The protection of your personal data is of particular concern to us.

When collecting and processing your data, we adhere strictly to the data protection regulations. Below we will explain in detail what precautions we take to protect your data and what data we collect and for what purposes. We process your data exclusively on the basis of the statutory provisions (GDPR, DSG, TKG 2021 as amended).

 

1. General information
Responsible for data processing is

DomQuartier Salzburg GmbH
Mozartplatz 10, Postfach 527
5010 Salzburg, Austria

Tel. +43 662 80 42 21 09
E-mail: office@domquartier.at

Dr Andrea Stockhammer (Director)

2. collection and processing of personal data
Personal data is collected and subsequently processed if you provide it to us voluntarily, for example as part of a registration (e.g. newsletter, contact form, online shop).
All personal data is collected, processed and used in accordance with the applicable provisions on the protection of personal data, primarily for the purpose of the services you have commissioned and for processing your enquiries.

 

How do we obtain your data?

1. Data that you provide/share with us
In principle, you do not have to provide us with any personal information directly when using our website. However, for certain services, such as our newsletter subscription, the contact form or the online shop, you must provide us with personal data such as Your full name, your e-mail address, your address etc. in order to be able to use the respective service at all (e.g. we need your e-mail address to send the newsletter).

 

2. Data that you provide/share through your use of our services
In addition, we receive some data automatically and for technical reasons when you visit our website. Every time a user accesses our website and every time a file is retrieved, access data about this process is stored in the form of log files. The following data is collected:

  • the website from which you access our site;
  • the IP address assigned to you by your provider
  • the date and time of access;
  • the amount of data transferred;
  • the name of the file or page accessed;
  • Notification of whether the retrieval was successful;
  • a message as to why a retrieval may have failed;
  • if applicable, your computer’s operating system and browser software;

This data is technically necessary for us to display our website to you and to ensure stability and security.

3. Purpose limitation legal basis, storage duration and data recipients
The legal bases for the processing of your personal data are in particular

  • Contract fulfilment (Art 6 para 1 lit b GDPR);
  • Fulfilment of legal obligations (Art 6 para 1 lit c GDPR);
  • Your consent (Art 6 para 1 lit a GDPR) (e.g. newsletter, cookies etc.);
  • Protection of legitimate interests (Art 6 para 1 lit f GDPR).

If you have given us your consent to process your personal data, processing will only take place in accordance with the purposes specified in the declaration of consent and to the extent agreed therein. Any consent given can be revoked at any time with effect for the future (see also point 11.)

You must provide the personal data that is necessary for the establishment and implementation of our business relationship and that we require for the processing of the respective service (e.g. newsletter, contact form, online shop).

If you do not provide us with data, we will generally have to refuse to conclude a contract or provide certain services.

However, you are not obliged to give your consent to the processing of data that is not relevant or not required for the fulfilment of the contract or the specific service.

We process your personal data, if necessary, for the duration of the entire business relationship (from the initiation, processing to the termination of a contract) or for the duration of the individual services (e.g. newsletter, order via online shop) as well as beyond that in accordance with the statutory retention regulations and documentation obligations or as long as our legitimate interest in the retention exists for the defence of any liability claims.

Within DomQuartier Salzburg GmbH, your data will be received by those departments and employees who need it to fulfil contractual and/or legal obligations and to protect legitimate interests. In addition, processors commissioned by us (connetation.at, cleverelements.at ) will receive your data if they need it to fulfil their respective tasks. The processors commissioned by us have undertaken to comply with the applicable data protection regulations. Data processing contracts have been concluded in accordance with Art 28 GDPR. You can request further information on the processors commissioned by us at office@domquartier.atSome of the recipients mentioned above are located outside your country or process your personal data there. The level of data protection in other countries may not be the same as in your country. However, we only transfer your personal data to countries for which the EU Commission has decided that they have an adequate level of data protection or we take measures to ensure that all recipients have an adequate level of data protection.

 

4 Our services

4.1 Online shop
We would like to point out that for the purpose of simplifying the shopping process and for subsequent contract processing, the webshop operator stores the connection owner’s name, address and other data voluntarily provided by the buyer in the form of cookies.
In addition, the following data is also stored by us for the purpose of contract processing: Name, billing address, delivery address, order, receipt of payment and other voluntarily provided data. The data provided by you is required to fulfil the contract or to carry out pre-contractual measures. We cannot conclude the contract with you without this data. Data will not be transferred to third parties, with the exception of the transport company/shipping company commissioned by us to deliver the goods, the bank commissioned to process the payment and our tax consultant to fulfil our tax obligations.
After cancellation of the purchase process, the data stored by us will be deleted. If a contract is concluded, all data will be stored for as long as statutory retention obligations exist.

The data name, address, purchased goods and date of purchase are also stored until the expiry of product liability (10 years). Data processing is carried out on the basis of the legal provisions of the TKG 2021 and Art. 6 para. 1 lit a (consent) and/or lit b (necessary for contract fulfilment) of the GDPR.

4.2 Contact form
When you contact us via the contact form and by e-mail, the data you provide will be stored by us in order to answer your questions. We delete the data collected in this context as soon as storage is no longer necessary or restrict processing if there are statutory retention obligations.

4.3 Newsletter
You have the option of subscribing to our newsletter via our website. To do this, we need your e-mail address and your declaration that you agree to receive the newsletter.
In order to provide you with targeted information, we also collect and process voluntary information on your first name and surname.
As soon as you have registered for the newsletter, we will send you a confirmation e-mail with a link to confirm your registration.

Your data will be stored in the Clever Elements newsletter programme for the purpose of sending the newsletter. More information at: https://cleverelements.com/privacy
You can cancel your subscription to the newsletter at any time via an unsubscribe link in the newsletter. Send your cancellation to the following email address: office@domquartier.at
Your data will only be used to send you the newsletter unless you give us your express consent to use it for other purposes.

