Privacy Policy
Who are we and what do we do?
We are B.V. Hardstyle.com, trading under the name Hardstyle.com. You can find our contact details at the bottom of this "Privacy Policy". Hardstyle.com is a webshop for both artists and fans to find a wide range of digital downloads and physical merchandise ("Services"). You can find more information about our Services on our website: www.hardstyle.com ("Website"). This Privacy Policy applies to all use of our Services and Website.
Privacy and the Relevant Legislation
Privacy is of great importance to us. We comply with the European Data Protection Directive 95/46/EG and the Dutch Data Protection Regulation (Wet bescherming persoonsgegevens), which is an implementation of this directive1. We also anticipate to the new General Data Protection Regulation("GDPR")2, which will replace the different national privacy laws of EU member states as from 25 May 2018. All aforementioned legislation will hereafter be referred to as "the Relevant Legislation".
What is this?
This is a "Privacy Policy". In this document, we explain what kind of Personal Data we collect in relation to our Website and Services. We also explain how we store, protect and use your Personal Data and for which purposes.
Personal Data
In this Privacy Policy, "Personal Data" refers to information or pieces of information that could allow you to be directly or indirectly identified. This definition is in accordance with the Relevant Legislation.
Are you under the age of sixteen?
If you are younger than sixteen years, you cannot use our Website or Services without permission of your parents or legal guardian.
Collaboration Scantraxx
We collaborate with the organisation Scantraxx B.V. ("Scantraxx"). This is a music label: an operator of music and distribution rights in the 'Hardstyle' genre. Scantraxx was founded in 2002 and has since been the market leader in its genre. You can find more information about Scantraxx on their website: www.scantraxx.com. For example, the merchandise offered by Scantraxx is sold through our Website.
Which Personal Data do we process and how do we use it?
We may collect and process the following (Personal) Data from you as a user, when you make an account and further use our Website:
| (Personal) Data | Purpose(s) |
|---|---|
| First-, middle- and last name | We use this information to approach you and address your order(s) correctly. |
| Date of birth and age | We use this information to check whether you can use our Website without parental permission. |
| Gender | We use this information to specify our emails and advertisements where relevant, for example regarding merchandise. |
| Language | We use this information to display our websites, emails and advertisements in the correct language. |
| Time zone | We use this information to display content to our users on websites, social media, advertisements or via emails at the right time. |
| Address, zip code, city, region and country | We use this information to correctly ship and address your order(s). |
| E-mail address and phone number | We use this information to contact you about your order on the Website (only if needed) and to send you our newsletters (only if you gave us permission to do so). |
| Payment details (e.g. credit card information, bank account information or PayPal information) | We use this information to effect payments on the Website. |
| Social media accounts (Facebook, Twitter, Instagram, YouTube and Snapchat) | We save the links to your social media accounts, if you share them with us. We use the information from these accounts to reach fans with the right messages and content on the right platform |
| Other online accounts (Soundcloud and Spotify) | We save the links to these online accounts of you, if you share them with us. We use the information from these accounts to get an idea about the kind of music you find interesting, in order to be able to send you more relevant emails and advertisements with new music and merchandise. |
| Artist interaction (music, merchandise and social media interaction) | We track your interactions with each artist on the Website, e.g. how much you listen to their music, buy their merchandise and like social media posts regarding the artist. We use this information to offer you relevant content. |
| Contest information (participation and winner status) | We log your participation to contests and whether you won the contest. We use this information to be able to select a winner in future competitions more fairly, taking into account the overlap in contestors with previous actions. |
| Opt-in log for legal documents (general conditions, privacy policy, and cookie statement) | We log your choices with the opt-ins for our legal documents. We use this information to document and your approval of these documents. |
| Opt-in log for newsletters (music and merchandise) | We log your choices with the opt-ins for our newsletters. We use this information to document your approval and to ensure we may send you the newsletters. |
| (Personal) Data Scantraxx shares with us in our joint database | We use this information to optimise our Website and Services. |
Please note that all (Personal) Data we collect will be stored in a database we share with our partner Scantraxx. This means we will also process Personal Data collected by Scantraxx and vice versa.
