data protection

Introductory information

Theater Basel is committed to complying with the applicable data protection regulations and laws of Switzerland. Accordingly, this privacy policy is based on the Swiss Federal Act on Data Protection (FADP) and the associated Ordinance (FADP).

This privacy policy applies to all data processing in the context of our relationship with you, unless additional or specific information is provided by us.

This particularly concerns the processing of personal data. This refers to all information relating to an identifiable natural person. A natural person is considered identifiable if they can be identified directly or indirectly, in particular by association with an identifier, a name, an identification number, location data, an online identifier (e.g., cookie), or one or more special characteristics that express the physical, physiological, genetic, psychological, economic, cultural, or social identity of that person.

Please note that Theater Basel reserves the right to change its privacy policy at any time. Any changes will be announced on the website.

Information

1.1 Responsible body for processing your personal data

The responsible party in terms of data protection law is

Mailing address
Theater Basel
P.O. Box
4001 Basel

+41 (0)61 295 11 00
info@theater-basel.ch
https://www.theater-basel.ch/

Theater Basel is responsible for operating the website "https://www.theater-basel.ch" and the ticket shop "https://shop.theater-basel.ch/" (hereinafter referred to as "website," unless otherwise specified) and is therefore responsible for the collection, processing, and use of your personal data, as well as for ensuring that data processing complies with Swiss law.

Please send us your data protection concerns to the following email address:

«datenschutz@theater-basel.ch"

1.2 Collection and processing of personal data

We primarily process personal data that we receive from our customers and other business partners in the course of our business relationship with them and other persons involved, or that we collect from users when operating our website, apps, and other applications.

Depending on the nature of the business relationship, we process the following categories of personal data:

  • Master data (e.g., name, address, nationality, date of birth, email address, phone number, occupation, employer, and industry);

  • Contract and financial data (e.g., contract type, contract content, applicable terms and conditions, contract start date, contract term, billing data, payment information, other economic data);

  • Telecommunications metadata (e.g., telephone number, date, time, and duration of the connection, type of connection, location data, IP address, device identification numbers);

  • Interaction and usage data (e.g., correspondence, voice recordings, customer service information, customer preferences, device type, device settings, operating system, software, information from the assertion of rights, feedback);

  • Documents and specific information for job applications (cover letter, resume and photo, employment references, diplomas, training certificates, third-party references, interview notes);

  • Website information: (e.g., website, IP address, cookie information, browser settings, frequency of visits to the website, duration of visits to the website, search terms, clicks on content, referring website)

1.3 Purposes of data processing

We primarily use the personal data we collect to conclude and execute our contracts with our customers and business partners. If you work for a business partner, your personal data may of course also be affected in this capacity.

In addition, we process your personal data, to the extent permitted and as we deem appropriate, for the following purposes:

  • Offering and further developing our products, services, and website on which we are present;

  • Communicating with you and processing your inquiries (e.g., media inquiries);

  • Conducting application procedures;

  • Advertising and marketing (including the organization of events), provided you have not objected to the use of your data (if we send you advertising as an existing customer, you can object to this at any time, and we will then place you on a block list to prevent further advertising mailings);

  • Market and opinion research, media monitoring;

  • Assertion of legal claims and defense in connection with legal disputes and administrative proceedings; 

  • Prevention and investigation of crimes and other misconduct (e.g., conducting internal investigations, data analysis for fraud prevention);

  • Ensuring the operation of our business, in particular our IT systems, our website, and platforms;

  • Protecting our interests and securing our claims.

If you have given us your consent to process your personal data for specific purposes (e.g., to receive newsletters), we will process your personal data within the scope of and based on this consent, unless we have another legal basis and require one. Consent that has been given can be revoked at any time, but this will not affect data processing that has already taken place.

1.4 Third parties to whom we disclose personal data

We treat your personal data as confidential and only pass it on if you have given your consent, if we are legally obliged or entitled to do so, or if this is necessary to enforce our rights, in particular to enforce claims arising from the contractual relationship. Under no circumstances will we sell your data.

