Privacy Policy

We are pleased about your visit to our website. We take the protection of your privacy in the collection, processing and use of your personal data in accordance with the statutory provisions, in particular the General Data Protection Regulation (GDPR), very seriously. On this page we have summarized for you how we intend to handle your personal data.

For reasons of better readability, the simultaneous use of masculine and feminine forms of speech has been dispensed with. All references to persons always refer to all genders.

 

 

1. Controller

The controller of your personal data within the meaning of Art. 4 No. 7 GDPR is Olympiapark München GmbH, Spiridon-Louis-Ring 21, 80809 Munich, Germany, Managing Director Marion Schöne, Tel. 089/30 67-0, Fax 089/3067-2222 , E-Mail: info@olympiapark.de, AG München HRB 6971.

If you wish to object to the collection, processing or use of your data by us in accordance with these data protection provisions, either in whole or for individual measures, you may address your objection to the person responsible.

 

2. What data we use when you visit our website and why

2.1 Hosting

The hosting services used by us serve to provide the following services: Infrastructure and platform services, computing capacity, storage space and database services, security services and technical maintenance services that we use for the purpose of operating the website.

In doing so, we process contact data, content data, contract data, usage data, meta data and communication data of visitors to this website on the basis of our legitimate interests in an efficient and secure provision of our website pursuant to Art. 6 (1) p. 1 f) GDPR in conjunction with Art. 28 GDPR. All servers are located in Germany and Europe only.

We have commissioned SpaceNet AG, Joseph-Dollinger-Bogen 14, 80807 München (hereinafter referred to as “SpaceNet") for the hosting and technical provision of our website. We have concluded the data protection agreement with SpaceNet as a data processor in accordance with Art. 28 GDPR. According to this agreement, SpaceNet undertakes all measures to ensure the necessary protection of your data and to process it in accordance with the applicable data protection regulations exclusively on our behalf and in accordance with our instructions. Further information on SpaceNet can be found on the website: www.space.net 

 

3.2 Access Data

We collect information about you when you use this website. We automatically collect information about your usage behavior and your interaction with us and process data about your computer or mobile device. We collect, store and use data about each access to our website in so-called server log files. The access data includes:

  • Name and URL of the retrieved file
  • Date and time of retrieval
  • Data volume transferred
  • Message about successful retrieval (HTTP response code)
  • Browser type and version
  • Operating system
  • Referrer URL (i.e. the previously visited page)
  • Websites that are called up by the user's system via our website
  • Internet service provider of the user
  • IP address and the requesting provider

We use this log data without assigning it to you personally for statistical evaluations for the purpose of operating, securing and optimizing our website, but also to anonymously record the number of visitors to our website (traffic) and the extent and type of use of our website and services, as well as for billing purposes to measure the number of clicks received from cooperation partners. This information allows us to provide personalized and location-based content and to analyze traffic, troubleshoot, and improve our services.

The data of the users collected are anonymized during the collection. Therefore, an assignment of the data to the calling user of the website is no longer possible. This anonymized data is not stored together with personal data of the users.

This is also our legitimate interest according to Art. 6 para. 1 p. 1 f) GDPR.

We reserve the right to subsequently review the log data if there is a justified suspicion of unlawful use based on concrete indications. We store IP addresses in the log files for a limited period of time (usually 14 days) if this is necessary for security purposes. We delete the IP address if it is no longer required for security purposes. We also store IP addresses if we have a concrete suspicion of a criminal offense in connection with the use of our website.

 

2.3 Cookies

We use so-called session cookies to optimize our website. A session cookie is information that is sent by the respective servers when you visit a website and is temporarily stored by your browser on your hard drive. This information contains a so-called session ID, with which various requests of your browser can be assigned to the common session. These cookies are deleted after you close your browser. They are used, for example, to enable you to use the shopping cart function across multiple pages.

We also use persistent cookies (also information stored on your device), which remain on your device and allow us to recognize your browser the next time you visit. These cookies are stored on your hard drive and delete themselves after the specified time. Their lifespan is between one day and 14 months. This allows us to present our offer to you in a more user-friendly, effective and secure manner and, for example, to display information on the page that is specifically tailored to your interests.

Our legitimate interest in the use of cookies pursuant to Art 6 (1) p. 1 f) GDPR is to make our website more user-friendly, effective and secure. The following data and information are stored in the cookies:

  • Log-in information
  • Language settings
  • entered search terms
  • Information about the number of visits to our website and the use of individual functions of our website.

When the cookie is activated, it is assigned to an identification number. An assignment of your personal data to this identification number is not made. Your name, your IP address or similar data that would allow the cookie to be assigned to you are not stored in the cookie. Based on the cookie technology, we only receive pseudonymized information, for example, about which pages of our store were visited, which products were viewed, etc..

 

 

2.4 CookieBot Consent Management Platform

1. Description and scope of data processing

The website uses the tool Cookiebot of Cybot A/S, Havnegade 39, 1058 Copenhagen, Denmark (hereinafter "Cookiebot") to provide a Consent Management Platform (in short: "CMP") or cookie banner, a system that manages the use of third-party, technical measures as well as cookies about granted or rejected consents.

 

2. Purpose and legal basis for data processing
The purpose of the data processing with Cookiebot is the provision as well as the administration of the consents granted by our website visitors in order to comply with a data protection compliant consent management. The use of Cookiebot is to provide evidence of consents given and not given as well as to manage the individual privacy settings of our website visitors. The processing is carried out for the purpose of obtaining the website visitor's consent, providing revocation and objection options, proving the consent granted and assigning the user to manage their individual data protection settings.

The use of a consent management platform and the management and storage of your consents to the processing of your personal data is based on our legal obligation to provide a website that complies with data protection requirements (Art. 6 (1) lit. c GDPR). The legal basis for the use of Cookiebot is also Art. 6 para. 1 lit. f GDPR. Our legitimate interest lies in the legally compliant documentation and verifiability of consent as well as the control of our analysis campaigns based on your consent using specialised services and the associated technical implementation.

 

3. Possibility of objection and/or erasure

Browser settings

Cookies are stored on your terminal device and transmitted to us by it. Therefore, you as a user also have full control over the use of cookies. In principle, you can set your web browser so that no cookies are stored on your computer. To do this, you can deactivate the corresponding option in the system settings of your browser. However, some functions of our website may then not be usable.
Here you can find out about the setting options for the most commonly used browsers:

If cookies are deactivated for our website, it may no longer be possible to fully use all functions of the website or the integrated services.

