Data protection
Introduction
We take the privacy of users ("Users" or "You") of our website and/or mobile app (the "Website" or "Mobile App") very seriously and are committed to protecting the information that Users provide to us in connection with the use of our Website and/or Mobile App (collectively, "Digital Assets"). We are also committed to protecting and using your information in accordance with applicable law.
This Privacy Policy explains our practices regarding the collection, use and disclosure of your information through the use of our digital assets (the "Services") when you access the Services through your devices.
Please read the Privacy Policy carefully and make sure you fully understand our practices with respect to your information before using our Services. If you have read and fully understand this policy and do not agree with our practices, you must stop using our digital assets and services. By using our Services, you accept the terms of this Privacy Policy. Your continued use of the Services constitutes your acceptance of this Privacy Policy and any changes to it.
This Privacy Policy tells you:
How we collect data
What data we collect
Why we collect this data
Who we share the data with
Where the data is stored
How long the data is stored
How we protect the data
How we deal with minors
Updates or changes to the privacy policy
What data do we collect?
Category: Always
Below is an overview of the data we may collect:
Non-identified and non-identifiable information that you provide during the registration process or that is collected through the use of our services ("Non-Personal Data"). Non-personal data does not allow any conclusions to be drawn about who it was collected from. Non-personal data that we collect consists mainly of technical and summarised usage information.
Individually identifiable information, i.e. any information by which you can be identified or could reasonably be identified ("personal data"). The Personal Data we collect through our Services may include information that is requested from time to time, such as names, email addresses, addresses, phone numbers, IP addresses and more. If we combine personal data with non-personal data, we will treat it as personal data for as long as it is combined.
How do we collect data?
Category: Always
Below are the main methods we use to collect data:
We collect data when you use our services. So when you visit our digital assets and use services, we may collect, record and store usage, sessions and related information.
We collect data that you provide to us yourself, for example when you contact us directly via a communication channel (e.g. an email with a comment or feedback).
We may collect data from third party sources as described below.
We collect data that you provide to us when you log in to our services via a third-party provider such as Facebook or Google.
Why do we collect this data?
Category: Always
We may use your data for the following purposes
To provide and operate our Services;
to develop, customise and improve our Services;
to respond to your feedback, enquiries and requests and provide assistance
to analyse request and usage patterns;
for other internal, statistical and research purposes;
to improve our data security and fraud prevention capabilities
to investigate violations and enforce our terms and policies and to comply with applicable law, regulation or governmental request;
to provide you with updates, news, promotional materials and other to transmit information in connection with our services. In the case of advertising emails, you can decide for yourself whether you wish to continue receiving them. If not, simply click on the unsubscribe link in these emails.
Who do we share this data with?
Category: Always
We may share your data with our service providers in order to operate our services (e.g. storing data via third party hosting services, providing technical support, etc.).
We may also disclose your information in the following circumstances: (i) to investigate, detect, prevent or take action regarding illegal activities or other wrongdoing; (ii) to establish or exercise our rights of defence; (iii) to protect our rights, property or personal safety, or the safety of our users or the public; (iv) in the event of a change of control of us or any of our affiliates (by way of merger, acquisition or purchase of (substantially all) assets, etc.); (v) in the event of a change of control of us or any of our affiliates (by way of a merger, acquisition or purchase of (substantially all) assets, etc.); (vi) in the event of a change of control of us or any of our affiliates (by way of a merger, acquisition or purchase of (substantially all) assets, etc.); (vi) in the event of a change of control of us or any of our affiliates (by way of a merger, acquisition or purchase of etc.); (v) to collect, hold and/or manage your information using authorised third party service providers (e.g. cloud service providers) as appropriate for business purposes; (vi) to work with third parties to improve your user experience.
To avoid any misunderstandings, we would like to point out that we may transfer or pass on non-personal data to third parties or use it in any other way at our own discretion.
