Privacy – IAMIC – International Association of Music Information Centres

Privacy

IAMIC

privacy

Privacy policy

IAMIC regards the protection of personal data (hereinafter referred to as “data”) as a very serious and important matter. We therefore wish to inform you below in detail about the data that is collected when you access our website and use its services and how we process and use the data. We also wish to inform about the relevant security measures of a technical and organisational nature that we have put in place.

Please note that this privacy policy may be updated occasionally due to the implementation of new technologies and/or legal amendments. We shall draw your attention to this in the appropriate manner. We shall, of course, always duly take into account your interests in any changes that are made.

Irrespective of the legal rights and law requirements on which they are based, we shall, of course, always respect the right of any data subject to require the rectification or erasure of personal data published in our databases.

General information
Data Controller, Point of Contact, Data Protection Officer
Pursuant to Article 4, Paragraph 7 of the EU General Data Protection Regulation (GDPR) the data controller is:

International Association of Music Centres
Ravensteingalerij 38
1000 – Brussels
Belgium
Email: info@iamic.net
Represented by its President Stephan Schulmeistrat.

Legal bases for the processing of your data
Should the legal basis not be specified in the privacy policy the following shall apply:

We rely on the REGULATION (EU) 2016/679 OF THE EUROPEAN PARLIAMENT AND OF THE COUNCIL of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (General Data Protection Regulation), along with the applicable Belgian legislation.

Your rights
Irrespective of the legal rights and law requirements on which they are based, we shall, of course, always respect your right as data subject to require the rectification or erasure of the personal data concerning you that we hold or that are contained in our databases.

Your legal rights pursuant to the General Data Protection Regulation are:

right to information (Article 15 of the GDPR);
right to rectification and erasure (Articles 16 and 17 of the GDPR);
right to restriction of processing (Article 18 of the GDPR);
right to data portability (Article 20 of the GDPR);
right to object to processing (Article 21 of the GDPR).
In this connection we wish to emphasise the following rights:

a) Right to information
You can demand a confirmation from the controller as to whether personal data concerning you are being processed by us. If processing of this nature is going on, you shall receive information from the controller about our processing of your personal data.
Unless you request specific information, we shall deem your inquiry to be a request for exhaustive information.
b) Right to rectification
Sie haben ein Recht auf Berichtigung und/oder Vervollständigung gegenüber dem Verantwortlichen, sofern die verarbeiteten personenbezogenen Daten, die Sie betreffen, unrichtig oder unvollständig sind. Der Verantwortliche hat die Berichtigung unverzüglich vorzunehmen.
c) Right to erasure
You can demand that the controller erase the personal data concerning you without undue delay and the controller will be obliged to erase said data without undue delay, provided that there are no legal reasons to the contrary.
d) Right to object
You have the right to object, on grounds relating to your particular situation, at any time to processing of personal data concerning you, in line with Article 6, Paragraph 1. Letter e or f of the GDPR.

The controller will no longer process your personal data unless they demonstrate compelling legitimate grounds for the processing which override your interests, rights and freedoms or for the establishment, exercise or defence of legal claims.

e) Right to withdraw your consent
You have the right to withdraw your consent at any time. The withdrawal of consent will not affect the lawfulness of processing based on consent before its withdrawal.
f) Right to lodge a complaint with a supervisory authority
Without prejudice to any other administrative or judicial remedy, you have the right to lodge a complaint with a supervisory authority, in particular in the Member State of your habitual residence, place of work or place of the alleged infringement if you consider that the processing of personal data relating to you infringes the GDPR.

Retention periods
In line with statutory provisions, in particular Articles 17 and 18 of the GDPR, the data processed by us will be erased or our processing of them restricted. Unless expressly stated in this privacy policy, we will erase the data stored by us as soon as it is no longer required for the intended purpose. Data will be retained beyond the time at which the intended purpose ends only if such data is necessary for other, legally permissible purposes or if the data must continue to be retained due to statutory retention periods.

Contacting
The processing of your data in cases where you get in touch by email or telephone takes place on the basis of your (presumed) consent in accordance with Article 6, Paragraph 1, Letter a) of the GDPR or Article 6, Paragraph 1, Letter b) of the GDPR depending on whether the content of the enquiry is related to purely information-related queries or the contact is connected to pre-contractual fulfilment obligations.