 

2.5 Web Analysis Through Matomo

We use the open source software tool Matomo on our website on the basis of Art. 6 (1) f) to analyze the surfing behavior of our users. This provides us with information about the use of the individual components of our website, which helps us to continuously improve our website and its user-friendliness. The software sets a cookie on the user's computer. If individual pages of our website are called viewed, the following data is stored in addition to the data mentioned in 3.2:

  • Two bytes of the IP address of the user's calling system.
  • The accessed website
  • The website from which the user has reached the website (referrer)
  • The subpages that are viewed
  • The time spent on the website
  • The frequency of access to the website

 

The software runs exclusively on the servers of our website. Personal data of the users is only stored there. By anonymizing the IP address, the interest of users in the protection of their personal data is sufficiently taken into account.

The data will not be passed on to third parties.

The data is deleted as soon as it is no longer required for our recording purposes, at the latest after 180 days. Cookies are stored on the user's computer and transmitted from it to our site. Therefore, you as a user also have full control over the use of cookies. By changing the settings in your Internet browser, you can disable or restrict the transmission of cookies. Cookies that have already been stored can be deleted at any time. This can also be done automatically. We offer our users the option of opting out of the analysis process on our website. To do this, you must follow the corresponding link. In this way, another cookie is set on their system, which signals to our system not to store the user's data. If the user deletes the corresponding cookie from their own system in the meantime, they must set the opt-out cookie again.

3. Further Processing of Personal Data

3.1 Data for the Fulfillment of our Contractual Obligations

We process personal data that we need to fulfill our contractual obligations, such as name, address, e-mail address, ordered products/event services, billing and payment data. The collection of this data is necessary for the conclusion of the contract.

The deletion of the data takes place after the legal retention periods have expired. Data that is linked to a user account (see below) is retained for the duration of the management of this account.

The legal basis for the processing of this data is Art. 6 para. 1 p. 1 b) GDPR, because this data is needed so that we can fulfill our contractual obligations to you.

 

3.2 Data from Business Partners and Data that we Process within the Framework of Tenders

We process personal data that we consider to be in our legitimate business interest in order to fulfil our contract. This includes, for example, the obligations associated with our contract for awarding contracts and also the maintenance of other business relationships with business partners, such as suppliers and service providers. For this purpose, we process contact data such as e-mail addresses and telephone numbers, information about requested or ordered products and services. In some cases, we also process data of employees of our business partners, for example in order to be able to control access to our premises and events. The processing of this data is necessary for the fulfilment of our orders.
We only keep your data for as long as is necessary for the fulfilment of our tasks, taking into account statutory retention periods. After expiry of the retention period, your data will be deleted.
The legal basis for the processing of this data is Art. 6 para. 1 p. 1 b) GDPR, insofar as it is in connection with pre- and contractual measures, and Art. 6 para. 1 p. 1 f) GDPR, insofar as it is in our legitimate interest.

3.3 User Accounts

When using our website, we offer you the option of creating a user account for various purposes, such as ordering from our webshop or booking our SoccArena premises. This saves you having to re-enter your data for repeated purchases or bookings. The account is created with your consent, so we process your data on the legal basis of Art. 6 para. 1 p. 1 a) GDPR. Your booking data will be automatically deleted after two years. Your user account is automatically deleted after two years of inactivity.

In addition to the personal data required within the meaning of Art. 6 para. 1 p. 1 b) GDPR for the establishment and fulfilment of the contract (e.g. title, first and last name, address, e-mail address, if applicable also user names as well as billing and payment data), you can also provide us with further data on a voluntary basis; mandatory data is marked with * in each case. In the context of bookings by companies, we process your name and contact details on the basis of our legitimate interest, Art. 6 para. 1 p. 1 f) GDPR.

In addition to the data listed above, we process the time of registration and the time of login for our user accounts, for example. This is done due to legal requirements (Art. 6 para. 1 p. 1 c) GDPR) and to optimise our offer based on our legitimate interest, Art. 6 para. 1 p. 1 f) GDPR.

In our Olympiapark Webshop, you can also place orders via guest access. In this case, you will have to enter the data required for the order again for repeat orders.

For payment processing, we use service providers who, from a data protection perspective, are their own data controllers and take care of the security of the payment services provided by them accordingly. In addition, the General Terms and Conditions of Business and Data Protection of the following payment service providers apply:

 

  • If the credit card payment method is selected, the payment is made via Saferpay, an e-payment platform of SIX Payment Services (Europe) S.A., Theodor-Heuss-Allee 108, 60486 Frankfurt am Main.
  • If you select the payment method Sofortüberweisung, payment will be made via Klarna GmbH, Theresienhöhe 12, 80339 Munich.

 

3.4 Application Procedure

We process your data as part of the application process for the purpose of selecting suitable candidates. The legal basis for this data processing is the implementation of pre-contractual measures in accordance with Art. 6 para. 1 b) GDPR in conjunction with § 26 BDSG. Your data will be passed on internally to the managers involved in the decision to fill the respective positions, as well as to the staff representatives, the Equal Opportunities Officer and the representation of severely disabled persons, if applicable. Data will not be passed on to third parties or to third countries. Your data will be deleted no later than 6 months after the end of the application procedure. Retention within these time limits is necessary for legal reasons in the event of any legal action (especially possible assertion of claims under the General Equal Opportunities Act). The collection of the data is necessary for the conclusion of a contract between you and us. If you request the deletion of your application data during the application process, this will be considered as a withdrawal of your application.

 

3.5 E-Mail Contact

If you contact us (e.g. via contact form or e-mail), we process your data to process the request and in case follow-up questions arise.

If the data processing is carried out for the implementation of pre-contractual measures, which are carried out upon your request, or, if you are already our customer, for the implementation of the contract, the legal basis for this data processing is Art. 6 para. 1 p. 1 b) GDPR.

We only process further personal data if you consent to this (Art. 6 para. 1 p. 1 a) GDPR) or we have a legitimate interest in processing your data (Art. 6 para. 1 p. 1 f) GDPR). A legitimate interest is, for example, to respond to your email that is not subject of contractual or precontractual measures.