Category: User has a blog or forum
Please note that our services enable social interactions (e.g. posting content, information and comments publicly and chatting with other users). Please note that any content or data you provide in these areas may be read, collected and used by others. We advise against posting or sharing information that you do not wish to make public. If you upload content to our digital assets or otherwise make it available as part of your use of a service, you do so at your own risk. We cannot control the actions of other users or members of the public with access to your data or content. You acknowledge and confirm that copies of your data may remain accessible even after they have been deleted from cached and archived pages or after a copy/storage of your content has been made by a third party.
Cookies and similar technologies
When you visit or access our Services, we authorise third parties to use web beacons, cookies, pixel tags, scripts and other technologies and analytics services ("Tracking Technologies"). These Tracking Technologies may enable third parties to automatically collect your data in order to improve the browsing experience on our digital assets, optimise their performance and ensure a tailored user experience, as well as for security and fraud prevention purposes.
To find out more, please read our Cookie Policy.
Category: The user is NOT connected to an advertising service
We will not share your email address or other personal data with advertising companies or advertising networks without your consent.
Category: The user is connected to an advertising service, a campaign manager or Facebook Ads
We may serve advertising through our Services and our digital assets (including websites and applications that use our Services) that may also be tailored to you, such as ads based on your recent browsing behaviour on websites, devices or browsers.
To deliver these adverts to you, we may use cookies and/or JavaScript and/or web beacons (including transparent GIFs) and/or HTML5 Local Storage and/or other technologies. We may also use third parties, such as network advertisers (i.e., third parties that serve ads based on your website visits), to serve targeted ads. Third-party ad network providers, advertisers, sponsors and/or website traffic measurement services may also use cookies and/or JavaScript and/or web beacons (including clear GIFs) and/or Flash cookies and/or other technologies to measure the effectiveness of their ads and customise advertising content for you. These third-party cookies and other technologies are governed by the specific privacy policy of the third party and not this one.
Where do we store the data?
Category: Always
Non-personal data
Please note that our companies and our trusted partners and service providers are located around the world. For the purposes set out in this Privacy Policy, we store and process any non-personal data we collect in different jurisdictions.
Category: User collected personal data
Personal data
Please note that our companies and our trusted partners and service providers are located around the world. We store and process any non-personal data we collect in different jurisdictions for the purposes set out in this Privacy Policy.
Category: User collected personal data
Personal data
Personal Data may be maintained, processed and stored in the United States, Ireland, South Korea, Taiwan, Israel and, to the extent necessary for the proper provision of our Services and/or required by law (as further explained below), in other jurisdictions.
How long will the personal data be retained?
Category: Always
Please note that we will retain the information we collect for as long as necessary to provide our services, comply with our legal and contractual obligations to you, resolve disputes and enforce our agreements.
We may correct, amend or delete inaccurate or incomplete data at any time at our discretion.
How do we protect the data?
Category: Always
he hosting service for our digital assets provides us with the online platform through which we can offer you our services. Your data can be stored via our hosting provider's data storage, databases and general applications. They store your data on secure servers behind a firewall and provide secure HTTPS access to most areas of their services.
Category: Users accept payments/eCom
All payment options offered by us and our hosting provider for our digital assets comply with the PCI-DSS (Payment Card Industry Data Security Standard) regulations of the PCI Security Standards Council. This is a collaboration between brands such as Visa, MasterCard, American Express and Discover. PCI-DSS requirements help to ensure the secure handling of credit card data (including physical, electronic and procedural measures) by our shop and service providers.
Category: Always
Notwithstanding the measures and efforts taken by us and our hosting provider, we cannot and do not guarantee absolute protection and security of the information you upload, post or otherwise transmit to us or others.
For this reason, we encourage you to set strong passwords and, whenever possible, not to provide us or others with confidential information that you believe could cause you significant or lasting harm if disclosed. As email and instant messaging are not considered secure forms of communication, we also ask that you do not share confidential information via either of these communication channels.
How do we deal with minors?
