Privacy Policy
This policy explains how and why we collect, use and share your personal data.
It describes our privacy practices in relation to our online, digital or mobile services for which this policy is posted or linked (the “services”). Those include each of our label-related or artist-related websites, apps, data integration tools and software, as well as any of our other products, services, content, adverts or activities for which this policy is posted or linked.
It covers all the related data collection activities (online and offline) of the relevant BMG group companies, as explained in section 1 below.
Our relevant site(s) for the services are referred to below, collectively and individually, as the “site”.
Contents
1 Collection and processing of data
2 Use of your personal data
3 Newsletter
4 Sharing with third parties
5 Data transfers outside UK/EEA
6 Cookies
7 Third-party links
8 Data security
9 Data retention
10 Your legal rights
10.1 For European residents
10.2 For California residents
10.3 For other residents
11 Children
12 Changes to this policy
13 Contact us
1 Collection and processing of data
Each of the services is run by a BMG group company, which collects personal data in connection with that service and acts as the data controller for such data. The relevant company (referred to in these terms as “BMG”, “we”, “us” or “our”) is as follows:
- For a service provided from the EU – BMG Rights Management GmbH, a company with limited liability incorporated in Germany with registered number HRB 116072 Charlottenburg (Berlin), whose principal place of business is at Charlottenstraße 59 10117 Berlin, Germany.
- For a service provided from the UK – BMG Rights Management (UK) Limited, a private limited company incorporated in England and Wales with company number 6705101, whose principal place of business is at 8th Floor, 5 Merchant Square, London W2 1AS, UK.
- For a service provided from the USA – BMG Rights Management (US) LLC, a limited liability company incorporated in the state of Delaware with company number 4645458, whose principal place of business is at One Park Avenue, 18th Floor, New York, NY 10016, USA.
- For a service provided from Australia – BMG Rights Management (Australia) Pty Ltd, a proprietary company with limited liability incorporated in Australia with Legal Entity Identifier number 529900CDJDLSC65QHU88, whose principal place of business is at Level 3, 270 Devonshire Street, Surry Hills, NSW 2010, Australia.
- For any BMG group service provided from anywhere else – BMG Rights Management GmbH (whose company details are as noted above).
- the BMG group’s corporate site at www.bmg.com;
- any other institutional sites for BMG group companies (e.g. www.countdownmedia.com);
- any BMG production/library music site (e.g. www.bmgproductionmusic.co.uk); and
- any BMG group portal dedicated to personnel (e.g. any BMG group staff intranet) or set up for royalty participants (e.g. www.myBMG.com).
For the services to which this policy does apply, we, as well as our affiliated BMG companies, artists and/or writers and/or our or their third-party suppliers, technology partners and/or marketing partners (together, our “partners”), may collect and process certain personal data relating to you, i.e. information that identifies (or makes it possible to identify) you as a natural person (e.g. your name, postal address, email address, telephone number, date of birth, age, country of residence and/or IP address). We and/or our partners may collect such information when you take part in various opportunities and services provided via the site or a partner site, such as when you participate in an artist- or label-related marketing campaign via the site or a partner site or otherwise engage with our content, or when you purchase products, services or digital content through a store that is associated with the site (if any, the “store”, which may be hosted by a third-party supplier).
Processing means any operation that is performed on personal data, such as collection, recording, organisation, structuring, storage, adaptation, retrieval, any kind of disclosure, erasure or destruction or other use. For example, we process personal data when you:
- actively communicate with us;
- subscribe to services (e.g. newsletters, artist information bulletins or other communications) that we may provide through the site;
- make a purchase via the store;
- take part in a contest, promotion, survey or other type of promotion through the site, the store or any linked social media;
- contribute to a blog or forum; or
- link any of your accounts relating to media consumption (e.g. Spotify or Apple) or social media to BMG services, including those operated by a third party on our behalf, or otherwise engage with our content.
On each of your visits to the site, we also collect the following technical data, as transmitted by your browser or device to the site:
- your type of browser and type of operating system;
- the internet protocol (IP) address allocated to your internet access when you visited the site;
- the URL of the internet page from which you arrived at the site;
- the date and time when you accessed, clicked through and left the site;
- the amount of data transmitted; and/or
- the searches you made and the pages you accessed on the site.
We may also receive certain activity data from our partners (e.g. our third-party technology partners), such as data on your interests, purchase history or listening or viewing activity.
