Data-protection declaration

This data protection information provides information on the processing of your personal data pursuant to the GDPR (General Data Protection Regulation) when visiting and using the fanSALE website of CTS EVENTIM AG & Co. KGaA (referred to below as “EVENTIM”, “we” or “us”) and with regard to our marketing campaigns on our own websites and on third-party websites and in social networks.

1. Scope, controller and definitions

1.1. Scope of this data protection information

1. This data protection information applies to visits to and the use of the fanSALE website, on which customer accounts can be created and tickets purchased and sold online, and to our marketing campaigns conducted in association with the above on our own website, third-party websites and in social networks. You can retrieve, save and print this data protection information at any time from this website at no charge from https://www.fansale.de/fansale/?help=dataProtection&language=en.

2. This data protection information only relates to the processing of personal data as defined by Section 1.1.1. Other websites are not within the scope of this data protection information and present their own specific data protection information.

1.2. Controller of your personal data

Unless stated otherwise in this data protection declaration, the following is the controller for the processing of your personal data:

CTS EVENTIM AG & Co. KGaA
Contrescarpe 75 A
28195 Bremen
E-Mail: kundenservice@eventim.de
Phone.: 49 1806 - 533 933 (EUR 0.20/call incl. VAT from fixed networks, max. EUR 0.60/call incl. VAT from mobile networks)

1.3. Definitions

This data protection information is based on the following legal terms found in data protection legislation that we have defined below to aid understanding:

1. GDPR is the General Data Protection Regulation (Regulation (EU) 2016/679) of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (Data Protection Directive).

2. Recipient means a natural or legal person, public authority, agency or another body, to which the personal data are disclosed, whether a third party or not. However, public authorities which may receive personal data in the framework of a particular inquiry in accordance with Union or Member State law shall not be regarded as recipients; the processing of those data by those public authorities shall be in compliance with the applicable data protection rules according to the purposes of the processing. Dependent on the payment method chosen upon purchasing a ticket, the recipient of your personal data could be a bank or the post office/mailing company we use to send you your ticket by post.

3. In accordance with Sec. 15 AktG [“Aktiengesetz”: German Stock Corporation Act], the EVENTIM Group comprises CTS EVENTIM AG & Co. KGaA and all its affiliated companies. More information can be found at

4. Personal data means any information relating to an identified or identifiable natural person (‘data subject’). An identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person. Personal data could be the name, contact details, pattern of use, or bank details.

5. Controller means the natural or legal person, public authority, agency or other body which, alone or jointly with others, determines the purposes and means of the processing of personal data. Where the purposes and means of such processing are determined by Union or Member State law, the controller or the specific criteria for its nomination may be provided for by Union or Member State law. CTS EVENTIM AG & Co. KGaA is the controller of the data processing described in this data protection information (Section 1.2.).

6. Processing means any operation or set of operations which is performed on personal data or on sets of personal data, whether or not by automated means, such as collection, recording, organization, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure or destruction. Processing may involve, for example, the collection and use of your order data when tickets are sold.

2. Purposes, legal framework and data categories when processing your personal data

2.1. Processing of your data when visiting our website and within the framework of marketing campaigns on third party websites and in social networks

If you call up our website to obtain information about our products and services without registering a customer account, purchasing a ticket/bidding on a ticket in an auction, or offering your tickets for sale or actively transferring information to us in some other way (purely for information purposes) we process your personal data. In addition, we process your personal data within the framework of marketing campaigns on third party websites and in social networks. Your personal data are processed for the following purposes and on the basis of the following legal framework:

2.1.1. Processing for the purpose of IT security

1. When you visit our website, we process your personal data that are technically required for us to be able to provide you our website and to ensure stability and security when visiting our website. To this end we process the following personal data:

2. We process your personal data on the basis of Art. 6 (1) Sentence 1 lit. f) GDPR to pursue our legitimate interest of providing you our website and and ensuring your IT security when visiting our website.

