Postponed
Postponed to 2022,
Date to be announced!

Privacy policy

Stored data

Ticket shop

We use a self-hosted ticket shop (Pretix Community Edition, Free and Open Source). The software runs on a web server located in Germany under the direct control of Drupal e. V. The board members as well as the organizers of the DrupalCamping have access to personal data stored in Pretix in connection with this event.

The following personal information is saved when ordering tickets:

The following information is also stored as part of the payment process:

Further information on the subject at Pretix: https://pretix.eu/about/en/privacy

Payment processing

The ticket shop processes all payments via Stripe. This service has high security standards. The backend does not allow you to view payment details.

All credit card numbers are stored encrypted with AES-256. The infrastructure for storing, decrypting and transferring payment data runs on physically separate infrastructures. Detailed information at Stripe: https://stripe.com/docs/security/stripe

Ticketshop API

Pretix provides an interface that can be used to call up information about participants in an event. This interface can only be used with an access key and only if the interface is generally activated for an event has been. We may use this option to name the participants on the website.

Lists of names, name tags

For admission control, we can generate name lists and / or name tags from the information stored. Name lists and name badges that have not been issued will be destroyed shortly after the end of the event. Participant lists will not be passed on to third parties (with the exception of advertisements on websites that were initiated by the participants themselves).

Use of the data and recipients of the data

The data transfer to third parties takes place exclusively for the fulfillment of contracts which are directly related to the data collection.

Purpose and legal basis of data collection, processing or use

The legal basis for the processing of personal data is Article 6, Paragraph 1, Letter b) GDPR, as the processing is necessary for the fulfillment of a contractual relationship - here: participation in DrupalCamping - is required. The main purpose of the collection, processing and use of personal data is the support and administration of the participants as well as the pursuit of the association's goal and the achievement of the association's purpose.

The processing of the data is necessary to safeguard a legitimate interest of our association (Art. 6 Para. 1 lit. f GDPR). For the collection of further personal data and for such data that are to be published in the association's publications and / or online media, a written declaration of consent is obtained from the participants in compliance with Art. 7 GDPR. The data processing takes place on the basis of the legal regulations of Art 6 Abs. 1 lit a (consent). The decision to collect further personal data and to publish it is made voluntarily by the member. The participants can revoke their consent at any time without negative consequences with effect for the future in writing to the association's board, also by email: vorstand@drupal.de

Deletion and blocking of personal data

We process and store personal data of the data subject only for the period that is necessary to achieve the storage purpose or if this has been provided for by the European directives and regulations or another legislator in laws or regulations to which the person responsible for processing is subject . If the storage purpose no longer applies or if a storage period prescribed by the European directives and regulations or another competent legislator expires, the personal data routinely blocked or deleted in accordance with the statutory provisions. Personal data relating to cash management will be stored for up to ten years from the purchase of the ticket in accordance with tax regulations. You will be banned.

Your rights

Participants in DrupalCamping have the right to information from the association about the data stored and to have it corrected and deleted (unless Article 6, Paragraph 1, lit b) or lit. f) GDPR is concerned). This also relates to a restriction of data processing or an objection to data transmission. A corresponding request must be sent to the board in writing. If you believe that the processing of your data violates data protection law or your data protection claims have been violated in any other way, you can complain to the supervisory authority.

Right of objection and withdrawal

Requests for information, correction and deletion, as well as the revocation or objection to the further use of the data, any consents given to us can be declared informally by email to vorstand@drupal.de