2 Use of your personal data
We and our partners may use your personal data for the following purposes:
- to provide access to the site and other services;
- to respond to your enquiries and to fulfil your requests (e.g. to send you newsletters or to provide you with information about our products, services and content);
- to monitor customer traffic patterns and site usage to help us and our partners enhance your enjoyment during the online experience (and for further information on the use of data for web analytics and marketing purposes, please refer to our Cookies Policy);
- to provide assessment and analysis (e.g. customer, audience, promotional and market analysis) to enable us: (a) to review, develop and improve the services, products and content that we and/or our partners offer; and (b) to use the results of such analysis (e.g. based on segmentation by location, interests, purchase history and/or other characteristics) to build a user profile for use in connection with customised online advertising (where permitted);
- to show you customised online advertising (where permitted), which may be based on our analytical data and/or data relating to your engagements with us on other sites or platforms that you are using (which could include partner sites, social media and/or search engines);
- if you have consented to our doing so, to provide you (or to permit selected third parties to provide you) directly with information about products, services and/or content that we believe may interest you;
- to notify you about changes to site terms and policies; and/or
- to allow you to take part in competitions and similar promotions and to administer those activities (which may contain additional requirements and information about how we or our partners may use your personal information).
These processing activities are necessary for the purposes of our and such third parties’ legitimate interests to improve your site and/or store experience and to improve our and/or their products, services and/or content and/or to use the site and/or store for informational and general marketing purposes. For any direct marketing purposes, we process such communications on the basis of your consent, where (and for as long as) you have given it. It is also in your and our mutual legitimate interest to respond to your enquiries and requests.
We do not seek to collect any “sensitive” or special categories of personal data about you or anyone associated with you: such information would include information about a person’s racial or ethnic origin, political opinions, religious or philosophical beliefs, trade union membership, genetic or biometric data (where used for identification purposes), health, sex life or sexual orientation. Nor do we seek to collect any information about criminal convictions and offences. If, however, you in fact provide us with any such special or crime-related information (e.g. when using any interactive feature of the site), then by submitting it, you consent to the use of such information by us and/or our partners in accordance with applicable law and this policy for (a) the purpose for which you have voluntarily provided it and (b) any purpose that is reasonably compatible with such purpose. You may withdraw that consent at any time by contacting us.
We also process your personal data where and to the extent necessary: (a) for any purposes required or permitted under any relevant laws or regulations of any relevant jurisdiction; (b) to enforce or apply the site’s terms of use or other contracts with you; and/or (c) to protect our, our users’ or any other third parties’ rights, property or safety.
3 Newsletter
This section 3 only applies if we offer a newsletter via the site or the store (from us or from any of our partners).
When you subscribe to the newsletter, we will only send it to you by email if you confirm your email address (e.g. by clicking on a link via the site or in a notification email). In that case, we will store and use your relevant personal data (including your email address), the time of registration, the IP address used for registration and the location from which you registered.
The purposes of such processing are (a) to send you editions of the newsletter, (b) to confirm your registration and (c) to gather data to help us analyse how to improve the newsletter and/or to inform our analysis for customised online advertising (where permitted). The legal basis of the processing is your consent (as far as given) or otherwise our legitimate interest in undertaking such confirmation and analysis.
If, when subscribing to the newsletter, you also consent to receive information about our and/or selected third parties’ products, services or content, the provision of that information is based on that consent.
You can unsubscribe from the newsletter at any time by clicking on the link provided in each of our newsletters or sending us an email at unsubscribe@bmg.com. If unsubscribing, please state the name (such as the relevant label or artist name) of the mailing list that you wish to be removed from. You can also, at any time, withdraw your consent to receive such direct marketing communications by sending us an email to that effect at data-protection@bmg.com. In either case, such request will only be effective going forward. We may still continue to process certain related data where permitted (e.g. to give effect to your preference), unless you have any relevant rights to restrict or prevent such processing and exercise those rights (as explained in section 10 below).
For our newsletters we also use commercially established technologies that enable us to measure interactions with the newsletter (e.g. emails opened and links clicked). We use such data for general statistical evaluations, as well as for the optimisation and further development of our content and customer communication and/or to inform our analysis for customised online advertising (where permitted). That information is collected using small graphics embedded in the newsletter (known as “pixels”), which can also collect technical data about the device you use. The legal basis for this is your consent (as far as given) or otherwise our legitimate interest in understanding how users interact with the newsletter and in improving our content and customer communication and/or the relevance of customised online advertising (where permitted).
