Cologne Triangle

Menu

PRIVACY POLICY

Regardless of whether you are a customer, prospect, applicant, or visitor to our website, we, Rheinland Kultur GmbH (hereinafter referred to as “Rheinland Kultur GmbH”, “we”), take the protection of your personal data very seriously. But what does this mean in concrete terms? Below, we provide you with insight into what personal data we collect from you and how we process it. Furthermore, you will receive an overview of your rights under applicable data protection law. Additionally, we provide contact information should you have any further questions.

Who are we?

Rheinland Kultur GmbH is the service and operating company and a 100% subsidiary of the Landschaftsverband Rheinland (LVR). We employ approximately 1300 people at various locations of LVR throughout the Rhineland region. Our headquarters are located on the premises of Abtei Brauweiler in Pulheim. Our range of services for LVR in almost all its facilities includes museum management, event management, visitor service center “kulturinfo rheinland,” event platform “Tagen und Feiern im Museum,” Abtei-Shop and mail-order bookshop, and facility management.

As the data controller under applicable data protection laws, we,

Rheinland Kultur GmbH
Abtei Brauweiler
50259 Pulheim
PO Box 2140
50250 Pulheim
Phone.: +49 (0) 22 34 / 9921–0
Fax: +49 (0) 22 34 / 9921–219
E-Mail: info@rheinlandkultur.de

take all necessary measures under applicable data protection law to ensure the protection of your personal data.

For any questions regarding this privacy policy, please contact our data protection officer.

2B Advice GmbH
Datenschutzbeauftragter
Joseph-Schumpeter-Allee 25
53227 Bonn
E-Mail rheinlandkultur@2b-advice.com
Phone: +49 228 926 165 120

Scope of the Privacy Policy

The processing of personal data, as defined by the legislature, includes activities such as collection, recording, organization, sorting, storage, adaptation or alteration, retrieval, querying, use, disclosure by transmission, dissemination, or another form of provision, comparison or linking, restriction, erasure, or destruction of personal data.

Personal data refers to any information relating to an identified or identifiable natural person. This privacy policy concerns the personal data of customers, prospects, applicants, or visitors.

This privacy policy applies to our website http://www.koelntrianglepanorama.de.

What personal data do we process?

We collect your personal data when you interact with us, such as a prospect or customer. This may occur, for example, when you are interested in our products, register for our online services, contact us through our communication channels, or when you use our products or services within existing business relationships. The following types of personal data are processed by us:

  • Personal identification information
    e.g., first and last name, address data, email address, telephone number, fax number
  • Company-related data
    e.g., company name, department, position, as well as other information comparable to these data categories.

Sensitive Data

Sensitive data, such as special categories of personal data including information about religious beliefs or union membership, is not collected through this channel.

Contractual Performance

We process your data to fulfill our contracts. This also applies to information you provide to us in the context of pre-contractual correspondence. The specific purposes of data processing depend on the respective product and the application submitted and may also be used to analyze your needs and determine which products and services are suitable for you.

Execution of the contractual relationship

To carry out the contractual relationship, we need your name, address, telephone number, or email address, so that we can contact you.

Measures to Ensure Your Security

We use your personal data, among other things, in the following cases:

  • To protect you or your company from fraudulent activities, we analyze your data. This may occur, for example, if you have become a victim of identity theft or if unauthorized persons have gained access to your user account in other ways;
  • To improve the reliability of our web applications, our IT support works closely with you in case of technical problems. In this context, we also evaluate logs of page accesses, actions performed, etc.;
  • To ensure IT security;
  • To record and document facts in the event of possible legal disputes.

Based on Your Consent

If you have consented to the processing of your personal data for one or more specified purposes, the processing of your data by us is permissible. You can revoke this consent for the future at any time, without incurring any costs other than the transmission costs according to the basic tariffs (costs of your internet connection). However, the revocation of consent does not affect the lawfulness of processing carried out before the revocation.

Based on Legal Requirements or in the Public Interest

As a company, we are subject to various legal requirements (e.g., tax legislation). To comply with our legal obligations, we process your personal data.

Data Use within Rheinland Kultur GmbH

Within Rheinland Kultur GmbH, only those departments have access to your personal data that need it to fulfill our contractual or legal obligations, or to protect our legitimate interests.

Data Use outside Rheinland Kultur GmbH

We respect the protection of your personal data and only disclose information about you if legal provisions require it, if you have consented, or to fulfill contractual obligations.

The following recipients may be legally obliged to receive your personal data, for example:

  • Public authorities or supervisory authorities, such as tax authorities, customs authorities;
  • Judicial and law enforcement authorities, such as police, courts, public prosecutor’s offices;
  • Lawyers or notaries, for example, in legal disputes;
  • Auditors.

To fulfill our contractual obligations, we cooperate with other companies. These include:

  • Transport service providers and freight forwarders;
  • Organizers and training service providers if you have registered for specific trade fairs or events through us;
  • Banks and financial service providers for the processing of all financial matters.