2.1.2. Processing for analytical purposes

1. When you visit our website, in some circumstances we analyze and document how you use our website, e.g. by identifying the number of website visitors, your surfing patterns on our website, which events and parts of our website interest you, the origin of website visitors and, if you buy a ticket, your order and shopping basket data. To this end we process the following personal data:

  • IP address
  • UU-ID
  • WEB-ID
  • Device fingerprints
  • Browser fingerprints
  • Cookies (see cookie information)
  • Geo IP location

2. We process your personal data on the basis of Art. 6 (1) Sentence 1 lit. f) GDPR to pursue our legitimate interest to conduct analyses and, on the basis of these analyses, improve our internet presence and our products and services as well as to prevent fraud and to provide you with individual recommendations for our products and services when visiting our website.

3. In order to analyze the use of our website, we also use the following web-analysis services:

If you would like to object to data processing by these web analysis services, please click on the respective link of the analytical service (opt-out option). We would like to point out that an objection is effected by means of a cookie in each case. When this cookie is deleted you must click on the link of the analytical service once again to exercise your right to object.

2.1.3. Processing for the purpose of individual recommendations to our website

1. If you visit our website, we analyze and document your patterns of use in order to make customized recommendations for you on our website on the basis of this data. To this end we process the following personal data:

  • IP address
  • UU-ID
  • WEB-ID
  • Device fingerprints
  • Browser fingerprints
  • Cookies (see cookie information)
  • Geo IP location

2. We process your personal data on the basis of Art. 6 (1) Sentence 1 lit. f) GDPR to pursue our legitimate interest of producing product recommendations and conducting marketing campaigns.

3. We use Google Adwords for processing purposes. If you would like to object to data processing by Google Adwords and/or Facebook Pixel, please click on the respective link (opt-out option):

4. Due to the use of Google Adwords und Facebook Pixel your personal data is transmitted to the USA. Google LLC is subject to the EU-U.S. Privacy Shield. This provides adequate protection to your personal data. The full text of the EU-U.S. Privacy Shield Framework can be obtained from the following link:

5. For more details on data processing by Google Adwords, please refer to the relevant data protection information:

2.1.4. Processing for advertising purposes and making contact on third-party websites and in social networks

1. When you visit our website we process your personal data for the purposes of advertising campaigns in the form of remarketing and display advertising as well as for social media ads.

2. Within the framework of Display Advertising, we conduct a number of different marketing campaigns with the use of tags (pixel) and cookies of our remarketing providers. If you visit our website, tags and cookies are set and connected to products you have viewed or purchased. This allows the customized display of EVENTIM products to you. In addition, we display advertising banners to Facebook users that have a similar profile to those of our existing customers and website visitors. To this end, we process:

  • The type of websites visited
  • Product numbers viewed,
  • Upon the purchase of a ticket, the product number ordered, sales value and order number as well as preferences
  • Cookie-IDs.

We process your personal data on the basis of Art. 6 (1) Sentence 1 lit. f) GDPR to pursue our legitimate interest of advertising our products and services using customized marketing campaigns. Should you not desire the retargeting function, you can in principle deactivate it by means of the corresponding setting (opt-out function) available at the following links:

Due to the use of tags and cookies from Google your personal data is transmitted to the USA. Google LLC is subject to the EU-U.S. Privacy Shield. This provides adequate protection to your personal data. The full text of the EU-U.S. Privacy Shield Framework can be obtained from the following link:

For more details on data processing by the providers of retargeting services please refer to the relevant data protection information:

3. If you have concluded a ticket purchase with us, a cookie is set by Google Adwords and Bing. With the aid of these cookies, tailored recommendations for the products and services of EVENTIM can be displayed on the basis of this purchase whenever you enter the corresponding search terms in Internet search engines (search engine marketing).
This involves the processing of your personal data. Processing is performed on the basis of Art. 6 (1) Sentence 1 lit. f) GDPR to pursue our legitimate interest of placing product recommendations and conducting marketing campaigns.
If you would like to object to data processing by Google Adwords and/or Bing, please click on the respective link (opt-out option):

