PRIVACY
1. Information about the collection of personal data
(1) In the following we inform you about the collection of personal data when using our website. Personal data is all data that can be related to you personally, e.g. B. name, address, e-mail addresses, user behavior.
​
(2) The person responsible in accordance with Article 4 (7) of the EU General Data Protection Regulation (GDPR) is SOMM - Society Of Music Merchants e. V., Hardenbergstraße 9a, 10623 Berlin, somm@somm.eu .
​
(3) When you contact us by e-mail, the data you provide (your e-mail address, possibly your name and address) will be stored by us in order to answer your questions. We delete the data arising in this context after the storage is no longer necessary, or restrict the processing if there are statutory storage obligations.
​
2. Your Rights
(1) You have the following rights towards us with regard to your personal data:
​
right to information,
right to rectification or erasure,
right to restriction of processing,
right to object to processing,
Right to data portability.
(2) You also have the right to complain to a data protection supervisory authority about the processing of your personal data by us.
​
3. Collection of personal data when visiting our website
(1) If you only use the website for informational purposes, i.e. if you do not register or otherwise provide us with information, we only collect the personal data that your browser transmits to our website server. If you want to view our website, we collect the following data, which is technically necessary for us to display our website to you and to ensure stability and security. The legal basis is Article 6 Paragraph 1 Clause 1 Letter f GDPR. Be collected:
​
IP address
Date and time of the request
Time zone difference to Greenwich Mean Time (GMT)
Content of the request (specific page)
Access Status/HTTP Status Code
amount of data transferred
Website from which the request comes
browsers
Operating system and its interface
Browser software language and version.
4. Data Security
(1) Our website has SSL encryption (Secure Socket Layer) in connection with the highest level of encryption supported by your browser. This is usually 256-bit encryption. If your browser does not support 256-bit encryption, we use 128-bit v3 technology instead.
​
You can tell whether an individual page of our website is transmitted in encrypted form by the closed representation of the key or lock symbol in the lower status bar of your browser.
​
(2) We also use appropriate technical and organizational security measures to protect your data against accidental or intentional manipulation, against partial or complete loss, against destruction or against unauthorized access by third parties. Our security measures are continuously improved in line with technological developments.
​
5. Other functions and offers of our website; Sharing of Data
(1) In addition to the purely informational use of our website, we offer various services that you can use if you are interested. To do this, you usually have to provide additional personal data that we use to provide the respective service and for which the aforementioned data processing principles apply.
​
(2) In some cases, we use external service providers to process your data. These have been carefully selected and commissioned by us, are bound by our instructions and are regularly checked. If we commission third parties to process data on the basis of a so-called "order processing contract", this is done on the basis of Art. 28 DSGVO.
​
(3) Any other transmission of your personal data to third parties will only take place,
if you have given your express consent to this (Art. 6 Para. 1 S. 1 lit. a DSGVO)
the transfer is legally permissible and necessary for the processing of contractual relationships with you (Art. 6 Para. 1 S. 1 lit. b DSGVO) there is a legal obligation for the transfer (Art. 6 Para. 1 S. 1 lit. c DSGVO ) the disclosure is necessary to assert, exercise or defend legal claims and there is no reason to assume that you have an overriding legitimate interest in the non-disclosure of your data (Article 6 (1) sentence 1 lit. f GDPR).
(4) If we process data in a third country (i.e. outside the European Union or the European Economic Area) or if this happens as part of the use of third-party services, this is only done on the basis of your consent, on the basis of a legal obligation or on the basis of our legitimate interests . Subject to legal or contractual permissions, we only process or have the data processed in a third country if the special requirements of Art. 44 et seq. GDPR are met. This is the case, for example, on the basis of the officially recognized determination of a data protection level corresponding to that of the EU (e.g. for the USA through the "Privacy Shield") or compliance with officially recognized special contractual obligations (so-called "standard contractual clauses").
​
6. Making film, picture and sound recordings
In the context of events organised by SOMM - Society Of Music Merchants e. V., film and photo recordings may be made for media support in print and online media. The recordings are intended to document the event - however, it is possible that you, as a participant, will be seen on one of the recordings. According to the new data protection regulations, we are obliged to inform you about how we handle these recordings.
This statement explains how we use your personal data, for what purposes it is used, with whom it is shared and what control and information rights you may have.
In the course of an event organised by SOMM - Society Of Music Merchants e. V., film and photo recordings may be made to accompany the event in the media. It is possible that you as a participant may be visible on one of the recordings, if necessary only in the background.
SOMM - Society Of Music Merchants e. V. or the third parties commissioned with the documentation will process the photographs and video recordings made by us for media support of the event, for subsequent reporting and for advertising other similar events of ours in both print and online media, so that the recordings can also be posted on the Internet.
If data is transferred to service providers in the process, this is done by way of order processing. For the above-mentioned purposes, we may also use the recordings in online media, e.g. on the Internet.
We process the recordings in our legitimate interest in media coverage of events organised by us and for advertising other events of the same nature in accordance with Art. 6 Para. 1 lit. f DSGVO. If you have given us your (implied) consent, the processing of the photo and video recordings is based on your consent pursuant to Art. 6 (1) lit. a DSGVO.
Our aim is to process your personal data only to the minimum extent possible. As a matter of principle, we will only store your personal data for as long as it is required to fulfil the purpose for which it was originally collected.
You have further data protection rights, depending on the circumstances of the specific case. Read here about the section Your rights in this privacy policy.
​
7. Deletion of Data
Data processed by us will be deleted in accordance with Art. 17 GDPR, for example if storage is no longer necessary in view of the purpose for which the data was collected. Otherwise, we restrict the processing according to Art. 18 GDPR if there are legal storage obligations, e.g. for data that must be stored for commercial or tax reasons.
​
8. Objection or revocation against the processing of your data
(1) If you have given your consent to the processing of your data, you can revoke this at any time in accordance with Article 7 (3) GDPR. The revocation does not affect the legality of the processing carried out on the basis of your prior consent. The only consequence of the revocation is that we are no longer allowed to continue the data processing based on this consent for the future.
​
(2) If your personal data is processed on the basis of legitimate interests (Art. 6 Para. 1 S. 1 lit. f GDPR), for example in the context of the use of content or services from third-party providers (e.g. Social Media plug-ins, Google services), you have the right to object to the processing in accordance with Art. 21 GDPR, provided that there are reasons for this that arise from your particular situation.
​
In the event of a justified objection, we will examine the situation and will either stop or adjust the data processing or show you our compelling legitimate reasons for continuing the processing.
​
(3) In the event of an objection due to direct advertising, you have a general right of objection in accordance with Art. 21 GDPR, which we will implement without specifying a particular situation. If you object to the processing for direct marketing purposes, the personal data will no longer be processed for these purposes.
​
9. Regular updating of this data protection notice
The data protection framework for service providers is subject to constant changes and adjustments.
These changes and adjustments make it necessary to update our data protection information from time to time.
​
Status: 13.09.2022