Through our newsletter we want to share content that is as relevant as possible for our customers and to gain a better understanding of what readers are actually interested in. If you do not wish to be involved in the analysis of such usage behaviour, you can unsubscribe from our newsletter or deactivate graphics in your email program by default.
4 Sharing with third parties
We may share your personal information for the above purposes from time to time with the following third parties:
- any member of BMG’s group of companies (which means our subsidiaries, our ultimate holding company and its subsidiaries) so that such third party may process your personal information in any way in which we may process your personal information under this policy;
- our third-party suppliers that provide us with site-related services (such as hosting, data analysis (including webtracking services), search engines, payment processing, order fulfilment, IT services, email delivery, customised online advertising, auditing and other similar services) to enable them to provide such services and/or to assist us in improving and optimising the site (and, in the interests of compliance with applicable data-protection and privacy laws, each of those third-party suppliers is bound by a data processing agreement or some other appropriate safeguard will be in place);
- any artist connected at any time with the site (including individual band members, if relevant) and such artist’s representatives and third-party suppliers, so that they may: (a) process your personal information in any way in which we may process your personal information under this policy; and (b) if you have consented to their doing so, use such information to send you communications (including marketing communications) that they believe may be of interest to you;
- any third party that sponsors or provides (in whole or in part) a competition or similar promotion through the site for all purposes in connection with such contest or promotion;
- any third party with whom you communicate on or via the site (e.g. via message boards, chats, profile pages, blogs and other services to which you are able to post information and materials), but only to the extent that your personal information is included by you in such communication; and/or
- any other third-party partner, so that such third party may process your personal information in any way in which we may process your personal information under this policy.
- Any such sharing of personal data is based on our legitimate interests as specified in section 2 above or (where given) your consent.
- We may share your personal information with any person where necessary: (a) for any purposes required by or permitted for such person under any relevant laws or regulations of any relevant jurisdiction; (b) to enforce or apply the site’s or the store’s terms of use or other contracts; and/or (c) to protect our, our users’ or any other third parties’ rights, property or safety.
- We also anonymise your personal data, as it is in our legitimate interest to use aggregated, non-personal information to analyse our target audience and web traffic. We may publish, or share with partners, aggregated non-personal data, which will not identify you individually.
5 Data transfers outside UK/EEA
The information we collect from you may be transferred to, processed and stored at a destination outside the UK or outside the European Economic Area (“EEA”), e.g. when we transfer data to members of BMG’s group of companies or to our other partners.
The recipients outside the UK/EEA are either bound by standard contractual clauses approved by the UK government or (as relevant) the EU Commission for the protection of personal data (or subject to some other appropriate safeguard), or they are located in countries for which the UK government or (as relevant) the EU Commission has issued an adequacy decision for the purposes of data protection law.
6 Cookies
A “cookie” is a small text file deposited on your device’s hard drive when you access a website. We may use cookies to monitor your use of the site and to customise your experience of it. For further details, please refer to our Cookies Policy.
7 Third-party links
The site may contain links to other sites not owned or controlled by us. We are not responsible for the content of any such site, the site operator’s privacy or cookies policies or how the site operator treats information (personal or otherwise) obtained from users of the site. We advise you to check that site’s privacy and cookies policies to satisfy yourself as to how the site operator will treat any such information.
8 Data security
We take reasonable precautions to protect against the loss, misuse or alteration of your personal information and to ensure that it will be processed in accordance with this policy.
Unfortunately, the transmission of information via online or mobile networks is not completely secure. You acknowledge and accept that others may intercept personal information you provide to us, and that any such transmission is at your own risk. Once we have received your information, we use set procedures and security features to try to prevent unauthorised access.
9 Data retention
We strive to keep our processing activities in relation to your personal data as limited as possible.
Personal, non-technical data provided by you when using our services and activity data received from our partners will be retained only for as long as we and/or our relevant partner(s) need it to fulfil the purpose for which such data were collected, or for as long as required by statutory retention requirements.
Technical data will be retained only as long as it is necessary to provide access to the site or to fulfil other purpose(s) of processing described in this policy. Your IP address will be retained as long as required to enable us to engage in effective defence against attacks on our site, such as distributed denial of service (DDoS) attacks. We and/or our partners may retain technical data as long as certain marketing purposes require. We and/or our partners may also retain your technical data longer than might otherwise be required where storage of data is required by statutory retention obligations, as may be the case regarding information that is relevant for obligations under tax and commercial law.
