PROCESSING OF PERSONAL DATA

As a natural part of Tivoli's marketing and other activities, Tivoli processes data regarding our members, visitors and partners. Tivoli's policy for this processing is to be transparent. This policy therefore describes how Tivoli processes the personal data that Tivoli collects in connection with our activities, including via our website.

The controller

Tivoli A/S, CVR no. 10404916, Vesterbrogade 3, 1630 Copenhagen, Denmark, is the controller responsible for the collection and processing of personal data described in this policy.

Personal data we process and why

Tivoli Pass members
If a Tivoli Pass membership is created, Tivoli collects data on names, addresses, photos, email addresses, telephone numbers and dates of birth for Tivoli Pass members, along with data regarding these members' preferred use of the Gardens and their activities, use of the Tivoli Pass payment function and visits to the Gardens.

Tivoli uses a system for guest profiling, in order to assess the probability of renewing Tivoli cards and for division into music and guest segments. The information is used by Tivoli to provide Tivoli Pass members with the best possible information about Tivoli’s activities and offers and to tailor the Gardens and any offers to the members and our other guests. 

When issuing a Tivoli Pass, Tivoli asks to take a portrait photo of the pass holder. The photo will only be used by Tivoli for admission control and will be stored in a database. When the Tivoli Pass holder visits the Gardens, the photo may be displayed on a screen that is visible only to the ticket collector at the entrance. Pass holders who do not wish to have a photo registered are always obliged to produce photographic identification at the entrance to Tivoli. A note may be added to their personal data indicating that they wish to use photographic identification.

Tivoli App
If you use the Tivoli app, you can create a My Tivoli profile, after which Tivoli can collect your name, email, phone number, birthday, address and consent to newsletters. You also have the option of saving your payment card in the app. However, Tivoli does not have access to your full card information, which is stored with the payment provider.
If you connect your Tivoli card to the app, it will also display these data (see more in the section above).

In addition, information is collected which is received from the mobile devices you use when you access our app. This information is anonymised and may include, for example, the following: Device type, operating system, app version, tour booking, location, activation and redemption of Lux benefits, purchase of products and general movements in the app.

When you use the Tivoli app, you can consent to Tivoli sending push messages to you as a user, via the request that appears when the app is opened for the first time. The messages will contain information about your Tivoli Pass, your memberships and other relevant information about Tivoli. You can always change this in the settings on your smartphone.

Marketing and newsletters
If you have consented to this, Tivoli will process your personal data in order to send e-mails and newsletters from Tivoli containing relevant membership benefits and offers, information on events and discounts in Tivoli, and offers and benefits that are available from Tivoli's partners. Tivoli collaborates with businesses within the tourism, automotive, clothing, drinks, hotel and energy industries. You can always see a list of Tivoli's current partners at www.tivoligardens.com/en/erhverv/sponsorer. It will always be Tivoli that sends out the offers on behalf of our partners. If you no longer wish to receive these e-mails and newsletters, you can unsubscribe by e-mailing tivolikort@tivoli.dk or by pressing the "Unsubscribe from Tivoli Tæt På" button at the bottom of the newsletter.

Use of the website
Tivoli collects data on visitors to Tivoli's website and the visitor's use of the website and its features.

When you have visited Tivoli's website, we collect the following data about you, depending of your consent:

• The pages you visited on Tivoli.dk, including when and for how long
• The browser type
• IP address 

This information is used to improve the website and show you relevant ads. We also use data on our users' navigation on our website to understand how our users, as a whole, use the website, and on this basis try to make the website better. We do not see where you are coming from or how you are surfing the internet when you leave our site. In addition, we collect information about which products our users, as a single group, prefer. This information is also used to improve the website.

The data collected is processed on the basis of your consent. This consent can always be revoked by tapping the Cookie pop-up in the left-hand corner of the website, and in the bottom, you can revoke or change your consent. The revocation only has a forward effect.

We also share information about your use of our website with our social media, advertising and analytics partners, such as Google, Facebook, LinkedIn and Adform. Our partners may combine these data with other information that you have provided to them or that they have collected from your use of their services. You can always revoke or change your consent, see section above. For more information about their use of your information, please refer to our partners' privacy policies, which you can find links to in our cookie policy.

Purchases via Tivoli's web shops

Digital products:
When you buy digital products in Tivoli's web shops, we will ask you for your e-mail address so that we can send you what you bought and a receipt for your purchase. Your payment card information is processed under current PCI - DSS standards and Tivoli does not have access to your full payment card information.

