Privacy policy

Your privacy is important to us. That is why we have developed this privacy policy ("Privacy Policy") which describes how we collect, use, share, transfer and store your information. Please read the Privacy Policy to familiarize yourself with how we handle your privacy and contact us if you have any questions.

Introduction

Cirkus Venues AB, org. no 559036-8485, Djurgårdsvägen 68, 115 21 Stockholm ("CIRKUS VENUES") and companies that from time to time are part of the same group as CIRKUS VENUES (the "Group" or "we") process Personal Data for users and customers who use our services, stay at our hotel, attend our events, buy our goods, etc.

CIRKUS VENUES is the data controller for the processing of Personal Data, and thus responsible for the processing of your Personal Data in accordance with the principles set out by law and this Privacy Policy. Other companies within the Group may act as data processors or be data controllers for certain Personal Data together with CIRKUS VENUES.

"Personal data" means any information that can be directly or indirectly linked to a natural person alive today. We are committed to protecting your Personal Data and process your data in accordance with the General Data Protection Regulation (GDPR) and national data protection laws, which exist to protect the privacy of individuals.

Some pages on the Group's websites contain links to third-party websites. These websites have their own privacy policies and the Group is not responsible for their activities, including but not limited to their information practices. Users who submit information to or through these third-party websites should review the privacy policies of the websites before providing any Personal Data to them.

Changes to this Privacy Policy will be notified by the publication of an updated Privacy Policy on this website and we therefore recommend that you consult it regularly.

What personal data do we collect

We may ask you to provide Personal Data when you use our Services. The Group and its partners may share this information between themselves and use it in accordance with this Privacy Policy. You do not have to provide the Personal Data we request, but if you choose not to, we may not be able to provide you with our Services in many cases.We only collect Personal Data that is relevant for the purpose described in the specific terms and conditions of each Service and this Privacy Policy that you provide to us. When you use our Services, we may collect various types of information, such as name, address, credit card details, telephone number, e-mail address and IP address.In addition to the information you provide to us, we may collect information from ticket providers, travel agents or other parties through whom you have booked your Service.

How we use your personal data

The Group may use your Personal Data for:

  • to perform and administer the Services,
  • to look after your interests,
  • accounting and invoicing purposes,
  • to contact you regarding your booking status or information related to your booking,
  • to develop and analyze the business,
  • to communicate with you and offer Group Services to you,
  • to send you newsletters,
  • to disclose data to partners whose events you attended, or
  • promote the Group's Services.

Legal basis for our processing of your personal data

We process the data on the basis of our legitimate interest as an operator in the provision of our Services and in order to comply with our legal obligations.The data processed for the purpose of developing and analyzing the business and to communicate with you is processed on the basis of our legitimate interest to develop the business and communicate with our contacts.The processing that involves us disclosing your data to partners is based on your consent which you can withdraw at any time, see the section "Your rights" below.

Recipients of the personal data

Personal Data may be transferred between companies within the Group and to partners to be processed for the purposes set out in this Privacy Policy. The Group uses subcontractors for e.g. computer operations and Personal Data may therefore be transferred to these subcontractors. Our subcontractors process your Personal Data only on behalf of the Group, in accordance with our instructions and only after signing a data processing agreement in accordance with applicable law, in order to ensure a high level of protection for your Personal Data. The Group may disclose Personal Data to third parties if the Group is obliged to disclose such information by law or by decision of the authorities.

Transfer of personal data to third countries

The Group may transfer data to partners and subcontractors outside the EU/EEA. To ensure a high level of protection of your Personal Data in such situations and compliance with EU/EEA rules, the relevant Group company enters into data processing agreements with such parties. Such data processing agreements regulate the processing of Personal Data by such parties and, where applicable, the transfer of Personal Data in accordance with applicable EU/EEA rules on the protection of Personal Data. The agreements contain conditions required by the European Commission and meet the requirements of applicable law to protect the transferred Personal Data.