You can withdraw your consent to the processing of your personal data at any time without the legitimacy of the preceding processing conducted on the basis of your consent until it was withdrawn being affected. If you contact us via email to request information you can object to the storage of your personal data at any time. In said case, it will not be possible to continue the conversation.

After processing all contact requests we erase them from our active systems unless there are legal grounds or retention obligations that permit or require their continued storage.

Commissioned processing and data recipients, linked third-party websites
Below, we wish to inform you about the third parties and data processors to whom we transfer personal data. On our website we use various third-party services for different purposes, to which we shall refer in depth in the individual descriptions. In principle however, these services are used to make our Internet presentation functional, secure and attractive in terms of appearance and content and to continuously optimise it. We generally transfer personal data to the following categories of third parties:

billing service providers, print and postal service providers, insurance companies, telecommunication service providers, insurance brokers and loss adjusters; authorities, in instances in which a legitimate request has been lodged, banks and payment service providers for the handling of payments, external (chartered) accountants, hosting service providers and providers of other services relating to our website, legal advisors and auditors.

If personal data is transferred to a third country or an international organisation, we shall notify you separately of said transmission and the underpinning justification norm. The transfer is covered by standard contractual clauses in accordance with Article 46 of the GDPR or other suitable transfer safeguards in accordance with Article 44 et seq. of the GDPR.

In some cases we use external service providers to process your data in accordance with our instructions. We carefully select and commission these service providers and perform regular checks. Commissioning is based on the agreements relating to commissioned processing in line with Article 28 of the GDPR. No processing for their own purposes is conducted by commissioned processors.

Commissioned processors include in particular IT service providers (maintenance and support), telemedia service providers for operating IT systems (web hosting providers for online platforms, providers of cloud software and backup services), service providers for the proper disposal of waste data.

Our website may contain links to third-party websites. We should like to point out that we are not responsible for the processing of your personal data on these websites in accordance with Article 4 (7) of the GDPR. Please consult the privacy policies of the relevant websites before disclosing personal data.

Children
Our website is not intended for children under the age of 16.

Data security
We also use technical and organisational security measures to protect personal data, accrued or collected, in particular from accidental or intentional manipulation, loss, destruction or from attack by unauthorised persons. Our security measures are continuously improved in line with technological developments.

For this purpose, this site uses, among other things, TLS/SSL encryption for secure data transmission. The common TLS (Transport Layer Security) procedure / SSL (Secure Socket Layer) procedure is used in connection with the highest encryption level supported by your browser. You can tell whether an individual page of our website is being transmitted in encrypted form by the closed display of the locked key or lock symbol in the lower or upper status bar of your browser.

Automated decision making including profiling
Automated decision making including profiling does not take place.

Data processing when using the website
Technical provision of the website – server log data, hosting
When you access website content, data that may enable identification are temporarily stored in log files on the server used by us. The following data is collected: date and time of access; IP address of the calling computer; host name of the accessing computer; website from which the website was called; websites called via the website; sub-pages accessed on our website; amount of data transferred; notification of whether the call was successful; information about the browser type and version used; operating system. This information is required for technical purposes so that we can supply you with the website content you requested; its collection is compulsory when you use the Internet. It is processed for the following purposes in particular:

to ensure problem-free access to the website,
to ensure efficient use of our website,
to evaluate system security and stability and
for further administrative purposes.
The legal basis for temporary storage to enable access to and reliable use of the website is Article 6, Paragraph 1, Sentence 1, Letter b of the GDPR. The legal basis for ensuring system security and stability as well as for other administrative purposes is Article 6, Paragraph 1, Sentence 1, Letter f of the GDPR. Our legitimate interest is the protection of our information technology systems (especially in the case of fraudulent attacks known as DDoS attacks. A personal evaluation of data, in particular for marketing purposes, does not take place without your prior consent.

Subject to your express consent, we may evaluate the above-mentioned information statistically in an anonymous form in order to optimise our website and the technology on which it is based (see Matomo, web analysis).

We use a hosting provider based in Germany (Host Europe GmbH, Hansestr. 111, 51149 Cologne, Germany) to operate this web service. They process the master, contact, content, contract, usage, meta and communication data of visitors who access this website on our behalf and on the basis of our legitimate interests in the efficient and reliable provision of this online service in line with Article 6, Paragraph 1, Sentence 1, Letter f and Article 28 of the GDPR.

