Data Protection

The TANZPAKT Dresden website can be used without providing any personal data. However, if a person concerned wishes to make use of special services offered by HELLERAU - European Centre for the Arts via our website, it may be necessary to process personal data. If it is necessary to process personal data and there is no legal basis for such processing, we generally obtain the consent of the person concerned.

The processing of personal data, such as the name, address, e-mail address or telephone number of a data subject, is always carried out in accordance with the General Data Protection Regulation and in compliance with the country-specific data protection regulations applicable to HELLERAU - European Center for the Arts.

HELLERAU - European Center for the Arts, as the data controller, has implemented numerous technical and organizational measures to ensure the most complete protection possible of the personal data processed via this website. Nevertheless, internet-based data transmissions can generally have security gaps, so that absolute protection cannot be guaranteed. For this reason, every person concerned is free to transmit personal data to us by alternative means, for example by telephone.

Name and Contact Details of the Person Responsible for Processing and of the Company Data Protection Officer
This data protection information applies to data processing by
Controller: HELLERAU - European Center for the Arts, Stage of the State Capital Dresden, Karl-Liebknecht-Str. 56, D-01109 Dresden, Germany / T +49 0351 264 62 0

The company data protection officer of HELLERAU can be contacted at the above address, Attn. Mr. Andreas Gagelmann, or at datenschutzbeauftragter@dresden.de or by phone at +49 351 488 19 06.

Collection and Storage of Personal Data and the Nature and Purpose of Their Use
When visiting the website: When you visit our website tanzpakt-dresden.de, the browser used on your terminal device automatically sends information to the server of our website. This information is temporarily stored in a so-called log file. The following information is recorded without your intervention and stored until it is automatically deleted:
• IP address of the requesting computer,
• date and time of access,
• name and URL of the file accessed,
• website from which the access is made (referrer URL),
• browser used and, if applicable, the operating system of your computer and the name of your access provider.
The above-mentioned data are processed by us for the following purposes:
• to ensure a smooth connection of the website,
• to ensure a comfortable use of our website,
• to evaluate the system security and stability and
• for other administrative purposes.
The legal basis for the data processing is Art. 6 para. 1 p. 1 lit. f GDPR. Our legitimate interest follows from the above listed purposes for data collection. Under no circumstances will we use the data collected for the purpose of drawing conclusions about your person.

Transfer of Data
No transfer of your personal data to third parties for purposes other than those listed below will take place.
We will only transfer your personal data to third parties if:
• you have explicitly given your consent in accordance with Art. 6 para. 1 sentence 1 lit. a GDPR,
• the transfer in accordance with Art. 6 para. 1 sentence 1 lit. f GDPR is necessary for the assertion, exercise or defence of legal claims and there is no reason to assume that you have an overriding interest worthy of protection in the non-disclosure of your data,
• in the event that there is a legal obligation to disclose your data in accordance with Art. 6 Para. 1 S. 1 lit. c GDPR, and
• this is legally permissible and is necessary in accordance with Art. 6 Para. 1 S. 1 lit. b GDPR for the processing of contractual relationships with you.

Embedded Social Media Elements
We integrate elements of social media services on our website on the basis of Art. 6 para. 1 p. 1 lit. f GDPR to display pictures, videos and sound files. The advertising purpose behind this is to be regarded as a legitimate interest within the meaning of the GDPR. When you visit pages that display these elements, data is transferred from your browser to the respective social media service and stored there. We have no access to this data.

