PRIVACY POLICY

PRIVACY POLICY

The data controller is Association “ EUROPEAN CENTRE OF MUSIC FOR YOUTH, BIEDRĪBA ” (the Association), which organises international vocal and music festival for youth “RIGA SYMPHONY”. With the legal address of registration Skolas street 34-16, Riga, Latvia, LV-1010 and the legal entity code Nr. 40008244950 .

Main terms:

Personal data – any information that is related to the identified or identifiable individual (Data subject).

Personal data managing – any action with personal data: collecting, writing, saving, accumulation, classification, grouping, joining, changing (adding or editing), presenting, publicizing, using, logically or arithmetically operating, announcing, deleting or any other action or action set.

Participant– any information that is related to the individual (Data subject), which identity is known or can be directly or indirectly identified using identification number and data available in the data processing system.

Consent of Participant– Data subject voluntarily gives his or her full consent to the collection, maintenance and processing of personal data.

Data manager– natural or legal person, agency or other organisation, that decides independently or together with other institutions the purpose and means of personal data collection, also provides access to the data.

Authorized person– natural or legal person, public institution, agency or other organisation, which executes data processing on behalf of Data manager.

Cookies– a small piece of data sent from the Association website and stored on the Participant’s computer, smart phone etc. while the participant is visiting the Associations website.

Legitimate interest– The legitimate interests of the Association, which are based on the provision of quality services, also constitute a legal basis, provided that the interests or fundamental rights and freedoms of the Data subject do not prevail over the legitimate interests. The Association’s right to process the Participant’s personal data is limited to what is objectively necessary and sufficient to ensure timely, high-quality, convenient service. As well as establishing and supporting the Association internal processes to prevent fraud against the Association.

Processing of personal data

The Association collects, processes, stores, shares, deletes and protects Participant Personal Data pursuant to Regulation (EU) 2016/679 of the European Parliament and of the Council on the protection of individuals with regard to the processing of personal data and on the free movement of such data.

In accordance with applicable laws and regulations governing the processing of personal data, the Organisation shall observe the following data protection principles:

• Lawful, honest processing of personal data;
• Processing of received personal data is carried out in accordance with the specific purposes;
• Received personal data is adequate, relevant;
• Received personal data is accurate;
• Received personal data is not stored longer than necessary and is deleted when the purpose is achieved;
• Processing of personal data is executed in compliance with the rights of natural persons;
• Safe storage of personal data

1. Privacy policy

The Privacy Policy applies to the processing of the personal data of each Participant and the service offered to the Participant. The Privacy Policy provides information on how the Organisation collects, processes, stores, shares, deletes and protects Participant’s personal data. The Organisation ensures the lawful and fair processing of the Participant’s personal data.

2. Categories of personal data processing

The Association processes personal data directly received from the Data subject (i.e., the person who submitted the personal data). Purposes of processing personal data of the Association:

1. Provision of services within the framework of contractual obligations (including processing of applications for participation in the Riga Symphony Festival organized by the Association);
2. Processing of transaction data in accordance with the Law on Accounting;
3. Providing information, information systems and enterprise security;
4. Selection and management of participants in competitions organized by the Association;
5. The quality of competitions organized by the Association;
6. For the provision of information to public administration institutions and entities of operational activities in the cases and to the extent specified in external regulatory enactments.

During the events organized by the Association, photo and video recordings may be taken for public information purposes and to create the Association’s historical archive. The Association has the right to post the photos and videos taken for public information purposes on the websites and social network profiles managed by the Riga Symphony Festival.

3. Basic principles for processing personal data
4. Consent of Participant. The Participant, as a personal Data subject, gives its own consent (consent of the subject) to the collection and processing of personal data for certain purposes. Withdrawal of the consent shall not affect the lawfulness of the processing or the quality of the services received, which are based on the consent before the revocation.
5. The legitimate interests of the Association based on the provision of quality services. The Association has the right to process the Participant’s personal data to the extent that it is objectively necessary and sufficient to provide timely, high quality, convenient service. As well as establishing and supporting the Association’s internal processes.
6. Fulfilment of the Association’s legal obligations. The Association is entitled to process the Participant’s personal data in order to comply with regulatory requirements and to respond to legitimate requests from the state and local governments.
7. Conclusion and performance of the contract. In order to provide the participant with quality services, the Association collects and processes certain personal data that is collected before or during the contract.
8. Purpose of data processing
9. Concluding and executing a contract with a Participant;
10. To assess the Participant’s ability to perform its contractual obligations;
11. Efficient cash flow management, including administration of the Participant’s payments and debts;
12. Providing technical support in relation to the services provided;
13. To promote the development of the sector and offer new services;
14. Statistical data processing and analysis.
15. Collection of personal data
16. The Association obtains a Participant’s personal data when a Participant:

