Privacy Policy
This Privacy Policy outlines how we collect, use, disclose, and safeguard your personal data when you interact with our website, gwylmacsfest.com. We are committed to protecting your privacy and ensuring the responsible handling of personal data in full compliance with applicable data protection regulations, including the General Data Protection Regulation (GDPR) and the California Consumer Privacy Act (CCPA).
1. Commitment to Privacy and Data Protection
At Gwyl Mac’s Fest, your privacy is of paramount importance. We respect your individual rights regarding your personal data and are committed to handling all personal data with transparency, integrity, and care. All personal data is processed in accordance with the legal frameworks imposed by GDPR, CCPA, and other relevant data protection laws.
2. Scope of Policy and Role of Data Controller
This Privacy Policy applies to all personal data collected through your interactions with gwylmacsfest.com, whether you are browsing, participating in our event, purchasing tickets, or contacting us. We act as the “data controller” for purposes of the GDPR and as the “business” under the CCPA. This means we determine the purposes and means of processing your personal data.
If you have questions or concerns about how your data is handled, you may contact us at [email protected].
3. Categories of Personal Data We Process
We may collect and process the following categories of personal data in order to deliver and improve our services:
a. Usage Data
We gather anonymous statistical information such as your browser type, IP address, device identifiers, session timestamps, geographic location (inferred from your IP address), pages viewed, and actions taken on gwylmacsfest.com.
b. Account Data
If you create an account or purchase tickets, we collect information such as your full name, billing and shipping address, email address, and telephone number.
c. Profile Data
This includes your interests, ticket selections, merchandise preferences, feedback, and behavioral engagement with our content and services.
d. Communication Data
When you contact us, whether via email or contact form, we retain correspondence details, including your contact information and messages exchanged.
e. Technical Data
We collect technical information about the device(s) you use to access our Services, such as operating system, browser configuration, screen resolution, language preferences, and mobile network.
f. Transaction Data
Includes payment method (note: we do not store full financial data), order history, delivery and billing information associated with ticket and merchandise purchases.
g. Preference Data
We retain your marketing preferences, subscription choices, language settings, and communication opt-ins or opt-outs.
4. Legal Bases for Processing Personal Data
We rely on one or more of the following lawful bases to process your personal data under the GDPR:
– Legitimate Interests: Improving and safeguarding our website, event planning, analytics, security, and enhancing user experience.
– Contractual Necessity: When the processing of personal information is necessary to fulfill a service agreement, such as ticket sales or merchandise orders.
– Consent: For marketing communications, non-essential cookies, and particular use of special categories of personal data where required by law.
– Legal Obligation: When processing is required to comply with applicable legal or regulatory requirements.
5. Your Data Protection Rights
Subject to local laws, you may have the following rights regarding your personal data:
– Right of Access: You can request confirmation of whether we process your personal data and access to such data.
– Right to Rectification: You have the right to correct inaccurate or incomplete data we hold about you.
– Right to Erasure (“Right to Be Forgotten”): In certain cases, you may ask us to delete your personal data.
– Right to Restrict Processing: You may request that we temporarily or permanently stop processing your personal data under specific circumstances.
– Right to Data Portability: You may receive your personal data in a structured, commonly used, machine-readable format and request transfer to another data controller.
To exercise these rights, contact us at [email protected].
6. Information Security Measures
We implement and maintain robust administrative, technical, and physical security measures to protect your data, including:
– End-to-end encryption during data transmission
– Access control restrictions to limit personnel access to sensitive data
– Regular database backups and data recovery protocols
– Staff training on data protection compliance
– Secure third-party vendor integrations
7. International Data Transfers
Personal data may be transferred to and processed in countries outside of your jurisdiction. In such cases, we ensure that adequate safeguards are in place, including, where applicable, Standard Contractual Clauses (SCCs), binding corporate rules, or other lawful mechanisms consistent with GDPR requirements.
8. Data Retention Periods
Your personal data will be stored only for as long as necessary for its purpose. Specific retention periods include:
– Account Data and Transaction Data: Retained for up to 6 years for legal and reporting obligations
– Communications and Support Records: Retained for 24 months after the last correspondence
– Marketing Preferences: Retained until you withdraw consent
– Technical and Usage Data: Retained for analytics purposes for up to 12 months
After applicable retention periods, data will be securely deleted or anonymized.
9. Cookie Policy
gwylmacsfest.com uses cookies and similar technologies to enhance user experience. These include:
– Essential Cookies: Necessary for site functionality and secure login
– Functional Cookies: Enable personalized settings and preferences
– Analytical Cookies: Help us understand user behavior and improve our website
– Performance Cookies: Measure and improve site speed and loading times
10. Cookie Management and Compliance
By visiting gwylmacsfest.com, you are informed about cookie usage via a banner on your first visit. You can manage your preferences at any time through our Cookie Preferences Center or your browser settings. We adhere to GDPR and CCPA requirements regarding obtaining user consent and respecting Do Not Track (DNT) signals and Global Privacy Control (GPC).
CCPA Opt-Out Rights: California residents may opt out of the “sale” of their personal information (as defined under the CCPA) by contacting [email protected] or adjusting their cookie preferences using the “Do Not Sell My Personal Information” link available on the website.
11. Children’s Privacy
gwylmacsfest.com is not directed at children under the age of 13. We do not knowingly collect personal data from minors. If you believe we have inadvertently obtained data from a child under 13, please contact us immediately at [email protected] to request deletion.
12. Policy Updates and Notifications
This Privacy Policy may be updated periodically to reflect changes to our data practices or legal obligations. Any significant revisions will be communicated to users via an on-site notification or email, where applicable. You are encouraged to review this policy regularly to stay informed.
13. Contact Us
If you have questions, concerns, or requests regarding this Privacy Policy or the handling of your personal data, please contact:
Email: [email protected]
Website: www.gwylmacsfest.com
—
We are dedicated to ensuring full compliance with applicable privacy laws and maintaining your trust. Should you have any concerns about this Privacy Policy or the way your personal data is handled, we invite you to reach out to us at the contact information above.