4.4 Annual pass
The annual pass can be purchased directly at the main ticket office (Residenzplatz 1) and in the museum shop in the Residenzgalerie during regular opening hours. The application form must be handed in at the ticket offices in the DomQuartier. The data you provide on the application form (first name and surname, street, no., postcode, town, date of birth and e-mail address) will only be used for issuing the annual pass and all associated benefits and discounts. The provision of children’s data (name and date of birth) as part of the annual pass family is necessary for the fulfilment of the contract, as the benefits of the annual pass family may only be used by authorised persons. If these data are not provided, the Annual Pass Family cannot be issued. It is also mandatory to provide the data of the partner if he/she would also like to take advantage of the benefits of the Family Annual Pass. The data processing is necessary for the fulfilment of the contract and this contract also constitutes the legal basis for the data processing (Art 6 para 1 lit b GDPR). The data is stored for the duration of the business relationship.

4.5 Photos at events
Please note that photos and/or videos are taken at events and these are published for the purpose of documenting the event in various (social) media (Facebook, Instagram, YouTube), publications and on our website www.domquartier.at and/or newsletter. The photos will only be published with express consent (Art 6 para 1 lit a GDPR), in the case of children under the age of 16 with the consent of their legal guardians. If a child has reached the age of 16, they can give their consent (Art. 6 para. 1 lit. a GDPR) themselves. Consent can be revoked at any time at office@domquartier.at. In the event of revocation, the legality of the processing carried out on the basis of the consent until revocation is not affected. In the event of revocation, the controller has the choice of making the data subject unrecognisable in the photo (pixelation) or removing the photo.’

 

5. SSL or TLS encryption
This website uses SSL or TLS encryption for security reasons and to protect the transmission of confidential content, such as orders or enquiries that you send to us as the website operator. You can recognise an encrypted connection by the fact that the address line of the browser changes from ‘http://’ to ‘https://’ and by the lock symbol in the browser line.
If SSL or TLS encryption is activated, the data you transmit to us cannot be read by third parties.

 

6. Encrypted payment transactions on this website
We accept credit cards (such as Mastercard or Visa) or Paypal as payment options.
If you are obliged to provide us with your payment details (e.g. credit card details) after concluding a chargeable contract, this data is required for payment processing and is processed securely. We do not store any credit card information and do not have access to your credit card details.
Payment transactions via the usual means of payment (Visa/MasterCard, direct debit) are made exclusively via an encrypted SSL or TLS connection. You can recognise an encrypted connection by the fact that the address line of the browser changes from ‘http://’ to ‘https://’ and by the lock symbol in the browser line.
With encrypted communication, the payment data you transmit to us cannot be read by third parties.

 

7. Security of your data
Your personal data provided to us is secured by taking all technical and organisational security measures to ensure that it cannot be accessed by unauthorised third parties. Our security measures are continuously improved in line with technical progress.

 

8. Cookies
Only functionally necessary cookies are used. These are small text files that are stored on your end device with the help of the browser. They do not cause any damage. We use cookies to make our website more user-friendly. Some cookies remain stored on your end device until you delete them. They enable us to recognise your browser on your next visit. If you do not want this, you can set up your browser so that it informs you about the setting of cookies and you only allow this in individual cases. If you deactivate cookies, the functionality of our website may be limited.

 

9. Web analysis
In order to improve our online offering, we measure the use of our website anonymously.
Matomo has been configured so that data/IP addresses are automatically anonymised. No personal data is processed or passed on to third parties or transferred to an external server.
Further information: https://matomo.org

 

10. payment provider PayPal
We offer payment via PayPal on our website. The provider of this payment service is PayPal (Europe) S.à.r.l. et Cie, S.C.A., 22-24 Boulevard Royal, L-2449 Luxembourg (hereinafter referred to as ‘PayPal’).
If you select payment via PayPal, the payment data you enter will be transmitted to PayPal.
The transmission of your data to PayPal is based on Art. 6 para. 1 lit. a GDPR (consent) and Art. 6 para. 1 lit. b GDPR (processing for the fulfilment of a contract). You have the option to revoke your consent to data processing at any time. A revocation does not affect the effectiveness of data processing operations in the past.

 

11. Consent and right of revocation
If your consent is required for the processing of your data, we will only process it after you have given your express consent.
In principle, we do not process data of minors and are not authorised to do so. By giving your consent, you confirm that you have reached the age of 14 or that you have the consent of your legal representative.
You can revoke your consent at any time by sending an e-mail to the following address: office@domquartier.at. In such a case, the data previously stored about you will be anonymised and subsequently only used for statistical purposes without personal reference. The withdrawal of consent shall not affect the lawfulness of processing based on consent before its withdrawal.

 

12. your rights
In principle, you have the rights to information, rectification, erasure, restriction, data portability, cancellation and objection. If you believe that the processing of your data violates data protection law or your data protection rights have been violated in any other way, you can lodge a complaint with the supervisory authority. In Austria, this is the data protection authority (Barichgasse 40-42, 1038 Vienna, e-mail: dsb@dsb.gv.at).

 

13. Information and contact
You retain control over all personal data that you provide to us. On request, we will be happy to inform you in writing whether and which personal data we have stored. You can also request the deletion of your data stored by us, unless it is required for the processing of contractual relationships between you and us or we are obliged to store it for legal reasons or we need the data to defend against any liability claims.
Please contact us regarding your rights, or if you have any other questions or suggestions regarding the privacy policy, at: office@domquartier.at or write to

DomQuartier Salzburg GmbH
Mozartplatz 10, Postfach 527
5010 Salzburg, Österreich
Tel. +43 662 80 42 21 09