Was Goht? Logo
Was goht, Schwiiz?
EventsPartiesVenues
Sign inSign up
Was Goht? LogoWas goht, Schwiiz?

Your event calendar for events & parties in Switzerland

Quick Links

  • Events
  • Parties
  • Venues
  • For Organizers

Cities

  • Zurich
  • Basel
  • Geneva
  • Bern
  • All Cities

Contact

  • Get in Touch
  • Submit a Claim
  • About Us

© 2026 Was goht, Schwiiz? All rights reserved.

Made with❤️in Switzerland

Terms of Service•Privacy Policy•Impressum•llms.txt

Privacy Policy

Was goht, Schwiiz? – Event Platform • Version: 05.12.2025

This privacy policy informs you about what personal data we collect, for what purposes we process it and what rights you have. The privacy policy is based on the Swiss Data Protection Act (revDSG) and, where applicable, the EU General Data Protection Regulation (GDPR).

1. Controller

Johannes Nothstein
Bahnhofplatz 2
4133 Pratteln
Switzerland

[email protected]

2. Data Collected

2.1 When Visiting the Website (automatic)

Each time you access our platform, the following data is automatically collected:

  • IP address (anonymized)
  • Browser type and version
  • Operating system
  • Pages visited
  • Date and time
  • Language setting

2.2 During Registration

  • Email address (required)
  • Password (hashed)
  • Name (optional)
  • Profile picture (optional)
  • Social media links (optional)

2.3 When Creating Events/Venues

  • Event details (title, description, date, etc.)
  • Venue details (name, address, etc.)
  • Images
  • Contact information (optional)
  • Location coordinates

3. Legal Bases for Processing

PurposeDSGVOrevDSG
Contract fulfillmentArt. 6 Abs. 1 lit. bArt. 6 Abs. 3
Consent (e.g., cookies)Art. 6 Abs. 1 lit. aArt. 6 Abs. 6
Legitimate interestArt. 6 Abs. 1 lit. fArt. 6 Abs. 1
Legal obligationsArt. 6 Abs. 1 lit. cArt. 6 Abs. 3

Note: The revised Swiss Data Protection Act (revDSG) does not have a conclusive catalog of legal bases like the GDPR. Processing is permissible if it is proportionate and the principles under Art. 6 revDSG are observed.

4. Cookies

Cookies are small text files stored on your device that enable recognition.

Necessary Cookies

CookiePurposeStorage Duration
authjs.session-tokenLogin sessionSession / 30 days

Analytics Cookies (only with consent)

CookiePurposeStorage Duration
_gaUser differentiation2 years
_ga_*Session tracking2 years

Important: Google Analytics is only activated if you have explicitly agreed in the cookie banner. Without your consent, no analytics cookies will be set.

5. Third-Party Providers and Data Transfers

DigitalOcean (Hosting & CDN)

We use DigitalOcean (USA) for web hosting and storage. Data transfer is based on EU Standard Contractual Clauses (SCCs) with additional technical measures.

Google Analytics

We use Google Analytics to analyze user behavior. The following protective measures are used:

  • IP anonymization enabled
  • No data shared with Google for advertising
  • Activation only after explicit consent

Opt-Out: tools.google.com/dlpage/gaoptout

Resend (Email Delivery)

For sending emails (verification, notifications) we use Resend (USA). Data transfer based on SCCs.

Spotify API

For artist information we use the Spotify API. Only public artist data is retrieved, no user data is transmitted.

Note on Third-Country Transfers (USA)

For all US service providers, we have conducted a risk assessment (Transfer Impact Assessment). In addition to EU Standard Contractual Clauses (SCCs), we employ the following protective measures:

  • Encryption of data during transfer and storage
  • Pseudonymization where technically possible
  • Limitation of transmitted data to the necessary minimum
  • Contractual assurances from providers regarding government requests

6. Retention Period

Data TypeRetention Period
User accountUntil deletion + 6 months
EventsUntil deletion by organizer or admin
Venue claims3 years after completion
Server logs90 days
Analytics data26 months (Google Analytics)

7. Your Rights

  • Right of Access: You can request information about what personal data we have stored about you.
  • Right to Rectification: You can request correction of inaccurate data.
  • Right to Erasure: You can request deletion of your data, provided no legal retention obligations apply.
  • Restriction of Processing: You can request restriction of processing.
  • Data Portability: You can request that we provide your data in a structured, commonly used and machine-readable format.
  • Right to Object: You can object to processing of your data when based on legitimate interest.
  • Withdrawal of Consent: Granted consents can be revoked at any time with effect for the future.
  • Right to Complain: You have the right to complain to the competent data protection supervisory authority.

To exercise your rights, please contact: [email protected]

8. Data Security

  • SSL/TLS encryption of data transmission
  • Passwords are stored hashed (bcrypt)
  • Role-based data access
  • Regular software updates

9. Minors

The platform is not intended for persons under 16 years of age. We do not knowingly collect data from minors under 16.

10. Changes to Privacy Policy

We reserve the right to adapt this privacy policy as needed. For material changes, we will inform registered users by email. Material changes take effect no earlier than 14 days after notification.

11. Supervisory Authority

For complaints, you can contact the competent data protection supervisory authority:

Eidgenössischer Datenschutz- und Öffentlichkeitsbeauftragter (EDÖB)
Feldeggweg 1
3003 Bern
Switzerland
www.edoeb.admin.ch

Privacy Contact

Johannes Nothstein
[email protected]

Version: 05.12.2025