Privacy Policy

 

  1. The Organizer, Nephilim Productions, is committed to protecting attendee privacy and securing personal data in compliance with the General Data Protection Regulation (GDPR) and the German Federal Data Protection Act (BDSG). This policy outlines how personal data is collected, processed, and protected.
  2. Personal data collected includes, but is not limited to, names, email addresses, phone numbers, and payment information. This data is used solely for purposes related to the event, such as ticket issuance, communication, and legal compliance.
  3. All personal data is processed lawfully, fairly, and transparently. Data collection is limited to what is necessary for the stated purposes, in accordance with the principle of data minimization.
  4. Security measures include data encryption, secure servers, limited access to authorized personnel, and regular audits. The Organizer employs both technical and organizational measures to safeguard personal data from unauthorized access, loss, or misuse.
  5. Personal data will be retained only as long as necessary for the purposes for which it was collected or as required by law. Once data is no longer needed, it will be securely deleted or anonymized.
  6. Attendees have the right to access their personal data, correct inaccuracies, and request deletion of their data under Article 17 of the GDPR. Requests can be submitted to the designated data protection officer or via email to the provided contact address.
  7. Attendees also have the right to restrict processing, object to data use, and request data portability where applicable. All requests will be addressed within the legally mandated timeframe.
  8. Personal data may be shared with third-party service providers, such as ticketing platforms, for operational purposes. These providers are contractually obligated to adhere to GDPR standards and are prohibited from using the data for any purposes beyond those specified.
  9. Personal data will not be sold, rented, or shared with external parties for marketing purposes. Exceptions apply only in cases where disclosure is required by law or authorized by the attendee.
  10. In the event of a data breach, the Organizer will notify affected individuals and the relevant supervisory authority without undue delay, as stipulated by GDPR requirements.
  11. Complaints regarding data privacy can be lodged with the relevant supervisory authority in Germany. For Hamburg, this is the Hamburg Commissioner for Data Protection and Freedom of Information.
  12. By purchasing a ticket, attendees consent to the collection and processing of their data as described in this policy. The Organizer reserves the right to update this policy, and significant changes will be communicated through the email address provided during registration.
  13. For questions or concerns about this policy, attendees can contact the Organizer at the official email address listed on the event website.