Category: Users DO NOT collect data from minors
The Services are not intended for users who have not yet reached the legal age of majority. We will not knowingly collect data from children. If you are under the age of majority, you should not download or use the Services or provide us with any information.
We reserve the right to ask for proof of age at any time so that we can check whether minors are using our services. In the event that we become aware that a minor is using our services, we may prohibit such users from accessing our services and block them, and we may delete all data we have stored about that user. If you have reason to believe that a minor has disclosed data to us, please contact us as explained below.
Category: Users collecting data from minors
Children can use our services. However, if they wish to access certain features, they may be required to provide certain information. The collection of some data (including data collected via cookies, web beacons and other similar technologies) may be automatic. If we knowingly collect, use or disclose information collected from a child, we will provide notice and obtain parental consent in accordance with applicable law. We will not condition a child's participation in an online activity on the child providing more contact information than is reasonably necessary to participate in that activity. We will only use the information we collect in connection with the services that the child has requested.
We may also use a parent's contact information to communicate about the child's activities on the Services. Parents may review information we have collected from their child, prohibit us from collecting further information from their child, and request that any information we have collected be deleted from our records.
Please contact us to view, update or delete your child's data. To protect your child, we may ask you to provide proof of your identity. We may deny you access to the data if we believe that your identity is questionable. Please note that certain data cannot be deleted due to other legal obligations.
Category: Always
We will only use your personal data for the purposes set out in the Privacy Policy and only if we are satisfied that:
the use of your personal data is necessary to fulfil or conclude a contract (e.g. to provide you with the services themselves or customer service or technical support);
the use of your personal data is necessary to comply with relevant legal or regulatory obligations; or
the use of your personal data is necessary to support our legitimate business interests (provided that this is done at all times in a way that is proportionate and respects your data protection rights).
As an EU resident, you may:
Request confirmation as to whether or not personal data concerning you is being processed and request access to your stored personal data and certain additional information;
request to receive the personal data you have provided to us in a structured, commonly used and machine-readable format
request the rectification of your personal data stored by us
request the erasure of your personal data;
object to the processing of your personal data by us;
request the restriction of the processing of your personal data, or
lodge a complaint with a supervisory authority.
However, please note that these rights are not absolute and may be subject to our own legitimate interests and regulatory requirements. If you have general questions about the personal data we collect and how we use it, please contact us as set out below.
In the course of providing the Services, we may transfer data across borders to affiliates or other third parties and from your country/jurisdiction to other countries/jurisdictions around the world. By using the Services, you consent to the transfer of your data outside the EEA.
If you are located in the EEA, your personal data will only be transferred to locations outside the EEA if we are satisfied that an adequate or equivalent level of protection of personal data exists. We will take appropriate steps to ensure that we have appropriate contractual arrangements in place with our third parties to ensure that appropriate safeguards are in place so that the risk of unlawful use, alteration, deletion, loss or theft of your personal data is minimised and that such third parties act at all times in accordance with applicable laws.
Rights under the California Consumer Privacy Act
If you are based in the EEA, your personal data will only be transferred to locations outside the EEA where we are satisfied that an adequate or equivalent level of protection of personal data exists. We will take appropriate steps to ensure that we have appropriate contractual arrangements in place with our third parties to ensure that appropriate safeguards are in place so that the risk of unlawful use, alteration, deletion, loss or theft of your personal data is minimised and that such third parties act at all times in accordance with applicable laws.
Rights under the California Consumer Privacy Act
If you use the Services as a California resident, you may be entitled to request access to and deletion of your information under the California Consumer Privacy Act ("CCPA").
To exercise your right to access and delete your information, please see below for how to contact us.
Category: The website does not sell data of its users
We do not sell users' personal data for the purposes of the CCPA.
