I. WEB FEATURES MANAGEMENT
A cookie is “a text file that a Web browser stores on a user’s machine after the 1st visit. Websites activates cookies for authentication, storing website information/preferences, other browsing information and anything else that can help the Web browser while accessing Web servers. HTTP cookies are known by many different names, including browser cookies, Web cookies or HTTP cookies.”
- Session: it expires when the browser is closed
- Permanent: it persists even when the browser is closed. They have an expiration date though and by law (e.g. remember passwords and login in order to not re-enter them every time.)
- Third-party: Cookies attributes usually corresponds to the website domain they are on. Not for third-party cookies—as you probably gathered from the name, they are installed by third-party websites (no way), such as advertisers. They gather data about your browsing habits and allow them to track you across multiple websites. Other websites using third-party cookies: Facebook, Flickr, Google Analytics, Google Maps, Google Plus, SoundCloud, Tumblr, Twitter and YouTube.
Considering these definitions, Rockhal shall use only the add the one you use
B. Purposes of using Cookies
The cookies used on our website enable us to identify the pages a user visits, the resources he or she downloads and more generally their on-site visiting behaviour.
– Optimizing the user experience on our site
- by offering personalized content and highlighting resources on rockhal.lu
- by adapting rockhal.lu’s interface to the device you are using (language, resolution, OS, etc),
- by memorizing information contained in forms you filled out on our site or via partner technologies* (sign-in to a real-life or virtual event, download of a resource, demo request, access to your Name’s account).
[More details : * Google Analytics]
– Improving our website
- Cookies help collect statistical data regarding site frequentation and content consumption and enable us to offer an experience adapted to your needs and interests.
– Measuring our audiences
- We are using (e.g. Google Analytics) to measure our website’s audiences.
According to content consumed by the visitor on rockhal.lu, cookies enable us to offer targeted ads regarding our content and services via the Rockhal’s retargeting service and receives on behalf of the client. Examples of categories of such personal data can be found in the previous section.
C. Third-party cookies
Third-party cookies are deposited by other companies such as partners while you are surfing on our site or sharing personal data on our site using external services.
We are particularly vigilant as to the observance of partner websites of national data protection regulation and GDPR compliance and request that they take all appropriate measures regarding security and confidentiality of personal data.
Please find below the purpose of the cookies we are aware of and the means at your disposal to change cookie setup.
D. Third-party apps integrated into our website
We are using third-party apps on our web site in order to:
- to share our site’s content with others (social sharing buttons): The corresponding social networks may be able to identify you via this button, even if you don’t use it while browsing our site or app. If you opened a session on one of the networks on the device you use to visit our website before arriving on our site, the network can track your navigation on our site. We have no control over the collection of data by the social network regarding your navigation on our site and do not have access to personal data in their possession. However, you can access the confidentiality policy of the social network to learn more about the subject and regulate the information you agree or refuse to share.
- to collect your personal data (name, first name, email): We have no control over the quality of data management Google Analytics.
E. Web tags and other technologies
We use web tags to track your navigation on our site and in our emails (via our marketing automation solution). Web tags are code lines that recognize given types of information on your computer, such as cookies, time and date of a page visit, or description of the page where the tag is located.
We use this type of tags to improve the navigation experience on our site and to understand if user read and click our emails, with the aim to offer users’ content consistent with their expectations.
F. Mobile device
Certain mobile devices send information regarding the model of the phone the OS version, the connectivity, the name and version of used apps or the geographical location at the time of the connection. This data is automatically processed by rockhal.lu and some of Rockhal’s partners’ servers (Google Analytics). This enables us to offer relevant experiences, in line with the technical characteristics of your device.
You can choose not to receive cookies from our website at any time. You can decide to block cookies we may deposit in your navigator, either case by case or by refusing them systematically once and for all.
Note that if you refuse our cookies, we cannot guarantee an optimized browsing experience.
