Privacy Policy

Last updated: 14.12.2025

1. Who We Are

This website is operated by Alexander Rybak
Website: https://alexanderrybak.com

If you have any questions about this Privacy Policy or wish to exercise your data protection rights, you may contact us at: 📧 webshop@alexanderrybak.com

2. What Personal Data We Collect and Why

We collect personal data only when it is necessary to operate the website, provide services, communicate with users, and comply with legal obligations.

a) Comments

When visitors leave comments on the site, we collect:

  • Data shown in the comment form

  • Visitor IP address

  • Browser user agent string

This data is collected for spam prevention, website security, and moderation purposes.

An anonymized string (hash) generated from your email address may be shared with the Gravatar service to check whether you use it.
Gravatar Privacy Policy: https://automattic.com/privacy/

Once approved, your comment and any associated profile image may be publicly visible.

b) Media Uploads

If you upload images to the website, please avoid including embedded location data (EXIF GPS).
Visitors to the website may be able to download and extract location data from images published on the site.

c) Contact Forms & Direct Communication

When you contact us via contact forms or email, we may collect:

  • Name

  • Email address

  • Message content

This data is used solely to respond to your inquiry or provide requested information and is not used for marketing without your explicit consent.

3. Orders, Tickets & Account Information

When you purchase products or event tickets, or create a user account on our website, we may collect:

  • Name and email address

  • Billing and/or shipping address

  • Order and transaction details

  • Ticket and attendee information (such as attendee name, ticket ID, QR code)

Purpose of processing:

  • To process and fulfill orders

  • To issue and validate event tickets

  • To communicate important order or event-related information

  • To manage customer accounts

  • To prevent fraud and misuse

  • To comply with accounting, tax, and legal obligations

Payment Processing

Payments are processed securely by third-party payment service providers.
We do not store full payment card details on our servers.

4. Email Communications

We use a third-party email service provider to send:

  • Transactional emails (order confirmations, ticket delivery, event updates)

  • Marketing or newsletter emails (only if you have given explicit consent)

Email data may include:

  • Name

  • Email address

  • Email interaction data (opens, clicks)

You may unsubscribe from marketing emails at any time by using the link included in each message.

5. Cookies

We use cookies to ensure the proper functioning of the website and to improve user experience.

Cookies may include:

  • Comment cookies (stored for up to 1 year)

  • Login cookies (up to 2 days)

  • “Remember Me” cookies (up to 14 days)

  • Screen preference cookies (up to 1 year)

  • Session and cart-related cookies necessary for checkout and ticket purchases

Cookies do not store sensitive personal data.

You may disable cookies in your browser settings; however, certain features (such as login, cart, checkout, or ticket access) may not function correctly.

6. Embedded Content from Third-Party Websites

Content on this website may include embedded elements (such as videos, music players, or social media posts).

Embedded content behaves as if you visited the third-party website directly.
These external sites may collect data about you, use cookies, or track your interaction in accordance with their own privacy policies.

7. How Long We Retain Your Data

  • Comments and related metadata are retained indefinitely

  • Account data is retained as long as the account remains active

  • Order and ticket records are retained as required by accounting and legal obligations

  • Marketing data is retained until you withdraw your consent

You may request deletion of your personal data unless retention is legally required.

8. Your Rights Under GDPR

If you are located in the European Economic Area (EEA), you have the right to:

  • Access your personal data

  • Request correction of inaccurate or incomplete data

  • Request deletion of your data

  • Restrict or object to processing

  • Request data portability

  • Withdraw consent at any time

To exercise these rights, please contact us at [add privacy/contact email].

9. Where Your Data Is Sent

  • Visitor comments may be checked through automated spam detection services

  • Email communications are handled by an external email service provider

  • Payments are processed by third-party payment service providers

Some data may be processed outside the EU under GDPR-compliant safeguards.

10. Data Security

We implement appropriate technical and organizational measures to protect personal data against unauthorized access, loss, misuse, or alteration.

11. Changes to This Privacy Policy

We may update this Privacy Policy from time to time.
Any changes will be published on this page with an updated revision date.