Data Protection

Introduction and Overview

We have created this privacy policy (version 02.11.2022-112290459) in order to comply with the provisions of the General Data Protection Regulation (EU) 2016/679 and applicable national laws. The purpose of this policy is to explain what personal data (referred to as “data”) we, as data controllers, and our processors (e.g., providers) process, will process in the future, and to outline your legal options. The terms used in this document are gender-neutral.

In short, we provide comprehensive information about the data we process concerning you. Privacy policies usually sound very technical and employ legal terminology. However, this privacy policy aims to describe the most important aspects in the simplest and most transparent way possible. Technical terms are explained in a reader-friendly manner, links to further information are provided, and graphics are used for clarification. In this manner, we communicate clearly and plainly that we only process personal data as part of our business activities when there is a corresponding legal basis. Achieving this clarity would not be possible if we were to use brief, unclear, and legally technical explanations, which are often the standard on the internet when it comes to privacy. We hope you find the following explanations interesting and informative, and perhaps you will come across information you were not aware of.

If you still have questions, we kindly ask you to contact the responsible entity mentioned below or refer to the imprint section, follow the provided links, and consult additional information on third-party websites. Our contact information is also available in the imprint.

Legal Bases

In the following privacy policy, we provide transparent information about the legal principles and regulations, i.e., the legal bases of the General Data Protection Regulation that enable us to process personal data.

In terms of EU law, we refer to the REGULATION (EU) 2016/679 OF THE EUROPEAN PARLIAMENT AND OF THE COUNCIL of April 27, 2016. You can find this EU General Data Protection Regulation online on EUR-Lex, the access to EU law, at https://eur-lex.europa.eu/legal-content/EN/ALL/?uri=celex%3A32016R0679.

We only process your data if at least one of the following conditions applies:

  1. Consent (Article 6(1)(a) GDPR): You have given us consent to process data for a specific purpose. An example would be storing data you entered in a contact form.

  2. Contract (Article 6(1)(b) GDPR): To fulfill a contract or pre-contractual obligations with you, we process your data. For example, if we enter into a purchase contract with you, we need personal information beforehand.

  3. Legal obligation (Article 6(1)(c) GDPR): If we are subject to a legal obligation, we process your data. For instance, we are legally obliged to retain invoices for accounting purposes, which usually contain personal data.

  4. Legitimate interests (Article 6(1)(f) GDPR): In case of legitimate interests that do not infringe on your fundamental rights, we reserve the right to process personal data. For instance, we might need to process certain data to operate our website securely and efficiently. This processing is therefore a legitimate interest.

Other conditions like processing for reasons of public interest, exercising public authority, or protecting vital interests do not generally apply to us. If such a legal basis were to be relevant, it would be specified in the appropriate section.

In addition to the EU Regulation, national laws also apply: In Austria, this is the Federal Act on the Protection of Natural Persons with Regard to the Processing of Personal Data (Data Protection Act), abbreviated as DSG. In Germany, the Federal Data Protection Act, abbreviated as BDSG, applies. If other regional or national laws are applicable, we will inform you in the following sections.

Contact Details of the Data Controller

If you have any questions regarding data protection or the processing of personal data, you can find the contact details of the responsible person or entity below:

Celsius Entertainment e.U

 Zschokkegasse 91/7/1 

1220 Vienna Austria 

Email: office@celsiusentertainment.at 

Phone: +43 67763504179

 Imprint: https://www.celsiusentertainment.at/impressum/

Data Retention Period

Our general criterion is to retain personal data only for the time necessary to provide our services and products. This means that we delete personal data as soon as the purpose of data processing is no longer applicable. In some cases, we are legally obliged to retain certain data even after the original purpose has ceased, such as for accounting purposes.

If you wish to have your data deleted or withdraw your consent for data processing, we will delete the data as soon as possible, as long as there is no legal obligation to retain it.

We will provide you with specific information about the duration of each data processing further below, whenever we have additional information.

Rights according to the General Data Protection Regulation

According to Articles 13 and 14 GDPR, we inform you about the following rights that you have in order to ensure fair and transparent data processing:

According to Article 15 GDPR, you have the right to know whether we process your data. If so, you have the right to receive a copy of the data and to learn the following information:

  • The purpose of the processing
  • The categories of data processed
  • Recipients of the data, and if the data is transferred to third countries, how security is ensured
  • The duration of data storage
  • The right to rectification, erasure, or restriction of processing, as well as the right to object
  • The right to lodge a complaint with a supervisory authority (links to these authorities are provided below)
  • The origin of the data, if it was not collected directly from you
  • Whether profiling is conducted, which involves automatically evaluating data to create a personal profile of you.

According to Article 16 GDPR, you have the right to rectify data, which means we must correct any errors you find.

According to Article 17 GDPR, you have the right to erasure (“right to be forgotten”), which means you can request the deletion of your data.

According to Article 18 GDPR, you have the right to restrict processing, which means we can only store the data but not use it further.

According to Article 20 GDPR, you have the right to data portability, which means we must provide you with your data in a common format upon request.

According to Article 21 GDPR, you have the right to object, which, when enforced, leads to a change in the processing.

If the processing of your data is based on Article 6(1)(e) (public interest, exercise of public authority) or Article 6(1)(f) (legitimate interest), you can object to the processing. We will examine whether we can legally comply with this objection as soon as possible.

If data is used for direct marketing, you can object to this type of data processing at any time. After that, we are no longer allowed to use your data for direct marketing.

If data is used for profiling, you can object to this type of data processing at any time. After that, we are no longer allowed to use your data for profiling.

According to Article 22 GDPR, you may have the right under certain circumstances not to be subject to a decision based solely on automated processing (e.g., profiling).