We have created this privacy statement in order to explain to you, in accordance with the EU General Data Protection Regulation (GDPR), what information we collect, how we use data and what choices you have as a visitor to this website.

Automatic Data Storage

When you visit websites today, certain information is automatically generated and stored, the same applies to this website. When you visit our website as you are doing now, our web server (computer on which this website is stored) automatically stores data such as the IP address of your device, the addresses of the pages visited, details of your browser (e.g. Chrome, Firefox, Edge,...) and date and time. We do not use this data and generally do not pass it on, but we cannot rule out the possibility that this data may be viewed in the event of unlawful conduct.

Collection and Processing of Personal Data

We do not require any personal data from you to visit our websites. Personal data is only collected if you provide it to us voluntarily, e.g. by registering, filling out forms or sending e-mails, ordering products or services, making inquiries or requesting material. This data will not be passed on to third parties, unless they are contracted service providers who contribute to the processing and support of your contracts.

Use and Distribution of Personal Data

The database and its contents remain with our company and our provider. Your personal data will only be used by us to answer your inquiries and to process contracts concluded with you. They will not be made available to third parties in any form by us or by personnel authorized by us, unless your consent or an administrative order has been obtained or on the basis of other exceptions under the GDPR, particularly Art. 6 GDPR.

By withdrawing your consent to storage, the stored personal data will be deleted if its possession is no longer required to fulfil the purpose for which it was stored, or if its storage is inadmissible for other legal reasons.

Your Rights

In principle, you are entitled to the rights to information, correction, deletion, restriction, data transferability, revocation and objection. If you believe that the processing of your data violates data protection law or your data protection claims have otherwise been violated in any way, you can complain to the supervisory authority. In Austria, this is the Data Protection Authority (Datenschutzbehörde), you can visit the website under https://www.dsb.gv.at/.

As a user of our website, you have the right, upon written inquiry, to request information from us about the data stored about you or your pseudonym.

Security Notice

We have taken technical and organisational measures to protect the personal data you have provided against loss, destruction, manipulation and unauthorised access. All our employees and third parties involved in data processing are obliged to comply with the GDPR and to treat personal data confidentially. We cannot guarantee complete data security for communication by e-mail. We therefore recommend that you send confidential information by post.

TLS encryption with https

For some of our services, we use https to transmit data over the Internet in a tap-proof manner. Through the use of TLS (Transport Layer Security), an encryption protocol for secure data transmission on the Internet, we can ensure the protection of confidential data. You can recognize the use of this data transmission security by the small lock symbol in the top left corner of the browser and the use of the https schema as part of our Internet address.


Our website uses HTTP cookies to store user-specific data. A cookie is a short piece of data that is exchanged between a web browser and a web server, but is completely meaningless to the web server and only takes on a meaning for the web application, e.g. an online shop, such as the content of a virtual shopping cart. There are two types of cookies: first-party cookies are created by our website, and third-party cookies are created by other websites (such as Google Analytics). There are three categories of cookies: cookies that are essential to ensure the basic functionality of the website, functional cookies to ensure the performance of the website, and targeted cookies to improve the user experience. We use cookies to make our website more user-friendly. Some cookies remain stored on your device until you delete them. They allow us to recognize your browser the next time you visit. If you do not wish this, you can setup your browser to inform you when cookies are set and that only accept them in individual cases. You can delete or deactivate cookies that are already on your computer at any time. The procedure for this varies depending on your browser, it is best to search for the instructions in Google using the search term "delete cookies chrome" or "deactivate cookies chrome" in the case of a chrome browser or exchange the word "chrome" for the name of your browser, e.g. edge, firefox, safari. If you do not allow us to use cookies in general, i.e. deactivate them via browser settings, some features and pages may not work as expected.

Booking of Tickets for Events

On our homepage we use the online ticket system of Eventjet (Datascroll Eventsupport GmbH, Eggerthgasse 9, 1060 Vienna), which allows you to order tickets for our events. You can find out which data is collected by Eventjet and what this data is used for at https://eventjet.at/static/files/privacy.pdf.

The storage period of the data is the legal retention period. If the data is necessary for official proceedings, it will also be processed for the duration of the proceedings.

Cooperation Events

For events organized by Karall & Konrad OG in cooperation with the followign cooperation partners (each a "Cooperatin Partner"), personal basic data, order data and booking data will be transmitted to the respective Cooperation Partner for the purpose of fulfilling the contract:

  • Wiener Symphoniker (Daffingerstraße 4, 1030 Vienna, Austria, tel: +43 (0) 1 589790, e-mail: This email address is being protected from spambots. You need JavaScript enabled to view it.)
  • TogetherWeCoeur - Verein der Freund:innen und Förder:innen der Sacré Coeur-Schulen (c/o Erzbischöfliches Amt für Schule und Bildung, Stephansplatz 3/IV, 1010 Vienna)

In addition, data voluntarily provided in connection with the purchase of tickets for a cooperation event (name, e-mail address) will be transmitted to the Cooperation Partner for the following direct marketing purposes: To send satisfaction surveys on service and advice, event invitations, vouchers, competitions, discount promotions and contacts, as well as to send marketing and product information of Karall & Konrad OG and the Cooperation Partner by us as well as by the Cooperation Partner via e-mail in the sense of § 107 of the Austrian Telecommunications Act (TKG).