We also disclose personal data to third parties within the scope of our business activities and for the above-mentioned purposes, insofar as this is permitted and appropriate, either because they process it for us (order processing) or because they wish to use it for their own purposes (data disclosure). This applies in particular to:

  • Service providers, including order processors;

  • IT service operators (e.g., web hosting providers, email delivery service providers, online tools);

  • Suppliers;

  • Authorities;

  • Insurance;

  • Banking institutions and payment service providers;

  • Debt collection partners;

  • Government agencies and courts.

In doing so, we naturally comply with the legal provisions governing the transfer of personal data to third parties. If we use processors to provide our services, we take appropriate legal precautions and implement appropriate technical and organizational measures to ensure that your personal data is protected in accordance with the relevant legal provisions.

As a matter of principle, no personal data will be passed on or sold to third parties for unauthorized advertising or marketing purposes.

Some of the recipients are located domestically, while others are located abroad.

1.5 Location of data processing

We generally process personal data in Switzerland or in an EU/EEA country or in another country that has an adequate level of data protection. With regard to certain processing operations, you must expect your data to be transferred to other countries within and outside Europe, where some of the IT service providers we use are located. If we disclose data to a country that does not have an adequate level of legal data protection, we require the recipient to take appropriate measures to protect your privacy (e.g., by agreeing to the EU Standard Contractual Clauses, the current version of which is available here, or other precautions) or we rely on justifications such as your consent.

1.6 Duration of data processing

We process personal data for as long as it is necessary to fulfill our contractual obligations or for other purposes related to the processing, for example for the duration of the entire business relationship and beyond, in accordance with the statutory retention and documentation obligations. It is possible that personal data may be retained for the period during which claims can be asserted against us and insofar as we are otherwise legally obliged to do so or legitimate interests require this (e.g. for evidence and documentation purposes). As soon as your personal data is no longer required for the above-mentioned purposes, it will generally be deleted or anonymized.

1.7 Data security

Your personal data is protected against access by unauthorized third parties. Only a limited number of authorized persons have access to the complete data. 

Theater Basel uses appropriate technical and organizational security measures to protect your personal data stored with us against manipulation, partial or complete loss, and unauthorized access by third parties. We also continuously improve our security measures in line with technological developments. 

The measures taken are designed to ensure the confidentiality and integrity of your data and to guarantee the long-term availability and resilience of our systems and services when processing your data. They are also intended to ensure the rapid restoration of the availability of your data and access to it in the event of a physical or technical incident.

1.8 Your rights

You have the right to access, rectify, erase, restrict, transfer, and object to the processing of your personal data.

If you have given us your consent to process your personal data for specific purposes, you also have the right to revoke this consent at any time. However, such revocation has no effect on data processing that has already taken place.

Please note that we reserve the right to apply the restrictions provided for by law, for example if we are obliged to store or process certain data, have an overriding interest in doing so (insofar as we are permitted to invoke this), or need it to assert claims.

Please also note that exercising these rights may conflict with contractual agreements and may have consequences such as premature termination of the contract or additional costs. In this case, we will inform you in advance if this is not already regulated in the contract. 

Exercising your data protection rights usually requires you to clearly prove your identity (e.g., by providing a copy of your ID if your identity is otherwise unclear or cannot be verified). To assert your rights, please contact us at:

datenschutz@theater-basel.ch

If you believe that the processing of your personal data violates data protection law, or that your data protection rights have been violated in any other way, you can also lodge a complaint with the competent supervisory authority. In Switzerland, this is the Federal Data Protection and Information Commissioner (FDPIC).

2. Visit the website

When you visit our website, we temporarily collect the following data in particular:

  • the IP address of the requesting device

  • the date and time of access

  • the name and URL of the file accessed

  • the website from which access was made

  • the operating system of your device and the browser you are using

  • the country from which you accessed the site and the language settings in your browser

  • the name of your Internet access provider

 This data is collected and processed for the purpose of enabling the use of our website (connection establishment), ensuring long-term system security and stability, enabling the optimization of our website, and for internal statistical purposes.
Please also refer to section 4.

