Protecting our users’ personal data is an important concern for BMG Rights Management (UK) Limited (“BMG”, “we”, “us” or “our”).
We explain below how and why BMG and our third-party service providers process personal data in connection with your use of the Site.
(a) your type of browser and type of operating system;
(b) the internet protocol (IP) address allocated to your internet access when you were visiting the Site;
(d) the URL of the internet page from which you arrived at the Site;
(e) the date and time when you accessed, clicked through and left the Site;
(f) the amount of data transmitted; and/or
(g) the searches you made and the pages you accessed on the Site;
(b) to provide assessment and analysis (e.g. customer, promotional and market analysis) to enable us to review, develop and improve the services and products that we offer;
(d) to respond to your enquiries and to fulfil your requests (e.g. to send you newsletters or to provide you with information about our products, content and services);
(e) if you have consented to our doing so, to provide you, or to permit selected third parties to provide you, with information about products that we believe may interest you;
(f) to notify you about changes to Site terms, conditions and policies;
(g) to allow you to take part in contests and similar promotions and to administer those activities (which may contain additional requirements and information about how we or our third-party service providers may use your personal information).
to improve your website experience and to optimize our services and products and to use our Site for marketing purposes. It is in our mutual legitimate interest to respond to your enquiries and requests. If you subscribed to our newsletter, any processing related to sending you newsletters or provide you with information about our products is based on the consent (Art. 6 sec. 1 lit. a GDPR) you gave separately when subscribing to the newsletter. You can withdraw your consent at any time by clicking on the link provided in each of our newsletters. Such withdrawal will only be effective for future processing of data.
When you subscribe to our newsletter, we use the so-called double opt-in procedure, i.e. we will only send you newsletters by e-mail if you confirm in our notification e-mail by clicking on a link that you are the owner of the e-mail address provided. If you confirm your e-mail address, we will store your e-mail address, the time of registration and the IP address used for registration until you unsubscribe from the newsletter. The sole purpose of the storage is to send you the newsletters and to be able to prove your registration. You can unsubscribe from the newsletter at any time. A corresponding unsubscribe link can be found in every newsletter. A message to the contact data given below or in the newsletter (e.g. by e-mail or letter) is of course also sufficient. The legal basis of the processing is your consent pursuant to Art. 6 sec. 1 lit. f GDPR.
In our newsletters we use commercially established technologies, enabling us to measure interactions with the newsletters (e.g. opening of the e-mail, clicked links). We use this data in pseudonymous form for general statistical evaluations as well as for the optimisation and further development of our content and customer communication. This data is collected using small graphics embedded in the newsletter (so-called pixels), which can also collect Technical Data regarding the device you use. The data is collected exclusively pseudonymised and is not linked to your other personal data. The legal basis for this is our aforementioned legitimate interest, Art. 6 sec. 1 lit. f GDPR [The legal basis of the processing is your consent pursuant to Art. 6 sec. 1 lit. a GDPR]. Through our newsletter we want to share content that is as relevant as possible for our customers and better understand what readers are actually interested in. If you do not wish the analysis of usage behaviour, you can unsubscribe from our newsletter or deactivate graphics in your e-mail program by default. The data on the interaction with our newsletters is stored pseudonymously for 30 days and subsequently made completely anonymous.
We may share your personal information as far as it is required for the above mentioned purposes from time to time with:
(b) any of the following third parties:
(c) As far as transfer to above mentioned recipients is required for any of the purposes mentioned in Section B, the transfer of data is based on our legitimate interests as specified in Section B or on your consent. This includes our interest to host the Website for informational and marketing purposes and to improve our services and products.
(d) We disclose your personal data to any person where necessary: (i) under any applicable laws or regulations of any jurisdiction of the EU or any member state for any purposes required by such person under those laws or regulations, Art. 6 sec. 1 lit. c GDPR; (ii) to enforce or apply our Site’s terms and conditions or other contracts, Art. 6 sec. 1 lit. f GDPR; and/or (iii) to protect our, our users’ or any other third parties’ rights, property or safety, Art. 6 sec. 1 lit d and f GDPR.
(e) We anonymize your personal data, as it is in our legitimate interest to use aggregated, non-personal information to analyse our target audience and web traffic. We may publish, or share with affiliates and/or business partners, aggregated non-personal data, which will not identify you individually.
The information we collect from you may be transferred to, processed and stored at a destination outside the European Economic Area (“EEC”), e.g. when we transfer data to third parties or members of BMG’s group of companies. Whenever sending the data outside the EEA we will only send data (a) to countries that have been deemed to provide an adequate level of protection for personal data by the European Commission or (b) to recipients that are bound by Standard Contractual Clauses drafted by the EU Commission for the protection of personal data. Please contact us if you want further information on the specific mechanism used by us when transferring your personal data out of the EEA.