Due to the use of Google Adwords und Bing your personal data is transmitted to the USA. Bing is a service from Microsoft Corporation. Microsoft and Google LLC are subject to the EU-U.S. Privacy Shield. This provides adequate protection to your personal data. The full text of the EU-U.S. Privacy Shield Framework can be obtained from the following link:

For more details on data processing by Google Adwords and Bing, please refer to the relevant data protection information:

4. We place advertisements, referred to as social media ads, in the social networks, Facebook and Instagram. If you have an account in these social networks and agreed via your account settings to the display of advertising in the respective social network, you will be presented with the corresponding recommendations to our products and services when you use the social network. The recommendations are made on the basis of the interests filed under your public profile at Facebook or Instagram (e.g. “Likes” for artists). In this case we process your publicly accessible profile data. We present advertising tailored to you on the basis of the interests filed under your publicly accessible profile data (e.g. “Likes” for artists). In particular, we process

  • Your IP address
  • Your device/cookie ID
  • Page/feed activity
  • Internet speed
  • Purchase activity
  • Social connections

in order to measure the success of the advertising. We process your personal data on the basis of Art. 6 (1) Sentence 1 lit. f) GDPR to pursue our legitimate interest of effectively placing and conducting advertising campaigns.

This involves transmission of your personal data to the USA. Facebook, Inc. subject to the EU-U.S. Privacy Shield. This provides adequate protection to your personal data. The full text of the EU-U.S. Privacy Shield Framework can be obtained from the following link:

For more details on data processing please refer to the relevant data protection information of Facebook and Instagram:

2.1.5. Use of cookies

1. Cookies are stored on your computer when using our website. Cookies are small text files that are stored on your hard drive and are allocated to and saved by your browser. With the use of cookies, certain data flows to the party that set up the cookie. This also includes personal data. They are used to make our website easier to use and structure it more effectively. Cookies cannot run any programs or transmit any viruses to your computer.

2. The cookie information applies to the use of cookies on the fanSALE website (available at https://www.fansale.de/fansale/?help=dataProtection).

2.2. Registration and creation of a customer account

1. You can create a customer account when you visit the fanSALE website. You can also log on with your EVENTIM account. Via your customer account, you can purchase tickets and/or make an offer in an auction for tickets as well as offer your tickets for sale. As a seller, you can choose whether your tickets are to be offered at a fixed price or within the scope of an online auction. You can subscribe to newsletters and enjoy many other benefits associated with your ticket purchase/sale. The registration and use of the customer account requires disclosure of personal data. The mandatory fields in the input screen are marked accordingly.

2. We process your personal data to enable you to create and use your customer account and to buy and sell tickets as well as to pursue our legitimate interest to inform you of our products and services. The data is processed on the basis of Art. 6 (1) Sentence 1 lit b) and f) GDPR.

2.3. Ticket purchases and sales

1. As a private person, you can use our fanSALE ticket exchange (available at www.fanSALE.de) to offer or purchase tickets as part of auctions or instant purchases and to use the associated services provided by EVENTIM. In this connection, we process your personal data in your capacity as a buyer or seller of a ticket for the purpose of contract initiation, performance and settlement on the basis of Art. 6 (1) Sentence 1 lit. b) GDPR.

2. If you specify the delivery address of another person (third party) when you buy a ticket on fanSALE, we process the contact details of this third party for the purposes of contract initiation, performance and settlement on the basis of Art. 6 (1) Sentence 1 lit. b) GDPR. Under this arrangement, you ensure that the third party is sufficiently informed that its data will be processed by EVENTIM and that you are entitled to divulge this data.

2.4. Credit assessment and profiling

1. When purchasing tickets, we may carry out a credit check if you choose the payment methods "direct debit".

2. Credit risk is assessed on the basis of mathematical-statistical procedures at the credit agency (SCHUFA Holding AG, Kormoranweg 5, D-65201 Wiesbaden, Germany), so-called scoring. For this purpose, your personal data which are necessary for the credit assessment are transferred to the credit agency. We process your personal data for the purpose of credit assessment to avoid payment default. On the basis of the transferred personal data, including address data, a statistical probability of a credit default and thus your solvency is calculated. The credit agency then transfers your score value to us. This personal data is processed for the execution of your contract with us on the basis of Art. 6 Para. 1 Sentence 1 lit. b) GDPR as well as due to our legitimate interest in avoiding a default of payment on your part, according to Art. 6 Para. 1 Sentence 1 lit. f) GDPR.