10 Your legal rights
10.1 For European residents
In certain circumstances, you have the following legal rights in relation to your personal information (to the extent consisting of “personal data” in the UK, the EEA and any other European countries with equivalent data protection laws). We may ask you for additional information, so that we take reasonable steps to check that – for example – we only provide personal data to the person to whom the data relate.
- Right of access to your personal data (also known as a "data subject access request"). This enables you to receive a copy of the personal data that we hold about you and to check that we are lawfully processing such data.
- Right of rectification of the personal data that we hold about you. This enables you to have any incomplete or inaccurate data we hold about you corrected, although we may need to verify the accuracy of the new data that you provide to us.
- Right to erasure of your personal data. This enables you to ask us to delete or remove personal data in certain circumstances. Please note, however, that we may retain your data in certain circumstances in accordance with law, which will be notified to you, if applicable, at the time of your request.
- Right to restriction of processing of your personal data. This enables you to ask us to suspend the processing of your personal data in the following scenarios: (a) if you would like us to establish the accuracy of such data; (b) where our use of the data is unlawful, but you do not want us to erase the data; (c) where you need us to hold the data even if we no longer require the data as you need the data to establish, exercise or defend legal claims; or (d) you have objected to our use of your data, but we need to verify whether we have overriding legitimate grounds to use the data.
- Right to portability of your personal data to you or to a third party. If you so request, we shall provide you, or a third party that you have chosen, with a copy of your personal data in a structured, commonly used, machine-readable format. Please note that this right only applies to automated information that you initially provided consent for us to use or where we used the information to perform our contract with you.
- Right to object to processing of your personal data where we are relying on a legitimate interest (or those of a third party) and there is something about your particular situation that makes you want to object to processing on this ground, in which case we will consider whether we have compelling reasons to continue to process your data.
- Right to object to direct marketing. You also have the right to object where we are processing your personal data for purposes of direct marketing. Please see the details above on how to exercise the right.
- Right to withdraw consent at any time where we are relying on consent to process your personal data. If you withdraw your consent, we may not be able to provide certain products, services or content to you. The withdrawal of consent does not affect the legality of the processing carried out based on the consent until the withdrawal.
- Right to complain. If you would like to complain, please contact us using the details set out in section 13 below. This does not override your right to complain to the relevant supervisory authority at any time.
10.2 For California residents
Under California law, residents of California are entitled, among other things, to access, delete, and opt out of the sale of certain personal information.
Accordingly, this section addresses the obligations and rights under the California Consumer Privacy Act (the “CCPA”). Those apply to businesses operating in California and to California residents, and they concern information that identifies, relates to, describes, is reasonably capable of being associated with or could reasonably be linked (directly or indirectly) with California consumers or households.
For purposes of this section of the policy, except where a different definition is noted, “Personal Information” means information that identifies, relates to, describes, references, is reasonably capable of being associated with, or could reasonably be linked, directly or indirectly, with a particular consumer, household, or device.
Personal Information for purposes of this section of the policy does not include:
- Your name, photo and/or other information about you included in news or editorial content.
- Publicly available information from government records.
- De-identified or aggregated consumer information.
- Other information excluded from the CCPA's scope, such as:
- health or medical information covered by the Health Insurance Portability and Accountability Act of 1996 (HIPAA) and the California Confidentiality of Medical Information Act (CMIA) or clinical trial data;
- personal information covered by certain sector-specific privacy laws, including the Fair Credit Reporting Act (FCRA), the Gramm-Leach-Bliley Act (GLBA) or California Financial Information Privacy Act (FIPA), and the Driver's Privacy Protection Act of 1994.
Our California privacy practices are as follows:
- Sources of collection – The sources from which we may obtain Personal Information may include: (a) direct from you, including technical and usage information when using the site; (b) indirectly from you, including observing your actions on our services; (c) linked sites, such as social media and third-party platforms; (d) our group companies, joint venturers and strategic and promotional partners; (e) information providers; (f) distributors and other sellers; (g) marketing mailing lists; (h) other users submitting Personal Information about you, e.g. to invite you to take part in an offering, to make a recommendation or to share content; (i) publicly available sources; and/or (j) any other source described in section 1 above. You agree that you will provide to us only your own Personal Information, or the Personal Information of those whom you have the legal right to provide (such as in your capacity as a legal guardian). You agree to provide us with accurate Personal Information.