For an efficient cookie management meeting your requirements please use your browser’s setup options, considering the cookies’ purpose (as mentioned above).
You can also delete cookies already stored in your browser. For instance, to delete cookies deposited by rockhal.lu:
- Google Chrome
Open the browser’s “Settings” tab. Click on “Advanced” followed by “Privacy and security”, “Content settings», then “cookies” and “See all cookies and site data”. Search “Rockhal”, tick the boxes and delete.
Open the browser’s “Options” tab and select “Privacy and Security”. In the “History” section, click on “remove individual cookies”. Search files containing the name “Rockhal”, select and delete them.
- Microsoft Edge
Click on the “Other action”, then on “Settings” ». Click on ” Choose data to delete”. Check the box “Cookies data from registered websites”, search files containing “Rockhal”, select and delete them.
Open, the browser’s “Preferences” tab and open the tab “Confidentiality”. Click on “Manage website data”, search files containing “Rockhal” select and delete them. Click on “Done”.
II. Web analysis by Google Analytics
This website uses the “Google Analytics” services, offered by Google Inc. (1600 Amphitheatre Parkway Mountain View, CA 94043, USA), to analyse the users ‘website experience. This service uses “cookies “– text files, which will be saved on your device. The information collected via these cookies is typically sent and saved to one of the Google servers in the US.
According to the recent CJEU’s judgement (SCHREMS II) and the GDPR rules, the set of operations shall be covered by another appropriate safeguards among other :
- such an additional contractual provision in the agreement between Rockhal and the service provider or based on a new draft of Standard Contractual Clauses.
- Technical and organisation measures: this website is subject to IP anonymisation. Inside the EU and the European Economic Area, the respective user’s IP address will be abridged. This process eliminates any personal connection of the IP address to the user. In connection with the agreement on contracted data processing entered by and between the website operator and Google Inc., the latter will use the collected information to provide the former with an evaluation of the users‘ website experience and the website performance and to provide services related to internet use.
You may prevent cookies from being saved to your system by changing the corresponding settings in your browser. Should your browser not accept cookies, we cannot guarantee that you may use all functions of this website without constraints.
Furthermore, you may use a browser plug-in to prevent that the data collected by the cookies (including your IP address) will be sent to and used by Google Inc. The following link will lead you to the corresponding plug-in: https://tools.google.com/dlpage/gaoptout?hl=de
As an alternative to the browser add-on or with browsers on mobile devices, please click on this link to prevent Google Analytics from future data collection on this website (the opt-out will only apply to this browser and to the present domain. Clicking the provided link will save an opt-out cookie to your device. Should you delete the cookies saved to your browser, you will have to click the provided link again to enable the opt-out anew.
Use the following link to find out more about data usage by Google Inc.: https://support.google.com/analytics/answer/6004245?hl=de
The purpose of this privacy notice (hereinafter “notice“) aims to provide the information about how the public establishment “établissement public Centre de Musiques Amplifiées- Rockhal (hereinafter ”Rockhal”) ,acting as controller, collects, processes, shares and protects your personal data collected during the visit of its website, in accordance with the General Data Protection Regulation (“GDPR”) and the applicable national laws.
Rockhal is committed to protect the privacy of everyone, and thus to comply with the laws and regulations on personal data come into force.
Please note: According to the sanitary measures taken by the Grand-Ducal authorities resulting from COVID 19 Pandemic, Rockhal shall respect and implement the requirements of the regulatory provisions relating to sanitary measures in force, which entails a series of changes to the processing of your data. For further information, please visit www.covid19.lu and Ministry of Culture website (FR)
I. Who are we acting as Controller?
The controller as defined in the General Data Protection Regulation (GDPR) and other data protection legislation passed by the member states as well as other data protection regulations is the following one:
ROCKHAL / Centre de Musiques Amplifiées / 5, Avenue de Rock ‘n’ Roll / L-4361 Esch/Alzette
II. Which personal data do we collect?
We collect your personal data when you visit our website, when you use our featured services online (e.g. ticketing online, contact form, online subscriptions). The data collected include among other, the following ones:
- Website navigation data (e.g. timestamp, IP address technical data relating to equipment and browser used, cookies).