3. The decision as to whether payment by direct debit is possible is based on an automated decision. If your customer and order data are similar to the data of an order with payment problems, one of our employees will check your order process separately and manually.

4. If the credit check is positive, payment by direct debit is possible; if it is negative, we cannot offer you the payment method "direct debit". Payment by another payment method is still possible.

5. Die The scope of the scoring is limited to whether payment by direct debit is possible. We use the scoring exclusively to prepare and execute the contract with you and to protect ourselves against possible payment defaults.

2.5. Notifications in connection with the sale or purchase, notification of irregularities

In connection with the sale or purchase of a ticket, you will receive notifications and instructions by e-mail. You will also receive queries from those interested in purchasing the respective ticket. In addition, as a buyer, you may report any irregularities or damage to the purchased tickets. In this connection, we process your personal data for the purpose of contract initiation, performance and settlement on the basis of Art. 6 (1) Sentence 1 lit. b) GDPR.

2.6. Customer surveys

1. We regularly invite our customers to participate in customer surveys to continually improve our products and services and tailor them to your needs. In this connection, we will use your data divulged during the ticket purchase or ticket sales process (section 2.3.) in order to contact you.

2. We process your personal data on the basis of Art. 6 (1) Sentence 1 lit. f) GDPR to pursue our legitimate interest of improving our products and services.

2.7. Information e-mails and newsletters

1. When you create a customer account (section 2.3.), you can sign up for our fanSALE newsletter. The fanSALE newsletter informs you about interesting new functions and offers at irregular intervals. Settings for receiving the newsletter can be made directly under “mein fanSALE”. In this connection, we process your data for marketing purposes on the basis of Art. 6 (1) Sentence 1 lit. a) GDPR.

2. If you have purchased a ticket (Section 2.3.), we may send you e-mails to inform you, for example, about directions, parking and specifications of the event organizer (e.g., bag size). For this purpose, we process your personal data on the basis of Art. 6 (1) Sentence 1 lit. b) GDPR in order to perform the contract with you.

3. After purchasing or selling a ticket, we will send you personalized newsletters on similar events, services and promotions as well as birthday e-mails. We process your personal data on the basis of Art. 6 (1) Sentence 1 lit. f) GDPR to pursue our legitimate interest of informing you of changes in our products and services, promoting our products and services and performing marketing campaigns.

Due to the use of Google’s Firebase Cloud Messaging (FCM) service your personal data is transmitted to the USA. Google LLC is subject to the EU-U.S. Privacy Shield. This provides adequate protection to your personal data. The full text of the EU-U.S. Privacy Shield Framework can be obtained from the following link:

For more details on data processing by Google’s Firebase Cloud Messaging (FCM) service, please refer to the relevant data protection information:

2.8. Customer service

1. You can contact us if you have queries relating to an event, your ticket purchase or sale, your customer account or other products and services offered by EVENTIM, wish to exercise your rights under this data protection information or would like to make a complaint (see contact details under Section 1.2.).

2. You can also contact the fanSALE customer service directly via a contact form on our website (available at https://www.fansale.de/fansale/contact.htm) or by e-mail at kundenservice@eventim.de.

3. Depending on the nature of your request, we respond to your query using your personal data that we have stored in our systems within the framework of processing other data (e.g., data that you have disclosed when purchasing or selling the ticket). To the extent necessary to respond to your query, data from external sources (e.g., request to the mailing company in connection with shipment tracking or a search inquiry) will also be drawn on.