Category: Websites with a blog or forum
sers of the Services who are California residents and under the age of 18 may request and obtain removal of their posted content by sending an email to the address provided in the "Contact Us" section below. These requests must all be labelled "California Removal Request". All requests must include a description of the content you wish to have removed and sufficient information to allow us to locate the material. We will not accept notices that are not labelled or properly submitted, and we may not be able to respond if you do not provide sufficient information. Please note that your request does not ensure that the material will be completely or comprehensively deleted. For example, material you have posted may be republished or re-posted by other users or third parties.
Updates or changes to the privacy policy
Category: Always
We may revise this Privacy Policy from time to time at our own discretion, the version published on the website is always up-to-date (see "Status"). We ask you to check this Privacy Policy regularly for changes. In the event of significant changes, we will publish a notice on our website. If you continue to use the services after being notified of changes on our website, this will be deemed to be your confirmation and consent to the changes to the privacy policy and your agreement to be bound by the terms of these changes.
Contact Us
Category: Always
If you have general questions about the Services or the information we collect about you and how we use it, please contact us at
Name: Torsten Hofmann
Address: 35410 Hungen; Vogelsbergstr. 12
E-mail address: info(at)lucasblaze.de
Bandcamp
Privacy Policy
Effective date: May 25, 2018
Bandcamp, Inc ("Bandcamp") knows that you care how your personal information is used and shared, and we take your privacy seriously. Please read the following to learn more about our Privacy Policy. This Privacy Policy describes how we collect, use, share and protect your personal information when you access the www.bandcamp.com website and domain name, mobile applications and other linked pages, features, content or application services offered from time to time by Bandcamp in connection therewith (collectively, the "Service"), or otherwise interact with us. This Policy does not apply to the practices of companies that Bandcamp does not own or control, or to individuals that Bandcamp does not employ or manage. "Personal Data" means any data relating to an identified or identifiable individual. By accessing or using the Service, you acknowledge that you accept the practices and policies set forth in this Privacy Policy.
What personal data is collected by Bandcamp?
User information, such as name, username, password, email address, photo or other likeness, preferences, associations with bands and fans, purchase history and any other information you provide in connection with your user account.
User financial information, such as your credit or debit card number, bank account number, and billing and shipping address. This information is collected and processed by our payment processor to the extent necessary to process your purchase. We do not receive your credit card information directly, but we may receive information about the transaction, such as the date and time it took place. This information may or may not be linked to an existing user or fan account on the website.
Band information, such as user-provided biography, location and tags.
Band financial information, such as Paypal account(s), Stripe account(s), pro/label subscriptions and payouts.
Fan information, such as the user's name, email address, country of residence, postcode, picture, location and biography.
Emails and messages, including receipts, newsletters and support contact. This information consists of the emails we send to individuals and the messages that users may send to each other.
In addition to the above information, we may automatically collect the following types of information:
Website activity information, such as application logs, data files, information collected from cookies, IP address, browser information, and metrics generated during the normal operation of a website. "Application logs" are text files that record most activity on a website, including page visits, payments and usage. Information about website activity is sometimes linked to an IP address or other personal data. Third parties may also collect information about your website activity over time and on other websites or mobile applications.
Information collected via cookies. Cookies are alphanumeric identifiers that we transfer to your computer's hard drive through your browser so that our systems can recognise your browser and tell us how and when pages of our website are visited and by how many people. Bandcamp cookies do not collect personal information, and we do not combine the general information collected by cookies with other personal information to tell us who you are or what your screen name or email address is.
Most browsers have an option to disable the cookie function, which prevents your browser from accepting new cookies and (depending on the sophistication of your browser software) allows you to decide in various ways whether to accept each new cookie. However, we strongly recommend that you leave cookies enabled, as cookies allow you to take advantage of some of Bandcamp's most attractive features. If you choose to disable cookies or similar technologies, some parts of our service may not function properly.
We use Google Analytics to collect and process analytical data about users of the Bandcamp website. Google Analytics tracks your interaction with the website and stores information about the IP address, operating system, web browser, pages visited, information about the demographics of our website users, the device used and the location from which the visit originated. You can find out more about Google's practices at https://www.google.com/policies/privacy/partners/ and opt-out by downloading the Google Analytics opt-out browser add-on available at https://tools.google.com/dlpage/gaoptout.