 

4. Integration of Media Plugins

4.1. Integration of YouTube

1. Description and scope of data processing

Our website uses a plug-in from the provider YouTube LLC, 901 Cherry Ave, San Bruno, CA 94066, USA or Google Ireland Limited, Gordon House, 4 Barrow St, Dublin 4, Ireland (hereinafter YouTube or Google) to integrate videos.
The content of the plug-in is transmitted directly from YouTube to your browser through a connection to the YouTube servers, which then integrates it into the website. This transmits your visit to the website to YouTube.

We integrated the YouTube plugin using the no-cookie option. But if you are logged in to YouTube with your user account, YouTube can assign the information obtained to your respective account through the use of the plug-in. In this case, the information is transmitted to your personal user account at YouTube and stored there by YouTube.

Through the use of YouTube and your visit to our website, on which the plug-in for the integration of YouTube content is used, data (including date and time of your visit to our website, location information, URL of the accessed website, search terms) are generally collected, processed and stored. By calling up the YouTube video on our website, YouTube or Google can independently store cookies via your browser on your computer or mobile device. In addition, Google can store and evaluate your IP address and our website, as a starting point, via an interface. For more information on the processing of data by YouTube or Google, we refer to the privacy policy of Google. We have no influence on the data and data processing operations collected by YouTube, nor is the full extent of the data collection, the purposes of processing, the storage periods and the storage location known. There is also no information available on the deletion of the collected data by YouTube.

Further information and the applicable data protection provisions of the operator can be found at https://www.youtube.com/t/terms and https://policies.google.com/privacy?hl=en.      
In order to avoid an unauthorized and uncontrolled flow of data from the time you visit our website, we implement the integration of the plug-in with a so-called consent solution, i.e. YouTube and Google may only set cookies or receive information about your visit to our website if you have actively clicked on the plug-in to play the YouTube video or have consented to the display of YouTube videos via our cookie banner. By visiting our website without confirmation on your part by way of the consent solution, no data is transmitted to YouTube or Google.

 

2. Purpose and legal basis for the data processing

The legal basis for the processing of personal data is based on your consent in this regard by voluntarily using or clicking on the provided content or consent via the cookie banner provided by Cookiebot Art. 6 para. 1 p. 1 lit. a GDPR.

 

3. Possibility of objection and/or erasure

However, you can object to the collection, storage and use of information by YouTube or Google at any time with effect for the future by installing the deactivation add-on provided by Google or by adjusting your browser settings so that cookies cannot be stored.

You can revoke your consent to data processing by YouTube or Google via the cookie banner provided by us at any time for the future. By changing the check mark at YouTube under "Marketing" in the cookie banner, you prevent technical measures from being carried out and cookies from being set. The cookie settings can be accessed at any time via the link described under “Cookies” ("change consent") in the privacy policy.

 

4.2 Integration of Vimeo

1. Description and scope of data processing

Our website uses plug-ins from the provider Vimeo LLC, 555 West 18th Street, New York 10011 (hereinafter referred to as "Vimeo") to integrate videos. The content of the plug-in is transmitted directly from Vimeo to your browser through a connection to the Vimeo servers and integrated into the website by Vimeo.

If you are logged in to Vimeo with your user account, Vimeo can assign the information obtained to your account by using the plug-in. In this case, the information will be transmitted to your personal user account at Vimeo and stored there. Since Vimeo collects data in particular via cookies, we also recommend that you delete all cookies via the security settings of your browser.

By default, we have included our videos with the "Do-No-Track" setting. As a result, Vimeo cannot set third-party cookies via the plug-in on your device. We have no influence on the data collected by Vimeo and data processing operations, nor is the full scope of the data collection, the purposes of the processing, the storage periods and the storage location known. There is also no information available on the deletion of the collected data by the provider. Further information on the purpose and scope of data processing, as well as your rights in this regard and setting options for the protection of your privacy can be found in vimeo's terms of use and data protection at https://vimeo.com/privacy.

 

2. Purpose and legal basis for the data processing

The legal basis for the processing of personal data is based on your consent, in this regard by voluntarily using or clicking on the provided content or consent via the cookie banner (Art. 6 para. 1 p. 1 lit. a GDPR).

 

3. Possibility of objection and/or erasure

You can revoke your consent to data processing by Vimeo via the cookie banner provided by us at any time for the future. By changing the check mark at Vimeo under "Marketing" in the cookie banner, you prevent technical measures from being carried out. The cookie settings can be accessed at any time via the link described under “Cookies” ("change consent") in the privacy policy.

 

4.3 Integration of SoundCloud

1. Description and scope of data processing

Our website uses plugins of the SoundCloud social network (SoundCloud Limited, Berners House, 47-48 Berners Street, London W1T 3NF, UK).

When you visit our site and consent to the use of SoundCloud, a direct connection between your browser and the SoundCloud server is established. This enables SoundCloud to receive information that you have visited our site from your IP address. This means that SoundCloud can associate visits to our pages with your user account when you are logged in into your SoundCloud account. We would like to point out that, as the provider of these pages, we have no knowledge of the content processed by SoundCloud. For more information on SoundCloud's privacy policy, please go to soundcloud.com/pages/privacy.

 

2. Purpose and legal basis for data processing

The legal basis for the processing of personal data is based on your consent, in this regard by voluntarily using or clicking on the provided content or consent via the cookie banner (Art. 6 para. 1 p. 1 lit. a GDPR).

 

3. Possibility of revocation, objection and elimination

You can revoke your consent to data processing by SoundCloud via the cookie banner provided by us at any time for the future. By changing the check mark at SoundCloud under "Marketing" in the cookie banner, you prevent technical measures from being carried out. The cookie settings can be accessed at any time via the link described under “Cookies” ("change consent") in the privacy policy.

