In this Privacy Statement, we aim to inform you as comprehensible and complete as possible about the way in which we may collect and use your (personal) data.
Buma Music in Motion is organized by Stichting Buma Cultuur, a foundation with full legal capacity, having its registered office in (2132 HB) Hoofddorp at Saturnusstraat 46-62 and registered with the chamber of commerce under KvK number 41198524. You can reach us at the aforementioned address or by e-mail at firstname.lastname@example.org.
For the purpose of organizing annual events as Buma Music in Motion (BMIM), inJazz and New Music Conference, we may use (some of) the personal data of business conference visitors.
It is very important to us that data obtained from our visitors is used in a responsible manner. As such, we process and protect your personal data carefully and in compliance with the relevant provisions of the European General Data Protection Regulation (GDPR).
This Privacy Statement does not apply to websites of third parties, such as websites or apps to which we refers on our website(s) and in our mailings. We advise you in that case to consult the privacy policies of these third parties on these websites.
1. The data we use
We may collect and use the following data of visitors to the BMIM/inJazz/New Music Conference website, the event app and social media.
Data you have provided to us yourself when:
- Purchasing products, such as your name, age, gender, email address and invoice address, name of your organization, business field, job title, phone number, country of residence, log-in password, IP-address and payment details.
- Registering with us to make use of the event app, such as your name, gender, email address and invoice address, name of your organization, business field, job title, country of residence, log-in name, password, profiles picture IP-address and/or data about your social network profiles, including website(s) such as LinkedIn, Twitter, Facebook, Spotify, SoundCloud and Instagram.
We primarily use your Registration Data to our agreement with you as best as we can or for the purposes of our internal administration.
Data which we have access to through:
- Third Parties (companies that provide certain online services through the website such as Eventbrite) which you have provided them with your data in order to make use of their services delivered on our behalf, after registering with us through their website or app or when you make a payment for a purchase on the website.
Data we collect about your surfing behavior:
- On our website, such as your type of account, IP-address and the time of your visit.
- Technical information, such as your browser type and which functionalities you use which we only use anonymously or after having received your explicit permission. Part of Surf Data are cookies, which will be explained more specific below.
Furthermore, we may use anonymized and combined data for various purposes, such as testing of our IT systems, research, data analyses, development of marketing and promotional models and new and improved appliances and services.
2. How we use your data
Acquired through registration by us or third parties
- To offer, deliver and invoice services you purchase on our website (or third party), we will use your Registration Data and/or External Data. Upon registration with us (or third party), we will send you a confirmation email.
- As a delegate some of your Registration Data and/or External Data may become visible to other conference visitors the app. This is only possible for conference visitors and is part of our agreement with conference visitors to offer the full experience of a conference ticket: to know which other conference visitors will be attending in order to optimize their participation in the Conference by, for instance, networking and making new business contacts. Any other information besides your name, organization and job title, such as your e-mail address or telephone number, will only be made visible if you have given us permission to do so and as long as you have not withdrawn your permission.
- For the purpose of digital direct marketing, for example by maintaining contact by email, or for the purpose of improving services and products or offering similar products or services, for example by means of a newsletter.
- From time to time, we may use the Registration Data and/or External Data to contact you for the purpose of a qualitative research.
Acquired through subscriptions and forms
- You will receive our newsletters if you purchased a ticket and/or have subscribed to our newsletter, in which you will always have the possibility to unsubscribe.
- To keep you up to date on the latest news and/or updates and/or service announcements, we may use your Registration Data and/or External Data.
- For the purposes of the safety of you as the visitor to the event and the security of persons, buildings and grounds, we may, on the grounds of its legitimate interest, use camera surveillance to monitor the event location. If so, visible security cameras will be installed at the event location. You will be informed of the presence of cameras when entering the site of the event. In case of any emergency, the recordings made may be shared as supporting evidence with government agencies, including the police and the judicial authorities.
The legal grounds for the use of your data mentioned above is the necessity to perform our agreements with you and our legitimate interests to understand who makes use of our services and to improve our services and business. Furthermore, we may use your data for security purposes.
Your Registration Data and/or External Data will not be used for any purpose other than described above and in this Privacy Statement.
In general counts that if we like to use your data for other purposes, which use requires your explicit permission, we shall ask you to grant such permission, If you granted such permission you are always entitled to withdraw you permission in the way as set out below in section 6 of this Privacy Statement.
3. Sharing and transfer of data
We are authorized to share your data with third parties that we engages in the performance of its services, like our ticketing provider Eventbrite or another authorised (pre-)sales outlet which parties on our behalf provides the process of ticketing, including in connection with the above-mentioned purposes.
