Privacy Policy

Date: 1.9.2023

1. What is this privacy policy about?

We, Theater Casino Zug (Theater- und Musikgesellschaft Zug), explain in this privacy policy how we do this in the course of our business activities and in connection with our website. If you would like further information about our data processing, please contact us (section 2).

«Personal data» refers to all information that can be associated with a specific person, and «processing» refers to any handling of such data, e.g. collection, use and disclosure.
 

2. Who is responsible for processing your data?

The primary body responsible for data processing in accordance with this privacy policy is:

Theater Casino Zug 
(Theater- und Musikgesellschaft Zug)
Artherstrasse 2-4
CH-6300 Zug
 

If you have any questions about data protection, please feel free to contact us at the following address: anfrage@theatercasino.ch

You may provide us with data that also relates to other persons (e.g. names of ticket holders). In this case, we assume that this data is correct and that you are authorised to provide it to us. As we often have no direct contact with these persons and cannot inform them directly about our data processing, we ask you to inform these persons about our data processing (e.g. by referring them to this privacy policy).
 

3. How do we process data in connection with our products and services?

When you use our products and services (collectively referred to as ‘services’), we process data for the purpose of preparing the conclusion of a contract and for the performance of the corresponding contract:

• We may advertise our services, e.g. through newsletters. You will find further information on this under section 4.
• If we are in contact with you regarding a contract, we and our cooperation partners process data, e.g. when you purchase tickets or a membership, or rent premises. This mainly concerns data that you provide to us, e.g. your name, contact details or other information in forms, details of the services requested and the date of contact.
• When we conclude a contract with you, we process the data from the period prior to the conclusion of the contract (see above) and details of the conclusion of the contract itself (e.g. the date of conclusion and the subject matter of the contract).
• We also process personal data during and after the term of the contract. This includes, for example, information on the purchase of services, but also on payments or access data and logins, data on the termination of the contract and – in the event of disputes in connection with the contract – also on these and corresponding proceedings. Without this data processing, we would not be able to execute contracts.

• We also process the aforementioned data for statistical evaluations that support the improvement and development of products. We may also use it for personalised marketing purposes. You will find further information on this in section 4.

   

We process less personal data for contractual partners that are companies, because data protection law only covers data relating to natural persons (i.e. human beings). As part of the general information about companies we work with, we process data relating to contact persons, e.g. name, contact details, professional details, information from communications or information about managers, etc.

4. How do we process data in connection with advertising?

We also process personal data to advertise our services and those of our contractual partners:

• Newsletter: We send electronic information and newsletters that contain, for example, advertising for our offers, but also for offers from our contractual partners with whom we collaborate. We ask for your consent in advance, except when we advertise certain offers to existing customers. In this context, in addition to your name and email address, we also process information about which services you have already used, whether you open our newsletters and which links you click on. For this purpose, our email delivery service provider provides a function that essentially works with invisible image data that is loaded from a server via an encoded link and thereby transmits the relevant information. This is a common practice that helps us to assess the effectiveness of newsletters and optimise them. You can avoid this measurement by adjusting your email programme settings accordingly (e.g. by disabling the automatic loading of image files).
• We place advertisements on third-party websites, which are then measured to see whether visitors click on them and are redirected to our website (e.g. banner ads on social media).
• Market research: We also process data to improve services and develop new products, e.g. information about your purchases, your response to newsletters, information from customer surveys or from social media, media monitoring services and public sources.

5. How do we work with service providers?

We use various services provided by third parties, in particular IT services (e.g. providers of hosting and data analysis services), shipping and logistics services, and services provided by banks, the postal service, etc. Information on service providers for our website can be found in section 7. These service providers may also process personal data to the extent necessary.

6. Can we disclose data abroad?

The recipients of data are not only located in Switzerland. This applies to certain service providers (especially IT service providers). These have locations both within the EU and the EEA, but also in other countries worldwide. We may also transfer data to authorities and other persons abroad if we are legally obliged to do so or, for example, in the context of legal proceedings (see section 8). Not all of these countries have adequate data protection. We compensate for the lower level of protection by means of appropriate contracts, in particular the European Commission's standard contractual clauses, which are available here. In certain cases, we may also transfer data in accordance with data protection regulations without such agreements, e.g. if you have consented to the disclosure or if the disclosure is necessary for the performance of a contract, for the establishment, exercise or enforcement of legal claims or for overriding public interests.