- Personal Information collected – The following is a list of categories of Personal Information which may have been collected from consumers or users of our services within the last twelve (12) months. The categories and examples provided in the chart below are those defined in the CCPA. This does not mean that all examples of that category of Personal Information were in fact collected but reflects our good faith belief to the best of our knowledge that some of that information may have been collected about consumers. We will update this disclosure from time to time as appropriate. Any of the below information may be combined with other Personal Information we may have or obtain about you from your use of our services or from third parties.
- Category / Examples
- A. Identifiers. A name, alias, postal address, unique personal identifier, online identifier, Internet Protocol address, email address, account username, screen name, password, Social Security number, driver’s license number, passport number, or other similar identifiers.
- B. Personal information categories listed in the California Customer Records statute (Cal. Civ. Code § 1798.80(e)). A name, signature, Social Security number, physical characteristics or description, address, telephone number, passport number, driver’s license or state identification card number, insurance policy number, education, employment, employment history, bank account number, credit card number, debit card number, or any other financial information, medical information, or health insurance information. Some personal information included in this category may overlap with other categories.
- C. Protected classification characteristics under California or federal law. Age (40 years or older), race, color, ancestry, national origin, citizenship, religion or creed, marital status, medical condition, physical or mental disability, sex (including gender, gender identity, gender expression, pregnancy or childbirth and related medical conditions), sexual orientation, veteran or military status.
- D. Commercial information. Records of personal property, products or services purchased, obtained, or considered, or other purchasing or consuming histories or tendencies.
- F. Internet or other similar network activity. Browsing history, search history, information on a consumer’s interaction with a website, application, or advertisement, including user generated content.
- G. Geolocation data. Physical location or movements.
- H. Sensory data. Audio, electronic, visual, thermal, olfactory, or similar information.
- I. Professional or employment-related information. Current or past job history or performance evaluations.
- J. Non-public education information (per the Family Educational Rights and Privacy Act (20 U.S.C. Section 1232g, 34 C.F.R. Part 99)). Education records directly related to a student maintained by an educational institution or party acting on its behalf, such as grades, transcripts, class lists, student schedules, student identification codes, student financial information, or student disciplinary records.
- K. Inferences drawn from other personal information. Profile reflecting a person’s preferences, characteristics, psychological trends, predispositions, behavior, attitudes, intelligence, abilities, and aptitudes.
- Purposes of collecting Personal Information – The purposes for which Personal Information may be collected by or for us may include: performing services in connection with our operations, e.g. customer service, processing or fulfilling orders or requests, processing payments or providing content recommendations; auditing customer transactions; prevention of fraud or crime; fixing system errors; marketing or advertising; internal research, analytics or development; developing, maintaining, supporting or upgrading networks, products, services, content or devices; and/or any other purpose described in section 2 above.
- Use and Disclosure (“Sale”) of Personal Information – The CCPA broadly defines the term “sale” to mean:
- “Selling, renting, releasing, disclosing, disseminating, making available, transferring, or otherwise communicating orally, in writing, or by electronic or other means, a consumer’s personal information by the business to a third party for valuable consideration; or (B) sharing orally, in writing, or by electronic or other means, a consumer’s personal information with a third party, whether for valuable consideration or for no consideration, for the third party’s commercial purposes.”
- Within this meaning, we may have disclosed (as that term is defined by the CCPA) Personal Information in the categories below from consumers and users of our services within the last twelve months where such disclosure may fall within the CCPA’s definition of a “sale.” When we disclose that we may have sold Personal Information, it means that we may have received some kind of benefit to our company in return for sharing Personal Information, it does not necessarily mean we received any money in exchange.
- The categories below are those defined in the CCPA. This does not mean that all examples of that category of Personal Information were in fact “sold” but reflects our good faith belief to the best of our knowledge that some of that information may have been shared for value in return. We will update this disclosure from time to time as appropriate. In response to a verified consumer request for categories of Personal Information “sold,” we will investigate and provide an individualized response to the consumer, and will not merely refer the consumer to our general practices outlined in this policy unless our response would be the same for all consumers and this policy discloses all the information that is otherwise required for the response to such a consumer request. Categories include:
- 1. Identifiers.
- 2. Personal information categories listed in the California Customer Records statute.