a) YouTube
We have embedded YouTube videos into our website, so we can present videos of our artists directly on our site. YouTube is a video portal, which is a subsidiary company of Google since 2006. The video portal is operated by YouTube, LLC, 901 Cherry Ave., San Bruno, CA 94066, USA. When you visit a page on our website that has an embedded YouTube video, your browser automatically connects to the servers of YouTube or Google. Various data is transferred (depending on the settings). Google Ireland Limited (Gordon House, Barrow Street Dublin 4, Ireland) is responsible for all data processing in the European region.
In order to be able to display videos on our website, YouTube provides a code snippet that we have embedded on our site. When you visit one of our sites that has a YouTube video embedded, YouTube sets at least one cookie that stores your IP address and our URL. If you are logged in to your YouTube account, YouTube can associate your interactions on our site with your profile, usually by using cookies. This includes information such as session duration, bounce rate, approximate location, technical information such as browser type, screen resolution, or your Internet service provider. If you are not signed in to a Google Account or YouTube account, Google stores information with a unique identifier associated with your device, browser, or app. For example, your preferred language setting is preserved. However, much interaction data cannot be stored because fewer cookies are set.
The data that YouTube receives and processes from you is stored on Google's servers. Most of these servers are located in America.
At https://www.google.com/about/datacenters/locations/ you can see exactly where the Google data centers are located. Your data is distributed on the servers. So the data can be retrieved faster and is better protected against manipulation. Even if you are not signed in to a Google Account, you can delete some data associated with your device, browser or app.
If you do not want cookies, you can set your browser to notify you whenever you receive a cookie. So you can decide for each cookie whether you want to allow it or not. Since YouTube is a subsidiary of Google, there is a common privacy policy. If you would like to learn more about the handling of your information, we recommend that you read the privacy policy at https://policies.google.com/privacy?hl=en.

b) Vimeo
We also use videos from Vimeo on our website. The video portal is operated by Vimeo LLC, 555 West 18th Street, New York, New York 10011, USA. With the help of a plug-in, we can display video material of our associated artists directly on our website. Certain data may be transferred from you to Vimeo.
When you visit a web page on our website that has a Vimeo video embedded, your browser connects to the Vimeo servers. This results in a data transfer. This data is collected, stored and processed on the Vimeo servers. Whether or not you have a Vimeo account, Vimeo collects information about you. This includes your IP address, technical information about your browser type, operating system, or very basic device information. In addition, Vimeo stores information about which website you use the Vimeo service and what actions (web activities) you perform on our website. These web activities include, for example, session duration, bounce rate, or which button you clicked on our website with a built-in Vimeo function.
If you are logged in as a registered member of Vimeo, more data can usually be collected because more cookies may have been set in your browser. In addition, your actions on our website will be directly linked to your Vimeo account. To prevent this, you must log out of Vimeo while you are "surfing" our site.
Vimeo uses this information to improve its services, to communicate with you, and to implement its own targeted advertising measures. Vimeo emphasizes on its website that only first-party cookies (cookies from Vimeo itself) are used for embedded videos, as long as you do not interact with the video.
Vimeo is headquartered in White Plains, New York State (USA). However, the services are offered worldwide. The company uses computer systems, databases and servers in the USA and also in other countries. Your data can therefore also be stored and processed on servers in America. The data will remain stored by Vimeo until the company no longer has an economic reason for storing it. Then the data is deleted or made anonymous. Vimeo complies with the EU-U.S. Privacy Shield Framework and is therefore allowed to collect, use and transfer data from users in the EU to the U.S.
You always have the option of managing cookies in your browser according to your wishes. For example, if you do not want Vimeo to set cookies and thus collect information about you, you can delete or disable cookies in your browser settings at any time.
Vimeo is an active participant in the EU-U.S. Privacy Shield Framework, which regulates the correct and secure transfer of personal data. For more information, please visit https://www.privacyshield.gov/participant?id=a2zt00000008V77AAE&status=Active. You can learn more about the use of cookies at Vimeo at https://vimeo.com/cookie_policy. Information about data protection at Vimeo can be found at https://vimeo.com/privacy.

