Data Protection

Name/Company: Vienna Chamber Orchestra
Represented by: Prof. Christian Buchmann, Managing Director
Address: Schachnerstraße 27, 1220 Vienna, Austria
Email: wiener@kammerorchester.com
Phone: +43 1 203 63 57

We process data to provide and secure the website, respond to enquiries, measure reach, and display embedded content. Legal bases depending on purpose: Art. 6(1)(b) GDPR (contract/pre-contract), (c) (legal obligations), (f) (legitimate interest, e.g. secure and economical provision of the website), (a) (consent, e.g. for non-essential cookies or external media).

Master and contact data, content data from forms, usage and metadata (IP address, timestamps, URLs accessed, referrer, browser/device), and where initiated via the website, contract and payment data.

IT service providers, hosting and cloud providers, analytics providers, embedded media platforms, and communication and support tools. Data processing agreements pursuant to Art. 28 GDPR are in place. Data is disclosed to third parties only where necessary or required by law.

Where providers outside the EEA are used, data may be transferred to third countries. The legal basis comprises adequacy decisions of the European Commission (e.g. EU-US Data Privacy Framework) or standard contractual clauses pursuant to Art. 46 GDPR with supplementary safeguards. Details are provided in the notices for the respective services in the consent banner.

Our hosting provider processes server log data to provide and secure the website (e.g. IP address, date/time, content accessed, referrer, user agent). Legal basis: Art. 6(1)(f) GDPR. Retention: typically 7–30 days; longer retention only for evidence in security incidents.

This website uses TLS encryption (recognisable by “https” and the padlock symbol). This protects transmitted data from unauthorised access. Legal basis: Art. 6(1)(f) GDPR.

When you contact us via form, email, or phone, we process your details to handle your request and any follow-up questions. Legal basis: Art. 6(1)(b) GDPR; for general enquiries Art. 6(1)(f) GDPR. Retention: until the matter is concluded and in accordance with statutory retention periods.

We use technically necessary cookies to provide the website. Non-essential cookies and external services are activated only after your consent. You can change your selection at any time via “Cookie settings” in the footer.

Legal basis: access to terminal equipment information under Section 165 TKG 2021; subsequent processing on the basis of Art. 6(1)(a) GDPR (consent) or (f) GDPR (legitimate interest, where permitted).

To improve our offering, anonymised or pseudonymised usage data may be processed; IP addresses are truncated where technically possible. Legal basis: your consent (Art. 6(1)(a) GDPR). You may withdraw consent at any time via “Cookie settings”.

On individual pages we embed content from external platforms. These providers may read terminal equipment information and process usage data. Content is loaded only after your active consent (“Agree, load content”). Legal basis: Art. 6(1)(a) GDPR. Information on recipients, retention periods, and withdrawal is available in the consent banner and in the providers’ privacy notices.

We store personal data only as long as necessary for the respective purposes or where statutory retention obligations apply. Thereafter we delete or anonymise the data. Specific periods depend on the respective purposes and legal requirements.

Provision of usage data when visiting a page is technically required. Further information is voluntary but may be necessary to handle enquiries. Non-essential cookies/tools are used only with consent.

You have the right to access, rectification, erasure, restriction, data portability, and to object to processing based on Art. 6(1)(e) or (f) GDPR. You may withdraw consent at any time with effect for the future. You have the right to lodge a complaint with a supervisory authority.

Competent supervisory authority (AT): Austrian Data Protection Authority, Barichgasse 40–42, 1030 Vienna, dsb@dsb.gv.at, https://www.dsb.gv.at/

We have agreements with all processors pursuant to Art. 28 GDPR. For third-country transfers we use EU standard contractual clauses or rely on adequacy decisions. Corresponding evidence is available on request.

We update this policy as needed and publish changes here.