We may use software tools such as JavaScript to collect information about page interaction, such as clicks, drags and hover overs, response times, errors and the duration of visits to certain pages.
For what purposes will Bandcamp use your personal data?
The personal data collected by Bandcamp is used for the following purposes:
To allow you to use the Service, to create a user account and profile that can be used to interact with other users, and to allow users to identify each other by displaying personal information to other users and visitors to the Service;
To provide, administer and communicate with you about Bandcamp's and its partners' products, services, offers, programmes and promotions (including surveys and other marketing activities). Where required by applicable law, we will only send you promotional communications with your consent;
To operate, evaluate and improve our business, including developing new products and services, managing our communications, determining the effectiveness and optimising the content you see, analysing our products, services, website, mobile application and other digital assets, facilitating the functionality of our website, mobile application and other digital assets;
o operate, evaluate and improve our business, including developing new products and services, managing our communications, determining the effectiveness and optimising the content you see, analysing our products, services, website, mobile application and other digital assets, facilitating the functionality of our website, mobile application and other digital assets;
To process sales and purchases, transfer funds and provide expected receipts, statistics and reports to the Band and its customers;
To perform accounting, auditing, billing, reconciliation and collection activities;
To respond to your enquiries;
To perform data analysis and data aggregation (including anonymisation of personal data);
In connection with potential service contracts, partnerships or supplier relationships;
To comply with requests from law enforcement authorities and other legal obligations
To enforce and apply our Terms of Use and other agreements;
To protect the rights, property or safety of Bandcamp, our employees, our users or others, including taking steps to prevent fraud and reduce credit risk;
To comply with industry standards and our policies.
We may also use the information in other ways, which we will explicitly inform you of at the time of collection.
Email communications:
We may receive a confirmation when you open an email from Bandcamp. Bandcamp uses this confirmation to make emails more interesting and helpful and to improve our service. If you do not wish to receive emails from us, please contact us as indicated in the "How to contact us" section below.
When does Bandcamp collect personal data about you?
We may collect and use personal information about you when:
You have consented to the use of your personal data;
We need your personal data to provide you with the services and products you have requested or to respond to your enquiries;
We are required by law to use your personal data;
We have a legitimate interest in using your Personal Data. This includes our legitimate interest in ensuring and improving the security and performance of our products and services.
How does Bandcamp obtain Personal Data about you?
We may receive Personal Data about you from:
From you directly when you provide us with information about you;
Your use of the Bandcamp service;
Third parties who provide us with information about you.
How long does Bandcamp keep your personal data?
Bandcamp retains Personal Data only for as long as necessary to fulfil the purpose for which it was collected, unless required or permitted by applicable law. We take steps to destroy or permanently de-identify Personal Information when required by law or when the Personal Information is no longer needed for the purpose for which we collected it.
How will Bandcamp share the Personal Data it receives?
Our customers' Personal Data is an integral part of our business. We do not rent or sell your personal information to third parties. We will only share your personal information as described below.
Members of our group: We may disclose your personal data to any member of our group, which includes our affiliates, employees, subsidiaries and branches, to whom it is reasonably necessary or desirable for us to disclose your data in order to fulfil the data processing purposes set out above.
Affiliated companies that we do not control: We are affiliated with and work closely with a number of companies. In certain situations, these companies sell items to you through Bandcamp's service. In other situations, Bandcamp provides services or sells products jointly with affiliated companies. You can easily recognise when an affiliate is associated with your transaction, and we will share your personal information associated with such transactions with that affiliate.
Agents: We engage other companies and individuals to perform tasks on our behalf and need to share your information with them in order to provide products or services to you. Examples include sending mail and emails, analysing data, providing marketing support, providing search results and links (including paid advertisements and links), processing credit card payments and providing customer service. Unless we tell you otherwise, Bandcamp representatives have no right to use Personal Data we share with them beyond what is necessary to support us. You hereby consent to us sharing Personal Data for the purposes set out above.