 

5. Usage of our Social Media Channels

The logos of social media providers are displayed on our website. These logos or icons function as external links, so that no personal information is transmitted to one of these providers without clicking on one of the icons. If the user clicks on one of the logos, he or she will be redirected to the website of the respective provider. Information on the processing of personal data by the respective providers can be found in their privacy statements:

a) Meta/Facebook: de-de.facebook.com/policy.php

b) Instagram: help.instagram.com/519522125107875

c) LinkedIn: www.linkedin.com/legal/privacy-policy

d) Twitter: twitter.com/en/privacy

e) Xing: privacy.xing.com/de/datenschutzerklaerung

f) Youtube: support.google.com/youtube/topic/2803240

g) Soundcloud: soundcloud.com/pages/privacy

h) Vimeo: https://vimeo.com/privacy

 

5.1     Our usage of Meta/Facebook Platform

The following Facebook fan pages are covered by this privacy policy: 

Meta Platforms Inc., 1 Hacker Way, Menlo Park, CA 94025, USA, or, if you are a resident of the EU, Meta Platforms Ireland Ltd., 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland (hereinafter referred to as "Facebook") is responsible for processing the personal data provided by the visitor when visiting the Facebook company fan page (hereinafter referred to as "fan page"). An agreement required by data protection law has been concluded with Facebook.

General Information on Meta/Facebook Data Processing

Facebook collects personal data to evaluate user behaviour. Facebook provides the operators of Facebook profiles, such as us, with the following data in anonymised and aggregated form. This is demographic data such as age, gender, place of residence, country or mother tongue, without any reference to identifiable persons. We can therefore not identify any visitor of the Facebook profile.

In addition, we are is provided with statistics on the source of the access to the Facebook profile, the type of end device used for access or the number of page views. As the operator of this Facebook profile, we also receive anonymised statistical data (so-called insights) from Facebook. This data cannot be used to draw any conclusions about the respective visitor, subscriber or registered user (hereinafter collectively referred to as "visitor"; in individual cases, only the group of persons to whom the respective facts relate will be named in the following). This statistical data received cannot be linked to the profile data of our subscribers either. We can only define the categories of data and visitors by which Facebook evaluates its data collection and makes it available as anonymised statistics. This data is used by us exclusively for the analysis of user behaviour, so that we can better align our Facebook profile and our offer to the needs and interests of our visitors. We use the data made available on Facebook under "Insight" to select relevant information for our posts on Facebook or to publish targeted posts on the platform for corresponding groups.

We only use the data provided by Facebook that is required for the purposes stated here. If further data is provided, it will not be retrieved and thus not processed by us.

We only receive anonymised information and statistics if the visitor of our Facebook profile is registered with Facebook. However, we would like to point out that as a result of the direct access to our Facebook profile, for example through the reading of log files (e.g. IP address) or the setting of cookies, Facebook itself may record this data.

The use of your data provided to us by Facebook is based on Art. 6 para. 1 lit. f GDPR:

  • to carry out data analyses,
  • to statistically record the use of our Facebook page and to evaluate it for the purpose of optimising our offer for you,
  • to continuously improve and manage our offer and our marketing activities.

Our legitimate interest according to Art. 6 para. 1 lit. f GDPR follows from the aforementioned points.

We have no influence on the collection of data by Facebook, nor on the data processing procedures in place at Facebook. We are also not aware of the scope of the data collection, the purposes of the processing or the storage periods. A forwarding of data to anonymised statistics can therefore not be ruled out.

Information for Registered Users

If you follow our Facebook profile as a registered user (Facebook also calls this "subscribing"), Facebook adds your profile to the list of all followers/subscribers of our fan page. Facebook then makes our posts available to you on your newsfeed. Facebook provides us with the list of our subscribers. However, this list only contains data that is public, i.e. information that is voluntarily provided by the visitor via their Facebook settings. The user decides for himself which data he wants to make public in his Facebook settings. In addition, every visitor has the possibility to individually set his or her privacy in his or her Facebook settings (https://www.facebook.com/settings?tab=privacy). In addition, every visitor has the option in his or her Facebook settings to actively hide his or her likes or to no longer follow the fan page. In this case, their profile will no longer appear in the list of fans of our pages.

In addition, we can also attribute comments and likes on our Facebook posts as well as activities on our profile pages to individual users.

The processing of this data serves the above-mentioned purpose and is carried out in accordance with Art. 6 para. 1 lit. a GDPR on the basis of your voluntarily given consent by registering and logging in to Facebook.

We do not know the complete data collection, i.e. which data of a visitor Facebook collects in total and for which purposes it is processed by Facebook. The necessary information has not been made available to us by Facebook. We ask for your understanding that we can only inform you as far as our knowledge of the data processing in our area of responsibility and our influence on the data processing go.

Furthermore, we would like to point out that the operators of the platform, which can be accessed on the various end devices, are mostly US companies and therefore your data can also be processed outside the European Union and the European Economic Area. This may result in risks because, for example, it could make it more difficult to enforce the rights of users. For more details, please refer to the data protection declarations of the individual providers.

You can reach the data protection officer of Meta by clicking on the following link: https://www.facebook.com/help/contact/540977946302970

Further information on data processing by Facebook can be found via the following links:

Privacy Policy: https://www.facebook.com/about/privacy/

Opt-Out: https://www.facebook.com/settings?tab=ads

For joint processing in accordance with Art. 26 GDPR, Facebook has provided corresponding regulations: https://www.facebook.com/legal/terms/page_controller_addendum.

 

5.2     Our Usage of Instagram

The following Instagram profiles are covered by this privacy policy:

Meta Platforms Inc., 1 Hacker Way, Menlo Park, CA 94025, USA, or, if you are a resident of the EU, Meta Platforms Ireland Ltd., 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland (hereinafter "Facebook") is responsible for processing the personal data provided by the visitor when visiting the Instagram website.

General Information on Instagram Data Processing

Instagram collects personal data to evaluate user behaviour. Instagram provides the operators of Instagram profiles, such as us, with the following data in anonymised and aggregated form. This is demographic data such as age, gender, place of residence, country or native language, without any reference to identifiable persons. We can therefore not identify any visitor of the Instagram profile.

In addition, we are provided with statistics on the source of access to the Instagram profile, the type of end device used for access or the number of page views. As the operator of this Instagram profile, we also receive anonymised statistical data (so-called Insight) from Instagram. This data cannot be used to draw conclusions about the respective visitor, subscriber or registered user (hereinafter collectively referred to as "visitor"; in individual cases, only the group of persons to whom the respective facts relate will be named hereinafter). Nor can this statistical data obtained be linked to the profile data of our subscribers. We can only specify the categories of data and visitors according to which Instagram evaluates its data collection and makes it available in the form of anonymised statistics. This data is used by us exclusively for the analysis of user behaviour so that we can better align our Instagram profile and our offer to the needs and interests of visitors.

