The International Documentary Film Festival Amsterdam (IDFA), with email address email@example.com, declares the following:
IDFA adheres to the requirements of the General Data Protection Regulation (AVG) and handles its customer data in a confidential manner. Personal data from customers and visitors to our websites are handled and protected with the utmost care.
Purposes of the use of your personal data
You can leave personal data on the IDFA website, by email or phone for the following reasons:
- to log in to one of our customer portals
- to leave a contact request with us
- to sign up for our newsletter
- to order tickets
We use this data for the following:
- handling your payment
- handling your order
- calling or emailing you (if required) to carry out our services
- informing you about our services and products, and possible changes to them
- delivering tickets to you
- answering your questions
- sending you a newsletter
IDFA does not use the information you provide for purposes other than those for which you have entered this data yourself. If you sign up for the newsletter, your data will be included in our database. This means that you may also receive other emails from us in addition to news items, such as an invitation to an event that we organize.
Nature of personal data
IDFA distinguishes between two groups of people:
- Festivalgoers and business associates
- Accredited guests
The data we store from festivalgoers and business associates include:
name, address, email address, phone number, interests, newsletter preferences, IP address, membership in BGL, CJP or Stadspas
The data we store from accredited guests include:
name, address, email address, phone number, gender, date of birth, job title, occupation, nationality, travel itinerary, residence information, biography, language background, education, interests, newsletter preferences, IP address and their organization
We do not collect sensitive data such as health, criminal record or your country of birth.
IDFA does not make decisions based on automated processing on matters that can have significant consequences for people. This concerns decisions made by computer programs or systems that do not involve a human being (for example, an IDFA employee).
Providing personal data to third parties
IDFA will share your personal data with various third parties if this is necessary to carry out the transaction and to comply with any legal obligation. With companies that process your data on our order, we enter into a Processor Agreement to ensure the same level of security and confidentiality of your data. IDFA remains responsible for these processing operations. In addition, IDFA will only provide your personal data with your express permission to other third parties.
How long we store personal data
IDFA does not store your personal data for longer than is strictly necessary to realize the purposes for which your data is collected. We use the following retention periods for the following categories of personal data:
- Festivalgoers and business associates: 3 years after last contact
- Travel itineraries and accommodation details: 1 month after stay
- Financial data of festivalgoers and guests: 7 years after the last transaction (the length of time required by law for the storage of fiscal data)
View and change
You may always request access to data that IDFA has stored on you. You can also modify or delete this information. Send an e-mail to firstname.lastname@example.org.
In some cases, IDFA uses specific target groups in social media campaigns. These target groups are created either directly within the social media platform or by uploading visitors’ e-mail addresses onto the platform and matching them to users on platform. In this way, IDFA can approach its visitors in a targeted manner or otherwise within a social media campaign. If you do not consent to this activity, please contact us. You can also manage your advertising preferences via your Facebook settings.
Links to other websites
Do you have a complaint about how we have handled your data? Please be so kind as to discuss this with us first. Subsequently, you can contact the Dutch Data Protection Authority at https://autoriteitpersoonsgegevens.nl/nl/contact-met-de-autoriteit-persoonsgegevens/tip-ons. They can then decide to initiate an investigation into the situation.