The processing of personal data carried out by Extasis Proyect SL. complies with the General Data Protection Regulation (GDPR 2016/679) and the Spanish Organic Law 3/2018 on the Protection of Personal Data and Guarantee of Digital Rights (LOPDGDD).

The data controller is Extasis Proyect SL., with CIF/NIF B75417600 and registered office at c/ golfo de salónica 40. You can contact us via email at info@euphorianem.com.

We collect the following personal data:

• Contact Information: Name, email address, and phone number (if provided by the user).
• Browsing Data: IP address, device type, browser type, operating system, and usage statistics.
• Transaction Data: If you purchase our products or services, we collect payment details (securely processed through external providers).
• Marketing Preferences: If you subscribe to our newsletter or promotions, we store your preferences.
• User-Generated Content: Comments, reviews, or other interactions on our website.
• Personalized Itinerary Data: Information about travel preferences, preferred festivals, and potential attendance dates, used exclusively for the requested itinerary creation.

We process your personal data for the following purposes:

• Providing and improving our services, including festival guides, itineraries, and product sales.
• Managing purchases and transactions securely.
• Personalizing the user experience and offering relevant content.
• Advertising and personalized ads, using browsing data and preferences.
• Sending communications and notifications, such as purchase confirmations, event changes, and itinerary reminders.
• Analyzing website traffic, using tools such as Google Analytics to improve our platform.
• Complying with legal obligations and fraud prevention.
• Handling user inquiries and support.

The legal basis for processing your data is:

• User consent, when subscribing to our newsletters or accepting our cookies.
• Contract execution, when purchasing our products or services.
• Legal compliance, regarding tax obligations or anti-money laundering regulations.
• Legitimate interest, to improve our services, ensure website security, and send communications related to previously acquired products or services.

We will retain your personal data only as long as necessary for the purposes for which they were collected:

• Account data: Until you request deletion.
• Transaction records: As required by tax and accounting laws.
• Marketing preferences: Until you unsubscribe or withdraw consent.
• Personalized itinerary data: Retained for service provision and up to 12 months for improvements and optimization.

We do not sell or share your personal data with third parties, except in the following cases:

• Service providers, such as payment processors, hosting services, and analytics providers.
• Affiliate partners and advertisers, who may receive browsing data to display relevant advertisements.
• Legal authorities, when required by law or to protect our rights and security.

Your data may be processed outside the European Economic Area (EEA) by third-party providers. We ensure that any international transfers comply with European data protection standards, including standard contractual clauses approved by the European Commission.

You have the right to:

• Access your personal data.

• Rectify inaccurate or incomplete data.

• Request deletion of your data when no longer necessary.

• Restrict processing of your data under certain circumstances.

• Object to processing for specific purposes.

• Port your data to another data controller.

• Withdraw consent at any time, without affecting the lawfulness of prior processing.

• File a complaint with the Spanish Data Protection Agency (www.aepd.es) if you believe that your data processing violates current regulations.

To exercise these rights, contact us at info@euphorianem.com. We will respond to your requests within the timeframes established by applicable regulations.

Personal data is stored on servers located within the European Union. If we use storage providers outside the EU, we ensure that equivalent security measures are applied in accordance with European regulations.

We use cookies and similar technologies to improve website functionality and analyze user behavior. For more details, see our [Cookie Policy].

We implement technical and organizational security measures to protect your personal data from unauthorized access, loss, or destruction. Additionally:

• We do not store credit card information on our servers. All transactions are securely processed through external platforms.

• We log suspicious activity in internal records to prevent unauthorized access and fraud.

Our website may contain links to third-party websites. We are not responsible for their privacy policies or content. We encourage you to review the privacy policies of these sites before providing them with your personal data.

Our website is not directed at individuals under 16 years of age. We do not knowingly collect personal data from minors. If you are a parent or guardian and believe your child has provided personal data, please contact us to have it removed.

We may update this Privacy Policy periodically. We will notify you of significant changes through our website or other means. We recommend reviewing this policy regularly to stay informed about how we protect your information.

For any questions or to exercise your rights, please contact us at info@euphorianem.com.