We use the data provided on Instagram under "Insight" to select relevant information for our posts on Instagram or to post targeted posts on the platform for relevant groups.

We only use the data provided by Instagram that is required for the purposes stated here. If further data is provided, it will not be retrieved and thus not processed by us.

We only receive anonymised information and statistics if the visitor of our Instagram profile is registered on Instagram. However, we would like to point out that as a result of the direct access to our Instagram profile, for example through the reading of log files (for example IP address) or the setting of cookies, Instagram itself may record this data.

The use of your data transmitted to us by Instagram is based on Art. 6 (1) lit. f GDPR:

  • to perform data analysis,
  • to statistically record the use of our Instagram page and to evaluate it for the purpose of optimising our offer for you,
  • to continuously improve and manage our services and marketing activities,
  • to optimise the way we address our target group.

Our legitimate interest according to Art. 6 para. 1 lit. f GDPR follows from the aforementioned points.

We have no influence on the collection of data by Instagram, nor on the data processing procedures existing at Instagram. We are also not aware of the scope of the data collection, the purposes of the processing or the storage periods. A forwarding of the data to anonymised statistics can therefore not be ruled out.

Data Processing of Registered Instagram Users

If you follow our Instagram profile as a registered user (Instagram also calls this "subscribing"), Instagram adds your profile to the list of all followers/subscribers of our profile. Instagram then makes our stories and posts available to you on your newsfeed. Instagram provides us with the list of our subscribers. However, this list only contains data that is public, i.e. information that is voluntarily provided by the visitor via their Instagram settings. The respective user decides for himself which specific data he wishes to provide in his Instagram settings. In addition, each visitor has the option of individually setting their privacy in their Instagram settings (https://www.instagram.com/accounts/privacy_and_security/).

In addition, we can also attribute comments on our Instagram posts and activities on our stories and profile pages to individual users.

The processing of this data serves the above-mentioned purpose and is carried out in accordance with Art. 6 Para. 1 lit. a GDPR on the basis of your voluntarily given consent by registering and logging in to Instagram. We would like to refer to the terms of use and the privacy policy of Instagram.

We are not aware of the complete data collection, meaning which data of a visitor Instagram collects in total and for which purposes it is processed by Instagram. The necessary information has not been provided to us by Instagram. We ask for your understanding that we can only inform you as far as our knowledge of the data processing in our area of responsibility and our influence on the data processing go.

Furthermore, we would like to point out that the operators of the platform, which can be accessed on the various end devices, are mostly US companies and therefore your data can also be processed outside the European Union and the European Economic Area. This may give rise to risks because, for example, it could make it more difficult to enforce the rights of users. For more details, please refer to the data protection declarations of the individual providers.

You can reach the data protection officer of Meta by clicking on the following link: https://www.facebook.com/help/contact/540977946302970

Further information on data processing by Instagram can be found in the following links:

Privacy Policy: https://help.instagram.com/519522125107875
Opt-Out: https://www.facebook.com/settings?tab=ads and http://www.youronlinechoices.com
Advertising interests: https://www.instagram.com/accounts/access_tool/ads_interests

 

5.3     Our Usage of LinkedIn

The following LinkedIn profiles are covered by this privacy policy:

 

LinkedIn Ireland Unlimited Company, Wilton Place, Dublin 2, Ireland (hereinafter "LinkedIn") is responsible for processing the personal data provided by the visitor when visiting our LinkedIn profile.

General Information on LinkedIn Data Processing

LinkedIn collects personal data to evaluate user behaviour. LinkedIn provides the operators of LinkedIn profile pages, such as us, with insight data in anonymised and aggregated form in order to evaluate the behaviour of users as part of their interaction with our site. We cannot identify any visitor to the LinkedIn profile page in this process.

In addition, we are provided with statistics on the source of access to the LinkedIn profile, the type of end device used to access it or the number of page views. As the operator of this LinkedIn profile, we also receive anonymised statistical data (so-called analyses) from LinkedIn. No conclusions can be drawn about the respective visitor, subscriber or registered user (hereinafter collectively referred to as "visitor"; in individual cases, only the group of persons to whom the respective facts relate will be named in the following). Nor can this statistical data obtained be linked to the profile data of our followers. We can only specify the categories of data and visitors according to which LinkedIn evaluates its data collection and makes it available in the form of anonymised statistics. This data is used by us exclusively for the analysis of user behaviour so that we can better align our LinkedIn profile and our offering with the needs and interests of our visitors.

We use the analyses provided by LinkedIn to select relevant content for our posts on LinkedIn or to post targeted posts on the platform for relevant groups and to offer information material for download.

We only use the data provided to us by LinkedIn that is required for the purposes stated here. If further data is provided, it will not be retrieved and thus not processed by us.

We only receive anonymised information and statistics if the visitor to our LinkedIn profile is registered with LinkedIn. However, we would like to point out that as a result of the direct access to our LinkedIn profile, for example through the reading of log files (e.g. IP address) or the setting of cookies, a note of this data is possible by LinkedIn itself.

The use of your data transmitted to us by LinkedIn is based on Art. 6 para. 1 lit. f GDPR:

  • to carry out data analyses
  • to statistically record the use and performance of our LinkedIn page and to evaluate it for the purpose of optimising our information offering for you
  • to continuously improve and manage our information offering.

Our legitimate interest in accordance with Art. 6 Para. 1 lit. f GDPR follows from the aforementioned points.

We have neither influence on the collection of data by LinkedIn nor on the data processing procedures existing at LinkedIn. We are also not aware of the scope of the data collection, the purposes of the processing or the storage periods. A forwarding of data in anonymised statistics can therefore not be ruled out.

Information for Registered LinkedIn Users

If you follow our LinkedIn profile as a registered user, LinkedIn adds your profile to the list of all followers of our profile. LinkedIn then makes our posts available to you on your newsfeed. The list of our followers is provided to us by LinkedIn. However, this list only contains data that is public, i.e. information that is voluntarily provided by the visitor via their LinkedIn settings. The respective user decides individually in his or her LinkedIn settings what these are in concrete terms. In addition, each visitor has the option to individually set their privacy in the LinkedIn settings.