4. Your personal data is processed on the basis of Art. 6 (1) Sentence 1 lit. b) GDPR in order to perform the contract with you. If you exercise your rights against us, we process your personal data to meet a legal obligation on the basis of Art. 6 (1) Sentence 1 lit. c) GDPR. If you wish to obtain information or complain about our products and services, we process personal data to pursue our legitimate interest of carrying out marketing campaigns and responding to your complaint on the basis of Art. 6 (1) Sentence 1 lit. f) GDPR.

5. If you transmit health details to us in the course of your inquiry (e.g., information that you have a severe disability), we process this personal data only to the extent necessary to respond to your query and only when you have provided us with your express consent as defined by Art. 6 (1) Sentence 1 lit. a) GDPR.

2.9. Reminders, collections as well as the exercise and defense of legal claims

1. We will inform you by email, text message (SMS), by post, or by telephone of any open claims against you and, if necessary, send you a reminder. To the extent that your payment remains outstanding, collection procedures will be initiated as a consequence.

2. Collection procedures are carried out by a collection agency commissioned by us for this purpose. Where required to execute the collection procedures, the collection agency will determine your address, access public registers for this purpose, and obtain other information about your person as necessary.

3. We process your personal data on the basis of Art. 6 (1) Sentence 1 lit. b) GDPR for the purpose of performing and settling the contract with you and on the basis of Art. 6 (1) Sentence 1 lit. f) GDPR to pursue our legitimate interest of preventing the abuse of our services and to exercise our legal claims, including the right of collection.

4. Within the course of a legal dispute with you, we will process your personal data to exercise and/or defend our rights. To the extent necessary in the course of a legal dispute, we will draw on data from other sources (e.g., public registers). We process your personal data on the basis of Art. 6 (1) Sentence 1 lit. c) GDPR to meet a legal obligation and on the basis of Art. 6 (1) Sentence 1 lit. f) GDPR to pursue our legitimate interest to assert, exercise and/or defend our legal interests.

2.10. Other processing

2.10.1. Executing internal audits and observing compliance regulations

1. If we implement compliance programs and measures, for example to implement the re-quirements of the German Corporate Governance Code (GCGC) to identify and correct misconduct, corresponding processing of your data may also occur. Additionally, your personal data can be processed within the EVENTIM Group in Germany and abroad in connection of internal audits.

2. We process your personal data to comply with our statutory obligations, on the basis of Art. 6 Para. 1 Sentence 1 lit. c) GDPR. In addition, due to our legitimate interests in reviewing the processes and efficiency in the group of companies, correcting any misconduct and preventing fraud and, if necessary, in enforcing and/or defending our rights, we process your personal data on the basis of Art. 6 Para. 1 Sentence 2 lit. f) GDPR.

2.10.2. Analyses

In some circumstances, we may conduct analyses of your data, which are processed as defined in Section 2 of this data protection information. These analyses serve us as a basis for business decisions, to improve our products and services, tailor the business to customer needs and carry out marketing campaigns. We process your personal data on the basis of Art. 6 (1) Sentence 1 lit. f) GDPR to pursue our legitimate interest of improving our offering and conducting marketing campaigns. The analyses conducted on this basis do not contain any reference to individuals. Thus it is not possible for conclusions to be drawn about your person.

3. Retention and erasure of your personal data

1. We save your personal data for as long as, and to the extent necessary, it is required to realize the purposes for which it is processed (Section 2).

2. As soon as your data is no longer needed for the purposes stated in Section 2, we retain your personal data for the period in which you could exercise claims against us or for the period in which we could establish claims against you (this is generally three years according to the statute of limitations, beginning at the end of the year in which the claim arises, e.g., the end of the year in which the ticket transaction took place).

3. In addition, we store your personal data for as long as, and to the extent necessary, we are legally obliged to store it. The corresponding obligations to provide evidence and retain it arise from the German Commercial Code (HGB), the German Fiscal Code (AO) and the Money Laundering Act (GWG), among others (e.g., Sec. 257 HGB, Sec. 147 AO). The associated retention obligations can range up to ten years.