Why may we process Personal Data?
We may process your Personal Data, because we ask your permission to do so. We ask this by showing you this Privacy Policy and asking you to check the opt-in where we ask for your consent.
For what period will we retain Personal Data?
The Personal Data we process will be deleted if they are no longer necessary for the fulfilment of the purposes mentioned above or are inaccurate. We will keep the Personal Data for a maximum of 5 years after the data have been last modified, unless we are legally obliged to keep the data for a longer period. For example, the tax authorities obliges us to retain certain Personal Data for a period of 7 years.
Who do we share your Personal Data with?
All Personal Data we collect will be stored in a database we share with our partner Scantraxx. This means Scantraxx also has access to the Personal Data we collect and process in this database. To the processing of the Personal Data by Scantraxx, the same conditions apply as mentioned in this Privacy Policy, as you can read in the privacy policy of Scantraxx.
Furthermore, we use "Data Processors" to assist us in processing the Personal Data. For example, we use the services of Data Processors for the storage of the data and the hosting of the Website. In addition to such storage and hosting providers, we use certain tools to provide our Services to our clients and users.
The Data Processors we may use for the processing of the Personal Data are – for example:
| Data Processor | Purpose | Location | Explanation |
|---|---|---|---|
| Adyen | Payment provider | EU (Netherlands) | Is based in the European Union, so is bound by the GDPR. |
| Caveo | Hosting provider | EU (Netherlands) | Is based in the European Union, so is bound by the GDPR. |
| Dropbox | Data storage | US | Is on the Privacy Shield List. |
| Facebook Inc. | US | Is on the Privacy Shield List. | |
| Google Analytics & AdWords | US | Is on the Privacy Shield List. | |
| iDeal | Payment provider | EU (Netherlands) | Is based in the European Union, so is bound by the GDPR. |
| Mailchimp | Marketing tool | US | Is on the Privacy Shield List. |
| Mollie | Payment provider | EU (Netherlands) | Is based in the European Union, so is bound by the GDPR. |
| MyParcel | Package sending service | EU (Netherlands) | Is based in the European Union, so is bound by the GDPR. |
| PayPal | Payment provider | EU | Is based in the European Union, so is bound by the GDPR. |
| PrestaShop | Webshop software | EU (France) | Is based in the European Union, so is bound by the GDPR. |
| Salesforce | Customer Relationship Management (CRM) tool | US | Is on the Privacy Shield List, is bound by internal company regulations (approved by the European Commission) and uses standard contracts drafted by the European Commission. |
| Synology Inc. | Data server (NAS) | Taiwan, local data storage on our NAS server in the EU (Netherlands) | The European Commission had not issued an adequacy decision for this organisation, but we believe Synology provides an adequate level of protection for the Personal Data - especially since we use a private NAS server. You can read more about Synology's privacy policy here. |
These Data Processors must strictly follow our instructions. Therefore, they will not use personal data for their own purposes. We make sure all of our Data Processors comply with the relevant privacy legislation.
Besides the above, we will not share your Personal Data with anyone - unless we are legally obliged to do so.
Export of Data outside the European Union
We may transfer the Personal Data outside the EU, if one of our Data Processors is located outside the EU. In case we transfer Data outside the EU, the Data will only be transferred to countries that provide an adequate level of protection that meets the EU-standards. For example, we will verify if that organization is a Privacy Shield Participant or is listed as third country whose level of protection is approved by the European Commission3. The transfer of Data outside the EU will always comply with the Relevant Legislation (such as article 76 section 1 of the DDPA and - from 25 May 2018 - chapter 5 of the GDPR).
Generic aggregated (non-personal) data
In order to make our Website and Services as optimally as possible, we may convert Personal Data into non-personal data by aggregating it with information collected from other data subjects. In such case the Data will be fully and irreversibly anonymized: they will not contain Personal Data.