Physical products:
When you buy physical products in Tivoli's web shops, we will ask you for your e-mail address so that we can send you a receipt for your purchase, and your first name, last name and address, so that we can send the item home to you. We also ask for your telephone number so that you can track your package with the shipping operator.

Purchase of tickets for performances, concerts, etc.
When purchasing tickets for events in the Concert Hall and Glass Hall, Tivoli collects, stores and processes information about name, address, e-mail address, telephone number and e-mail permissions, as well as information related to your purchase and your payment (not full payment card information).

In connection with the submission of information, it will always be clear whether the submission is voluntary or necessary for the implementation of the desired action, for example making a purchase in our web shop. 

The data are primarily collected directly from you, but we may also receive data from other sources, including independent booking and ticketing service providers.

Video surveillance
Tivoli performs video surveillance in parts of the Gardens. Video surveillance is performed for the purpose of prevention of criminal activity and to ensure the safety of our visitors in the Gardens. Tivoli has erected signs by the areas with video surveillance.

Recordings will only be accessed and viewed in the event of suspected criminal activity or in connection with internal and external checks. Similarly, recordings may be reviewed in order to clarify safety-related incidents.

In the event of criminal activity or suspected criminal activity, the recordings may be passed to the police. Disclosure may also occur if this is required by law.

Customer service and communication
When you contact Tivoli's customer service or communicate with us in any other context, we collect and process the data you provide in order to process your enquiries. We encourage you not to disclose sensitive data to us unless this is strictly necessary to the processing of your enquiry. If you are sending the data via e-mail, they should only be sent in encrypted form.

Rides in the Gardens
Some rides in the Gardens collect personal data about you when you use them, such as ride photos and usage. Photos from the relevant rides are used to provide a good guest experience and service and are briefly displayed on screens near the individual ride and are deleted on an ongoing basis. You will be informed of the scope and purpose of data processed in regard to each individual ride.

Restaurant visits and parties
Tivoli registers your name, contact information and possibly other information you give us if you book a table at our restaurants or hold parties in Tivoli.

Photos from the Gardens
Tivoli regularly takes photos from the Gardens. The photos are used i.a. for marketing on Tivoli's social media. Recognizable guests in Tivoli can appear in the photos. Tivoli obtains your possible consent to this, in accordance with the Danish Data Protection Agency's current guidelines.

Business cooperation
If you or your company collaborates with Tivoli in a business context, e.g. as a supplier, tenant, consultant or other partner, Tivoli can register your name and contact information, as well as information about your position, which company you work for and possibly other information about you that is related to and justified in the cooperation. 

Other purposes
In addition to the purposes above, Tivoli may also process your personal data in order to fulfil legislative requirements or to establish, assert or protect legal claims. 

With whom does Tivoli share your personal data?

Tivoli does not transfer your personal data to third parties without your consent, unless such disclosure is necessary to the fulfilment of an agreement to which you are a party, for example, agreements with partners in connection with the Tivoli Pass. In certain circumstances, and in accordance with legislation, it may be necessary to disclose personal data to public authorities or to the police. For example, data may be passed to the police in the event of suspected credit card fraud.

In some circumstances, Tivoli will share your personal data with Tivoli's data processors who deliver services on behalf of Tivoli, e.g. IT suppliers. These suppliers only process the personal data on behalf of Tivoli and in accordance with Tivoli's instructions. They cannot therefore process personal data for their own purposes.

Legal basis and processing in third countries

Tivoli must have a legal basis for processing your information, either in the data protection rules or in other legislation.
Consent: We obtain your explicit consent to the use of personal information for the submission of marketing materials, unless the law allows us to contact you without consent. In this case, our basis for the processing of your personal data will be Tivoli's legitimate interest in marketing. We may also obtain your consent to the publication of photos of you and in connection with the processing of your personal data from the use of our websites.

Contract: We process your information in relation to your Tivoli Pass and other Tivoli memberships, as well as their use, based on the agreement you have entered into with Tivoli. Likewise, if you enter into an agreement with Tivoli on various events, rental of premises, supplier relations, etc.

