cookie policy Política de Privacidad

Educated or conceited? We tend to the former.

PRIVACY POLICY

courseticket LTD
Siebenbrunnengasse17, Top 7
1050 Vienna
Registration Number: FN 358331 h

1. Processing Activities

Distribution of online information offers to (registered) customers. Should terms in this privacy policy referring to natural persons only be given in the masculine form they refer to women and men in the same way. When referring to a certain natural person the gender-specific form must be used. Customers are understood as both consumers (users) and businesses.

2. Data Protection Officer

Should you have any questions in regards to the collection, processing or use of your personal data please write to the following contact address:

courseticket LTD
c/o Data Protection Officer
Siebenbrunnengasse 17, Top 7
Email: dataprivacy@courseticket.com
1050 Vienna
AUSTRIA

3. Purpose of Data Processing

on the legal basis of contract preparation or fulfilment:

a) Distribution of online content & bookable services to registered customers, also in consideration of preferences in personalised form

b) Maintaining and increasing customer satisfaction and customer loyalty

c) Collection of user numbers to document the range

d) Provision of communication channels to service the contractual agreement

on the legal basis of (predominantly) legitimate interests:

a) Reclamation and acquisition of customers

b) Evaluation of user behaviour and the personal preferences of customers for targeted distribution of advertising (as far as permitted by law) with the goal of minimising scatter loss

4. Legal Basis of Data Processing

The use of the online services is based on a contract within the meaning of article 6 (1) a) b) of the General Data Protection Regulation (DSGVO). courseticket discloses that it includes content of third parties (such as links, pixel, plug-ins) in the fulfilment of its contractual obligations. Due to the technical circumstances when calling up the content, courseticket, already at the time of loading the webpage, automatically transmits electronic identification data in particular the IP address and the browser settings of the user to these third parties who process them under their own responsibility.

a) The processing of a registration takes place by means of electronic data processing. By registering, you agree to the collection, processing and use of data you provided during the registration as well as the data that becomes known during the upright business relationship. courseticket treats the stored data and information of the customer, irrespective of its kind, strictly confidential. The contract data will be stored for billing and ticketing and can be viewed by you at any time via your login.

By registering you agree that your data, provided by you during the registration, in particular your sex, first and last name, postal address, phone number, and email address, as well as individual identification number and the time of registration can be processed for the purpose of the contract conclusion, for communication via the Platform in connection to bookings or consumption of a service, for offers of courseticket and the transmission of electronic mail in accordance with § 107 (3) of the Telecommunication Law (TKG).

In the case of any remittance (e.g. cancellation or revocation of a service) of the service fee the required bank details will also be transmitted to courseticket.

You can withdraw your agreement at any time via a signed letter or per email sent to courseticket (see contact details in point 2).

b) The transfer of data is excluded, provided that the transfer does not serve the execution of this contract in particular the registration and/or the deregistration or the remittance of the service fee. If required your sex, first name and last name, postal address, individual identification number, the time of registration, phone number and email address, as well as any Participant data individually requested by the Service Provider (provider of the booked service) will be transferred to the Service Provider. courseticket discloses that personal data of customers can also be processed by the Service Provider for the purpose of direct marketing in accordance with § 107 (3) of the Telecommunication Law (TKG).

c) Only customer data which courseticket has at its disposal due to the contractual agreement and for which the retention period applies will be processed. An increase of the retention period does not take place. It is understood that we are entitled to process the data, even after a revocation, if needed for further execution of the contract or for evidence purposes.

5. Obligation to Provide Data

The customer has no obligation to provide data.

6. Automated Decision-Making

The customer is not subject to any automated decision that has legal effects on him.

