ONLINE TICKETS
Museum Tinguely takes the protection of your personal data very seriously and strictly adheres to the applicable data protection laws, in particular to provisions of the Federal Act on Data Protection (hereinafter referred to as “FADP”) an the EU General Data Protection Regulation) (hereinafter referred to as “GDPR”).
Our digital services may contain links to other websites of third party service providers to which this data protection declaration does not apply.
1. Responsible authority
Responsible for the processing of your personal data is
Museum Tinguely
Paul Sacher-Anlage 2
Postfach 3255
CH-4002 Basel
If you have any questions regarding data protection, please contact us at the above-mentioned postal address, with the addition «data protection» or at the e-mail address tinguelybasel.admin@roche.com.
2. Purposes of the processing of personal data
The use of our website is usually possible without providing personal data. Personal data, such as names, addresses or e-mail addresses are always provided on a voluntary basis if possible. These data will not be passed on to third parties without your express consent, with the exception of the service providers named below, who support us in providing our services.
2.1. Communication data
We process your communication data (name, e-mail address) in order to be able to contact you. Personal data that you provide to us by e-mail and/or via the contact form on this website will only be processed for correspondence with you or only for the purpose for which you have made the data available to us.
The basis for this data processing is Art. 6 para. 1 lit. b GDPR, which permits the processing of data for the fulfilment of a contract or pre-contractual measures.
2.2. Newsletter/Museum Tinguely announcements
Museum Tinguely operates newsletters on the programmation of the institution (hereinafter referred to as “MT announcements”), which are direct e-mailings of text and image, sent several times a month. With your consent you can subscribe to MT announcements. The main topics of the respective MT announcement are specified in the declaration of consent. If you would like to subscribe to MT announcements, we require an e-mail address from you as well as information that allows us to verify that you are the owner of the e-mail address provided and that you agree to receive the respective MT announcement.
The only mandatory information for subscribing to MT announcements is your e-mail address. The indication of further, separately marked data is voluntary and is used to be able to address you personally. In addition, we store your IP addresses and the time of registration and confirmation. The purpose of this procedure is to be able to prove your registration and, if necessary, to clarify a possible misuse of your personal data. We do not collect any further data in this context. We use this data exclusively for sending the requested MT announcement. If we use a processor to send the MT announcements, we will of course comply with the applicable data protection laws.
You can revoke your consent to receive MT announcements and unsubscribe at any time. You can cancel the subscription by clicking on the link provided in every MT announcement, by e-mail to [tinguelybasel.infos@roche.com] or by sending a message to the contact data specified under section 1 (e.g. e-mail, fax, letter).
The data will be processed on the basis of your consent pursuant to Art. 6 para. 1 lit. a GDPR. You can revoke your consent at any time. The lawfulness of the data processing processes already carried out remains unaffected by the revocation.
2.3. Google Analytics
Our website uses Google Analytics, a website analysis service by Google Inc., 1600 Amphitheatre Parkway Mountain View, CA 94043, USA. Google Analytics uses so-called "cookies", text files that are stored on your computer to analyse your use of the website. The information generated by the cookie about your use of this website is usually sent to and stored at a Google server in the U.S.A.
You find more information concerning the treatment of user data by Google Analytics in Google's Privacy Policy.
You may prevent the installation of cookies by adjusting the settings of your browser; however, if you do so, you may be unable to use all features of this website. Further, you may prevent the collection of data generated by cookies (including your IP address) and related to the use of this websites as well as the processing of such data by Google by downloading and installing the plug-in under the following link: http://tools.google.com/dlpage/gaoptout.
For more information on terms of use and data protection, please visit http://www.google.com/analytics/terms/ or https://policies.google.com/. Please note that the code "anonymizeIp" has been added to Google Analytics on this website to ensure anonymous collection of IP addresses (so-called IP masking).
Google Analytics is used and Google cookies are stored and evaluated for statistical purposes on the basis of Art. 6 para. 1 lit. f GDPR. We have a legitimate interest in analyzing user behavior in order to optimize our services.
2.4. Data processing for the fulfilment of legal obligations
In addition, we may process your data to fulfil legal obligations (e.g. regulatory requirements, commercial and tax storage and proof obligations).
The basis for data processing is Art. 6 para. 1 lit. c GDPR, which permits processing for the fulfilment of a legal obligation
2.5. Log files
Whenever our websites are accessed, usage data is transmitted through the respective Internet browser and stored in log files, the so-called server log files. The data records stored in this way contain the following data: Date and time of access, name of the page accessed, IP address, referrer URL (originating URL from which you accessed the website), the amount of data transferred, as well as product and version information of the browser used. The IP addresses of the visitors are deleted or made anonymous after the end of use.
The personal data that we collect and process may be transferred to and stored in geographic regions in which data protection regulations differ from those in your own country. All such data transfers will be made in compliance with applicable law.
For the transfer of personal data, we rely on the adequacy decision or we ensure the personal data is protected through appropriate contracts, in particular, the so-called standard contractual clauses of June 4, 2021 (EU 2021/914) of the European Commission, the United Kingdom supervisory authority and the Swiss supervisory authority.
3. Data security
Your personal data is transmitted encrypted. This applies to your communication data if you use our contact form and when registering for MT announcements. We use the SSL (Secure Socket Layer) coding system. Furthermore, we protect our websites and other systems through technical and organizational measures against loss, destruction, access, modification or distribution of your data by unauthorized persons.
4. Categories of receipt of personal data
Insofar as we make use of the services of third parties to carry out our services, we process personal data according to the provisions of the GDPR and FADP. Service providers who support us in providing our services to you are the it-service providers, hosting providers and e-mail service providers.
5. Duration of data storage
In principle, we delete your data as soon as it is no longer required for the above-mentioned purposes, unless temporary storage is still necessary. Thus we store your data on the basis of legal proof and storage obligations. In addition, we keep your data for the period during which claims can be asserted against our company (statutory limitation period of three or up to thirty years).
6. Rights of the persons concerned
In accordance with the FADP, please note that you have the right to request from Museum Tinguely access to your personal data, a copy of your personal data, to rectify your personal data or to have Museum Tinguely register a note dispute. Additionally, you have the right to erasure or anonymisation of your personal data if it is no longer needed for the purpose for which you provided it, and the right to restrict the processing of your personal data to specific purposes if erasure is not possible. If the processing of your personal data is based on your consent kindly note that you have the right to withdraw consent at any time. However, the withdrawal is only valid for the future and we reserve the right to continue to process personal data in the event of a withdrawal, based on a different basis.
For sending us a note to exercise your privacy rights, including withdrawal of consent, please see contact details in the section “Responsible authority” above. In the event you have the impression that our data processing is non-compliant with applicable privacy laws: You are entitled to lodge a complaint with the Swiss supervisory authority. If you have any questions regarding data protection, please contact us at tinguelybasel.admin@roche.com
