Privacy Policy
FESTIVALCINEVALDIVIA.COM is committed to protecting your privacy and ensuring the safety and security of your personal data. This Privacy Policy outlines how we collect, process, store, and handle your personal information, in accordance with the General Data Protection Regulation (Regulation (EU) 2016/679) (“GDPR”), the California Consumer Privacy Act (“CCPA”), and other applicable data protection laws.
1. Commitment to Privacy and Data Protection
Your privacy matters to us. We are dedicated to safeguarding all information that identifies you personally and ensuring that appropriate safeguards are in place to protect your rights and freedoms. This Policy is designed to give you transparency into how and why your information is collected and processed by www.festivalcinevaldivia.com (“the Website”).
2. Scope of Policy and Data Controller Role
This Privacy Policy applies to the processing of personal data collected through the Website and other interactions you may have with us, including via contact forms, email communications, and online purchases. For the purpose of data protection laws, the controller of your data is Festival Internacional de Cine de Valdivia (“we”, “us”, “our”), operating via the Website at festivalcinevaldivia.com.
If you have any questions or concerns regarding your information, you may contact us at:
[email protected]
3. Categories of Data Processed
We may collect and process the following categories of personal data:
a) Usage Data
Includes information about how you use our Website such as your IP address, browser type, geographic location, page views, access times, referring websites, and interaction statistics.
b) Account Data
Includes information you provide when you register or purchase a ticket, such as your name, mailing address, email address, and telephone number.
c) Profile Data
Includes your preferences, purchase history, access logs, engagement with features of the Website, and behavioral indicators.
d) Communication Data
Includes correspondence through support forms, inquiries received at [email protected], and records of past interactions for inquiry resolution and service improvement.
e) Technical Data
Includes device type, operating system, browser settings, language preferences, system configuration, and other technological diagnostics transmitted by your device.
f) Transaction Data
Includes details of purchases, billing information, delivery preferences, and payment method (note: payment data is processed securely via third-party payment gateways).
g) Preference Data
Includes your marketing preferences, opt-in/opt-out records, subscription settings, and expressed interests in festival-related programming or services.
4. Legal Bases for Processing Personal Data
Under GDPR, the legal bases upon which we process your data include:
– Consent: When you have clearly agreed to us processing your personal data for specific purposes (e.g., newsletter subscriptions).
– Contract: When the processing is necessary for the performance of a contract with you (e.g., purchasing tickets or accessing paid content).
– Legal Obligation: When required to comply with applicable laws.
– Legitimate Interests: When processing is necessary for our legitimate interests and not overridden by your data protection rights (e.g., fraud prevention, service improvement).
For users covered by the CCPA, you may opt-out of any “sale” of your personal information, if applicable, and request a description of your data held by us, as further elaborated below.
5. Your Rights and Choices
You have the following rights under GDPR and CCPA, subject to legal limitations:
– Right of Access: Obtain confirmation and access to your personal data.
– Right to Rectification: Request correction of inaccurate or incomplete data.
– Right to Erasure: Request deletion of your personal data under certain conditions.
– Right to Restriction: Request limiting further use of your data.
– Right to Data Portability: Request transfer of your personal data in a structured, commonly used format.
– Right to Object: Object to processing based on our legitimate interests or for marketing purposes.
– Right to Withdraw Consent: If data is processed based on consent, you may withdraw consent at any time.
– Right to Non-Discrimination (CCPA): You have the right to not be treated differently for exercising your data rights.
To exercise any rights, contact us at [email protected]. We reserve the right to verify your identity before processing requests.
6. Security Measures
We implement and maintain appropriate technical and organizational measures to secure your personal data, including:
– Encryption of personal data in transit and at rest.
– Access controls based on user roles and responsibility.
– Two-factor authentication for administrative access.
– Regular backups and continuity planning.
– Staff training on privacy awareness and data protection best practices.
7. International Data Transfers
Your data may be transferred to and stored on servers located outside your country of residence. When we do so, we ensure appropriate safeguards, such as the use of Standard Contractual Clauses approved by the European Commission or other applicable mechanisms, to ensure adequate protection of your personal data.
8. Data Retention
We retain personal data only for as long as is necessary for the purposes for which it was collected, including:
– Usage Data: Up to 12 months.
– Account and Profile Data: As long as your account is active plus 12 months.
– Communication Data: 3 years.
– Transaction Data: 6 years (for accounting and compliance).
– Preference Data: Until consent is withdrawn or 2 years from last interaction.
Upon expiration of the relevant retention period, data is securely deleted or anonymized.
9. Cookie Policy
We use cookies and similar tracking technologies to enhance your experience, analyze Website performance, and support our services. The types of cookies we set include:
– Essential Cookies: Necessary for proper Website operation (e.g., session tokens, security cookies).
– Functional Cookies: Support preferences such as language and region.
– Analytics Cookies: Collect insights into user behavior and Website performance.
– Performance Cookies: Monitor system functionality, uptime metrics, and UI responsiveness.
Details about our use of cookies can be found in our dedicated Cookies section of the Website.
10. Cookie Management and User Control
In compliance with GDPR and CCPA, we provide users with the ability to manage cookie preferences:
– Upon first visit, you will be presented with a cookie consent banner permitting you to accept or modify non-essential cookie settings.
– You may change cookie preferences at any time through your browser settings or through the Cookie Preferences link available on the Website.
Note that disabling cookies may affect the functionality and operational quality of certain Website features.
11. Children’s Privacy
The Website is not intended for use by children under the age of 13, and we do not knowingly collect or solicit personal information from anyone under 13. If we learn that we have received personal information from a child without parental consent, we will promptly delete such information. Parents or guardians who believe their child has provided us with data may contact us at [email protected].
12. Policy Updates
We reserve the right to amend this Privacy Policy at any time to reflect evolving legal, regulatory, or business requirements. Changes will be posted on this page, and you should review this Policy periodically. In cases of material revisions, we may notify users through a notice on the Website or by direct communication where feasible.
By continuing to use www.festivalcinevaldivia.com after changes have been made, you accept those changes.
13. Contacting Us
If you have questions, comments, or requests concerning this Privacy Policy; wish to exercise your rights under applicable privacy laws; or have any related complaints, please contact our Data Protection Team at:
Email: [email protected]
We are committed to ensuring your privacy rights are respected and addressing your concerns in a timely and transparent manner.
This Privacy Policy is provided in compliance with applicable global data protection standards, including the GDPR and CCPA, and reflects our ongoing commitment to user privacy.