Information on data protection(incl. cookie information) for the FIBA-Ticket shop of the Deutscher Basketball Bund e.V (DBB)

The purpose of this information on data protection is to inform you on the processing of your personal data when visiting and using the ticketing landing page [https://www.eventim.de/campaign/fwbwc2026] and the partner shop [https://www.eventim.de/?affiliate=B1W] under the joint controllership and responsibility of CTS EVENTIM AG & Co. KGaA (hereinafter "EVENTIM") and the Deutscher Basketball Bund e.V. (referred to below as “Partner” or “Joint Controllers”, “ we" or "us") and in reference to our marketing measures on our own website as well the website of third parties and on social networks in accordance with the General Data Protection Regulation (hereinafter "GDPR").

1 Scope, controller and definitions

1.1 Scope of this data protection information

• 1. This information on data protection applies to the visit and use of the EVENTIM website on which a customer account can be created and tickets can be purchased in our online ticket shops, including partner shops. This information also applies to our related marketing activities on our website, third-party website and in social networks. You can access, save and print this information on data protection at any time and free of charge on our website.
• 2. This information on data protection only concerns the processing of personal data within the meaning of Section 1.3, number 4. Other website are not covered by this information on data protection and provide their own specific information on data protection.

1.2 Controller for the processing of your personal data

Unless stated otherwise in this privacy policy, the following are joint controllers for the processing of your personal data:c
CTS EVENTIM AG & Co. KGaA
Hohe Bleichen 11
20354 Hamburg
E-Mail: kundenservice@eventim.de
Tel: +49 (0) 1806 533 933 (€ 0.20 /call incl. VAT from German landlines, max. € 0.60 /call incl. VAT from mobile networks).

and

Deutscher Basketball Bund e.V. (DBB)
Hans-Joachim-Höfig-Haus
Schwanenstraße 6-10 | D-58089 Hagen
Email: info@basketball-bund.de

For processing related to marketing activities on our website, third-party website and in social networks that are carried out with the support of EVENTIM Media House GmbH – as specified in section 2.1.2, 2.1.3 and 2.1.4 – we are jointly responsible.

1.3 Definitions

This information on data protection is based on the following terms on data protection, which we have defined for easier understanding:

• 1. The GDPR is the General Data Protection Regulation (Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC).
• 2. Recipient is a natural or legal person, authority, institution or other body to which personal data is disclosed, regardless of whether it is a third party or not. Authorities, however, which within the framework of a specific inquiry mandate may receive personal data under Union law or the law of the Member States shall not be considered recipients; the processing of such data by these said authorities is carried out in accordance with the applicable directives on data protection in accordance with the purposes of the processing. Depending on the method of payment selected for ticket purchases, the recipients of your personal data may be banks or the postal service providers via whom we send you your ticket by post.
• 3. In accordance with Section 15 of the German Stock Corporation Act (AktG), the EVENTIM Group comprises all of CTS EVENTIM AG & Co. KGaA's affiliated companies. Further information is available at https://corporate.eventim.de/unternehmen/.
• 4. Personal data are all information relating to an identified or identifiable natural person, i.e. the data subject. An identifiable natural person is one who can be identified directly or indirectly, in particular by assignment to an identifier such as a name, an identification number, location data, an online identifier or one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person. Personal data can, for example, be name, contact data, user behaviour or bank data.
• 5. The Controller is the natural or legal person, public authority, agency or other body which alone or jointly with others decides on the purposes and means of processing personal data. Where the purposes and means of such processing are laid down by Union law or by the law of the Member States, the controller or the specific criteria for his appointment may be laid down in accordance with Union law or the law of the Member States. For the data processing described in this privacy policy, CTS EVENTIM AG & Co. KGaA is responsible; together with the operator of a partner-site (see section 1.2).
• 6. Processing is any operation or set of operations which is performed on personal data or sets of personal data, whether or not by automated means, such as collection, recording, organising, structuring, storing, adapting or altering, retrieving, consulting, using, disclosing by transfer, disseminating or otherwise making available, aligning or combining, restricting, erasing or destroying. Processing can be, for example, the collection and use of your order data for ticket sales.

2 Purposes, legal bases and, if applicable, data categories for processing your personal data

• 2.1 Processing of your data when you visit our website as well as part of marketing measures on third-party website and in social networks

  
  

  If you access our website to obtain information about our products and services without registering in the customer account, purchasing a ticket in our ticket shop or otherwise actively providing us with information (purely informational use), we process your personal data. In addition, we process your personal data as part of marketing measures on third-party website and social networks. Your personal data is processed for the following purposes and on the basis of the following legal bases:

  • 2.1.1 Processing for IT security purposes
    • 1. When using our website, we process your personal data that is technically necessary for us to make our website available to you and to ensure stability and security when visiting them. For this purpose, we process the following personal data:
      • • IP address
      • • Browser Fingerprints
      • • Browser User Agents
      • • Cookies (see Cookie information Website)
    • 2. For the identification and defense against threats (bot defense, DDoS attacks), we use services of Akamai Technologies GmbH on our website. Akamai processes the IP address of your end device on behalf of EVENTIM to prevent technical threats on our website. The IP address is usually transferred to Akamai servers in the USA and processed there. This data transfer is based on EU standard contractual clauses. This ensures adequate protection of your personal data.
    • 3. For the delivery and acceleration of online applications (content delivery network) we use services of Akamai Technologies GmbH. Akamai processes the IP address of your end device. On behalf of EVENTIM, Akamai uses this information to ensure the high availability of our website. The IP address is usally transmitted to Akamai servers in the USA and processed there. This data transfer takes place on the basis of EU standard contractual clauses. This ensures adequate protection of your personal data.
    • 4. We use Google reCaptcha v2 on our website. reCaptcha is an offer from Google (Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland) and serves to prevent abusive automated entries in web forms and thus to protect the technical systems of the hoster.
      When you call up one of our web pages in which reCaptcha is integrated, a connection is established to Google's servers. A reCaptcha cookie is set. Your IP address is transmitted to Google.
      In addition, reCaptcha collects the following data by means of "fingerprinting":
      • • browser plugins used
      • • cookies set by Google in the last 6 months
      • • number of mouse clicks and touches you have made on this screen
      • • CSS information for the page you are viewing
      • • Javascript objects
      • • the date
      • • the browser language
      The storage and analysis of the data is based on Art. 6 (1) lit. f GDPR. The website operator has a legitimate interest in protecting its web offers from abusive automated spying and from SPAM. Insofar as personal data is transferred to Google in the USA, this is done on the basis of EU standard contractual clauses. This ensures adequate protection of your personal data. You may refuse the use of cookies and fingerprinting by selecting the appropriate settings on your browser, however, please note that if you do this you may not be able to use the full functionality of this website.
      