7. Processed Types of Data

User Data (provided by the user)
First name (mandatory) Invoicing
Last name (mandatory) Invoicing
Email (mandatory) Login, invoicing- & ticketing, communication (e.g. in case of postponement)
Birth (optional) Identification (e.g. minimum required age)
Password (optional) Login
Gender (optional) Identification (e.g. salutation)
Billing address (mandatory, in case of fee-based) Invoicing
Company, VAT ID (optional) Invoicing
additionally collected by courseticket
Data relevant to the account such as time of registration, time of consent to the T&Cs, time of last login, time of last account changes, newsletter permissions, account status (active, private, public, etc.)
Participant Data (provided by the user)
First name(s) (mandatory) Ticketing
Last name(s) (mandatory) Ticketing
Email(s) (mandatory) Communication (e.g. in case of postponement)
Phone(n) (mandatory) Communication (e.g. in case of postponement) via SMS

Individual participant data (optional, defined by service provider)

Event- or service-based (e.g. academic degree, company positioning)
additionally collected by courseticket
Data relevant to the booking such as unique identification number (booking reference), continuous invoice number, status of the booking, time of booking, last change of the booking, newsletter permissions, referrer domain, assignment to booked service, payment method, purchase price, tax/VAT, redeemed discounts

8. Data Sources (if not provided by the user)

External Recipients of Data Transfer of Electronic Identification Data to Responsible Parties
Payment Services: Wirecard CEE, Reininghausstraße 13a, 8020 Graz, AUSTRIA IP address, payment data
Payment Services: hobex AG, Josef-Brandstätter-Straße 2b, 5020 Salzburg, AUSTRIA IP address, payment data
Payment Services: Klarna Bank AB, Sveavägen 46, 111 34 Stockholm, SWEDEN IP address, payment data
Payment Services: PayPal PayPal (Europe) S.àr.l. et Cie, S.C.A., 22-24 Boulevard Royal, L-2449, LUXEMBURG IP address, payment data
Video embedding: YouTube LLC, 901 Cherry Ave.
San Bruno, CA 94066, USA
IP address, browser data
Support, helpdesk: Zendesk, Inc, 1019 Market St
San Francisco, CA 94103, USA
IP address, browser data
Analytics, ad network, APIs: Google Inc., 1600 Amphitheatre Parkway Mountain View, CA 94043, USA IP address, browser data
Analytics: Mixpanel Inc, 405 Howard Street, Floor 2, San Francisco, CA 94105, USA IP address, browser data
Pixel, social plug-in: Facebook Inc., 1 Hacker Way, 94025 Menlo Park, USA IP address, browser data
Cloud services: Amazon Web Services, Inc., 410 Terry Avenue North, Seattle, WA 98910, USA (location: IRELAND) Communication, data handling
Newsletter registration: Newsletter2Go GmbH, Nürnberger Straße 8, 10787 Berlin, GERMANY Email address


9. Third Country Transfer

The following data is transferred to countries outside the EU as part of data processing:

Country Application Type of Data
USA Google Google Analytics: anonymised IP address, website, browser data, information about website usage
USA Google Google Adwords: IP address, website, browser data, information about website usage
USA Zendesk Support & Helpdesk: ticket data, website title, browser data
USA Facebook Facebook pixel: IP address, website, browser data, information about website usage
USA Mixpanel IP address, website, browser data, information about website usage
USA Amazon AWS communication, data handling

10. Retention Period

a) Non-registered users: no personal data is saved.

b) Registered users: On the grounds of the legal basis mentioned above the data of registered users will be processed by courseticket for 40 months after the contract has ended (=36 months of possible contractual claims + maximum of 4 months delivery time of these claims) and is subsequently deleted (in any case the personal reference). In any case, the license agreement ends after a period of 40 months of being inactive and leads to an immediate deletion. Data related to your booking will remain saved in our systems until the statute of limitations for all claims arising from the contract passes. Data from payment transactions must be stored until the expiry of the statutory limitation period.

11. Data Security

All personal data transmitted via the internet is encrypted using SSL procedures. We secure our website and other systems by technical and organisational measures against loss, destruction, access, modification or distribution of your data via unauthorised persons.

12. Rights of the Person Concerned

Basis Content
Art 15 DSGVO "Insight"
The customer has the right to demand insight into whether personal of his is being processed.
Art 16 DSGVO "Correction"

The customer has the right to demand the immediate correction of incorrect personal data or its completion.

Art 17 DSGVO „Deletion"

The customer has the right to demand the immediate deletion of his personal data as long as the reasons according to art. 17 (1) DSGVO are met.

Art 18 DSGVO „Restriction"

The customer has the right to demand that the processing of his personal data is restricted as long as the reasons according to Art. 18 (1) DSGVO are met.

