Privacy Policy for GrebenshikovConcert.com

GrebenshikovConcert.com (“we”, “us”, or “our”) is firmly committed to safeguarding your privacy and protecting your personal data. This Privacy Policy describes how we collect, use, disclose, and safeguard your information when you visit or interact with our website, https://grebenshikovconcert.com, and outlines your rights under applicable privacy laws, including the European Union General Data Protection Regulation (GDPR) and the California Consumer Privacy Act (CCPA).

By using our website, you consent to the practices described in this Privacy Policy.

1. Commitment to Privacy and Data Protection

We are dedicated to protecting the confidentiality, integrity, and availability of your personal data. We process personal data responsibly, transparently, and for specific, legitimate purposes only. We implement strict security and compliance measures to ensure your information is managed safely and lawfully.

2. Scope of Policy and Data Controller Role

This Privacy Policy applies to all users visiting or interacting with GrebenshikovConcert.com. We are the “Data Controller” of your personal data under GDPR, meaning we determine the purposes and means of the processing of your personal data. Users residing in California are granted additional rights under the CCPA, which we honor.

If you have any concerns or questions about the handling of your data, please contact us at: [email protected].

3. Categories of Data Processed

We may collect and process the following categories of personal data:

A. Usage Data
This includes data automatically collected about how you use the website, such as:
– IP address
– Geographic location
– Browser type and version
– Device identifiers
– Date and time of access
– Referring website
– Session duration and page interactions

B. Account Data
If you create an account or make a purchase, we may collect:
– Full name
– Postal address
– Email address
– Phone number

C. Profile Data
Information provided or generated from use of our services, including:
– Purchase history
– Preferences
– Event attendance and packages
– User behavior patterns

D. Communication Data
We collect and retain information from interactions with customer support or other inquiries, including:
– Emails and messages sent to us
– Support case history
– Feedback or complaints

E. Technical Data
Collected from your device and related systems:
– Operating system
– Internet service provider
– Screen resolution and device configurations
– Browser plugins and settings

F. Transaction Data
In the course of processing purchases:
– Payment details (limited to what is necessary — we do not store full card numbers)
– Billing and shipping information
– Order history

G. Preference Data
Collected when you opt in to communications:
– Marketing consent preferences
– Interest in events or content
– Language and localization settings

4. Legal Bases for Processing

We process your personal data only when a lawful basis can be established under applicable law. These include:

– Consent: Where you have voluntarily given your consent (e.g., for email marketing).
– Contract: When processing is necessary to perform a contract with you (e.g., ticket sales).
– Legitimate Interests: For business operations, fraud prevention, or improving services, provided such interests are not overridden by your rights.
– Legal Obligation: Where required to comply with applicable laws or enforce legal rights.

5. Your Rights Under GDPR and CCPA

Depending on your location, you may exercise the following rights:

– Right of Access: Request access to personal data we hold about you.
– Right to Rectification: Request correction of inaccurate or incomplete data.
– Right to Erasure (“Right to be Forgotten”): Request deletion of your personal data.
– Right to Restriction: Request limitation of data processing in certain circumstances.
– Right to Portability: Receive a copy of your personal data in a structured, commonly used, and machine-readable format.
– Right to Object: Object to certain data processing activities.
– California Privacy Rights: California residents may request categories and specific pieces of information collected about them, request deletion, and opt out of data sales (we do not sell personal data).

To exercise any of these rights, please contact us at [email protected].

6. Security Measures

We implement and maintain rigorous administrative, technical, and physical safeguards to protect your data, including but not limited to:
– End-to-end encryption for transmission of sensitive data
– Access controls and authentication for internal systems
– Regular data backups
– Employee training on security and privacy best practices
– Continuous system monitoring and vulnerability testing

7. International Data Transfers

Where data is transferred outside the European Economic Area or California, we ensure that appropriate safeguards are in place. This includes the use of Standard Contractual Clauses approved by the European Commission and other legally compliant mechanisms applicable to international transfers.

8. Data Retention

We retain your personal data only for as long as it is necessary for the purposes described in this policy or as required by applicable law. Retention periods vary depending on the nature of the data:

– Usage Data: up to 12 months after last visit
– Account Data: stored until account closure plus 12 months
– Transaction Data: up to 7 years (in accordance with legal obligation)
– Communication Data: 2 years
– Marketing Preferences: retained until opt-out

9. Cookie Policy

We use cookies and similar tracking technologies on GrebenshikovConcert.com. These include:

– Essential Cookies: Required for operation of the website (e.g., shopping cart, login)
– Functional Cookies: Enhance usability and user preferences
– Analytics Cookies: Collect aggregate information for usage statistics and site optimization (e.g., Google Analytics)
– Performance Cookies: Monitor load times and responsiveness of our platform

10. Cookie Management & GDPR/CCPA Compliance

Upon your first visit, we display a cookie banner allowing you to accept or refuse different categories of cookies. You may update your preferences at any time via the cookie consent tool provided on our website. Alternatively, you can manage cookies through your browser settings.

In accordance with GDPR and CCPA, we do not deploy non-essential cookies without your prior consent (GDPR) and provide an option to opt-out of sale or sharing of data (CCPA).

11. Protection of Children’s Privacy

Our website and services are not designed for or intentionally targeted at children under the age of 13. We do not knowingly collect personal information from individuals under 13 years of age. If we learn that information has been collected from a child without appropriate consent, we will delete it promptly. Parents or guardians who believe their child may have provided personal information to us should contact us at [email protected].

12. Policy Updates

We may update this Privacy Policy from time to time in order to reflect changes in legal requirements, technology, or our business operations. We encourage you to review this page periodically to stay informed of any changes. Material changes will be communicated prominently through our website or direct communication channels when appropriate.

13. Contacting Us

If you have any questions, concerns, or requests regarding this Privacy Policy or how we handle your personal data, please contact us at:

Email: [email protected]

We are committed to ensuring lawful data processing and full compliance with the GDPR, CCPA, and all applicable data protection laws. If you have any concerns about your privacy or how your data is treated, please reach out to us promptly.