    • 5. The privacy policy and terms of use of Google can be found here: https://www.google.com/policies/privacy/ and here: https://policies.google.com/terms
      Due to our legitimate interest in providing you with the website and safeguarding IT security for you when using them, we process your personal data on the basis of Art. 6 Para. 1 Sentence 1 lit. f) GDPR.
  • 2.1.2 Processing for analytical purposes
    • 1. When you visit our website, we may analyse and document how you use our website, e.g. your surfing behaviour on our website, which events and areas on our website you are interested in and, if you purchase a ticket from us, your order and shopping cart data. Furthermore, we aggregate this data in order to be able to evaluate, for example, the number of website visitors and their origin. For this purpose, we process the following personal data:
      • • IP address (shortened)
      • • Cookies (see Cookie information Website)
      • • E-mail address (hashed)
      Hashing uses a function whereby your e-mail address is pseudonymized in a non-reversible manner.
    • 2. We process your personal data on the basis of your consent as defined in Art. 6 Para. 1 Sen-tence 1 lit. a) GDPR. If you would like to object to the data processing for analytical purposes, please click on the following link: Cookie-Einstellungen
    • 3. For this analysis, we use Google Analytics 360, a web analysis service of Google Ireland Ltd. (“Google”), on our website. Google Analytics 360 uses cookies that enable an analysis of the use of our website. The information generated by the cookie about the use of our website is in general transferred via a server operated by us in Europe to Google Analytics 360 in the US and stored there. This data transfer takes place on the basis of EU standard contractual clauses. This ensures adequate protection of your personal data. You can find out more here:
      https://business.safety.google/adsprocessorterms/sccs/p2p-intra-group/
      We shorten your IP address on the server we operate before it is transferred to a Google Analytics 360 server. An exception to this are website that we operate under joint responsibility with our partners, there your information will be transferred to Google Analytics 360 after using IP anonymization on our website. If you are in the European Union, this function shortens your IP address within Member States of the European Union or in other contracting states to the Agreement on the European Economic Area.
      On behalf of EVENTIM, Google Analytics 360 will use this information to evaluate the use of the website, to compile reports on the website activities and to provide EVENTIM with further services associated with the use of the website and the internet.
      For more information on the terms of use and data protection of Google Analytics 360, please visit:
      • https://support.google.com/analytics/answer/6004245
    • 4. We use a user experience analytics tool from the service provider Contentsquare (Hotjar) To better understand the needs of our users and to optimize the offer and experience on this website. This tool works with cookies and other technologies to collect data about our users’ behavior and about their end devices. For this purpose, we process the following (personal) data:
      • • IP address of the device (in anonymized form).
      • • screen size, device type (unique device identifiers) browser used
      • • Location (country only) and preferred language for viewing our website
      • • keyboard and mouse inputs (movements, position and clicks)
      • • referral URL and domain
      • • visited web pages with date and time
      You can prevent the collection of information by preventing the storage of cookies by selecting the appropriate settings on your browser software or by deactivating tracking under Cookie Settings . However, we would like to point out that in this case you may not be able to use all functions of this website to their full extent.
  • 2.1.3 Processing for purposes of advertising and re-targeting on third party website and social networks
    • 1. If you visit our website, we process your personal data for advertising measures in the form of remarketing and display advertising as well as with the help of social media plug-ins and for social media ads.
    • 2. As part of display advertising, we carry out various marketing campaigns using tags (pixels) and cookies from our retargeting providers. When you visit our website, tags and cookies are set and associated with products you have viewed or purchased. This allows you to see individual displays for EVENTIM products. We also play banner ads to users of Facebook, Instagram and TikTok who have a similar profile to our existing customers and website visitors. For this, we process:
      • • Web page type called up,
      • • viewed product number,
      • • when purchasing a ticket: ordered product number, sales value and order number, as well as preferences and
      • • cookie Ids.
      We process your personal data on the basis of your consent as defined in Art. 6 Para. 1 Sen-tence 1 lit. a) GDPR. If you do not want the retargeting function please click on the following link: Cookie Settings
      In connection with the use of tags and cookies from Google and Meta Platforms, Inc. (e.g. Facebook and Instagram) your personal data is transferred to the US. This data transfer is based on EU standard contractual clauses. This ensures an adequate protection of your personal data.
      For further details on data processing by the retargeting providers, please refer to the corresponding data protection information:
      • • Google: https://policies.google.com/privacy?hl=en
      • • Erläuterung zur Verwendung von Daten dritter Seiten durch Google: https://policies.google.com/technologies/partner-sites
      • • Meta: https://www.facebook.com/privacy/policy
      • • TikTok Information Technology UK Limited & TikTok Technology Limited (Ireland): https://www.tiktok.com/legal/page/eea/privacy-policy/de
    • 3. If you have finished a ticket purchase from us, a cookie is set by Google Ads, Google Analytics 360 and Microsoft Ads . If you enter corresponding search terms in Internet search engines after your purchase, individual recommendations for EVENTIM products and services can be displayed to you on the basis of your purchase with the help of this cookie (search engine marketing).
      Your personal data is processed in the process. We process your personal data on the basis of your consent as defined in Art. 6 Para. 1 Sentence 1 lit. a) GDPR.
      If you would like to object to the data processing by Google Ads, Google Analytics 360 and/or Microsoft Ads , please click on the following link: Cookie Settings
      If you would like to object to the data processing by Google Ads, Google Analytics 360 and/or Microsoft Ads , please click on the following link: Cookie Settings
      For further details on data processing by Google Ads and Microsoft Ads, please refer to the corresponding information on data protection:
      • • Google: https://policies.google.com/privacy?hl=en
      • • Google Ads: https://policies.google.com/technologies/ads
      • • Explanation of Google’s use of third party data: https://policies.google.com/technologies/partner-sites
      • • Google: https://policies.google.com/technologies/partner-sites
      • • Microsoft Ads : https://privacy.microsoft.com/de-de/privacystatement/
    • 4. We place advertisements, so-called social media ads, in social networks and apps from Meta like Facebook, Instagram and messenger. If you have an account on these social networks and through your account settings on the social network agree to display advertising, you will receive corresponding recommendations on our products and services. The recommendations are generated based on your interests (e.g., “likes” of artists) stored in your public profile on Facebook or Instagram.
      For this, we process your public profile data. Based on your public profile interests (e.g., “likes” of artists) we show you individual advertising. In particular, we process
      • • your IP address,
      • • your device/cookie ID,
      • • page/feed activity,
      • • internet speed,
      • • purchasing activities and
      • • social connections
      to measure ad success. We process your personal data on the basis of your consent as defined in Art. 6 Para. 1 Sentence 1 lit. a) GDPR.
      In doing so, your personal data is transferred to the US. This data transfer is based on EU standard contractual clauses. This ensures an adequate protection of your personal data.
      For further details on data processing, we refer you to the information on data protection of Facebook and Instagram:
      • • Facebook: https://www.facebook.com/privacy/policy
      • • Instagram: https://help.instagram.com/155833707900388
      • • Informationen über Facebook Werbeanzeigen: https://www.facebook.com/about/ads/
    • 5. On our website we also use TikTok Advertising, a service provided by TikTok Information Technologies UK Limited and TikTok Technology Limited (“TikTok”). Through the use of cookies and similar technologies, information about your usage behaviour on our website (e.g., information about events viewed, device ID of your device, IP address, user agent) is collected in this context. The collection and transmission happens in joint controllership between us and Tik Tok. We process your personal data on the basis of your consent within the meaning of Art. 6 Para. 1 Sentence 1 lit. a) GDPR. You can withdraw your consent to the use of TikTok Advertising at any time.
      The further processing of the data transferred to TikTok is the sole data protection responsibility of TikTok. Please not that TikTok may assign the transferred information to your existing platform account and use it to show you interest-based advertising. In addition, TikTok may use your information to create a profile about you and use it for its own advertising purposes or to advertise third-party services. Insofar as TikTok processes your data in its sole responsibility, your data may be transferred to the USA. You can find more information on data protection at TikTok here:
      https://www.tiktok.com/legal/page/eea/privacy-policy/de-DE
    • 6. In order to be able to show you and users who are similar to you in their purchasing behaviour suitable recommendations for products and services on advertising platforms from Google (e.g. YouTube and search or display network) and social networks from Meta (e.g. Facebook, Instagram), your encrypted e-mail address may be passed on to these networks after you have registered for our EVENTIM News. For this purpose your e-mail address will be encrypted in the hashing algorithm SHA-256 and transferred to the USA. This data transfer happens in accordance with the EU Standard Contractual Clauses. Thereby, appropriate protection of your personal data is ensured.
      The transmission of data is independent of the existence of a Google or Meta user account. As soon as the matching of the hashed data with the hashed user data on Google or Meta proceeded, Google and Meta delete the transferred data. As a result, Google and Meta don’t have access to the hashed e-mail addresses of people who are not registered on their networks beyond the matching process.
      For further details on data processing by Google or Meta, please refer to the relevant data protection information:
      Meta: https://www.facebook.com/privacy/policy
      Google: https://policies.google.com/privacy?hl=de
      We process your personal data on the basis of your consent as defined in Art. 6 Para. 1 Sentence 1 lit. a) GDPR.
  • 2.1.4 Use of cookies
    • 1. When using our website, cookies are stored on your computer. Cookies are small text files that are assigned and stored on your hard disk by the browser you use. Cookies allow certain information to flow to the controller that sets the cookie. These also contain personal data. This allows us to make our website more user-friendly and effective. Cookies cannot run programs or transmit viruses to your computer.
    • 2. For the use of cookies on the website of our ticket shop, the Cookie Information website of EVENTIM (see Cookie information Website) apply.
    • 3. EVENTIM participates in the IAB Europe Transparency & Consent Framework and complies with its Specifications and Policies. Our identification number within the framework is 31.
    • 4. If you give your consent that we may store certain or all cookies on your computer, a corresponding consent ID is generated and stored. The processing is carried out on the basis of Art. 6 Para. 1 Sentence 1 lit. c) GDPR.

