free delivery from 50€ within germany

  • shop@bsv.bayern.de
  • Phone: +49 89 17908-0 and -165
  • English

Privacy policy

With this description of our privacy policy, the Bavarian Palace Administration would like to inform you about the processing of personal data and your rights in this respect.

Our privacy policy applies to all persons who make or have contact with the Bavarian Palace Administration or who use services of the Bavarian Palace Administration, which includes the website. Third parties (such as online platforms like facebook or YouTube, to which there are links on our web pages) can also collect, use and disseminate information. This privacy policy does not apply to such third parties or their services and we cannot accept any responsibility for the potential use by these third parties of the information they collect. For information about the data protection practices of third parties, please contact them directly.

Contact details of our data protection officer

You can reach our official data protection officer at:

Behördlicher Datenschutzbeauftragter der Bayerischen Schlösserverwaltung
-persönlich-
Schloss Nymphenburg, Eingang 16, 80638 München
Postal address: Postfach 20 20 63, 80020 München
Telephone: +49 89 17908-130
Telefax: +49 89 17908-154
datenschutzbeauftragter@bsv.bayern.de

Personal data

When you access these or other Internet pages, you transmit data to our Web server via your Internet browser. The data recorded during an ongoing connection for communication between your internet browser and our web server can be found under "Logging". For an order / purchase transaction in our online shop, the following personal data is also collected according to the DSGVO:

  • First name and surname

  • address

  • email address

  • Phone

  • Bank and/or credit card details

Payment processing in the online shop of the Bavarian Palace Department

Your bank and payment data (credit card data), which you enter when placing an order in the online shop, are neither collected nor processed or stored on the EDP systems of the Bavarian Palace Department. Payments are processed exclusively on computer systems and under the technical and legal responsibility of our respective payment service providers. The following payment service providers are currently used by us for processing payments by credit card and SEPA direct debit:

For payment with "MasterCard, Visa, American Express and SEPA Direct Debit" we use the service provider:

Novalnet AG
Payment institution (ZAG)
Feringastraße 4
85774 Unterföhring

In the case of payment with "purchase on account" or "advance invoice", internal data processing is carried out by the Bavarian Palace Department. For the purpose of payment processing, your details will be transmitted to the Bavarian State Super Cash Office. Should the payment deadline not be met and a judicial assertion of the claim become necessary, the Staatoberkasse Bayern will forward your details to the State Office of Finance responsible for the judicial assertion.

Data transmission

Within the scope of the statutory powers, your personal data will be disclosed to the following companies within the EU:

  • Postal service providers, forwarding agents, shipping service providers, disposal of files/data carriers

  • IT service provider within the scope of maintenance and software maintenance

  • Service providers Credit assessment and debt collection

  • Novalnet AG, Feringastraße 4, 85774 Unterföhring, Germany

  • Staatsoberkasse Bayern

  • State Office of Finance responsible for the judicial assertion

  • appointed lawyer, in case of judicial assertion

With this description of our privacy policy, the Bavarian Palace Administration would like to inform you about the processing of personal data and your rights in this respect.

Our privacy policy applies to all persons who make or have contact with the Bavarian Palace Administration or who use services of the Bavarian Palace Administration, which includes the website. Third parties (such as online platforms like facebook or YouTube, to which there are links on our web pages) can also collect, use and disseminate information. This privacy policy does not apply to such third parties or their services and we cannot accept any responsibility for the potential use by these third parties of the information they collect. For information about the data protection practices of third parties, please contact them directly.

Legal basis of the data processing

The legal basis for the processing of your personal data – where not otherwise stated – is article 6 paragraph 1 letter e of the General Data Protection Regulation (Datenschutz-Grundverordnung ‘DSVGO’ (in conjunction with article 4 paragraph 1 of the Bavarian Data Protection Law (Bayerisches Datenschutzgesetz ‘BayDSG’). The data can only be processed with your consent in accordance with article 6 paragraph 1 letter a DSGVO.

Recipients of personal data

Insofar as your data is processed electronically, our data processing systems are operated by the IT service centre of the State Office for Digitalization, Broadband and Measurements. Your data may be passed on to the relevant supervisory and audit authorities that have right of control.

Length of time the personal data is stored

Your data will be stored by the Bavarian Palace Administration in compliance with legal retention periods for as long as is necessary for the purpose in hand.

Your data protection rights

Your rights as a data subject are as follows:

  • You have the right to receive information concerning the data stored about you (article 15 DSGVO).

  • If data are inaccurate, you have the right to obtain rectification (article 16 DSGVO).

  • If there are no legitimate grounds for retaining your personal data, you can request its erasure or restriction of the processing and can also object to the processing (articles 17, 18 and 21 DSGVO).

  • If the processing is based on consent or a contract and if the processing is carried out by automated means, you also have the right to have your data transmitted to you (right to data portability, article 20 DSGVO).