- 3. Protected classification characteristics under California or federal law.
- 4. Commercial information.
- 5. Internet or other similar network activity.
- 6. Geolocation data.
- 7. Sensory data.
- 8. Professional or employment-related information.
- 9. Non-public education information.
- 10. Inferences drawn from other personal information.
- The Personal information collected may be shared by or for us: for “business purposes” or “commercial purposes” (as defined under the CCPA), operational purposes with our partners; and/or for any other purpose described in section 4 above. If we decide to collect additional categories of Personal Information or use the Personal Information we collected for materially different, unrelated, or incompatible purposes we will update this policy.
- Disclosing Personal Information to Other Parties – We may disclose your Personal Information to the following categories of other parties for a business purpose or commercial purpose, as those terms are defined in the CCPA:
- our affiliates
- service providers: such as data processors, hosting companies, customer service providers, contractors, agents or sponsors who help us manage or provide our products and services by, for example: developing or supporting products and features; sending email messages on our behalf; processing payments; fulfilling orders; delivering subscriptions; auditing; processing data or statistics; and serving, customizing or delivering marketing. These third party service providers are required to protect Personal Information entrusted to them and not use it for any other purpose than the specific service they are providing on our behalf.
- advertisers, advertising technology companies, analytics companies and other third parties with whom we have business relationships
- government regulators
- our legal advisors and parties involved in a legal process
- to an entity involved in the sale of our business
- third parties to whom you or your agents authorize us to disclose your Personal Information in connection with products or services we provide to you
- Right to request disclosure of Personal Information – If you are a resident of California, you may: (a) request information on our practices relating to the disclosure of your Personal Information by certain members of the BMG group of companies to certain third parties for their direct marketing purposes; and/or (b) request certain information about our practices relating to Personal Information over the 12-month period preceding your request, including (i) the categories and specific pieces of such information that we have collected, (ii) the categories of sources of such information, (iii) the business or commercial purposes for our collection, sale or sharing of such information, (iv) the categories of third parties to whom we disclose such information and (v) categories of such information that we share with suppliers of services to us.
- Right to request deletion of Personal Information – At your request, we shall delete Personal Information we have collected about you, unless we need that information so that we can: (a) provide you with a product, service or content requested by you; (b) perform a contract between you and us; (c) maintain the functionality or security of our systems; (d) comply with or exercise rights provided by law; (e) conducting research in the public interest; (f) exercising free speech or ensuring another’s exercise of free speech; or (g) use the information internally in ways that are compatible with the context in which you provided the information to us, or that are reasonably aligned with your expectations based on your relationship with us. After we receive and confirm your verifiable consumer request, we will delete your Personal Information from our records in the time and manner required by the CCPA, subject to any limitations or exceptions under law.
- How to request disclosure or deletion of Personal Information – The CCPA requires businesses to provide a web page where consumers can opt out of the “sale” of their Personal Information. Please send us a verifiable consumer request to us through the web form link HERE. We may from time to time facilitate alternative methods of submitting such requests, in which case we shall confirm such methods on request and/or update this policy accordingly. When submitting your request, you must affirm that you are a California resident or an authorized representative for a California resident. You may only make a verifiable consumer request for access or data portability twice within a 12-month period. We cannot respond to your request or provide you with Personal Information if we cannot verify your identity or authority to make the request and confirm the Personal Information relates to you. If we are unable to verify your identity, we reserve the right to deny the request. If you choose to use an authorized agent to submit a request to know or a request to delete your information, we may require that you: (1) provide the authorized agent written permission to do so; and (2) verify your own identity directly with us. We will not require these steps if we have received proof that you have provided the authorized agent with a power of attorney pursuant to California Probate Code Sections 4000 to 4465. We may deny a request from an agent that does not submit proof that they have been authorized by you to act on your behalf. We may also deny a request from an agent that does not meet the requirements for authorized agents under the CCPA. Once we have verified your identity (and your authorized agent, as applicable), we will respond to your request as appropriate. To the extent permitted by applicable law, we may charge a reasonable fee to comply with your request. If we are unable to complete your request in whole or in part, we will let you know why.
- California “Shine the Light” – California “Shine the Light” - If you are a California resident, California Civil Code Section 1798.83 provides you the right to receive (a) information identifying any third party(ies) to whom we may have disclosed, within the preceding calendar year, your Personal Information for that third party’s direct marketing purposes; and (b) a description of the categories of Personal Information disclosed. To obtain such information free of charge, complete the verifiable consumer request set forth above. Requests that come to us by other means may result in a delayed response.