• 2.2 Registration and creation of a customer account

  • 1. When you visit our website, you can create a customer account. You can use this to purchase tickets and find out about events and leisure activities. You can also create lists of your favorite artists, venues and events, bookmark them and receive information about them. You can participate in exclusive pre-sales and ticket sales registration, subscribe to newsletters and take advantage of many other benefits relating to your ticket purchase. The registration and use of the customer account requires the provision of personal data. Mandatory fields are marked accordingly in the input mask. So-called session cookies are used for the technical realisation of the login.
  • 2. You have the option to select a “persistent” login for the device you are using. In this case, you will not be asked for your password for a period of up to 6 months. This allows you to complete your ticket purchase faster and more conveniently, as well as to use many other functions and advantages faster. To enable this login, cookies are set on your end device. For some functions, such as downloading tickets, additional authentication via your password, is still required.
  • 3. We process your data to enable you to create and use your customer account and to purchase tickets and afterwards inform you about our products and services based on our legitimate interest, as well as for user-verification in case of changes to personal data in your account. The processing is carried out on the basis of Art. 6 Para. 1 Sentence 1 lit. b) and lit. f) GDPR.

• 2.3 Ticket purchases in the online ticket shop and via the ticket hotline

  • 1. We process your personal data when you buy a ticket on our website in the ticket shop or via our ticket hotlines and provide personal data. The processing is carried out for the purpose of contract execution and processing with you on the basis of Art. 6 Para. 1 Sentence 1 lit. b) GDPR.
  • 2. If you purchase a ticket for another person (third party), we process the third party’s personal data (name and, if applicable, contact data) provided by you for ticket ersonalized on and, if applicable, for sending the ticket to the third party. These data are processed for the purpose of contract execution and processing with you on the basis of Art. 6 Para. 1 Sentence 1 lit. b) GDPR. If you provide data of a third party when purchasing a ticket, make sure that the third party is sufficiently informed by you about the processing of his/her data at EVENTIM and that you are entitled to provide the data.
  • 3. When you purchase a ticket through our website and choose either “purchase on account” or “hire purchase” payment methods, Klarna use tools to identify potential fraud. A corresponding check only takes place if you give your consent (opt-in). If the check is negative, the payment methods “purchase on account” or “hire purchase” are rejected. However, all other payment methods listed in the ticket shop are still available to you. When using the tools, it is possible to draw conclusions about your person. We process your personal data on the basis of your consent as defined in Art. 6 Para. 1 Sentence 1 lit. a) GDPR and due to the fact of our legitimate interest and Klarna’s legitimate interest in fraud prevention on the basis of Art. 6 Para. 1 Sentence 1 lit. f) GDPR.
  • 4. In order to offer you the payment method “direct bank transfer” on our website, we use the payment initiation service provider Tink AB. You will be redirected to the Tink website for payment processing and will find Tink’s applicable terms and conditions and privacy policy there. For payment processing, we process your personal data (e.g. name, contact and account information, amount) on the bases of contract fulfilment within the meaning of Art. 6 Para. 1 Sentence 1 lit. b) GDPR. In some cases, account data such as the balance etc. may be used to carry out a risk assessment. This processing takes place due to the legitimate interest in fraud prevention on the basis of Art. 6 Para. 1 Sentence 1 lit. f) GDPR.
  • 5. If you pay with a credit card, the so-called 3D-Secure 2.0 procedure (hereinafter: 3DS 2.0) is usually applied. 3DS 2.0 is a worldwide standard of card networks (Visa, MasterCard, JCB, Diners, AMEX etc.) developed by EMVCo, an association of card networks. 3DS 2.0 is one of the methods used to perform strong customer authentication in accordance with the EU 2015/2366 directive (Payment Services Directive 2, PSD 23). PSD 2 is implemented in Germany in the Payment Services Supervision Act. The 3DS 2.0 process confirms that the person initiating an eCommerce transaction is also authorized to use the respective payment card, i.e. it is intended to prevent the misuse of your credit card. The processing of the data required for 3DS 2.0, in accordance with section 3.4 of our Terms and Conditions (see https://www.eventim.de/help/terms/?affiliate=B1W) is carried out for the purpose of executing and handling the contract with you on the basis of Art. 6 Para. 1 Sentence 1 lit. b) GDPR.
  • 6. If you receive and accept a digital ticket (EVENTIM.Pass) from a third person through forwarding, we process your personal data. The processing is carried out for the purpose of contract execution and processing with you on the basis of Art. 6 Para. 1 Sentence 1 lit. b) GDPR.
  • 7. When you buy a ticket on our website, you may be redirected to a virtual queue in situations with particularly high visitor numbers. This is to ensure that we do not overload our website. To determine your place in the queue and to enable you to buy tickets at the right time, your IP address and possibly browser data (e.g. user agent) are processed by Queue-it ApS. The access to the virtual queue is sometimes restricted, so that you can only enter it if you have already registered in advance for the on-sale with your e-mail address. In individual cases, we register you for the virtual queue on behalf of our partners, who share your e-mail address for this purpose with us and in their own. To gain access, you must enter the previously registered e-mail address in the virtual waiting room and will then receive a one-time code by e-mail. The virtual queue can only be entered once this code has been entered correctly in the virtual waiting room. This processing is based on our legitimate interest in providing our website securely and efficiently, on the basis of Art. 6 Para. 1 Sentence 1 lit. f) GDPR as well as providing you with a registration for the virtual queue on the basis of Art. 6 Para. 1 Sentence 1 lit. a) GDPR.

