Verity Music in the course of its business may collect personal information. Such activity is regulated by the General Data Protection Regulation (GDPR). The GDPR is a series of laws, approved by the EU Parliament in 2016 with an effective date of 2018-05-25. The regulations give people greater control over their information, including the ability to withdraw consent for its use and to request access to it. Verity Music is an entity identified as a Data Controller and this document explains how we intend to comply with the regulations.
Information we collect and how we collect it:
- If you contact us by email we will collect your contact information to expedite your enquiry.
- If you sign up for our newsletter we collect your email address.
- If you purchase items of our merchandise, we collect your name and contact details. We do not process or store any financial information.
- When you visit our Web Sites, we automatically log your IP address.
How we use the information we collect:
- For administrative and business purposes, for example to contact you, process orders, arrange appointments, and to improve our business and website.
- To inform you of changes to your preferences and subcriptions.
- We use IP addresses to help us administer our Web Sites. We do not link IP addresses to personally identifiable information.
- We may automatically collect non-personal information, such as the type of browsers you use or the site from which you linked to our Web Sites. You cannot be identified from this information and it is only used to assist us in providing an effective service on our Web Sites.
- To keep you informed of gigs and new products, unless you have opted out of such communications. The option to opt-out will be provided in any communication with us, or by contacting us at any time.
How long we retain information:
- We store information for no longer than is needed to fulfil our legitimate business needs and discharge any legal obligations we may have, for example to maintain tax records.
Transfer of Information:
- The majority of the data used by Verity Music is stored and processed in the EU. We may however use cloud storage servers which may physically be outside the EU. In these cases, data will be encrypted before storage and / or in the case of US servers, we use companies that have self-certified as compliant with EU data regulations.
- We disclose information to third parties only to the extent necessary to run our business, to our service providers, to fulfil any contracts we enter into with you, and where required by law or to enforce our legal rights.
- We will never sell information to third parties other than in the course of the sale or transfer of the business.
Sensitive personal information:
- We do not knowingly or intentionally collect or extrapolate ‘sensitive personal information’. Please do not submit sensitive personal information to us. For example if you mention your date or place of birth in a communication, we would not use or process this information and would do our best to delete it from our system.
Rights in relation to personal information:
- A person has the rights under the legislation to access their information and to receive information about its use. If you would like a copy of the information we have, please contact us at any time.
- You may request that we remove your information from our systems.
How we keep information secure:
- We use appropriate technical and organisational measures such as storing your information on secure servers, encrypting transfers of data to or from our servers using Secure Sockets Layer (SSL) technology and only granting access to your information where necessary.
- All our Employees and sub contractors are made aware of the importance of data security and the need, where possible to secure access to personal equipment and shared resources with strong passwords.
Further information: Please contact us with any queries or concerns you may have about any aspect of our data policy.