In addition, each visitor has the option of no longer following our profile. In this case, their profile will no longer appear in the list of followers of our profile. 

We may also attribute interactions with our posts in the form of comments, likes and shares as well as activities on our profile pages to individual users.

The processing of this data serves the above-mentioned purpose and is carried out in accordance with Art. 6 para. 1 lit. a GDPR on the basis of your voluntarily given consent by registering and logging in to LinkedIn.

We are not aware of the complete data collection, i.e. which data of a visitor LinkedIn collects in total and for which purposes it is processed by LinkedIn. The necessary information has not been provided to us by LinkedIn. We ask for your understanding that we can only inform you as far as our knowledge of the data processing in our area of responsibility and our influence on the data processing go.

Furthermore, we point out that your data may also be processed outside the European Union and the European Economic Area. This may result in risks because, for example, it could make it more difficult to enforce the rights of users. Further details are provided in the data protection declarations of the individual providers.

You can reach LinkedIn's data protection officer at the following link: https://www.linkedin.com/help/linkedin/ask/TSO-DPO

You can obtain further information on data processing by LinkedIn at: https://privacy.linkedin.com/

 

5.4 Our Usage of YouTube

The following YouTube channels are covered by this privacy policy:

 

Google Ireland Ltd, Gordon House, Barrow Street, Dublin, D04 E5W5, Dublin (hereinafter "Google") is responsible for processing the personal data provided by our visitors when visiting our YouTube channel.

General Information on YouTube Processing

YouTube collects personal data to evaluate user behaviour. YouTube provides the operators of YouTube channels, such as us, with the following data in anonymised and aggregated form. This is demographic data such as age, gender, place of residence, country or mother tongue, without any reference to identifiable persons. We can therefore not identify any visitor to the YouTube channel.

In addition, we are provided with statistics on the source of access to the YouTube channel, the type of end device used for access or the number of page views. As the operator of this YouTube channel, we also receive anonymised statistical data (so-called insights) from YouTube. This data cannot be used to draw any conclusions about the respective visitor, subscriber or registered user (hereinafter collectively referred to as "visitor"; in individual cases, only the group of persons to whom the respective facts relate will be named below). Nor can this statistical data obtained be linked to the profile data of our subscribers. We can only specify the categories of data and visitors according to which YouTube evaluates its data collection and makes it available in the form of anonymised statistics. This data is used by us exclusively for the analysis of user behaviour so that we can better align our YouTube channel as well as our offer to the needs and interests of the visitors.

We use the data provided to YouTube under "Insight" to select relevant information for our posts on YouTube or to post targeted posts on the platform for relevant groups.

We only use the data provided to us by YouTube that is necessary for the purposes stated here. If further data is provided, it is not retrieved and thus not processed by us.

We only receive anonymised information and statistics if the visitor to our YouTube channel is registered with YouTube. However, we would like to point out that as a result of the direct access to our YouTube channel, for example through the reading of log files (e.g. IP address) or the setting of cookies, a note of this data is possible by YouTube itself.

The use of your data transmitted to us by YouTube is based on Art. 6 para. 1 lit. f GDPR:

  • to carry out data analyses,
  • to statistically record the use of our YouTube page and to evaluate it for the purpose of optimising our offer for you,
  • for the continuous improvement and management of our offer and content.

Our legitimate interest according to Art. 6 para. 1 lit. f GDPR follows from the aforementioned points.

We have no influence on the collection of data by YouTube, nor on the data processing procedures in place at YouTube. We are also not aware of the scope of the data collection, the purposes of the processing or the storage periods. A forwarding of data to anonymised statistics can therefore not be ruled out.

Information for Registered LinkedIn Users

If you follow our YouTube channels as a registered user (YouTube also calls this "subscribing"), YouTube adds your profile to the list of all subscribers to our channel. YouTube then makes our posts available to you on your YouTube homepage. The list of our subscribers is provided to us by YouTube. However, this list only contains data that is public, i.e. information that is voluntarily provided by the visitor via their YouTube settings. The respective user decides for themselves which data they wish to make public in their YouTube settings. Furthermore, every visitor has the possibility to check his privacy in his Google settings (https://myaccount.google.com/intro/privacycheckup).

You can find more information on the individual setting options at https://policies.google.com/technologies/product-privacy.

We can also attribute comments on our YouTube channels to individual users.

The processing of this data serves the above-mentioned purpose and is carried out in accordance with Art. 6 para. 1 lit. a GDPR on the basis of your voluntarily given consent by registering and logging in to YouTube.

We do not know the complete data collection, i.e. which data of a visitor YouTube collects in total and for which purposes it is processed by YouTube. The necessary information has not been provided to us by YouTube. We ask for your understanding that we can only inform you as far as our knowledge of the data processing in our area of responsibility and our influence on the data processing go.

Furthermore, we would like to point out that the operators of the platform, which can be accessed on the various end devices, are mostly US companies and thus their data can also be processed outside the European Union and the European Economic Area. This may give rise to risks because, for example, it could make it more difficult to enforce the rights of users. More details are provided in the data protection statements of the individual providers

You can file a privacy complaint with Google at the following link. You can find further contact options at the following link.

Further information on data processing by YouTube can be found in the following links:

Privacy policy:https://policies.google.com/privacy

Opt-Out: https://adssettings.google.com/authenticated and https://www.youronlinechoices.com

 

5.5     Our Usage of Twitter

The following Twitter channels are covered by this privacy policy:

Twitter Inc., 1355 Market Street, Suite 900, San Francisco, CA 94103 USA (hereinafter “Twitter”) is responsible for processing the personal data provided by our visitors when visiting our Twitter channel.

General Information on Twitter Processing

Twitter collects personal data to evaluate user behaviour. When you use Twitter, your personal data is processed by Twitter. Twitter captures, transmits, saves, uses, and discloses this data in the United States of America, in Ireland, and in any other country in which Twitter Inc. engages in business activities, irrespective of your place of residence. Twitter processes data that you have entered voluntarily, including your name and your user name, your e-mail address, your phone number, or the contacts from your address book (if you upload or synchronise your address book). Twitter also analyses the content you share to identify subjects you might be interested in, it saves and processes confidential messages that you send directly to other users, and it can use GPS data, information about wireless networks, or your IP address to identify your location in order to target you with advertising or other content. You should be aware that Twitter may use analytical tools to analyse your data.