4. Categories of recipients of personal data

1. We transmit your personal data to other companies in the EVENTIM Group within the framework of a collaborative process relating to the provision, execution and management of our products and services. Transmission is based on Art. 6 (1) Sentence 1 lit. f) GDPR to pursue our legitimate interest to execute our internal administrative activities in an efficient and collaborative manner and to improve our products and services.

2. If you purchase a ticket on our website, we transmit your personal data to the seller who sends you the ticket on the basis of Art. 6 (1) Sentence 1 lit. b) GDPR in order to perform the contract with you

3. If you purchase tickets on our partners’ websites, we will transmit your personal data to them for marketing purposes if you provide us with your consent as defined by Art. 6 (1) Sentence 1 lit. a) GDPR.

4. In addition, your personal information will be shared with IT service providers who provide the platforms, databases and tools for our products and services (e.g., our website, ticket sales, newsletters and information e-mails), prepare analyses on user behavior on our website, roll out marketing campaigns and process your personal data on our behalf in connection with ticket purchases and sales. Your personal data is transmitted on the basis of Art. 6 (1) Sentence 1 lit. b) GDPR for the purpose of performing the contract with you as well as on the basis of Art. 6 (1) Sentence 1 lit. f) GDPR to pursue our legitimate interest of improving and promoting our products, as well as on the basis of Art. 6 (1) Sentence 1 lit. a) GDPR in those cases where you have provided us with your consent to process your personal data.

5. We offer various payment methods to you when you purchase a ticket. Depending on the payment method you choose, we will transmit your personal data to banks, payment service providers and credit card companies in order to settle the payment and, if necessary, reimburse the purchase price. We transmit your personal data on the basis of Art. 6 (1) Sentence 1 lit. b) GPDR in order to settle the ticket purchase or sale and reimburse it in the case of cancellation. We transmit your personal data to perform the contract with you on the basis of Art. 6 (1) Sentence 1 lit. b) GDPR and, based on Art. 6 (1) Sentence 1 lit. f) GDPR, to pursue our legitimate interest of preventing you from defaulting on payments.

6. If you select “PayPal” as payment method, we will transmit your personal data. Your personal data will be transmitted in accordance with the payment method you have selected to settle the payment. This involves transmission of your personal data to the USA. With regard to the USA, the EU Commission has not come to the conclusion that it has reached an appropriate level of data protection as defined by the GDPR. Such an adequacy decision (Art. 45 GDPR) does not exist. We transmit your data on the basis of Art. 6 (1) Sentence 1 lit. b) GDPR in conjunction with Art. 49 (1) Sentence 1 lit. b) and c) GDPR for the purpose of performing the contract with you.

7. If your ticket is sent by post, we transmit your personal data to the seller. Your personal data is transmitted on the basis of Art. 6 (1) Sentence 1 lit. b) GDPR for the purpose of performing the contract with you

8. If you fail to satisfy your payment obligations, we will initiate collection procedures (Section 2.8.). For the execution of the collection procedure, we transmit your personal data to the collection agency commissioned to carry out the collection procedure. We process your personal data on the basis of Art. 6 (1) Sentence 1 lit. b) GDPR for the purpose of performing and settling the contract with you and on the basis of Art. 6 (1) Sentence 1 lit. f) GDPR to pursue our legitimate interest to exercise our legal claims, including the right of collection.

9. In the case of legal disputes, we transmit your data to the applicable court and, if you engage a lawyer, to the lawyer as well in order to conduct the litigation. We process your personal data on the basis of Art. 6 (1) Sentence 1 lit. c) GDPR to meet a legal obligation and on the basis of Art. 6 (1) Sentence 1 lit. f) GDPR to pursue our legitimate interest to assert, exercise and/or defend our legal interests.