Unfortunately, the transmission of information via online or mobile networks is not completely secure. You acknowledge and accept that others may intercept personal information you provide to us, and that any such transmission is at your own risk. Once we have received your information, we use set procedures and security features to try to prevent unauthorised access.
We strive to keep our processing activities with respect to your personal data as limited as possible. Personal data provided by you upon using our services (Service Data as described in Section A.1.) will be retained only for as long as we need it to fulfil the purpose for which we have collected it or as long as required by statutory retention requirements. Technical Data (as described in Section A.2.) will be retained only as long as it is necessary to provide access to our site. The IP-Address will be retained for 7 days to enable us to engage in effective defense against attacks on our site, i.e. DDOS attacks. However, we may retain Technical Data as long as certain marketing purposes require. In no event will we retain your Technical Data longer than 35 days, unless storage of data is required by statutory retention obligations, as may be the case regarding data that is relevant for obligations under tax and commercial law.
Right of access (Art. 15 GDPR);
You have the right to information regarding the data we process concerning you. Upon request we will provide you a copy of the data together with additional information to the extent defined in Art. 15 GDPR.
Right to rectification (Art. 16 GDPR);
You have the right to rectification of your data, wherever such data is incorrect or incomplete.
Right to erasure (Art. 17 GDPR);
You have a right to erasure regarding data that is no longer required for the original purposes or that is processed unlawfully, as described in Art. 17 GDPR. Wherever certain data is subject to retention periods, instead of deleting the data we will restrict processing to the duration and intended purposes of such period.
Right to restriction of processing (Art. 18 GDPR);
Upon your request, we will restrict processing of personal data according to Art. 18, wherever there are uncertainties regarding our right to process such data or while a decision regarding your objection to such processing is pending. In such cases we will only retain data, restrict any processing to the minimal extent necessary and withdraw access to your data from our employees.
Right to data portability (Art. 20 GDPR);
Upon your request we will transfer any personal data you have provided to us during the use of our services on the basis of consent or any contractual or pre-contractual relationship to you or any third party, provided secure communication with third party is technically feasible. We will provide the data in a structured and machine-readable format.
Right to object to processing based on Art. 6 Abs. 1 lit. f GDPR (Art. 21 GDPR);
Upon your objection we will cease any processing of your personal data based on Art. 6 sec. 1 lit. f. GDPR. Wherever we have compelling legitimate grounds to process your data, we are allowed to further process such data, provided our interest in doing so prevails in a weighting against your interest against the processing activity. Therefore, to allow us to evaluate your request, please let us know the reason for your objection.
Wherever you gave consent to a data processing, in accordance with Article 7 (2) GDPR, you have the right to withdraw your consent to us at any time. As a result, we will not continue processing data based on this consent in the future. The withdrawal of consent does not affect the legality of the processing carried out based on the consent until the withdrawal.
Furthermore you have the right to lodge a complaint with a data privacy supervisory authorities.
Some of the content and functionality on our Site is provided by third parties that are not affiliated with us. For example, some of our services contain widgets and social media features, such as the Twitter “tweet” button. These widgets and features may collect your IP address and may set a cookie to enable the feature to function properly. Widgets and social media features are either hosted by a third-party or hosted directly on our Site. You should always check the privacy settings and notices in these third-party services to understand how those third-parties may use your information.
The Tweets displayed in the Twitter feed include the ability to Like, Reply and/or Share the Tweet directly on our Site. If you interact with these functions then you will make a connection to Twitter.com, who may collect your IP address, your web browser user agent, store and retrieve cookies on your browser, embed additional tracking, and monitor your interaction with the widget, including correlating your Twitter account with whatever action you take within the widget.
We use a Google Maps widget to display the location of Tweets that use a particular hashtag. This is a maps visualization service provided by Google that enables this Site to incorporate content of this kind on its page.
For more information about how this data may be used, please see the relevant Google privacy policies: https://policies.google.com/privacy?hl=en-US
We have integrated features of the Spotify music platform into our websites. The plug-in makes it possible to establish a direct connection between your browser and Spotify’s server when you visit our Site. As a result, Spotify receives the information that you visited our site with your IP address. If you click the Spotify button while you are logged into your Spotify account, you have the option to link content from our page with your Spotify profile. If you’re logged in to your Spotify account or consequently log in to your Spotify account, this will link your browsing behaviour with your personal profile. You can prevent this by logging out of your Spotify account.
You will be able to log in to your Spotify account using sign-in services. These services will provide you the option to share certain personal information with us, such as your name and e-mail address, together with other information from your public profile with your consent.
The contact details for both are:
BMG Rights Management GmbH
Data Protection Department
Last modified: 02.09.22
Log in with your Spotify account to browse artists and create your own mix tape playlist.
You can personalise your tape and case before sending it to your freinds.