Submissions / Applications Chat

Text us here if you want to submit your work

Privacy Policy

Last updated: May 19, 2026

1. Controller

The data controller responsible for the processing of personal data on this website is:

Atrium Arts (Einzelunternehmen)
Owner: José Nolberto Olivo Ibáñez
Dudenstraße 9
10965 Berlin, Germany
Email: team@atrium-arts.com

2. Data we collect

When you use this website we may process the following categories of personal data:

  • Account data (name, email, password hash, role) when you register as an artist or visitor.
  • Profile and submission data you upload (biography, artworks, images).
  • Contact form messages (name, email, subject, message body).
  • Payment-related data processed by our payment providers (PayPal, Stripe) — we do not store full card numbers.
  • Technical access data (IP address, user agent, timestamp) in server logs.
  • Cookies and similar technologies required for session handling and analytics.

3. Purposes and legal bases

  • Performance of the contract (Art. 6(1)(b) GDPR): account management, artwork submissions, subscription handling, payment processing.
  • Legitimate interest (Art. 6(1)(f) GDPR): site security, fraud prevention, basic usage analytics.
  • Consent (Art. 6(1)(a) GDPR): non-essential cookies, marketing communications.
  • Legal obligation (Art. 6(1)(c) GDPR): tax and accounting retention periods.

4. Third-party services

  • Google Analytics & Google Ads (Google Ireland Ltd.) — usage analytics and ad measurement. Data may be transferred to the United States under SCCs.
  • PayPal (PayPal Europe S.à r.l.) — payment processing.
  • Stripe (Stripe Payments Europe Ltd.) — payment processing.
  • Hosting — our hosting provider processes server logs on our behalf as a processor under Art. 28 GDPR.

5. Cookies

We use strictly necessary cookies for session and CSRF protection. Analytics and advertising cookies are only set with your consent.

6. Retention

We retain personal data only as long as necessary for the purposes described above or as required by law. Account data is deleted on request, subject to statutory retention obligations.

7. Your rights

Under the GDPR you have the right to access (Art. 15), rectification (Art. 16), erasure (Art. 17), restriction (Art. 18), data portability (Art. 20), and objection (Art. 21). You may also lodge a complaint with the competent supervisory authority.

8. Contact

For any questions about this policy or to exercise your rights, please contact us.