Privacy Policy

Privacy Policy – Transylvania Coffee Festival

Event: Transylvania Coffee Festival
Organizers: Libero Conferences SRL
Location: Cluj–Napoca, Cluj County, Romania

1. Introduction

1.1 At Libero Conferences SRL, we are fully committed to protecting the confidentiality of your personal data. This privacy policy outlines how we collect, use, disclose, and protect your data in connection with the organization of the Transylvania Coffee Festival.

1.2 As part of our operations, we may process personal data from attendees, participants, vendors, sponsors, volunteers, and partners. This policy serves to inform you in a transparent and detailed manner about what data we collect and the purpose behind the processing.

2. Data Controller Information

2.1 Libero Conferences SRL, registered in Cluj-Napoca, Romania, is the data controller for all personal data collected through the Transylvania Coffee Festival website (www.transylvaniacoffeefestival.com), social media platforms, email communications, ticketing platforms, and on-site activities.

2.2 The organizer is responsible for establishing the purposes and means of processing your personal data, in accordance with GDPR requirements.

3. Types of Data Processed, Purposes, Legal Grounds & Retention Periods

3.1 Account Registration / Ticket Purchase

  • Data collected: Name, email address, phone number, city, Company/brand, billing information
  • Purpose: Creating and managing user accounts; enabling ticket purchases and access to the event.
  • Legal basis: Art. 6(1)(b) GDPR – performance of a contract.
  • Retention: Up to 5 years from the last interaction or event attended.

3.2 Event Check-in & Entry Control(if applicable)

  • Data collected: Ticket number, name, email, phone number, and photo (optional, for identity confirmation).
  • Purpose: Verifying access rights; operational control; fraud prevention.
  • Legal basis: Art. 6(1)(b) GDPR.
  • Retention: Photo deleted within 30 days of event; remaining data retained up to 3 years.

3.3 Marketing & Newsletter Subscription

  • Data collected: Name, email address, preferences.
  • Purpose: To share festival news, offers, and relevant content.
  • Legal basis: Art. 6(1)(a) GDPR – consent.
  • Retention: Until you withdraw consent or for a maximum of 4 years.

3.4 Surveys and Feedback

  • Data collected: Email, opinions, session ratings, location data (if applicable).
  • Purpose: Improve future editions of the festival.
  • Legal basis: Art. 6(1)(f) GDPR – legitimate interest.
  • Retention: Up to 3 years.

3.5 Photography and Videography

  • Data collected: Images and video recordings of attendees.
  • Purpose: Event documentation, marketing, promotion.
  • Legal basis: Art. 6(1)(f) GDPR.
  • Retention: Up to 10 years unless consent is withdrawn earlier.

3.6 Security Monitoring (CCTV)

  • Data collected: Video footage.
  • Purpose: Ensuring safety and protecting property.
  • Legal basis: Art. 6(1)(f) GDPR.
  • Retention: 30 days unless otherwise required for legal proceedings.

3.7 Financial Transactions

  • Data collected: Payment method, transaction ID
  • Purpose: Ticketing, invoicing.
  • Legal basis: Art. 6(1)(b) GDPR.
  • Retention: Up to 3 years (legal/statutory compliance).

4. How We Collect Data

  • Directly via ticketing platforms, website forms, emails, or check-in systems.
  • Automatically via cookies, log files, and analytics tools.
  • Through third-party platforms we collaborate with (e.g., Entertix, Eventbook).

5. Data Recipients

  • Internal departments and staff.
  • IT and payment service providers.
  • Marketing and communication agencies.
  • Public authorities (where legally required).
  • Event security and logistics teams.

All recipients are contractually obligated to ensure data confidentiality and to process data only under our instructions.

6. International Data Transfers

We may transfer data outside the EU only to countries with adequate protection, or under Standard Contractual Clauses approved by the European Commission.

7. Data Subject Rights

According to GDPR, you have the right to:

  • Access your data
  • Rectify inaccurate data
  • Erase your data (right to be forgotten)
  • Restrict or object to processing
  • Data portability
  • Withdraw consent at any time
  • Lodge a complaint with the Data Protection Authority: www.dataprotection.ro

You may exercise your rights by writing to us at: office@liberoevents.com.

8. Security Measures

We implement appropriate technical and organizational measures to protect your personal data against unauthorized access, loss, destruction, or alteration, including:

  • Secure servers and encrypted databases
  • Access controls and staff training
  • Regular backups and vulnerability checks

9. Cookies

For details on how we use cookies and similar tracking technologies, please refer to our dedicated Cookies Policy page.

10. Updates

This Privacy Policy may be updated from time to time. The latest version will always be available on our website and the date of the last update will be clearly indicated.

Last updated: May 6, 2025

Scroll to Top