• 2.4 Ticket sales via website of the partner

  • 1. If you purchase tickets via this website (“Partner Site”), your personal data will be processed for the handling and execution of your order. The partner referenced in Section 1.2 is jointly responsible with us (Art. 26 GDPR) for the processing of your personal data for the purposes specified below (see Sections 2.3, 2.6, 2.8, 2.10, 2.11, 2.12 and 2.13 of this Privacy Notice).
  • 2. Please contact EVENTIM if you have any inquiries regarding sections 2.10, 5, 6 and 7 (see contact details in section 1.2). Upon request, we would also provide you with the essentials of the agreement on shared data protection responsibility with our partner.
  • 3. The processing of data about users of the partner shop in connection with the use of an Internet offer and its functions outside of order processes (including processing for the purposes of IT security, usage analysis, personalization and the display of advertising – if necessary using cookies) – as detailed in sections 2.1, 2.2, 2.5, 2.7, 2.9 – is not subject to the common data protection responsibility with the partner. EVENTIM is solely responsible for these processing activities.

• 2.5 Credit assessment and profiling

  • 1. If the customer selects the SEPA direct debit payment method, CTS EVENTIM reserves the right to obtain credit information from SCHUFA, Boniversum or infoscore within the scope of this contractual relationship.
  • 2. Credit risk is assessed on the basis of mathematical-statistical procedures at the credit agency (SCHUFA Holding AG, Kormoranweg 5, D-65201 Wiesbaden, Germany, or Creditreform Boniversum GmbH, Hellersbergstr. 11, 41460 Neuss, Germany, or infoscore Consumer Data GmbH, Rheinstraße 99, 76532 Baden-Baden, Germany), so-called scoring. For this purpose, your personal data which are necessary for the credit assessment (name, address, birthday) are transferred to the credit agency. We process your personal data for the purpose of credit assessment to avoid payment default. On the basis of the transferred personal data, including address data, a statistical probability of a credit default and thus your solvency is calculated. The credit agency then transfers your score value to us. Furthermore, CTS EVENTIM reserves the right to transmit data on non-contractual behaviour or fraudulent behaviour to SCHUFA Holding AG, Kormoranweg 5, 65201 Wiesbaden, or Creditreform Boniversum GmbH, Hellersbergstr. 11, 41460 Neuss, or infoscore Consumer Data GmbH, Rheinstraße 99, 76532 Baden-Baden in the event of continued non-payment of claims that are not substantiated and disputed. The data exchange with SCHUFA, Boniversum or infoscore also serves the fulfilment of legal obligations to carry out creditworthiness checks of customers (§§ 505a and 506 BGB). SCHUFA, Boniversum or infoscore process the data received and also use them for the purpose of creating a profile (scoring) in order to provide their contractual partners in the European Economic Area and in Switzerland as well as any other third countries (insofar as the European Commission has issued a decision on the appropriateness of such data) with information for the purpose of assessing the creditworthiness of natural persons, among other things. This personal data is processed for the execution of your contract with us on the basis of Art. 6 Para. 1 Sentence 1 lit. b) GDPR as well as due to our legitimate interest in avoiding a default of payment on your part, according to Art. 6 Para. 1 Sentence 1 lit. f) GDPR.
  • 3. If you choose the payment method installment purchase and invoice purchase, Klarna Bank AB reserve the right to obtain creditworthiness information within the scope of this contractual relationship. For further information please refer to the General Terms and Conditions and Privacy Policy of Klarna Bank AB (publ).
  • 4. The decision as to whether payment by direct debit, hire purchase and/or invoice purchase is possible is based on an automated decision. If your customer and order data are similar to the data of an order with payment problems, one of our employees will check your order process separately and manually.
  • 5. If the credit check is positive, payment by direct debit, hire purchase and/or purchase on account is possible; if it is negative, we cannot offer you the payment method “direct debit”, “hire purchase” and/or “purchase on account”. Payment by another payment method is still possible.
  • 6. Die The scope of the scoring is limited to whether payment by direct debit, hire purchase and/or purchase on account is possible. We use the scoring exclusively to prepare and execute the contract with you and to protect ourselves against possible payment defaults.
  • 7. Further information on the activities of the SCHUFA can be found in the SCHUFA Information Sheet pursuant to Art. 14 GDPR or can be viewed online at https://www.schufa.de/de/datenschutz-dsgvo/. The same applies to the infoscore information sheet .

• 2.6 Shopping cart canceller emails

  • 1. If you have started an order process in our ticket shop on our website but have not completed it, we will send you a reminder email to the email address stored in your customer account regarding the purchase process you have started. You can complete this purchase process by logging into your customer account on our website.
  • 2. We collect and store your personal data to identify unfinished shopping carts. The collection and storage of your personal data is based on Art. 6 Para. 1. Sentence 1 lit. a) GDPR. If you wish to object to the data processing, please click on the following link: Cookie settings
  • 3. We process your personal data in order to remind you within the context of marketing measures of purchase processes that you have not yet completed. If you have not yet purchased a ticket from us, we will process your data on the basis of your consent according to Art. 6 Para. 1 Sentence 1 lit. a) GDPR. If you have already purchased a ticket from us, we process your personal data provided in previous order processes due to our legitimate interest in carrying out marketing measures on the basis of Art. 6 Para. 1 Sentence 1 lit. f) GDPR.