Notwithstanding the above, we only share your data with third parties after we explicitly informed you in that regard and after receipt of your explicit prior permission, except when it is necessary to perform our agreement with you or if we are required to do so by law.
To be able to provide our services, we use companies to process and store information including your data (‘third party processors’). In order for them to carry out their agreement, we may transfer your data to them and they may transfer it to us. In such cases we will always make sure that such parties are obliged to comply with our standards of processing and protection of your data and the relevant privacy regulation like the GPDR.
4. Cookies and Surf Data
We may collect automatically generated Surf Data, including your IP-address and cookies. Our servers also automatically record certain data, such as the URL, IP-address, browser type, language and the date and time of the visit to the website(s). We store these Surf Data and use them make statistical analyses of visits to and use of the website(s) and also to optimize the website(s). We always anonymize Surf Data as much as possible.
We also use Google Analytics and Google Analytics cookies to gain an insight into how the website(s) is (or are) used. This information (including IP-address) shall only be provided to Google when wanting to use the Google statistics program. We do not use other Google services when using Google Analytics. We have a Data Processing Agreement with Google and will make sure to partially anonymize the IP-address and switch off the option to share data.
Finally, cookies can be placed via the website(s) and then read by Facebook and Twitter. We do not have any influence on the use of these data by these parties and they are responsible for this type of cookie use and their privacy statements and conditions shall apply in this situation.
We shall not hold personal data any longer than necessary for carrying out our agreements with you as set out in the above. This means that upon unsubscribing from communications or user accounts, we will erase your data we have for those purposes. In case we hold and use your personal data based on your permission, we will immediately remove your data upon withdrawal of your permission.
Recorded camera images of security cameras taken at the event, if any, will be retained for a maximum period of four weeks, unless a criminal offence has taken place. In that case we have the right to keep the camera images until the incident has been dealt with.
6. Withdrawal of permission
In case we use your personal data based on your explicit prior permission, you can at all times withdraw your permission by sending an email to email@example.com with a request and description of which permission you wish to withdraw. In case you make such a request we will ask you to specify your request. Also, when we send you direct marketing messages for which we do not need your prior explicit permission, you are absolutely free to sign out from such messages.
7. Access, removal, corrections and complaints
You are required to ensure that the Registration Data you provide to us is always correct. However, you of course always have the general privacy rights of access to and correction of your personal data, the right to be forgotten and to restriction of processing, the right of data portability, which means the following:
- You are always free to contact us in writing via the email address firstname.lastname@example.org to request information about whether or not we use any of your personal data, where and for what purpose we do so. If so, we will provide you with an electronic copy of any of your personal data we may use, which you are free to transmit to another data controller.
- If you believe they are no longer relevant for the purposes for which they were collected, you also have the right to send us a request to erase your personal data and/or cease further dissemination of your personal data.
- Furthermore, you are free to provide us with any corrections to your personal data.
We ask you when sending us one of the requests above, to provide us with a copy of a valid identification document. We shall consider your requests by comparing your privacy rights to the public interest in the availability of the data.
- You also have the right to data portability, which means that you can request us to transfer your personal data so that you can transfer the relevant data to another data controller.
- Finally, you have the right to send us any motivated complaints about how we use your personal data and, if you so wish, file a complaint with the supervisory privacy authority.
We will treat all your personal data with the greatest possible care and that we shall not use the data for any purposes other than those that can be understood to be included in the purposes referred to above.
We have put all reasonable measures in place to ensure that personal data are protected against theft, misconduct and/or data breaches. Only our own employees have access to the data, provided they are responsible for the accounts and the website(s) and have signed a non-disclosure agreement and shall then solely be able to use the said data for the purposes referred to above.
In all agreements regarding third party processors we oblige those parties to install at least the same level of protection and measurements protecting your personal data.
9. Transfer to third countries
We may transfer data to a processor or third party based in a country outside of the EU or international organizations, but only if they provide appropriate measures to safeguard the protection of your data, and on condition that your rights and effective legal remedies are available. For example, we will adhere to standard contract provisions approved by the European Commission, the EU-US Privacy Shield, binding company rules and binding rules for data processors. In such cases we will upon your request provide you with a copy of which data are transferred and to which third countries and under which level of protection.
If you have not reached the age of 18 yet, your parents or legal representatives must be aware of this Privacy Statement before you are able to register and use the website(s) and/or the event app.
We reserve the right to modify this Privacy Statement and, as such, advise you to regularly check the most-up-to-date version of the Privacy Statement on the website(s) and/or event app to see if any changes have been made. If changes are of a fundamental nature, we shall clearly notify you of these changes, for example via email. The most recent changes to this Privacy Statement were made and published in February 2020.