1. Data Controller and Contact

Ascolta Artists ApS (“AA”)
C.F. Richs Vej 99A, Frederiksberg, Denmark
CVR no. 43905597

Contact (data protection requests):
Jonas Fosdal
Tel. +45 7172 20 00
Email: jfk@a-a.art

2. Scope of this Policy

This policy explains how AA processes personal data relating to:

• Performing artists
• Customers and business partners
• Website visitors (including cookies and embedded content)

3. Personal Data We Collect and Why

3.1 Customers (Bookings)

When you enter into agreements with AA regarding bookings, AA may process: name, address, phone number, email address, CVR/company number, possible EAN number, website address, and technical information such as IP address used in connection with a booking request.

Purpose: handling bookings, contract administration, communication, invoicing and prevention of misuse/fraud.
Legal basis: GDPR Article 6(1)(b) (contract) and, where relevant, Article 6(1)(f) (legitimate interests).

3.2 Performing Artists

When you are affiliated with AA, AA may process:

• Identification data (name and address) and contact data (email, phone, and possible CVR/company number)
• Visa and residence permit (if relevant)
• Passport copy (if relevant)
• Photos and promotional material (as agreed)
• Measurements (if relevant)
• Bank account information for settlement of fees
• CPR number for tax reporting (where legally required)

Purpose: maintaining the artist relationship, booking administration, settlement of fees, compliance with legal obligations (e.g., tax), and representation/promotion of the artist.
Legal basis: GDPR Article 6(1)(b) (contract), Article 6(1)(c) (legal obligation), and Article 6(1)(f) (legitimate interests). Where AA relies on consent for specific materials, you may withdraw consent at any time.

4. Recipients and Service Providers (Processors)

AA limits access to personal data to those who need it.

AA may share personal data with:

• Relevant persons within AA
• Institutions/venues/partners involved in performances, where necessary for booking and execution
• Service providers acting as processors, including:
  • Website hosting: SiteGround (hosting, infrastructure and related technical operation)
  • IT/security and email providers where necessary for operations and support
  • Consent management technology used to store your cookie preferences (strictly necessary cookie)

AA enters into data processing agreements where required.

5. Website Use (Server Logs and Security)

When you visit our website, technical information may be processed in server logs (e.g., IP address, date and time, requested pages/files, referrer URL, browser and device information).

Purpose: website security, stability, abuse prevention and troubleshooting.
Legal basis: GDPR Article 6(1)(f) (legitimate interest in secure and reliable website operation).
Retention: server logs are stored for a limited period and deleted in accordance with our hosting/security requirements.

6. Cookies and Consent Management

6.1 What are cookies?

Cookies and similar technologies are small files or identifiers that may be stored on your device or accessed from your device. They are used to operate the website, remember your choices, and (where applicable) load embedded third-party content.

6.2 Which types of cookies/technologies do we use?

We use the following categories:

1. A) Strictly necessary (Essential)
   These are required to operate the website and to store your consent preferences. They cannot be disabled via the banner.
2. B) External Media
   These are used to load third-party embedded content (e.g., YouTube videos). External media is only loaded after you provide consent.

6.3 How do we obtain and manage consent?

When you visit our website, you can choose whether to allow “External Media”. You can change or withdraw your consent at any time via the “Cookie settings” link on our website.

7. Embedded Media and External Links

7.1 Embedded YouTube Videos (External Media)

Our website may include embedded videos provided by YouTube. YouTube embeds are only loaded after you have consented to “External Media”. If you enable external media, YouTube/Google may receive personal data such as your IP address, browser/device information, and the page you visited. This may involve transfers of data outside the EU/EEA depending on the provider’s processing.

You can change or withdraw your consent at any time via cookie settings.

7.2 Social Media Icons (Links)

Our website contains simple links (icons) to our profiles on Instagram, Facebook and YouTube. No data is transmitted to these platforms merely by displaying our website. Data processing by the respective provider typically occurs when you click a link and visit the external platform. The privacy policies of the respective providers apply.

7.3 Downloads via Dropbox (External Links)
In some cases, we provide download links hosted on Dropbox. These are external links. No connection to Dropbox services is established merely by visiting our website. Data processing by Dropbox may occur only after you click the link and are redirected to Dropbox (e.g., processing of IP address, device/browser information, and cookies depending on your settings). Dropbox’s privacy and cookie information applies.
Dropbox may display a sign-in prompt; in many cases you can proceed without creating an account by choosing “Download only”.

8. Storage and Deletion

AA stores personal data only as long as necessary for the purposes described and in accordance with legal obligations.

• Artist data is generally stored for three (3) years after cooperation ends, unless longer retention is necessary (e.g., legal obligations, claims, conflict-of-interest documentation).
• Booking/accounting data may be retained longer where required by applicable law.

9. Your Rights

You may request access to the personal data we process about you and, where applicable, receive a copy. You may also have the right to request rectification, deletion (where we are not legally required to retain data), restriction of processing, object to processing based on legitimate interests, and data portability (where applicable).

If processing is based on consent, you may withdraw consent at any time. Withdrawal does not affect the lawfulness of processing before withdrawal.

To exercise your rights, contact us (see section 1).

10. Security Breaches

In the event of a security breach that is likely to result in a high risk to your rights and freedoms, we will notify affected individuals without undue delay as required by applicable law. Our security procedures are continuously reviewed and updated.

11. Complaints

You may lodge a complaint with the Danish Data Protection Agency:
Datatilsynet
Borgergade 28, 5th floor, DK-1300 Copenhagen K
Email: dt@datatilsynet.dk
Tel. +45 33 19 32 99

12. Changes to this Policy

We may update this policy from time to time. The latest version will always be available on our website with the version date shown at the top.