Home

Privacy statement

A. WHO ARE WE?

The website https://unfinished.ro (the “Website”) is owned and operated by EIDOS Foundation (“EIDOS” or “Unfinished Festival”), having its headquarters at Str. Iresti, nr. 18, sector 1., Bucharest 013272, registered with the Bucharest Register of Foundations and Associations under No. 3113/B/2009 from 26/05/2009, having sole registration code 26748839. EIDOS acts as a data controller of your personal data, as defined below, for the purposes specified below.

B. APPLICATION OF THE PRIVACY POLICY

This Privacy Policy (the “Privacy Policy”) describes how we collect, use and otherwise handle your Personal Data, explains the circumstances in which we may transfer your Personal Data to others and informs you about the rights that you have in relation to the processing we perform of such Personal Data. Our Privacy Policy should be read together with any and all other applicable legal provisions in force, as well as any and all terms and conditions provided or made available to you on other pages of our Website and in any potential contract concluded with us.

C. HOW, WHEN AND WHY DO WE COLLECT AND USE PERSONAL DATA?

We process different types of personal data (“Personal Data”) when you register on our website in order to participate at Unfinished Festival or at any activity organised by us, when you browse, request information or interact with our Website and/or social media platforms (e.g. Facebook). The Personal Data we collect and process, on a case by case basis, and depending on the extent and specific details of our interaction, are:

● personal identification details, such as your name, address, date of birth, employment and occupation status, name of the company you work for, educational or professional background, job title and function, as well as other personal information concerning your preferences, relevant for registration purposes into our community;

● contact details, such as your telephone number, e-mail address;

● Website usage and other technical data, such as details of your visits to our Website and/or social media platforms (Facebook), such as, the Internet Protocol (IP) address, login data, browser type and version, device type, time zone setting, browser plug-in types and versions, operating system and platform;

● data that you voluntarily give us when you choose to participate in various activities on or related to our social media platforms, such as, user ID, your comments and opinions, evaluation of posts and responses to feedback;

● any other personal data relating to you that you willingly provide to us from time to time.

Where we need to collect Personal Data as requested in order register with Unfinished Festival or to any other activity organised by our community, if you fail to provide that data when requested, we may not be able to carry out your registration, in order to perform our obligations. In this case, we may have to cancel our engagement towards you.

​​​​​​​D. DO WE COLLECT PERSONAL DATA ABOUT OTHER PEOPLE?

If you provide Personal Data to us about any natural person, other than yourself, such as your employees, counterparties, advisers or suppliers, you must ensure that they understand how their information will be processed and that either they have consented for you to disclose such Personal Data to us, also allowing us, and/or our outsourced service providers, to process it, or that there is another legal basis justifying such disclosure and processing.

E. HOW WE OBTAIN THE PERSONAL DATA ABOUT YOU?

We may collect or receive your Personal Data in a number of different ways:
● whether you provide it directly and intentionally to us, for example, by registering on our Website, in order to attend to Unfinished Festival;
● whether you provide it to us directly, but non-intentionally, such as the technical data we automatically collect when you browse our Website and/or social media platforms (e.g. Facebook), such as, the Internet Protocol (IP) address, login data, browser type and version, device type, time zone setting, browser plug-in types and versions, operating system and platform, as well the data we infer from your reactions to the product of our services or, as the case may be, evaluation of posts and responses to feedback on our media platforms;

F. HOW AND WHY WE USE YOUR PERSONAL DATA?

We verify and comply with the legal grounds for processing we rely on, in each case, in order to compliantly process your Personal Data.


We may use your Personal Data as provided below:
● in order for you to be part of our community, at your request or based on your consent:
● for registering and/or participation in the UNFINISHED Festival purposes;
● in order to register you as a member and/or collaborator of the UNFINISHED Festival;
● for communication purposes: in order to keep you up to date on the latest
developments, announcements, and other information about us, updates (including briefings, newsletters and other information), events and initiatives;


In this regard, we provide the option to unsubscribe or opt-out of further communication on any electronic communication sent to you; alternatively, you may opt-out by contacting us directly, by using the contact details set out below.


● in order to transfer your name, surname and e-mail address to several social media
platforms (e.g. Facebook) in order to find like-minded or similar individuals.
● as required by EIDOS, for the purpose of building, expanding and guiding our community, thus pursuing our legitimate interest(s), in particular:
● for administering and managing our relationship with you;
● communicating with you, before and during the Unfinished Festival;
● facilitating the use of our Website and social media platforms and to ensure that the content of our Website and social platforms is presented in the most effective manner for you and for your device;
● as required by EIDOS, for the purpose of ensuring the safety and security of and during the UNFINISHED Festival, such as managing access to the Unfinished Festival premises and for security purposes;
● exercising or defending our legal rights or to comply with court orders, if the case.
● protecting the security of our communications and other systems and to prevent and detect security threats, frauds or other criminal or malicious activities;


If you have provided your consent to the processing and transfer of your Personal Data, you have the right to fully or partly withdraw your consent, free of charge and at any point in time. To withdraw your consent, please use the contact details provided at point M below. While exercising this right, please also take into account that withdrawal of consent will not affect the processing of personal data before such withdrawal. We will not use your Personal Data for taking any automated decisions affecting you or for creating profiles.

