PRIVACY POLICY
We are an orchestra that operates as Arco Sinfónica GmbH. We are pleased that you are visiting our website and thank you for your interest. The protection of the personal data of visitors to our website and of our customers and contact persons is a central concern for us. Therefore, please take note of the following information.
The following provisions inform you about the collection and processing of your personal data in connection with your visit to our services.
1. Party Responsible for this website
The party responsible for the collection and processing of personal data in the context of visiting our website and using our services is
Arco Sinfónica GmbH
Managing Director Julia H.M. Diederich
Hans-Scherlin-Str. 23
79238 Ehrenkirchen, Germany
Tel: +49 7633/807824
E-mail: info@arco-sinfonica.de
Commercial Register: District Court Freiburg im Breisgau, HRB 718850
2. Basic principles and scope
We collect and process your personal data in compliance with the relevant legal provisions, in particular the General Data Protection Regulation (Datenschutz-Grundverordnung in German, hereinafter referred to as “DSGVO”), the Federal Data Protection Act (hereinafter referred to as “BDSG”) and the Telecommunications Digital Services Data Protection Act (hereinafter referred to as “TDDDG”) in accordance with the following regulations.
The definitions of terms in the relevant legal basis apply.
This privacy policy applies to all the services offered by Arco Sinfónica listed below.
3. Collection and processing of your personal data
If you have any questions or would like to book Arco Sinfónica for an event, you can contact us online through our contact form, by phone, in person, by email or by any other means. We process your personal data accordingly from the various sources.
You provide us with much of the data we process yourself when you contact us, for example when you use the contact form and provide your email address.
3.1. Visiting our website
When using the website for informational purposes, i.e. merely viewing it without registering and without you otherwise providing us with information, we process the personal data that your browser transmits to our server. The data described below is technically necessary for us to display our website to you and to ensure stability and security and must therefore be processed by us. The legal basis is Art. 6 para. 1 sentence 1 lit. f DSGVO:
– IP address
– date and time of the request
– time zone difference to Greenwich Mean Time (GMT)
– content of the request (page visited)
– access status/HTTP status code
– amount of data transferred in each case
– previously visited page
– Browser
– operating system
– language and version of the browser software.
3.2. Contacting Us
If you contact us via the contact form, by e-mail, by post or by telephone, we collect, store and process your e-mail address, your surname, your first name and the content of your message, if necessary also your telephone number. If you provide your address and other contact details, we will also store and process this data.
We store and use your personal data for the purpose of answering your questions or processing your messages or any other subsequent questions or communication.
After the communication with you has ended, this data will be deleted – subject to any legal or regulatory retention obligations or the lawfulness of the processing of the data on another legal basis.
The legal basis for the processing of your personal data is our legitimate interest in being able to communicate with you in order to answer your messages and questions (Art. 6 para. 1 sentence 1 lit. f DSGVO).
3.3. Use of cookies
Cookies are small text files stored by your web browser that store certain settings and data for exchange with our web server. Cookies do not cause any damage to your computer and do not contain viruses. Cookies are used to make our offer more user-friendly, effective and secure.
We use the “pll_language” cookie, which stores the language of a multilingual website selected by the visitor, in order to automatically reuse that language on the next visit. It is technically necessary because it stores the page setting selected by the user and is necessary for the correct display and functionality of the website. It does not collect any personal data and only serves the basic functioning. It is configured as a persistent cookie and is not automatically deleted when you close the browser.
The Google Fonts used are integrated locally. Local hosting loads the fonts from your own server, which means that no personal data is shared with Google.
The legal basis for the use of technically necessary cookies is § 25 para. 2 no. 2 TDDDG.
4. Order processing/disclosure of data
4.1. Order processing
Without prejudice to other provisions, we reserve the right to transmit your data to third parties commissioned by us (processors) on the basis of the aforementioned legal bases (e.g. in the context of IT support). There are always agreements on order processing with the service providers commissioned in this way. These ensure that the data passed on in this way is only used by our agents to fulfil the tasks specified by us in accordance with the above purpose and in compliance with the necessary technical and organisational measures for data security and data protection.
