A FUNtastic FEST to grow up!

Privacy Policy

INFORMATION NOTICE ON THE PROCESSING OF PERSONAL DATA

Applicability: 15 April 2022

Our commitment to privacy

KIDS FEST S.R.L. , with registered office in Bucharest, str. Turnu Măgurele nr.5, bl.C1B, sc.5, et.6,
sector 1, registered at the Trade Register under no. J40/22622/2021, sole registration code 45407030,
as personal data controller (“Controller” or “KIDS FEST” or “we”)
This Information Notice describes the personal information the Controller collects about you, why
we collect it, how we use it, and when we share it with third parties. This Information Notice also
describes how we process the information you provide to us or the information we collect
about you when you purchase tickets for participation in the KIDS FEST 2022 Festival taking
place from 2-3 July 2022, at the Mogoșoaia Palace – The clearing in front of the Bibescu
Greenhouses, located in Mogoșoaia, Str. Valea Parcului nr.1, Ilfov County.
It also states the
choices you can make about how we use your personal information and supplements any other
information you have provided in other circumstances.
This Information Notice has been drafted taking into account the aspects set out in the provisions
of the European and national legislation in force, namely the General Data Protection Regulation
(EU) 679/2016 (“GDPR”), Law 190/2018 on measures implementing the GDPR and/or with any other
decisions that the National Supervisory Authority for Personal Data Protection (ANSPDCP) may
issue as supervisory authority on personal data protection.

