Privacy Policy

artsymphony operates this website as the controller of the personal data processed through it. The purpose of this Privacy Policy is to explain how personal information is collected, used, stored, and protected, and to clarify the legal basis on which such processing takes place. Users are asked to read this policy carefully before using the website or providing personal data, as its provisions form an integral part of the contractual framework governing online purchases and communication.

We take the protection of personal data seriously and are committed to safeguarding confidentiality, integrity, and security in accordance with the General Data Protection Regulation (GDPR), the Spanish Organic Law on Data Protection and Digital Rights (LOPDGDD), and relevant European data-protection standards.

Data collected through the website

When visiting the website, certain technical data are collected automatically. These include browser type, IP address, time zone, information regarding installed cookies, pages visited, referring sites or search terms, and general patterns of interaction with the website. This automatically collected information, referred to as Device Information, is used to ensure proper functioning of the site, to identify cases of misuse, and to generate aggregated statistics that do not allow for the identification of individual users.

Additional personal data may be collected when a user registers an account, places an order, or uses a contact form. Such data may include name, postal address, email address, telephone number, and payment information. These details are necessary to fulfil contractual obligations, process orders, deliver artworks, issue invoices, and respond to customer enquiries.

Purpose and legal basis of data processing

The processing of personal data takes place exclusively within the scope permitted by the GDPR. The primary purpose of such processing is the fulfilment of purchase contracts, which requires the handling of customer details, payment data, and shipping information. Further processing may occur in pursuit of legitimate business interests, including fraud prevention, website optimisation, and internal administrative management.

Users may visit the website without identifying themselves. However, certain features—including the purchase of artworks, receipt of newsletters, or the use of specific forms—require the voluntary submission of personal data. Users who are uncertain about which data are required may contact artsymphony100@gmail.com.

Rights of users under the GDPR

Users residing in the European Union enjoy a series of statutory rights with regard to their personal data. These include the right to be informed; the right of access; the right to rectification; the right to erasure; the right to restrict processing; the right to data portability; the right to object; and rights related to automated decision-making and profiling. Requests to exercise these rights may be submitted at any time via the contact information provided below.

Personal data may be transferred to countries outside the European Economic Area when required for order fulfilment or when service providers (such as payment processors or shipping carriers) are located abroad. Such transfers occur only under conditions that guarantee adequate protection in accordance with Chapter V of the GDPR.

External links

The website may contain links to external services and third-party websites. These entities operate independently and are responsible for their own privacy practices. artsymphony assumes no liability for the content or data-protection policies of external sites. Users are encouraged to consult the privacy statements of such sites when departing from the artsymphony website.

Data security

Personal information is stored on secure servers and protected through technical and organisational measures designed to prevent unauthorised access, alteration, disclosure, or destruction. While every effort is made to ensure secure transmission and storage of data, it must be acknowledged that no method of communication over the Internet can be guaranteed to be entirely risk-free.

Legal disclosure

Personal data may be disclosed when required by law, including compliance with subpoenas, court orders, administrative procedures, or legally binding governmental requests. Disclosure may also occur when necessary to protect legal rights, investigate fraud, ensure user safety, or respond to security incidents.

Contact information

Questions regarding this Privacy Policy or requests related to the rights of data subjects may be directed to:

artsymphony100@gmail.com