Privacy for OSC forms and inquiries.

Data protection declaration

As of June 18, 2024. SupraTix GmbH takes the protection of your personal data very seriously. Personal data is all data that can be related to you personally, for example name, address, email address or user behavior.

Personal data may be collected when you visit the website. This data will be processed in compliance with applicable data protection regulations and will not be published or passed on to third parties without authorization.

This data protection declaration informs you about what data is collected when you visit the websites and how this data is used.

This online offer may only be used by children under 16 years of age with the separate consent of their legal guardian. The required form can be requested via datenschutz@supratix.com.

The definitions from Article 4 of the General Data Protection Regulation (GDPR) apply to terms such as personal data or processing.

Person responsible and data protection contact

If you have any questions about data protection at SupraTix GmbH, Tobias Göcke is available at the address mentioned and by email to datenschutz@supratix.com.

Types of data processed and purposes

The source version names inventory data, contact data, content data, contract data, payment data, metacommunication data and usage data.

• Inventory data: name, username, address, birthday and associated organization.
• Contact details: email address and telephone number.
• Content data: Text entries, programming, imports and uploads such as images, videos or PDFs.
• Contract and payment data: product usage, subject matter of the contract, term, customer category, bank details and payment history.
• Meta and usage data: IP address, account activities, time zone, content type, learning preference, skills, task activities, spatial data, operating system, browser, language and browser software version.

The processing can concern contact inquiries, service provision, contract processing, security, technical operation, communication, organizational procedures, newsletters and the provision of the online offer.

Processors, third parties and third countries

If SupraTix GmbH discloses, transmits or otherwise grants access to data to processors or third parties, this is only done on the basis of legal permission, consent, a legal obligation or legitimate interests.

If third parties are commissioned to process data, this is done on the basis of an order processing contract in accordance with Art. 28 GDPR.

Transfers to third countries outside the European Union or the European Economic Area only take place if this happens to fulfill pre-contractual or contractual obligations, on the basis of consent, on the basis of a legal obligation or on the basis of legitimate interests. The source version also mentions Privacy Shield and standard contractual clauses.

Legal basis and security

The legal basis of the source includes consent according to Art. 6 Paragraph 1 lit. a and Art. 7 GDPR, contract fulfillment and pre-contractual measures according to Art. 6 Paragraph 1 Letter d GDPR.

SupraTix GmbH uses technical and organizational security measures to protect personal data against misuse, loss, destruction and access by unauthorized persons.

Contact, deletion and rights

When you contact us via email or online contact form, the data provided will be saved to answer questions. The data arising in this context will be deleted as soon as storage is no longer necessary, or restricted if there are legal retention requirements.

Data subjects have the legal rights to information, correction, deletion, restriction of processing, objection to processing and data portability. You also have the right to complain to a data protection supervisory authority.

Data will be deleted or its processing restricted in accordance with Articles 17 and 18 GDPR as soon as they are no longer necessary for their intended purpose. Commercial or tax law requirements may require storage for six or ten years.

Newsletter and cookies

Newsletters, emails and other electronic notifications with promotional information will only be sent with the consent of the recipient or legal permission. Registration takes place using the double opt-in procedure and is logged with the registration time, confirmation time and IP address.

Some of the websites use cookies. Some cookies are session cookies and are automatically deleted after the visit. Other cookies remain stored on the device until they are deleted. Browser settings can limit or block cookies; this may limit the functionality of the website.

Named services

Amazon Web Services

The source credits Amazon Web Services, Inc. for services such as S3, CloudFront, Lambda, EC2, Application Load Balancer, Elastic Cache, Elastic Transcoder, SNS, and SQS. The basis is legitimate interests and an order processing contract.

DATEV eG

The source names DATEV eG for CRM and accounting software. The basis is legitimate interests and an order processing contract.

Creditreform Boniversum GmbH

The source names Creditreform Boniversum GmbH, Hammfelddamm 13, 41460 Neuss, for credit checks when concluding contracts and in cases with legitimate interest.

Objection to advertising emails

The use of contact details published as part of the imprint obligation to send advertising and information materials that have not been expressly requested is prohibited. The operators reserve the right to take legal action in the event of unsolicited advertising information, such as spam emails.

OSC-specific addition

This supplement describes public OSC forms, optional PDF uploads, the strategy form and web analytics on the OSC pages.

OSC public forms

Contact, participation and strategy requests are processed to process the request. Mandatory fields remain limited to the information required for an initial classification.

Optional PDF uploads

A PDF file can be transmitted voluntarily, up to a maximum of 10 MB. It is only used to check and process the request.

Strategy form

The strategy form on the OSC homepage transmits inquiries via /store/safe-contact-formular/ into the operator's existing contact process.

supra_tracking and web analysis

If supra_tracking or web analysis are active, processing is limited to the configured purpose of website analysis and must remain transparent in the delivered page context.