• 2.7 Customer surveys

  • 1. To continuously improve our products and services and adapt them to your needs, we regularly invite our customers to participate in customer surveys. In doing so, we will use the information you provide during the purchase process (Sections 2.3, and 2.4) to contact you.
  • 2. Due our legitimate interest in improving our products and services, we process your personal data on the basis of Art. 6 Para. 1 Sentence 1 lit. f) GDPR.
  • 3. When you receive our customer surveys, we analyse and document whether you open the customer surveys and how you use it. In doing so, we process your personal data on the basis of our legitimate interest in designing our customer surveys to meet your needs, on the basis of Art. 6 Para. 1 Sentence 1 lit. f) GDPR.

• 2.8 Information emails, mailings and newsletters

  • 1. If you visit our website for information purposes only (Section 2.1) or if you create a customer account (Sections 2.2), you can register for our newsletter. If you would like to be informed as soon as your favorite artists and events are scheduled, you can register for our ticket alert and our waiting list or possibly a ticket sales registration. If you have created a customer account and have given consent, we will send you information about artists, venues and events that you have marked your favorites and bookmarks. Via the newsletter and the ticket alert to favorites, bookmarks and ticket sales registration as well as the waiting list newsletter, we inform you about products and services and also advertise them, if necessary, personalized. In doing so, we process your personal data on the basis of your consent as defined in Art. 6 Para. 1 Sentence 1 lit. a) GDPR.
  • 2. If you have purchased a ticket from us (Section 2.3) we may send you information emails in order to inform you, for example, about the directions, parking spaces and specifications of the promoter (such as bag size). For this purpose, we process your personal data for the purpose of contract execution on the basis of Art. 6 Para. 1 Sentence 1 lit. b) GDPR.
  • 3. After purchasing a ticket, we send you individual mailings about similar events, services and promotions (by post in some cases) as well as birthday emails. We will send these individual mailings regardless of whether you have subscribed to a newsletter. Due to our legitimate interests in informing you about changes to our products and services, in advertising our products and services and in carrying out marketing measures, we process your personal data on the basis of Art. 6 Para. 1 Sentence 1 lit. f) GDPR.
  • 4. After your order has been placed, we will send you an order confirmation by e-mail. We process your personal data for this purpose on the basis of our legitimate interests within the meaning of Art. 6 Para. 1 Sentence 1 lit. f) GDPR.
  • 5. When you subscribe to our newsletter and electronic mailings we analyse and document whether you open and how you use them. We process your personal data on the basis of Art. 6 Para. 1 Sentence 1 lit. f) GDPR to pursue our legitimate interest of structuring our newsletter and mailings in accordance with your needs and to improve the range of our marketing campaigns.
  • 6. By providing your consent on this website, you have the option to subscribe to marketing communications (e.g., newsletters and mailings, possibly also by post) from the Deutscher Basketball Bund e.V. (DBB) and from the International Basketball Federation (FIBA). For this purpose, your personal data will be transmitted to the partners and processed by them under their own data protection responsibility. Your personal data will be processed on the basis of your consent pursuant to Art. 6 (1) sentence 1 lit. a) GDPR.
• • 1. When you visit our website and mobile apps, we collect data with your consent and link it to information that you provide to us, for example during the purchase process or when registering for our information channels (e.g. Eventim-News), in order to create and enrich pseudonymised user profiles and create target group segments on their basis. The profiles and target group segments are used for analysis purposes and to show you more personalised and interesting information on our website, mobile apps, in the newsletter and on other communication channels (e.g. online advertising activities on third-party sites). This provides you with more personalised and interesting content (see sections 2.1.2, 2.1.3, 2.1.4 and 2.13). This also includes the use of these profiles to carry out online advertising activities for third parties such as event organisers. For this purpose, we collect and process:
    • • Information on the visit path
    • • Search behaviour on our website and apps
    • • Order and shopping basket data (incl. order number)
    • • Personal settings, such as Eventim favourites and bookmarks, ticket alerts, etc.
    • • Geoinformation derived from shortened IP address
    • • Browser and device information (user agent)
    • • Pseudonymised IDs such as cookie IDs, mobile ad identifiers, hash values from email addresses and customer numbers
    The user profiles and target group segments created are transferred to our systems for onsite design, online advertising activities and newsletter or direct marketing communication (see sections 2.1.2, 2.1.3, 2.8).
  • 2. The creation of profiles and target group segments and their use is based exclusively on your consent within the meaning of Art. 6 Para. 1 Sentence 1 lit. a) GDPR. If you do not wish to receive any personalised content, you can change this at any time with effect for the future. To do so, revoke the consent you have given in the: Cookie settings and your consent for EVENTIM news (unsubscribe link).
  • 3. We use Zeotap GmbH ("Zeotap") to link your information on the basis of generated pseudonymised IDs. The pseudonymised IDs include, for example, the hash value created from your email address that you have stored in your customer account. In hashing, the email address is converted into an unchangeable alphanumeric value or hash value using a protected encryption process. The encryption process ensures that the same hash value is always generated for an individual e-mail address. This value in turn cannot be converted back into the original e-mail address.
  • 4. Your data is processed and stored by Zeotap within the EU. In individual cases, Zeotap India Private Ltd. may access the data for technical support. This data transfer takes place on the basis of EU standard contractual clauses. This ensures adequate protection of your personal data. Further information can be found at https://zeotap.com/product-privacy-policy-de/.

• 2.10 Customer Service

  • 1. If you have any questions about events, your purchase (for example your ticket purchase), your customer account, our chatbot and live chat or other EVENTIM products and services, if you wish to exercise your rights under this information on data protection or if you wish to make a complaint, you can contact us (see contact details under Section 1.2).
  • 2. Depending on the subject of your request, we may use your personal data stored in our systems in the course of other data processing (e.g., data that you have provided when purchasing tickets) to answer your questions. If and to the extent necessary to answer your inquiry, we also collect data from external sources (e.g., inquiry with the shipping service provider in the context of a shipment tracking or a request for investigation).
  • 3. Your personal data are processed for the purpose of executing the contract with you on the basis of Art. 6 Para. 1 Sentence 1 lit. b) GDPR. If you exercise your rights towards us, we process your personal data for the purpose of fulfilling a legal obligation on the basis of Art. 6 Para. 1 Sentence 1 lit. c) GDPR. If you wish to inform yourself about our products and services or to make a complaint, we process personal data due to our legitimate interests in carrying out marketing measures and responding to your complaint on the basis of Art. 6 Para. 1 Sentence 1 lit. f) GDPR. In addition, based on our legitimate interest, we process your personal data to ensure efficient, fast and high-quality customer service. We also use automated systems to help us process customer requests. These systems help us with the pre-qualification, prioritisation and partially automated response to customer requests.
  • 4. If you send us health data within the scope of your inquiry (e.g., information that you have a severe disability), we process this personal data only and insofar as this is necessary to answer your request and you have given us your express consent for this as defined in Art. 6 Para. 1 Sentence 1 lit. a) GDPR.
  • 5. We are available to you with our customer service chatbot and live chat. You will receive answers to your booked events, your account and many other topics via the chatbot and live chat. Depending on the subject of your inquiry, we and our service provider Novomind AG process your personal data after authentication by means of a login (e.g. order data) or checking a selection of your personal data. Cookies are placed for the technical functioning of the chatbot and live chat. The placement of cookies is based on your consent within the meaning of Art. 6 Para. 1 Sentence 1 lit. a) GDPR. To answer your inquiries, we process your personal data for the purpose of contract fulfilment on the basis of Art. 6 Para. 1 Sentence 1 lit. b) GDPR and on the basis of our legitimate interest in automated, effective customer service (Art. 6 Para. 1 Sentence 1 lit. f) GDPR). The customer care chatbot processes personal data using artificial intelligence.
  • 6. Cookies are placed for the technical functioning of the chatbot and live chat. The placement of cookies is based on your consent within the meaning of Art. 6 para. 1 sentence 1 lit. a) GDPR. In order to respond to your enquiries, we process your personal data for the purpose of fulfilling the contract on the basis of Art. 6 para. 1 sentence 1 lit. b) GDPR and on the basis of our legitimate interest in automated, effective customer service (Art. 6 para. 1 sentence 1 lit. f) GDPR). The customer service chatbot processes personal data using artificial intelligence.