  1. WHICH CATEGORIES OF DATA SUBJECTS ARE CONCERNED?
    We process the personal data of the following categories of persons:
    • customers who purchase tickets to KIDS FEST 2022 through www.kidsfestro.ro or
    www.bilete.ro, our ticketing partner;
    • customers who purchase tickets to KIDS FEST 2022 at the entrance to the Festival venue;
    • customers or potential customers who (1) use the services/attractions made available at
    the Festival.
  1. FOR WHAT PURPOSES DO WE PROCESS YOUR PERSONAL DATA?
    KIDS FEST processes your personal data for the following purposes:
    • To offer access by buying tickets to KIDS FEST 2022 via the website www.kidsfestro.ro
    • To conclude sales contracts for our services, by (1) purchasing the ticket for access to KIDS FEST
    2022; (2) by replenishing the access cards, distributed by the Controller at the entrance to KIDS
    FEST 2022, with any limit of money, for access to various special activities/attractions held
    during KIDS FEST 2022;
    • To provide access to the KIDS FEST 2022 premises (e.g. temperature scan or green certificate);
    • To promote KIDS FEST 2022 through the use of audio-visual recordings, photos of guests;
    • marketing and advertising; participation in competitions, sweepstakes and promotions; signing
    up to receive newsletters and updates on the latest products and services (mail, email
    newsletter, SMS, phone and other digital channels, e.g. social media);
    • security and safety of you and your belongings at KIDS FEST 2022;
    • to prevent, detect or investigate fraud, security breaches and activities that are or may be
    prohibited or illegal, and to defend and exercise our rights under the law;
    • to deal with requests from public authorities or to meet legal requirements (e.g. specific
    financial accounting, tax or money laundering legislation);If we intend to further process your personal data for a purpose other than that for which it was
    collected, we will provide you, prior to such further processing, with information on the purpose of
    the processing and any additional relevant information requested by you.
  2. WHAT LEGAL BASIS WE USE FOR PROCESSING YOUR PERSONAL DATA?
    The legal grounds for processing your personal data are as follows:
    • your consent (Article 6(1)(b) of the GDPR) for the purposes of using your audio-visual
    recordings and photographs.
    • the performance of a contract or the intention to conclude a contract by the data
    subject (Article 6 (1) (b) of the GDPR) for the purposes of (1) purchasing a ticket for access to
    the KIDS FEST 2022 Festival; (2) replenishing the cards distributed by the Controller at the
    entrance to the KIDS FEST 2022 Festival with any amount of money for access to various special
    activities/attractions held during the KIDS FEST 2022 Festival;
    • performance of a contract to which the data subject is a party (Art. 6 (1) b) of the GDPR)
    for the purpose of managing the business relationship between the Controller and a potential
    customer/client, potential supplier/supplier or other potential business partner/partner, if you
    are a collaborator, representative or contact person of that customer, supplier, business partner;
    • legitimate interests (Article 6(1)(f) of the GDPR) for the purposes of providing access to and
    use of the services of the www.kidsfestro.ro website through its proper functioning; operating,
    protecting, improving and optimizing www.kidsfestro.ro and the experience of users and
    customers; the security and safety of you and your property on the premises of KIDS FEST 2022;
    preventing, detecting or investigating fraud, security breaches and activities that are or may
    be prohibited or illegal, and for the defense and exercise of our rights under the law;
    • compliance with legal obligations (Art.6(1)c) of GDPR) for the purposes of issuing tax
    documents (invoices); access to the premises of KIDS FEST 2022 by processing health data in
    the context of the COVID-19 pandemic; security breaches and activities that are or may be
    prohibited or unlawful; defending and exercising our rights; dealing with requests from public
    authorities or to fulfil legal requirements (e.g.. specific financial accounting, tax or money
    laundering prevention legislation), as well as any other legal requirements imposed or to be
    imposed in the context of COVID-19 by local and central public authorities; your security and
    safety and therefore your property on the premises of KIDS FEST 2022.
  3. WHAT TYPES OF DATA DO WE COLLECT AND WHAT IS THE SOURCE OF THE
    DATA?
    For each data processing purpose, we need certain personal data from you as follows:
    • in the case of visitors to the https://shop.workspacestudio.ro/en website, we do not know
    any data about them, except for the [IP address] and [cookies] used (for further details please
    refer to the Cookies Policy), but we monitor the number of visitors and the sections
    accessed/browsed/visited within the website for statistical purposes; we may collect
    information during your visit. We may collect data during your visit to the web page of the
    online shop through our automatic data collection tools (Cookies): internet protocol (IP)
    address, domain name (URL), access data, customer access history (pages viewed, links
    clicked), HTTP response code, data of the web page from which the access is made, byte quality
    used during the visit, data of the pages viewed or type and language of the browser used;
    • the purpose of concluding sales contracts for our services (online sales); your data is
    collected directly from you when you purchase tickets to KIDS FEST 2022; (2) the supply of
    access cards for various activities/special events held at KIDS FEST 2022; i.e. personal and
    contact data, data on your purchases, etc. or fiscal data – [adult/child’s first name, last name,
    child’s date of birth, email address, phone number, billing address, signature and/or any other
    data you choose to provide us, health data in the context of COVID-19]; Your refusal to provide
    this information will make it impossible for us to provide our services;
    • marketing and advertising purposes, participation in contests, sweepstakes and promotions;
    signing up to receive newsletters and updates on the latest products and services (mail, email
    newsletter, SMS, phone and other digital channels, e.g. social media), events; your data iscollected directly from you when you decide to participate in contests, sweepstakes and
    promotions or when you subscribe to the newsletter – [name, surname, email address, phone
    number, data collected from cookies, data on preferences and habits, photographic or video
    images at events]; Failure to provide this/any information will make it impossible for us to offer
    you personalised marketing campaigns;
    • for the purpose of security and safety of yourself and your property on the premises of KIDS
    FEST 2022 – as required by applicable law and appropriately marked on the premises of KIDS
    FEST 2022; your data is collected directly when you attend KIDS FEST 2022 – .
    • for the purpose of informing you by phone, e-mail;
    • for the purpose of managing the business relationship between us and a potential
    customer, client, potential supplier or other potential partner/business partner, if you are a
    collaborator, representative or contact person of the respective customer, supplier, your data is
    collected directly from you – [name, surname, email address, telephone number, mailing
    address]; Failure to provide this information will make it impossible to properly perform the
    contract concluded between the Company and you.
    OTHER IMPORTANT INFORMATION
    Analysing communications within/through our online shop www.kidsfestro.ro
    We may review, scan or analyse communications within the www.kidsfestro.ro online store (e.g.,
    distribution of a dedicated event page published on www.kidsfestro.ro via various communication
    channels – instant messaging, social media platforms, email) for fraud prevention, risk assessment,
    regulatory compliance, investigation, product development, research, analysis and customer
    support. For example, as part of our fraud prevention efforts, we scan and analyse messages to
    mask contact information and references to other websites. In some cases, we may scan, review or
    analyze messages to debug, improve and expand product offerings. We use automated methods
    where possible. However, occasionally we may need to manually review some communications,
    such as fraud investigations and customer support, or to evaluate and improve the functionality
    of these automated tools. We will not review, scan or analyze your communications to send third-
    party marketing messages to you, and we will not sell reviews or analysis of these communications.
    These activities are carried out based on the Company’s legitimate interest in ensuring compliance
    with laws and our Terms and Conditions, preventing, detecting and detecting fraud, security
    breaches and activities that are or may be prohibited or illegal promoting safety and improving
    and ensuring the proper performance of our services.
    Partners and third-party integration
    The www.kidsfestro.ro website may contain links to third party sites or services, such as third-
    party integrations, co-branded services or third party branded services (“Third Party Partners”).
    We do not own or control these Third-Party Partners and when you interact with them, you may
    provide information directly to the Third-Party Partner or to one or both of them. These Third-
    Party Partners will have their own rules regarding the collection, use and disclosure of
    information. We encourage you to review the privacy policies of the other sites you visit.
    Parts of the www.kidsfestro.ro website may use third party services, such as Google Analytics
    services, including payment processor APIs for payments of tickets purchased on our
    www.kidsfestro.ro website.
    Integrated payment processor(s) solutions act as data processing and liaison hubs between card
    issuers, card-accepting merchants and card-using customers. All types of cards issued by Romanian
    and foreign banks under the VISA and MasterCard logos are accepted, provided that the issuing
    banks have activated them for online payment. The Controller does not request and does not storeany information related to the bank card(s) of customers or members, which is processed directly
    on the servers of online payment processors. Payment processors and/or bank card issuers, approved
    by the Controller or its Partners have the right to access/view any type of data/documents, generated
    as a result of an issued order, cancelled order, contract, cancelled contract or honoured contract, in
