Skip to main content
MENU

Privacy policy

The protection of your personal data is of particular concern to ART for ART Theaterservice GmbH, Goethegase 1, 1010 Vienna. ART for ART Theaterservice GmbH complies with the applicable legal provisions for the protection, lawful handling and confidentiality of personal data, as well as for data security, in particular the Austrian Data Protection Act („DSG“), the EU General Data Protection Regulation („GDPR“) and the Telecommunications Act („TKG“). 

In the following, we would like to inform you about the type, scope and purpose of the collection and use of your personal data and about your rights.

For information on the processing of personal data through the use of our website, please refer to our Cookie declaration, which must be read in conjunction with this privacy policy.
 

Data processing, purposes and legal bases

According to the GDPR, personal data is any information relating to an identified or identifiable natural person, such as name, email address, customer number, etc.

ART for ART Theaterservice GmbH processes the personal data of employees, partners, interested parties, customers and suppliers for the purpose of performing its business activities and fulfilling the associated legal and contractual requirements:
  • Communication with interested parties and business partners about products, services and projects, e.g. processing enquiries, applicant selection process;

  • Initiation, processing and administration of (contractual) business relationships and maintenance of business relationships, e.g. to process orders for products and services, to collect payments, for accounting, billing and debt collection purposes and to carry out deliveries, maintenance activities or repairs;

  • Carrying out customer surveys and market analyses:

  • Maintaining and protecting the security of our products and services and our websites, preventing and detecting security risks, fraudulent behaviour or other criminal or malicious acts;

  • Compliance with (i) legal requirements (e.g. retention obligations under tax and commercial law), as well as (ii) guidelines of the Bundestheater Group; and

  • Settlement of legal disputes, enforcement of existing contracts and assertion, exercise and defence of legal claims.
The following categories of personal data may be processed in order to achieve the aforementioned purposes:
  • The following categories of personal data may be processed in order to achieve the aforementioned purposes:

  • Professional contact information, such as name, contact address, telephone number or e-mail address;

  • Payment data, such as information required for the processing of payment transactions or fraud prevention;

  • Information collected from publicly available sources and information databases, such as the Austrian Business Register (ANKÖ);

  • Other personal data whose processing is necessary for the initiation, processing and administration of (contractual) business relationships and the maintenance of business relationships or which you provide voluntarily, such as orders placed, order details, enquiries made or project details, correspondence, other data on cooperation;
The legal basis for data processing is:
  • Article 6(1)(a) GDPR: The data subject has given consent to the processing of personal data concerning him or her for one or more specific purposes

  • or Art 6 para 1 lit b GDPR: Processing is necessary for the performance of a contract to which the data subject is party or in order to take steps at the request of the data subject prior to entering into a contract;

  • and Art 6 para 1 lit f GDPR: Processing is necessary for the purposes of the legitimate interests pursued by the controller or by a third party, except where such interests are overridden by the interests or fundamental rights and freedoms of the data subject which require protection of personal data, in particular where the data subject is a child.

Contact us

If you contact us by e-mail, online contact form (vemap procurement portal for the electronic processing of procurement procedures), fax, telephone or other means of communication, your personal data and information that you provide to us when contacting us will be used exclusively to process your enquiry or any resulting pre-contractual measures. You are free to decide whether you wish to provide us with this data. Corresponding information regarding data protection is provided directly on the respective website/application - „Jobs“, „Tenders“ (-> vemap procurement portal).

Data transfer

Your personal data will not be passed on to third parties unless we are legally obliged to do so or the transfer of data is necessary to fulfil our obligations.

In order to fulfil certain tasks, we use selected service providers who work for us as processors and may be granted access to your data to the extent necessary. This applies, for example, to software solutions, services within the scope of an IT support contract or services in the area of payroll accounting and financial accounting. All of our processors only process your data on our behalf and on the basis of our instructions for the purposes described above. Furthermore, we ensure through contractual obligations that our processors comply with the legal regulations on data protection in the same way as we do.
 

Data security

In addition to compliance with the principles of data protection and the obligation of our employees to maintain data secrecy, we take appropriate technical and organisational measures to ensure the security of data processing, i.e. the confidentiality, integrity, availability, resilience and rapid recoverability of the systems and services used, on a permanent basis.
 

Storage period

We store your data for a period of time in accordance with the legal provisions. As a rule, this is the duration of the customer relationship. A longer retention period may result in particular from legal retention obligations or for the assertion of legal claims. We retain data that we process with your consent until you withdraw your consent.
 

Whistleblower system

The processing serves the purpose of implementing the Whistleblower Protection Act (HSchG), which came into force on 25 February 2023, in the Austrian Federal Theatres and thus complying with the legal obligation. The law serves the purpose of uncovering misconduct within the meaning of the HSchG and thus ensuring compliance with the law.
 
Legal basis: Art 6 para 1 lit c GDPR (fulfilment of a legal obligation)
 
Type of data processed:
  • Contact details of the whistleblower (optional) 
  • Report by the whistleblower
  • Personal data contained in the notification (e.g. in continuous text or in documents) 
The provision or processing of this data is required by law.
 
Data is forwarded to the following recipients:
  • Sage GmbH (processor) 
  • Jank Weiler Operenyi Rechtsanwälte GmbH
  • Deloitte Legal (sub-processor) 
Rights of data subjects in the whistleblower system:
Please note that the exercise of some of these rights could hinder the effectiveness of the Whistleblower Protection Act, in particular the submission of reports, the taking of follow-up measures and the guarantee of anonymity of a whistleblower. Against this background, the Austrian legislator has taken measures to restrict the exercise of certain data protection rights of data subjects.
 
Click here for the Whistleblower system
 

Your rights

Right to information
You have the right to information about the personal data we process about you.
Right to authorisation
You have the right to have your personal data corrected if it is no longer up to date, incomplete or incorrect.
Right to erasure („right to be forgotten“)
You have the right to have your personal data deleted, unless there are legal or legitimate reasons (such as retention obligations under tax or commercial law or the assertion, exercise or defence of legal claims) to retain it.
Right to restriction of data processing
You have the right to request the restriction of the processing of your personal data if one of the conditions listed in Art. 18 GDPR is met.
Right to data portability
You have the right to receive the personal data you have provided in a structured, commonly used and machine-readable format.
Right of objection
If we process your personal data on the basis of a legitimate interest, you have the right to object to this processing at any time on grounds relating to your particular situation. However, compelling legitimate grounds of ART for ART Theaterservice GmbH may prevail, which may allow us to continue processing your personal data.
In addition, you have the right to object to the processing of your data at any time if the processing is for the purpose of direct marketing.
Right to withdraw consent
You have the right to withdraw your consent to the processing of personal data with effect for the future if the processing is based on your consent.
Questions and complaints
If you have any questions regarding your personal data, please contact us at datenschutz@theaterservice.at. You can also contact the Data Protection Officer of the Austrian Federal Theatres, Ms Silvia Schauer, MSc MBA, at datenschutz@bundestheater.at or by post to: Data Protection Officer of the Austrian Federal Theatres, Goethegasse 1, 1010 Vienna.

You also have the option of lodging a complaint with a data protection supervisory authority. The data protection supervisory authority responsible for us is the Austrian Data Protection Authority.
 

Final provisions

Please note that ART for ART Theaterservice GmbH will continue to adapt this data protection declaration (e.g. due to changes in legal regulations, use of new technologies, expansion of our offers and services). We therefore recommend that you consult this privacy policy regularly.

Status: March 2023
GENDER NOTICE: The female form used in this privacy policy always refers to female, male and diverse persons at the same time.