Bands: When you use certain features or services, we may share certain personally identifiable information with bands, such as your email address, country of residence and postcode ("Fan Information"), and you may choose to be added to the mailing list of that band. The Bands are only authorised by us to use the Fan Information to send emails to you and may not share, rent or sell the information with others for any other purpose.
User Profiles: User profile information, including name, email address, purchase history and other information entered by you ("User Details") may be displayed to other users in certain instances to facilitate user interaction within the Service. Email addresses are used to add new user submissions to user profiles and to communicate about user submissions. Users' email addresses are not directly displayed by us to other users unless the user is "connected" to another user via a shared group membership or invitation, or the user has chosen to include their email address in their user profile.
You can mark certain user submissions, including individual items in your purchase history, as private, in which case they will not be displayed to other users.
Aggregate Information: We may provide aggregate information to our partners about how our customers use our website overall. We share this type of statistical data so that our partners also understand how often people use their services and our service, so that they too can provide you with an optimal online experience. Bandcamp never shares aggregated information with a partner in a way that would identify you personally.
Communications in response to user submissions: As part of the Service and Services, you will receive emails and other communications from the Company regarding your User Submissions. You acknowledge and agree that Company may, in its sole discretion, send you emails and other communications relating to your User Submissions if you post such User Submissions.
Business transfers: In this type of transaction, customer information is typically one of the transferred business assets. If Bandcamp, or substantially all of its assets, were acquired, or in the unlikely event that Bandcamp goes out of business, customer information would be one of the assets that is transferred or acquired by a third party. You acknowledge that such transfers may occur, and that any acquirer of Bandcamp may continue to use your personal information as set forth in this policy.
Compliance with Laws, Protection of Bandcamp and Others: We may access, preserve, and disclose collected information when we believe it is necessary or appropriate to: Comply with law enforcement requests and legal process, such as a court order or subpoena; Enforce or apply our Terms of Use and other agreements; or Protect the rights, property, or safety of Bandcamp, our employees, our users, or others. This includes exchanging information with other companies and organisations for fraud protection and credit risk reduction.
With your consent: Except as noted above, you will be notified when your personal information is shared with third parties and have the ability to prevent the sharing of this information.
Is personal information about you secure?
Our customers' personal information is an integral part of our business. We do not rent or sell your personal information to third parties. We only share your personal information as described below.
Members of our group: We may disclose your personal data to any member of our group, which includes our affiliates, employees, subsidiaries and branches, to whom it is reasonably necessary or desirable for us to disclose your data in order to fulfil the data processing purposes set out above.
Affiliated companies that we do not control: We are affiliated with and work closely with a number of companies. In certain situations, these companies sell items to you through Bandcamp's service. In other situations, Bandcamp provides services or sells products jointly with affiliated companies. You can easily recognise when an affiliate is associated with your transaction, and we will share your personal information associated with such transactions with that affiliate.
Agents: We engage other companies and individuals to perform tasks on our behalf and need to share your information with them in order to provide products or services to you. Examples include sending mail and emails, analysing data, providing marketing support, providing search results and links (including paid advertisements and links), processing credit card payments and providing customer service. Unless we tell you otherwise, Bandcamp representatives have no right to use Personal Data we share with them beyond what is necessary to support us. You hereby consent to us sharing Personal Data for the purposes set out above.
Bands: When you use certain features or services, we may share certain personally identifiable information with bands, such as your email address, country of residence and postcode ("Fan Information"), and you may choose to be added to the mailing list of that band. The Bands are only authorised by us to use the Fan Information to send emails to you and may not share, rent or sell the information with others for any other purpose.
User Profiles: User profile information, including name, email address, purchase history and other information entered by you ("User Details") may be displayed to other users in certain instances to facilitate user interaction within the Service. Email addresses are used to add new user submissions to user profiles and to communicate about user submissions.
