Privacy Notice

Privacy Notice


This Privacy Notice gives you an overview of the processing of your personal data in the context of the use of the offers and online services within the website at http:/www.paris-classical-concerts.com (the “website”). This privacy policy also informs you about your rights and the possibilities to control your personal data and to protect your privacy.
Responsible for data processing is Classictic GmbH, Pappelallee 1, 10437 Berlin, Germany. This company is also meant if the terms “we” or “us” are used in the following.
You can contact our data protection officer at the above address and at privacy@classictic.com.
We have taken technical and organisational measures to ensure the security of your personal data. For example, we use the Transport Layer Security (TLS) for the transmission of data for encryption.


Please note:

You are not obliged by law to provide us with the personal data stated in this Privacy Notice. Specifically, the contractual relationship that you have entered into with us by agreeing to our GTC does not imply any obligation to provide your personal data. However, the transmission of the contract information provided by you to us is a basic requirement for the conclusion of a contract with us. In addition, you may not use the website or only to a limited extent if you do not provide us with certain data or object to the use of this data.

1.    Which personal data we process and from which sources:


When we make our website available to you, we process personal data from various sources. On the one hand, these are data that we automatically process for every visitor when the website is accessed. However, this may also be data that you have voluntarily provided to us or that we receive from the concert organisers.

Data that we automatically collect when you use our website:

As soon as you visit the website, you send technical information to our web servers. This happens regardless of whether you make a booking or subsequently register with an account with us to use the website. In any case, we collect the following access and web access data (which we call “Usage data”):
•    Date and time of the visit and the duration of the use of the website;
•    The anonymized IP address of your device;
•    the referral URL (the website from which you may have been referred);
•    the visited sub-pages of the website or sub-pages of the app; and
•    more information about your device (device type, browser type and version, settings, operating system).

We process the Usage Data in order to enable you to use the website and to ensure the functionality of the website, in particular to show you the correct language version. In addition, we process the Usage Data to analyze the performance of the website, continuously improve the website and correct errors or personalize the content on the website for you. However, we also process usage data in order to guarantee IT security and the operation of our systems and to prevent or detect misuse, in particular fraud.
We store this usage data exclusively in anonymous form, so that it is no longer possible to draw any conclusions about your person.
We use cookies for automatic processing of usage data. Cookies are small text files that you load onto your device when you visit our websites and store the above information about yourself. We use our own cookies, but we also use cookies and tracking tools from third parties such as Google and Facebook. If you would like to know more about how cookies work, which cookies process which data on our website for which purposes and how you can deactivate them, click here for our cookie page.

Data that you yourself transmit to us:

In addition to the data we receive from all visitors, we also process other data. The exact amount of this data depends on how you use the website. You can use the website with or without a user account.

If you decide to create an account or make a booking or reservation without creating an account, please let us know:
•    your name
•    Your e-mail address
•    The country you live in
•    your mobile phone number (optional)
•    your birthday (optional)
•    Information on the payment method you have selected.

The data entered during registration will be used for the purpose of providing the website and for notification by e-mail of any information relevant to the website or registration, such as changes in the scope of the website or technical circumstances. If you give your separate consent, we will also save your e-mail address for sending our newsletter.
We process this information to complete your booking (including payment), inform you of the status of your reservation and issue you your e-ticket.
Depending on which payment provider you choose for your payment, you may have previously agreed to the payment provider’s own terms of use and privacy notices (as in the case of PayPal). Then please also note the data protection information of the relevant payment provider. In any case, the transaction ID and the payment amount are transmitted to the payment provider you have selected. We also store so-called settlement files in connection with the payment of your booking. They will inform us in consultation with the payment provider used in each case whether the respective booking has already been paid in full and definitively.

If you contact Customer Service at info@classictic.com, the written communication between you and service staff and notes on each transaction will be stored until it is completed in order to ensure smooth customer service at all times when the transaction is resumed by other service staff.

2.    The purposes for which we also process your data:


We have already informed you above for which purposes we process your data in individual cases. In addition, we may process your data for further purposes. This includes, for example, the disclosure of your personal data to third parties if we are legally obliged to do so, but also the assertion of legal claims on our part or the defence against legal disputes.

3.    The legal basis for processing:


When processing your personal data, we rely on various legal bases in accordance with the so-called General Data Protection Regulation, an EU-wide legal framework for standardising data protection laws (“GDPR”). These are in detail:

Your consent (Article 6 (1) a) GDPR):

By registering or making a booking with your account details, you expressly agree to the data processing described in detail in this Privacy Notice by ticking the box before sending the registration or booking form: If we process your data within the framework of booking or providing your user account, it is therefore because you have consented to this. Your consent is therefore the most important legal basis for the processing of your personal data by us.
Fulfilment of our contractual obligations towards you (Article 6 (1) b) GDPR):
At the same time, your data will also be processed for the provision of the website as part of the fulfilment of our contract with you. Accordingly, in most cases the processing is not only justified by your consent, but also because it is necessary to fulfil our contract with you. For example, if you book a concert ticket via the website, it is necessary to process the booking data to save your booking.