Twitter provides the operators of Twitter channels, such as us, with the following data in anonymised and aggregated form without any reference to identifiable persons. We can therefore not identify any visitor of our Twitter channel.

In addition, we are provided with statistics on the source of access to the Twitter channel, the type of end device used for access or the number of page views. As the operator of this Twitter channel, we also receive anonymised statistical data (so-called insights) from Twitter. This data cannot be used to draw any conclusions about the respective visitor, subscriber or registered user (hereinafter collectively referred to as "visitor"; in individual cases, only the group of persons to whom the respective facts relate will be named below). Nor can this statistical data obtained be linked to the profile data of our subscribers. We can only specify the categories of data and visitors according to which Twitter evaluates its data collection and makes it available in the form of anonymised statistics. This data is used by us exclusively for the analysis of user behaviour so that we can better align our Twitter channel as well as our offer to the needs and interests of the visitors.

We use the data provided from Twitter under "Insight" to select relevant information for our posts on Twitter or to post targeted posts on the platform for relevant groups.

We only use the data provided to us by Twitter that is necessary for the purposes stated here. If further data is provided, it is not retrieved and thus not processed by us.

We only receive anonymised information and statistics if the visitor to our Twitter channel is registered with Twitter. However, we would like to point out that as a result directly accessing our Twitter channel, Twitter can process personal data like IP addresses, data stored in cookies on your device or data your browser transmits.

The use of your data transmitted to us by Twitter is based on Art. 6 para. 1 lit. f GDPR:

  • to carry out data analyses,
  • to statistically record the use of our Twitter channel and to evaluate it for the purpose of optimising our offer for you,
  • for the continuous improvement and management of our offer and content.

Our legitimate interest according to Art. 6 para. 1 lit. f GDPR follows from the aforementioned points.

We have no influence on the collection of data by Twitter, nor on the data processing procedures in place at Twitter. We are also not aware of the scope of the data collection, the purposes of the processing or the storage periods. A forwarding of data to anonymised statistics can therefore not be ruled out.

Information for registered Twitter Users

Any data you enter on Twitter (e.g. your user name and any content published under your Twitter account), may be processed by us. We might share or retweet your tweets, reply to one of your tweets, or mention your account in one of our own tweets. Such activitiy involves us adding the data you publish and share of your own free will on Twitter to our Twitter account and making it available to our “followers”. Any private or direct messages you send to us via Twitter are saved by Twitter for a period of 18 months.

Any views you express as a user via the interactive functions supported by Twitter (e.g. share (retweet, like or comment) are your sole responsibility.

If you follow our Twitter channel as a registered user (Twitter also calls this "subscribing"), Twitter adds your profile to the list of all subscribers to our channel. Twitter then makes our posts available to you on your Twitter account. Some statistics are provided to us by Twitter, for example the number of profile or link clicks generated by a specific tweet. However, this list only contains data that is public, i.e. information that is voluntarily provided by the visitor via their Twitter settings. The respective user decides for themselves which data they wish to make public in their Twitter settings. Furthermore, every visitor has the possibility to check his privacy in his Twitter settings (https://help.twitter.com/de/safety-and-security/birthday-visibility-settings and https://twitter.com/settings/account).

The processing of this data serves the above-mentioned purpose and is carried out in accordance with Art. 6 para. 1 lit. a GDPR on the basis of your voluntarily given consent by registering and logging in to Twitter.

We do not know the complete data collection, i.e. which data of a visitor Twitter collects in total and for which purposes it is processed by Twitter. The necessary information has not been provided to us by Twitter. We ask for your understanding that we can only inform you as far as our knowledge of the data processing in our area of responsibility and our influence on the data processing go.

Furthermore, we would like to point out that the operators of the platform, which can be accessed on the various end devices, are mostly US companies and thus their data can also be processed outside the European Union and the European Economic Area. This may give rise to risks because, for example, it could make it more difficult to enforce the rights of users. More details are provided in the data protection statements of the individual providers

You can file a privacy complaint with Twitter at the following link: https://help.twitter.com/forms/privacy . You can find further contact options at the following https://twitter.com/de/privacy.

A description how to access your Twitter data can be found here: support.twitter.com/articles/20172711

Information on data that Twitter has collected about you can be found here: twitter.com/your_twitter_data

Information about controlling how Twitter personalizes content and collects and shares certain data can be found here: twitter.com/personalization

 

5.6     Our Usage of Xing

The following Xing profile (Employer Branding Profile) is covered by this privacy policy:

 

New Work SE, Dammtorstraße 30, 20354 Hamburg (hereinafter „Xing“) is responsible for processing the personal data provided by our visitors when visiting our Xing profile. For the statistics provided by Xing, an agreement required by data protection law has been concluded with Xing.

General Information on Xing Processing

We collect, process and use the statistics on visitors of our profile provided to us by Xing, we cannot identify individual visitors of our Xing profile. We also process the personal data you provide to us only for the purposes of providing information on our activities on Xing via the Employer Branding Profile, optimising our presence and networking activities with users registered on Xing.

 

Xing provides us with information and statistics on the source of access to the Xing profile, the type of end device used for access or the number of page views. As the operator of the Xing profile, we also receive anonymised statistical data (so-called analyses) from Xing. No conclusions can be drawn about the respective visitor, subscriber or registered user (hereinafter collectively referred to as "visitor"; in individual cases, only the group of persons to whom the respective facts relate will be named in the following) via this data. Nor can this statistical data obtained be linked to the profile data of the followers who follow our profile on Xing. We can only specify the categories of data and visitors according to which Xing evaluates its data collection and makes it available in the form of anonymised statistics. We use this data exclusively for the analysis of user behaviour, so that we can better align our Xing profile and our offer to the needs and interests of the visitors.

 

We use the analyses provided by Xing to select relevant content for our posts on Xing or to post targeted posts on the platform for corresponding groups.

 

We only use the data provided to us by Xing that is required for the purposes stated here. If further data is provided, it is not retrieved and therefore not processed by us.

 

We only receive anonymised information and statistics if the visitor to our Xing profile is registered with Xing. However, we would like to point out that as a result of the direct access to our Xing profile, for example through the reading of log files or the setting of cookies, processing of this data by Xing is possible. We have no influence on this.