    order to investigate any suspicious transaction, if any.
    Certain information that is personal data [name, first name, email address, etc.] may also be
    transmitted for a limited time to our partner service Trusted Opinions by TRUSTED.ro, for the
    purpose of sending a message on behalf of our online store, to independently manage customer
    opinion about their experiences on the website www.kidsfestro.ro. Customer opinion will be
    published on feedback.trusted.ro. The information is automatically deleted by the partner service
    system after the purpose has been achieved. Feedback.trusted.co.uk may use third party systems for
    technical delivery of messages to ensure that they reach customers.
    Use of these services is subject to their privacy policies, such as the Additional Terms and
    Conditions of Google Analytics, Facebook, Twitter, YouTube, payment processors and
    TRUSTED.ro partner.
  4. WHAT OTHER DATA DO WE COLLECT?
    The www.kidsfestro.ro website uses cookies or similar technologies to ensure the best experience
    for you and to analyze trends, administer the website, track customer usage within the website, and
    gather demographic information about the user base as a whole. Cookies are small text files that are
    placed on the customer’s device to track usage and record preferences. Our cookies do not contain
    personally identifiable information. We collect certain information automatically through the use of
    cookies and tracking technologies such as Internet Protocol (IP) address, browser type, Internet
    Service Provider (ISP), page references/exits, pages viewed on our site (e.g. HTML pages, graphics),
    operating system, date/time and/or series of clicks to analyze trends as a whole and administer our
    website. Site users can control the use of cookies at the browser level, but if the user chooses to
    disable cookies, this action will result in a limitation of certain features and functions on our website
    and services. A useful resource for information on deleting and controlling cookies can be found at
    www.aboutcookies.org. A breakdown of how we use cookies in our relationship with online users
    can be found in the Cookies Policy section.
  5. HOW DO WE USE YOUR PERSONAL DATA?
    We may use, store and process personal information to (1) provide, understand, improve and
    develop the www.kidsfestro.ro online store (2) create and maintain a trusted and more secure
    environment (such as complying with legal obligations and ensuring compliance with the Policies
    of www.kidsfestro.ro) and (3) provide, personalize, measure and improve our advertising and
    marketing.
    Providing, improving and developing our website www.kidsfestro.ro.
    We may use personal information to provide, improve and develop our website www.kidsfestro.ro
    to:
    • allow you to access and use our website www.kidsfestro.ro;
    • operate, protect, improve and optimize our website www.kidsfestro.ro and the user and
    customer experience, such as conducting analytics, statistics and research;
    • makes your shopping experience easier, more enjoyable and more efficient;
    • offer own products and services or those of third party partners to customers;
    • send you messages about products and services purchased, event updates or cancellations,
    security alerts and account notifications;
    • address issues and improve our products, brands, services and technologies, and to develop new
    products and services.We process this personal information for these purposes in light of our legitimate interest in
    improving our website www.kidsfestro.ro and our customers’ experience of it and where necessary
    for the proper performance of our contract with you.
    Creating and maintaining a trusting and safer environment. We may use personal
    information to create and maintain a trusted and safer environment, such as:
    • detecting and preventing fraud, security breaches and activities that are or may be prohibited
    or illegal, spam, abuse and other harmful activities;
    • conducting safety investigations and risk assessments;
    • conducting checks of databases and other sources of information, including background or
    police checks, to the extent permitted by applicable laws (in limited circumstances, in the
    case of the organisation of sports competitions/games) and with your consent;
    • compliance with legal obligations;
    • resolving disputes with any of our members and enforcing our agreements with third parties;
    • compliance with our Terms and Conditions and other policies;
    • your security and safety as required by applicable law and appropriately marked – video
    recordings, without sound, at our premises;
    • protecting the rights, property, safety and security of the Company, employees, customers and
    others.
    We process this personal information for these purposes in light of our legitimate interest in
    protecting our website www.kidsfestro.ro and to measure the proper performance of our contract
    with you and compliance with applicable laws.
    Deliver, personalize, measure and improve advertising and marketing. We may use
    personal information to deliver, personalize, measure and improve our advertising and marketing,
    such as:
    • sending you promotional, marketing, advertising and other information that may be of
    interest to you based on your preferences and media advertising through pages and accounts
    managed by us on social platforms such as Facebook, YouTube, Instagram, LinkedIn, etc.;
    • personalizing, measuring and improving our advertising; survey administration;
    • to help us learn more about your shopping preferences;
    • organisation of competitions, raffles and other promotional activities; events managed by us
    or third party partners (e.g. promotions);
    • signing up to receive newsletters and updates on the latest products and services (mail, email
    newsletter, SMS, phone and other digital channels, e.g. social media); this will not affect the
    frequency of administrative emails we may send in relation to any ticket/product purchased
    by you. There is no charge for sending promotional emails to you;
    • invitations to local events, promotions and opportunities, online experiences at
    www.kidsfestro.ro or at our office;
    • taking and displaying photographic images of participants in contests, raffles and other
    promotional activities; as well as displaying our customers’ reviews both on our website
    www.kidsfestro.ro and on social networks and various offline and online media channels.
    We will process your personal information for the purposes listed in this section, based on our
    legitimate interest in conducting marketing activities to provide you with products or services that
    may be of interest to you.
    How payment processors (payment data controllers) use the personal information
    collected. We may use personal information as part of payment services to:
    • enable you to access and use payment services;
    • detect and prevent fraud, abuse, security incidents and other malicious activity;
    • conduct security investigations and risk assessments;
    • carry out checks of databases and other sources of information;• comply with legal obligations (such as anti-money laundering regulations);
    • apply payment conditions and other payment policies.
    Payment processors (payment data controllers) process this personal information in view of its
    legitimate interest to improve the payment services and users’ experience thereof and where
    necessary for the proper performance of the contract with you and to comply with applicable laws.
    We will only use personal data for the purpose for which it was collected and we will only store data
    for as long as necessary for that purpose. We will retain your information for as long as your account
    is active, in order to provide you with our products and services in accordance with our legal
    obligations. Access to and processing of personal data is carried out by the Company and/or by our
    partners, authorised by us for this purpose, in accordance with our data protection working
    procedures.
  6. HOW LONG DO WE STORE YOUR PERSONAL DATA?
    The storage periods of your personal data differ depending on the purpose for which they
    are used, as follows:
    • conclusion of sales contracts for our products – for a period of 10 years from the date of sale;
    with the proviso that personal data contained in any supporting documents underlying the
    entries in the financial accounts shall be kept in our archives for 10 years from the end of the
    financial year in which the supporting documents were drawn up, in accordance with the
    provisions of the Accounting Act; in the context of the defence and exercise of our legal rights
    and interests, the personal data necessary for this purpose shall be kept in accordance with the
    general limitation periods;
    • marketing and advertising – during the validity of the consent given by you for marketing
    activities for which it has been requested or until your objections to such processing have been
    resolved, unless the law provides for another period of data retention or the retention of data is
    necessary for the exercise or defence of the rights of the Controller;
    • to resolve various requests/complaints of any nature regarding the products purchased – during
    the period of resolution of various requests/complaints; in the framework of defending and
    exercising our legal rights and interests, the personal data necessary to achieve this purpose will
    be kept according to the general limitation periods;
    • your security and safety (video recordings by CCTV system [without sound] in the premises of
    KIDS FEST 2022, system operated by the owner of the Mogoșoaia Palace venue) – for a period of
    up to 20 calendar days from the date of recording, in accordance with the legal provisions in force
    and the legitimate interests of the Controller, unless the data are necessary for the investigation
    of an incident, in which case they are kept until the resolution of the incident;
    • managing the business relationship between us and a potential customer/client, potential
    supplier/supplier or other potential business partner/partner, if you are a collaborator,
    representative or contact person of that customer, supplier, business partner – during the
    execution of the contract or if there is a legal obligation to do so.
    Your data is stored in the Company’s IT systems, which are located on its own servers located in
    Romania and on servers located only in the European Union.
  7. WHERE DO WE TRANSMIT/TRANSFER YOUR PERSONAL DATA?
    Your personal data may also be processed by other operators, associated operators or processors of the Controller, in full compliance with the legislation on the protection of personal data:

