top of page
A lock overlooking a river and a bridge highlighting the secure privacy policies of ZeitPass

ZeitPass - Privacy Policy

Last updated: 13-May-2026

ZeitPass takes your privacy seriously. This Privacy Policy explains what personal data we collect, why we collect it, how we use it, and what rights you have over it. We operate in full compliance with the EU General Data Protection Regulation (GDPR) and the German Federal Data Protection Act (BDSG).

If you have any questions, contact us at contact@zeitpass.com.

 

1. Who We Are

The data controller for all personal data collected through ZeitPass services is:

ZeitPass UG (haftungsbeschränkt)

Südliche Münchner Str. 62, 82031 Grünwald, Germany

HRB 312002, Amtsgericht München

Email: contact@zeitpass.com

2. What This Policy Covers

This Privacy Policy applies to all ZeitPass services, including:

  • The ZeitPass website at zeitpass.com and all associated pages and subdomains.

  • The Munich Shortlist, our free weekly email newsletter.

  • The ZeitPass User Portal, our members-only platform for paid subscribers.

3. What Personal Data We Collect

3.1 Newsletter Subscribers

When you subscribe to the Munich Shortlist, we may collect:

  • Your name and email address, as provided during subscription.

  • Technical and engagement data such as email open rates, link clicks, and subscription source, collected automatically by our email platform.

3.2 Website Visitors

When you visit zeitpass.com, we may collect:

  • Usage data such as pages visited, clicks, session identifiers, and navigation patterns, collected through analytics tools subject to your cookie consent.

  • Technical data such as your IP address, browser type, operating system, and device information.

3.3 User Portal Members

When you register for and use the User Portal, we may collect the following categories of data:

  • Account and identity data: your name, email address, phone number (optional), and securely stored authentication credentials.

  • Membership data: your membership plan, renewal date, and experience quota, as assigned by ZeitPass.

  • Preferences: information you provide during onboarding about your interests and preferences, used to personalise your event recommendations.

  • Booking data: details relating to booking requests you make through the portal, including your preferences for venue, date, and language, as well as booking status, feedback, and related correspondence.

  • Usage and activity data: information about how you interact with the portal, such as features used, content viewed, and actions taken, used to improve our service and personalise your experience.

3.4 Data We Do Not Collect

ZeitPass does not collect:

  • Payment card details. All payment processing is handled by our payment processor.

  • Precise GPS or device location data.

  • Biometric data.

  • Personal data from individuals under the age of 18.

4. How We Use Your Personal Data

We use your personal data only for the purposes set out below and on the legal basis indicated.

  • Consent (Art. 6(1)(a)): Delivering the Munich Shortlist newsletter to your inbox; setting non-essential cookies on the website.

  • Contract performance (Art. 6(1)(b)): Creating and managing your User Portal account; processing and coordinating bookings; enforcing membership terms.

  • Legitimate interest (Art. 6(1)(f)): Improving and personalising our services; analysing usage patterns; maintaining security; communicating service-related updates.

  • Legal obligation (Art. 6(1)(c)): Retaining records as required under applicable German commercial and tax law.

ZeitPass does not use your personal data for targeted advertising and does not sell, rent, or trade your data to any third party for commercial purposes.

5. Third-Party Service Providers

We share your personal data only with trusted third-party service providers who support the operation of ZeitPass services. All providers are bound by data processing agreements and are required to process data in accordance with the GDPR. The following providers may process your data depending on which ZeitPass services you use.

5.1 Email Platform

We use Beehiiv, Inc. as our email platform provider to deliver the Munich Shortlist newsletter, manage subscriber lists, and provide engagement analytics. Subscriber names, email addresses, and engagement data may be processed by Beehiiv. Privacy policy: beehiiv.com/privacy.

5.2 Infrastructure and Data Storage

User Portal data, including account information, preferences, booking records, and associated documents, is stored on secure cloud infrastructure hosted within the European Union. Data processed under this arrangement does not leave the EEA.

5.3 Analytics

We may use analytics tools to understand how our website and portal are used and to improve our services. Where such tools involve the use of cookies or similar technologies, they are subject to your consent. Analytics data is anonymised or pseudonymised where possible and is not used to identify you individually.

5.4 Artificial Intelligence and Automated Processing

We may use artificial intelligence tools and services to support and improve our content, workflows, and product features. Where such tools are used in ways that involve your personal data, we ensure that appropriate safeguards and processing agreements are in place. No automated decision-making with legal or similarly significant effects is applied to individual users without human oversight.

5.5 Content Delivery and Media

We may use third-party content delivery networks and media hosting services to display images and load website assets. These services may process your IP address as part of standard content delivery operations.

5.6 Mapping Services

Where the portal displays venue information, we may provide links to third-party mapping services for directions. These links open in a new tab and are only activated by your deliberate action. Any data subsequently processed by those services is subject to their own privacy policies.