7. How do we process data in connection with our website?

For technical reasons, certain data is collected each time our website is used and temporarily stored in log files, in particular the IP address of the end device, information about the Internet service provider and the operating system of your end device, information about the referring URL, information about the browser used, the date and time of access, and the content accessed when visiting the website. We use this data so that our website can be used for statistical purposes, to ensure system security and stability, and to optimise our website.

Our website also uses cookies, i.e. files that your browser automatically stores on your device. This allows us to distinguish individual visitors, usually without identifying them. Cookies may also contain information about the pages visited and the duration of the visit. Certain cookies (‘session cookies’) are deleted when you close your browser. Others (‘persistent cookies’) remain stored for a certain period of time so that we can recognise visitors when they return to the website. We may also use other technologies, e.g. to store data in the browser, but also for recognition purposes, e.g. pixel tags or fingerprints. Pixel tags are invisible images or program code that are loaded from a server and thereby transmit certain information (similar to the newsletters mentioned in section 4). Fingerprints are details about the configuration of your device that distinguish your device from other devices.

You can configure your browser settings to block certain cookies or similar technologies, or to delete cookies and other stored data. For more information, please refer to your browser's help pages (usually under the heading ‘Privacy’).

Third party: These cookies and other technologies may also originate from third-party companies that provide us with certain functions. These may be located outside Switzerland and the EEA. For example, we use analytics services to help us optimise our website. Cookies and similar technologies from third-party providers also enable them to target you with personalised advertising on our websites or on other websites and social networks that also work with these third parties, and to measure how effective advertisements are (e.g. whether you arrived at our website via an advertisement and what actions you then take on our website). The relevant third-party providers may record your use of the website and combine their records with further information from other websites. This enables them to record user behaviour across multiple websites and devices in order to provide us with statistical evaluations on this basis. Providers may also use this information for their own purposes, e.g. for personalised advertising on their own website or other websites. If a user is registered with the provider, the provider can assign the usage data to the person concerned.

Two of the most important third-party providers are Google and Facebook. Further information on these can be found below. Other third-party providers generally process personal and other data in a similar manner.

• We use Google Analytics, an analysis service provided by Google LLC (1600 Amphitheatre Parkway, Mountain View, CA, USA) and Google Ireland Ltd. (Google Building Gordon House, Barrow St, Dublin 4, Ireland) on our website. Google collects certain information about user behaviour on the website and about the device used. The IP addresses of visitors in Europe are truncated before being forwarded to the USA. Google provides us with evaluations based on the recorded data, but also processes certain data for its own purposes. Information on data protection at Google Analytics can be found hier. If you have a Google account yourself, you can find further information hier.
• We use Clarity to record and evaluate user behaviour on websites; provider: Microsoft; Clarity-specific information on data protection: «Welche Daten sammelt Clarity?» («What data does Clarity collect?»), «Aufbewahrung von Daten» («Data Retention»), Cookie-Richtlinie.

We may transfer user information, such as email addresses, to Facebook for advertising purposes. Facebook compares this information with corresponding information from its members in order to display targeted advertising to our users (‘Custom Audiences’). You can object to this comparison at any time on Facebook. Our websites may use the so-called ‘Facebook pixel’ and similar technologies from Facebook Ireland Ltd., 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland (‘Facebook’). We use these technologies to display the Facebook ads we place only to users on Facebook and Facebook's partners who have shown an interest in us. We can also use these technologies to track the effectiveness of Facebook ads for statistical purposes and market research by seeing whether users were redirected to our website after clicking on a Facebook ad (so-called ‘conversion measurement’). Further information can be found here. We are jointly responsible with Facebook for displaying advertising information that matches the interests of users, improving ad delivery and personalising features and content (but not for further processing). We have therefore entered into a corresponding supplementary agreement with Facebook. Users can therefore direct requests for information and other data subject requests in connection with joint responsibility directly to Facebook.

