Privacy Policy

Last updated: April 2026

1. Data Controller

The data controller for this website is:
BotExplode UG (haftungsbeschränkt)
Kleinstückenweg 7i
15806 Zossen
Germany

Managing Director: Paul Rybka
Email: privacy@artist4friends.com

2. Collection and Storage of Personal Data

2.1 When Visiting the Website

When you access our website, the following information is automatically collected:

  • IP address of the requesting device
  • Date and time of access
  • Name and URL of the retrieved file
  • Referrer URL (previously visited page)
  • Browser and operating system

This data is collected to ensure smooth connection, comfortable use, and system security evaluation. The legal basis is Art. 6(1)(f) GDPR.

2.2 During Registration and Use

When registering and using Artist4Friends, we store:

  • Email address
  • Artist name / display name
  • Password (stored encrypted)
  • Language preferences
  • Payment information (processed by Stripe)
  • Created events and guest lists

The legal basis is Art. 6(1)(b) GDPR (contract performance).

3. Data Sharing

Your personal data is only transferred to third parties in the following cases:

  • Payment Processing: We use Stripe for payment processing. Stripe receives the data necessary for payment.
  • Email Delivery: We use an email service provider to send confirmation and notification emails.
  • Hosting: Our website is hosted on Microsoft Azure.

All processors are contractually obligated to comply with GDPR.

4. Cookies

We only use technically necessary cookies for:

  • Authentication and session management
  • Storing your language preference
  • CSRF protection (security)

These cookies are required for the operation of the website. The legal basis is Art. 6(1)(f) GDPR. No tracking or advertising cookies are used.

5. Your Rights

You have the following rights regarding your personal data:

  • Access (Art. 15 GDPR): You can request information about your stored data.
  • Rectification (Art. 16 GDPR): You can request correction of inaccurate data.
  • Erasure (Art. 17 GDPR): You can request deletion of your data ("right to be forgotten").
  • Restriction (Art. 18 GDPR): You can request restriction of processing.
  • Data Portability (Art. 20 GDPR): You can receive your data in a common format.
  • Objection (Art. 21 GDPR): You can object to processing.

To exercise these rights, please contact: privacy@artist4friends.com

6. Data Security

We implement technical and organizational security measures to protect your data against manipulation, loss, destruction, or unauthorized access:

  • SSL/TLS encryption for all data transfers
  • Encrypted storage of passwords
  • Regular security updates
  • Access restrictions for employees

7. Storage Duration

Personal data is only stored as long as necessary for the processing purpose or as required by legal retention obligations:

  • Account data: Until account deletion by the user
  • Event data: Until deletion by the user or 12 months after the event
  • Invoice data: 10 years (legal retention requirement)
  • Server logs: 30 days

8. Right to Complain

You have the right to lodge a complaint with a data protection supervisory authority about the processing of your personal data.

9. Changes to This Privacy Policy

We reserve the right to adapt this privacy policy to comply with changed legal requirements or changes to our service. The current version can always be found on this page.