Privacy Policy

I – Privacy and Protection of Personal Data

The privacy and protection of personal data of members and users of TASIFEST services are fundamental priorities in how we operate and organize ourselves. Although Timor-Leste does not yet have specific legislation on personal data protection, the Constitution of the Democratic Republic of Timor-Leste (Article 38) recognizes citizens’ rights to privacy and the protection of their personal information.

TASIFEST is committed to ensuring that its members and users understand, at all times, the rules and principles governing the collection, storage, and processing of personal data. To this end, we apply appropriate technical and organizational measures to protect this data against unauthorized access, loss, destruction, alteration, or improper disclosure.

The TASIFEST website may contain links to external websites that are not managed by our organization. These links are included in good faith; however, TASIFEST cannot be held responsible for the privacy policies and data processing practices of these third parties.

In addition to the measures adopted internally, we recommend that our members and users enhance their digital security by keeping their devices and software up to date, using protection against malicious software, and browsing only on trusted websites.

TASIFEST may, whenever necessary, update or revise its Privacy Policy to reflect best practices and community needs. Any changes will be communicated transparently through our website and official channels.

 

II – What is Personal Data?

Personal data refers to any information, regardless of its format or medium (including sound and image), that relates to an identified or identifiable natural person. A person is considered identifiable if they can be recognized directly or indirectly, particularly through a name, identification number, or other elements that define their physical, physiological, psychological, economic, cultural, or social identity.

TASIFEST is committed to processing only the personal data necessary to provide its services, ensuring that any collection, storage, or use of this information is carried out securely and transparently.

 

III – Data Collection and Processing Responsibility

TASIFEST is the entity responsible for collecting and processing the personal data of its members and service users. As part of its operations, TASIFEST determines which data is collected, the means used for processing, and the purposes for which it will be applied, always ensuring compliance with best data protection practices.

The processing of personal data will be carried out exclusively for purposes necessary for the organization and improvement of TASIFEST services, ensuring that the data will not be used for different purposes without the data subject’s consent.

Additionally, TASIFEST is committed to implementing appropriate security measures to prevent unauthorized access, improper alterations, loss, or misuse of the collected personal data.

 

IV – Responsibility for Data Shared with Third Parties

As part of its operations and service provision, TASIFEST may rely on third parties to perform specific tasks, including the development and management of its IT systems, which may involve access to members’ and users’ personal data.

When this occurs, TASIFEST ensures that these third parties adopt appropriate technical, organizational, and operational measures to guarantee the security and confidentiality of personal data. These entities will be contractually obligated to apply strict protection measures against destruction, loss, alteration, disclosure, or unauthorized access to data, as well as to comply with confidentiality obligations.

Outside of these situations, TASIFEST will only share personal data with third parties if:
a) Explicit authorization is given by the member or user, who will be informed in writing about the recipients and the purpose of such sharing;
b) It is strictly necessary for the provision of services, ensuring that data processing continues to comply with the best privacy and protection practices.

TASIFEST will remain responsible for the personal data it collects and the protection mechanisms adopted, even when such data is processed by third parties.

Additionally, providing certain services may involve the transfer of personal data outside of Timor-Leste. In such cases, TASIFEST is committed to evaluating and implementing the best international data protection practices, ensuring an adequate level of security and confidentiality.

 

V – Conditions for Personal Data Collection

TASIFEST only collects and processes members’ and users’ personal data with explicit consent, always ensuring transparency regarding the purposes for which such data is used.

However, certain personal data is essential for the provision of TASIFEST services. In these cases, members and users will be duly informed about the necessity of this data and the possible consequences of not providing it.

If the required data is not provided or proves to be incorrect, insufficient, or outdated, TASIFEST may be unable to provide the requested services, and members will be responsible for the accuracy and updating of the information provided.

 

VI – Personal Data Retention Period

TASIFEST commits to retaining members’ and users’ personal data only for the period strictly necessary to:
a) Ensure the provision of contracted services;
b) Fulfill the organization’s internal obligations;
c) Achieve the objectives for which the data was collected;
d) Allow data subjects to exercise their rights and comply with corresponding obligations.

Personal data that is no longer required for the purposes mentioned above will be securely deleted, ensuring that it cannot be misused.

 

VII – Members’ Rights Regarding Their Personal Data

TASIFEST is committed to ensuring its members and users the right to access, correct, update, and delete their personal data, free of charge and transparently.

To exercise any of these rights, members and users can send a written request to info@tasifest.tl, specifying their request and providing the necessary information to verify the identity of the applicant.

 

VIII – Unsolicited Electronic Communications for Direct Marketing

TASIFEST may use members’ and users’ contact details for direct marketing campaigns and festival service promotions, including exclusive benefits and partnerships, only with prior consent from the data subject.

Members will always have the right to unsubscribe from such communications at any time and at no additional cost by following the opt-out instructions in the communications received or by sending a request to info@tasifest.tl.

 

IX – Cookie Data

For more information on cookie usage on the TASIFEST website, users can refer to our Cookie Policy, available on the official site.

 

X – Security Measures for Personal Data Protection

TASIFEST implements appropriate technical and organizational measures to ensure the security and protection of members’ and users’ personal data, preventing unauthorized access, loss, destruction, or improper disclosure.

Additionally, TASIFEST is committed to continuously improving its information security policies, reinforcing the confidentiality and integrity of the data processed in its activities.

XI – Contacts

For more information about how TASIFEST processes personal data, to clarify doubts, submit complaints, or provide suggestions regarding privacy and data protection, members and users can contact us at info@tasifest.tl.