c) SoundCloud
On our website we use functions (widgets) of the social media network SoundCloud from the company SoundCloud Limited, Rheinsberger Str. 76/77, 10115 Berlin, Germany. You can recognize the widgets by the logo with the orange cloud.
When you visit one of our websites that has a widget (like or share button or play function), your browser connects to a SoundCloud server. This allows data from you to be transferred to SoundCloud, managed and stored there. For example, SoundCloud learns your IP address and which page (in this case ours) you visited and when. If you have a SoundCloud account and are logged in while browsing our website, the collected data is directly assigned to your account. You can only prevent this by logging out of SoundCloud while you are on our website. In addition to the information mentioned above, the cookies also store data about your user behavior. For example, whenever you click a button, play or pause a song, this information is stored in the cookies. The widget or SoundCloud is thus able to recognize you and sometimes the widget is also used to deliver personalized content to you. SoundCloud not only uses its own cookies, but also cookies from third party providers such as Facebook or Google Analytics. These cookies help the company to get more information about your behavior on external websites and its own platform. We as website operators do not receive any information about your user behavior through the cookies used by SoundCloud. The data transfer and therefore also the information about technical devices and your behavior on the website takes place between you and SoundCloud.
In principle, the data collected remains stored at SoundCloud as long as a user account exists or it is necessary for SoundCloud to achieve its business objectives. How long exactly is stored changes depending on the context and legal obligations. Even if you do not have an account and personal data has been stored, you have the right to request data deletion.
If you want to learn more about SoundCloud's privacy policy and the general handling of data by SoundCloud, we recommend you read the company's privacy policy at https://soundcloud.com/pages/privacy.

Rights of Data Subjects
You have the right:
• to request information about your personal data processed by us in accordance with Art. 15 of the GDPR. In particular, you may request information on the purposes of processing, the category of personal data, the categories of recipients to whom your data has been or will be disclosed, the planned storage period, the existence of a right of rectification, cancellation, limitation of processing or opposition, the existence of a right of appeal, the origin of your data, if not collected by us, as well as the existence of automated decision making including profiling and, if applicable
• to demand, in accordance with Art. 16 GDPR, the immediate correction of incorrect or incomplete personal data stored by us;
• to demand the deletion of your personal data stored with us in accordance with Art. 17 GDPR, unless the processing is necessary to exercise the right to freedom of expression and information, to fulfill a legal obligation, for reasons of public interest or to assert, exercise or defend legal claims;
• in accordance with Art. 18 GDPR to demand the restriction of the processing of your personal data, as far as the correctness of the data is disputed by you, the processing is unlawful, but you refuse its deletion and we no longer need the data, but you need it for the assertion, exercise or defence of legal claims or you demand it according to Art. 21 GDPR, you have lodged an objection to the processing;
• in accordance with Art. 20 GDPR, to receive your personal data that you have provided us with in a structured, common and machine-readable format or to request that it be transferred to another person responsible;
• in accordance with Art. 7 Para. 3 GDPR, to revoke the consent you have given us at any time. As a result, we are no longer allowed to continue data processing based on this consent in the future and
• in accordance with Art. 77 GDPR to complain to a supervisory authority. As a rule, you can contact the supervisory authority of your usual place of residence or workplace or our office for this purpose.

Right to Object
If your personal data is processed on the basis of legitimate interests pursuant to Art. 6 Paragraph 1 S. 1 letter f GDPR, you have the right, pursuant to Art. 21 GDPR, to object to the processing of your personal data if there are reasons for doing so that arise from your particular situation or if the objection is directed against direct advertising. In the latter case, you have a general right of objection, which will be implemented by us without specifying a specific situation. If you wish to exercise your right of objection or cancellation, simply send an e-mail to info@hellerau.org.

Data Security
We use appropriate technical and organizational security measures to protect your data against accidental or intentional manipulation, partial or complete loss, destruction or unauthorized access by third parties. Our security measures are continuously improved in line with technological developments.

Up-To-Dateness and Amendments of This Data Protection Declaration
This data protection declaration is currently valid and has the status of November 2020.
It may become necessary to amend this data protection declaration as a result of the further development of our website and offers above or due to amended legal or official requirements. The current data protection declaration can accessed and printed out at any time on the website.