TICKETS

Privacy Policy

1. Preamble

Because through the use of our services we come into contact with your personal data within the meaning of EU Regulation 679/2016 (GDPR), we have prepared this Privacy Policy, which has the role of informing you about the type of data collected, the purpose and method of processing them, as well as about the rights and obligations you have as a data subject. The information thus provided will give you the opportunity to decide whether you want to use our Services and to choose how you want to use them.

The protection and confidentiality of personal data is a priority of states around the world, which has required the adoption of strict measures for accessing and processing them, especially data circulating in the online environment.

Our organization understands the importance of these measures and undertakes to make efforts to comply with them. To convince you that we act with diligence and prudence in this regard, please review this Policy. If you consider that your rights are not sufficiently protected, please do not send us personal data until we can offer you satisfactory guarantees. In this regard, you can write to us at [email protected]

If you agree with this Policy, our organization will proceed to process your data in accordance with what is accepted and included in this document.

Please note that this Policy applies exclusively to the services provided by our organization. Accessing external websites or applications from our website generates another entity capable of collecting and processing your personal data, an entity for which we are not responsible.

2. Data Controller

The commitment expressed through this Privacy Policy belongs to East European Comic Con ("EECC", "we", "us", or "our").

This Policy applies to the collection and processing of personal data through the website comic-con.ro and all related services.

This policy is designed in accordance with the General Data Protection Regulation (EU) 2016/679 ("GDPR") and the Romanian Law no. 190/2018 regarding measures to implement the GDPR.

3. Website Hosting Information

Our website is hosted on Vercel Inc., with headquarters at 340 S Lemon Ave #4133, Walnut, CA 91789, USA.

Article 44 GDPR establishes as a principle that any personal data that is being processed or will be processed after being transferred to a third country or to an international organization may only be transferred if the special conditions imposed by the regulation are met to ensure a certain level of security.

The European Commission has approved the use of Standard Contractual Clauses as a method to ensure adequate protection regarding data transfer outside the EEA. By incorporating standard contractual clauses into a contract concluded between the parties transferring data, personal data is considered protected when transferred outside the EEA or the United Kingdom, to countries for which an adequacy decision has not been adopted.

Data introduced on our website is stored on servers operated by our hosting providers, which comply with GDPR requirements through appropriate contractual safeguards.

4. Principles Governing the Processing of Personal Data

In accordance with the provisions of EU Regulation 679/2016, the processing of personal data is carried out in compliance with the following principles:

a. Lawfulness, Fairness and Transparency

Lawfulness is an essential principle that characterizes any conduct of the individual in society, and in the case of processing personal data it presupposes processing them based on legal provisions that are part of the community acquis that correlates with the declared purpose for processing and the legal grounds permitted by the GDPR Regulation. Fairness involves moral and ethical values, fair processing being that carried out on the basis of the same objective and honest criteria, without discrimination. Transparency requires that any information and communications relating to the processing of personal data are easily accessible and easy to understand, and that clear and plain language is used when transmitting the respective information/communications.

b. Purpose Limitation

Personal data must be collected for specified, explicit and legitimate purposes, and further processing in a manner incompatible with these purposes is prohibited, except where further processing takes place for archiving purposes in the public interest, scientific or historical research purposes or statistical purposes.

c. Data Minimization

Through this principle, operators are notified that any collection of personal data must be very well analyzed before actually obtaining the data, which must be the most relevant and strictly limited to what is absolutely necessary for the purposes for which they are processed.

d. Accuracy

Operators must take all measures to ensure the validity of the data, and those proven to be inaccurate must be updated or deleted quickly. In this regard, the data subject has the right to request the modification or deletion of those inaccurate data.

e. Storage Limitation

Data must be kept only for as long as necessary for the assumed processing. Longer storage periods are exceptions and usually result from the law (e.g.: the obligation to keep the archive for a certain number of years, keeping data for research or statistical purposes).

f. Integrity and Confidentiality

The processing of personal data must be done in the most appropriate security conditions, which include "protection against unauthorized or illegal processing and against accidental loss, destruction or damage, by taking appropriate technical or organizational measures".

5. Personal Data We Collect

Personal data is collected from you in several ways, as follows:

5.1. Account Registration

When you create an account on our website, we collect:

5.2. Competition Registration - Cosplay Parade

5.3. Competition Registration - Cosplay Contest

5.4. Competition Registration - K-Pop Showcase

5.5. Artists Alley Registration

5.6. Contact and Profile Data

5.7. Technical Data Collected Automatically

When you use our website or contact us in another way through a computer or mobile device connected to the internet, we and our third-party partners may collect information about how you access or use the website and information about the device you use to access it.

We collect this information through a variety of tracking technologies, including cookies, pixels, web beacons, embedded scripts, location identification technologies and other similar technologies (collectively, "tracking technologies").

