Museum of Synthetic Voices
IT
Personal Data Protection

Privacy Policy

Information on the processing of personal data pursuant to EU Regulation 2016/679 (GDPR)

Last updated: January 8, 2026
01
Data Controller

Who manages your data

The data controller is Daniele Cappello, curator of the Museum of Synthetic Voices. The controller is responsible for decisions regarding the purposes and methods of data processing.

Direct contact

info@museumofsyntheticvoices.com

02
Legal Basis

Why we can process your data

The processing of your personal data is based on different legal grounds, depending on the specific purpose:

  • Account registration and content access
    Art. 6.1.b GDPR Performance of a contract to which the data subject is party. Registration is necessary to provide you access to the museum's reserved content.
  • Comment publishing
    Art. 6.1.b GDPR Performance of the requested service. Commenting is a feature you choose to use.
  • Support and donations (Stripe Checkout)
    Art. 6.1.b GDPR Performance of a service requested by the data subject. Payment processing is handled by the payment provider.
03
Data Collected

What information we collect

We only collect data strictly necessary to provide you with the museum's services. We apply the data minimization principle required by GDPR.

  • Email address — For authentication and service communications
  • Password hash — Your password is never stored in plain text
  • Registration date — For administrative purposes
  • Expressed consents — Cookie preferences stored locally in the browser
  • Comment content — Only if you choose to use this feature
  • Support messages — Optional text attached to donations
04
Purposes

How we use your data

  • Account access — Authentication and session management
  • Reserved content — Unlocking multimedia archives and premium features
  • Comment system — Allowing you to participate in discussions
  • Project support — Managing donations and receipts via Stripe
  • Personalization — Remembering your preferences (language, theme, audio)
  • Service communications — Important notifications about your account

We do not sell or share your data with third parties for commercial purposes. Data is processed exclusively for the purposes stated above.

Some technical services may process data on our behalf: Supabase (authentication and database) and Stripe (payments). We do not store card payment data.

05
Retention

How long we keep your data

Active account

Data is retained for the duration of the account

Account deletion

Complete deletion within 30 days of the request

Some data may be retained longer for legal obligations or for the protection of rights in court, in accordance with legal requirements.

06
Your Rights

What you can do with your data

GDPR guarantees you a series of rights that you can exercise at any time by contacting us at the email address provided.

Right of access

You can request a copy of all the data we have about you.

Right to rectification

You can correct or update your data at any time.

Right to erasure

You can request complete deletion of your data.

Right to portability

You can request your data in a structured, readable format.

Withdrawal of consent

You can withdraw any consent given at any time.

Complaint to authority

You can file a complaint with the Data Protection Authority.

07
Contact

How to exercise your rights

For any request regarding the processing of your personal data, you can contact us directly. We will respond within 30 days of receiving your request.

Email

info@museumofsyntheticvoices.com

For information about the use of cookies and tracking tools, please see our Cookie Policy.