We do not display users' email addresses directly to other users unless the user is "connected" to another user via a shared group membership or invitation, or the user has chosen to include their email address in their user profile. You can mark certain user submissions, including individual items in your purchase history, as private, in which case they will not be displayed to other users.
Aggregated information: We may provide aggregate information to our partners about how our customers use our website overall. We share this type of statistical data so that our partners also understand how often people use their services and our service, so that they too can provide you with an optimal online experience. Bandcamp never shares aggregated information with a partner in a way that would identify you personally.
Communications in response to user submissions: As part of the Service and Services, you will receive emails and other communications from the Company regarding your User Submissions. You acknowledge and agree that Company may, in its sole discretion, send you emails and other communications relating to your User Submissions if you post such User submissions.
Business transfers: In this type of transaction, customer information is typically one of the transferred business assets. If Bandcamp, or substantially all of its assets, were acquired, or in the unlikely event that Bandcamp goes out of business, customer information would be one of the assets that is transferred or acquired by a third party. You acknowledge that such transfers may occur, and that any acquirer of Bandcamp may continue to use your personal information as set forth in this policy.
Compliance with Laws, Protection of Bandcamp and Others: We may access, preserve, and disclose collected information when we believe it is necessary or appropriate to: Comply with law enforcement requests and legal process, such as a court order or subpoena; Enforce or apply our Terms of Use and other agreements; or Protect the rights, property, or safety of Bandcamp, our employees, our users, or others. This includes exchanging information with other companies and organisations for fraud protection and credit risk reduction. With your consent: Except as noted above, you will be notified when your personal information is shared with third parties and have the ability to prevent the sharing of this information.
Is personal information about you secure?
Bandcamp endeavours to protect user information to ensure that your personal information is kept private. We use physical, managerial and technical safeguards to protect your Personal Information from accidental or unlawful destruction, loss, alteration, unauthorised disclosure or access. In particular, we take steps to ensure that our employees and service providers who have access to your Personal Data only process it on our instructions, unless required by law.
However, no measures are 100% secure and unauthorised access or use, hardware or software failure and other factors may compromise the security of your personal data. To protect the security of your information, you must choose and protect your password appropriately and limit access to your computer and browser by logging out after you have finished accessing your account.
The Service may contain links to other websites. Bandcamp is not responsible for the privacy policies and/or practices of other websites. If you link to another site, you should read the privacy policy posted on that site. This Privacy Policy governs only the information collected by Bandcamp.
What choices and rights do you have regarding your personal information?
You have certain rights regarding the personal information we maintain about you. We also offer you certain choices about what personal information we collect from you, how we use that information, and how we communicate with you.
Sometimes you are required by law or contract to provide us with your personal information in order to use our products or services. In other cases, you may provide us with your personal data voluntarily. The specific reasons for using your personal information, whether you are required to provide your personal information, and the possible consequences of not providing your personal information will be stated at the time the information is collected.
You can mark certain user submissions as private so that they are not shared with other users. Not all user submissions can be marked as private.
You can add or update certain information on pages, such as your username and password, email address and user profile information.
Where required by law, we will obtain your prior consent for certain processing of personal data, such as for direct marketing purposes, at the time of collection. Where we rely on consent to process your personal data, you have the right to withdraw your consent at any time and if you do so, this will not affect the lawfulness of processing based on consent before its withdrawal.
You can object to the collection and use of certain information that we collect about you by automated means when you visit our website. Your browser can tell you how to be notified and how to opt out of receiving certain types of cookies and similar technologies. Please note, however, that you may not be able to use all the features of our website without cookies. You may opt out of the collection and use of certain information that we collect about you through automated means when you visit our website. Your browser can tell you how to be notified and how to opt out of receiving certain types of cookies and similar technologies. Please note, however, that without cookies you may not be able to use all the features of our website.
