Data Privacy Information

Version: January 2024

1 Responsibility for the processing of your personal data

1.1 With this data protection information, we would like to inform you about which personal data we collect and process from you and for what purposes we do this. The following articles refer to the European General Data Protection Regulation (EU) 2016/679 of the European Parliament and of the Council of April 27, 2016 (GDPR).

1.2 “ Responsible” for the processing of your personal data within the meaning of Art. 4 No. 7 GDPR is

Mauricio Lizarazo Prada Schönhauser Allee 33 10435 Berlin contact@pachamamaculture.com

2 Personal data

The term personal data includes your personal details (e.g. your name, your date of birth, your address, your nationality), your identification data (e.g. your ID card data), your order data including your e-mail address, your technical connection data such as your IP address, your account and payment data depending on the payment method, advertising and sales data as well as other comparable data.

3 Collection of your personal data

3.1 On the Music C•A•R•E•S website, you have the option of calculating your emissions for the planning of a music event. This is a beta version. No personal data is collected when you use the tool.

3.1.1 When you contact us (e.g. via the contact form or by email), we process the personal data you provide. This includes, for example, your name and e-mail address.

3.1.2 If you access and use our website for purely informational purposes, we only collect data that is automatically transmitted by your internet browser. This includes, for example, the date and time of access to our website, the amount of data transferred, the website from which the request originates, browser type, browser settings and your IP address. This access data is analyzed exclusively for the purpose of ensuring trouble-free operation of the site and improving our offer. This is done in accordance with Art. 6 para. 1 lit. f) GDPR due to our legitimate interest in a correct presentation of our offer.

4 Transfer of your personal information to third parties

We will transfer your personal data to contracted service providers in Germany and abroad if this is necessary for economic or technical reasons. For this purpose, we will carefully select the respective service provider, agree an order processing contract with it in accordance with Art. 28 GDPR and carefully monitor it. For the purpose of outsourcing certain business processes, we have a legitimate interest in concluding order processing contracts with the respective service provider in accordance with Art. 6 para. 1 lit. f) GDPR.

4.1 When you carry out a donation process, we pass on your payment data (this also includes your address data) to the payment service provider PayPal commissioned to process payments. In some cases, the selected payment service provider also collects this data from you itself if you create an account there. In this case, you must log in to the payment service provider with your access data during the ordering process. In this respect, the privacy policy of the respective payment service provider applies.

4.2 Your data that is generated directly via our website is hosted via a server of Hetzner Online GmbH, Industriestr. 25, 91710 Gunzenhausen, Germany, with regard to the front end/data management system. The backend is stored via the server Vercel Inc, 440 N Barranca Ave #4133, Covina, CA 91723. We have concluded an order processing contract with Hetzner Online GmbH in accordance with Art. 28 GDPR. The use of hosting services from a third-party provider is based on our legitimate interest in the correct presentation of our offer on our website, Art. 6 para. 1 lit. f) GDPR.

5 Transfer of your personal data to a third country

If your data is transferred to a third country, we ensure that it is either only transferred to countries that have an appropriate level of protection within the meaning of Art. 45 para. 1 GDPR or that the controller based in the respective third country has provided appropriate data protection guarantees. These guarantees may consist of, for example

5.1. binding, internal data protection regulations in accordance with Art. 47 GDPR, or

5.2. standard protection clauses issued by the European Commission in accordance with the review procedure pursuant to Art. 93 (2) GDPR.

6 Cookies

6.1 When you use our website, no cookies are stored on your computer. Cookies are small text files that are stored on your hard disk assigned to the browser you are using and through which certain information flows to the place that sets the cookie (here by us). Cookies cannot execute programs or transfer viruses to your computer. They are used to make the website more user-friendly and effective overall.

