here: https://www.oeticket.com/en/help/data-protection

Version: 13.06.2025