10. Information emails and newsletters (Section 2.6.) are sent by service providers commissioned by us. For this purpose, we transmit your personal data to these service providers. In this connection, we process your personal data as follows:

  • If you provide us with your consent to send you newsletters when visiting our website for information purposes only (Section 2.1) or when creating a customer account (Section 2.2.), we transmit your data on the basis of Art. 6 (1) Sentence 1 lit. a) GDPR.
  • After purchasing a ticket (Section 2.3.), we transmit your personal data in order to provide you with information about the event on the basis of Art. 6 (1) Sentence 1 lit. b) GDPR for the purpose of performing the contract with you.
  • In addition, we process your personal data after the purchase or sale of a ticket (Section 2.3) to inform you of changes in our products and services and to promote our products. We transmit your personal data on the basis of Art. 6 (1) Sentence 1 lit. f) GDPR to pursue our legitimate interest of conducting marketing campaigns.

11. We conduct customer surveys and customer evaluations. For this purpose, your contact details will be sent to our mailing provider via whom we invite you to participate in our surveys and evaluations. We process your personal data on the basis of Art. 6 (1) Sentence 1 lit. f) GDPR to pursue our legitimate interest of improving our products and services on the basis of your evaluation and of conducting surveys and evaluations efficiently.

12. Other than the cases listed above, we transmit your personal data when there is a legal obligation for us to do so. Transmission is based on Art. 6 (1) Sentence 1 lit. c) GDPR (e.g., to the police authorities during a criminal investigation or to the data protection supervisory authorities).

5. Legitimate interests to data processing and right to object

1. We process your personal data as defined by Section 2 on account of legitimate interests, in particular to ensure IT security on our website, to carry our analyses and marketing campaigns, to inform you of our products and services, to increase the range of our products and services, to prevent fraud and abuse, to prevent defaults, to establish, exercise and defend legal interests (if necessary, also by taking court action) and to carry out internal administrative activities efficiently and in a collaborative process. Information about the weighing up of interests can be obtained via:

2. To the extent, we process your personal data on the basis of these legitimate interests (Art. 6 Para. 1 Sentence 1 lit. f) GDPR), you have the right to object at any time to the processing of your personal data on grounds relating to your particular situation. Not-withstanding the above, in cases of direct advertising (such as newsletters or retargeting measures) you have the right to object at any time to the processing of your personal data without giving reasons. We will then no longer process your data for this/these purpose(s) unless our legitimate interests in processing overweight or the processing serves to establish, exercise or defend legal claims. Please address your request:

  • by email to kundenservice@eventim.de,
  • by phone: 49 1806 - 533 933 (EUR 0.20/call incl. VAT from fixed networks, max. EUR 0.60/call incl. VAT from mobile networks)
  • in writing to CTS EVENTIM AG & Co. KGaA, Data privacy, Contrescarpe 75 A, 28195 Bremen.

3. If you object to processing of your data pursuant to Section 5.2., we will process your personal data collected in this context to the extent needed to address your request. In this case your personal data are processed on the basis of Art. 6 (1) Sentence 1 lit. c) GDPR to meet a legal obligation.

6. Consent and withdrawal of consent

1. If you have provided us with your consent to the processing of your personal data, you may withdraw this consent at any time. The withdrawal applies to the future. The lawfulness of the processing of personal data prior to the date of withdrawal remains unaffected. Please address your withdrawal of consent:

  • by email to kundenservice@eventim.de,
  • by phone: 49 1806 - 533 933 (EUR 0.20/call incl. VAT from fixed networks, max. EUR 0.60/call incl. VAT from mobile networks)
  • in writing to CTS EVENTIM AG & Co. KGaA, Data privacy, Contrescarpe 75 A, 28195 Bremen.

2. If you withdraw your consent to processing of your data, we will process your personal data collected in this context to the extent needed to address your request. In this case your personal data are processed on the basis of Art. 6 (1) Sentence 1 lit. c) GDPR to meet a legal obligation.

7. Your rights

1. Under the terms of the GDPR, you have the right to demand, at any time, that we

  • inform you of the personal data relating to you that we are processing (Art. 15 GDPR)
  • rectify personal data relating to you that is inaccurate (Art. 16 GDPR) and/or
  • erase your personal data (Art. 17 GDPR), restrict it (Art. 18 GDPR) and/or release it (Art. 20 GDPR).