The information we may collect automatically includes:

a. Server Information

To make the website more useful to you, our servers collect information that may include browser type, operating system, IP address, domain name, and/or date of accessing the website.

b. Log Files

The website automatically collects information and stores it in log files. This information may include IP addresses, browser type, internet provider, referring/exit pages, operating system, access date/time, data entered on the website, clickstream data. This data is used for trend analysis, service administration, analysis of user movements on the website and between its pages, collection of demographic information about the database as a whole, and adapting services as accurately as possible to user needs.

c. Do Not Track Signals (DNT)

DNT is a web browser setting that requests a web application to disable the tracking of an individual user. Currently, our organization does not respond to DNT signals or other mechanisms that would allow users to opt out of tracking this data on the website. More information about DNT technology can be found at allaboutdnt.com.

d. Mobile Services

Data may be collected from mobile devices used to access the website. Examples of data that may be collected include the user's geographic area and the type of device used to access the website. This information is transmitted to us as aggregated information and cannot be used to identify the human user.

e. Analytics Services

In addition to the tracking technologies we place directly on the website, other companies may set their own cookies or similar tools when you use our services. This includes third-party analytics services that help us analyze how users use our services. We may receive reports based on the use of these tracking tools (Analytics Services), the information contained in the reports may be individual or aggregated. Analytics Services use the information to measure traffic trends and usage and to understand more about the demographics and behavior of our users.

6. Legal Basis for Processing

We will try to maintain consent expressed in this regard as the sole basis for processing your personal data. If you withdraw your consent by following the unsubscribe instructions, by deleting the user account or by changing the rules applicable to the cookie policy, we will immediately comply with your request, except for that information for which another legal basis for processing exists (other than your consent).

The legal bases we rely on for processing your personal data include:

a. Consent (Article 6(1)(a) GDPR)

Where you have given clear consent for us to process your personal data for a specific purpose, such as receiving marketing communications or participating in competitions.

b. Contract Performance (Article 6(1)(b) GDPR)

Where processing is necessary for the performance of a contract with you or to take steps at your request before entering into a contract, such as processing your competition registration.

c. Legal Obligation (Article 6(1)(c) GDPR)

Where processing is necessary for compliance with a legal obligation to which we are subject.

d. Legitimate Interests (Article 6(1)(f) GDPR)

Where processing is necessary for our legitimate interests or those of a third party, provided that your interests and fundamental rights do not override those interests. Our legitimate interests include: improving our services, ensuring security, fraud prevention, and direct marketing to existing customers.

e. Vital Interests (Article 6(1)(d) GDPR)

Where processing is necessary to protect your vital interests or those of another natural person.

7. Purposes of Processing

Personal data is processed to achieve the following objectives:

8. Processing of Minors' Data

We take special care when processing personal data of minors (persons under 18 years of age). For competition registrations involving minors:

In accordance with Romanian Law no. 190/2018, for information society services, we require parental consent for the processing of personal data of children under 16 years of age.

9. Data Retention

We keep the personal data we use for the purposes described in this Policy for a maximum period of 5 years, with the following exceptions:

After the period expires, your personal data will be deleted, destroyed or anonymized for use for scientific, historical or statistical research purposes.

10. How We Share Your Personal Data

We may disclose your data to business partners or other third parties in order to achieve the purposes presented above. We make reasonable efforts at all times to ensure that these third parties have adequate protection and security measures in place.

As a rule, we provide your data to other companies, such as IT or telecommunications service providers, accounting, legal services and other third parties with whom we have a contractual relationship whose proper conduct requires access to your personal data.

We may share your personal data with:

We do not sell your personal data to third parties.

We may also provide your personal information to prosecutors, police, courts and other authorized state bodies, based on and within the limits of legal provisions and as a result of expressly formulated requests in this regard.

International Data Transfers

Your data may be transferred outside the European Economic Area to service providers located in the United States or other countries. When we transfer data outside the EU/EEA, we ensure appropriate safeguards are in place, such as:

11. Cookies and Tracking Technologies

We use cookies to collect information. "Cookies" are small pieces of information that a site sends to your computer's hard drive while you are viewing it. We may use both session cookies (which expire once you close your browser) and persistent cookies (which remain on your computer until you delete them).