2.1 Cookies / Tracking and other technologies related to the use of our website

In addition to this temporarily collected data, which is primarily technical in nature, we may also use cookies and similar technologies (e.g., pixel tags or fingerprints) to recognize visitors to our website, evaluate their behavior, and identify their preferences. Cookies are information files that your internet browser automatically stores on the device you are using (e.g., a PC, laptop, tablet, or smartphone; hereinafter referred to as "device") when you visit our website. Cookies help to make your visit easier, more enjoyable, and more meaningful. Cookies cannot damage your device, execute programs, or contain viruses. In particular, Theater Basel does not use cookies to create personalized user profiles.

Some of the cookies used by our website are deleted after the end of the browser session, i.e. after you close your browser (so-called session cookies). Other cookies remain on your device and enable Theater Basel to recognize your browser the next time you visit (persistent cookies).

Most Internet browsers automatically accept cookies. However, you can configure your browser so that no cookies are stored (permanently) on your device or so that a message always appears when you receive a new cookie. You can find out how to manage cookies in your Internet browser in the help menu of your Internet browser.

In addition, we use our own tools and third-party services (which may also use cookies) on our website, in particular to improve the functionality or content of our website (e.g., integration of videos or maps), to compile statistics, and to display advertising. Further information on these third-party providers can be found in Section 5. 

We would like to point out that deactivating cookies may mean that you cannot use all the functions of our website. This applies in particular to the web shop, where a purchase can only be made if the (technically essential) cookies are not blocked.

2.2 Registration form

When filling out registration forms (e.g., participation in a raffle, membership applications, etc.), the following data in particular must be provided (mandatory or optional):

  • First and last name and/or name of your company/institution

  • Address

  • Contact information such as phone number and email address

  • date of birth

This information enables us to contact you after you have registered in the manner indicated to us. Without this personal data, your registration is invalid and will expire.
In addition to using your data for registration purposes, by submitting the form you also consent to your data being used by Theater Basel for direct marketing for other events (see section 3.3).

You may object to this data processing at any time. Please send your objection to the email address specified in section 1.1 and we will review your request. In such a case, your registration will not be processed further.

In addition to using your data for registration purposes, by submitting the form you also consent to your data being used by Theater Basel for direct marketing for other events (see section 3.3). If you do not agree to this, please send your objection to the email address specified in section 1.1.

Your personal data will be deleted as soon as the matter you have raised has been dealt with. This is the case when it can be inferred from the circumstances that the matter in question has been conclusively clarified and there are no legal retention obligations that prevent deletion.

2.3 Ticket booking

When you make a purchase in our online store or at the ticket office, an account is created that is protected by a password. The following personal data in particular is collected:

  • Salutation

  • First and last name and/or name of your company/institution

  • Address

  • date of birth

  • Contact information such as phone number and email address

In addition, information about the time of booking, the delivery method, and the payment method is recorded, which enables us to process the booking and track it in case of problems. In the case of electronic payment methods, the relevant information is expressly not stored by Theater Basel, but is only recorded and processed by the payment provider Datatrans. Communication with the payment provider's servers is encrypted and uses impersonal reference numbers.

In addition to processing bookings, the personal data collected for the purchase is used to contact customers in exceptional situations such as event cancellations or changes. The data is also used for anonymous statistical analysis of our sales figures with the aim of adapting and improving our range of events in the future. The data is transferred to the systems of our order processors in Germany and Austria via automated interfaces for further processing.
In addition, the data stored during a purchase may be used by Theater Basel for direct advertising for other events. You can prevent this by setting an opt-out flag when booking your ticket.

Please note that you can make anonymous purchases at the ticket and event box office, but this means that you will not be able to access some additional information services.

2.3.1 Payment processing

When we share data with Datatrans, it is done exclusively for the purpose of payment processing.
Datatrans complies with current security standards, in particular the Payment Card Industry Data Security Standard (PCI DSS) as well as the new European security standards PSD2 and strong customer authentication (SKA).
Further information on data protection and data security at Datatrans can be found in the General Terms and Conditions, the Datatrans Privacy Policy, the Datatrans Security & Compliance website, and the Datatrans documentation.