Contact Tracing

In the event of a COVID-19 infection occurring at a concert, we are entitled to retain names and contact details for each ticket booking and, if necessary, to pass them on to the COVID-19-officer and the health authorities for contact tracing purposes. The data processing is justified under Art. 6 para. 1 lit. f GDPR considering the required balancing of interests, since the health protection of the contact persons for a quick reachability outweighs the intrusion to disclose contact data at a voluntarily attended event.

Production and Use of Photographs and/or Film Recordings (Including Audio) at Events.

We make photo and/or film recordings (including audio) at events.

The purpose of the processing is to take pictures at our events and to use them in the context of public relations work in order to document the respective events, to make them known to a wider public, to present our activities in this regard and in this way to give business partners and other organizations and persons interested in activities of ours a confidence-building and customer-oriented impression and to increase the level of awareness of the events.

The legal basis for the processing is our prevailing legitimate interests in compliance with proportionality pursuant to Art 6 para. 1 lit. f GDPR, which follow from the purpose of the the processing and where it can be assumed that, on the one hand, the event participants can reasonably expect and accept the production and use of photo and/or film recordings (including audio) at events of this nature under normal circumstances and, on the other hand, the processing of the recordings does not interfere with the rights and freedoms of the persons depicted, no adverse consequences result for these persons and, moreover, the processing is in compliance with data protection law and other laws. The processing is necessary because the stated purpose of public relations is only possible through the pictorial representation of the event with its participants (often including public figures).

The addressees of the photo and/or film recordings (including sound) are the general public through publication of the recordings on websites, in social media and in printed media (including books) as well as in radio and TV. When publishing the photo and/or film recordings (including audio), it cannot be ruled out that a viewing from third countries will take place or that the image recordings will become known in third countries.

The photo and/or film recordings (including audio) are stored until the end of the third year after the last use, because only then can it be assumed that they are no longer required for the purpose of processing. Photo and/or film recordings (including sound), in particular those with public figures, may also be stored for longer for archiving purposes. This does not affect a case-by-case review in the event of a request for deletion.


You have the opportunity to subscribe to our newsletter via our website / as part of the booking process in our online ticket system. With your consent you can subscribe to our newsletter, with which we inform you about our current interesting offers. The advertised goods and services are named in the declaration of consent.

When you register, we store the IP address you use and the time of registration. The purpose of this procedure is to be able to prove your registration and, if necessary, to clarify any possible misuse of your personal data.

Your e-mail address is the only mandatory information for sending of the newsletter. The provision of further, separately marked data is voluntary and is used to be able to address you personally. We store your e-mail address for the purpose of sending the newsletter. The legal basis is Art. 6 para. 1 lit. a GDPR.

You can revoke your consent to the newsletter at any time and unsubscribe from the newsletter. You can revoke your consent by clicking on the link provided in each newsletter e-mail or by sending an e-mail to This email address is being protected from spambots. You need JavaScript enabled to view it.

We use an external service provider for the sending of newsletters. A separate order data processing agreement has been concluded with this service provider to ensure the protection of your personaldata. We currently work together with the following service provider:

The Rocket Science Group LLC d/b/a MailChimp
675 Ponce De Leon Ave NE, Suite 5000
Atlanta, Georgia 30308
Phone: +1 404 806-5843
e-mail: This email address is being protected from spambots. You need JavaScript enabled to view it.
The following data is transmitted to MailChimp:
- Company name
- E-mail address
- IP address
- The interests you have indicated

Further information can be found in the privacy policy of MailChimp which is available at https://mailchimp.com/legal/privacy/.

MailChimp or its parent company The Rocket Science Group LLC is certified under the US-EU-Privacy-Shield-Agreement and thus ensures that the European data protection level is respected. The current status of the certification can be checked under the following link:

Google Maps Privacy Policy

We use Google Maps of the company Google Inc. (1600 Amphitheatre Parkway Mountain View, CA 94043, USA) on our website. By using the features of this map, data is transferred to Google. You can read which data is collected by Google and what this data is used for at https://www.google.com/intl/de/policies/privacy/.

Google Analytics Privacy Policy

On this website we use Google Analytics from Google Inc. (1600 Amphitheatre Parkway Mountain View, CA 94043, USA) to evaluate visitor data statistically. Google Analytics uses target-oriented cookies for this purpose. Further information on terms of use and data protection can be found at http://www.google.com/analytics/terms/de.html bzw. unter https://support.google.com/analytics/answer/6004245?hl=de.


Our objective, within the meaning of the GDPR, is the improvement of our services and our web appearance. Since the privacy of our users is important to us, the user data is pseudonymised. Data processing is based on the statutory provisions of § 96 Para. 3 TKG and Art. 6  GDPR, particularly Art. 6 Para. 1 lit a (consent) and/or f (legitimate interest) GDPR.