- Personal identification data that you may communicate to us during the set of operations for ticketing, subscriptions and contact forms (e.g. email address, last name, first name, phone number, function, company, bank details for any ordering, etc)
III. Why do we collect your personnel Data?
1. Web features management
Manage a website requires processing of data (= what we use), logic (= how we do) and views (= what you see). This processing includes the following purposes:
- To share with you, on your demand, various information relating to Rockhal and its products and services;
- To follow the requests management for information or contact made by email.
- To optimise our website and to ensure the safety of our information technology. We do not evaluate this data for marketing purposes.
These processing are based on your consent, which means that you are asked for approval to be contacted by Rockhal for further marketing issues or contact.
2. Marketing issues
- Contact form: We shall exclusively process data entered in the interface for processing the user’s contacting. The contact email is based on the necessary legitimate interest in processing the corresponding data.
The personal data additionally processed during transmission helps to prevent abuse of the enquiry form and to ensure the safety of our information technology.
- Newsletter: subscription and sending out our newsletter.
- Profiling & direct marketing: should you use our website to purchase goods or services and provide an e-mail address during this purchase, we may use this e-mail address at a later stage to send you a newsletter. In this case, the newsletter will only contain direct marketing for comparable goods or services we offer. You can withdraw your consent or object to this processing at any time using the unsubscribe (see section What are your rights as Data Subject?) link in the mail footer.
We collect additional personal data during the subscription process to prevent any abuse of our services or the e-mail address provided.
We collect personal data for the following purposes:
Purchase of a ticket:
- Personal data attached to the individual ticket: first name, last name, address, city, province, country, postal code, company/group, phone, email
- Bank details for payment operations: card number, expiration date, security code
Subscription to the newsletter:
- Tick the checkbox to activate the subscription before confirming your purchase. We disclose your data with third parties that we refer as service providers (e.g. online payment provider) solely for payment operations.
IV. How long do we store your personal data?
The GDPR introduces the storage limitation of personal data.
We remind you that under the principle of minimisation data and purpose limitation, your data will be stored only if absolutely necessary for the purposes of the processing in question.
1. Web management
Data will be deleted as soon as they are no longer required to accomplish the purposes, for which they have originally been collected. In case of data collection for website provision, this is the case once the respective session is terminated.
For data saved to logfiles, such data will be deleted after a maximum period of seven days. Further storage of this data is possible. In this case, the user’s IP address will be deleted or alienated, making it impossible to establish any connection with the accessing client.
2. Marketing issues
The user’s e-mail address will be saved for as long as the user actively maintains their subscription to our newsletter.
For personal data from the enquiry form and personal data transmitted by e-mail, this is the case, once the corresponding communication with the user has come to an end. A conversation may be considered as terminated when the circumstances allow for the respective matter to be regarded as fully settled.
The personal data additionally processed during transmission will be deleted after a maximum period of seven days.
We retain the billing information according to national law that states the legal obligation related to accountancy (10 years).
In order to comply with the legal provisions regarding tracking due to the COVID 19 pandemic, we shall keep the following personal data: the name of the ticket holder, the assigned seat and the date of the event. These personal data shall be destroyed 1 month after the event. The deadline runs from the day after the day of the event. For further information, please visit www.covid19.lu.
V. Do we transfer any personal Data outside the European Union?
Your personal data as part of the processing defined above may be transferred to partners.
For our newsletter, we use the “Mailchimp” service offered by The Rocket Science Group, LLC (675 Ponce de Leon Ave NE, Suite 5000, Atlanta, GA 30308, USA). This data will exclusively be processed for sending out our newsletters. The information collected via this feature is typically sent and saved to one of the servers in the US.