  • IT service providers and all companies in these categories of recipients from whom the Controller will contract services and products and who have taken appropriate protection measures, as required by law, to ensure that they comply with their obligations regarding the protection of personal data. Where Processors subcontract part of the activities involving the processing of personal data, the subcontractors will be subject to the same obligations in terms of the implementation of the security, technical and organisational measures provided for by the EU General Data Protection Regulation, as well as the internal regulations approved
  • for the implementation of the EU General Regulation;
  • other independent operators (e.g. courier services);
  • the Controller’s contracting parties, which have the status of associated operator, for the performance of certain services outsourced to them;
  • State authorities on the basis of their powers under the applicable law;
  • We may share your information with our service providers who manage customer information and perform services on our behalf, such as running promotions, sending messages to customers, conducting surveys, etc. We have not authorized any of these service providers to do anything else with your information;
  • We may share information with you when we work with another company to provide or offer our customers products, services, contests or promotions;
  • we may share information about you as necessary or appropriate in good faith to comply with laws or regulations or to respond to a valid subpoena, government order or request, or to protect the operations, privacy, safety, property or rights of the Controller;
  • if you choose to pay for our products on the www.kidsfestro.ro website, your personal data will be transmitted directly to the electronic payment processor [*] without transferring your bank details to us. For any complaints and complaints about this information or the way an online payment is made, please contact the payment processor directly;
  • in the unlikely event of a sale or merger of the Company, our customers’ personal information and other information that we have collected as described in this policy may be among the assets transferred.