Statistics, analysis, optimisation, social media incorporation – use of
cookies
We use cookie technology for our Internet presentation. Cookies are small text files sent from web server to your browser when you access our websites and which are stored by it on your computer for subsequent retrieval. The files contain information (usually identifiers, identification numbers), which our website can retrieve from your device and assign to a database stored by us. You can configure the settings in your browser to define whether and to what extent cookies can be stored and retrieved.

Types of cookies and legal basis
Strictly necessary cookies

Without strictly necessary cookies, our website does not function properly. They are required to save your cookie settings and for you to log in, to remain logged into our login areas and to store your language settings. We do not require any consent for strictly necessary cookies. You can set your browser to block strictly necessary cookies. However, this will affect the functions on this website. As a rule, the legal basis for the use of strictly necessary cookies is our legitimate interest in accordance with Article 6, Paragraph 1, Sentence 1, Letter f of the GDPR. These cookies cannot be disabled via the cookie settings. However, you can delete these cookies via your browser settings.

Functional cookies

Functional cookies are used in connection with the incorporation of services that are not absolutely necessary for the operation of the website or use thereof is subject to consent for other reasons. Functional cookies may, for instance, be used to display social media content or incorporated videos.

Cookie function duration

A distinction must be made between session cookies and persistent cookies.
Session cookies are deleted when you close your browser.
Persistent cookies remain on your computer until you delete them or the expiry time set by the publisher is reached. The function duration of the individual cookies is set out in the following sections.

How can cookies be deleted? How can I withdraw my consent?
You can withdraw any consents you have granted for web analysis with effect for the future via the “Privacy settings” button at the bottom of this page. The withdrawal of consent shall not affect the lawfulness of processing based on consent before its withdrawal. Information on deleting other cookies can be found below.

In your browser settings, you can also select whether cookies may be stored. In the settings, you can also block “strictly necessary cookies”. Please note that in this case the website may no longer function properly.

In the browser settings, you can delete cookies already stored on your device. If all cookies are deleted it may be that this website will no longer function as usual. For instance, you may need to log in again.

For further information on how to delete cookies in your browser, please refer to:
Google Chrome
Internet Explorer
Microsoft Edge
Firefox
Safari
Safari Mobile
Opera
Performance Cookies: Statistics, web analysis, optimisation
Unless otherwise stated, the processing operations described in this section (statistics, analysis, optimisation, social media integration – use of cookies) is based on your consent in accordance with Article 6, Paragraph 1, Sentence 1, Letter a and Article 7 of the GDPR.

Incorporation of videos and maps
YouTube

On occasion, we incorporate videos from the “YouTube” platform of the provider Google. The videos themselves are stored by YouTube. If you access one of our websites with a YouTube plugin, a connection will be established to the YouTube servers, notifying them about which of our websites you have accessed.

If you are logged into your YouTube and/or Google account, you enable Google to directly associate your surfing behaviour with your personal profile. You may prevent this by logging out of your YouTube and/or Google account.

Even without a YouTube/Google account, certain data is transmitted to Google when sub-pages containing videos are called up: IP address and cookie, the address of the website on which you are viewing the video, date and time of download as well as the browser ID.

Incorporating YouTube videos is in our legitimate interest in accordance with Article 6, Paragraph 1, Sentence 1, Letter f of the GDPR in order to increase the user-friendliness and attractiveness of our services.

Google stores these data as user profiles and may use them for the purposes of advertising, market research and/or the adequate design of their websites. Such an evaluation (also for non-registered users) is carried out in particular to provide tailored advertising and to inform other users about your activities on our website. You have the right to object to the creation of these user profiles. To exercise this right, you must contact Google, the operator of YouTube.

The privacy policy is available at https://www.google.com/policies/privacy/. The opt-out option can be selected at https://adssettings.google.com/authenticated.

Google Maps

We incorporate maps from the Google Maps service of the provider Google (service provider: Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland. Parent company: Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA) for the purpose of optimising and increasing the customer-friendliness of our service with interactive maps (legitimate interest in accordance with Article 6, Paragraph 1, Sentence 1, Letter f of the GDPR). Your IP address in particular and also your location data and device information may be processed in this connection. You can deactivate processing of location data in your browser and/or operating system settings (generally in the case of mobile devices). If you are logged into Google, your data will be directly assigned to your account, otherwise Google will assign the data to an advertising ID separate from your account.

For further information, please refer to the privacy policy: https://www.google.com/policies/privacy/, Opt-Out: https://adssettings.google.com/authenticated.