 

The use of your data transmitted to us by Xing is based on Art. 6 para. 1 p. 1 lit. f) GDPR:

  • to carry out data analyses,
  • to statistically record the use of our Xing page and to evaluate it for the purpose of optimising our offer for you,
  • for the continuous improvement and administration of our offer.

 

Our legitimate interest, which is required for Art. 6 para. 1 p. 1 lit. f) GDPR, follows from the aforementioned points.

 

We have no influence on the collection of personal data by Xing, nor on the data processing procedures existing at Xing. We are also not aware of the scope of the data collection, the purposes of the processing or the deposited storage periods. A forwarding of data to anonymised statistics can therefore not be ruled out.

 

Information for registered Xing Users

If you follow our Xing profile as a registered user (in doing so, you have accepted Xing's terms and conditions and taken note of Xing's privacy policy), Xing will add your profile to the list of all followers of our profile. Xing then makes our posts available to you on your newsfeed. Xing leaves the list of our followers to us. This list only contains data that is public, i.e. information that is voluntarily provided by the visitor via their Xing settings. The user decides individually in his or her Xing settings what this information is. In addition, each visitor has the possibility to individually adjust his or her privacy settings in the Xing settings. In addition, every visitor has the option of no longer following our profile. Then their profile will no longer appear in the list of followers of our profile. In addition, we can also assign interactions with our posts in the form of comments, likes and shares as well as activities on our profile pages to individual users.

 

This data is processed pursuant to Art. 6 para. 1 sentence 1 lit. b) GDPR on the basis of your user contract concluded with Xing in the context of registration or pursuant to Art. 6 para. 1 sentence 1 lit. a) GDPR on the basis of your voluntarily and, if applicable, implied consent in the context of your usage behaviour on Xing.

 

We are not aware of the complete data collection, i.e. which data of a visitor Xing collects in total and for which purposes it is processed by Xing. The necessary information has not been provided to us by Xing. We ask for your understanding that we can only inform you as far as our knowledge of the data processing in our area of responsibility and our influence on the data processing go.

 

We would also like to point out that Xing states that it processes your personal data within the European Union on servers in Amsterdam.

 

You can reach Xing's data protection officer at the following e-mail address:

datenschutzbeauftragter@xing.com.

 

You can obtain further information on data processing by Xing at: https://privacy.xing.com/en/privacy-policy

 

6. Storage Period

Unless specifically stated, we store personal data only for as long as necessary to fulfill the purposes pursued. In some cases, the legislator provides for the retention of personal data, for example in tax or commercial law. In these cases, we only store the data for these statutory purposes, but do not process it elsewhere and delete it after the statutory retention period has expired. The IP addresses of the users are alienated as soon as they are no longer necessary to achieve the purpose of their collection. This is the case at the end of the respective session of the user. An assignment of the calling client is then no longer possible.

The storage period of the log files for the purposes listed above is a maximum of 14 days.  

 

7. Data Security

We make maximum efforts to ensure the security of your data within the framework of the applicable data protection laws and technical possibilities.

Your personal data is transmitted encrypted to us. This applies to your orders and also to the customer login. We use state-of-the-art, secure transmission protocols, but we would like to point out that data transmission on the Internet (e.g. when communicating by e-mail) can have security gaps. Complete protection of data against access by third parties is not possible. To protect your data, we maintain technical and organizational security measures in accordance with Art. 32 GDPR, which we constantly adapt to the state of the art.

We also do not guarantee that our offer will be available at certain times; disruptions, interruptions or failures cannot be ruled out. The servers we use are carefully backed up on a regular basis.

 

8. Transfer of Data to Third Parties and to Non-EU Countries

In principle, we only use your personal data within our company. If and to the extent that we involve third parties in the performance of contracts (such as logistics service providers), they will only receive personal data to the extent that the transfer is necessary for the corresponding service.

In the event that we outsource certain parts of data processing and engage data processors that we contractually oblige to use personal data only in accordance with the requirements of data protection laws. Data transfer to entities or persons outside the EU does not take place and is not planned. 

 

9. Children and Teenagers

Persons under the age of 16 may not transmit any personal data to us without the consent of their legal guardians. We also do not request any personal data from them, do not collect it and do not pass it on to third parties.

If you do not want the aforementioned social networks to process your personal data, please do not click on the aforementioned buttons.

 

10. Data Protection Officer

If you still have questions or concerns about data protection, please contact our data protection officer in writing or in electronic form: Olympiapark München GmbH, Attn: Data Protection Officer, Spiridon-Louis-Ring 21, 80809 München, dsb.extern@olympiapark.de

 

11. Your Rights as Data Subject

As a user of our website, you have various rights under the GDPR, which arise in particular from Art. 15 to 18, 21 GDPR:

 11.1 Right to Information:

You can request information pursuant to Art. 15 GDPR about your personal data processed by us. In your request for information, you should specify your request. Please note that your right to information may be restricted under certain circumstances in accordance with the statutory provisions.

11.2 Right to Rectification:

If the information concerning you is not (or no longer) accurate, you can request a correction in accordance with Art. 16 GDPR. If your data is incomplete, you can request that it be completed.

11.3 Right to Deletion:

You can request the deletion of your personal data under the conditions of Art. 17 GDPR. Your right to erasure depends, among other things, on whether the data concerning you is still needed by us to fulfill our legal duties.

11.4 Right to Restriction of Processing:

Within the framework of the requirements of Art. 18 GDPR, you have the right to request a restriction of the processing of the data concerning you.

11.5 Right to Object:

According to Art. 21 GDPR, you have the right to object to the processing of data relating to you at any time for reasons arising from your particular situation. However, we cannot always comply with this, e.g. if legal provisions oblige us to process data within the scope of our official duties.

11.6 Right to Complain:

If you are of the opinion that we have not complied with data protection regulations when processing your data, you can lodge a complaint with the Bavarian State Commissioner for Data Protection (BayLfD), Wagmüllerstraße 18, 80538 Munich, Germany, Tel.: +49 (0) 89 2126720, Internet: www.datenschutz-bayern.de.

11.7 Automated Decisions Including Profiling:

You have the right not to be subject to a decision based solely on automated processing which produces legal effects concerning you or similarly significantly affects you. Automated decision-making based on the personal data collected will not take place.

 

 

Status: September 20, 2022