Privacy policy of Bunfire Veranstaltungs GmbH 

Bunfire Veranstaltungs GmbH is aware of its great responsibility in the processing of personal data and is therefore committed to full compliance with data protection rights as part of its social responsibility. Safeguarding the personal rights and privacy of each individual is the top priority for Bunfire Veranstaltungs GmbH when dealing with personal data.

In doing so, we act in accordance with the principles of lawfulness, transparency, purpose limitation, storage limitation and data security.
The purpose of this privacy statement is to provide information about the processing of personal data (transparency) and to facilitate access to rights and options under data protection regulations.
It also describes those measures that Bunfire Veranstaltungs GmbH has taken to protect the security and confidentiality of the data.

The processing of personal data is collected and processed by Bunfire Veranstaltungs GmbH exclusively for the purposes specified prior to the collection of the data. We only process those personal data for which we have explicit consent, e.g.: for processing an accreditation or for sending information material). All personal data is processed in strict compliance with the applicable data protection regulations. Personal data will neither be published by Bunfire Veranstaltungs GmbH nor passed on to third parties without authorization. Data processing takes place exclusively in the EU country.
This privacy policy applies to the website "". Individual pages, may contain links to other providers inside and outside the site, to which the privacy policy does not extend. For these contents we assume no liability.

Legal basis of our data processing

We only process data from interested parties, information recipients and journalists who have provided us with their data on the basis of explicit consent. The data processing is based on the following legal bases:
The personal data are provided by the data subjects themselves, whereby they expressly consent to their processing for the respective purpose. This consent can be revoked at any time.

Order processor

Commissioned data processing occurs when a processor(s) is commissioned to process personal data without being given responsibility for the associated business process. In these cases, we conclude a commissioned data processing agreement with the external processor(s). In doing so, One Love Austria GmbH retains full responsibility for the correct performance of data processing in accordance with data protection law. The processor may only process personal data within the framework of the instructions of the responsible parties.

Bunfire Veranstaltungs GmbH only works with processors (e.g. agencies) that provide sufficient guarantees that appropriate technical and organizational measures are taken during processing in accordance with the requirements of the GDPR and ensure the protection of personal data. Processing by a processor is only carried out on the basis of a contract with Bunfire Veranstaltungs GmbH, which precisely specifies the duration, nature and purpose of the processing. All processors who process and verify personal data regularly check whether the provisions of data protection law are complied with.

Types of data and purpose of processing

Personal data of interested parties and journalists, (name, address, telephone number, e-mail address, etc.) are collected and processed for the purpose of processing inquiries and providing information about the One Love Festival .
The use of personal data for sending electronic mail for advertising purposes, for information and event invitations is only for this purpose and can be revoked at any time.

Duration of data storage

Bunfire Veranstaltungs GmbH stores personal data only as long as they are needed for the purpose of processing and as long as required by law. After that, they are irrevocably deleted.

Collection and processing of personal data when visiting our website

When you visit our website, our web servers temporarily store each access in a log file. The following data is collected and stored until automated deletion, which usually takes place every 6 months:

Additional personal information such as your name, address, telephone number or e-mail address is not collected unless you provide this information voluntarily, e.g. when contacting us.

The entire website content on "" can therefore be viewed and used in full without establishing a connection to third parties or without embedded elements from third parties. If a visitor wishes to use functions such as Facebook Like buttons, the functionality is only activated after explicitly clicking on the corresponding icons. Displayed social media content such as Flickr images or Twitter posts are not loaded from these platforms, but are stored on servers of Bunfire Veranstaltungs GmbH and delivered from there. This prevents third parties from being able to measure who is viewing their content when visiting


Already when visiting our website for the first time, you can be made aware of the use of cookies. Cookies are small, temporarily stored text files that websites send to the browser and store when the user visits the website. When the user then visits the same website the next time, these cookies are sent back to the website.

Users can influence the use of cookies. Most browsers have an option to restrict or completely prevent the storage of cookies. However, it should be noted that the use and especially the comfort of use can be limited without cookies.

Data security measures

The personal data processed by Bunfire Veranstaltungs GmbH are stored and secured with special care on both a technical and organizational level. They are protected against accidental or unlawful destruction and against loss, and Bunfire Veranstaltungs GmbH ensures that they are used properly and that the data are not accessible to unauthorized persons.

Data Protection Officer

The data protection officer works closely with the highest organizational level and is the first point of contact for data protection and data security issues. Bunfire Veranstaltungs GmbH and the data protection officer meet at regular intervals to address data security and data protection issues.

The data protection officer is responsible for informing and advising the management and employees who process personal data with regard to their duties and tasks under data protection law and for monitoring compliance with these legal regulations. He is responsible for monitoring Bunfire Veranstaltungs GmbH 's strategies for the protection of personal data, including the assignment of responsibilities, the sensitization and training of the employees involved in the processing operations and the related reviews.

He or she shall cooperate with the supervisory authority, if necessary, and shall act as a contact person for the supervisory authority in matters related to the processing of personal data, including prior consultation. Data subjects may consult the Data Protection Officer on any matter related to the processing of their personal data and the exercise of their rights. Bunfire Veranstaltungs GmbH ensures that the data protection officer does not receive any instructions in the performance of his/her duties. The contact details for the data protection officer of the SPÖ can be found in the contact information at the end of the privacy policy.

Reporting obligation

In the event of a personal data breach, Bunfire Veranstaltungs GmbH is obliged to notify the data protection authority of such breach without undue delay. If it can be assumed that such a breach will affect the privacy of individuals or the personal data itself, the data protection authority may - after taking into account the likely adverse effects of the breach - request Bunfire Veranstaltungs GmbH to carry out a notification of the affected individuals.

Information about data subject rights

As a data subject, you have a right to information regarding the personal data stored about you, a right to correct inaccurate data, to restrict and object to processing, and to request deletion. In order to exercise these rights, you must prove your identity in an appropriate form. Our information will list the processed data, the information about its origin, any recipients or groups of recipients of transfers, the purpose of the data use and the legal basis for this in a generally understandable form. At your request, the names and addresses of processors must also be disclosed.

As a person requesting information, you must cooperate in the information procedure to a reasonable extent in order to avoid unjustified and disproportionate effort on the part of the data controller.

Within one month of receipt of your request, we will provide the information or explain in writing why it cannot be provided or cannot be provided in full.