- Response Timing and Format – We use good faith efforts to respond to a verifiable consumer request within forty-five (45) days after its receipt. If we need more time (up to 90 days), we will inform you of the reason and the needed extension period in writing. Any disclosures we provide will only cover the 12-month period preceding the verifiable consumer request’s receipt. If we cannot comply with any portion of a request, the response we provide will also explain why, if applicable. For data portability requests, we will select a commercially reasonable format to provide your Personal Information that is commonly useable and should allow you to transmit the information from one entity to another entity without hindrance, but we do not guarantee that all formats are useable in all media. We do not charge a fee to process or respond to your verifiable consumer request unless it is excessive, repetitive, or manifestly unfounded. If we determine that the request warrants a fee, we will tell you why we made that decision and provide you with a cost estimate before completing your request.
- CCPA metrics – CCPA regulations require certain businesses to disclose metrics for the previous calendar year for California residents’ requests, reporting on the number of access, deletion, and “do not sell” requests made, the number fulfilled (in whole or part) and the number denied. If that applies to us in due course, we shall provide a CCPA metrics reporting page on or via the site.
- Do not track – Currently, we do not take any action to respond to “do not track” signals or similar signals, since a uniform technological standard has not yet been developed. We keep new technologies under review, and we might adopt a standard in due course.
- Under-16s – CCPA has specific rules on the use of Personal Information from consumers under 16 years old. Accordingly, if we knowingly collect Personal Information of an under-16 consumer, we will not sell the information without affirmative permission to do so. If the consumer is between 13 and 16 years old, the consumer may provide such permission. If the consumer is under 13, the consumer’s parent or guardian must provide the permission. If you would like further information on how we handle Personal Information from under-16 consumers or if you have reason to believe that a child under the age of 13 (or 16) has provided Personal Information that we have unknowingly collected, please contact us using the details set out in section 13 below. A parent may review and have deleted their child’s Personal Information, and may refuse to permit further collection or use of their child’s information by contacting us. Parents may consent to our collection and use of their child’s Personal Information without consenting to the disclosure of that information to others. For more information on how to protect your children online: visit www.OnGuardOnline.gov for social networking safety tips for parents and youth.
- Our support for exercising your CCPA rights – We are committed to providing you with appropriate control over your Personal Information. If you exercise any of the rights described in this section 10.2, we will not disadvantage you. In particular, you will not be denied access to our products, services or content, nor will you be charged differently for those or provided with a different level or quality, or threatened with any of the above.
- Indemnification – You agree to indemnify and hold harmless us, our affiliates, and each of our and their respective directors, officers, managers, employees, shareholders, agents, representatives and licensors, from and against any and all losses, expenses, damages and costs, including reasonable attorneys' fees, that arise out of your provision of any inaccurate or unauthorized Personal Information to us. We reserve the right to take over the exclusive defence of any claim for which we are entitled to indemnification under this section. In such event, you agree to provide us with such cooperation as is reasonably requested by us.
- Transfers – Your Personal Information may be stored, transferred to, and processed in any country where we have facilities or in which we engage service providers. These countries may be outside the United States, and may have different data protection laws than in the United States.
10.3 For other residents
Under laws of certain other jurisdictions from time to time residents may be entitled to similar rights relating to the access to, deletion of and/or other forms of control over processing of personal data. Nothing in this policy affects those legal rights, and we shall endeavour to give effect to any relevant rights at your request.
11 Children
This site is not directed toward children (as defined by local law) nor do we knowingly or intentionally collect information from children (as defined by local law) without parental consent except where in compliance with applicable laws. If you believe that we have unknowingly collecting information from a child (as defined by local law) then please contact us using the details set out in section 13 below and this information will be removed
12 Changes to this policy
Any changes we make to this policy will be posted on the site and, where we consider it appropriate, notified to you by email. Please check back frequently to see any changes to our privacy policy.
13 Contact us
Any questions, comments or requests about this policy are welcome and should be addressed to our data protection team or directly to our data protection officer.
The contact details for both are:
- Email: data-protection@bmg.com
- Address: BMG Rights Management GmbH, Data Protection Department, Charlottenstraße 59, 10117 Berlin, Germany
Last modified: 30 September 2022