Effective May 25, 2018
- Controller / Data Protection Officer
- Types of Information Collected
In order to better provide you with our numerous services, we may collect two types of information about our users: Personally Identifiable Information and Non-Personally Identifiable Information, according to U.S. law. Both types of information may be considered “Personal Data” under the laws of certain other jurisdictions, including the General Data Protection Regulation of the European Union (the “GDPR”). In this Policy we refer to “Personal Data” as any Personally Identifiable Information under U.S. law plus any other data that is defined as Personal Data under the GDPR or regulations in other jurisdictions. Our primary goal in collecting Personal Data from you is to provide you with a smooth, efficient, and customized experience while using our Site.
Personally Identifiable Information: This refers to information that lets us know the specifics of who you are. When you engage in certain activities on this Site, such as registering for access, using a service, or sending us feedback, we may ask you to provide certain information about yourself by filling out and submitting an online form. It is completely optional for you to engage in these activities. If you elect to engage in these activities, however, we may ask that you provide us personal information, such as your first and last name, mailing address (including zip code), and other personal identifying information. Depending upon the activity, some of the information we may ask you to provide is identified as mandatory (because we need it in order to provide the requested services) and some as voluntary. If you do not provide the mandatory data with respect to a particular service, you will not be able to use that service.
Non-Personally Identifiable Information: This refers to information that does not by itself identify a specific individual. We may gather certain information about you based upon where you visit on our Site in several ways. Any such information is compiled and analyzed on both an individual and an aggregated basis. This information may include the website’s Uniform Resource Locator (“URL”) that you just came from, which URL you next go to, what browser you are using, and your Internet Protocol (“IP”) address. A URL is the global address of documents and other resources on the World Wide Web. An IP address is an identifier for a computer or device on a Transmission Control Protocol/Internet Protocol (“TCP/IP”) network, such as the World Wide Web. If you access our site from a mobile device, we may also collect your device identifier. Networks like the World Wide Web use the TCP/IP protocol to route information based on the IP address of the destination. In other words, an IP address is a number that is automatically assigned to your computer whenever you are using the World Wide Web, allowing web servers to locate and identify your computer. Computers require IP addresses in order for users to communicate on the Internet.
- Collection Methods and Use of Information
We do not collect any Personal Data about you unless you voluntarily provide it to us. You provide certain Personal Data to us when you send email messages, submit forms or transmit other information by email, telephone or letter. We may also collect information from you at other points on our Site that state that such information is being collected.
In addition, we may also collect certain Non-Personally Identifiable Information using cookies, which are further described in Section 3 below, or pixels, which are clear gifs (together, “Tracking Technologies”). This information helps us remember you when you visit our site and we may use it to provide personalized content. This information is ultimately stored as local storage. We may use your IP address to diagnose problems with our servers or software, or to administer our Site. We recognize that in some jurisdictions IP addresses are considered Personal Data, and we will protect them accordingly.
Your Personal Data will be erased or blocked as soon as the purpose of its storage no longer applies. That said, we will only store Personal Data to the extent local law or regulations allow or require, and if such laws stipulate erasure or blocking of Personal Data after certain periods, we will erase or block your Personal Data after those periods have elapsed, unless the need for storage continues in order to conclude or fulfill our agreements with you.
- Legal Basis for Processing Personal Data
- Release of Information
We do not sell, trade, or rent Personal Data to others. We do provide some of our services through contractual arrangements with affiliates, and services providers, partners and other third parties. We and our service partners may use your Personal Data to operate our Sites and to deliver their services.
If and when we use any third party (“Service Partners”) to process Personal Data, we will only do so pursuant to sufficient contractual guarantees from the Service Partner that it will implement the technical and organizational measures to comply with all local regulatory requirements. No Service Partners will be authorized to engage other third parties (“Service Partner Contractors”) without specific or general permission from our Controller, and subject to the Controller’s ongoing oversight and controls. Any Service Partner and Service Partner Contractor processing activities will be performed only under a valid legal contract in writing clearly defining the scope and nature of processing, including all of the contractual details required of such Service Partners under the GDPR. Such a contract may be based, in whole or in part, on applicable certification procedures or on the implementation of standard contractual terms recognized by local legal or regulatory authorities.
