Skip to content
DE

Privacy policy

The protection of your personal data is of particular concern to Bundestheater-Holding GmbH, Goethegase 1, 1010 Vienna. Bundestheater-Holding GmbH complies with the applicable legal provisions for the protection, lawful handling and confidentiality of personal data and for data security, in particular the Austrian Data Protection Act (DSG), the EU General Data Protection Regulation (GDPR) and the Telecommunications Act (TKG).

The use of our website is possible without providing personal information.

The following provisions are, to inform you about the type, scope and purpose of the collection, use und processing of personal information by Österreichische Bundestheater-Holding GmbH as well as about your rights.


For information on the processing of personal data through the use of our website, please refer to our cookie statement, which should be read in conjunction with this privacy policy.

Data processing, purposes and legal bases

According to the GDPR, personal data means any information relating to an identified or identifiable natural person, such as name, email address, customer number, etc.

Bundestheater-Holding GmbH processes personal data for the following purposes:

  • Processing enquiries via the contact form, applications for vacancies
  • Ticketing: Together with the stage companies of the Bundestheater Group (Vienna State Opera, Burgtheater and Volksoper Wien GmbH), Bundestheater-Holding GmbH processes customer data in a joint database. Together with Wiener Staatsoper GmbH, Burgtheater GmbH and Volksoper Wien GmbH, Bundestheater-Holding GmbH is therefore a joint controller within the meaning of Art. 26 GDPR and is equally responsible for compliance with the legal provisions, in particular for the lawfulness of data processing.

The following categories of personal data may be processed in order to achieve the aforementioned purposes:

  • Contact information such as name, contact address, telephone number or e-mail address
  • other personal data whose processing is necessary for the initiation, processing and administration of (pre-contractual) obligations
  • other personal data that you provide to us voluntarily.


The legal basis for data processing is:

  • Art. 6 para. 1 lit a GDPR: You have given us your consent to process the personal data concerning you for one or more specific purposes.
  • Art. 6 para. 1 lit b GDPR: Processing is necessary for the performance of a contract to which the data subject is party or in order to take steps at the request of the data subject prior to entering into a contract.
  • Art. 6 para. 1 lit f GDPR: Processing is necessary for the purposes of the legitimate interests pursued by the controller or by a third party, except where such interests are overridden by the interests or fundamental rights and freedoms of the data subject which require protection of personal data, in particular where the data subject is a child.

Contacting us

If you contact us via email, phone, or any other means of communication, the personal data and information you provide will be used solely for the purpose of processing your inquiry and any resulting pre-contractual measures.

Data transfer

Your personal data will not be transferred to third parties unless we are legally obliged to do so or the transfer of data is necessary to fulfil our obligations. To fulfil certain tasks, we use selected service providers who work for us as processors and may be granted access to your data to the extent necessary. This applies, for example, to software solutions or services as part of an IT support contract. All of our processors only process your data on our behalf and on the basis of our instructions for the purposes described above. Furthermore, we ensure through contractual obligations that our processors comply with the legal regulations on data protection in the same way as we do.

Data security

In addition to compliance with the principles of data protection and the obligation of our employees to maintain data secrecy, we take appropriate technical and organisational measures to permanently guarantee the security of data processing, i.e. the confidentiality, integrity, availability, resilience and rapid recoverability of the systems and services used.

Retention period

We store your data in accordance with the legal provisions. As a rule, this is the duration of the customer relationship. A longer retention period may result in particular from legal retention obligations or for the assertion of legal claims. We retain data that we process with your consent until you withdraw your consent.

Analytics tool

As part of our Internet service aimed at continuously improving and tailoring the web presence of Bundestheater-Holding GmbH to the needs of its users, we analyze access to our website using Matomo. This analysis does not involve the use of cookies; Matomo processes solely the log files generated by our website.

We have configured the web server so that your IP address is only recorded in abbreviated form. We therefore do not process any personal usage data. It is not possible for us to draw any conclusions about your person. You can find further information on Matomo's terms of use and data protection regulations at: : https://matomo.org/privacy-policy/

Your rights

  • Right to information
  • Right to rectification
  • Right to erasure (‘right to be forgotten’)
  • Right to restriction of data processing
  • Right to data portability
  • Right to object
  • Right to withdraw consent

Questions and complaints

If you have any questions regarding your personal data, please contact us at datenschutz@bundestheater.at. You can reach the Data Protection Officer of the Austrian Federal Theatres, Silvia Schauer, MSc MBA, at this email address or by post at Data Protection Officer of the Austrian Federal Theatres, Goethegasse 1, 1010 Vienna. You also have the option of lodging a complaint with a data protection supervisory authority. The data protection supervisory authority responsible for us is the Austrian Data Protection Authority.

Whistleblower system

Data processing within the framework of the whistleblower system serves the purpose of implementing the Whistleblower Protection Act (HSchG), which came into force on February 25, 2023, in the Austrian Federal Theatres and thus complying with the legal obligation. The purpose of the law is to uncover misconduct within the meaning of the HSchG and thus ensure compliance with the law.

Legal basis: Art. 6 para. 1 lit c GDPR (fulfillment of a legal obligation)

Type of data processed:

  • Contact details of the whistleblower (optional)
  • Report of the whistleblower
  • Personal data contained in the report (e.g. in continuous text or in documents)

The data is forwarded to the following recipients:

  • Sage GmbH (data processor)
  • Jank Weiler Operenyi Rechtsanwälte GmbH

Rights of data subjects in the whistleblower system: Please note that the exercise of some of the rights of data subjects under the GDPR could hinder the effectiveness of the Whistleblower Protection Act, in particular the submission of reports, the taking of follow-up measures and the guarantee of anonymity of a whistleblower. Against this background, the Austrian legislator has taken measures to restrict the exercise of certain data protection rights of affected persons.

You can access the whistleblower systm here

Final provisions

Please note that Bundestheater-Holding GmbH will continue to adapt this privacy policy (e.g. due to changes in legal regulations, the use of new technologies or the expansion of our offers and services). We therefore recommend that you consult this privacy policy regularly.

Stand: July 2025

Order now
Bundestheater
Card!