• Signs up to receive news from the Association’s website rigasymphony.lv;
• By filling in the questionnaire on the website administered by the Association rigasymphony.lv;
• Participates in the Riga Symphony Competition organized by the Association, where photo and video recording may take place;
• Visiting or browsing the web site administered by the Association rigasymphony.lv;

The Association and their authorized persons are entitled to process the Participant’s personal data received from third-parties on the basis of the Personal Data Protection Regulation No. 2016/679, if the Participant has given his or her consent;

The Association can be the controller of various data processing activities. In order to ensure the Data subjects’ right to privacy, the Association adheres to the principles of confidentiality and strictly restricts the disclosure of personal data. Only authorized persons of the Association are entitled to change and process personal data.

6. Period of retention of personal data

The Association is entitled to process and store personal data as long as:

1. The Participant’s consent to the processing of personal data is withdrawn, but not more than 1 year from the date of submitting the Participant’s consent.
2. The term of retention of personal data is specified in regulatory enactments;
3. Until full execution of contractual obligations between the Participant and the Association;
4. Until the purpose (determined at the time of receipt) for which the personal data are used has been met.
5. Sharing of personal data
6. The Association shall provide the personal data of the Participant only to the extent necessary and sufficient in accordance with the requirements of the regulatory enactments and taking into account objective circumstances of the particular situation;
7. If necessary, the Association will pass on the Participant’s personal data to persons authorized by the Association, pursuant to the Regulation, to service providers involved in ensuring and improving the quality of the products and services ordered or used by the Participant;
8. The Association is entitled to transfer the Participant’s personal data to law enforcement institutions, other state and municipal authorities if this is required by law.
9. Protection of personal data

To protect the Participant’s personal data from unauthorized access, accidental loss, destruction or disclosure, the Association uses state-of-the-art technology, taking into account existing privacy risks and the Association’s reasonably available organizational, financial and technical resources such as data encryption, firewall, intrusion events.

9. Participant rights

The Data subject’s rights apply to any natural person whose personal data is processed by the Association and applies to the processing of personal data provided by you or by any other natural person on the Association’s website, on paper, or by phone. The Data subject shall have the following rights:

• To contact us if you have any questions regarding the administration of your data by writing to rigasymphony@gmail.com or the legal address of the Association at Skolas Street 34-16, Riga, Latvia, LV-1010.
• The right of access to this data. If we process your data, it is our responsibility to provide free information on the processing of your data. Before submitting your personal data, it is our responsibility to verify your identity to ensure that information about your data is not passed on to third parties.
• If the information stored by the Association is incomplete or incorrect, you have the right to have any inaccuracies in your personal data corrected.
• The right to object to the processing of personal data by the Association if there is no longer obligation to retain them;
• The right to request the deletion of your data if the Association continues to store it upon expiration of the retention period, and in certain circumstances to restrict the processing of data and / or to obtain electronic copies of information held by the Association.

You may request that these rights be enforced by contacting the Association by writing to rigasymphony@gmail.com or the legal address of the Society at 34-16 Skolas Street, Riga, Latvia, LV-1010, and we will comply with any corrections specified in the request to the extent with applicable regulations and professional standards.

10. Policy and its validity

The Association works to protect the privacy of your personal information. If you have any questions or comments regarding the administration of your Personally Identifiable Information, please contact us by email at rigasymphony@gmail.com or at the Association’s legal address at 34-16 Skolas Street, Riga, Latvia, LV-1010.

This contact information may also be used to report any questions you may have regarding compliance with our Privacy Statement.

You will receive a response within one month of receiving the email. If your question is complex or we receive a lot of questions, we will let you know that it takes more than one month to resolve your issue, and we will address it within three months of the question was first submitted.

At the same time, you reserve the right to lodge a complaint with the Latvian Data Protection Inspectorate (http://www.dvi.gov.lv).

11. Third-Party Cookies

The Association’s website www.rigasymphony.lv may contain third-party cookies, such as google analytics.

The Google Analytics tool is provided by Google Inc. (The US company) that has access to statistics collected by this tool. Google Inc. has joined the European Union (EU) – United States (US) Privacy Principles, the EU-US Privacy Statement, which confirms that the service provider complies with the privacy standards required by the EU. This provider is also subject to a contractual obligation to protect privacy.

Cookie control

The Data subject may delete the cookies of his choice (see www.AboutCookies.org and / or www.youronlinechoices.com for details).

Possible payment options