Protection and deletion of personal data

The Group has internal procedures for IT and information security and takes appropriate technical and organizational measures to protect your Personal Data against e.g. loss, manipulation or unauthorized access.We process your Personal Data for the period of time that the processing is necessary to fulfill the purposes for which the data was collected and/or we have a legal obligation to preserve the Personal Data. If you unsubscribe from newsletters or similar, the data will be deleted immediately.

Camera surveillance ‍

We conduct camera surveillance in our premises at Hazeliusbacken 20, 115 21 Stockholm in order to prevent criminal activities and thereby protect our staff, our guests and our property. Camera surveillance is deemed to be justified for this purpose and the camera surveillance is carried out with a legitimate interest. Visitors are notified of the camera surveillance through signs on the premises and in the hotel. The data is stored for 30 days but can be kept for longer if necessary. Access to the material is strictly limited to a small group of pre-approved processors within Circus Venues. The data is only evaluated on request.

Your rights

Right to information: You have the right to receive information about our processing of your Personal Data free of charge. The request for an extract must be made in writing to the Group's Data Protection Officer at the address indicated below and must be personally signed by you and include your name, postal address, telephone number, e-mail address (used for communication with the Group). The extract will be sent to your registered address within one month of the date of receipt of the request by the Data Protection Officer.

Right to rectification: We strive to ensure that the Personal Data we process about you is accurate and relevant for the purpose of the processing. You have the right to contact the Group Data Protection Officer to ask us to rectify inaccurate data about you that we process. You can also request information about to whom we have disclosed your Personal Data. The Group is not liable for any problems that arise as a result of Personal Data being out of date or inaccurate if you have failed to inform us of the change. Each company within the Group will, at your request or upon discovery, correct or delete inaccurate or incomplete information.

Right to erasure: We have an obligation to erase your Personal Data (i) if it is no longer needed for the purpose(s) for which it was collected, (ii) if the processing of it is based solely on consent and you withdraw it, or (iii) if the processing is for direct marketing purposes.

Please note that you may withdraw your consent to further processing (not retroactively) of your Personal Data at any time by contacting the Data Protection Officer at the address below, whereupon the Group will prevent such information from continuing to be processed. However, you are reminded that withdrawal of consent does not affect processing that may be carried out without consent (e.g. the processing carried out in order to provide the Services) but may result in the Services not functioning as intended or the Group no longer being able to provide the Services.

Right to restriction of processing: In some cases, you can request that our processing of your Personal Data be restricted to certain limited purposes. You can do this, for example, when you consider the data to be inaccurate and have requested rectification.

Right to data portability: We can help you transfer Personal Data that you have provided to us to another service provider. This is subject to the condition that the recipient is processing the data on the basis of your consent or to fulfill a contract with you. This right only applies in relation to Personal Data that you have provided to us yourself.

Right to object: You have the right to object at any time to the processing of your Personal Data for marketing purposes.

Complaints to the Data Protection Authority: If you believe that we are processing data about you in breach of the GDPR, you can lodge a complaint with a supervisory authority where you live or work. In Sweden, the Data Protection Authority is the supervisory authority.

Right to compensation: If you have suffered damage because we have processed your Personal Data in breach of the GDPR, you may be entitled to compensation.

Cookies_200D↩Cookies

When you visit our website, we may send and store a cookie on your computer, tablet or mobile phone. This cookie enables the website or web server to collect and store specific, but limited, information from the browser about how you use it and improve your user experience. We may also collect information about your IP address, operating system, which search engine you use for statistical and administrative purposes. The information we collect through your visit to our website is generally anonymized and cannot be traced to a specific person. Information on how the Group uses cookies, what they are used for and how you can avoid them is set out in the Group's Cookie Policy in force from time to time.

Transfer of ownership

If we sell, reorganize or otherwise transfer all or part of our business, your Personal Data may be transferred at the same time.

Privacy issues

If you have any questions or concerns about the Group's Privacy Policy or data processing, or would like to make a complaint about a possible breach of privacy laws and regulations, you can contact our Data Protection Officer at the address below.

Contact details
Name: Johann Schneider
E-mail: DPO@cirkusvenues.se
Postal address: Attn: Johann Schneider, Cirkus Venues AB, Djurgårdsvägen 68, 115 21 Stockholm