6.2 This website uses transient cookies, the scope and function of which are explained below:

6.2.1 Transient cookies are automatically deleted when you close the browser. These include session cookies in particular. These store a so-called session ID, with which various requests from your browser can be assigned to the joint session. This allows your computer to be recognized when you return to our website. The session cookies are deleted when you log out or close the browser.

6.3 You can configure your browser settings according to your wishes and, for example, refuse to accept third-party cookies or all cookies. We would like to point out that you may not be able to use all functions of this website.

6.4 If you have given us your consent to the use of cookies on the basis of a notice (“cookie banner”) provided by us on the website, the legality of the use of cookies is governed by Art. 6 para. 1 lit. a) GDPR. In the cookie banner, you can choose which cookies you want to allow. For example, you can allow cookies for preferences, statistics and/or marketing purposes. Necessary cookies that ensure the functionality of the website are always used by us. We have a legitimate interest in maintaining the functionality of the website in accordance with Art. 6 para. 1 lit. f) GDPR.

7 Connection to social media

7.1 Use of social media plugins

7.1.1 We currently use the following social media plugins: Instagram, LinkedIn. In order to increase the protection of your data when you visit our website, the plugins are not integrated into the page without restrictions, but only using an HTML link (so-called “Shariff solution” from c't). This integration ensures that no connection is established with the servers of the provider of the respective social network when a page of our website containing such plugins is accessed. If you click on one of the buttons, a new window of your browser opens and calls up the page of the respective service provider, where you can (if necessary after entering your login data) e.g. press the Like or Share button.

7.1.2 We offer you the opportunity to interact with the social networks and other users via the plugins so that we can improve our offer and make it more interesting for you as a user. The legal basis for the use of the plugins is Art. 6 para. 1 sentence 1 lit. f) GDPR.

7.1.3 If you do not want the respective social networks to generate data about you via our website, you can take the following action: Always log out of the social networks before visiting our website or other websites.

7.1.4 Further information on the purpose and scope of data collection and its processing by the plug-in provider can be found in the data protection declarations of these providers provided below. There you will also find further information on your rights in this regard and setting options to protect your privacy.

7.1.5 Addresses of the respective plug-in providers and URL with their data protection notices: LinkedIn Corporation, 2029 Stierlin Court, Mountain View, CA 94043, USA, https://www.linkedin.com/legal/privacy-policy Instagram LLC, 1601 Willow Rd, Menlo Park CA 94025, USA; https://help.instagram.com/155833707900388/?helpref=hc_fnav&bc[0]=Instagram-Hilfe&bc[1]=Datenschutz%20und%20Sicherheitsbereich.

8 Retention periods and criteria for the retention of your personal data

All personal data processed will only be stored for as long as the website is open.

9 Your rights

9.1 You have the following rights towards us with regard to your personal data Right of access (Art. 15 GDPR) Right to rectification or erasure (Art. 16, 17 GDPR) Right to restriction of processing (Art. 18 GDPR) Right to data portability (Art. 20 GDPR) Right to object (Art. 21 GDPR) You have the right to object, on grounds relating to your particular situation, at any time to processing of personal data concerning you which is based on Article 6(1)(f) GDPR (data processing based on a legitimate interest). If you object, we will no longer process your personal data unless we can demonstrate compelling legitimate grounds for the processing which override your interests, rights and freedoms, or the processing serves the establishment, exercise or defense of legal claims. Furthermore, you have the right to object at any time to the processing of personal data concerning you for direct marketing purposes, Art. 21 para. 2 GDPR. If you object to processing for direct marketing purposes, we will no longer process your personal data for these purposes.

9.2 To exercise your rights referred to in section 9.1, please contact us by email at contact@pachamamaculture.com or at the address given in section 1.2.

9.3 You also have the right to complain to the competent data protection supervisory authority about the processing of your personal data by us.

10 Amendment of this privacy policy

We are entitled to amend, supplement or replace this Privacy Policy in whole or in part at any time and without prior notice. The privacy policy published on the website shall apply in each case.