Your data will not be transferred to third countries or international organisations. If your data will
be transferred to other companies/entities in other countries outside the EU/EEA, you will be
informed.
9.
HOW DO I CHOOSE WHICH PROMOTIONS I RECEIVE? WHY DID I RECEIVE A
MARKETING E-MAIL AFTER I MADE A PURCHASE FROM www.kidsfestro.ro?
Our company only wants to communicate with you if you have expressed or give your consent
(explicit consent) to do so (e.g. in the case of subscribing to our newsletter).
However, there is also the possibility that our Company may send you personalised offers if you have
placed at least one order on the website www.kidsfestro.ro, without having subscribed to the
newsletter, based on our legitimate interest for marketing and advertising purposes (art. 6 (1) f) of
the GDPR).
If you prefer not to receive promotional information, such as information about special offers,
promotions, contests, sweepstakes and sales events, from one or more brands, you can (1) let us
know by contacting our customer service as described in the section entitled “How can you contact
us?” below or (2) you can click on the unsubscribe links present in each newsletter sent by us.

HOW IS MY INFORMATION USED FOR BEHAVIOURAL OR TARGETED ADVERTISING AND
WHAT OPTIONS DO I HAVE?
We use our own cookies to determine which of our ads are shown on other websites. To opt out of
this targeted online advertising that uses our cookies, click here.
We also work with third-party companies that use tracking technologies (including cookies and pixel
tags) on our sites to deliver personalized advertising on our behalf and on behalf of other Internet
advertisers. These companies may collect information over time about your activity on our sites and
other sites, as well as your interaction with our advertising and other communications, and use this
information to determine what ads you see on third-party sites and applications. These technologies
and information collected about you may also be used to track your activity across multiple devices.For more information about this practice and to understand your choices, including how to opt out
of receiving these personalized ads, visit http://www.aboutads.info.
Note that regardless of whether you opt out, these tracking technologies may still collect data and
you will still see ads, but they will not be targeted based on information collected through these
tracking technologies.
We use an instant notification tool (“push notifications”), which can be accepted by you and which
is valid for both mobile devices – mobile phones and/or tablets (“mobile push”) and web devices –
desktop computer and/or laptop (“web push”). If you have accepted the use of such instant
notifications, you will receive notifications only on the device you have accepted.
This instant notification tool does not store personal data (including IP address), but only
information about your operating system, country, operating browser language and a unique ID
that is generated by the instant notification system when you accept to receive notifications
through this system.
Unsubscribing from these instant notifications can be done (1) on mobile devices in their settings
in the notifications section and (2) on web devices in operating systems (e.g. Chrome:
https://support.google.com/chrome/answer/3220216?co=GENIE.Platform%3DDesktop&hl=en
etc.).