We use two broad categories of cookies:

  1. First-party cookies: Served directly by us to your computer or mobile device, used only by us to recognize your computer or mobile device when you revisit our website
  2. Third-party cookies: Provided by service providers chosen by our organization and may be used by these providers to recognize your computer or mobile device when you visit other websites

Types of Cookies We Use

a. Essential Cookies

These cookies are essential to provide you with the Services and to allow you to use some of its features. For example, they allow you to log into the secure areas of our Services and help the content of requested pages load quickly. Without these cookies, the services you requested cannot be provided.

b. Functionality Cookies

These cookies allow our Services to remember the choices you make when using them, such as remembering your language preferences, remembering login details and remembering changes you make to other parts of the Services that you can personalize. The purpose of these cookies is to provide you with a fast and intuitive service.

c. Analytics and Performance Cookies

These cookies are used to collect information about traffic to the Services and how users use our Services. The information collected does not identify any individual visitor. The information is aggregated and anonymous. We use this information to help the website function more efficiently, to monitor the activity level of the website and to determine which parts need modifications or improvements.

d. Social Media Cookies

These cookies are used when you share information using a social media sharing button or the "like" button on our service pages or when you connect your account or create your user account on or through a social network such as Facebook, Twitter or Google+. The social network will record these operations.

Disabling Cookies

You can usually remove or reject cookies through your browser settings. To do this, follow the instructions provided by your browser (usually located in "settings", "tools", "help" or the "edit" function). Many browsers are set to accept cookies until you change the settings.

For more information about cookies, including how you can see what cookies have been set on your computer or mobile device and how to manage and delete them, visit www.allaboutcookies.org and www.youronlinechoices.com.

For more information, please see our Cookie Policy.

Pixels

We may also use pixel tags (also known as web beacons and clear GIFs) within the Services to track user actions on/or them. Unlike cookies, which are stored on the hard drive of your computer or mobile device by a website, pixel tags are invisibly embedded on web pages. Pixel tags measure the success of our marketing campaigns and compile statistics on the use of the website, so that we can manage our content more efficiently.

Automated Decision-Making or Profiling

We do not use your personal data for automated decision-making purposes. We do not engage in profiling that produces legal effects or similarly significantly affects you.

12. Data Security

We implement appropriate technical and organizational measures to protect your personal data, including:

13. Your Rights

Regarding the processing of personal data to which we have access within the limits and conditions established by this Policy, you have the following rights:

a. Right of Access (Article 15 GDPR)

To be provided with a copy of any personal data we hold about you and to receive information about the processing of your personal data.

b. Right to Rectification (Article 16 GDPR)

To request us to update or correct inaccurate personal data or to complete any incomplete personal data. You can update your profile information, such as username, address or contact information.

c. Right to Erasure (Article 17 GDPR)

To request us to delete your personal data ("right to be forgotten") in certain circumstances.

d. Right to Restriction of Processing (Article 18 GDPR)

To request us to limit the processing of your personal data in certain circumstances.

e. Right to Data Portability (Article 20 GDPR)

To request us to transmit personal data to you or to transfer them to another data controller in a structured, commonly used and machine-readable format.

f. Right to Object (Article 21 GDPR)

To object to the processing of your personal data based on legitimate interests or for direct marketing purposes.

g. Right to Withdraw Consent

Where processing is based on consent, you can withdraw it at any time without affecting the lawfulness of processing based on consent before its withdrawal.

h. Right to Stop Processing

To request us to stop processing personal data for: (i) personalization of push marketing notifications, (ii) data analysis to determine consumer trends and behavioral patterns and to improve our products, (iii) direct marketing communications.

Exercising Your Rights

If you wish to exercise any of the above rights, you can contact us using one of the options below:

We will respond to your request within 30 days. Please note that the rights listed above are not absolute. There are exceptions, so each request received will be analyzed to decide whether it is justified or not. To the extent that the request is justified, we will facilitate the exercise of rights. If the request is unfounded, we will reject it, but we will inform you of the reasons for the refusal and your rights to file a complaint with the Supervisory Authority and to go to court.

14. Right to Lodge a Complaint

You have the right to lodge a complaint with the competent supervisory authority (particularly in the Member State where you reside, work or where the alleged violation occurred), if you consider that any of your data is processed in a manner that constitutes a violation of the General Data Protection Regulation no. 679/2016 of 27 April 2016.

In Romania, the supervisory authority is:

15. Applicable Law

This Privacy Policy is governed by and must be interpreted in accordance with the legislation of Romania and any other mandatory legal provisions applicable in the European Union, including the General Data Protection Regulation (EU) 2016/679 and Romanian Law no. 190/2018.

16. Changes to This Policy

You can find out when this Privacy Policy was last modified by checking the "Last updated" section at the top of the document.

If you object to any changes, you can expressly manifest your intention in this regard. Continuing to use the website after the publication of changes to this Privacy Policy means that you have read, understood and accepted the changes.

You can print, download and retain in any way a copy of the Privacy Policy (and any revised version) for your records.

We will notify you of significant changes by posting the new policy on this page and updating the "Last updated" date. For material changes that affect how we process your personal data, we may also notify you via email if you have provided one.

17. Contact Us

If you have any questions about this Privacy Policy or our data practices, or if you have any concerns related to the processing of personal data, please contact us:

We are committed to working with you to obtain a fair resolution of any complaint or concern about privacy.