Occasionally we may be required by law enforcement or judicial authorities to provide Personal Data to the appropriate governmental authorities. We will disclose Personal Data upon receipt of a court order, subpoena, or to cooperate with a law enforcement investigation. Subject to all local laws and regulations, we fully cooperate with law enforcement agencies in identifying those who use our services for illegal activities. We reserve the right to report to law enforcement agencies any activities that we in good faith believe to be unlawful.
- Rights to Information / Deletion / Corrections / Complaints
You have the right to access and edit the Personal Data that you have provided to us, or to ask us to delete it. You may correct your personal information and privacy preferences by writing us at:
c/o Corporate Information Services
901 West Alameda Avenue, Suite 108
Burbank, California 91506
Please include your name, address, and/or email address when you contact us.
Specifically, you have the right to receive confirmation as to whether or not we are processing your Personal Data and to have access to your Personal Data, in addition to: information on the purpose, categories, recipients (or categories of recipients), and period of storage (where possible; if not, any storage criteria) of your Personal Data; your rights to request correction, deletion, or cessation of processing of your Personal Data; your right to lodge complaints with the appropriate authorities; information about any automated analysis; and information of safeguards on any international transfer, in addition to any other information required to be provided under local law or regulation.
You have the right to withdraw your consent to the processing of Personal Data at any time by email or other written notice to the address set forth above. You understand that withdrawal will not affect the legality of our treatment of your Personal Data while your consent was in place.
At your request we will delete your Personal Data if any of the so-called “right to be forgotten” conditions set forth in the GDPR applies, or if any similar conditions are met under equivalent local laws or regulations. We will restrict our processing of Personal Data if you tell us that it is inaccurate, if you are entitled to request deletion but prefer restriction, if we would otherwise delete it but you need it for legal reasons, or if you are in the process of verifying our “legitimate interests” for processing your Personal Data (if those interests are the sole legal basis on which we are doing so).
We encourage you to promptly update your Personal Data if it changes. You may ask to have the information on your account deleted or removed. It may be impossible to completely delete your information without some residual information because of backups.
- User Choices on Collection and Use of Information
You also have choices with respect to cookies, as described above and in our Cookies Policy. By modifying your browser preferences, you have the choice to accept all cookies, to be notified when a cookie is set, or to reject all cookies. If you choose to reject all cookies some parts of our Site may not work properly in your case.
- Security of Information
We take all appropriate technical and organizational measures to ensure a level of security over Personal Data that is appropriate to the risks of breach, taking into account currently available technical measures, cost, and the particular circumstances and context of our processing of Personal Data, bearing in mind the likelihood and severity of the consequences to you and others of a potential breach of Personal Data.
Your Personal Data is protected in several ways. Access by you to your Personal Data is available through a unique login ID and a password selected by you. This password is encrypted. We recommend that you do not divulge your password to anyone. In addition, your Personal Data resides on a secure server that only selected Peermusic personnel and contractors have access to via password. We encrypt your Personal Data and thereby prevent unauthorized parties from viewing such information when it is transmitted to us. Anyone processing your Personal Data under the authority of our Controller or processor will not do so except on the Controller’s instructions (unless otherwise required to do so by law).
Unfortunately, no data transmission over the Internet or any wireless network can be guaranteed to be 100% secure. As a result, while we strive to protect your Personal Data, to the full extent you are empowered to do so under local law or regulations, you acknowledge that: (a) there are security and privacy limitations of the Internet which are beyond our control; (b) the security, integrity, and privacy of any and all information and data exchanged between you and us through this Site cannot be guaranteed; and (c) any such information and data may be viewed or tampered with in transit by a third party.
- Privacy Policies of Third Party Sites
- Social Media and Plugins
- Cross-Border Data Transfers
We will sometimes process Personal Data outside of the country in which it was collected. Such transfer of data will only be made on the basis of our existing contractual obligations, your consent, legal obligations, or our legitimate interests. Such cross-border transfers are compliant with the requirements of the GDPR, including the requirement of specific guarantees (such as “Privacy Shield” certification in the U.S. or compliance with officially recognized standard contractual clauses).
- Do Not Track
- Your California Privacy Rights.
California law entitles California users to request information concerning whether a business has disclosed certain information about you to any third parties for the third parties’ direct marketing purposes. California users who wish to request further information in compliance with this law or have questions or concerns about our privacy practices and policies may contact us as specified in the “Contact Information” section below.
- Age Requirements
- Contact Information
Corporate Information Services
901 West Alameda Avenue, Suite 108
Burbank, California 91506
Email address: firstname.lastname@example.org