Art 20 DSGVO „Data Portability"

The customer has the right to receive his personal data in a structured, common and machine-readable format.

Art 21 DSGVO „Opposition"

Opposition direct marketing: The customer has the right at any time to oppose the processing of his personal data for the purpose of direct marketing.

13. Right to Appeal

Art. 77 DSGVO: Each customer has the right to appeal to the supervisory authority if he is of the opinion that the processing of his personal data violates this regulation.

14. Supervisory Authority

Österreichische Datenschutzbehörde

E-Mail: dsb@dsb.gv.at
Hohenstaufengasse 3 Telefon: +43 1 531 15-202525
1010 Wien Telefax: +43 1 531 15-202690

15. Use of Cookies

Our website uses its own "Cookies" to improve user-friendliness ("Cookies" are records sent by the web server to the user's browser that are saved there for later retrieval). Our personal "Cookies" do not store any personal data. The Cookies generated by courseticket have a an expiry time of maximum 1 year. You can edit your browser setting so that you are informed about the use of Cookies and can decide on a case by case basis to accept them or to generally deny acceptance of Cookies. In case Cookies are not accepted the functions of our website can be limited. Under "help" in your web browser you will find instructions on how to change the settings of the current browser accordingly and how to accept or decline Cookies.

Cookies processed by courseticket and its sub domains:

Name Function
PHPSESSID Session cookie (session).
Expiration: session end
courseticketCookie[ct-cookieaccepted] Hide cookie hint (Popup).
Expiration: 1 year
courseticketCookie[ct-seller] Hide promoter popup (Popup).
Expiration: 24 hours
courseticketCookie[ct-survey] Hide survey popup (Popup).
Expiration: 1 year
courseticketCookie[firstReferer] Domain of first visit – in case a widget was loaded on an external website, this url will be saved
Expiration: 30 hours
__zlcmid Activate support chat & helpdesk
Expiration: 1 year
__zlcprivacy Activate support chat & helpdesk
Expiration: 1 year
_gat Google-Analytics cookie, used to throttle request rate
Expiration: 10 minutes
_ga Google-Analytics Cookie, used to distinguish users Expiration: 2 years
_gid Google-Analytics Cookie, used to distinguish users
Expiration: 24 hours
__ar_v4 Google-Adwords Cookie, associated with the DoubleClick advertising service from Google. Helps with tracking conversion rates for ads
Expiration: no date set
__utma Google-Analytics Cookie, used to distinguish users and sessions. The cookie is created when the javascript library executes and no existing __utma cookies exists. The cookie is updated every time data is sent to Google Analytics
Expiration: no date set
__utmb Google-Analytics Cookie, used to determine new sessions/visits. The cookie is created when the javascript library executes and no existing __utmb cookies exists. The cookie is updated every time data is sent to Google Analytics
Expiration: end of sessions
__utmc Google-Analytics Cookie, not used in ga.js. Set for interoperability with urchin.js. Historically, this cookie operated in conjunction with the __utmb cookie to determine whether the user was in a new session/visit
Expiration: 30 minutes
__utmk Google-Analytics Cookie, overall Google Analytics UTM-Cookies hash value.
Expiration: no date set
__utmz Google-Analytics Cookie, stores the traffic source or campaign that explains how the user reached your site. The cookie is created when the javascript library executes and is updated every time data is sent to Google Analytics
Expiration: 6 months

16. Google Services

By using additional Google Services such as Analytics, YouTube, AdWords, Maps and ReCaptcha within our sites, a direct connection between your browser and the Google server may already be established via the plug in as soon as a site is loaded. Through this connection, browser specific data may be transferred and Google third party cookies stored which can but are not limited to identifying the browser of the user. We point out that as the provider of the sites we do not receive knowledge of the complete content of the transmitted data and its use by Google. The integration of the plug ins is not always visible to the user.

courseticket uses Google Remarketing and "Similar Audiences" Features. This allows us to determine if users have visited our site previously and what they were interested in. This method is based on the use of Cookies with the help of which data to your usage behaviour is collected. To prevent this or to amend your preferred settings in regards to this please visit the following site: https://adssettings.google.com.

Version of 26.02.2018