Own Service Providers

To efficiently manage our business, we rely on the services of external service providers, who may receive personal data from you to fulfill the described purposes, including IT service providers, printing and telecommunications service providers, debt collection, consulting, or sales companies.

Important: We carefully protect your personal data!

To ensure that the same data protection standards are adhered to by service providers as in our company, we have concluded corresponding contracts for order processing. These contracts regulate, among other things:

  • that third parties only have access to the data they need to fulfill the tasks assigned to them;
  • that only employees of the service providers who have expressly committed themselves to comply with data protection regulations have access to your data;
  • that the service providers adhere to technical and organizational measures ensuring data security and data protection;
  • what happens to the data when the business relationship between the service provider and us is terminated.

For service providers located outside the European Economic Area (EEA), we implement special security measures (e.g., by using special contract clauses) to ensure that the data is treated with the same care as in the EEA. We regularly review all our service providers to ensure compliance with our requirements.

Very important: We never sell your personal data to third parties!

Are you obliged to provide us with personal data?

In the context of the business relationship between you and Rheinland Kultur GmbH, we need the following categories of personal data from you:

  • all necessary data for establishing and conducting a business relationship;
  • data required to fulfill contractual obligations;
  • data that we are legally obliged to collect.

Without this data, we cannot enter into or execute contracts with you.

Retention Periods

In accordance with applicable data protection regulations, we do not store your personal data longer than necessary for the purposes of the respective processing. If the data is no longer needed to fulfill contractual or legal obligations, it will be regularly deleted by us unless its temporary storage is still necessary. The following reasons may justify further retention:

  • Compliance with commercial or tax retention requirements: The retention periods primarily depend on the provisions of the Commercial Code and the Fiscal Code and can be up to 10 years.
  • Preservation of evidence in the event of legal disputes within the statutory limitation periods: Statutes of limitations in civil law can be up to 30 years, with the regular limitation period occurring after three years.

Your Rights

In the context of the processing of your personal data, you also have certain rights. The details can be found in the relevant provisions of the General Data Protection Regulation (Articles 15 to 21).

Right to Information and Rectification

You have the right to obtain information from us about which of your personal data we process. If this information is incorrect or incomplete, you can request the correction of the data or the supplementation of incomplete information. If we have disclosed your data to third parties, we will inform the respective third parties, where required by law.

Right to Erasure

Under the following circumstances, you can request the immediate deletion of your personal data:

  • If your personal data is no longer necessary for the purposes for which it was collected;
  • If you have revoked your consent and there is no other legal basis for data processing;
  • If you object to the processing and there are no overriding legitimate reasons for the processing;
  • If your data is processed unlawfully;
  • If your personal data must be deleted to fulfill legal obligations.

Please note that we must review whether there are legitimate grounds for processing your personal data before deleting it.

Right to Restriction of Processing (“Right to Block”)

You can request the restriction of the processing of your personal data for one of the following reasons:

  • If you dispute the accuracy of the data until we have had the opportunity to verify the accuracy of the data;
  • If the data is processed unlawfully, but you only request restriction of use instead of deletion;
  • If we no longer need the personal data for the purposes of processing, but you need it to assert, exercise, or defend legal claims;
  • If you have objected to the processing, and it is not yet clear whether your legitimate interests outweigh ours.

Right to Object

Case-by-case Right to Object

If processing is carried out in the public interest or on the basis of a balance of interests, you have the right to object to the processing for reasons arising from your particular situation. If you object, we will no longer process your personal data unless we can demonstrate compelling legitimate grounds for processing that override your interests, rights, and freedoms, or because your personal data is required to assert, exercise, or defend legal claims. The objection does not affect the lawfulness of processing carried out before the objection.

Objection to Advertising

In cases where your personal data is used for advertising purposes, you can object to this form of processing at any time. We will then no longer process your personal data for these purposes.

The objection can be made informally and should be addressed to:

2B Advice GmbH
Data Protection Officer
Joseph-Schumpeter-Allee 25
53227 Bonn
E-Mail rheinlandkultur@2b-advice.com
Phone: +49 228 926 165 120

Right to Data Portability

You have the right to receive personal data that you have provided to us for processing in a transferable and machine-readable format upon request.

Right to Lodge a Complaint with the Supervisory Authority (Art. 77 GDPR)

We always strive to process your inquiries and claims as quickly as possible to safeguard your rights accordingly. Depending on the frequency of requests, however, it may take up to 30 days before we can provide you with information about your request. If it takes longer, we will notify you promptly of the reasons for the delay and discuss the further procedure with you.

In some cases, we may not be able to provide you with information. If legally permissible, we will inform you of the reasons for refusing the information.

If you believe that the processing of your personal data violates data protection regulations, you have the right to lodge a complaint with our data protection officer or a data protection supervisory authority of your choice. The supervisory authority responsible for us is:

State Commissioner for Data Protection and Freedom of Information
North Rhine-Westphalia
PO Box 20 04 44
40102 Düsseldorf
Phone.: 0211/38424–0
Fax: 0211/38424–10
E-Mail: poststelle@ldi.nrw.de