1.1. CONTROLLER – LEGAL BASIS FOR PROCESSING, INFORMING AND DATA UPDATES

 ALFA PLUS SA, based at the A’ Street, Vi. Pe. Heraklion, in Crete,  VAT: 094259505 GEMI no. 77111327000 and tel. 2810380020 is the controller of the personal data of the visitor or the registered user and checks the data processing on the www.ticketcore.gr online services webpage.

The single-person limited liability company, under the name KRATAION, based at 94 Amaroussiou Halandriou st. in Maroussi, VAT: 800437248, GEMI (General Commercial Registry) no. 122520901000 and tel. 2106830255, and also the private limited company under the name of Vivid Vibes, based at 47 Grigoriou Lambraki st. in Lykovrysi, VAT: 801040347, GEMI no. 147620701000 and tel. 6979911187 are the controllers of the personal data of the visitor or registered user and control the data processing on the online services page www.cxmasterclass.gr. This webpage collects the data listed below, but directs you to www.ticketcore.gr, which also collects the data mentioned in its privacy policy.

Legal basis for processing personal data

For the data processing as described below, our company relies on the following legal bases:

A) Execution of a contract: In order to achieve the objectives of the contract which is concluded and for the client to be able to complete the transaction, it is necessary to process the personal data provided by the customer.

B) Legitimate interests: Some form of personal data processing is necessary in order

to improve our services. Specifically, in order to collect statistics so that

we personalize our products and services, for advertising purposes, for sending

customer service email messages, including booking confirmations and event reminders, to prevent unlawful practices and prevent black market and infringements of intellectual property, and in general to safeguard our legitimate interests.

C) Consent-Permission: The registered customer is requested to provide specific, clear and free consent to the individualized analysis of his/her behavior in order to receive commercial communication with customized offers for our services, depending on his or her preferences, with or without human intervention, so that the user can receive customised updates and promotions from our website that will best suit their profile and preferences.

The customer has the right of access, the obligation to correct and update the data and must disclose any changes to his or her personal data which have been stated upon their registration on our website, in order to receive better service.

Processing and types of personal data

Processing of personal data: Our website processes the user’s personal data, as they are stated by him or her when they create an account, buy a ticket, or a third party transfers a ticket to another person, when they use our site or our app, or when they use social media within our site or apps.

In the context of our commercial communication with you, with your consent given,

we use your personal data to: a) contact you regarding information or offers about upcoming events, products or services, either by e-mail or via mobile phone

b) offer you services based on your location such as via festival apps, which allow you to see where you are on the map, so we can use your position to send you push notifications about what is taking place near you

c) provide you with announcements of customised advertising and marketing on our websites and apps

d) we use photographs and/or video recordings in print and digital media formats including print publications, websites, advertising, film, social media and teaching purposes in order to thank you and give prominence to your participation in the workshop.

Types of personal data:

– when you create an account on our website, buy tickets or a third party transfers a ticket to you, we collect contact details (ie e-mail, full name, phone number, address), and pricing information (if applicable, that is, a bank account number, or a credit or debit card number, or the Pay Pal payment data).

– When you use our site or our apps, we collect the following: Which browser

or which device you use, your IP address, and your location, if enabled on your mobile or your computer, the site from which you log in, which applications you used

on our website and which you did not use, the website you use when you leave ours.

RIGHTS OF VISITORS / REGISTERED USERS

As a registered user of our site, as a data subject, you can exercise your rights at any time, as provided for by the GDPR (General Data Protection Regulation) (EU) 679/2016 and specifically in the articles 12 to 23 and the national legislation.

In particular:

– the right of access to data processed by our company

– the right to restriction of processing,

– the right to rectification or erasure of part or all (right to be forgotten) of the personal data

– the right to object, ie to object to personal data processing

– the right to data portability, ie to request data in electronic format that we collect for you

– the right to withdraw consent to data processing at any time and under no other condition, without affecting the lawfulness of the processing based on consent before the withdrawal, nor the data processing based on another legal basis.

All the above rights can be exercised by contacting the Data Protection Officer Vassilis Vassiliadis by email at: info@cxmasterclass.gr.

DATA RECIPIENTS

Your personal data, to the extent necessary for serving each of the above purposes, are transmitted to:

– our employees who are bound by a confidentiality agreement

– the tax and audit authorities

– our external partners who are bound by a confidentiality agreement

– event organizers, who can be different depending on the event, and for this reason, on every ticket purchase, we will state the name of our event partners and you will always be given the choice to learn about the terms of your data processing by the event organizers and exercise your rights under the applicable legislation.

– third parties supplying goods and services necessary to organizing the event, provided that the principle of proportionality is observed.

We do not transfer your data to third countries.

DATA RETENTION PERIOD

 We keep your data only for as long as it is required so that we can provide the services you have requested, solely for the purposes described in these terms of use. In the event of a new contract, the data is retained until you ask for its deletion, which can not be carried out earlier than six years after the event.

COOKIES POLICY

When visitors leave comments on our website, we collect the data shown on the comments form, as well as the visitor’s IP address and the browser user agent string, to help spam detection. An anonymous string created from your email address (also called “the hash”) may be provided to the Gravatar service to see if you are using it. The privacy policy of the Gravatar service is available here: https://automattic.com/privacy/. Once your comment is approved, your profile picture is visible to the public, in the context of your comment.

If you leave a comment on our site, you can choose to save your name, e-mail address and website in cookies. That is for your own convenience, so that you do not have to fill in your details again when you leave another comment. These cookies will last one year. If you have an account and you log in our website, we will set a temporary cookie to determine if your browser accepts cookies. This cookie does not contain personal data and is discarded when you close your browser. When you log in, we will also set up several cookies to save your login information and screen display choices. Login cookies last for two days and screen options cookies lasts for a year. If you select “Remember me”, your login will persist for two weeks. If you log out of your account, the login cookies will be removed. If you edit or publish an article, an additional cookie will be saved in your browser. This cookie does not include personal data and simply indicates the post ID of the article you just edited. It expires after 1 day.