Privacy Policy

1. Introduction

At monterey-pop-festival.com (“we”, “us”, or “our”), we are committed to safeguarding the privacy and personal data of our users. We recognize the importance of transparency, accountability, and ethical data processing. This Privacy Policy outlines how we collect, use, disclose, and protect your information in accordance with the General Data Protection Regulation (GDPR), the California Consumer Privacy Act (CCPA), and other applicable data protection laws.

Your trust is important to us. We handle personal information with care and strive to uphold the highest standards of privacy and security.

2. Scope of Policy and Data Controller Role

This Privacy Policy applies to all users, visitors, and customers accessing our services through monterey-pop-festival.com. We are the data controller responsible for the processing of personal data as explained in this policy. Our contact details can be found in Section 13 below.

Please note that this policy covers only our own practices and does not extend to any external websites or services that may be linked through monterey-pop-festival.com.

3. Categories of Data Processed

To provide, enhance, and secure our website and services, we collect the following categories of personal data:

a. Usage Data
Information automatically collected when you visit monterey-pop-festival.com, including IP addresses, browser type, language, browsing behavior, session duration, referral URLs, and general activities on the website.

b. Account Data
Information you provide when creating or managing an account with us, such as your name, email address, telephone number, and postal address.

c. Profile Data
Data regarding your interactions with our services, such as preferences, purchase history, participation in events, surveys, or competitions.

d. Communication Data
All correspondence exchanged with us, including support inquiries, live chat transcripts, and email history.

e. Technical Data
Device specifications (e.g., operating system, hardware type), system preferences, screen resolution, and network configurations.

f. Transaction Data
Information relating to your purchases and orders, including payment details (e.g., masking or tokenized card information), billing and shipping information, and transaction history.

g. Preference Data
Marketing consent choices, communication preferences, areas of interest, and opt-in or opt-out records for direct marketing or personalization features.

4. Legal Bases for Data Processing

We process personal data under the following legal bases in accordance with GDPR and relevant laws:

– Consent: With your explicit permission, for example, to send newsletters or marketing communications.
– Contractual Necessity: To deliver services or products you have requested.
– Legal Obligation: Where processing is required by law or regulatory mandate.
– Legitimate Interests: For purposes such as improving services, fraud prevention, analytics, and securing our platform, provided that such interests are not overridden by your rights.

5. Your Rights

In accordance with GDPR, CCPA, and equivalent data protection laws, you have the following rights concerning your personal information:

– Right of Access: To request a copy of the personal data we hold about you.
– Right to Rectification: To have incorrect or incomplete information corrected.
– Right to Erasure: To request the deletion of your data, subject to certain conditions.
– Right to Restrict Processing: To limit the use of your personal data under specific circumstances.
– Right to Data Portability: To receive your data in a structured, commonly used, and machine-readable format and transmit it to another controller.
– Right to Object: To object to the processing of your personal data for certain purposes, including direct marketing.
– Rights under CCPA: Including the right to know what information is collected, to opt-out of the sale of personal data (note: we do not sell information), and to non-discrimination for exercising your rights.

You may exercise these rights by contacting us at [email protected].

6. Security Measures

We implement and maintain appropriate technical and organizational measures to ensure the confidentiality, integrity, and availability of your personal data, including but not limited to:

– End-to-end encryption for data in transit and at rest
– Secure socket layer (SSL) technology for all web communications
– Role-based access controls and authentication procedures
– Regular data backups and disaster recovery mechanisms
– Employee training in data protection and privacy awareness

7. International Transfers

Your personal data may be processed or transferred to countries outside of the European Economic Area (EEA). In such cases, we rely on Standard Contractual Clauses approved by the European Commission or ensure other appropriate safeguards are in place to ensure the lawful treatment of your data in accordance with GDPR.

8. Data Retention

We retain personal data only for as long as necessary to fulfill the purposes for which it was collected and to comply with legal, regulatory, or contractual obligations. Retention periods include:

– Usage and Technical Data: 12 months from collection, unless needed longer for security or analytics.
– Account and Profile Data: As long as your account remains active and for up to six years after closure.
– Communication and Support Data: Up to three years after resolution of the inquiry.
– Transaction Data: Retained for at least seven years as required by tax and accounting regulations.
– Preference Data: Until updated or withdrawn by the user.

9. Cookie Policy

We use cookies and similar technologies to enhance your experience on monterey-pop-festival.com. Our cookie categories include:

– Essential Cookies: Necessary for website functionality and cannot be disabled.
– Functional Cookies: Enable enhanced features like remembering preferences.
– Analytics Cookies: Support analytics and measurement of site use and performance, such as traffic and engagement.
– Performance Cookies: Help us understand service quality and improve page load speed and user interface performance.

10. Cookie Management and Compliance with GDPR & CCPA

We provide a cookie consent banner upon your first visit, enabling you to accept or reject non-essential cookies. You may also manage your cookie preferences at any time through our website or within your browser settings. Under CCPA, you also have the right to opt out of the disclosure of personal information gathered through cookies where applicable.

Our cookie practices are fully aligned with GDPR and CCPA requirements, including obtaining prior consent for non-essential cookies and allowing full withdrawal of such consent at any time.

11. Special Protections for Children Under 13

We do not knowingly collect or solicit personal data from children under the age of 13. If we receive actual knowledge that a child under 13 has provided personal data, we will delete such information promptly. If you believe that we have received information from a child under the age of 13, please contact us immediately at [email protected].

12. Policy Updates & User Notifications

We reserve the right to update or revise this Privacy Policy at any time to reflect changes in legal requirements or operational adjustments. Material changes will be communicated through the monterey-pop-festival.com website or via email if appropriate. Your continued use of the site will constitute acknowledgment of the updated policy.

13. Contact

If you have any questions, concerns, or requests regarding this Privacy Policy or the handling of your personal information, please contact us at:

Email: [email protected]

We are committed to full compliance with applicable data privacy regulations and strive to resolve all requests and concerns promptly, thoroughly, and transparently.