HOW DO WE PROTECT CHILDREN’S DATA?
www.kidsfestro.ro is a website for the general public. We expressly warn visitors and online users
that all processing of personal data relates exclusively to persons who have reached the age of 16.
The use of our website by children under the age of 16 is prohibited. If you are under this age, please
ask an adult (i.e. your parents or legal guardian) to follow the necessary procedures. Responsibility
for the use of our website by children rests solely with their parents.

WHAT SECURITY MEASURES HAVE WE ADOPTED?
The processing of your data is carried out under legitimate conditions, taking into account the
implementation of appropriate technical and organizational measures to ensure data integrity and
confidentiality in accordance with GDPR. We assure you that the processing of your data is carried
out by staff trained for this purpose, at the highest standards of confidentiality. We do our best to
provide you with a safe and convenient shopping experience. We have an ongoing concern about
protecting the security and privacy of your personal information.
Although we have implemented security measures for this website, you should be aware that 100%
security is not possible. Therefore, you provide your personal data at your own risk and, to the fullest
extent permitted by applicable law, we will have no liability as a result of disclosure of your personal
information due to errors, omissions or unauthorized acts of third parties during or after
transmission to us. We recommend that you (i) periodically update your software to protect data
transmission over networks (e.g., anti-virus software) and ensure that your electronic
communications service provider has adopted appropriate means for the security of data
transmission over networks (e.g., firewalls and anti-spam filters); and (ii) change your password from
time to time.

WHAT IS PHISHING?
“Phishing” is a scam designed to steal your personal information. If you receive an email that looks
like it’s from us asking for your personal information, do not respond. We will never ask for your
password, username, credit card information or other personal information via email.14. HOW CAN YOU CONTACT US?
For further details on your rights under the personal data protection legislation or for complaints
regarding the protection of personal data, you can contact us by e-mail, telephone or post at: email:
[] ; telephone: [] ; post: Bucharest, Sos. Bucharest-Ploiesti nr.44, Romania , etaj 1, Domus Mex
complex.