2. Please address your request:

  • by email to kundenservice@eventim.de,
  • by phone: 49 1806 - 533 933 (EUR 0.20/call incl. VAT from fixed networks, max. EUR 0.60/call incl. VAT from mobile networks)
  • in writing to CTS EVENTIM AG & Co. KGaA, Data privacy, Contrescarpe 75 A, 28195 Bremen.

3. If you assert your rights towards us, we will process your personal data collected in this context to the extent needed to address your request. In this case your personal data are processed on the basis of Art. 6 (1) Sentence 1 lit. c) GDPR to meet a legal obligation.

4. Notwithstanding your rights under Section 7, you have the right to lodge a complaint with a supervisory authority for data protection if you are of the opinion that the processing of your personal data by EVENTIM breaches the terms of the GDPR (Art. 77 GDPR).

8. Miscellaneous

1. The provisions of this data protection information including the cookie information of CTS EVENTIM AG & Co. KGaA (which can be accessed free of charge on https://www.fansale.de/fansale/?help=dataProtection) apply in the version valid at the time of using the Ticket Shop.

2. We reserve the right to supplement and amend the contents of this data protection information. The updated data protection information applies from the date on which it is published on our website.

3. You will be informed in good time of such supplements and amendments on our website. You will be given the opportunity to view, print and save the amended data protection information at no charge.

9. Contact details of the data protection officer

Please address any questions relating to data protection to:

Data protection officer
CTS EVENTIM AG & Co. KGaA
Contrescarpe 75 A
28195 Bremen
Email: datenschutz@eventim.de

Cookie Information fanSALE

1. Scope of application

This cookie information provides more specific data protection information as required by Section 2.1.5 (2) about the use of cookies on this website by CTS EVENTIM AG & Co. KGaA, referred to here as “EVENTIM”, “we” or “us”.

2. General information on cookies

“Cookies” are small text files which are saved in the browsers of your end devices when you visit our website. Cookies can save and track your actions and settings in our website for the duration of the browser session and, in some cases, beyond this. Cookies also enable the recognition of your browser. For instance, your log-in status can be maintained or recently regarded events can be displayed.

3. Types of cookies used

3.1. First-party cookies

On the one hand, we use first-party cookies, i.e. cookies placed by our server on our websites and which can only be accessed via our server.

3.2. Third-party cookies

On the other, our website also incorporate third-party cookies which are placed by servers of oth-ers and/or our websites or domains and that can be read by third parties. With these cookies, your browser can be tracked beyond our website, for instance so as to be able to display EVENTIM ad-vertisements on the websites of our partner companies.

4. Storage period of the cookies

4.1. Session cookies

Some of the cookies we use are session cookies, i.e. cookies which are only stored for the duration of your visit to our website.

4.2. Persistent cookies

We also use persistent cookies which stay saved on your browser after the session and are automatically deleted after a predefined expiry date.

5. Purpose of using cookies

5.1. Essential cookies

We use cookies which are needed to operate the website and which facilitate certain functions to be able to use the website.

5.2. Functional cookies

In addition to this, we use cookies in order to allow you to use certain “convenience” functions through the automatic recognition of your browser. This includes, for example, the automatic recognition and setting of language, maintaining the log-in status after leaving and subsequent return to our websites as well as the server overlapping retention of the session.

5.3. Analytical cookies:

We also use cookies to collect information about your website visits and to use this information to prepare anonymous analyses and statistics with a view to constantly improving the design of our website.

5.4. Advertising and (re-) marketing cookies:

Finally, (third-party) cookies are also used on our website for advertising/marketing purposes. These help us, for example, to be able to display EVENTIM advertising on the websites of partner companies.

6. Cookie settings by users

Via your browser settings you can limit or completely prevent the storage of (certain) cookies for all websites and delete any cookies that have already been saved. For more information about this please consult the instruction manual or help functions of your browser.

Our website can in principle still be visited and used after restricting/deactivating cookies in the browser settings. However, please note that in particular the complete deactivation of cookies can limit the functionalities of our website.

As at: 17.09.2018

Print this page