G. SHARING OF YOUR PERSONAL DATA

As a rule, we shall not disclose your Personal Data to third parties. However, we may transmit such Personal Data to third parties, including social media platforms, for the above-mentioned purposes, or to certain service providers, we may have subcontracted, in order to perform our activity, such as IT services providers, strictly to the extent that such action is necessary. Please note that this list is non-exhaustive and, considering specific circumstances, there may be other examples where we need to share your Personal Data with third parties, in order to provide the services and/or, as the case may be, exercise our legitimate rights.


We may also disclose your Personal Data to comply with our regulatory requirements and/or any other applicable legal provisions in force from time to time, or in the course of dialogue with regulators, as applicable, which may include disclosing your Personal Data to government and/or regulatory or law enforcement agencies, in connection with enquiries, proceedings or investigations by such entities anywhere in the world, if or where compelled to do so. Where permitted, or unless doing so would prejudice the prevention or detection of a crime, we will direct any such request to you or notify you before responding.

H. WHICH COUNTRIES DO WE TRANSFER YOUR PERSONAL DATA TO?

As a rule, we will not transfer, any of your Personal Data outside the European Economic Area (EEA). However, if your Personal Data are included, inserted or otherwise communicated to Google LLC - EU-U.S. and MailChimp (Rocket Science Group LLC d/b/a) (that we use in our activity), such Personal Data may be transferred to the United States. The above-mentioned e-mail services provider has an active Safe Shield certification, that you can access at any time at: https://www.privacyshield.gov/participant_search, ensuring the same level of data protection as the one existing at European Union level.

I. THE RETENTION PERIOD OF YOUR PERSONAL DATA

Your Personal Data shall be retained by EIDOS for as long as is necessary to accomplish the purposes for which this data has been collected and/or to observe any legal obligations hereof.

J. OUR PROTECTION OF YOUR PERSONAL DATA

We are highly committed to observing data privacy and, thus, we have implemented a range of commercially reasonable physical, technical and procedural measures to help protect Personal Data from unauthorized access, use, disclosure, alteration or destruction, such as:


● limiting the number of recipients/users from our community who have access to Personal Data and correlating access rights with the actual and justified need of each recipient/user;
● concluding agreements with our collaborators, suppliers and service providers, providing confidentiality and personal data protection obligations for ensuring the protection of your Personal Data;
● adopting, at our community level, specific rules on copying and disseminating documents, to prevent any unauthorized access to Personal Data and the disclosure thereof;
● creating back-ups of the stored Personal Data;
● introducing specific access rights in order to prevent any unauthorized individuals to access Personal Data, areas where Personal Data are being stored and/or equipment on which Personal Data are stored/located. Furthermore, our collaborators, as well as any third-party service providers we may engage that process Personal Data on our behalf (for the purposes listed above) are also contractually bound to respect the confidentiality of your Personal Data.

K. THE RIGHTS THAT YOU HAVE IN RELATION TO YOUR PERSONAL DATA

In your capacity as data subject, the EU General Data Protection Regulation 2016/679 (GDPR)grants you the following rights:
● right of access – allowing you to obtain confirmation that your Personal Data is being processed by us and, if affirmative, the relevant details of such processing activities;
● the right to rectification – allowing you to rectify your Personal Data, if inaccurate;
● right to erasure – allowing you to obtain the erasure of your Personal Data, subject to the limitations provided in this Privacy Policy and/or by law;
● right to restriction – allowing you to obtain the restriction of processing your Personal Data, subject to the limitations provided in this Privacy Policy and/or by law;
● right to object – allowing you to object to further processing of your Personal Data, subject to the limitations provided in this Privacy Policy and/or by law; and
● right to data portability – allowing you to receive the Personal Data concerning you that you have provided to us, in a structured, commonly used and machine-readable format or to transmit such data to another data controller (provided that such data have been provided to us or stored by us in such a structured, commonly used, machine-readable and portable format).


You may exercise your aforementioned rights and find out more about such rights by filing with us, as data controller, a written request, using the contact details provided at Point M below. You also have the right, whether dissatisfied with our use of your Personal Data or with our response related to your claims on exercising your right rights, to lodge a complaining with the Romanian Supervisory Authority (010336, 28-30 G-ral. Gheorghe Magheru Blvd. District 1 Bucharest, Romania / E-mail: anspdcp@dataprotection.ro / Telephone number: +40 318 059 211 +40 318 059 212 / website

L. COOKIES AND SIMILAR TECHNOLOGIES

Please be informed that our Website uses strictly necessary cookies. These cookies are essential in order to enable you to move around our Website and use features, such as accessing secure areas of the Website. Without these cookies, services such as enabling appropriate content based on your type of device cannot be provided. In general, cookies are text files containing small amounts of information which are downloaded to your device when you visit a website.


If you have further queries about our use of cookies, you can contact us by using the details provided at Point M below or you can find more information about cookies at: www.allaboutcookies.org.

M. CONTACT US

If you have any questions on this Privacy Policy or if you want to exert your right(s), as data subject, please contact us by using one of the following options:
a. Via e-mail at: hello@eidosfoundation.org;
b. In writing at: Dionisie Lupu 46, Sector 2, 030167 Romania Bucharest, Romania

N. HOW WE MAY UPDATE THIS PRIVACY NOTICE

We reserve the right to update and amend this Privacy Policy from time to time, in order to reflect any changes to the way in which we process your Personal Data or changing legal requirements. The changes we may make to this Privacy Policy will be posted on this page and notified to you while visiting our Website or, where appropriate, notified to you by e-mail.


This Privacy Policy is valid as of September 17, 2019.