Legitimate interest: Processing of your personal information in connection with customer service, services for guests in the garden (e.g. reservation of wheelchair, lost property, companion information), ride photos, etc. is based on Tivoli's legitimate interest in providing a good service and guest experience to you as a guest. Tivoli uses Video surveillance in the Gardens, based on Tivoli's legitimate interest in preventing and solving crime. After a balance of interests, Tivoli might publish photos from the garden with recognizable people.

Other grounds for processing: Tivoli may also process personal data for the purpose of complying with legal requirements (e.g. the Accounting Act) or for determining, enforcing or defending legal claims.

Tivoli's processing of personal data takes place mainly in the EU, but Tivoli may exceptionally use data processors or sub-processors that process personal data in a country outside the EU/EEA (third country). The transfer of personal data to a third country deemed to have an adequate level of protection does not require specific authorization and personal data may be transferred to such third countries without hindrance. In the case of so-called insecure third countries (following a decision by the European Commission), the Commission's standard provisions or equivalent legal basis according to Chapter V of the Data Protection Regulation can be used as a basis for transfer, which guarantees the necessary protection of data subjects' rights.

For more information about processing of data in third countries, please contact Tivoli. See contact information under the section "Your Rights".

Cookies

Tivoli uses cookies on its website and in apps. These may collect personal data. Our use of cookies and processing of personal data in connection with this are described in further detail in our cookie policy, which is available here.

Revoking consent

You are entitled to revoke any consent that you may have granted Tivoli at any time. We will then delete the personal data, unless we are able to continue processing them on some other legitimate basis. However, revocation of consent may mean we are no longer able to offer you the same products and services.
Consent for our newsletter can be revoked via the unsubscribe link in each communication.

Your rights

You are entitled to know what data Tivoli processes about you and the purpose of processing the data. You are also entitled to object to your personal data being processed, including for profiling, and to request rectification, or erasure of data that are incorrect, misleading or have otherwise been processed in contravention of the relevant legislation, or to request that the processing be restricted.

In certain cases, you are entitled to receive the personal data that Tivoli controls in a structured, commonly used and machine-readable format, and to transmit those data to another controller. You also have the right to object to your personal data being processed with a view to direct marketing. If you wish to exercise these rights, please contact:

Tivoli A/S 
Vesterbrogade 3
DK-1630 Copenhagen V
E-mail: comments@tivoli.dk
Telephone: +4533151001

Security

Tivoli emphasises that all personal data are treated confidentially, and that the data are only processed by employees who have received instructions on how to process personal data in order to prevent the data from being destroyed or falling into the hands of unauthorised persons.

Storage of personal data

The information is stored for different periods of time, and this is determined with regard to your possible consent, statutory retention periods, necessity to comply with a valid agreement or with respect to Tivoli's legitimate interest in data retention. 

Your membership ceases when the Tivoli pass expires. When a membership expires, the member's personal data will be suspended. When you no longer have an affiliation with Tivoli (in the form of membership, marketing consents, cases, etc.), your personal information will be deleted after 2 years. Information regarding insurance cases are however kept for 3 years.

Your marketing consent is stored for 2 years after your revocation.

Amusement photos are stored for up to 30 days.

Profiles created by table reservations in Dinnerbooking are deleted after 24 months of inactivity.

Personal information in connection with business collaborations is stored as a starting point for 5 years after the termination of the agreement or collaboration.

Financial information is stored for a minimum of 5 years plus the current financial year, cf. the Accounting Act

Recordings from video surveillance for the purpose of crime prevention will be deleted or anonymised within 30 days after the recording took place, unless it is necessary for Tivoli to keep the recordings for the purpose of dealing with a specific dispute, e.g. in connection with solving crime or other illegal acts. Recordings from video surveillance for other purposes will be deleted when it no longer serves a business purpose to store the information.

The data may also be stored for longer in anonymised form, i.e. it will no longer be possible to link the data to you.

Please note that deviations may occur from the stipulated storage times when, after specific and factual assessment, it is deemed necessary and there is a legal basis for this.

Links to other websites, etc. 

Our website may contain links to other websites or to integrated websites. We are not responsible for the content of other companies' websites or their practices regarding the collection of personal data. When you visit other websites, we encourage you to read the owners' policies regarding personal data protection and other relevant policies.

Contact

If you have questions about or wish to complain about the processing of personal data, you can always contact Tivoli by e-mail or telephone, as described above. You may also contact the Danish Data Protection Agency, Carl Jacobsens Vej 35, 2500 Valby, Denmark.

Last updated on 26 October 2020