• 2.11 Reversed transactions on tickets

  • 1. If necessary, it comes to a reversed transaction of your order. Your personal data will be processed on the basis of Art. 6 Para. 1 Sentence 1 lit. b) GDPR.
  • 2. If you have not purchased your ticket from us yourself, but received it as a gift from the buyer, for example, and now send in the ticket due to the cancellation or relocation of the event, we process the data that you as a different sender provide us with informally or via the form on our website. We process your personal data for the purpose of returning your ticket and making a refund on the basis of Art. 6 Para. 1 Sentence 1 lit. b) GDPR.
  • 3. If you have provided special personal data as defined in Section 2.3.5 on yourself or a third party when purchasing a ticket, we process this data for the purpose of reversing the ticket transaction on the basis of your consent as defined in Art. 6 Para. 1 Sentence 1 lit. a) GDPR. Section 2.3.4 applies accordingly.

• 2.12 Dunning, collection and enforcement and defence of legal claims

  • 1. In the case of outstanding receivables to us, we notify you by email, SMS, post or telephone and, if necessary, send you a reminder. If and to the extent that no payment is made by you as a result, a collection procedure is initiated. If and to the extent that no payment is made by you as a result, a collection procedure is initiated.
  • 2. The collection procedure is carried out by a collection service provider commissioned by us. As far as this is necessary for the execution of the collection procedure, the collection service provider carries out address investigations and accesses public registers for this purpose.
  • 3. We process your personal data for the purpose of executing and processing the contract with you on the basis of Art. 6 Para. 1 Sentence 1 lit. b) GDPR and due to our legitimate interests in preventing misuse of our services and enforcing our legal claims, including collection, on the basis of Art. 6 Para. 1 Sentence 1 lit. f) GDPR.
  • 4. We process your personal data to enforce and/or defend our rights or the rights of third parties (e.g., sports clubs and associations etc. for the purpose of prosecuting violations of their ticket terms and conditions). If and insofar as this is necessary to enforce and/or defend our rights or the rights of third parties, we also use data from other sources (e.g., public registers) for this purpose. We process your personal data due to a legal obligation on the basis of Art. 6 Para. 1 Sentence 1 lit. c) GDPR and due to our legitimate interest in safeguarding, enforcing and / or defending our legal interests or the interests of third parties on the basis of Art. 6 Para. 1 Sentence 1 lit. f) GDPR.

• 2.13 Other processing

  • 2.13.1 Performance of internal audits and compliance
    • 1. If we implement compliance programs and measures, for example to implement the requirements of the German Corporate Governance Code (DCGK) and to identify and correct misconduct, corresponding processing of your data may also occur. Additionally, your personal data can be processed within the Eventim Group in Germany and abroad in connection of internal audits.
    • 2. We process your personal data to comply with our statutory obligations, on the basis of Art. 6 Para. 1 Sentence 1 lit. c) GDPR. In addition, due to our legitimate interests in reviewing the processes and efficiency in the group of companies, correcting any misconduct and preventing fraud and, if necessary, in enforcing and/or defending our rights, we process your personal data on the basis of Art. 6 Para. 1 Sentence 1 lit. f) GDPR.
  • 2.13.2 Preparation of analyses
    • On the basis of your data, which we process as defined in Section 2 of this information on data protection, we may prepare analyses. These serve as the basis for business decisions to improve our products and services and adapt them to the needs of our customers. Due to our legitimate interest in improving our offer, we process your personal data on the basis of Art. 6 Para. 1 Sentence 1 lit. f) GDPR. The analyses created on this basis no longer contain any personal references, meaning it is no longer possible to draw any conclusions about your person.
  • 2.13.3 Booking of travel insurance
    • If you book travel insurance from Ergo Reiseversicherungsgesellschaft during the ticket purchase in the online ticket shop, we will process your personal data and store this information in your order record. Subsequently, we will transmit personal data to the insurer Ergo.

3 Storage and erasure of your personal data

• 1. We store your personal data for as long and as far as it is necessary for the purposes for which they are processed (Section 2).
• 2. As soon as the data is no longer required for the purposes stated in Section 2, we store your personal data for the period in which you can assert claims against us or we against you (statutory limitation period usually of three years, beginning at the end of the year in which the claim arises; e.g., at the end of the ticket transaction).
• 3. In addition, we store your personal data for as long as and insofar as we are legally obliged to do so. Corresponding proof and storage obligations result, inter alia, from the German Commercial Code and the German Fiscal Code (e.g., Section 257 HGB; Section 147 AO). The retention period is up to ten years.