Our legitimate interests (Article 6 (1) f) GDPR):

There are also cases in which we would be entitled to process your data without your consent because it is necessary to protect our legitimate interests (or the interests of third parties). In this respect, the purposes described above, for which we process your data, also represent legitimate interests in many cases. This means that we may process the data necessary to guarantee the security of our IT systems in any case, even if you have not given or withdrawd your consent to this processing. This also concerns the prevention of abuse of our website or the personalisation of advertisements to your interests (so-called direct marketing).
Legal requirements (Article 6 (1) c) GDPR) or in the public interest (Article 6 (1) e) GDPR):
In addition, we are legally obliged to process certain data in individual cases in order to provide information to law enforcement authorities or tax authorities.

4.    With whom we share your information:


With the exception of the service providers and partners described below, we will not pass on your data to third parties. Insofar as the respective listed recipients of the data receive data, these recipients will process your data solely on our instructions and have undertaken to comply with strict requirements for the security of your data.
In order to complete your booking and to secure your right to attend the respective concert, we will pass on your name and contact details (e.g. telephone number) as well as your ticket number to the concert organiser.
In addition, we transmit data to our hosting service providers that enable us to provide the website. The providers listed in our information on cookies and tracking tools will only receive your anonymized data as further explained there.
We also send your e-mail address to the provider of the “Mailchimp” newsletter service, which we use to enable our newsletter to be sent by e-mail. Provider is the Rocket Science Group, LLC, 675 Ponce De Leon Ave NE #5000, Atlanta, GA 30308, USA.

5.    Data processing outside the EEA:


We do not transfer your access and account data to countries outside the EEA (so-called “third countries”). We do not host your data in third countries and all your data is located on the servers of our hosting service providers in Germany, 1&1 Internet SE, Eigendorfer Str. 57, 56410 Montabaur and Hetzner Online GmbH, Industriestr. 25, 91710 Gunzenhausen. The only exception are the settlement files stored by Amazon Web Services, Inc. 410 Terry Avenue North, Seattle WA 98109, USA (also on servers located in Germany).
In some cases, however, your data will be processed in third countries. This applies in particular to third party cookies provided by companies based in the United States. However, we will ensure that an adequate level of data protection is guaranteed at all times. We ensure that data recipients are either certified according to the so-called “EU Privacy Shield” (as with Google, Mailchimp and Facebook) or that the so-called EU standard contract clauses are included in our contracts with these providers in order to guarantee the security of processing and an appropriate level of data protection (as in the case of Amazon Web Services).

6.    Data retention periods:


We process and store your personal data insofar as this is necessary to fulfil our contractual or legal obligations. Therefore, we store the data for as long as our contractual relationship with you exists and after termination only to the extent and for as long as required by the law of the Federal Republic of Germany. All other data will be deleted when you log out of the website or are no longer needed to complete a booking. If the remaining data is no longer required to fulfil legal obligations (e.g. in accordance with tax or commercial law) after your deregistration or the closing of your booking (insofar as this took place without creating a user account), it will be regularly deleted, unless further processing is necessary to preserve evidence or to defend against legal claims against us. For the preservation of evidence, for example, your IP address and the exact time of issue are required if you have given us your consent (e.g. to receive the newsletter).

7.    User profiles:


We use your data to create a user profile. This means that we use your information to provide you with a personalized website based on your personal preferences and interests, and to provide you with customized offers based on your past behavior. For example, your computer’s IP address is used to identify your geographic location and provide you with localized content in your local language. In addition, we can make suggestions and offers for new events based on the events you have previously visited and/or booked on our website. However, we will never process and analyse your personal data within the scope of this user profile in such a way that this leads to an automated decision that is legally effective for you or significantly impairs you in a similar manner.

8.    Your legal rights under the GDPR:


You can assert the following rights against us within the scope of the GDPR with regard to your personal data:
Your right to information and access in accordance with Article 15 of the GDPR,
Your right to rectification under Article 16 GDPR,
Your right to erasure under Article 17 GDPR,
Your right to limitation of processing under Article 18 GDPR and
Your right to data portability under Article 20 GDPR.
You also have a right of appeal to the competent data protection supervisory authority (Article 77 GDPR in conjunction with § 19 BDSG).
You can also withdraw your consent to the processing of your personal data at any time. This also applies to the revocation of declarations of consent that we received before the GDPR became valid, i.e. before 25 May 2018. However, this revocation only applies to the future. Any processing that took place before the revocation remains unaffected by this.

Information on your right of objection under Article 21 GDPR

1.    right of objection in individual cases


In addition to the rights already mentioned, you have the right, for reasons arising from your particular situation, to object at any time to the processing of your personal data based on Article 6 para. 1 e GDPR (data processing in the public interest) and Article 6 para. 1 f GDPR (data processing on the basis of a balance of interests). If you file an objection, we will no longer process your personal data unless we can prove compelling grounds for processing that outweigh your interests, rights and freedoms, or the processing serves to assert, exercise or defend legal claims.

2.    the right to object to the processing of data for advertising purposes


You also have the right to object at any time to the processing of your personal data for the purpose of direct marketing (including the subscription to our newsletter); this also applies to the creation of a user profile (so-called “profiling”), insofar as this is associated with direct marketing. If you file an objection, we will no longer process your personal data in the future.
Please note that you will not use the website if you do not provide us with certain data or if you object to the use of this data.
The objection can be raised informally and is to be addressed to: privacy@classictic.com.

9.    Changes to this Privacy Notice


In order to keep this information up to date, this Privacy Policy will be amended if the underlying data processing is changed. We will not limit your rights under this Privacy Policy without your prior written consent. We will publish any intended changes to this privacy statement as long as their content changes and not merely editorial changes (e.g. to correct typing errors) are made.