You can always tell us not to send you marketing communications by email by clicking on the unsubscribe link in the marketing emails you receive from us or by contacting us as set out in the "How to contact us" section below. Please note that if you do not wish to receive legal notices from us, such as this Privacy Policy, these legal notices will continue to govern your use of the Bandcamp Service and you are responsible for reviewing these legal notices for changes.
To the extent permitted by applicable law, you may withdraw any consent you have previously given us or object to the processing of your personal data at any time for legitimate reasons. We will apply your preferences going forward. In some circumstances, withdrawing your consent to the use or disclosure of your personal information may mean that you will not be able to use some Bandcamp features.
Subject to applicable law, you have the right to: obtain confirmation that we hold personal information about you; request access to and obtain information about the personal information we hold about you; obtain copies of the personal information we hold about you; exercise your right to data portability; update and correct inaccuracies in your personal information; object to or restrict the processing of your personal information; and block, anonymise or delete the information, as applicable. These rights may be restricted by local law. You may also have the right to lodge a complaint with your local data protection authority.
Under California's "Shine the Light" law, California residents who provide personal information when purchasing products or services for personal, family or household use have the right to request and receive information from us once per calendar year about the customer information we may have shared with other companies for their own direct marketing purposes. If applicable, this information would include the categories of customer data shared, the names and email addresses of the companies with whom we have shared customer data for the immediately preceding calendar year (e.g., requests made in 2018 will receive information about shared activities in 2017), and descriptions of the likely types of marketing that the third parties would send. Please note that not every exchange of information is covered by the "Shine the Light" requests and only information about covered exchanges will be included in our response.
If we fall short of your expectations when processing your personal data or you have a complaint about our privacy practices, please let us know as this will give us the opportunity to remedy the problem. You can get in touch with us using the contact details provided in the "How to contact us" section below. To help us respond to your concern, please provide full details of the problem. We will endeavour to investigate and respond to all complaints within a reasonable time.
If you provide us with personal data of another individual, you should ensure that the disclosure to us and our continued use as described to you from time to time is in accordance with applicable laws, for example, you should properly inform the individual concerned about the processing of their personal data and obtain their consent as may be required under applicable laws.
To exercise your rights and choices as described above, please contact us as indicated in the "How to contact us" section below.
Does Bandcamp collect data from children?
In order to provide our services, we may transfer your personal data to recipients in countries other than the country in which the data was originally collected, including the United States. The laws in these countries may not provide the same level of data protection as the country in which the data was originally provided. When we transfer your personal information to recipients in other countries, we will protect the information as described in this Privacy Policy.
Bandcamp is currently in the process of obtaining certification under the EU-U.S. and Swiss-U.S. Privacy Shield Frameworks to ensure adequate safeguards for the transfer of personal data from the European Economic Area ("EEA") and Switzerland to the United States. To view our Privacy Shield Privacy Policy, please click here.
Changes to this Privacy Policy?
Bandcamp may change this Privacy Policy from time to time. The use of information we collect now is subject to the Privacy Policy in effect at the time such information is used. If we make changes to the way we use personal information, we will notify you by posting an announcement on our Service or by email. Users will be bound by any changes to the Privacy Policy when using the Service following the initial posting of such changes.
How you can contact us
If you have any questions or concerns about Bandcamp's privacy of your personal information, or if you wish to exercise your rights regarding your personal information, please send a detailed message to support@bandcamp.com. Please include the subject of your request in the subject line and body of your message (e.g., "Request Access to My Personal Information," "California Privacy Information Request," etc.). We will provide the requested information and endeavour to resolve your request.
We do not knowingly collect, maintain or use personal information from children under the age of 16, and no part of the Service is directed to children under the age of 16. If you become aware that your child has provided us with Personal Data without your consent, you may notify us using the contact details provided in the "How to contact us" section below. If we learn that we have collected personal information from children under the age of 16, we will take prompt steps to delete that information and terminate the child's account.