Privacy Policy

This Privacy Policy applies and is limited to the processing of personal data collected by MasterArt SRL.
MasterArt SRL, Square Marie Louise 63, 1000 Brussels, Belgium, registered at the Crossroad Bank of Entreprises under number 0861.916.165 (hereafter “we”, “us”) is the entity that offers Service, organizes Event and qualifies as “controller” of the personal data collected, in accordance with the provisions of the General Data Protection Regulation 2016/679 (“GDPR”) and the applicable national data protection legislation.
We value your right to privacy and endeavour to protect your personal data in accordance with applicable data protection legislation. In this Privacy Policy we set forth how we collect your personal data in the context of the Service and / or the Event, how and for which purposes we may use your personal data, and to whom we may disclose your personal data.
Furthermore, this Privacy Policy includes important information regarding your rights with respect to the processing of your personal data, such as your right to withdraw consent (‘opt-out’) for direct marketing (e.g. promotional e-mail updates) at any moment in time.
We encourage you to read this document carefully and to contact us should you have any questions.

In the context of the Service and / or the Event, we process personal data of the users of the Service and / or the participants to the Event.
We collect your personal data:

directly from you when you provide us with your personal data when you register for the Service and / or the Event;
directly from you when you provide us certain additional information when using Services and / or attending the Event; and / or
directly from your browser by means of cookies that are either (i) strictly necessary for the proper technical functioning of the Service and / or the Event, or (ii) used for statistical or analytical purposes and based on your prior consent. For more information ok cookies, see our Cookies Policy.

We collect the following personal data about you insofar as this information is relevant for the purposes for which we need it, as explained below.

Category of data

Type of data

Purpose and legal ground

Identification and contact information

Personal identification data: name, address, telephone/mobile number, email address

To be able to register you as user of the Service and / or participant to the Event and to send you practical information and updates before, during and after the use of the Service and / or the participation to the Event (based on the execution of our contract and on our legitimate interests to offer Service and / or organize the Event in a professional manner and to request feedback
For security and access control during the use of the Service and / or the participation to the Event (based on our legitimate interests to ensure the integrity and security of our services and IT systems)
For direct marketing purposes (promotional e-mail updates), if you have consented hereto (‘opt-in’)

Electronic identification data: IP addresses, information collected via cookies (see cookies table in our Cookies Policy)

For the proper technical functioning of the Service and / or the Event (based on our legitimate interests) and for statistical and analytical purposes (based on your prior consent)
For security and access control during the use of the Service and / or the participation to the Event (based on our legitimate interests to ensure the integrity and security of our services and IT systems)

Financial information

Identification data and bank account number, financial transactions (amounts that you have to pay and have paid to participate to the Event, overview of the payments, etc.)

For the management of invoicing, payments and claims and to comply with legal obligations (e.g. accounting requirements) (based on the execution of our contract and on our legal obligations)

Personal characteristics

Personal characteristics: gender, nationality, language preference (if disclosed to us)

For statistical purposes (based on our legitimate interests to map the type of audience interested in our Service and / or Event)
For replying to your queries (based on the execution of our contract)

Profession and employment

Profession and employment information (individual or company, where appropriate VAT number), gallery where you work

To be able to register you as user of the Service and / or participant to the Event (based on the execution of our contract and on our legitimate interests to offer Service and / or organize the Event in a professional manner and to request feedback)
For security and access control during the use of the Service and / or the participation to the Event (based on our legitimate interests to ensure the integrity and security of our services and IT systems)

Image recordings

Photos and videos that may be uploaded by you before or during the Event

For the proper organization of the Service and / or the Event, which may include photo’s and video’s you send us (based on the execution of our contract)
To report on the Service and / or the Event afterwards, including via social media and by posting photos and videos (based on our legitimate interests to publish reports on the Service and / or the Event we have organized)

In addition, all of the personal data listed above can – where necessary – also be used for the handling of inquiries and complaints, and for the management of our legal disputes. This is based on the necessity to defend our legal interests.

With Event participants (such as exhibitors participating to the Event and our Event partners) in order to facilitate communication during the Event (e.g. through the chat functionality) and for activities organized by them in the context of the Event (such as online conferences, guided tours, etc.);
With our service providers who process personal data on our behalf: in the context of our activities as described above, we may share your personal data with third parties, in particular with service providers (IT/cloud service providers, PR/marketing agencies or creative agencies) that act as our ‘data processors’;
With our external advisors and law firms: we may share your personal data with legal advisors in case of disputes or (threatened) litigation, or as otherwise required for them to provide professional advice;
With government authorities: we may share your personal data with the government, police authorities or the judiciary in case we have a legal obligation to do so.

We will implement appropriate safeguards when transferring your personal data to third parties. If necessary, we will for example conclude a data transfer or a processing agreement specifying the limitations to the use of your personal data and the obligations with respect to the security of your personal data.
Your personal data may be transferred to other Event participants worldwide (e.g. galleries all over the world that exhibit at the Event), that are not part of the European Economic Area (EEA), including countries where the law does not provide for equivalent protection of your personal data as it does within the EEA. Such transfers of personal data are necessary for the performance of our contract with you for your participation to the Event and to provide you a full Event experience. Please contact us if you would like to receive more information on the transfer of your personal data outside of the EEA.

Your personal data will not be stored for longer than is necessary in relation to the purposes for which we process them (as listed above). Afterwards it is still possible that they can be found in our back-ups or archives, but they will no longer be actively processed in a file.
More specifically, the following retention guidelines are applied by us:

personal data included in accounting, financial or other official documents will be retained for as long as such documents legally need to be kept;
personal data obtained in the context of complaint handling will be deleted (or anonymised) as soon as the complaint is closed;
any other personal data that is collected from the users of our Service and / or the attendees of our Event is archived and not used as soon as the Service and / or the Event has been terminated, with the exception of personal data we keep to inform you of our similar future services, events or activities. As soon as we note that your contact details are no longer accurate or active, or whenever you decide to use your unsubscribe right, we will no longer keep your personal data for these purposes; and
Only where we are legally obliged to, or where this is necessary for defending our interests in the context of judicial proceedings (e.g. in case of a dispute), we will store the personal data for longer periods.

We will implement the necessary administrative, technical and organisational measures for ensuring a level of security appropriate to the specific risks that we have identified. We protect your personal data against destruction, loss, alteration, unauthorised disclosure of or access to personal data transmitted, stored or otherwise processed. Further, we seek to ensure that we keep your personal data accurate and up to date. In view thereof, we kindly request you to inform us of any changes to your personal data (such as a change in your contact details).

Within the limits defined by articles 15-22 of the GDPR, you have the statutory right to:

receive information about and access your personal data;
rectify your personal data;
erasure of your personal data (‘right to be forgotten’);
request restriction of processing of your personal data;
object to the processing of your personal data;
receive your personal data in a structured, commonly used and machine-readable format and to (have) transmit(ted) your personal data to another organisation.

Finally, you also have the right to lodge a complaint relating to the processing of your personal data by us with the data protection authority in your country. Please find a list of supervisory authorities here: https://edpb.europa.eu/about-edpb/board/members_en.
In principle you may exercise these rights free of charge. Only where requests are manifestly unfounded or excessive, we may charge a reasonable fee. Further information and advice about your rights can also be obtained from the data protection authority in your country. We might (if deemed necessary) request a proof of identity in advance in order to double-check your request.

If you have any questions or concerns about this Privacy Policy or the processing of your personal data by us, please feel free to contact us by sending an e-mail to support@masterart.com.