8. How do we process data via social media?

We operate our own accounts on social networks and other platforms (e.g. Facebook fan pages, a YouTube channel, etc.). If you communicate with us there or comment on or share content, we collect information that we use primarily to communicate with you, for marketing purposes and for statistical analysis (see sections 4 and 9). Please note that the platform provider also collects and uses data (e.g. on user behaviour) itself, possibly in conjunction with other data known to it (e.g. for marketing purposes or to personalise the platform content). Insofar as we are jointly responsible with the provider, we enter into a corresponding agreement, which you can obtain from the provider.

9. Are there any additional data processing activities?

Yes, because many processes are not possible without processing personal data, including common and even unavoidable internal procedures. It is not always possible to determine this precisely in advance, nor the scope of the data processed in the process. Below, you will find information on typical (although not necessarily frequent) cases:

Communication: When we are in contact with you (e.g., via phone call or when you communicate with us on a social media platform), we process information about the communication content as well as the type, time, and place of the communication. To identify you, we may also process information used for identity verification.

Compliance with legal requirements: In the context of legal obligations or authorizations and to comply with internal regulations, we may disclose data to authorities.

Legal proceedings: To the extent that we are involved in legal proceedings (e.g., court or administrative proceedings), we process data about the parties and other involved persons such as witnesses or informants and disclose data to such parties, courts, and authorities, possibly also abroad.

IT security: We also process data for the monitoring, control, analysis, security, and verification of our IT infrastructure, as well as for backups and data archiving.

Competition: We process data about our competitors and the market environment in general. In doing so, we may also process data about key individuals, particularly names, contact details, roles or functions, and public statements.

Other purposes: We process data to the extent necessary for other purposes such as contract management, recruitment processes, accounting, the enforcement and defense of claims, evaluation and improvement of internal processes, and the creation of anonymous statistics and analyses.

10. How long do we process personal data?

We process your personal data for as long as it is required for the purpose of processing (in the case of contracts, usually for the duration of the contractual relationship), for as long as we have a legitimate interest in storing it (e.g., for archiving or ensuring IT security), and for as long as the data is subject to a statutory retention requirement (certain data, for example, must be retained for ten years). Once these periods have expired, we delete or anonymize your personal data.

11. Are there any other points to consider?

Data processing is only permitted if applicable law specifically allows it. This does not apply under Swiss data protection law, but it does under the European General Data Protection Regulation (GDPR), insofar as it applies. In this case, we base the processing of your personal data on:

• its necessity for preparing and executing contracts (section 3),
• its necessity for legitimate interests of us or third parties, e.g., for statistical analyses or marketing purposes (section 4),
• legal obligations or permissions, or
• your separate consent.

You can find the corresponding provisions in Articles 6 and 9 of the GDPR.

You are not obliged to provide us with data, subject to individual cases (e.g., when you must fulfil a contractual obligation that involves disclosing data to us). However, for legal and other reasons, we must process data when we enter into and carry out contracts. The use of our website is also not possible without data processing.

12. What are your rights?

You have the following rights under the conditions and within the framework of applicable data protection law:

• You may request a copy of your personal data and further information about our data processing;
• You may object to our data processing activities, particularly in connection with direct marketing;
• You may have incorrect or incomplete personal data corrected or completed, or request a note of dispute be added;
• You have the right to receive the personal data you provided to us in a structured, commonly used, and machine-readable format, insofar as the corresponding data processing is based on your consent or is necessary for fulfilling a contract;
• Where we process data based on your consent, you may withdraw your consent at any time. The withdrawal applies only to future processing, and we reserve the right to continue processing data on another legal basis after consent is withdrawn.

If you wish to exercise such a right, please feel free to contact us (section 2). As a rule, we must verify your identity (e.g., by means of an ID copy). You are also free to file a complaint with the competent supervisory authority regarding our processing of your data, in Switzerland with the Federal Data Protection and Information Commissioner (FDPIC).

13. Can this privacy policy be amended?

This privacy policy is not part of a contract with you. We may amend this privacy policy at any time. The version published on our website is the current version.