4 Categories of recipients of personal data

• 1. When providing, implementing and managing our products and services, we collaboratively transfer your personal data to companies within the EVENTIM Group as part of a work-sharing process. The transfer is based on our legitimate interest in carrying out internal administrative activities efficiently and collaboratively, for fraud prevention to ensure the security of our customer accounts, as well as in improving our products and services on the basis of Art. 6 Para. 1 Sentence 1 lit. f) GDPR.
• 2. When you purchase tickets on this website (Section 2.4), we process your personal data as joint controllers with our partner. On the basis of the agreement concluded with our partner (Art. 26 in conjunction with Art. 6 Para. 1 Sentence 1 lit. b) GDPR), we transfer your personal data for the purpose of contract execution and, if applicable, processing with you on the basis of Art. 6 Para. 1 Sentence 1 lit. b) GDPR. Our partner also use the personal data to organise the event for which tickets were purchased and probably to send emails for information and marketing purposes. This is done on the basis of the cooperation partner’s legitimate interest in providing purchasers of an event with relevant information about the event as well as communications when the same or similar event to the one for which a ticket was purchased takes place. Your personal data is processed on the basis of Art. 6 Para. 1 Sentence 1 lit. f) GDPR.
• 3. If you purchase our products and services on our website or register for newsletters, we will transfer your personal data to EVENTIM Media House GmbH for the purpose of carrying out advertising measures if you give us your consent to do so within the meaning of Art. 6 Para. 1 Sentence 1 lit. a) GDPR.
• 4. If you subscribe to marketing communications from the Deutscher Basketball Bund e.V. (DBB) or from the International Basketball Federation (FIBA) on our website, we will transmit your personal data to these partners. Your personal data will be processed on the basis of your consent pursuant to Art. 6 (1) sentence 1 lit. a) GDPR.
• 5. In addition to this, your personal data is transferred to service providers who provide the platforms, databases and tools for our products and services (e.g., our website, the sale of tickets, sending of newsletters and information emails), create analyses of user behaviour on our website, display marketing campaigns and process your personal data on our behalf as part of ticket purchases. The transfer of your personal data takes place for the purpose of contract execution with you on the basis of Art. 6 Para. 1 Sentence 1 lit. b) GDPR, due to our legitimate interest in improving and promoting our products, on the basis of Art. 6 Para. 1 Sentence 1 lit. f) GDPR and provided that you have given us your consent within the meaning of Art. 6 Para. 1 Sentence 1 lit. a) GDPR for the processing of your personal data.
• 6. When you purchase a ticket on our website, we offer you various payment options. For the processing of the payment and, if necessary, a refund of the purchase price, we transfer your personal data to banks, payment service providers, financial service providers and credit card companies, depending on the selected payment method. We transfer your personal data for the processing of your ticket purchase and, if necessary, the reverse transaction on the basis of Art. 6 Para. 1 Sentence 1 lit. b) GDPR. In addition, we may also transfer your personal data to credit agencies to check your creditworthiness (see Section 2.5). The transfer is made to execute the contract with you on the basis of Art. 6 Para. 1 Sentence 1 lit. b) GDPR and due to our legitimate interest in avoiding payment defaults on your part, according to Art. 6 Para. 1 Sentence 1 lit. f) GDPR.
• 7. If we send you your ticket by postal services, we transfer your personal data to shipping service providers. The transfer takes place for the purpose of contract execution with you on the basis of Art. 6 Para. 1 Sentence 1 lit. b) GDPR.
• 8. If you fail to meet your payment obligations, we initiate a collection procedure (Section 2.12). For the execution of the collection procedure, we transfer your personal data to collection service providers who carry out the procedure for us. We process your personal data for the purpose of executing and processing the contract with you on the basis of Art. 6 Para. 1 Sentence 1 lit. b) GDPR and due to our legitimate interests in enforcing our legal claims, including collection, on the basis of Art. 6 Para. 1 Sentence 1 lit. f) GDPR.
• 9. In the context of legal disputes, we transfer your data to the competent court and, if you have appointed a lawyer, to him/her to carry out the legal dispute. We process your personal data on the basis of a legal obligation on the basis of Art. 6 Para. 1 Sentence 1 lit. c) GDPR and due to our legitimate interest in representing, enforcing and / or defending our legal interests, on the basis of Art. 6 Para. 1 Sentence 1 lit. f) GDPR.
• 10. We are entitled to transfer your personal data to the Event Organizer if there is a suspicion that you have violated the Organizer's general terms and conditions, so that the organizer can take legal action or assert other legal claims against you. The processing of your personal data is carried out for the purpose of implementing and executing the contract on the basis of Art. 6 Paragraph 1 Sentence 1 lit. b) GDPR as well as on the basis of the legitimate interests of the respective organiser for the purpose of legal prosecution on the basis of Art. 6 Paragraph 1 Sentence 1 lit. f) GDPR.
• 11. Information emails, mailings and newsletters (Section 2.8) are sent by service providers commissioned by us and, in some circumstances we may analyse and document your use of them. For this purpose, we transfer your personal data to the service providers. In doing so, we process your personal data as follows:
  • If you give us your consent to send you newsletters when visiting our website for information purposes only (Section 2.1) or when creating a customer account (Sections 2.2), we transfer your data on the basis of your consent within the meaning of Art. 6 Para. 1 Sentence 1 lit. a) GDPR.
  • After purchasing a ticket (Sections 2.3 and 2.4) we transfer your personal data in order to provide you with information on the event, for the purpose of executing the contract with you on the basis of Art. 6 Para. 1 Sentence 1 lit. b) GDPR
  • In addition, after purchasing a ticket (Sections 2.3 and 2.4) we transfer your personal data to inform you about changes to our products and services and to promote our products. The transfer of your personal data occurs due to our legitimate interest in carrying out marketing measures, on the basis of Art. 6 Para. 1 Sentence 1 lit. f) GDPR.
  • In order to analyse the use of our newsletter and mailings, we transmit your personal data on the basis of Art. 6 Para. 1 Sentence 1 lit. f) GDPR to pursue our legitimate interest of structuring our newsletter and mailings in accordance with your needs and to improve the range of our marketing measures.
• 12. We conduct customer surveys and customer evaluations. For this purpose, your contact details are sent to our mailing service providers, via whom we invite you to our surveys and evaluations. We process your personal data on the basis of our legitimate interest in improving our products and services on the basis of your evaluation and conducting surveys and evaluations efficiently, on the basis of Art. 6 Para. 1 Sentence 1 lit. f) GDPR.
• 13. If we transfer data to recipients in a third country (located outside the European Economic Area), you can find a description under section 2. Some third countries are certified by the European Commission through so-called adequacy decisions to have a data protection standard that is comparable to the level in the European Economic Area. A list of these countries can be found here(Link zu https://commission.europa.eu/law/law-topic/data-protection/international-dimension-data-protection/adequacy-decisions_de?etrans=de)). If a country does not have a comparable data protection standard, we ensure that data protection is adequately guaranteed by other measures, e.g. by means of standard contractual clauses of the European Commission for the protection of personal data (https://eur-lex.europa.eu/legal-content/DE/TXT/?uri=CELEX:32021D0914&qid=1694511844343) or binding internal data protection regulations (so-called Binding Corporate Rules).
• 15. Beyond this, we transfer your personal data only and insofar a legal obligation exists on our part to pass it on. The transfer takes place on the basis of Art. 6 Para. 1 Sentence 1 lit. c) GDPR (e.g., to the police authorities in the context of criminal investigations or to the data protection supervisory authorities).

