1. About us
Responsible for the processing of your data:
Dresdner Philharmonie
Communication Department
Schloßstraße 2
01067 Dresden
If you have any questions about this data protection declaration, the processing of your data, your rights or other concerns in the area of data protection, our data protection officer will be happy to help you.
Contact details of the data protection officer:
Data Protection Officer of the City of Dresden
P.O. Box 120020
01001 Dresden Scope of application
This privacy policy applies to the following social media and professional networks:
Facebook: Dresdner Philharmonie (https://www.facebook.com/DresdnerPhilharmonie/)
Instragram: dresdnerphilharmonie (https://www.instagram.com/dresdnerphilharmonie/)
LinkedIn: Dresdner Philharmonie (https://www.linkedin.com/company/dresdner-philharmonie/)
TikTok: dresdnerphilharmonie (https://www.tiktok.com/@dresdnerphilharmonie)
Youtube: Dresdner Philharmonie (https://www.youtube.com/@PhilharmonieDresden/streams)
and is aimed at visitors to these sites, insofar as it relates to postings by us or visitors, writing and replying to direct messages and the commissioning and management of advertising measures. The respective operator is responsible for other processing on the platform.
Wenn Sie unseren Auftritt auf der Plattform des Betreibers besuchen oder mit diesem interagieren, verarbeitet der Betreiber der Plattform Ihre personenbezogenen Daten, zu eigenen, anderen als den in unserer Datenschutzinformation dargestellten Zwecken. Weitere Angaben können Sie der Datenschutzinformation des jeweiligen Betreibers entnehmen. Sofern Sie sich im Rahmen Ihrer unten genannten Rechte (s. Kapitel „Ihre Rechte“) an uns wenden, werden wir Ihre Anfrage an den Betreiber dieser Plattform weiterleiten, sofern sich Ihre Anfrage auf dessen Tätigkeiten bezieht.
If you visit our website on the operator's platform or interact with it, the operator of the platform processes your personal data for its own purposes other than those described in our data protection information. Further information can be found in the data protection information of the respective operator. If you contact us within the scope of your rights mentioned below (see section “Your rights”), we will forward your request to the operator of this platform if your request relates to its activities.
This data protection information does not apply to other domains of Meta Platforms Ireland Limited (hereinafter “Facebook”, also responsible for the Instagram platform), LinkedIn Ireland Unlimited Company (hereinafter “LinkedIn”), Google LLC (hereinafter ‘YouTube’), TikTok Technology Limited (hereinafter “TikTok”) or domains of affiliated companies of these companies or the data processing by these companies.
Further links are provided on our website that lead to the websites of other operators to which this privacy policy does not apply.
The responsibility for the display of banner ads, text ads or commercials before or during embedded videos lies with the respective operator.
2. Do I have to provide my data?
We offer you the opportunity to contact us. It is up to you to decide whether you make use of this option and provide your data. To process your request, we process the personal data that you have sent by e-mail or private message, posted on the bulletin board or communicated in a chat, for example. The data you post on the bulletin board is publicly visible. Your data and details will be passed on to third parties if this is necessary for processing.
Please note that if you provide information about other persons, you must have obtained their prior consent and informed them of the purposes of the disclosure as set out in this privacy policy.
We also ask you to pass this information on to the persons you involve in the use of our services, such as family members or authorized representatives.
3. Processing purposes, processed data and legal bases
Processing of inquiries and comments: We process your data that we receive through your comment or message to us (including by email) or when you like, follow, respond or similarly interact with our site. This includes the data that you provide to us yourself, as well as the data that the social network or professional network displays to us as part of your public profile. The processing is based on our legitimate interest in answering your questions and concerns (Art. 6 para. 1 lit. f) GDPR).