Disabling Data Collection by Google Analytics

The browser add-on to disable Google Analytics JavaScript (ga.js, analytics.js, dc.js) helps website visitors to prevent Google Analytics from using their information. You can prevent Google from collecting the data generated by the cookie and related to your use of the website and Google from processing this data by downloading and installing the browser plug-in available at the following link: https://tools.google.com/dlpage/gaoptout?hl=de.

Google Analytics Add-On for Data Processing

We have concluded a direct customer contract with Google for the use of Google Analytics by accepting the "add-on for data processing" in Google Analytics. You can find out more about the data processing supplement for Google Analytics here: https://support.google.com/analytics/answer/3379636?hl=de&utm_id=ad.

YouTube Privacy Policy

On this page we use the video service YouTube from YouTube, LLC, 901 Cherry Ave, San Bruno, CA 94066, USA. By accessing pages on our website that have integrated YouTube videos, data is transferred to YouTube, stored and evaluated. If you have a YouTube account and are logged in, this information will be associated with your personal account and the information it contains. You can find out what data Google collects and what this data is used for at https://www.google.com/intl/de/policies/privacy.


Within our online services features and content of the service Tripadvisor, offered by TripAdvisor LLC, 400 1st Avenue Needham, MA 02494, USA, can be integrated. Contact information of the representative within the European Union: TripAdvisor Limited, 7 Soho Square, London, W1D 3QB, United Kingdom. If the users are members of the platform Tripadvisor, Tripadvisor can match the call of the above mentioned contents and functions to the profiles of its users. Privacy policy of Tripadvisor: https://tripadvisor.mediaroom.com/AT-privacy-policy.

On the basis of our legitimate interests (i.e. interest in the analysis, optimisation and commercial operation of our online services, optimisation of our services within the meaning of Art. 6 Para. 1 lit. f. GDPR), we are entitled to pass on your e-mail address to TripAdvisor for the purpose of sending e-mails asking for a review ("Review Express") of our services. TripAdvisor uses your e-mail address exclusively for Review Express e-mails and its systems ensure that you do not receive any superfluous enquiries. If you wish to write a review, you will first need to create a Tripadvisor account (if you do not already have one). At this point, you will be able to sign up for marketing emails. If you sign up, you will receive general email campaigns from Tripadvisor in the future.

Facebook Pixel

We use the Facebook Pixel from Facebook on our website. For this purpose, we have implemented a code on our website. The Facebook pixel is a snippet of JavaScript code that loads a collection of functions that allow Facebook to track your user actions if you came to our website via Facebook ads. For example, when you purchase a product on our website, the Facebook pixel is triggered and stores your actions on our website in one or more cookies. These cookies allow Facebook to match your user data (customer data such as IP address, user ID) with your Facebook account data. Then Facebook deletes this data again. The collected data is anonymous and not visible to us and can only be used in the context of ad placements. If you yourself are a Facebook user and are logged in, the visit to our website is automatically assigned to your Facebook user account.

We want to show our services or products only to those people who are really interested in them. With the help of Facebook pixels, our advertising measures can be better tailored to your wishes and interests. Thus, Facebook users (if they have allowed personalized advertising) get to see suitable advertising. Furthermore, Facebook uses the collected data for analysis purposes and its own advertisements.

If you are logged in to Facebook, you can change your settings for advertisements yourself at https://www.facebook.com/adpreferences/advertisers. If you are not a Facebook user, you can basically manage your usage-based online advertising at https://www.youronlinechoices.com/de/praferenzmanagement/. There you have the option to deactivate or activate providers.

Facebook also processes data from you in the USA, among other places. Facebook or Meta Platforms is an active participant in the EU-US Data Privacy Framework, which regulates the correct and secure transfer of personal data of EU citizens to the USA. More information on this can be found at https://commission.europa.eu/document/fa09cbad-dd7d-4684-ae60-be03fcbOfddf_en.

In addition, Facebook uses so-called standard contractual clauses (= Art. 46. para. 2 and 3 DSGVO). Standard Contractual Clauses (SCC) are templates provided by the EU Commission and are intended to ensure that your data complies with European data protection standards even if it is transferred to third countries (such as the USA) and stored there. Through the EU-US Data Privacy Framework and through the standard contractual clauses, Facebook undertakes to comply with the European level of data protection when processing your relevant data, even if the data is stored, processed and managed in the US. These clauses are based on an implementing decision of the EU Commission. You can find the decision and the corresponding standard contractual clauses here, among other places: https://eur-lex.europa.eu/eli/dec_impl/2021/914/oj?locale=de  

The Facebook data processing terms and conditions, which refer to the standard contractual clauses, can be found at https://www.facebook.com/legal/terms/dataprocessing.

If you want to learn more about Facebook's data protection, we recommend that you read the company's own data policies at https://www.facebook.com/privacy/policy.


Karall & Konrad OG
Worellstraße 3
A - 1060 Vienna
Tel: +43 (0) 1-581 86 40
Fax: +43 (0) 1-595 27 25
This email address is being protected from spambots. You need JavaScript enabled to view it.