Days
Hours
Minutes
Seconds
Menu
Cart

Privacy Policy

Last updated: December 2025

Sappho Women (“we”, “us”, “our”) is committed to protecting your personal data and respecting your privacy. This Privacy Policy explains how we collect, use, store, and protect your information when you interact with www.womensfestival.eu (“the Site”), purchase festival wristbands or products, create an account, join our mailing lists, complete forms (including participation applications), or otherwise engage with our services.

By using our Site, you acknowledge that you have read and understood this Privacy Policy.

1. Who we are (Data Controller)

Sappho Women
Skala Eressos, 81105
Lesvos Island, Greece
VAT: EL800148580
Registered with the Greek Ministry of Culture and Sports (No. 10112)

Email: contact@sapphowomen.org

Under the EU General Data Protection Regulation (GDPR), we act as the Data Controller for the personal data you provide.

We do not sell, rent, or trade personal data.

2. How we collect personal data

We collect personal data in the following ways:

A. Directly from you

When you, for example:

  • purchase a festival wristband or merchandise via WooCommerce;
  • check out on our Site (including creating an account automatically at checkout);
  • register additional attendees for the festival;
  • subscribe to newsletters (via Mailster or Mailchimp);
  • complete contact, application or participation forms;
  • submit volunteer, facilitator, performer, DJ, or book/product launch applications;
  • request customer support or contact us by email;
  • fill out surveys, prize draws, or competitions.

B. Automatically

We collect certain technical data automatically when you use our Site, including via:

  • cookies and similar technologies;
  • Google Analytics;
  • server logs.

C. From third parties

We may receive information about you from:

  • payment processors (e.g. Alpha Bank – Alpha e-Commerce, PayPal);
  • email marketing platforms (Mailster, Mailchimp);
  • our hosting provider (Fasthosts);
  • security and anti-spam services integrated with our Site.

3. Personal data we collect

Depending on how you interact with us, we may collect the following categories of personal data:

  • Identity Data – name, username, date of birth, and gender (where provided).
  • Contact Data – email address, phone number, billing address, and (if needed) postal address.
  • Account Data – login credentials (stored securely), membership status, purchase history.
  • Transaction Data – order details, payments, refunds, invoices.
  • Technical Data – IP address, browser type and version, device identifiers, time zone, operating system, cookie IDs, and usage patterns.
  • Participation Data – information relating to festival attendance, workshop or activity registration, and details submitted in participation applications (such as biographies, skills, availability, portfolio or social links, and technical requirements).
  • Marketing Preferences – your choices about receiving newsletters and marketing emails.

We also use Aggregated Data (such as anonymous statistics about site usage) to understand and improve our services. Aggregated Data is not considered personal data if it does not identify you.

We do not intentionally collect Special Categories of Personal Data (e.g. details about your health, religion, sexual orientation, or political opinions), nor information about criminal convictions and offences.

Participation Applications (Performers, DJs, Facilitators, Book Launches & Volunteers)

When you apply to participate in the International Eressos Women’s Festival—such as as a performer, DJ, workshop facilitator, volunteer, or for a book or product launch—we collect the information you provide through our Participation Application Form. This may include your name, contact details, biography, portfolio links, professional background, availability, technical requirements, promotional materials, and any other information necessary to evaluate your application.

We process this data for the purpose of reviewing applications, selecting participants, coordinating event programming, and communicating with you regarding your submission. The legal basis for this processing is our legitimate interest in organising and administering the festival and, where applicable, your explicit consent when you voluntarily submit additional optional information.

This data is shared only with authorised members of the festival team involved in application review and event coordination. Application data is retained for up to two years, unless a shorter or longer period is required for festival planning or legal reasons, or unless you request deletion earlier (except where retention is required by law or for our legitimate interests).

4. Legal bases for processing

We process your personal data under the following lawful bases:

  • Performance of a contract – to provide products and services you purchase or request, including festival access and related services.
  • Legitimate interests – for running and improving our Site and services, preventing fraud, maintaining security, managing memberships and participation applications, and protecting the safety of attendees, provided your rights do not override these interests.
  • Consent – for sending email marketing/newsletters and for using non-essential cookies, where required. You may withdraw your consent at any time.
  • Legal obligation – to comply with legal and regulatory requirements, including tax and accounting laws.

5. How we use your personal data

We use your personal data to:

  • process and fulfil your orders and festival wristband purchases;
  • issue digital vouchers and manage festival access;
  • create and manage user accounts and memberships (including discounts and benefits);
  • record and manage attendee details, including additional attendees linked to your purchase;
  • communicate essential event information (e.g. changes, safety alerts, programme updates);
  • administer and review participation, performance, volunteer, facilitator, DJ, and book/product launch applications;
  • coordinate event programming and logistics based on applications and participation data;
  • respond to your enquiries and provide customer support;
  • maintain the security and functionality of our Site;
  • send newsletters and marketing communications (if you have subscribed or consented);
  • analyse website performance and improve our content, services, and user experience;
  • comply with legal, tax, and accounting obligations.

6. Third-party service providers (Processors)

We share personal data only with trusted third parties who act as our data processors and only to the extent necessary to provide our services. These include:

  • Hosting and infrastructure: Fasthosts (website and email hosting), WordPress, WooCommerce.
  • Payment processing: Alpha Bank – Alpha e-Commerce, PayPal (secure card payments).
  • Email newsletters: Mailster (self-hosted plugin) and Mailchimp.
  • Forms and submissions: WPForms, Contact Form 7, Themify Builder forms (for contact, participation, and application forms).
  • Analytics: Google Analytics.
  • Security and anti-spam: tools integrated into WordPress and related plugins.