Should you make use of the above rights, we will ascertain whether this meets the legal requirements.

Independently of the above, you have right of complaint to the relevant supervisory authority.

The relevant supervisory authority for Bavarian public bodies is the Bavarian State Data Protection Officer (Landesbeauftragte für den Datenschutz), who can be contacted as follows:

PO Box: Postfach 22 12 19, 80502 München
Address: Wagmüllerstraße 18, 80538 München
Telephone: +49 89 212672-0
Telefax: +49 89 212672-50
E-mail: poststelle@datenschutz-bayern.de
Internet: www.datenschutz-bayern.de

The relevant supervisory authority for the processing of personal data in connection with the tax code is the Federal Official for Data Protection and Freedom of Information (Bundesbeauftragter für den Datenschutz und die Informationsfreiheit ‘BfDI’), who can be contacted as follows:

Der Bundesbeauftragte für den Datenschutz und die Informationsfreiheit
Address: Husarenstraße 30, 53117 Bonn
Telephone: +49 0228 997799-0
Telefax: +49 228 997799-5550
E-mail: poststelle@bfdi.bund.de
Internet: www.bfdi.bund.de

Right to withdraw consent

If you have consented to the processing of your personal data, you can withdraw this consent at any time with effect for the future. Until your consent is withdrawn, the processing remains legitimate.

Technical implementation

Our web server is operated by the IT service centre of the State Office for Digitalization, Broadband and Measurements. The personal data passed on when you visit our website is thus processed on our behalf by this office:

Landesamt für Digitalisierung, Breitband und Vermessung
IT-Dienstleistungszentrum des Freistaats Bayern
St.-Martin-Straße 47, 81541 München
poststelle@ldbv.bayern.de

Recording

When you call up this or other Internet sites, you pass on data to the web server via your Internet browser. The following data are recorded during an active connection for communication between your Internet browser and the web server of the Bavarian Palace Administration:

  • Date and time of access

  • Name of the file requested

  • Page from which the file was requested

  • Access status (file transferred, file not found, etc)

  • Web browser and operating system used

  • Complete IP address of the computer requesting the file

  • Quantity of data requested

For reasons of technical security, in particular for countering attempted hacking on the web server, these data are stored by us. After seven days at the latest, the data are anonymized at domain level by abbreviation of the IP address, so that it is no longer possible to link them with individual users. These data are forwarded for information security purposes in accordance with article 12 of the Bavarian E-Government Law (Bayerisches E-Government Gesetz) to the State Office for Information Security.

Cookies

When you access this Internet site, cookies (small files) with a maximum validity of one year are stored on your hard disk. They serve solely to identify you during your visit to the Internet pages of the Bavarian Palace Administration. Most browsers are set up to accept the use of cookies, but you can set your Internet browser to cancel this function during the session in question or on a permanent basis.

Active components

Active components such as Javascript, Java applets or ActiveX controls may be used in the information provided by the Bavarian Palace Administration. You can set your Internet browser to cancel this function.

Collection of further data

Personal or business data (e.g. name, addresses, e-mail addresses) can be entered on the Bavarian Palace Administration’s site. Any personal information that we receive is used only for sending requested publications or information and is not passed on to third parties. The use of the services is entirely voluntary.

The e-mail addresses for the mailing of the newsletter are stored and used only for this purpose. The newsletter can be cancelled at any time and your e-mail address will then be immediately deleted.

Electronic post (e-mail)

Information that you send unencrypted by electronic post (e-mail) to the Bavarian Palace Administration may be read en route by third parties. The Bavarian Palace Administration cannot usually check your identity and does not know whose e-mail address it is. Legally secure communication by simple e-mail is thus not guaranteed. Like many e-mail servers, the Bavarian Palace Administration uses filters to block unwanted advertising (‘spam filters’) which in isolated cases also wrongly identify normal e-mails as unwanted advertising and delete them. We always automatically delete e-mails with malicious programmes (‘viruses’).

If you want to send us an e-mail with confidential content, we recommend that you encrypt it and sign it to prevent it from being seen by unauthorized persons and falsified en route, or that you use the conventional postal services.

Encrypted e-mails can be sent to us via S/MIME. Send these to the following e-mail address: poststelle@bsv.bayern.de. The certificates of the Bavarian Administration can be found in the central LDAP directory of the Bavarian authority network at ‘directory.bayern.de’. Further information about the Bavarian Administration PKI can be found on the following website: www.pki.bayern.de

Please also inform us whether and by what means the Bavarian Palace Administration can reply to you with an encrypted e-mail and whether – should this not be possible – you would accept an unencrypted e-mail. If you are unable to receive encrypted e-mails, please give us your postal address for a reply to your confidential communication.

Contact and further information

If you have any questions about data security in connection with this Internet site, please contact the official data protection officer.