that is necessary and incidental to:
2.2 We handle Personal Information in our own right and also for and on behalf of our customers.
If, at any time, an individual provides Personal Information or other information about someone other than himself or herself, the individual warrants that they have that person’s consent to provide such information for the purpose(s) specified.
2.5 We consider the protection of the privacy of children very important. We do not knowingly collect personal data from children under the age of 18 without obtaining parental consent. If we come to learn that Personal Information has been collected on the service from individuals under 18 years of age without verifiable parental consent, we will take the appropriate steps to delete such information.
Without limitation, the type of information we may collect is:
3.1 Personal Information. We may collect personal details such as an individual’s name, location, date of birth, nationality, family details and other information defined as “Personal Information” in the Privacy Act that allows us to identify who the individual is.
3.2 Contact Information. We may collect information such as an individual’s email address, telephone numbers, third-party usernames, residential, business and postal address and other information that allows us to contact the individual.
3.3 Financial Information. We may collect financial information related to an individual such as any bank or credit card details used to transact with us and other information that allows us to transact with the individual and/or provide them with our services.
3.4 Statistical Information. We may collect information about an individual’s online and offline preferences, habits, movements, trends, decisions, associations, memberships, finances, purchases and other information for statistical purposes.
3.5 Information an individual sends us. We may collect any personal correspondence that an individual sends us, or that is sent to us by others about the individual’s activities.
3.7 We may also collect Non-Personal Information about an individual such as information regarding their computer, network, and browser. Where Non-Personal Information is collected the GDPR do not apply.
4.1 Most information will be collected in association with an individual’s purchases Products or Services, an enquiry about Mario Donaldson Productions or generally dealing with us. However, we may also receive Personal Information from sources such as advertising, an individual’s own promotions, public records, blog comments, mailing lists, contractors, staff, recruitment agencies and our business partners.
In particular, information is likely to be collected as follows:
4.2 As there are many circumstances in which we may collect information both electronically and physically, we will endeavour to ensure that an individual is always aware of when their Personal Information is being collected.
4.3 Where we obtain Personal Information without an individual’s knowledge (such as by accidental acquisition from a client) we will either delete/destroy the information, or inform the individual that we hold such information, in accordance with the GDPR.
5.1 In general, the primary principle is that we will not use any Personal Information other than for the purpose for which it was collected other than with the individual’s permission. The purpose of collection is determined by the circumstances in which the information was collected and/or submitted.
5.2 We will only process Personal Information when we can identify a lawful basis to do so. It is always our responsibility to ensure that we can demonstrate which lawful basis applies to the particular processing purpose.
5.3 The most common lawful bases relied upon are:
5.5 If it is necessary for us to disclose an individual’s Personal Information to third parties in a manner compliant with the GDPR in the course of our business, we will inform you that we intend to do so, or have done so, as soon as practical.
5.6 We will not disclose or sell an individual’s Personal Information to unrelated third parties under any circumstances unless the prior written consent of the individual is obtained.
5.7 Information is used to enable us to operate our business, especially as it relates to an individual. This may include:
5.8 The individual shall have the right to object at any time to the processing of their Personal Information for direct marketing purposes, which includes profiling to the extent that it is related to such direct marketing. If we receive such a request, we will stop the processing of Personal Information for direct marketing purposes immediately without charge or penalty.
5.9 There are some circumstances in which we must disclose an individual’s information:
5.11 We may utilise third-party service providers to communicate with an individual and to store contact details about an individual. These service providers may be located outside of The Netherlands or Europe.
6.1 An individual may opt to not have us collect and/or process their Personal Information. This may prevent us from offering them some or all of our services and may terminate their access to some or all of the services they access with or through us.
They will be aware of this when:
6.2 If an individual believes that they have received information from us that they did not opt-in or -out to receive, they should contact us using the details as set out in section 11 below.
7.2 We will take all reasonable precautions to protect an individual’s Personal Information from unauthorised access. This includes appropriately securing our physical facilities and electronic networks.
7.3 We use SSL encryption to store and transfer Personal Information. Despite this, the security of online transactions and the security of communications sent by electronic means or by post cannot be guaranteed. Each individual that provides information to us via the internet or by post does so at their own risk. We cannot accept responsibility for misuse or loss of, or unauthorised access to, Personal Information where the security of information is not within our control.
7.4 We are not responsible for the privacy or security practices of any third party (including third parties that we are permitted to disclose an individual’s Personal Information to in accordance with this policy or any applicable laws) unless otherwise required by the GDPR. The collection and use of an individual’s information by such third parties may be subject to separate privacy and security policies.
7.5 If an individual suspects any misuse or loss of, or unauthorised access to, their Personal Information, they should let us know immediately.
7.6 We are not liable for any loss, damage or claim arising out of another person’s use of the Personal Information where we were authorised to provide that person with the Personal Information.
7.7 Where there is a breach of security leading to the accidental or unlawful destruction, loss, alteration, unauthorised disclosure of, or access to, Personal Information, then:
7.8 We will document the facts relating to any security breach, its effects and the remedial action is taken, and investigate the cause of the breach and how to prevent similar situations in the future.
8.1 Customers of Progression Music Productions can update their Personal Information from within their account or profile at any time to ensure it is accurate and complete.
8.2 Subject to the GDPR, an individual has the right to request from us the Personal Information that we have about them, and we have an obligation to provide them with such information as soon as practicable, and by no later than 28 days of receiving the written request. The individual is free to retain and reuse their Personal Information for their own purposes. We may be required to transmit the Personal Information directly to another organisation if this is technically feasible.
8.3 If an individual cannot update their own information, we will correct any errors in the Personal Information we hold about an individual within 28 days of receiving written notice from them about those errors, or two months where the request for rectification is complex.
8.4 It is an individual’s responsibility to provide us with accurate and truthful Personal Information. We cannot be liable for any information that is provided to us that is incorrect.
8.5 Where a request to access Personal Information is manifestly unfounded, excessive and/or repetitive, we may refuse to respond or charge an individual a reasonable fee for our costs incurred in meeting any of their requests to disclose the Personal Information we hold about them. Where we refuse to respond to a request, we will explain why to the individual, informing them of their right to complain to the supervisory authority and to a judicial remedy without undue delay and at the latest within 28 days.
8.6 We may be required to delete or remove all Personal Information we have on an individual upon request in the following circumstances:
8.7 We may refuse to delete or remove all Personal Information we have on an individual where the Personal Information was processed for the following reasons:
9.1 If an individual has a complaint about our handling of their Personal Information, they should address their complaint in writing to the details below.
9.2 If we have a dispute regarding an individual’s Personal Information, we both should first attempt to resolve the issue directly between us.
9.3 An individual shall have the right to seek a judicial remedy where he or she considers that his or her rights under the GDPR have been infringed as a result of the processing of his or her Personal Information in non-compliance with the GDPR.
9.4 If we become aware of any unauthorised access to an individual’s Personal Information we will inform them at the earliest practical opportunity once we have established what was accessed and how it was accessed.
From time to time, we may send an individual important notices, such as changes to our terms, conditions and policies. Where such information is materially important to the individual’s interaction with us, they may not opt-out of receiving these communications.
All correspondence with regards to privacy should be addressed to:
You may contact us via email in the first instance or click the button firstname.lastname@example.org