GDPR / PRIVACY POLICY

Dirty Art — Privacy PolicyLast updated: 06 March 2026 | dirtyart.art

1. Who We Are Dirty Art operates the website dirtyart.art. For GDPR purposes, the data controller is Dirty Art, Barcelona, Spain. GDPR contact: This email address is being protected from spambots. You need JavaScript enabled to view it.

2. What Data We Collect

• Name and email address (at registration)
• Payment confirmation data via PayPal (we do not receive or store card details)
• Subscription and access records
• Cookies for session management and age verification confirmation

3. How We Use Your Data

• To provide and manage your subscription access
• To send subscription confirmation and renewal reminders
• To comply with legal obligations

4. Legal Basis Processing is based on contractual necessity (subscription fulfillment) and legitimate interest (renewal communication). We do not use your data for advertising or share it with third parties except as required to process payments (PayPal).

5. Data Retention Account data is retained for the duration of your subscription plus 3 years for legal and accounting purposes, after which it is deleted.

6. Your Rights Under GDPR you have the right to access, correct, or delete your personal data, and to object to or restrict processing. To exercise these rights contact This email address is being protected from spambots. You need JavaScript enabled to view it.. You also have the right to lodge a complaint with the Spanish data protection authority (AEPD) at aepd.es.

7. Cookies We use strictly necessary cookies for session management and to record age verification confirmation. No advertising or tracking cookies are used.

8. Data Transfers Payment processing is handled by PayPal (US-based). PayPal operates under standard contractual clauses in compliance with EU data transfer requirements.