5.7 Cookie Consent Management

Cookie consent on zeitpass.com is managed through a consent management platform. Your preferences are stored to ensure they are respected across sessions.

5.8 Payment Processing

Membership payments are processed by a third-party payment processor. Payment card details are handled entirely by the processor and are never stored by ZeitPass. Details of the payment processor are provided at the point of purchase.

5.9 Legal Disclosure

ZeitPass may disclose personal data to law enforcement or regulatory authorities where required by applicable German or EU law, or where necessary to protect the rights of ZeitPass or its users.

6. Cookies and Tracking

ZeitPass uses cookies and similar tracking technologies on zeitpass.com. When you first visit the website, you will be presented with a cookie consent banner. You may accept all cookies, essential cookies only, or adjust your preferences at any time through the cookie settings in the website footer.

  • Essential cookies: Required for the website to function correctly. These cannot be disabled.

  • Analytics cookies: Used to collect anonymised data about how visitors use the site. These are only activated with your consent.

7. Data Retention

We retain your personal data only for as long as necessary for the purposes described in this policy or as required by law.

  • Newsletter subscriber data: Retained while you remain an active subscriber. Removed from active lists upon unsubscription. Permanently erased upon a valid erasure request.

  • User Portal account and profile data: Retained while your account is active. Deleted upon a valid account deletion request.

  • Preferences and personalisation data: Retained while your account is active. Deleted with your account.

  • Booking records: Retained for the minimum period required under applicable German commercial and tax law.

  • Usage and activity data: Retained for a rolling period and deleted on a scheduled basis. ZeitPass does not retain granular activity data indefinitely.

  • Analytics data: Retained per the settings of the applicable analytics provider, typically up to 12 months.

You may request deletion of your personal data at any time. See Section 8 for details.

8. Your Rights Under GDPR

As a data subject, you have the following rights. All rights are exercisable free of charge by contacting contact@zeitpass.com.

  • Right of access (Art. 15): Request a copy of all personal data we hold about you.

  • Right to rectification (Art. 16): Request correction of inaccurate or incomplete data.

  • Right to erasure (Art. 17): Request permanent deletion of your personal data, subject to any legal retention obligations.

  • Right to restriction (Art. 18): Request that we limit the processing of your data under certain circumstances.

  • Right to data portability (Art. 20): Request your data in a structured, machine-readable format.

  • Right to object (Art. 21): Object to processing based on legitimate interest at any time, including product analytics.

  • Right to withdraw consent (Art. 7(3)): Where processing is based on your consent, withdraw it at any time without affecting the lawfulness of prior processing.

ZeitPass will respond to all GDPR rights requests within 30 days of receipt, in accordance with GDPR Article 12.

8.1 Supervisory Authority

If you believe we have handled your personal data unlawfully, you have the right to lodge a complaint with the competent supervisory authority. In Bavaria, this is:

Bayerisches Landesamt für Datenschutzaufsicht (BayLDA)

www.lda.bayern.de 

If you reside in another EU member state, you may also contact the supervisory authority in your country of residence.

9. Data Security

ZeitPass applies appropriate technical and organisational measures to protect your personal data against unauthorised access, loss, or alteration. These include encrypted data transmission, access controls, role-based permissions, and secure storage practices.

In the event of a personal data breach likely to result in a risk to your rights, ZeitPass will notify the competent supervisory authority within 72 hours and will inform affected users without undue delay, in accordance with GDPR Articles 33 and 34.

10. International Data Transfers

Where possible, ZeitPass processes personal data within the European Union. Where certain service providers are based outside the EEA, we ensure that appropriate safeguards are in place, including EU Standard Contractual Clauses (SCCs) as approved by the European Commission or reliance on an adequacy decision where applicable.

ZeitPass does not transfer personal data to any country or organisation that does not provide an adequate level of protection.

11. Age Restriction

ZeitPass services are intended exclusively for individuals aged 18 or over. We do not knowingly collect personal data from anyone under 18. If we become aware that a user is under 18, their data will be deleted promptly. If you believe a minor has accessed a ZeitPass service, please notify us at contact@zeitpass.com.

12. Updates to This Policy

We may update this Privacy Policy from time to time to reflect changes in our services, data practices, or applicable law. The current version is always available at zeitpass.com/privacy-policy. Where changes are material, we will notify active subscribers and members by email at least 14 days before the changes take effect.

13. Contact

For any questions or requests regarding this Privacy Policy or the handling of your personal data:

ZeitPass UG (haftungsbeschränkt)

Südliche Münchner Str. 62, 82031 Grünwald, Germany

HRB 312002, Amtsgericht München

Email: contact@zeitpass.com

Website: zeitpass.com

ZeitPass will respond to all data protection enquiries within 5 business days and to formal GDPR rights requests within 30 days.

bottom of page