Privacy Policy
Last updated: 16 January 2026
1. Controller
The controller responsible for data processing on this website is:
amarcord GbR (The Music & Nature Foundation)
Nordplatz 9, 04105 Leipzig, Germany
Email: info@musicandnaturefoundation.com
2. General information on data processing
We process personal data in accordance with the GDPR and—where cookies or information on end-user devices are concerned—in accordance with applicable rules on storing/accessing information on devices (in Germany, this is typically governed by the TTDSG).
Personal data means any information relating to an identified or identifiable person (e.g., name, email address, IP address).
Legal bases (depending on the purpose):
Art. 6(1)(b) GDPR (performance of a contract / steps prior to entering into a contract, e.g., donations or inquiries)
Art. 6(1)(c) GDPR(legal obligation, e.g., statutory retention)
Art. 6(1)(f) GDPR (legitimate interests, e.g., secure operation, error analysis, optimisation)
Art. 6(1)(a) GDPR (consent, e.g., non-essential cookies/analytics where required)
3. Hosting & website platform (Wix)
This website is provided and hosted via Wix (Wix.com Ltd. and affiliated companies). When you visit our website, data that is technically necessary is processed to deliver the site and ensure security and stability.
Data processed (typically):
IP address (and, where technically necessary, in log files)
date and time of access
pages/files accessed
browser type/version, operating system, device type
referrer URL (previously visited page)
status/error data (log files)
Purpose: technical delivery, security, protection against attacks/abuse, error analysis, stability.
Legal basis: Art. 6(1)(f) GDPR (legitimate interest in operating a secure and stable website).
Recipients: Wix (including its processors/subprocessors for hosting/IT/security).
International transfers: Processing outside the EU/EEA may occur (e.g., due to Wix’s global infrastructure/subprocessors). Wix uses appropriate safeguards for such transfers (e.g., adequacy decisions or Standard Contractual Clauses, as applicable).
---
4. Cookies & similar technologies
Our website uses cookies and similar technologies.
a) Essential cookies
These are required for core functionality, security (e.g., protection against attacks), session management and technical delivery.
Legal basis: where applicable, storage/access is based on device-law exemptions for essential cookies; processing is based on Art. 6(1)(f) GDPR.
b) Analytics/statistics cookies (Wix Analytics)
Cookies/similar technologies may be used for analytics/statistics.
Legal basis: where consent is required, processing is based on Art. 6(1)(a) GDPR (consent).
Cookie settings / withdrawal:
You can change your cookie choices at any time via the cookie settings (cookie banner and/or a “Cookie settings” link/button on the website) and withdraw consent with effect for the future.
5. Wix Analytics (audience measurement)
We use Wix Analytics to statistically evaluate how our website is used and to improve our content.
In particular, the following data may be processed:
usage data (e.g., page views, click paths, time spent, entry/exit pages)
technical information (e.g., browser, device, operating system)
approximate location/region information (derived, e.g., from IP information)
event/status data relating to website functions (as applicable)
Purpose: audience measurement, optimisation and improvement of the website.
Legal basis: Art. 6(1)(a) GDPR (consent), where required.
Recipients: Wix.
6. Contact (contact form / email)
If you contact us (e.g., via a contact form or by email), we process the information you provide.
Data processed: e.g., name, email address, message, and any other information you choose to provide.
Purpose: handling and responding to your inquiry.
Legal basis: Art. 6(1)(b) GDPR (contractual/pre-contractual communication) or Art. 6(1)(f) GDPR (general inquiries).
Retention period: We generally delete inquiries once they have been fully handled, unless statutory retention obligations apply or longer retention is necessary for evidentiary purposes.
7. Donations / payment processing (Wix Payments)
Our website allows you to make donations (one-time or recurring). Payment processing is handled via Wix Payments and the payment processors/acquirers used by Wix for this purpose.
Important: We do not offer PayPal and we do not offer Klarna payments.
Possible payment methods (depending on availability):
common credit/debit cards (e.g., Visa, Mastercard, American Express)
wallets such as Apple Pay and Google Pay
other local payment methods offered by Wix Payments (depending on country/availability)
Data processed (depending on payment method):
contact/master data (e.g., name, email)
donation amount and transaction data (e.g., date, status, references)
payment data (e.g., card details are usually processed directly by the payment provider; we often receive only tokens/references)
risk/fraud-prevention data, where applicable
Purpose: performing the donation, payment processing, fraud prevention, accounting and documentation.
Legal bases:
Art. 6(1)(b) GDPR (performance of the donation transaction)
Art. 6(1)(c) GDPR (statutory retention obligations)
Art. 6(1)(f) GDPR (fraud prevention and system security)
Recipients: Wix Payments and the payment processors/acquirers used by Wix, as well as Wix as the platform provider.
Retention period: Transaction and accounting records are stored in accordance with statutory retention requirements.
8. Blog & comments (comments enabled)
We operate a blog and comments are enabled. When you post a comment, we process the information you provide and data that is technically necessary.
Data processed (typically):
name/display name (depending on your input)
comment content
time of publication
email address, where applicable (e.g., for moderation/notifications—depending on settings)
technical data for abuse/spam prevention (e.g., IP address, device/browser information, where necessary)
Public visibility: Comments are generally publicly visible. Please do not post sensitive personal information.
Purpose: publishing and managing comments, interaction, moderation, abuse/spam prevention, security.
Legal basis: Art. 6(1)(f) GDPR (legitimate interest in communication and security).
Retention period: Comments are generally stored as long as the related post remains online or until you request deletion, unless there are overriding reasons (e.g., asserting or defending legal claims).
9. Recipients / disclosure of data
We disclose personal data only if:
this is necessary to perform a contract (e.g., payment processing),
we are legally obliged to do so,
you have consented, or
we have a legitimate interest (e.g., IT security).
Recipient categories: Wix (hosting/website functions/analytics), Wix Payments/payment processors, IT/support service providers (processors), and tax/financial service providers where required by law.
10. Retention (general)
Unless a specific retention period is stated in this policy, we process and store personal data only for as long as necessary for the respective purpose. Thereafter, data is deleted unless statutory retention obligations apply or legitimate interests (e.g., legal defence) require longer storage.
11. Your rights
Subject to the legal requirements, you have the following rights under the GDPR:
access (Art. 15 GDPR)
rectification (Art. 16 GDPR)
erasure (Art. 17 GDPR)
restriction of processing (Art. 18 GDPR)
data portability (Art. 20 GDPR)
objection to processing based on legitimate interests (Art. 21 GDPR)
withdrawal of consent (Art. 7(3) GDPR) with effect for the future
To exercise your rights, please email: management@amarcord.de
12. Right to lodge a complaint with a supervisory authority
You have the right to lodge a complaint with a data protection supervisory authority, in particular in the Member State of your habitual residence, place of work or the place of the alleged infringement. For Saxony (Germany), the competent authority is the Saxon Data Protection and Transparency Commissioner.
13. Data security
We implement appropriate technical and organisational measures to protect your data. Data transmission is generally encrypted (HTTPS), provided your browser supports it.
14. Changes to this Privacy Policy
We may update this Privacy Policy if laws, website features or our data processing activities change. The current version is available on this website.