Processed data:
| Data | Processing of Requests |
| Salutation | x |
| First and Last Name or Username | x |
| Email Address | x |
| Subject | x |
| Message | x |
| Profile Picture | x |
| Public Profile | x |
| Like or Other Reaction (Emoji Button) | x |
In addition, the above-mentioned data will be used for the following purposes within the scope of legitimate interests (Art. 6 (1) lit. f) GDPR). The interests are specified as follows:
- In the event of a security incident at our company involving your data, we are legally obliged to report the case to the data protection supervisory authority responsible for us (Art. 33 GDPR). Since it is in our legitimate interest to comply with this legal obligation as quickly as possible, your personal data may be processed in the course of investigating the security incident. These reports to data protection authorities do not contain any of your personal data.
- Since it is in our interest to ensure the security of our systems, we regularly conduct security and effectiveness tests during which your above-mentioned data may be processed.
- Since it is in our interest to resolve legal disputes, we will process your data for this specific purpose in such cases. It is also in our interest to retain evidence in the event of legal disputes until all relevant statutory limitation periods pursuant to Sections 195 et seq. of the German Civil Code (BGB) have expired. For this purpose, we retain the relevant data about you in accordance with these limitation periods. The deletion periods cannot be predicted in general, as they depend on the specific subject matter of the dispute and the corresponding statutory limitation period, which can be up to 30 years. The regular limitation period is 3 years.
- Furthermore, it is in our interest to investigate suspected cases and to pass on relevant information to law enforcement authorities in the event of concrete suspicion of a criminal offense.
- We carry out audits, internal reviews, and other control measures (e.g., supervision by the data protection officer), as it is in our legitimate interest to comply with legal requirements, ensure transparency regarding our business processes, continuously improve these processes, and prevent or detect actions detrimental to our business. In doing so, documents or files that contain your personal data may be processed.
Information about automated individual decisions
No automated individual decisions are made.
4. Deletion periods, data source, and data recipients
Deletion periods (or storage duration)
- Deletion period for processing inquiries: 12 months after the final processing of the inquiry
- You can delete your public comments or “likes” yourself at any time.
- To preserve evidence, we retain data in accordance with the statutory limitation periods pursuant to Sections 195 et seq. of the German Civil Code (BGB). As a result, the storage duration of your data may exceed the aforementioned period. The statutory limitation periods can be up to 30 years. The regular limitation period is 3 years.
Data source
No data is collected from third parties.
Which entities receive your data?
The following list shows which entities (or "data recipients") may receive your data in which cases. You can find out exactly which data is involved in the corresponding sections of this statement. Your data may be disclosed partly due to legal or contractual obligations. In other cases, we use selected agents and service providers who act as processors (pursuant to Art. 28 GDPR) on our behalf and may have access to your data to the extent necessary. Processors are subject to numerous contractual obligations and may only process your personal data according to our instructions and exclusively for fulfilling the tasks assigned by us.
- auditors
- operators of the respective social or professional network
- data protection officer
- service providers for the destruction of data carriers
- Email provider of the recipient (in case of email communication)
- IT service providers
- lawyers, law enforcement agencies, public prosecutors, courts, opposing counsel, state or federal criminal investigation offices (in legal disputes and in cases of concrete suspicion of a crime)
- telecommunications service providers (when we communicate by phone)
- shipping service providers (in case of written communication)
5. Your rights
You have the legal right to:
- access to the personal data stored about you (Art. 15 GDPR)
- rectification and completion of your data held by us (Art. 16 GDPR)
- erasure (Art. 17 GDPR)
- restriction of processing (Art. 18 GDPR)
- data portability (Art. 20 GDPR)
- withdrawal of consent (Art. 7 GDPR) with effect for the future. The lawfulness of data processing carried out up to the time of withdrawal remains unaffected.
- You also have the right to present your own point of view and to challenge a decision based on automated processing (Art. 22 GDPR).
- You have the right to object to the processing of your data for the purpose of safeguarding our legitimate interests or those of third parties (Art. 21 GDPR) – you have the right to object to such processing at any time for reasons arising from your particular situation; this also applies to profiling based on these provisions as defined in Art. 4 (4) GDPR.
- objection to direct marketing – You have the right to object at any time and without giving reasons to the processing of your data for the purpose of direct marketing.
To exercise these rights, you can contact us using the contact details provided above.
You also have the legal right to lodge a complaint with a data protection supervisory authority (Art. 77 GDPR).