These providers are required to process your personal data only in accordance with our instructions, to keep it secure, and to comply with applicable data protection laws.

7. International transfers

Some of our service providers (for example, Mailchimp and Google Analytics) may transfer and store personal data outside the European Economic Area (EEA), including in the United States.

Where this occurs, we rely on appropriate safeguards, such as the EU–US Data Privacy Framework, Standard Contractual Clauses (SCCs), and other legally recognised transfer mechanisms, together with additional security measures where necessary, to ensure your data is protected in line with GDPR requirements.

8. Data retention

We retain personal data only for as long as necessary for the purposes described in this Policy, including to:

  • provide our services;
  • maintain records for legal, tax, and accounting requirements;
  • manage disputes or complaints.

Typical retention periods include:

Data Type Retention Period
Customer orders and transaction records 6–10 years (to meet legal and tax obligations)
User accounts and membership data For as long as the account is active, or up to 3 years of inactivity
Festival wristband and attendee records Up to 3 years after the relevant event
Newsletter subscription data Until you unsubscribe or ask us to delete your data
Contact form submissions Up to 1 year
Participation and application forms (including performer, DJ, facilitator, book/product launch and volunteer applications) Up to 2 years
Cookies and analytics data 1–24 months, depending on the cookie

If you request deletion of your data, we may still retain certain information where required by law or where it is necessary to establish, exercise, or defend legal claims.

9. Security

We use appropriate technical and organisational measures to protect your personal data against unauthorised access, accidental loss, destruction, or damage. These measures include:

  • SSL encryption for data transmitted to and from our Site;
  • secure hosting and regular security updates;
  • restricted access to personal data based on business need;
  • password hashing and secure authentication mechanisms;
  • firewall, anti-spam, and monitoring tools.

While we strive to protect your personal data, no method of transmission over the internet or method of storage is completely secure. We cannot guarantee absolute security but take all reasonable steps to safeguard your information.

10. Your rights under GDPR

You have the following rights in relation to your personal data:

  • Right of access – to request a copy of the personal data we hold about you.
  • Right to rectification – to request correction of inaccurate or incomplete data.
  • Right to erasure – to request deletion of your data in certain circumstances.
  • Right to restrict processing – to request that we limit how we use your data.
  • Right to object – to object to processing based on legitimate interests or direct marketing.
  • Right to data portability – to receive your data in a structured, commonly used, machine-readable format and transmit it to another controller where technically feasible.
  • Right to withdraw consent – where processing is based on consent, you can withdraw it at any time without affecting the lawfulness of processing before withdrawal.

To exercise any of these rights, please email us at contact@sapphowomen.org. We may need to verify your identity before processing your request.

We aim to respond to all legitimate requests within one month. If your request is particularly complex or you have made a number of requests, this period may be extended; if so, we will keep you informed.

11. Cookies

Our Site uses cookies and similar technologies to distinguish you from other users, help the Site function, and improve your experience. Cookies may also be used for analytics and, where applicable, marketing.

We use, for example:

  • Strictly necessary cookies – required for core functionality (e.g. shopping cart, secure checkout).
  • Analytics cookies – to understand how visitors use our Site (e.g. Google Analytics).
  • Functionality cookies – to remember your preferences (such as language or region).
  • Marketing or tracking cookies – where enabled, these may be used to tailor content or measure campaigns.

You can manage or disable cookies through your browser settings and, where provided, via our cookie consent banner. If you disable certain cookies, some parts of the Site may not function properly.

12. Children

Our Site and services are intended for adults. We do not knowingly collect personal data from children under the age of 18 without parental involvement. If you believe that a child has provided us with personal data, please contact us so we can delete it where appropriate.

13. Changes to this Privacy Policy

We may update this Privacy Policy from time to time. Any changes will be posted on this page with an updated “Last updated” date. We encourage you to review this Policy periodically to stay informed about how we protect your data.

14. Contact and complaints

If you have any questions about this Privacy Policy or about how we handle your personal data, please contact us:

Sappho Women
Skala Eressos, 81105
Lesvos Island, Greece
Email: contact@sapphowomen.org

If you are not satisfied with our response, you have the right to lodge a complaint with the Hellenic Data Protection Authority:

Hellenic Data Protection Authority
Kifissias 1–3, PC 115 23, Athens, Greece
Telephone: +30 210 6475600
Email: contact@dpa.gr
Website: https://www.dpa.gr

Privacy Overview
Sappho Women

This website uses cookies to improve your browsing experience and to provide essential site functionality. Some cookies are strictly necessary for the website to work, while others help us understand how the site is used or allow us to offer optional features.

You can choose which categories of cookies you accept. You may change your preferences at any time.

For more details, please read our Privacy Policy: https://www.womensfestival.eu/privacy-policy/.

Strictly Necessary Cookies

These cookies are essential for the website to function properly. They enable core features such as secure login, shopping cart functionality, checkout, session management, and your privacy preferences.
You cannot opt out of these cookies, as the site will not work correctly without them.

These cookies do not store personally identifiable information unless required for secure functionality.

3rd Party Cookies

These cookies are set by external services integrated into our website. They may collect information about your browsing behaviour across this and other websites. Examples include analytics tools, embedded videos, marketing platforms, and social media integrations.

These cookies are only activated if you choose to allow them.

Powered by  GDPR Cookie Compliance