festgatellc@gmail.com
USD|EUR
English | Español
Favoritos

Privacy

Privacy Policy

Last updated: April 2026 — Compliant with EU GDPR (Regulation 2016/679) and applicable US privacy laws.

1. Who we are (Data Controller)

Muse Layer LLC ("Festgate", "we", "our", "us")

  • Address: 5203 Juan Tabo Blvd, Ste 2B, Albuquerque, NM 87111, USA
  • Email for privacy matters: privacy@festgate.com
  • Website: https://festgate.com

2. Roles under GDPR

Festgate plays different roles depending on the situation:

  • Data Controller — for account data of all users (registration, profile, login).
  • Data Processor — when a third-party organizer receives submissions through Festgate, we process participant data on their behalf. The organizer is the Data Controller of their festival data.
  • Data Controller (full) — when the festival is owned by Festgate (e.g. AI Visual Awards, platform-owned events).

3. What data we collect (Art. 13 GDPR)

Creators / Submitters

  • Account: name, email, country, profile information, password (hashed)
  • Submissions: project title, synopsis, technical credits, files (video, audio, images, scripts), category
  • Payment information for fees (processed by Stripe — we do not store card details)
  • Diplomas and laurels generated

Organizers

  • Account data (same as above)
  • Festival information (name, dates, categories, descriptions)
  • Tax / billing information when collecting fees
  • Bank account info via Stripe Connect (we never see this — held by Stripe)

Judges

  • Account data created by organizer
  • Evaluations and notes on submissions

Visitors

  • Cookies and analytics data (see Cookie Policy)
  • IP address (for security and rate limiting)

4. Legal basis for processing (Art. 6 GDPR)

  • Contract performance (Art. 6.1.b): provide the platform service, process submissions, manage events, issue diplomas, deliver paid services.
  • Legal obligation (Art. 6.1.c): tax records, anti-fraud, incident response.
  • Legitimate interest (Art. 6.1.f): platform security, internal analytics, anti-spam.
  • Consent (Art. 6.1.a): optional marketing emails, non-essential cookies.

5. Who has access to your data

  • Festgate staff — only authorized personnel, for support and platform maintenance.
  • Festival organizers — when you submit to their festival, they receive your contact and project data to evaluate your submission.
  • Judges assigned by organizers — see project files and your name to evaluate.
  • Service providers — Stripe (payments), email providers, hosting providers. All under data processing agreements.
  • Authorities — only when legally required (court order, fraud investigation).

6. International data transfers

Muse Layer LLC is based in the United States. By using Festgate, EU users acknowledge that data may be transferred to the US. We rely on Standard Contractual Clauses where applicable and ensure all processors meet GDPR standards.

7. Data retention

  • Account data: while your account is active. After deletion, anonymized within 30 days (except records required by law).
  • Submissions: kept while the festival is active + 2 years (so diplomas remain accessible).
  • Diplomas and laurels: permanently linked to public verification URLs unless you request deletion.
  • Payment records: 7 years (US tax law).
  • Security logs: 12 months.

8. Your rights (Art. 15-22 GDPR)

You can exercise the following rights at any time by emailing privacy@festgate.com:

  • Access — request a copy of all data we hold about you
  • Rectification — correct inaccurate data
  • Erasure ("Right to be forgotten") — delete your data
  • Portability — receive your data in a portable format
  • Restriction — limit how we use your data
  • Objection — object to processing for legitimate interest grounds
  • Withdraw consent — for any consent-based processing

We will respond within 30 days. If unresolved, you may file a complaint with your national data protection authority (in Spain: AEPD, www.aepd.es).

9. Submission flow — important transparency notice

When you submit your work to a festival on Festgate:

  • Your project data and contact information become accessible to the festival organizing team for evaluation purposes.
  • If the festival is third-party (marketplace), the organizer is the Data Controller of those submissions.
  • If the festival is platform-owned (operated by Muse Layer LLC), we are the Data Controller.
  • Organizers commit (in our Terms of Service, Art. 28 GDPR clause) to use submission data only for evaluating and managing their festival, never for unsolicited marketing or sharing with third parties without consent.

10. Security (Art. 32 GDPR)

We implement appropriate technical and organizational measures: HTTPS encryption, hashed passwords, rate limiting, anti-bot protection, IP blocking, security logging, access controls, and regular backups. Full security details are documented in our internal procedures.

11. Data breach notification (Art. 33-34 GDPR)

If a personal data breach occurs that may pose risk to your rights, we will notify the relevant supervisory authority within 72 hours and inform affected users without undue delay.

12. Children

Festgate is not directed to users under 16. If you believe a minor has registered, contact privacy@festgate.com and we will delete the account.

13. Changes to this policy

We may update this policy. Material changes will be notified by email to active users. Continued use after notification implies acceptance.

14. Contact

For any privacy-related question, contact: privacy@festgate.com

© 2026 Festgate es un servicio ofrecido por Muse Layer LLC - Configuración de Cookies