4.2. Disclosure of data to third parties
Otherwise, your personal data will not be transmitted to third parties for purposes other than those listed below. We will only share your personal information with third parties if:
• you have expressly consented to this in accordance with Art. 6 (1) sentence 1 (a) DSGVO;
• the disclosure pursuant to Art. 6 (1) sentence 1 (f) DSGVO is necessary for the assertion, exercise and defence of legal claims and there is no reason to assume that you have an overriding interest worthy of protection in the non-disclosure of your data;
• in the event that there is a legal obligation for the disclosure pursuant to Art. 6 (1) sentence 1 (c) DSGVO, and
• this is legally permissible and necessary for the processing of contractual relationships with you in accordance with Art. 6 (1) sentence 1 (b) DSGVO.
5. Encryption/Data Security
The collection, processing and use of your data via the contact form is exclusively encrypted using SSL encryption (so-called Secure Socket Layer) or TLS encryption (so-called Transport Layer Security). A T-Systems “Telesec ServerPass certificate” is used. SSL is used to encrypt the continuous stream of data on the Internet between the server and a user’s browser in order to prevent “secret eavesdropping and reading” – as far as this is technically possible. You can recognize this encryption by the fact that the URL is marked with “https://” in the address bar of your browser and/or a “lock symbol” (icon) appears next to the address bar of the web browser. By clicking on the icon, you will receive further information about the encryption and/or the SSL certificate used, depending on the browser you are using.
We would like to point out that it is not possible to fully guarantee data security by means of e-mail communication. For the transmission of confidential information, postal or courier delivery may be preferable.
In addition, we use all suitable technical and organisational security measures required in accordance with the principles of Art. 32 DSGVO to protect your data against accidental or intentional manipulation, partial or complete loss, destruction or unauthorised access by third parties. Our security measures are continuously improved and developed in line with technological developments.
6. Deletion of data/restriction of data processing
In principle, your data will be deleted if you have withdrawn your consent and there is no other legal basis for its further processing.
Furthermore, your personal data will be deleted if it is no longer required for the purpose of data processing and there is no longer a legitimate interest in further storage and processing. However, if this data still has to be stored due to existing legal, official or contractual obligations (e.g. warranty, statutory retention obligations), your personal data will continue to be stored. If possible, data processing will be restricted under the legal requirements.
7. Rights of individuals concerned by data
As an indnvidual whose data are being used, you have the following rights under law:
1. Right to information (Art. 15 DSGVO)
2. Right to rectification (Art. 16 DSGVO)
3. Right to erasure/right to “be forgotten” (Art. 17 DSGVO)
4. Right to restriction of processing (Art. 18 DSGVO)
5. Right to data portability (Art. 20 DSGVO)
6. Right to object to certain forms of data processing (Art. 21 DSGVO – direct marketing, data processing on the basis of Art. 6 para. 1 sentence 1 lit. e and f DSGVO)
7. Right to withdraw consent (Art. 7 para. 3 DSGVO)
If you have given us your consent to the collection and processing of your data, you can revoke it at any time with effect for the future. This does not affect the lawfulness of the processing of your data in the past until the revocation. Please note that we may continue to collect and process your data despite a revocation if this is necessary and permissible on another legal basis (e.g. for the performance of an existing contractual relationship with you, due to a legitimate interest, due to a legal obligation).
To assert your rights and answer any questions, please contact us using the contact details provided above.
Right to lodge a complaint with the supervisory authority (Art. 77 DSGVO)
In addition, you can file a complaint with the competent data protection supervisory authority if you believe that the processing of your data violates applicable law. You have the option of contacting the data protection authority responsible for your place of residence or country or the data protection authority responsible for us.
The supervisory authority responsible for us is:
Der Landesbeauftragte für den Datenschutz und die Informationsfreiheit
(The State Commissioner for Data Protection and Freedom of Information)
Lautenschlagerstraße 20
70173 Stuttgart
Tel: +49 711/615541-0
Fax: +49 711/615541-15
E-Mail: poststelle@lfdi.bwl.de
8. Data processing in third countries
Your personal data will only be processed within the European Union (EU) or the European Economic Area (EEA).
9. Up-to-dateness and modification of the privacy policy
This privacy policy is currently valid and has the status as of October 2025.
Due to the further development of our websites and offers or due to changed legal or official requirements, it may become necessary to change this data protection declaration. You can access the currently valid data protection declaration at any time from any page of our website under the link “Data protection”. Our privacy policy can be printed and saved.