3 Marketing/Advertising

3.1 Newsletter

You have the option of subscribing to a newsletter on our website. In order for us to send you our newsletter, we need your email address in particular. In addition, you can voluntarily provide further data, which we can use to personalize the information and offers sent to you and better tailor them to your interests.

By confirming your registration (double opt-in/DOI), you give us your consent to process the data provided for the regular dispatch of the newsletter to the address you have provided and for the statistical evaluation of usage behavior and the optimization of the newsletter.
At the end of each newsletter, there is a link that you can use to unsubscribe from the newsletter at any time. After unsubscribing, your personal data will be deleted.

3.2 Advertising material

You have the option of having print media (game program) delivered to you. For this purpose, we collect the following personal data in particular:

  • First and last name and/or name of your company/institution

  • Address

Providing your email address is recommended so that we can clarify any issues that may arise, but it is not a mandatory requirement. The data is collected and processed for the purpose of ensuring the delivery of advertising materials.

3.3 Direct advertising

If Theater Basel has obtained your postal address or email address in connection with the purchase of a theater ticket or participation in a prize draw, Theater Basel reserves the right to use this data for direct marketing for another performance, unless you have objected to such use. You can object to this at any time by clicking on the unsubscribe link in any electronic recommendation letter or by sending an email with the subject line "Objection to marketing" to: service@vom.theater-basel.ch or by post to Theater Basel, Visitor Service, P.O. Box, CH-4010 Basel.

3.4 Analysis of newsletters and direct mail

We use third-party marketing services to send newsletters and electronic direct advertising (see section 5). Our newsletter may therefore contain a web beacon (tracking pixel) or similar technical means. A web beacon is a 1x1 pixel invisible graphic that is linked to the recipient's user ID.
The use of such services enables us to evaluate whether the newsletter/direct advertising emails have been opened. In addition, the click behavior of the recipients can also be recorded and evaluated. We use this data for statistical purposes and to optimize the content and structure of newsletters and direct mail. This enables us to better tailor the information and offers to the individual interests of each recipient.
The tracking pixel is deleted when you delete the email. To prevent tracking pixels in newsletters and electronic direct mail, you can set your email program to not display HTML in messages.

4 social media presences

We maintain social media profiles on Facebook and Instagram. 

The data you enter on our social media profiles is published by the social media platform and is not used or processed by us for any other purpose at any time. However, we reserve the right to delete content if necessary. We may communicate with you via the social media platform. 

Please be aware that the operator of the social media platform uses web tracking methods. Web tracking, over which we have no influence, may also take place regardless of whether you are logged in or registered with the social media platform.

You can find more detailed information on data processing by the social media platform provider in the privacy policy of the respective provider:

Social network provider Privacy policy Facebook Meta Platforms Inc. (USA)/Meta Platforms Ireland Ltd. (Ireland)LinkInstagramMeta Platforms Inc. (USA)/Meta Platforms Ireland Ltd. (Ireland)Link

5 Service providers, advertising partners, and companies involved

Currently, we may use offers from the following service providers and advertising partners in particular. Your contact details and further information on the individual data processing operations can be found in the respective privacy policy. This also applies to the other companies involved in data processing by us:

Companies involved

  • Programming/hosting of our website: Netnode AG (Switzerland)/Hetzner Online GmbH (Germany); General information on data protection: Netnode privacy policy; Hetzner Online GmbH privacy policy

  • Ticket bookings and payment processing via Datatrans: SecuTix SA (Switzerland); General information on data protection: Privacy policy; Basis for third-country transfers: Standard contractual clauses

  • Payment processing SecuTix SA and visitors: Datatrans AG (Switzerland); General information on data protection: Terms and Conditions; Data protection provisions; Security compliance

  • Data hub/business intelligence software, processing of SecuTix data: Graf Moser Management GmbH – Kulturplanner (Austria); General information on data protection: Privacy policy; Basis for third-country transfers: Standard contractual clauses

  • Newsletter dispatch/evaluation: Wilken Software Group (Germany); General information on data protection: Privacy policy