According to the recent CJEU’s judgement (SCHREMS II) and the GDPR rules, the set of operations shall be covered by another appropriate safeguards :
- An additional contractual provision in the agreement between Rockhal and the service provider or based on a new draft of Standard Contractual Clauses.
- Technical and organisational measures such as those proposed by the EDPS : encryption before transmission, pseudonymised data, data in transit.
VI. What are your rights as Data Subject?
Any data subject (= natural person) of which Rockhal, as controller, processes personal data may exercise the following rights:
- Right of access: you have the right to obtain confirmation that we are processing your personal data and where this is the case to obtain a copy of these data;
- Right of rectification: you have the right to obtain from the controller without undue delay the rectification of inaccurate personal data that you concerned.
- Right to erasure: in specific cases, you have the right to request the erasure of your personal data. We may, however, retain certain information about you as required by law or when we have a legal basis to do so;
- Right to restriction of processing: you can the limitation of certain treatments carried out on your personal data. This right only plays in the following cases:
- When you dispute the accuracy of your data for the time needed to verify the accuracy of the data;
- In the case of unlawful processing by us and you do not wish the deletion of the personal data in question;
- We no longer need your personal data, but these are necessary for the recognition, exercise or defense of rights in court;
- When you have exercised your right to oppose the time to verify that the legitimate reasons, we are pursuing take precedence over yours;
- Right to object: you have the right to object at any time, on grounds related to your particular situation, to any processing of your personal data necessary for the performance of a task carried out in the public interest or based on legitimate interest;
- Right to data portability: you have the right to receive personal data that you have provided to us in a structured, commonly used and machine-readable format and to transmit these data to another controller. However, when the personal data are not processed by automated means, you do not fulfil the conditions to exercise your right to portability;
- Right to withdraw your consent: you can withdraw your consent at every moment when the processing activity is based on it;
- Right to lodge a complaint: you have the right to lodge a complaint with the competent supervisory authority.
How to proceed?
Please fill in the following form available on our website. Then send it out with any additional details about your request by email to mydata(at)rockhal.lu. However, Rockhal may refuse your request if it does not meet the requirements of applicable law or regulation.
VII. How do we make your personal data secure?
We shall implement, test and maintain the appropriate security measures, among other, access to facilities, hardware and software, storage and networks, monitoring and logging, breach detection and incident response to protect against unauthorised or accidental access, loss, alteration, disclosure or destruction of personal data.
VIII. What about data breach?
Rockhal shall communicate to its client of any personal data breach by Rockhal, its processors, or any other third parties acting on Rockhal’s behalf without undue delay, only where the personal data breach is likely to result in a high risk to the rights and freedoms of the client.
This privacy notice can be modified by Rockhal according to the rules and regulations that come into force.
Last update: 25/03/2021
Please note this linguistic version is the primary issue.
Limitation of liability
The public institution “Centre de Musiques Amplifiées – Rockhal” (hereinafter called the “Rockhal”) posts items on this site with a view to promoting its tasks and its activities.
Our objective is to disseminate correct and updated information. We will endeavour to correct errors which are indicated to us.
Nevertheless, the information disseminated on www.rockhal.lu shall under no circumstances involve any liability on the part of the Rockhal.
The Rockhal denies all liability for use of the information contained in the pages published on this site. The content is provided on a solely indicative basis. It contains information which is not necessarily complete, exhaustive, accurate or up to date. In the event of any difference between the texts published on this site and the original documents, the original documents shall be applicable.
The site may provide links to other sites over which the Rockhal has no control and for which it cannot be held liable. The Rockhal shall assume no liability for any loss or damage which may be caused to your computer system through the use of this site. The Rockhal denies any liability for interruption, even temporary, of the service provided by this site.
The present non-liability clauses are not intended to avoid the requirements imposed by the relevant legislations or to exclude liability in the case where it cannot be excluded by virtue of the said legislations.