WHAT RIGHTS DO YOU HAVE?
Under the legislation on the protection of personal data, you have the following rights:
• the right to be informed: the right to receive information about the personal data
processing operations carried out by us;
• the right of access to data: the right to obtain confirmation as to whether or not we are
processing your personal data, and if so, access to the data and provision of information on
data processing;
• the right to rectification: the right to obtain, without undue delay, the rectification of
inaccurate personal data relating to you or the completion of personal data that is incomplete;
• the right to erasure of data, without undue delay, in the following situations: (1) personal
data are no longer necessary for the purposes for which they were collected or processed; (2)
you withdraw your consent to data processing based on consent; (3) you object to the processing
of personal data; (4) personal data have been unlawfully processed; (5) personal data must be
erased to comply with a legal obligation of the Controller.
• the right to restrict processing in any of the following situations: (1) you contest the accuracy
of the data; (2) the processing of personal data is unlawful and you do not want the personal
data to be deleted but request the restriction of their use; (3) the controller no longer needs the
personal data, but you request them for the establishment, exercise or defence of legal claims;
(4) you object to the processing. If you have obtained the restriction of processing, you will
subsequently be informed by us before the restriction of processing is lifted;
• the right to data portability: the right to receive personal data concerning you that you have
provided to us in a structured, commonly used and machine-readable format and to transmit
this data to another controller, where technical means permit. You can only exercise this right
when the processing is based on your consent and is carried out by automated means;
• the right to object: the right to object, on grounds relating to your particular situation, to
processing carried out by us on the basis of our legitimate interest.
• the right not to be subject to automated individual decision-making, including
profiling: (any automated processing that uses personal data to evaluate certain personal
aspects of you), which produces legal effects concerning you or which similarly affects you to a
significant extent.
• the right to revoke your consent at any time and without giving any reason.
For further details on the processing activities carried out by KIDS FEST, as well as on your rights in
this context, please send an electronic request by e-mail to: [email protected] or on paper to the
Company’s registered office: Bucharest, str. Turnu Măgurele nr.5, bl.C1B, sc.5, et.6, sector 1,
registered with the Trade Register under no.J40/22622/2021, sole registration code 45407030.
You can exercise these rights by completing the GDPR Rights Exercise Form available in your online
user account or on the website www.kidsfestro.ro
Your request will be reviewed and a response will be provided within 30 days of receipt of your
request by the Controller. In the case of complex or very numerous requests, this period may be
extended by two months.16. HOW CAN YOU LODGE A COMPLAINT WITH THE DATA PROTECTION
AUTHORITY?
You also have the right to apply to the Personal Data Processing Supervisory Authority (ANSPDCP),
located in B-dul G-ral. Gheorghe Magheru 28-30, Sector 1, postal code 010336, Bucharest, in the form
of a written letter, at the institution’s headquarters or by e-mail at [email protected] You
also have the right to apply to the courts to defend any rights guaranteed by the applicable legislation
on the protection of personal data that have been infringed.

UPDATING THIS POLICY. NOTICES.
We reserve the right, at our discretion, to change, modify, add or remove portions of this Privacy
Policy at any time by posting such revised Privacy Policy on this page of the www.kidsfestro.ro
website and updating the “Last Revised” date. It is your responsibility to review this Privacy Policy
from time to time to take note of any changes we have made. In some cases, we may provide
additional notice of significant changes to this Privacy Policy by adding a statement to the home
page of our website or, for registered users, by sending an email notification or adding a statement
to your online user account page.
By accepting such revised Privacy Policy by a “click to accept” in a notification email or on an account
page statement (available when required to comply with applicable laws) or by completing a
purchase on this website www.kidsfestro.ro after this Privacy Policy has been revised, or otherwise
using or submitting information to the website after the revised Privacy Policy has been posted, you
consent to such revised Privacy Policy. As a result of the changes, the processing of your data will
not be carried out without your explicit consent if required by applicable law.