Eschaton—Anselm Kiefer Foundation

Privacy Policy

The Foundation guarantees users of the Foundation’s website (the “Site”), Purchasers, and prospects who provide it with personal data (“Personal Data”) that their Personal Data will be collected and processed in accordance with the provisions of Law No. 78-17 of January 6, 1978 on information technology, files, and civil liberties, and Regulation No. 2016/679 of the European Parliament and of the Council of April 27, 2016.

The privacy policy is an integral part of the Foundation’s Terms and Conditions. Its purpose is to govern the collection and processing of personal data in connection with the use of the Website, the purchase of Products sold by the Foundation and, in general, in connection with the Foundation’s relationship with the persons concerned.

Please refer to the General Terms and Conditions of Sale available on the ticketing website for the definition of capitalized terms that are not expressly defined in this document.

The privacy policy must be expressly accepted by:

  • any user wishing to access the Site on their first visit and each time the privacy policy is modified;
  • any Purchaser;
  • any prospective customer who communicates Personal Data to the Foundation by any means.

The user certifies that they are at least eighteen (18) years of age to access the Site.

If the privacy policy is not accepted, the user or Buyer must refrain from accessing the Site.

1. WHAT PERSONAL DATE DO WE COLLECT?

1.1 Personal Date provided by you

We collect the Personal Data you provide.

We collect the Personal Data that you voluntarily provide to us when browsing our Site, placing an order, or contacting us.

In this context, we collect your first and last name, email address, and phone number.

Your payment details are collected directly by our payment service provider, CIC bank.

You guarantee that all Personal Data you provide is true, complete, and accurate, and you agree to inform us of any changes to this Personal Data.

1.2 Data collected automatically

Certain information—such as your IP (Internet Protocol) address and/or the characteristics of your browser and device—is collected automatically when you visit the Site.

We also collect data automatically, which does not reveal your identity but may include information about the devices you use and how you use them.

This data is necessary to ensure the security and functioning of the Site, as well as for our internal analysis and reporting.

The information we collect includes:

  • usage data: connection and usage data is service, diagnostic, usage, and performance information that our servers automatically collect when you access or use the Site. Depending on how you interact with us, this usage data may include your IP address, device information, browser type and settings, and information about your activity on the Site.

2. HOW DO WE USE YOUR PERSONAL DATA?

We process your Personal Data for the proper performance of the contract between us or on the basis of your consent.

We collect and process your Personal Data on the basis of the performance of the sales contract or your consent, in particular for the use of cookies for certain purposes and the use of Personal Data for commercial prospecting purposes.

In particular, we use your Personal Data for the following purposes:

  • Fulfilling and managing your orders: we use your information to fulfill and manage your purchases on the Site;
  • Responding to your requests: we use your Personal Data to respond to your requests and resolve any potential issues you may encounter when using our services.

When the processing of Personal Data is based on consent, you have the right to withdraw your consent at any time.

An unsubscribe link is included in newsletter emails sent by the Foundation.

3. WILL YOUR PERSONAL DATA BE SHARED WITH THIRD PARTIES?

Transfers of your Personal Data, which are necessary for the performance of the contract, are carried out in accordance with your rights.

We may share your Personal Data internally between the Foundation’s departments that have an interest in it (accounting, sales, communications) and with our suppliers, in accordance with the data protection agreement concluded with them.

The Foundation ensures that the recipients or subcontractors themselves provide sufficient guarantees to ensure the implementation of appropriate technical and organizational measures so that the processing of Personal Data meets the legal requirements in force.

Some subcontractors are located or use servers outside the European Union in countries where personal data protection laws may differ from those of the European Union.

In particular, your data is stored by Hostinger, a hosting company located in Lithuania, whose privacy policy can be found by clicking here: https://www.hostinger.com/legal/privacy-policy

In this case, the Foundation ensures that you are informed and that this transfer guarantees a sufficient level of protection of privacy and fundamental rights of individuals in accordance with applicable laws and regulations.

4. HOW LONG DO WE KEEP YOUR PERSONAL DATA?

We retain your Personal Data for as long as necessary to fulfill the purposes outlined in the privacy policy, unless otherwise required by law.

Once the contract has ended, we retain your Personal Data for a maximum period of five (5) years for contractual liability purposes in the event of a dispute and in accordance with the legal and regulatory obligations applicable to the Foundation.

For administrative purposes, a subset of your Personal Data is archived in a separate location with restricted access for a period of ten (10) years (for billing data, in accordance with the Commercial Code).

Information relating to a prospect will be retained for three (3) years after the date of the prospect’s last message, in accordance with the recommendation of the French Data Protection Authority (the “CNIL“).

Browsing data will be kept for a maximum period of six (6) months.

5. HOW DO WE ENSURE THE SECURITY OF YOUR PERSONAL DATA?

We aim to protect your Personal Data through organizational and technical security measures.

We guarantee the existence of adequate levels of protection in accordance with applicable laws on the protection of personal data.

However, there is always a risk when using the Internet to transfer Personal Data or other information. We will notify the data protection supervisory authority, the CNIL, and/or the data subject of any possible data breach.

6. DO WE COLLECT PERSONAL DATA FROM MINORS?

We do not knowingly collect data from children under the age of 18 and do not market to them.

By using the Site, you represent that you are at least eighteen (18) years of age or that you are the parent or guardian of a minor and that you consent to that minor’s use of the Site.

If we learn that Personal Data from users under the age of eighteen (18) has been collected, we will deactivate the account and take reasonable steps to delete such data as soon as possible.

If you are aware of any data we may have collected from users under the age of eighteen (18), please contact us by email at office@eschaton-foundation.com.

7. WHAT ARE YOUR PRIVACY RIGHTS?

You have rights to maintain control over your Personal Data.

You have the following rights:

  • Right to information: you have the right to be informed in a clear and precise manner about the processing of your Personal Data;
  • Right to object and restrict processing: you have the right to object, on legitimate grounds, to the processing of your Personal Data, unless it is required by law;
  • Right of access and rectification: you have the right to access all information concerning you, to know the origin of the information concerning you, to access the information on which we have based our decision concerning you, to obtain a copy of it, and to require that your data be, as appropriate, rectified, completed, or updated;
  • Right to erasure: where applicable, you have the right to request that your information be deleted—we will comply with this request unless otherwise required by law;
  • Right to define guidelines for the storage, erasure, and communication of your Personal Data after your death;
  • Right to portability: you have the right to receive the Personal Data concerning you that you have provided to us, to reuse it, and to transmit it to another data controller.

To exercise your rights, you can contact us by email at office@eschaton-foundation.com or by referring to the contact details at the bottom of this document.

You also have the option of submitting a request to the competent supervisory authority, the CNIL.

If you reside in any other country in the European Economic Area (the “EEA“) or in the United Kingdom and believe that we are processing your Personal Data unlawfully, you may submit a request to the competent supervisory authority in your country, whose contact details are available here:

https://ec.europa.eu/justice/data-protection/bodies/authorities/index_en.htm.

8. UPDATES TO THE PRIVACY POLICY

We update the Privacy Policy to remain in compliance with applicable laws.

We reserve the right to adapt or modify the privacy policy at any time by publishing an updated version on the Site.

If we make significant changes to the privacy policy, we will notify you either by posting a prominent notice of such changes or by sending you a direct notification.

9. CONTACTING US

If you have any questions or comments about the privacy policy, you can send us an email at office@eschaton-foundation.com or a letter to the following address:

Eschaton Kunststiftung
Himmelreich 1
5020 Salzburg
Austria