How do we protect Personal Data?
We work hard to protect your Personal Data from unauthorized or unlawful access, alteration, disclosure, use or destruction. For example, we take the following measures to make sure the Personal Data is safe:
- We secure our network connection with Secure Socket Layer (SSL) technology;
- Two step verification is required to access the Personal Data;
- We restrict the access to the Personal Data to the purposes mentioned in this Privacy Policy;
- We limit the access to the Personal data to employees on a need to know basis.
Third party websites
You find advertising or other (hyper)links on our Website that link to the websites, products and services of partners, suppliers, advertisers, sponsors, licensors or other third parties. We do not control the content or the links that appear on these websites and we are not responsible for the practices employed by websites linked to or from our Website. In addition, these websites, products and services, including their content and links, may be constantly changing. These websites, products and services may have their own privacy policies, user terms and customer service policies.
Browsing and interaction on any other website, including websites that are linked to or from our Website, are subject to the terms and policies of that website.
Cookies
We may use the following types of cookies on our Website:
Functional cookies: Technical cookies are essential for the operation and functionality of our Website. Without these cookies, you cannot log in on your account and particular setting cannot be saved.
Analytical cookies: Analytical cookies are used to examine the quality and effectiveness of our Website. For example, we can see how many users are accessing our Website and which pages are visited. We use this information to improve our Website and services. We use Google Analytics to collect these cookies.
Tracking cookies: Tracking cookies monitor the clicking behaviour and surfing habits of our visitors. By means of these cookies we can see whether and when you view your profile, and whether you click through to our Website. We might use these cookies to show you advertisements based in your interests.
You can read more information about our use of cookies in our cookie statement: here.
If you don’t want cookies to be stored on your device, you can change the cookie settings in your web browser. If you do so, please note that some features of the Website may not function properly without cookies.
Modifications to this Privacy Policy
We may update our Privacy Policy from time to time. When we change this Privacy Policy in a significant way, we will notify you via e-mail and post a notification on our Website along with the updated Privacy Policy.
Acquisition
In the event that Hardstyle.com (or a substantial part of its assets) is sold to another entity, the Personal Data owned by Hardstyle.com will be sold to this entity as well. The new owner will we bound to process and protect the Personal Data in accordance with this Privacy Policy.
Your rights and who to contact
As specified in and under the conditions of the Relevant Legislation, you have the right to tell (us) if you:
- would like to view and/or a copy of the Personal Data which are being processed about you, where they are being processed, who is receiving them, how long they will be saved by us and for what purpose;
- would like us to correct, update, shield or delete your Personal Data or restrict the processing therefrom in our records;
- wish to report any misuse of your Personal Data;
- have an objection against any processing of your Personal Data by us;
- think we are processing your Personal Data unlawfully. In this respect, you can file a complaint with the Dutch Data Protection Authority;
If you have any questions, comments or concerns about how we handle Personal Data, please contact us at [email protected]. We strive to respond to messages and request within 2 days of receipt by us.
B.V. HARDSTYLE.COM,
trading under the name Hardstyle.com
Boteyken 337
3454 PD De Meern
The Netherlands
Chamber of Commerce ("Kamer van Koophandel") number: 34293276
VAT number: NL818972038B01
E-mail: [email protected]
1 http://wetten.overheid.nl/BWBR0011468/2017-07-01
2 http://eur-lex.europa.eu/legal-content/en/TXT/?uri=CELEX%3A32016R0679
3 The European Commission has made a list of third countries whose level of protection is approved by the European Commission. Data transfers to the U.S. are considered adequate when based on the EU-U.S. Privacy Shield. The EU-U.S. Privacy Shield is an agreement between the U.S. Department of Economic Affairs and the European Commission on the exchange of personal data between companies in the EU and the U.S. The Privacy Shield has been in force since 1 August 2016.The Privacy Shield List enables European companies to verify whether data can be transferred to an U.S.-based company under the framework.