5 Justified interests in data processing and objection

• 1. We process your personal data as defined in Section 2. due to our legitimate interests particularly in ensuring IT security on our website, carrying out analyses and marketing measures, informing you about our products and services, increasing the scope of our products and marketing measures, preventing fraud and misuse, avoiding payment defaults, representing, enforcing and defending our legal interests (possibly also in court) and carrying out internal administration efficiently and collaboratively.
• 2. To the extent, we process your personal data on the basis of these legitimate interests (Art. 6 Para. 1 Sentence 1 lit. f) GDPR), you have the right to object at any time to the processing of your personal data on grounds relating to your particular situation. Notwithstanding the above, in cases of direct advertising (such as newsletters or retargeting measures) you have the right to object at any time to the processing of your personal data without giving reasons. We will then no longer process your data for this/these purpose(s) unless our legitimate interests in processing overweight or the processing serves to establish, exercise or defend legal claims. Please send your request to:
  • by email to kundenservice@eventim.de,
  • by tel. to +49 (0) 1806 533 933 (€ 0.20 /call incl. VAT from German landlines, max. € 0.60 /call incl. VAT from German mobile networks) or
  • in writing to CTS EVENTIM AG & Co. KGaA, Data Protection, Hohe Bleichen 11, D-20354 Hamburg, Germany.
• 3. If you object to the data processing according to Section 5.2, we process your personal data collected in this context to answer your inquiry. Your personal data is processed in order to fulfil a legal obligation on the basis of Art. 6 Para. 1 Sentence 1 lit. c) GDPR.

6 Consent and revocation of your consent

• 1. If you have given us your consent for the processing of your personal data, you can revoke this at any time. The revocation of your consent is effective for the future. The legality of the processing of your personal data up to the time of revocation remains unaffected.
  Your consent to the use of your email address for the purpose of advertising or market or opinion research can be revoked independently in the login area "My EVENTIM". To log out of all subscribed email services, please log in to "My EVENTIM" and select "Unsubscribe" on the page "Newsletter & Ticket Alarm" in the bottom section:https://www.eventim.de/?affiliate=B1W&fun=page&pagename=mycustomerdata
  
  Otherwise, please address your revocation:
  • by email to kundenservice@eventim.de,
  • by tel. to +49 (0) 1806 533 933 (€ 0.20/call incl. VAT from German landlines, max. € 0.60/call incl. VAT from German mobile networks) or
  • in writing to CTS EVENTIM AG & Co. KGaA, Data Protection, Hohe Bleichen 11, D-20354 Hamburg, Germany.
  
• 2. If you revoke your consent, we will process your personal data collected in this context to respond to your inquiry. Your personal data is processed in order to fulfil a legal obligation on the basis of Art. 6 Para. 1 Sentence 1 lit. c) GDPR.

7 Your rights

• 1. You may at any time, in accordance with the GDPR, request that we
  • • provide you with information about the personal data concerning you that we process (Art. 15 GDPR),
  • • rectify any personal data concerning you that is inaccurate (Art. 16 GDPR) and/or
  • • erase (Art. 17 GDPR), block (Art. 18 GDPR) and/or release (Art. 20 GDPR) your personal data stored by us..
• 2. Please send your request:
  • • by email to kundenservice@eventim.de,
  • • by tel. to +49 (0) 1806 533 933 (€ 0.20 /call incl. VAT from German landlines, max. € 0.60 /call incl. VAT from German mobile networks) or
  • • in writing to CTS EVENTIM AG & Co. KGaA, Data Protection, Hohe Bleichen 11, D-20354 Hamburg, Germany.
• 3. If you assert your rights against us, we process your personal data collected in this context to answer your inquiry. Your personal data is processed in order to fulfil a legal obligation on the basis of Art. 6 Para. 1 Sentence 1 lit. c) GDPR.
• 4. Without prejudice to your rights under Section 7, you may lodge a complaint with a data protection supervisory authority if you believe that EVENTIM's processing of personal data concerning you is in breach of the GDPR (Art. 77 GDPR).

8 Other

• 1. The provisions of this information on data protection (available free of charge on our website), including the cookie information of CTS EVENTIM AG & Co. KGaA (available free of charge on our website) apply in the version valid at the time of use of our website.
• 2. We reserve the right to supplement and amend the content of the information on data protection. The updated data protection information is valid from the time it is published on our website.

9 Contact details of the Data Protection Officer

Please direct any questions regarding data protection to:
Data Protection Officer
CTS EVENTIM AG & Co. KGaA
Hohe Bleichen 11
D-20354 Hamburg, Germany
E-Mail: datenschutz@eventim.de

With regard to Deutscher Basketball Bund e.V. (DBB) ), we refer to our partner’s privacy notice:
https://www.basketball-bund.de/datenschutz/

10 Cookie information

Scope of application

These cookie informations specify Section 2.1.4 of the Privacy Notice and provide details on the use of cookies in the partner shop (https://eventim.de/?affiliate=B1W) durch die CTS EVENTIM AG & Co. KGaA und dem Deutscher Basketball Bund e.V. (DBB) informiert.
With regard to cookies of Deutscher Basketball Bund e.V. (DBB), we refer to our partner’s privacy notice:
https://www.basketball-bund.de/datenschutz/

General information on cookies

“Cookies” are small text files which are saved in the browsers of your end devices when you visit our website. Cookies can save and track your actions and settings in our website for the duration of the browser session and, in some cases, beyond this. Cookies also enable the recognition of your browser. For instance, after leaving the website, the content of your shopping basket is reconstructed or events recently viewed are displayed again.

Types of cookies used

• First-party-Cookies:On the one hand, we use first-party cookies, i.e. cookies placed by our server on our website and which can only be accessed via our server.
• Third-party cookies : On the other, our website also incorporate third-party cookies which are placed by servers of others and/or our website or domains and that can be read by third parties. With these cookies, your browser can be tracked beyond our website, for instance so as to be able to display EVENTIM advertisements on the website of our partner companies.

Storage period of the cookies

• Session cookies: Some of the cookies we use are session cookies, i.e. cookies which are only stored for the duration of your visit to our website.
• Persistent cookies : We also use persistent cookies which stay saved on your browser after the session and are automatically deleted after a predefined expiry date.

Purposes of using cookies

• : These cookies are necessary for the website to function and cannot be switched off in our systems. They are usually only set in response to actions made by you which amount to a request for services, such as setting your privacy preferences, logging in or filling in forms. You can set your browser to block or alert you about these cookies, but some parts of the site will not then work. These cookies do not store any personally identifiable information.
• Statistical and Comfort Cookies: These cookies enable the website to provide enhanced functionality and personalisation. They may be set by us or by third party providers whose services we have added to our pages. If you deactivate these cookies, then some of our services may not function properly.
• Marketing-Cookies: These cookies may be set through our site by our advertising partners. They may be used by those companies to build a profile of your interests and show you relevant adverts on other sites. They do not store directly personal information but are based on uniquely identifying your browser and internet device. If you deactivate these cookies, you will experience less targeted advertising.

Cookie settings by users

Via your browser settings you can limit or completely prevent the storage of (certain) cookies for all website and delete any cookies that have already been saved. For more information about this please consult the instruction manual or help functions of your browser.

Our website can in principle still be visited and used after restricting/deactivating cookies in the browser settings. However, please note that in particular the complete deactivation of cookies can limit the functionalities of our website.

You can prevent future collection of your data when visiting our website by clicking on the following link and changing your settings there: Cookie Settings

Date: Spetember 2025